WO2012175011A1 - Method and device for realizing qos in virtual private network - Google Patents

Method and device for realizing qos in virtual private network Download PDF

Info

Publication number
WO2012175011A1
WO2012175011A1 PCT/CN2012/077150 CN2012077150W WO2012175011A1 WO 2012175011 A1 WO2012175011 A1 WO 2012175011A1 CN 2012077150 W CN2012077150 W CN 2012077150W WO 2012175011 A1 WO2012175011 A1 WO 2012175011A1
Authority
WO
WIPO (PCT)
Prior art keywords
access
qos
priority
packet
base address
Prior art date
Application number
PCT/CN2012/077150
Other languages
French (fr)
Chinese (zh)
Inventor
钱勇
孙蓓
张舒兴
Original Assignee
中兴通讯股份有限公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Priority claimed from CN201110166073.4A external-priority patent/CN102202003B/en
Application filed by 中兴通讯股份有限公司 filed Critical 中兴通讯股份有限公司
Publication of WO2012175011A1 publication Critical patent/WO2012175011A1/en

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L45/00Routing or path finding of packets in data switching networks
    • H04L45/302Route determination based on requested QoS
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L12/00Data switching networks
    • H04L12/28Data switching networks characterised by path configuration, e.g. LAN [Local Area Networks] or WAN [Wide Area Networks]
    • H04L12/46Interconnection of networks
    • H04L12/4633Interconnection of networks using encapsulation techniques, e.g. tunneling
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L12/00Data switching networks
    • H04L12/28Data switching networks characterised by path configuration, e.g. LAN [Local Area Networks] or WAN [Wide Area Networks]
    • H04L12/46Interconnection of networks
    • H04L12/4641Virtual LANs, VLANs, e.g. virtual private networks [VPN]

Definitions

  • the present invention relates to the field of communications, and in particular, to a method and apparatus for implementing a quality of service (QoS) of a virtual private network.
  • QoS quality of service
  • TCO Total Cost of Ownership
  • Packet Transport Network As an important carrier technology, Packet Transport Network (PTN) technology emphasizes packet transmission and uses IP technology for connection-oriented multi-service transmission. Compared with traditional transmission network technology and IP/MPLS (multi-protocol label switching) technology, PTN technology has the following characteristics: multi-service unified bearer, hierarchical QoS function, carrier-class protection switching, clock synchronization technology, carrier-class network management Wait.
  • FIG. 1 is a schematic structural diagram of a virtual private network (VPN) basic networking according to the prior art
  • FIG. 2 is a schematic structural diagram of a VPN QoS differential service model according to the prior art
  • FIG. 3 is a schematic diagram of a VPN QoS differential service model according to the prior art
  • MPLS VPN is a common PTN networking mode. It has the characteristics of low cost, good scalability, and high bandwidth. Its network structure is shown in Figure 1. It is mainly composed of CE (User Edge Equipment) and P (Operator Backbone Network Equipment). ), PE (operator edge device), where the PE is mainly responsible for user access, and the P device is responsible for data forwarding according to the label.
  • CE User Edge Equipment
  • P Operaator Backbone Network Equipment
  • PE perator edge device
  • VPN QoS technology is a combination of integrated service model (IntServ model) and differential service model (DiffServ model).
  • IntServ model provides resource reservation for each stream through RSVP (Resource Reservation Protocol), providing end-to-end QoS; DiffServ model does not The state of the flow needs to be maintained. Only the boundary nodes classify the packets, assign different service levels to each type of packets, and perform different actions according to different service levels in the core layer network. Because IntServ maintains the RSVP state for each flow, there is a problem in the application of the large network.
  • DiffServ provides a service that treats different services differently, and sets different priorities and forwarding characteristics for different services, but does not specify how Forwarding and no way to eliminate congestion, these two models have their own shortcomings, so the combination of these two models has developed VPN QoS technology.
  • the DiffServ model part of VPN QoS is shown in Figure 2.
  • a QoS mode is selected, including: unified mode, pipe mode, and short pipe mode.
  • the three modes work as follows:
  • Unified mode When a packet enters the VPN domain, the packet-encapsulated label priority inherits the priority of the user packet. When leaving the VPN domain, the egress PE device schedules the label according to the label priority and maps the label priority to the user. Priority of the text.
  • Pipeline mode When a packet enters the VPN domain, the packet priority of the packet is specified by the network operator. When the VPN domain is removed, the egress PE is scheduled according to the label priority, but the label priority does not need to be mapped to the user packet. .
  • Short pipe mode When a packet enters the VPN domain, the packet encapsulation priority is specified by the network operator. When leaving the VPN domain, the egress PE device performs scheduling according to the priority of the user packet. And the priority of the label does not need to be mapped to the user message.
  • the pipe/short pipe mode enables operators to better manage QoS, select different QoS policies for different customers and services, and get more favors from operators in practical applications.
  • the VPN is configured in the tunnel mode, all users accessing the VPN are assigned the same priority.
  • the QoS policy cannot be flexibly selected for different access users in the VPN.
  • the main purpose of the present invention is to provide a QoS implementation method and apparatus for a virtual private network, so as to solve the problem that multiple users in the prior art access the VPN in the same pipeline mode cannot implement flexible selection for different access users in the VPN.
  • a service quality QoS implementation method for a virtual private network including:
  • the QoS policy corresponding to the access packet is obtained according to the corresponding relationship, to determine an internal priority of the access packet; The determined internal priority performs QoS processing on the access message.
  • the one or more access users accessing the PE respectively configure the attribute values of the access attribute table, and obtain the corresponding relationship between the attribute value and the QoS policy, including:
  • the method further includes: before specifying a user packet priority and a QoS index base address for each of the access users, the method further includes:
  • VPN pipe mode includes: a unified mode, a pipe mode, or a short pipe mode;
  • specifying a QoS index base address for each of the access users includes:
  • the QoS index base address is specified as 0; if the VPN pipe mode is a pipe mode or a short pipe mode, specifying the QoS index base address and the user packet priority Level - corresponding.
  • the QoS policy corresponding to the access packet is obtained according to the corresponding relationship, to determine an internal priority of the access packet.
  • the access side of the PE receives the access packet
  • the method further includes:
  • the internal priority is mapped to a label priority.
  • a QoS implementation device for a virtual private network comprising:
  • a configuration module configured to separately configure an attribute value of the access attribute table for one or more access users accessing the PE, and obtain a correspondence between the attribute value and the QoS policy
  • a determining module configured to obtain, according to the corresponding relationship, a QoS policy corresponding to the access packet, to determine the access packet, if the access packet of the access user meets an access condition, Internal priority
  • the QoS processing module is configured to perform QoS processing on the access packet according to the determined internal priority.
  • the configuration module includes:
  • An allocation module configured to separately allocate an access attribute table for one or more access users accessing the PE
  • a specifying module configured to specify a user message priority and a QoS index base address for each of the access users, to obtain the QoS policy, and save the QoS index base address to the access attribute table.
  • the device further includes:
  • a configuration mode module configured to configure a VPN pipe mode, where the VPN pipe mode includes: a unified mode, a pipeline mode, or a short pipe mode;
  • the specifying module when specifying a QoS index base address for each of the access users, is configured to: if the VPN pipe mode is a unified mode, specify the QoS index base address to be 0;
  • the pipeline mode is a pipeline mode or a short pipe mode, and the QoS index base address is specified to correspond to the user priority.
  • the determining module includes:
  • a first querying module configured to query, in the access attribute table, a QoS index base address corresponding to the access packet, if the access packet meets the VPN access condition;
  • An obtaining module configured to combine the QoS index base address and the corresponding user packet priority to obtain a QoS index
  • a second query module configured to query the QoS attribute table by using the QoS index, to obtain The internal priority of the access message.
  • the device further includes:
  • the egress mapping module is configured to map the internal priority to the label priority when the access packet is egress-encapsulated.
  • the attribute value of the access attribute table is separately configured for one or more access users accessing the PE, and the correspondence between the attribute value and the QoS policy is obtained; the access message of the access user satisfies the access If the condition is met, the QoS policy corresponding to the access packet is obtained according to the corresponding relationship, and the internal priority of the access packet is determined; the QoS processing is performed on the access packet according to the determined internal priority, and the prior art is solved.
  • the problem of flexible selection of QoS policies for different access users in the VPN cannot be implemented.
  • effective problems have not occurred, and the access can be implemented on the ingress PE device. Users choose different QoS policies to provide more flexible QoS policies for network operations.
  • FIG. 1 is a schematic structural diagram of a basic networking of a VPN according to the prior art
  • FIG. 2 is a schematic structural diagram of a VPN QoS differential service model according to the prior art
  • FIG. 3 is a schematic structural diagram of a VPN pipe mode with multiple user access according to the prior art
  • FIG. 4 is a schematic structural diagram of a QoS implementation apparatus of a virtual private network according to an embodiment of the present invention
  • FIG. 5 is a schematic structural diagram of a QoS implementation apparatus of a virtual private network according to an embodiment of the present invention
  • FIG. 6 is a schematic structural diagram of a VPN pipe mode with multiple user accesses according to an embodiment of the present invention.
  • FIG. 7 is a flowchart of a QoS implementation method of a virtual private network according to an embodiment of the present invention
  • FIG. 8 is a flowchart of a configuration process in the embodiment shown in FIG. 7;
  • FIG. 9 is a QoS attribute table created in the embodiment shown in FIG. 8;
  • FIG. 10 is a flowchart of implementing QoS of a VPN in the embodiment shown in FIG. 7. detailed description
  • the invention provides a QoS implementation device for a virtual private network.
  • 4 is a schematic structural diagram of a QoS implementation apparatus of a virtual private network according to an embodiment of the present invention.
  • FIG. 5 is a schematic diagram of a preferred structure of a QoS implementation apparatus of a virtual private network according to an embodiment of the present invention.
  • the apparatus includes: a configuration module 10, a determination module 30, and a QoS processing module 50.
  • the configuration module 10 is configured to separately configure an attribute value of the access attribute table for one or more access users accessing the PE, and obtain a correspondence between the attribute value and the QoS policy; the determining module 30 is configured to be in the access If the access message of the user meets the access condition, the QoS policy corresponding to the access packet is obtained according to the corresponding relationship to determine the internal priority of the access packet.
  • the QoS processing module 50 is configured to determine the internal priority according to the internal priority. The level performs QoS processing on the access packet.
  • the foregoing embodiment of the present invention implements QoS for a VPN, allocates an access attribute table for each access user, and specifies an attribute value in the access attribute table, and each attribute value corresponds to the formulated QoS policy, which can be implemented on the ingress PE device.
  • Different access users select different QoS policies, and can assign different priorities to different users accessing the same VPN, providing a more flexible QoS policy for network operations.
  • the configuration module 10 in the foregoing embodiment is configured to configure a VPN attribute, a user access instance, and a specified QoS policy, and save related attributes to the access attribute table.
  • the apparatus of the foregoing embodiments may further include: an egress mapping module 70, configured to map an internal priority to a label priority when the access packet performs egress encapsulation. In the access message When exporting encapsulation, it maps the priority of packets.
  • an egress mapping module 70 configured to map an internal priority to a label priority when the access packet performs egress encapsulation. In the access message When exporting encapsulation, it maps the priority of packets.
  • the configuration module 10 may include: an allocating module 101, configured to respectively allocate an access attribute table for one or more access users accessing the PE; and a specifying module 102, configured for each access user Specify the user packet priority and QoS index base address to obtain the QoS policy, and save the QoS index base address to the access attribute table.
  • the device of the foregoing embodiment of the present invention may further include: a configuration mode module, configured to configure a VPN pipe mode, where the VPN pipe mode includes: a unified mode, a pipe mode, or a short pipe mode, where: assigning a QoS index base address to each access user includes : If the VPN pipe mode is the unified mode, specify the QoS index base address as 0; if the VPN pipe mode is the pipe mode or the short pipe mode, specify the QoS index base address to correspond to the user message priority.
  • a configuration mode module configured to configure a VPN pipe mode, where the VPN pipe mode includes: a unified mode, a pipe mode, or a short pipe mode, where: assigning a QoS index base address to each access user includes : If the VPN pipe mode is the unified mode, specify the QoS index base address as 0; if the VPN pipe mode is the pipe mode or the short pipe mode, specify the QoS index base address to correspond to the user message priority.
  • the determining module 30 in the foregoing embodiment may include: a receiving module 301, where the access side of the PE receives the access message; the first querying module 302 is configured to: when the access message meets the VPN access condition, Querying the QoS index base address corresponding to the access packet in the access attribute table; the obtaining module 303 is configured to combine the QoS index base address with the corresponding user packet priority to obtain the QoS index; the second query module 304, configured to query in the QoS attribute table by using a QoS index, to obtain an internal priority of the access message.
  • the QoS policy corresponding to the VPN attribute information of the template is determined according to the correspondence between the VPN attribute information and the QoS policy configured by the configuration module 10, and The internal priority is determined by the two locating modules to implement the QoS policy used by the access user.
  • FIG. 6 is a schematic structural diagram of a VPN pipe mode with multiple user accesses according to an embodiment of the present invention.
  • the configuration module 10 allocates an access entry for each access user of the access device PE, and selects a corresponding QoS index base address, and sets the QoS index base. The address is saved in the corresponding access entry.
  • the QoS index base address can be used to calculate a QoS index corresponding to a QoS attribute table that holds an internal priority value.
  • the PE accessing party that receives the CE receives the packet, if the access condition is met, the corresponding access entry is queried, the QoS index base address is obtained, the QoS index is calculated, and the corresponding QoS attribute table is queried to obtain the internal priority.
  • the priority is used for scheduling and is mapped to the label priority at the time of egress encapsulation.
  • the QoS implementation method of the virtual private network includes the following steps:
  • Step S102 The configuration module 10 shown in FIG. 4 is configured to separately configure an attribute value of the access attribute table for one or more access users accessing the PE, and obtain a correspondence between the attribute value and the QoS policy.
  • step S104 the determining module 30 shown in FIG. 4 is configured to obtain the QoS policy corresponding to the access packet according to the corresponding relationship, and determine the access packet. Internal priority
  • step S106 the QoS processing module 50 shown in FIG. 4 implements QoS processing on the access packet according to the determined internal priority.
  • the foregoing embodiment is directed to a method for implementing QoS for a VPN, by assigning an access attribute table to each access user, and specifying an attribute value in the access attribute table, each attribute value corresponding to the formulated QoS policy, achieving different implementations at the ingress PE device.
  • the access user selects different QoS policies and can assign different priorities to different users accessing the same VPN to provide a more flexible QoS policy for network operations.
  • the one or more access users accessing the PE in step S102 in the foregoing embodiment respectively configure the attribute value of the access attribute table, and obtain the corresponding relationship between the attribute value and the QoS policy, including: one or more accesses for accessing the PE
  • the user respectively assigns an access attribute table; specifies a user message priority and a QoS index base address for each access user to obtain a QoS policy, and saves the QoS index base address to the access attribute table.
  • the method further includes: configuring a VPN pipe mode, where the VPN pipe mode includes: a unified mode, a pipe mode, or a short pipe mode, wherein specifying a QoS index base address for each access user includes: if the VPN pipe mode is a unified mode, specifying QoS The index base address is 0. If the VPN pipe mode is the pipe mode or the short pipe mode, the specified QoS index base address corresponds to the user message priority.
  • step S104 if the access message of the access user meets the access condition, the QoS policy corresponding to the access message is obtained according to the corresponding relationship, to determine the internal priority of the access message, including: PE
  • the access side receives the access packet; when the access packet satisfies the VPN access condition, the QoS index base address corresponding to the access packet is queried in the access attribute table; The base address is combined with its corresponding user packet priority to obtain the QoS index.
  • the QoS index is queried in the QoS attribute table to obtain the internal priority of the access packet.
  • the method further includes: mapping the internal priority to the label priority when the access packet is egress-encapsulated.
  • Figure 8 is a flow chart showing the configuration process in the embodiment shown in Figure 7;
  • Figure 9 is a QoS attribute table created in the embodiment shown in Figure 8.
  • the configuration process embodiment performs the following configuration processing, as shown in FIG. 8, the steps are as follows:
  • Step 1 Create a QoS attribute table, as shown in Figure 9.
  • the QoS attribute table is a linear table whose entry content is innerCos, which is the internal priority used by the system; qoslndex represents the index of the QoS attribute table, which is divided into two parts: QosBase and pri, where qosBase puts the QoS attribute The table is divided into 9 blocks, and pri is used as a sub-index of each inner table entry.
  • Step 2 Configure VPN user access on the PE and assign an access attribute entry to each access user.
  • Step 3 Configure the VPN pipe mode.
  • Step 4 Specify the access user QoS policy, that is, assign priority to each access user.
  • Each access user in step 2 allocates a QoS index base address, and the allocation method is as follows: If it is a unified mode, the QoS index base address is 0; if it is a pipe or a short pipe mode, the QoS index base address is assigned with the specified priority. Level - corresponding.
  • Step 5 Save the QoS index base address assigned in step four to the user access attribute entry in step 2.
  • FIG. 10 is a flowchart of implementing QoS of a VPN in the embodiment shown in FIG. 7.
  • the embodiment implements the process of virtual private network QoS, as shown in FIG. 10, the steps are as follows:
  • Step 1 The Layer 2 packet enters the switch forwarding process to determine whether the VPN access condition is met.
  • Step 2 If not, perform the normal forwarding process. Otherwise, go to step 3.
  • Step 3 Query the user access attribute table to obtain the QoS index base address.
  • Step 4 Use the QoS index base address obtained in step 3 to form a priority with the user packet.
  • QoS index check the QoS attribute table, and get the internal priority.
  • Step 5 The QoS processing module 50 uses the internal priority returned in step 4 to perform packet scheduling.
  • Step 6 The egress mapping module 70 performs the priority mapping of the encapsulated label using the internal priority returned in step four.
  • the present invention achieves the following technical effects: enabling different access users to select different QoS policies at the ingress PE device, and different users for accessing the same VPN. Priority, providing a more flexible QoS strategy for network operations.

Abstract

Disclosed are a method and device for realizing QoS in a virtual private network, capable of configuring attribute values of an access attribute list for one or more access users who access PE, and acquiring the correspondence between the attribute values and QoS policies;in the case of an access message of an access user meeting an access condition, acquiring a QoS policy corresponding to the access message according to the correspondence so as to determine the internal priority of the access message; and performing QoS processing on the access message according to the determined internal priority.The present invention can enable different access users to select different QoS policies at the ingress PE equipment, providing a more flexible QoS policy for network operation.

Description

虚拟专用网的 QoS实现方法及装置 技术领域  QoS implementation method and device for virtual private network
本发明涉及通信领域, 具体而言, 尤其涉及一种虚拟专用网的服务质 量(quality of service, QoS ) 实现方法及装置。 背景技术  The present invention relates to the field of communications, and in particular, to a method and apparatus for implementing a quality of service (QoS) of a virtual private network. Background technique
随着局域网技术的高速发展, 网络 IP化已成为业界的发展趋势, 传统 的通信网络正在逐步被数据网络所代替, 一些新型业务也具有 IP特征。  With the rapid development of LAN technology, network IP has become a trend in the industry. Traditional communication networks are gradually being replaced by data networks, and some new services also have IP characteristics.
近几年, 网络运营商为了追求更高的总体拥有成本 (Total Cost of Ownership, TCO ), 往往在改造原有网络、建设新网络的过程中更多的选择 性价比更高的以太网技术。  In recent years, in order to pursue a higher Total Cost of Ownership (TCO), network operators often choose more cost-effective Ethernet technologies in the process of transforming existing networks and building new ones.
分组传送网 ( Packet Transport Network, PTN )技术作为一种重要的 载网技术, 强调分组传送, 使用 IP技术进行面向连接的多业务传送。 跟传 统的传输网络技术、 IP/MPLS (多协议标签交换)技术相比, PTN技术具 有以下特征: 多业务统一承载、 层次化 QoS功能、 电信级保护倒换、 时钟 同步技术、 电信级的网络管理等。  As an important carrier technology, Packet Transport Network (PTN) technology emphasizes packet transmission and uses IP technology for connection-oriented multi-service transmission. Compared with traditional transmission network technology and IP/MPLS (multi-protocol label switching) technology, PTN technology has the following characteristics: multi-service unified bearer, hierarchical QoS function, carrier-class protection switching, clock synchronization technology, carrier-class network management Wait.
随着运营商市场的发展, 用户的服务需求呈现出多样化, 对带宽、 延 时、 抖动等性能要求有所不同, 例如: VoIP、 IPTV等业务需要 QoS保证要 求较高, 需要在带宽、 时延等方面进行保证, 或者大客户需要保证一定的 QoS等, 因此为不同层次的用户、 业务提供多样化的 QoS保证是 PTN技术 的一个重要方面。  With the development of the operator market, the service requirements of users are diversified, and the performance requirements such as bandwidth, delay, and jitter are different. For example, services such as VoIP and IPTV require higher QoS guarantee requirements, and need to be in bandwidth and time. The QoS guarantee is guaranteed by the extension, or the large customers need to guarantee a certain QoS. Therefore, providing diverse QoS guarantees for different levels of users and services is an important aspect of PTN technology.
图 1是根据根据现有技术的虚拟接入网( Virtual Private Network, VPN ) 基本组网结构示意图; 图 2是根据现有技术的 VPN QoS差分服务模型的结 构示意图; 图 3是根据现有技术的具有多个用户接入的 VPN管道模式的结 构示意图。 1 is a schematic structural diagram of a virtual private network (VPN) basic networking according to the prior art; FIG. 2 is a schematic structural diagram of a VPN QoS differential service model according to the prior art; FIG. 3 is a schematic diagram of a VPN QoS differential service model according to the prior art; Knot of VPN pipe mode with multiple user access Schematic diagram.
MPLS VPN是一种常用的 PTN组网方式, 具有低成本、 扩展性好、 高 带宽等特点, 其网络结构如图 1所示, 主要由 CE (用户边缘设备)、 P (运 营商骨干网设备)、 PE (运营商边缘设备)组成, 其中 PE主要负责用户接 入, P设备主要负责根据标签进行数据转发。  MPLS VPN is a common PTN networking mode. It has the characteristics of low cost, good scalability, and high bandwidth. Its network structure is shown in Figure 1. It is mainly composed of CE (User Edge Equipment) and P (Operator Backbone Network Equipment). ), PE (operator edge device), where the PE is mainly responsible for user access, and the P device is responsible for data forwarding according to the label.
VPN QoS技术是集成服务模型( IntServ模型)和差分服务模型( DiffServ 模型 ) 的结合, IntServ模型通过 RSVP (资源预留协议)对每条流进行资 源预留, 提供端到端的 QoS; DiffServ模型不需要维护流的状态, 只是在边 界节点对报文分类, 给每类报文指定不同的服务等级, 在核心层网络根据 不同服务等级执行不同的动作。 由于 IntServ针对每条流维护 RSVP状态, 在大型网络中的应用存在问题; 而 DiffServ提供的是一种区别对待不同业 务的服务, 为不同的业务设置不同的优先级和转发特性, 但不规定如何进 行转发, 也没法消除拥塞, 这两种模型存在各自的缺陷, 因此将这两种模 型结合, 发展了 VPN QoS技术。  VPN QoS technology is a combination of integrated service model (IntServ model) and differential service model (DiffServ model). IntServ model provides resource reservation for each stream through RSVP (Resource Reservation Protocol), providing end-to-end QoS; DiffServ model does not The state of the flow needs to be maintained. Only the boundary nodes classify the packets, assign different service levels to each type of packets, and perform different actions according to different service levels in the core layer network. Because IntServ maintains the RSVP state for each flow, there is a problem in the application of the large network. DiffServ provides a service that treats different services differently, and sets different priorities and forwarding characteristics for different services, but does not specify how Forwarding and no way to eliminate congestion, these two models have their own shortcomings, so the combination of these two models has developed VPN QoS technology.
目前 VPN QoS的 DiffServ模型部分如图 2所示, VPN组网时选择一种 QoS模式, 包括: 统一模式、 管道模式、 短管道模式, 其中这三种模式的 工作方式如下:  At present, the DiffServ model part of VPN QoS is shown in Figure 2. When the VPN is connected to the network, a QoS mode is selected, including: unified mode, pipe mode, and short pipe mode. The three modes work as follows:
统一模式: 报文进入 VPN域时, 报文封装的标签优先级继承用户报文 的优先级; 离开 VPN域时, 出口 PE设备根据标签优先级进行调度, 同时 将标签的优先级映射到用户报文的优先级。  Unified mode: When a packet enters the VPN domain, the packet-encapsulated label priority inherits the priority of the user packet. When leaving the VPN domain, the egress PE device schedules the label according to the label priority and maps the label priority to the user. Priority of the text.
管道模式: 报文进入 VPN域时, 报文封装的标签优先级由网络运营商 指定; 离开 VPN域时, 出口 PE设备根据标签优先级进行调度, 但标签的 优先级不需要映射到用户报文。  Pipeline mode: When a packet enters the VPN domain, the packet priority of the packet is specified by the network operator. When the VPN domain is removed, the egress PE is scheduled according to the label priority, but the label priority does not need to be mapped to the user packet. .
短管道模式: 报文进入 VPN域时, 报文封装的标签优先级由网络运营 商指定; 离开 VPN域时, 出口 PE设备根据用户报文的优先级进行调度, 并且标签的优先级不需要映射到用户报文。 Short pipe mode: When a packet enters the VPN domain, the packet encapsulation priority is specified by the network operator. When leaving the VPN domain, the egress PE device performs scheduling according to the priority of the user packet. And the priority of the label does not need to be mapped to the user message.
其中, 如图 3所示, 管道 /短管道模式使得运营商能够更好地进行 QoS 管理, 针对不同的客户、 业务选择不同的 QoS策略, 在实际应用中得到运 营商更多的青睐, 但是当多个用户接入同一个 VPN时, 并且该 VPN配置 为管道模式时, 所有接入该 VPN的用户都被指定同一个优先级, 无法实现 VPN内针对不同的接入用户灵活选择 QoS策略。  As shown in Figure 3, the pipe/short pipe mode enables operators to better manage QoS, select different QoS policies for different customers and services, and get more favors from operators in practical applications. When multiple users access the same VPN, and the VPN is configured in the tunnel mode, all users accessing the VPN are assigned the same priority. The QoS policy cannot be flexibly selected for different access users in the VPN.
针对上述现有技术的多个用户接入同一个管道模式的 VPN时, 无法实 现 VPN内针对不同的接入用户灵活选择 QoS策略的问题, 目前还未出现有 效的解决方案。 发明内容  When multiple users of the above-mentioned prior art access the VPN of the same pipeline mode, the problem of flexible selection of QoS policies for different access users in the VPN cannot be realized, and an effective solution has not yet appeared. Summary of the invention
本发明的主要目的在于提供一种虚拟专用网的 QoS实现方法及装置, 以解决现有技术的多个用户接入同一个管道模式的 VPN时,无法实现 VPN 内针对不同的接入用户灵活选择 QoS策略的问题。  The main purpose of the present invention is to provide a QoS implementation method and apparatus for a virtual private network, so as to solve the problem that multiple users in the prior art access the VPN in the same pipeline mode cannot implement flexible selection for different access users in the VPN. The problem with QoS policies.
为了解决上述问题, 本发明的技术方案是这样实现的:  In order to solve the above problems, the technical solution of the present invention is implemented as follows:
一种虚拟专用网的服务质量 QoS实现方法, 包括:  A service quality QoS implementation method for a virtual private network, including:
为接入运营商边缘设备 PE 的一个或多个接入用户分别配置接入属性 表的属性值, 并获取所述属性值与 QoS策略的对应关系;  Configuring an attribute value of the access attribute table for one or more access users of the access edge device PE, and obtaining a correspondence between the attribute value and the QoS policy;
在所述接入用户的接入报文满足接入条件的情况下, 根据所述对应关 系获取所述接入报文对应的 QoS策略,以确定所述接入报文的内部优先级; 根据确定的所述内部优先级对所述接入报文进行 QoS处理。  If the access message of the access user meets the access condition, the QoS policy corresponding to the access packet is obtained according to the corresponding relationship, to determine an internal priority of the access packet; The determined internal priority performs QoS processing on the access message.
其中, 接入 PE的一个或多个接入用户分别配置接入属性表的属性值, 并获取所述属性值与 QoS策略的对应关系包括:  The one or more access users accessing the PE respectively configure the attribute values of the access attribute table, and obtain the corresponding relationship between the attribute value and the QoS policy, including:
为接入 PE的一个或多个接入用户分别分配接入属性表;  Assigning an access attribute table to one or more access users accessing the PE;
为每个所述接入用户指定用户报文优先级和 QoS索引基址, 以获取所 述 QoS策略, 并将所述 QoS索引基址保存至所述接入属性表。 其中, 在为每个所述接入用户指定用户报文优先级和 QoS索引基址之 前, 所述方法还包括: Specifying a user message priority and a QoS index base address for each of the access users to obtain the QoS policy, and saving the QoS index base address to the access attribute table. The method further includes: before specifying a user packet priority and a QoS index base address for each of the access users, the method further includes:
配置虚拟接入网 VPN管道模式, 所述 VPN管道模式包括: 统一模式、 管道模式或短管道模式;  Configuring a virtual access network VPN pipe mode, where the VPN pipe mode includes: a unified mode, a pipe mode, or a short pipe mode;
其中, 为每个所述接入用户指定 QoS索引基址包括:  Wherein, specifying a QoS index base address for each of the access users includes:
如果所述 VPN管道模式是统一模式, 则指定所述 QoS索引基址为 0; 如果所述 VPN 管道模式是管道模式或短管道模式, 则指定所述 QoS 索引基址与所述用户报文优先级——对应。  If the VPN pipe mode is a unified mode, the QoS index base address is specified as 0; if the VPN pipe mode is a pipe mode or a short pipe mode, specifying the QoS index base address and the user packet priority Level - corresponding.
其中, 在所述接入用户的接入报文满足接入条件的情况下, 根据所述 对应关系获取所述接入报文对应的 QoS策略, 以确定所述接入报文的内部 优先级包括:  If the access packet of the access user meets the access condition, the QoS policy corresponding to the access packet is obtained according to the corresponding relationship, to determine an internal priority of the access packet. Includes:
所述 PE的接入侧接收到所述接入报文;  The access side of the PE receives the access packet;
在所述接入报文满足所述 VPN接入条件的情况下, 在所述接入属性表 中查询所述接入报文对应的 QoS索引基址;  And in the case that the access packet meets the VPN access condition, querying, in the access attribute table, a QoS index base address corresponding to the access packet;
将所述 QoS索引基址与其对应的所述用户报文优先级进行组合, 以获 取 QoS索引;  Combining the QoS index base address with the corresponding user message priority to obtain a QoS index;
通过所述 QoS索引在 QoS属性表中查询, 以得到所述接入报文的内部 优先级。  Querying in the QoS attribute table by using the QoS index to obtain an internal priority of the access message.
其中, 在根据确定的所述内部优先级对所述接入报文进行 QoS处理之 后, 所述方法还包括:  After the QoS processing is performed on the access packet according to the determined internal priority, the method further includes:
在所述接入报文进行出口封装时, 将所述内部优先级映射到标签优先 级。  When the access packet is egress encapsulated, the internal priority is mapped to a label priority.
一种虚拟专用网的 QoS实现装置, 包括:  A QoS implementation device for a virtual private network, comprising:
配置模块,用于为接入 PE的一个或多个接入用户分别配置接入属性表 的属性值, 并获取所述属性值与 QoS策略的对应关系; 确定模块, 用于在所述接入用户的接入报文满足接入条件的情况下, 根据所述对应关系获取所述接入报文对应的 QoS策略, 以确定所述接入报 文的内部优先级; a configuration module, configured to separately configure an attribute value of the access attribute table for one or more access users accessing the PE, and obtain a correspondence between the attribute value and the QoS policy; a determining module, configured to obtain, according to the corresponding relationship, a QoS policy corresponding to the access packet, to determine the access packet, if the access packet of the access user meets an access condition, Internal priority
QoS 处理模块, 用于根据确定的所述内部优先级对所述接入报文进行 QoS处理。  The QoS processing module is configured to perform QoS processing on the access packet according to the determined internal priority.
其中, 所述配置模块包括:  The configuration module includes:
分配模块, 用于为接入 PE 的一个或多个接入用户分别分配接入属性 表;  An allocation module, configured to separately allocate an access attribute table for one or more access users accessing the PE;
指定模块, 用于为每个所述接入用户指定用户报文优先级和 QoS索引 基址, 以获取所述 QoS策略, 并将所述 QoS索引基址保存至所述接入属性 表。  And a specifying module, configured to specify a user message priority and a QoS index base address for each of the access users, to obtain the QoS policy, and save the QoS index base address to the access attribute table.
其中, 所述装置还包括:  The device further includes:
配置模式模块, 用于配置 VPN管道模式, 所述 VPN管道模式包括: 统一模式、 管道模式或短管道模式;  a configuration mode module, configured to configure a VPN pipe mode, where the VPN pipe mode includes: a unified mode, a pipeline mode, or a short pipe mode;
其中, 所述指定模块在为每个所述接入用户指定 QoS索引基址时, 用 于: 如果所述 VPN管道模式是统一模式, 则指定所述 QoS索引基址为 0; 如果所述 VPN管道模式是管道模式或短管道模式,则指定所述 QoS索引基 址与所述用户 ^艮文优先级——对应。  The specifying module, when specifying a QoS index base address for each of the access users, is configured to: if the VPN pipe mode is a unified mode, specify the QoS index base address to be 0; The pipeline mode is a pipeline mode or a short pipe mode, and the QoS index base address is specified to correspond to the user priority.
其中, 所述确定模块包括:  The determining module includes:
接收模块, 用于所述 PE的接入侧接收到所述接入报文;  a receiving module, where the access side of the PE receives the access message;
第一查询模块,用于在所述接入报文满足所述 VPN接入条件的情况下, 在所述接入属性表中查询所述接入报文对应的 QoS索引基址;  a first querying module, configured to query, in the access attribute table, a QoS index base address corresponding to the access packet, if the access packet meets the VPN access condition;
获取模块, 用于将所述 QoS索引基址与其对应的所述用户报文优先级 进行组合, 以获取 QoS索引;  An obtaining module, configured to combine the QoS index base address and the corresponding user packet priority to obtain a QoS index;
第二查询模块, 用于通过所述 QoS索引在 QoS属性表中查询, 以得到 所述接入报文的内部优先级。 a second query module, configured to query the QoS attribute table by using the QoS index, to obtain The internal priority of the access message.
其中, 所述装置还包括:  The device further includes:
出口映射模块, 用于在所述接入报文进行出口封装时, 将所述内部优 先级映射到标签优先级。  The egress mapping module is configured to map the internal priority to the label priority when the access packet is egress-encapsulated.
通过本发明,采用为接入 PE的一个或多个接入用户分别配置接入属性 表的属性值, 并获取属性值与 QoS策略的对应关系; 在接入用户的接入报 文满足接入条件的情况下, 根据对应关系获取接入报文对应的 QoS策略, 以确定接入报文的内部优先级; 根据确定的内部优先级对接入报文进行 QoS处理, 解决了现有技术的多个用户接入同一个管道模式的 VPN时, 无 法实现 VPN内针对不同的接入用户灵活选择 QoS策略的问题, 目前还未出 现有效的问题,进而达到了能够在入口 PE设备实现不同接入用户选择不同 的 QoS策略, 为网络营运提供更加灵活的 QoS策略的效果。 附图说明  According to the present invention, the attribute value of the access attribute table is separately configured for one or more access users accessing the PE, and the correspondence between the attribute value and the QoS policy is obtained; the access message of the access user satisfies the access If the condition is met, the QoS policy corresponding to the access packet is obtained according to the corresponding relationship, and the internal priority of the access packet is determined; the QoS processing is performed on the access packet according to the determined internal priority, and the prior art is solved. When multiple users access the VPN in the same pipe mode, the problem of flexible selection of QoS policies for different access users in the VPN cannot be implemented. Currently, effective problems have not occurred, and the access can be implemented on the ingress PE device. Users choose different QoS policies to provide more flexible QoS policies for network operations. DRAWINGS
图 1是根据现有技术的 VPN基本组网结构示意图;  1 is a schematic structural diagram of a basic networking of a VPN according to the prior art;
图 2是根据现有技术的 VPN QoS差分服务模型的结构示意图; 图 3是根据现有技术的具有多个用户接入的 VPN管道模式的结构示意 图;  2 is a schematic structural diagram of a VPN QoS differential service model according to the prior art; FIG. 3 is a schematic structural diagram of a VPN pipe mode with multiple user access according to the prior art;
图 4是根据本发明实施例的虚拟专用网的 QoS实现装置的结构示意图; 图 5是根据本发明实施例的虚拟专用网的 QoS实现装置的优选结构示 意图;  4 is a schematic structural diagram of a QoS implementation apparatus of a virtual private network according to an embodiment of the present invention; FIG. 5 is a schematic structural diagram of a QoS implementation apparatus of a virtual private network according to an embodiment of the present invention;
图 6是根据本发明实施例的具有多个用户接入的 VPN管道模式的结构 示意图;  6 is a schematic structural diagram of a VPN pipe mode with multiple user accesses according to an embodiment of the present invention;
图 7是根据本发明实施例的虚拟专用网的 QoS实现方法的流程图; 图 8是如图 7所示实施例中的配置过程流程图;  7 is a flowchart of a QoS implementation method of a virtual private network according to an embodiment of the present invention; FIG. 8 is a flowchart of a configuration process in the embodiment shown in FIG. 7;
图 9是如图 8所示实施例中创建的 QoS属性表; 图 10是如图 7所示实施例中 VPN的 QoS实现流程图。 具体实施方式 9 is a QoS attribute table created in the embodiment shown in FIG. 8; FIG. 10 is a flowchart of implementing QoS of a VPN in the embodiment shown in FIG. 7. detailed description
为了使本发明所要解决的技术问题、 技术方案及有益效果更加清楚、 明白, 以下结合附图和实施例, 对本发明进行进一步详细说明。 应当理解, 此处所描述的具体实施例仅仅用以解释本发明, 并不用于限定本发明。  The present invention will be further described in detail below with reference to the accompanying drawings and embodiments in order to make the present invention. It is understood that the specific embodiments described herein are merely illustrative of the invention and are not intended to limit the invention.
本发明提供了一种虚拟专用网的 QoS实现装置。 图 4是根据本发明实 施例的虚拟专用网的 QoS实现装置的结构示意图; 图 5是根据本发明实施 例的虚拟专用网的 QoS实现装置的优选结构示意图。  The invention provides a QoS implementation device for a virtual private network. 4 is a schematic structural diagram of a QoS implementation apparatus of a virtual private network according to an embodiment of the present invention; and FIG. 5 is a schematic diagram of a preferred structure of a QoS implementation apparatus of a virtual private network according to an embodiment of the present invention.
如图 4所示, 该装置包括: 配置模块 10、 确定模块 30和 QoS处理模 块 50。  As shown in FIG. 4, the apparatus includes: a configuration module 10, a determination module 30, and a QoS processing module 50.
其中, 配置模块 10, 用于为接入 PE的一个或多个接入用户分别配置 接入属性表的属性值,并获取属性值与 QoS策略的对应关系;确定模块 30, 用于在接入用户的接入报文满足接入条件的情况下, 根据对应关系获取接 入报文对应的 QoS策略,以确定接入报文的内部优先级; QoS处理模块 50, 用于根据确定的内部优先级对接入报文进行 QoS处理。  The configuration module 10 is configured to separately configure an attribute value of the access attribute table for one or more access users accessing the PE, and obtain a correspondence between the attribute value and the QoS policy; the determining module 30 is configured to be in the access If the access message of the user meets the access condition, the QoS policy corresponding to the access packet is obtained according to the corresponding relationship to determine the internal priority of the access packet. The QoS processing module 50 is configured to determine the internal priority according to the internal priority. The level performs QoS processing on the access packet.
本发明上述实施例针对 VPN实现 QoS , 通过为每个接入用户分配接入 属性表, 并指定接入属性表中属性值, 每个属性值对应制定的 QoS策略, 实现能够在入口 PE设备实现不同接入用户选择不同的 QoS策略, 同时可 以对接入同一个 VPN的不同用户指定不同的优先级, 为网络营运提供更加 灵活的 QoS策略。  The foregoing embodiment of the present invention implements QoS for a VPN, allocates an access attribute table for each access user, and specifies an attribute value in the access attribute table, and each attribute value corresponds to the formulated QoS policy, which can be implemented on the ingress PE device. Different access users select different QoS policies, and can assign different priorities to different users accessing the same VPN, providing a more flexible QoS policy for network operations.
具体的, 结合图 4和图 5可知, 上述实施例中的配置模块 10: 用于配 置 VPN属性、用户接入实例以及指定 QoS策略, 并将相关属性保存到接入 属性表。  Specifically, as shown in FIG. 4 and FIG. 5, the configuration module 10 in the foregoing embodiment is configured to configure a VPN attribute, a user access instance, and a specified QoS policy, and save related attributes to the access attribute table.
上述各个实施例装置还可以包括: 出口映射模块 70, 用于在接入报文 进行出口封装时, 将内部优先级映射到标签优先级。 即实现了在接入报文 出口封装时, 对报文优先级的映射处理。 The apparatus of the foregoing embodiments may further include: an egress mapping module 70, configured to map an internal priority to a label priority when the access packet performs egress encapsulation. In the access message When exporting encapsulation, it maps the priority of packets.
本发明上述实施例中, 配置模块 10可以包括: 分配模块 101 , 用于为 接入 PE的一个或多个接入用户分别分配接入属性表; 指定模块 102, 用于 为每个接入用户指定用户报文优先级和 QoS索引基址, 以获取 QoS策略, 并将 QoS索引基址保存至接入属性表。  In the foregoing embodiment of the present invention, the configuration module 10 may include: an allocating module 101, configured to respectively allocate an access attribute table for one or more access users accessing the PE; and a specifying module 102, configured for each access user Specify the user packet priority and QoS index base address to obtain the QoS policy, and save the QoS index base address to the access attribute table.
本发明上述实施例装置还可以包括: 配置模式模块, 用于配置 VPN管 道模式, VPN管道模式包括: 统一模式、 管道模式或短管道模式, 其中, 为每个接入用户指定 QoS索引基址包括: 如果 VPN管道模式是统一模式, 则指定 QoS索引基址为 0; 如果 VPN管道模式是管道模式或短管道模式, 则指定 QoS索引基址与用户报文优先级——对应。  The device of the foregoing embodiment of the present invention may further include: a configuration mode module, configured to configure a VPN pipe mode, where the VPN pipe mode includes: a unified mode, a pipe mode, or a short pipe mode, where: assigning a QoS index base address to each access user includes : If the VPN pipe mode is the unified mode, specify the QoS index base address as 0; if the VPN pipe mode is the pipe mode or the short pipe mode, specify the QoS index base address to correspond to the user message priority.
上述实施例中的确定模块 30可以包括: 接收模块 301 , 用于 PE的接 入侧接收到接入报文; 第一查询模块 302, 用于在接入报文满足 VPN接入 条件的情况下, 在接入属性表中查询接入报文对应的 QoS索引基址; 获取 模块 303 , 用于将 QoS索引基址与其对应的用户报文优先级进行组合, 以 获取 QoS索引; 第二查询模块 304, 用于通过 QoS索引在 QoS属性表中查 询, 以得到接入报文的内部优先级。 该实施例中实现当接收到虚拟专用网 接入报文时, 根据配置模块 10配置的 VPN属性信息与 QoS策略的对应关 系, 确定所述 ·^艮文的 VPN属性信息对应的 QoS策略, 并通过两个查找模块 来实现通过接入用户使用的 QoS策略确定内部优先级。  The determining module 30 in the foregoing embodiment may include: a receiving module 301, where the access side of the PE receives the access message; the first querying module 302 is configured to: when the access message meets the VPN access condition, Querying the QoS index base address corresponding to the access packet in the access attribute table; the obtaining module 303 is configured to combine the QoS index base address with the corresponding user packet priority to obtain the QoS index; the second query module 304, configured to query in the QoS attribute table by using a QoS index, to obtain an internal priority of the access message. In this embodiment, when the virtual private network access message is received, the QoS policy corresponding to the VPN attribute information of the template is determined according to the correspondence between the VPN attribute information and the QoS policy configured by the configuration module 10, and The internal priority is determined by the two locating modules to implement the QoS policy used by the access user.
图 6是根据本发明实施例的具有多个用户接入的 VPN管道模式的结构 示意图。 如图 6所示, 结合上述图 4所示的本发明装置, 配置模块 10为接 入设备 PE的每个接入用户分配接入表项, 并选择相应的 QoS索引基址, 将 QoS索引基址保存在对应的接入表项中。  6 is a schematic structural diagram of a VPN pipe mode with multiple user accesses according to an embodiment of the present invention. As shown in FIG. 6, in combination with the apparatus of the present invention shown in FIG. 4, the configuration module 10 allocates an access entry for each access user of the access device PE, and selects a corresponding QoS index base address, and sets the QoS index base. The address is saved in the corresponding access entry.
该 QoS索引基址可以用于计算 QoS索引, 该 QoS索引对应于 QoS属 性表, 该属性表保存内部优先级值。 当连接 CE的 PE接入侧接收到报文, 如果满足接入条件, 则查询相应 的接入表项, 得到 QoS 索引基址, 计算得到 QoS索引并查询相应的 QoS 属性表, 获取内部优先级, 该优先级用于调度, 同时在出口封装时映射到 标签优先级。 The QoS index base address can be used to calculate a QoS index corresponding to a QoS attribute table that holds an internal priority value. When the PE accessing party that receives the CE receives the packet, if the access condition is met, the corresponding access entry is queried, the QoS index base address is obtained, the QoS index is calculated, and the corresponding QoS attribute table is queried to obtain the internal priority. The priority is used for scheduling and is mapped to the label priority at the time of egress encapsulation.
图 7是根据本发明实施例的虚拟专用网的 QoS实现方法的流程图。 如 图 7所示, 该虚拟专用网的 QoS实现方法包括如下步驟:  7 is a flow chart of a method for implementing QoS of a virtual private network according to an embodiment of the present invention. As shown in FIG. 7, the QoS implementation method of the virtual private network includes the following steps:
步驟 S102, 通过图 4所示的配置模块 10实现为接入 PE的一个或多个 接入用户分别配置接入属性表的属性值, 并获取属性值与 QoS策略的对应 关系。  Step S102: The configuration module 10 shown in FIG. 4 is configured to separately configure an attribute value of the access attribute table for one or more access users accessing the PE, and obtain a correspondence between the attribute value and the QoS policy.
步驟 S104,通过图 4所示的确定模块 30实现在接入用户的接入报文满 足接入条件的情况下, 根据对应关系获取接入报文对应的 QoS策略, 以确 定接入报文的内部优先级;  In step S104, the determining module 30 shown in FIG. 4 is configured to obtain the QoS policy corresponding to the access packet according to the corresponding relationship, and determine the access packet. Internal priority
步驟 S106, 通过图 4所示的 QoS处理模块 50来实现根据确定的内部 优先级对接入报文进行 QoS处理。  In step S106, the QoS processing module 50 shown in FIG. 4 implements QoS processing on the access packet according to the determined internal priority.
上实施例针对 VPN实现 QoS的方法,通过为每个接入用户分配接入属 性表, 并指定接入属性表中属性值, 每个属性值对应制定的 QoS策略, 实 现在入口 PE设备实现不同接入用户选择不同的 QoS策略, 同时可以对接 入同一个 VPN的不同用户指定不同的优先级, 为网络营运提供更加灵活的 QoS策略。  The foregoing embodiment is directed to a method for implementing QoS for a VPN, by assigning an access attribute table to each access user, and specifying an attribute value in the access attribute table, each attribute value corresponding to the formulated QoS policy, achieving different implementations at the ingress PE device. The access user selects different QoS policies and can assign different priorities to different users accessing the same VPN to provide a more flexible QoS policy for network operations.
上述实施例中步驟 S102接入 PE的一个或多个接入用户分别配置接入 属性表的属性值, 并获取属性值与 QoS 策略的对应关系包括: 为接入 PE 的一个或多个接入用户分别分配接入属性表; 为每个接入用户指定用户报 文优先级和 QoS索引基址, 以获取 QoS策略, 并将 QoS索引基址保存至接 入属性表。  The one or more access users accessing the PE in step S102 in the foregoing embodiment respectively configure the attribute value of the access attribute table, and obtain the corresponding relationship between the attribute value and the QoS policy, including: one or more accesses for accessing the PE The user respectively assigns an access attribute table; specifies a user message priority and a QoS index base address for each access user to obtain a QoS policy, and saves the QoS index base address to the access attribute table.
优选地,在为每个接入用户指定用户报文优先级和 QoS索引基址之前, 方法还包括: 配置 VPN管道模式, VPN管道模式包括: 统一模式、 管道模 式或短管道模式,其中,为每个接入用户指定 QoS索引基址包括:如果 VPN 管道模式是统一模式, 则指定 QoS索引基址为 0; 如果 VPN管道模式是管 道模式或短管道模式, 则指定 QoS索引基址与用户报文优先级一一对应。 Preferably, before each user is assigned a user message priority and a QoS index base address, The method further includes: configuring a VPN pipe mode, where the VPN pipe mode includes: a unified mode, a pipe mode, or a short pipe mode, wherein specifying a QoS index base address for each access user includes: if the VPN pipe mode is a unified mode, specifying QoS The index base address is 0. If the VPN pipe mode is the pipe mode or the short pipe mode, the specified QoS index base address corresponds to the user message priority.
上述实施例中, 步驟 S104在接入用户的接入报文满足接入条件的情况 下, 根据对应关系获取接入报文对应的 QoS策略, 以确定接入报文的内部 优先级包括: PE的接入侧接收到接入报文; 在接入报文满足 VPN接入条 件的情况下, 在接入属性表中查询接入报文对应的 QoS索引基址; 将 QoS 索弓!基址与其对应的用户报文优先级进行组合,以获取 QoS索引;通过 QoS 索引在 QoS属性表中查询, 以得到接入报文的内部优先级。  In the foregoing embodiment, in step S104, if the access message of the access user meets the access condition, the QoS policy corresponding to the access message is obtained according to the corresponding relationship, to determine the internal priority of the access message, including: PE The access side receives the access packet; when the access packet satisfies the VPN access condition, the QoS index base address corresponding to the access packet is queried in the access attribute table; The base address is combined with its corresponding user packet priority to obtain the QoS index. The QoS index is queried in the QoS attribute table to obtain the internal priority of the access packet.
优选地, 在根据确定的内部优先级对接入报文进行 QoS处理之后, 方 法还包括: 在接入报文进行出口封装时, 将内部优先级映射到标签优先级。  Preferably, after performing QoS processing on the access packet according to the determined internal priority, the method further includes: mapping the internal priority to the label priority when the access packet is egress-encapsulated.
图 8是如图 7所示实施例中的配置过程流程图; 图 9是如图 8所示实 施例中创建的 QoS属性表。  Figure 8 is a flow chart showing the configuration process in the embodiment shown in Figure 7; Figure 9 is a QoS attribute table created in the embodiment shown in Figure 8.
结合图 4和图 7所示, 该配置过程实施例进行以下配置处理, 如图 8 所示, 步驟如下:  As shown in FIG. 4 and FIG. 7, the configuration process embodiment performs the following configuration processing, as shown in FIG. 8, the steps are as follows:
步驟一: 创建 QoS属性表, 如图 9所示。  Step 1: Create a QoS attribute table, as shown in Figure 9.
具体而言, QoS属性表是一个线性表, 其表项内容为 innerCos, 是系统 使用的内部优先级; qoslndex表示 QoS 属性表的索引, 分为两个部分: QosBase和 pri, 其中 qosBase把 QoS属性表分成 9块, pri作为每一块内表 项的子索引。  Specifically, the QoS attribute table is a linear table whose entry content is innerCos, which is the internal priority used by the system; qoslndex represents the index of the QoS attribute table, which is divided into two parts: QosBase and pri, where qosBase puts the QoS attribute The table is divided into 9 blocks, and pri is used as a sub-index of each inner table entry.
步驟二: 在 PE设备配置 VPN用户接入, 为每个接入用户分配一个接 入属性表项。  Step 2: Configure VPN user access on the PE and assign an access attribute entry to each access user.
步驟三: 配置 VPN管道模式。  Step 3: Configure the VPN pipe mode.
步驟四: 指定接入用户 QoS策略, 即为每个接入用户指定优先级, 为 步驟二中的每个接入用户分配一个 QoS索引基址, 分配方法如下: 如果是 统一模式, 则 QoS索引基址为 0; 如果是管道、 短管道模式, 则 QoS索引 基址跟指定的优先级——对应。 Step 4: Specify the access user QoS policy, that is, assign priority to each access user. Each access user in step 2 allocates a QoS index base address, and the allocation method is as follows: If it is a unified mode, the QoS index base address is 0; if it is a pipe or a short pipe mode, the QoS index base address is assigned with the specified priority. Level - corresponding.
步驟五: 将步驟四分配的 QoS索引基址保存到步驟二的用户接入属性 表项。  Step 5: Save the QoS index base address assigned in step four to the user access attribute entry in step 2.
图 10是如图 7所示实施例中 VPN的 QoS实现流程图。 该实施例实现 虚拟专用网 QoS的过程, 如图 10所示, 步驟如下:  FIG. 10 is a flowchart of implementing QoS of a VPN in the embodiment shown in FIG. 7. The embodiment implements the process of virtual private network QoS, as shown in FIG. 10, the steps are as follows:
步驟一: 二层报文进入交换机转发流程处理, 判断是否满足 VPN接入 条件。  Step 1: The Layer 2 packet enters the switch forwarding process to determine whether the VPN access condition is met.
步驟二: 如果不满足, 则进行普通转发流程处理, 否则执行步驟三。 步驟三: 查询用户接入属性表, 得到 QoS索引基址。  Step 2: If not, perform the normal forwarding process. Otherwise, go to step 3. Step 3: Query the user access attribute table to obtain the QoS index base address.
步驟四: 使用步驟三获取的 QoS索引基址, 与用户报文的优先级组成 Step 4: Use the QoS index base address obtained in step 3 to form a priority with the user packet.
QoS索引, 查 QoS属性表, 获取内部优先级。 QoS index, check the QoS attribute table, and get the internal priority.
步驟五: QoS处理模块 50使用步驟四返回的内部优先级进行报文调度。 步驟六: 出口映射模块 70使用步驟四返回的内部优先级进行所封装标 签的优先级映射。  Step 5: The QoS processing module 50 uses the internal priority returned in step 4 to perform packet scheduling. Step 6: The egress mapping module 70 performs the priority mapping of the encapsulated label using the internal priority returned in step four.
需要说明的是, 本发明实施例在附图的流程图示出的步驟可以在诸如 一组计算机可执行指令的计算机系统中执行, 并且, 虽然在流程图中示出 了逻辑顺序, 但是在某些情况下, 可以以不同于此处的顺序执行所示出或 描述的步驟。  It should be noted that the steps shown in the flowchart of the accompanying drawings of the embodiments of the present invention may be executed in a computer system such as a set of computer executable instructions, and although a logical sequence is shown in the flowchart, In some cases, the steps shown or described may be performed in an order different than that described herein.
从以上的实施例描述中, 可以看出, 本发明实现了如下技术效果: 实 现能够在入口 PE设备实现不同接入用户选择不同的 QoS策略, 同时可以 对接入同一个 VPN的不同用户指定不同的优先级, 为网络营运提供更加灵 活的 QoS策略。  It can be seen from the description of the foregoing embodiments that the present invention achieves the following technical effects: enabling different access users to select different QoS policies at the ingress PE device, and different users for accessing the same VPN. Priority, providing a more flexible QoS strategy for network operations.
显然, 本领域的技术人员应该明白, 上述的本发明的各模块或各步驟 可以用通用的计算装置来实现, 它们可以集中在单个的计算装置上, 或者 分布在多个计算装置所组成的网络上, 可选地, 它们可以用计算装置可执 行的程序代码来实现, 从而, 可以将它们存储在存储装置中由计算装置来 执行, 或者将它们分别制作成多个集成电路模块, 或者将它们中的多个模 块或步驟制作成单个集成电路模块来实现。 这样, 本发明不限制于任何特 定的硬件和软件结合。 It will be apparent to those skilled in the art that the various modules or steps of the invention described above are apparent. It can be implemented by a general-purpose computing device, which can be centralized on a single computing device or distributed over a network of multiple computing devices. Alternatively, they can be implemented by program code executable by the computing device. They may be stored in a storage device by a computing device, or they may be fabricated into a plurality of integrated circuit modules, or a plurality of modules or steps thereof may be implemented as a single integrated circuit module. Thus, the invention is not limited to any specific combination of hardware and software.
以上所述, 仅为本发明的较佳实施例而已, 并非用于限定本发明的保 护范围。  The above is only the preferred embodiment of the present invention and is not intended to limit the scope of the present invention.

Claims

权利要求书 Claim
1、 一种虚拟专用网的服务质量 QoS实现方法, 包括:  1. A service quality QoS implementation method for a virtual private network, including:
为接入运营商边缘设备 PE 的一个或多个接入用户分别配置接入属性 表的属性值, 并获取所述属性值与 QoS策略的对应关系;  Configuring an attribute value of the access attribute table for one or more access users of the access edge device PE, and obtaining a correspondence between the attribute value and the QoS policy;
在所述接入用户的接入报文满足接入条件的情况下, 根据所述对应关 系获取所述接入报文对应的 QoS策略,以确定所述接入报文的内部优先级; 根据确定的所述内部优先级对所述接入报文进行 QoS处理。  If the access message of the access user meets the access condition, the QoS policy corresponding to the access packet is obtained according to the corresponding relationship, to determine an internal priority of the access packet; The determined internal priority performs QoS processing on the access message.
2、 根据权利要求 1所述的方法, 其中, 接入 PE的一个或多个接入用 户分别配置接入属性表的属性值, 并获取所述属性值与 QoS策略的对应关 系包括:  The method according to claim 1, wherein the one or more access users accessing the PE respectively configure the attribute value of the access attribute table, and obtain the corresponding relationship between the attribute value and the QoS policy, including:
为接入 PE的一个或多个接入用户分别分配接入属性表;  Assigning an access attribute table to one or more access users accessing the PE;
为每个所述接入用户指定用户报文优先级和 QoS索引基址, 以获取所 述 QoS策略, 并将所述 QoS索引基址保存至所述接入属性表。  Specifying a user message priority and a QoS index base address for each of the access users to obtain the QoS policy, and saving the QoS index base address to the access attribute table.
3、 根据权利要求 2所述的方法, 其中, 在为每个所述接入用户指定用 户报文优先级和 QoS索引基址之前, 所述方法还包括:  The method according to claim 2, wherein, before the user message priority and the QoS index base address are specified for each of the access users, the method further includes:
配置虚拟接入网 VPN管道模式, 所述 VPN管道模式包括: 统一模式、 管道模式或短管道模式;  Configuring a virtual access network VPN pipe mode, where the VPN pipe mode includes: a unified mode, a pipe mode, or a short pipe mode;
其中, 为每个所述接入用户指定 QoS索引基址包括:  Wherein, specifying a QoS index base address for each of the access users includes:
如果所述 VPN管道模式是统一模式, 则指定所述 QoS索引基址为 0; 如果所述 VPN 管道模式是管道模式或短管道模式, 则指定所述 QoS 索引基址与所述用户报文优先级——对应。  If the VPN pipe mode is a unified mode, the QoS index base address is specified as 0; if the VPN pipe mode is a pipe mode or a short pipe mode, specifying the QoS index base address and the user packet priority Level - corresponding.
4、 根据权利要求 2或 3所述的方法, 其中, 在所述接入用户的接入报 文满足接入条件的情况下, 根据所述对应关系获取所述接入报文对应的 QoS策略, 以确定所述接入 4艮文的内部优先级包括:  The method according to claim 2 or 3, wherein, when the access message of the access user meets the access condition, the QoS policy corresponding to the access message is obtained according to the corresponding relationship. , determining the internal priority of the access message includes:
所述 PE的接入侧接收到所述接入报文; 在所述接入报文满足所述 VPN接入条件的情况下, 在所述接入属性表 中查询所述接入报文对应的 QoS索引基址; The access side of the PE receives the access message; And querying, in the access attribute table, a QoS index base address corresponding to the access packet, where the access packet meets the VPN access condition;
将所述 QoS索引基址与其对应的所述用户报文优先级进行组合, 以获 取 QoS索引;  Combining the QoS index base address with the corresponding user message priority to obtain a QoS index;
通过所述 QoS索引在 QoS属性表中查询, 以得到所述接入报文的内部 优先级。  Querying in the QoS attribute table by using the QoS index to obtain an internal priority of the access message.
5、 根据权利要求 1所述的方法, 其中, 在根据确定的所述内部优先级 对所述接入报文进行 QoS处理之后, 所述方法还包括:  The method according to claim 1, wherein after the QoS processing is performed on the access packet according to the determined internal priority, the method further includes:
在所述接入报文进行出口封装时, 将所述内部优先级映射到标签优先 级。  When the access packet is egress encapsulated, the internal priority is mapped to a label priority.
6、 一种虚拟专用网的 QoS实现装置, 包括:  6. A QoS implementation device for a virtual private network, comprising:
配置模块,用于为接入 PE的一个或多个接入用户分别配置接入属性表 的属性值, 并获取所述属性值与 QoS策略的对应关系;  a configuration module, configured to separately configure an attribute value of the access attribute table for one or more access users accessing the PE, and obtain a correspondence between the attribute value and the QoS policy;
确定模块, 用于在所述接入用户的接入报文满足接入条件的情况下, 根据所述对应关系获取所述接入报文对应的 QoS策略, 以确定所述接入报 文的内部优先级;  a determining module, configured to obtain, according to the corresponding relationship, a QoS policy corresponding to the access packet, to determine the access packet, if the access packet of the access user meets an access condition, Internal priority
QoS 处理模块, 用于根据确定的所述内部优先级对所述接入报文进行 QoS处理。  The QoS processing module is configured to perform QoS processing on the access packet according to the determined internal priority.
7、 根据权利要求 6所述的装置, 其中, 所述配置模块包括: 分配模块, 用于为接入 PE 的一个或多个接入用户分别分配接入属性 表;  The device according to claim 6, wherein the configuration module includes: an allocation module, configured to separately allocate an access attribute table for one or more access users accessing the PE;
指定模块, 用于为每个所述接入用户指定用户报文优先级和 QoS索引 基址, 以获取所述 QoS策略, 并将所述 QoS索引基址保存至所述接入属性 表。  And a specifying module, configured to specify a user message priority and a QoS index base address for each of the access users, to obtain the QoS policy, and save the QoS index base address to the access attribute table.
8、 根据权利要求 7所述的装置, 其中, 所述装置还包括: 配置模式模块, 用于配置 VPN管道模式, 所述 VPN管道模式包括: 统一模式、 管道模式或短管道模式; 8. The device according to claim 7, wherein the device further comprises: a configuration mode module, configured to configure a VPN pipe mode, where the VPN pipe mode includes: a unified mode, a pipeline mode, or a short pipe mode;
其中, 所述指定模块在为每个所述接入用户指定 QoS索引基址时, 用 于: 如果所述 VPN管道模式是统一模式, 则指定所述 QoS索引基址为 0; 如果所述 VPN管道模式是管道模式或短管道模式,则指定所述 QoS索引基 址与所述用户 ^艮文优先级——对应。  The specifying module, when specifying a QoS index base address for each of the access users, is configured to: if the VPN pipe mode is a unified mode, specify the QoS index base address to be 0; The pipeline mode is a pipeline mode or a short pipe mode, and the QoS index base address is specified to correspond to the user priority.
9、 根据权利要求 7或 8所述的装置, 其中, 所述确定模块包括: 接收模块, 用于所述 PE的接入侧接收到所述接入报文;  The device according to claim 7 or 8, wherein the determining module comprises: a receiving module, configured to receive, by the access side of the PE, the access message;
第一查询模块,用于在所述接入报文满足所述 VPN接入条件的情况下, 在所述接入属性表中查询所述接入报文对应的 QoS索引基址;  a first querying module, configured to query, in the access attribute table, a QoS index base address corresponding to the access packet, if the access packet meets the VPN access condition;
获取模块, 用于将所述 QoS索引基址与其对应的所述用户报文优先级 进行组合, 以获取 QoS索引;  An obtaining module, configured to combine the QoS index base address and the corresponding user packet priority to obtain a QoS index;
第二查询模块, 用于通过所述 QoS索引在 QoS属性表中查询, 以得到 所述接入报文的内部优先级。  The second query module is configured to query the QoS attribute table by using the QoS index to obtain an internal priority of the access message.
10、 根据权利要求 6所述的装置, 其中, 所述装置还包括:  10. The device according to claim 6, wherein the device further comprises:
出口映射模块, 用于在所述接入报文进行出口封装时, 将所述内部优 先级映射到标签优先级。  The egress mapping module is configured to map the internal priority to the label priority when the access packet is egress-encapsulated.
PCT/CN2012/077150 2011-06-20 2012-06-19 Method and device for realizing qos in virtual private network WO2012175011A1 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
CN201110166073.4A CN102202003B (en) 2011-06-20 The Qos implementation method of Virtual Private Network and device
CN201110166073.4 2011-06-20

Publications (1)

Publication Number Publication Date
WO2012175011A1 true WO2012175011A1 (en) 2012-12-27

Family

ID=44662404

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2012/077150 WO2012175011A1 (en) 2011-06-20 2012-06-19 Method and device for realizing qos in virtual private network

Country Status (1)

Country Link
WO (1) WO2012175011A1 (en)

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101355516A (en) * 2008-09-09 2009-01-28 中兴通讯股份有限公司 Method and system for providing service quality tactics for various virtual special network
CN101453400A (en) * 2007-12-07 2009-06-10 中国电信股份有限公司 Method and forwarding device for ensuring quality of service of virtual private network service
US20090323698A1 (en) * 2008-06-26 2009-12-31 Cisco Technology, Inc. Pure control-plane approach for on-path connection admission control operations in multiprotocol label switching virtual private networks
CN101848143A (en) * 2010-04-01 2010-09-29 中兴通讯股份有限公司 Method and device for processing QoS of flow of virtual private network
CN102202003A (en) * 2011-06-20 2011-09-28 中兴通讯股份有限公司 Qos (Quality of Service) implementation method and device for VPN (Virtual Private Network)

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101453400A (en) * 2007-12-07 2009-06-10 中国电信股份有限公司 Method and forwarding device for ensuring quality of service of virtual private network service
US20090323698A1 (en) * 2008-06-26 2009-12-31 Cisco Technology, Inc. Pure control-plane approach for on-path connection admission control operations in multiprotocol label switching virtual private networks
CN101355516A (en) * 2008-09-09 2009-01-28 中兴通讯股份有限公司 Method and system for providing service quality tactics for various virtual special network
CN101848143A (en) * 2010-04-01 2010-09-29 中兴通讯股份有限公司 Method and device for processing QoS of flow of virtual private network
CN102202003A (en) * 2011-06-20 2011-09-28 中兴通讯股份有限公司 Qos (Quality of Service) implementation method and device for VPN (Virtual Private Network)

Also Published As

Publication number Publication date
CN102202003A (en) 2011-09-28

Similar Documents

Publication Publication Date Title
US8230110B2 (en) Work-conserving packet scheduling in network devices
CN110912736B (en) Resource allocation method and device
TW202026896A (en) Asynchronous object manager in a network routing environment
WO2020073903A1 (en) Latency-sensitive network communication method and apparatus thereof
US20090274045A1 (en) Qos provisioning in a network having dynamic link states
CN114125924B (en) TSN service processing method and device and computer readable storage medium
CN104954226A (en) SDN-based QoS-supported communication tunnel establishment method and system
JP2014513466A (en) Packet scheduling method and apparatus
KR20090121327A (en) Parameterized quality of service in a network
WO2015066878A1 (en) Control device and control method in software defined network (sdn)
WO2015074453A1 (en) Control method and apparatus for data stream forwarding route
US11165716B2 (en) Data flow processing method and device
WO2012028026A1 (en) Method and apparatus for managing transmission resources in multimode coexistence transmission
WO2015039617A1 (en) Method, system, and device for packet processing
WO2015101066A1 (en) Method and node for establishing quality of service reservation
WO2012065466A1 (en) Method and device for allocating aggregated link bandwidth in packet-switched network
CN102404226A (en) Method for dispatching absolute priority of data frame based on 802.1 p under Linux system
WO2016095142A1 (en) Data forwarding method, device and system in software-defined networking (sdn)
CN102377645B (en) Exchange chip and realization method thereof
WO2014127635A1 (en) Method and device for transmitting enhanced transmission selection standard configuration information
WO2006058497A1 (en) A method for distributing resources of bearer network
WO2012175011A1 (en) Method and device for realizing qos in virtual private network
WO2007019788A1 (en) A method and a system for realizing pipe model based on differentiated services
Lin et al. A QoS model of Next Generation Network based on MPLS
US9215088B2 (en) Identification of application sessions

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 12803228

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 12803228

Country of ref document: EP

Kind code of ref document: A1