WO2016101646A1 - Access method and apparatus for ethernet virtual network - Google Patents

Access method and apparatus for ethernet virtual network Download PDF

Info

Publication number
WO2016101646A1
WO2016101646A1 PCT/CN2015/088460 CN2015088460W WO2016101646A1 WO 2016101646 A1 WO2016101646 A1 WO 2016101646A1 CN 2015088460 W CN2015088460 W CN 2015088460W WO 2016101646 A1 WO2016101646 A1 WO 2016101646A1
Authority
WO
WIPO (PCT)
Prior art keywords
edge device
data packet
address
mac
designated forwarder
Prior art date
Application number
PCT/CN2015/088460
Other languages
French (fr)
Chinese (zh)
Inventor
廖文奇
Original Assignee
华为技术有限公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 华为技术有限公司 filed Critical 华为技术有限公司
Publication of WO2016101646A1 publication Critical patent/WO2016101646A1/en

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L12/00Data switching networks
    • H04L12/28Data switching networks characterised by path configuration, e.g. LAN [Local Area Networks] or WAN [Wide Area Networks]
    • H04L12/46Interconnection of networks

Definitions

  • the present invention relates to the field of communications technologies, and in particular, to an access method and device for an Ethernet virtual network, and a service recovery method and device for a user network edge device.
  • Ethernet Virtual Network is a Layer 2 Internetworking virtual private network based on Virtual eXtensible Local Area Network (VXLAN) tunnel (English: Virtual Private Network) , referred to as: VPN) technology.
  • the EVN includes the carrier edge device (English: Provider Edge, PE for short) and the user network edge device (English: Customer Edge, referred to as CE, for convenience of description.
  • the following uses PE to refer to the carrier edge device and uses CE. Refers to the user network edge device).
  • PE1, PE2, and PE3 are user network edge devices.
  • CE1, CE2, and CE3 are user network edge devices that access PE1, PE2, and PE3.
  • a neighbor relationship and a virtual scalable LAN VXLAN tunnel (IP network) are established between PE1, PE2, and PE3.
  • IP network virtual scalable LAN VXLAN tunnel
  • the CE obtains the hardware address of the CE (English: Media Access Control, MAC for short) instead of routing information.
  • PE1 obtains the MAC address of the accessed CE1 and is not the routing information of CE1.
  • the data packet sent by CE2 that is connected to PE2 can be forwarded to PE1 by PE2.
  • PE1 forwards it to CE1 according to the MAC address of CE1, thus implementing Layer 2 network. Interconnected virtual private network.
  • the PE is the designated forwarder of the CE.
  • the data packets sent by the CE are forwarded by the PE as the designated forwarder, but the chain between the CE and the PE is used.
  • Road fault When the data packet sent by the CE or the PE is unreachable, the CE needs to wait for a long time to select a new PE access and forward the data as the designated forwarder. Therefore, in the conventional technology, when a link failure occurs, the CE recovers the data transmission service for a long time, which results in insufficient reliability of the EVN network.
  • a first aspect of the present invention provides an access method of an Ethernet virtual network, including:
  • Ethernet segment route including the identifier of the Ethernet segment, and electing the primary designated forwarder and the designated forwarder according to the received Ethernet segment route;
  • the data packet sent by the accessed user network edge device is forwarded through the IP network according to the MAC routing table, and the probe is periodically sent to the accessed user network edge device. Text.
  • the method further includes:
  • Receiving a MAC address advertisement route sent by the remote carrier edge device obtaining an IP address of the remote carrier edge device and a MAC address of the remote user network edge device according to the MAC address advertisement route, and The obtained IP address and MAC address are added to the MAC routing table.
  • the step of forwarding the data packet sent by the user network edge device by using the IP routing table according to the MAC routing table is further include:
  • the step of sending the probe packet to the access user network edge device further includes:
  • the step of electing the primary designated forwarder and the standby designated forwarder according to the received Ethernet segment route further includes:
  • the primary designated forwarder and the secondary designated forwarder are elected by comparing the sizes of the IP addresses.
  • Ethernet virtual network access device that shortens the time during which a CE recovers a data transmission service when a link failure occurs.
  • An access device for an Ethernet virtual network comprising:
  • a routing table adding module configured to receive an address resolution protocol packet sent by an access user network edge device, obtain a MAC address of the accessed user network edge device according to the address resolution protocol packet, and use the MAC address Add to the default MAC routing table;
  • An Ethernet segment identifier obtaining module configured to acquire an Ethernet segment identifier of the accessed user network edge device
  • Designate a forwarder election module for use with one or more carrier edge devices in their neighbor relationship Transmitting an Ethernet segment route that includes the identifier of the Ethernet segment, and electing a primary designated forwarder and a designated forwarder according to the received Ethernet segment route;
  • a data packet forwarding module configured to forward, according to the MAC routing table, a data packet sent by the user network edge device that is accessed by the user according to the MAC routing table, and periodically send the data packet to the access device.
  • the user network edge device sends a probe packet.
  • the routing table adding module is further configured to receive a MAC address advertisement route sent by a remote carrier edge device, Obtaining, according to the MAC address advertisement route, an IP address of the remote operator edge device and a MAC address of the remote user network edge device, and adding the acquired IP address and MAC address to the MAC routing table. in.
  • the data packet forwarding module is further configured to obtain a remote user network edge device included in the data packet. a MAC address; searching, in the MAC routing table, an IP address of a remote edge operator's edge device corresponding to a MAC address of the remote user network edge device; encapsulating the data packet into an IP address Network data packet, and the encapsulated IP network data packet is sent to the remote operator edge device corresponding to the found IP address through the IP network, and is solved by the remote carrier edge device. After the packet, the packet is forwarded to the remote user network edge device corresponding to the MAC address.
  • the data packet forwarding module is further configured to receive a data packet sent by the remote operator edge device. And determining whether the packet is a multicast packet, and if yes, excluding the carrier edge device selected as the designated forwarder when forwarding the data packet.
  • the apparatus further includes a forwarding link switching module, configured to receive the accessed user network edge device and return The response packet is sent to detect whether the response packet has timed out. If yes, the remote network edge device is notified to forward the data packet to the operator edge device selected as the designated forwarder.
  • a forwarding link switching module configured to receive the accessed user network edge device and return The response packet is sent to detect whether the response packet has timed out. If yes, the remote network edge device is notified to forward the data packet to the operator edge device selected as the designated forwarder.
  • the specified forwarder election module is further configured to obtain an Ethernet segment of the user network edge device with the access according to the received Ethernet segment route.
  • Standard The IP address of the corresponding carrier edge device is identified; the primary designated forwarder and the designated forwarder are elected by comparing the sizes of the IP addresses.
  • a service recovery method for a user network edge device includes:
  • the probe packet sent by the operator edge device that is the primary designated forwarder is detected, and if it times out, the data packet is sent to the operator edge device that is the designated forwarder and forwarded by the operator.
  • a service recovery device for a user network edge device comprising:
  • a MAC address issuing module configured to obtain a MAC address, and send an address resolution protocol packet including the MAC address to two or more carrier edge devices, where the operator edge device adds to a corresponding MAC routing table. in;
  • a specified forwarder determining module configured to receive an Ethernet segment route sent by the two or more carrier edge devices, and determine, as the primary designated forwarder and the designated forwarder, the operator according to the Ethernet segment route Edge device
  • a data packet sending module configured to: send the data packet to the operator edge device as the primary designated forwarder, and forward the data packet according to the MAC routing table;
  • a forwarder switching module configured to detect the probe packet sent by the operator edge device that is the primary designated forwarder, and if the timeout occurs, send the data packet to the edge of the operator that is the designated forwarder. Equipment, And forwarded by it.
  • Ethernet virtual network access method and device when the user network edge device accesses the Ethernet virtual network, it is not only accessing a single carrier edge device but Enter two or more carrier edge devices, and all the operator edge devices accessing the user network edge device perform election, determine the identity of each primary designated forwarder and the specified forwarder, and then be the designated forwarder.
  • the operator edge device forwards the data packet of the user network edge device, and the carrier edge device that is the primary designated forwarder and the user network edge device detect the reachability state of the data packet of the other party through the probe packet.
  • the user network edge device can quickly switch to the standby forwarding link to forward data packets without waiting for a long time, so that the data transmission service of the user network edge device The recovery time is greatly shortened, thereby improving the reliability of the EVN network.
  • FIG. 1 is a schematic diagram of networking of an Ethernet virtual network
  • FIG. 2 is a flowchart of an Ethernet virtual network access method according to an embodiment of the present invention.
  • FIG. 3 is a schematic diagram of networking of an Ethernet virtual network in which a CE accesses multiple PEs according to an embodiment of the present invention
  • FIG. 4 is a schematic diagram of networking for establishing a neighbor relationship between PEs through a route reflector according to an embodiment of the present invention
  • FIG. 5 is a schematic structural diagram of a packet for a PE to encapsulate a data packet sent by a CE according to an embodiment of the present invention
  • FIG. 6 is a schematic diagram of a PE forwarding a multicast packet as a primary designated forwarder according to an embodiment of the present invention
  • FIG. 7 is a schematic diagram of a process of performing data forwarding link switching between PEs according to an embodiment of the present invention.
  • FIG. 8 is a schematic diagram of a process of re-selecting a designated forwarder to forward data as a CE according to an embodiment of the present invention
  • FIG. 9 is a schematic diagram of an Ethernet virtual network access device according to another embodiment of the present invention.
  • FIG. 10 is a flowchart of a service recovery method of a user network edge device according to another embodiment of the present invention.
  • FIG. 11 is a schematic diagram of a service recovery apparatus of a user network edge device according to another embodiment of the present invention.
  • the mechanism consists of two parts, including the access method of the Ethernet virtual network running on the PE. And a service recovery method of the user network edge device running on the foregoing CE.
  • the access method of the above Ethernet virtual network and the service recovery method of the user network edge device may all depend on a computer program, and the computer program may run on a computer system conforming to the Von Neumann system.
  • the method is as shown in FIG. 2, including:
  • Step S102 Receive an address resolution protocol packet sent by an access user network edge device (CE), obtain a MAC address of the accessed user network edge device (CE) according to the address resolution protocol packet, and add the MAC address to the MAC address.
  • the default MAC routing table The default MAC routing table.
  • CE1 is connected to two edge devices of PE1 and PE2, and CE2 is connected to PE3.
  • CE1 broadcasts the address resolution protocol (ARP) packet to broadcast the MAC address of CE1 to PE1 and PE2.
  • ARP address resolution protocol
  • PE1 and PE2 can obtain the MAC address of CE1.
  • CE1 also receives the ARP packet broadcasted by PE1 or PE2, and then responds to the MAC address of CE1 by passively responding to the ARP packet, so that PE1 and PE2 obtain CE1.
  • PE3 can also obtain the MAC address of CE2.
  • the method further includes receiving a MAC address advertisement route sent by the remote operator edge device, and obtaining the IP address of the remote operator edge device and the remote user network edge according to the MAC address advertisement route.
  • the MAC address of the device and add the obtained IP address and MAC address to the MAC routing table.
  • the Ethernet segment route (ESR) can be sent to PE2 and PE3 in the neighbor relationship.
  • ESR Ethernet segment route
  • the IP address is IP1) and is flooded to PE2 and PE3.
  • PE2 and PE3 can add MAC_1 and IP1 to the routing table.
  • the MAC routing table entry shown in Figure 3 exists in the MAC routing table stored on the PE1.
  • the MAC address table stored in the PE1 records the IP address of the next hop forwarded by the MAC_1 and the MAC_2. For example, if the destination MAC address of the received data packet is MAC_2, the MAC routing entry is If the IP address of the next hop forwarded by MAC_2 is "IP3", the data packet is forwarded to the PE3 whose IP address is IP3.
  • the MAC address is The IP address of the next hop forwarded by MAC_2 in the entry is "ETH", which means that the next hop will be forwarded directly through the Layer 2 Ethernet link, that is, it is forwarded to the MAC address as MAC_1 through the Layer 2 Ethernet link. CE1.
  • the MAC routing table on the PE may also include a virtual local area network (VLAN) identifier.
  • VLAN virtual local area network
  • the VLAN IDs of CE1 and PE1 can be set to 100.
  • CE1 configures the port connected to PE1 as a trusted port.
  • the trusted port stores the trusted MAC address corresponding to VLAN ID 100.
  • the list of trusted MAC addresses is generated by receiving an Ethernet segment route sent by PE1.
  • PE1 sends the MAC entry in its MAC routing table to CE1 through the Ethernet segment route.
  • CE1 adds the received MAC address corresponding to the same VLAN ID to the trusted MAC address list.
  • the corresponding trusted MAC address list on the trusted port connected to CE1 and CE1 contains the MAC address of CE2, and CE1 can use CE2 as The destination of the data transmission; if the VLAN ID of the CE2 is not configured as 100 (the PE can be configured with multiple VLAN IDs, and the MAC address of the CE2 is also included in the MAC routing table), the MAC address of the CE2 will not be added to the CE1.
  • the trusted MAC address list corresponding to the trusted port connected to the other PE1 does not cause data transmission between CE1 and CE2.
  • Step S104 Obtain an Ethernet segment identifier of the accessed user network edge device.
  • a unique Ethernet segment identifier (English: Ethernet Segment Identifier, ESI) can be defined for the connection to the CE.
  • ESI Ethernet Segment Identifier
  • CE1 is connected to both PE1 and PE2.
  • the Ethernet segment identifier assigned by PE1 to CE1 is ESI1
  • the Ethernet segment identifier assigned by PE2 to CE1 is also ESI1.
  • CE2 is connected to PE3
  • the Ethernet segment identifier assigned by PE3 to the CE3 connection is ESI2 for distinguishing.
  • step S106 the Ethernet segment route including the Ethernet segment identifier is mutually exchanged with one or more carrier edge devices in the neighbor relationship, and the primary designated forwarder and the standby designated forwarding are elected according to the received Ethernet segment route.
  • PEs need to be configured to be fully connected so that all PEs are in a neighbor relationship.
  • a route reflector (English: Route Reflector, RR for short) can be configured.
  • the RR discovers and receives a connection based on the Border Gateway Protocol (BGP) initiated by other PEs in the EVN to establish a client list. If the RR receives a route sent by a PE, it forwards it to all other PEs in the client list. That is to say, PEs can form a fully connected network through RRs to establish neighbor relationships.
  • Border Gateway Protocol BGP
  • PE1, PE2, and PE3 are connected to each other through the RR.
  • CE1 is connected to both PE1 and PE2, and CE2 is connected to PE3, PE1 and PE2 are connected to CE1.
  • the same ESI: ESI1 was connected; and the ESI assigned to CE2 by PE3 was: ESI2.
  • PE1, PE2, and PE3 exchange Ethernet segments with each other through the RR.
  • the route contains ESI information.
  • PE1, PE2, and PE3 can determine that the corresponding ESI1 is PE1 and PE2, and the corresponding ESI2 is PE3.
  • a list of terminals corresponding to ESI1 can be established on the PE1, and the list includes the identifiers of the PE1 and the PE2 (for example, the information identifying the PE such as the IP address), and the same is established on the PE2.
  • the list also contains the identifiers of PE1 and PE2.
  • PE1 and PE2 can elect the primary designated forwarder and the specified forwarder corresponding to ESI1 according to the identifier included in the terminal list.
  • the step of electing the primary designated forwarder and the standby designated forwarder according to the received Ethernet segment route further includes:
  • the IP address of the carrier's edge device; the primary designated forwarder and the specified forwarder are elected by comparing the size of the IP address.
  • the IP addresses of PE1 and PE2 are used as the respective identifiers in the terminal list corresponding to ESI1 stored on PE1 and PE2, and then the PE with the smallest IP address can be elected as the primary designated forwarder.
  • the PE election corresponding to the remaining IP addresses is the designated forwarder. For PE1, it is only necessary to determine whether the IP address of the PE1 itself is the smallest IP address in the terminal list, and it can be determined whether the PE1 itself is elected as the designated forwarder. If the PE1 determines that the IP address is not the same, If the IP address is the smallest IP address in the terminal list, PE1 can determine that PE1 is elected as the designated forwarder.
  • Step S108 After being elected as the primary designated forwarder, forward the data packet sent by the user network edge device that is accessed by the IP network according to the MAC routing table, and periodically send the probe packet to the accessed user network edge device.
  • the step of forwarding the data packet sent by the user network edge device by using the IP routing table according to the MAC routing table further includes:
  • the MAC routing table looks up the IP address of the remote carrier's edge device that it accesses corresponding to the MAC address of the remote user network edge device.
  • CE1 and CE2, and PE1, PE2, and PE3 are all assigned the same VLAN identifier, and PE1 is selected as the primary designated forwarder of CE1, and PE2 is selected as the designated forwarder of CE2. .
  • the data packet sent by CE1 to CE2 (Layer 2 Ethernet data packet) will be forwarded to PE1 through the link between CE1 and PE1.
  • PE1 After receiving the data packet, PE1 sends the packet according to the data packet.
  • the remote user network changes the MAC address of the edge device, that is, the MAC address of the CE2, and the MAC address of the CE1 that sends the data packet, and then encapsulates the data packet into a data packet of the VxLan IP network, and queries the MAC address. If the routing table obtains the IP address of the next hop to be the IP address of the PE3, the encapsulated data packet is sent to the PE3 through the IP network.
  • the format of the data packet of the encapsulation may be as shown in FIG. 5, and the VxLAN protocol header (including the “original Layer 2 data packet” part in FIG. 5) needs to be added to the received CE1 data packet (including the “original Layer 2 data packet” part in FIG. 5). VLAN identification and other information), and then add the IP protocol header (including the IP address of PE1 and the IP address of PE3), plus the prohibition fragmentation.
  • the fragment identification identifies the MAC address of the CE3 that contains the target received data message (ie, the DMAC data segment in the fragmentation identifier in FIG. 5) and the MAC address of the CE1 that sends the data packet (ie, in FIG. 5).
  • the SMAC data segment in the fragmentation identifier is prohibited, and the additional information (ie, the TYPE data segment in the fragmentation identifier is prohibited in FIG. 5).
  • the PE3 After receiving the encapsulated data packet, the PE3 can obtain the MAC address of the device that is sent by the destination of the data packet to the CE3 by querying the data packet. If the address of the one-hop forwarding is an Ethernet network (that is, the port connected to CE3), the data segment of the original Layer 2 data packet in the encapsulated data packet is extracted and sent to CE3.
  • the address of the one-hop forwarding is an Ethernet network (that is, the port connected to CE3)
  • the trusted port corresponding to PE3 on CE3 is configured to determine that the device that originated the data packet is CE1. If the MAC address of CE1 is in the list of trusted MAC addresses, the data packet is successfully received.
  • the PE1 forwards the multicast to the MAC routing entry corresponding to the multicast packet according to the MAC routing table. A copy of the message (still required to be encapsulated).
  • the primary designated forwarder After receiving the data packet sent by the remote carrier edge device, the primary designated forwarder determines whether it is a multicast packet, and if so, excludes the selected forwarder when forwarding the data packet. Carrier edge device.
  • PE1 which is the primary designated forwarder of CE1 rejects the designated forwarder as CE1 after receiving the multicast packet.
  • PE2 that is, does not forward data packets to PE2, thus preventing the formation of a loop of PE3-PE1-PE2-PE3.
  • the probe packet needs to be sent to the CE1 periodically.
  • the time can be set to a short period of time, such as 10ms. It is used to check whether the link between CE1 and PE1 is clear. That is, CE1 and PE1 can determine whether the other party is reachable.
  • the PE After the step of sending a probe packet to the user edge device of the access user, the PE can be connected. And receiving the response packet returned by the user network edge device, and detecting whether the response packet times out. If yes, the remote network edge device is notified to forward the data packet to the operator edge device selected as the designated forwarder.
  • PE1 can send a probe packet to CE1 every 10 ms and detect whether it receives the response packet returned by CE1. If the threshold is exceeded, for example, if CE1 is not detected, it is not detected.
  • the response packet can be used to determine that the CE1 is in the unreachable state of the data packet, and can notify the PE3 that is in the neighbor relationship, that is, the Ethernet segment that sends the MAC address of the CE1 to the PE3.
  • the PE3 can delete the MAC address entry of the IP address of the CE1 in the MAC routing table, but still retain the MAC address of the CE1.
  • the MAC address entry of the IP address is not limited to the IP address.
  • the data packet sent by CE2 to CE1 is forwarded to PE2 through PE3, and then forwarded to CE1 by PE2. Therefore, the link between the CE1 and the PE1 is in a state in which the data packet is unreachable, and the data is forwarded to the CE1 through the PE2 that is the designated forwarder. Improve the reliability of the EVN network.
  • the data packet can be sent to and forwarded by the operator edge device as the designated forwarder.
  • PE1 which is the primary designated forwarder, can send probe packets to CE1 every 10 ms.
  • CE1 detects whether it is received. If the preset duration threshold is exceeded, for example, if it is not detected within 30 ms, PE1 can be determined as data. The packet is unreachable.
  • CE1 can send data packets to PE2 as the designated forwarder and forward it by PE2. At the same time, CE1 can find the trusted port connected to PE1, obtain the trusted MAC address corresponding to the VLAN ID of the trusted port, and then delete it. Then CE1 does not perform data transmission with PE1.
  • the probe packet sent by the PE as the primary designated forwarder can also quickly detect that the link between CE1 and PE1 is in the unreachable state of the data packet, and switch to the designated forwarder in time.
  • the PE2 forwards the data, which greatly shortens the time for the CE1 to recover the data transmission service and improves the reliability of the EVN network.
  • an access device of the Ethernet virtual network corresponding to the access method of the foregoing Ethernet virtual network is also provided.
  • the device includes a routing table adding module 102, an Ethernet segment identifier obtaining module 104, a designated forwarder election module 106, and a data packet forwarding module 108, where:
  • the routing table adding module 102 is configured to receive an address resolution protocol packet sent by the user network edge device that is accessed, obtain the MAC address of the accessed user network edge device according to the address resolution protocol packet, and use the MAC address. The address is added to the preset MAC routing table;
  • the Ethernet segment identifier obtaining module 104 is configured to obtain an Ethernet segment identifier of the accessed user network edge device.
  • the forwarder election module 106 is configured to exchange the Ethernet segment route including the Ethernet segment identifier with one or more carrier edge devices in the neighbor relationship, and elect the primary designation according to the received Ethernet segment route. Forwarder and standby forwarder;
  • the data packet forwarding module 108 is configured to forward, according to the MAC routing table, the data packet sent by the accessed user network edge device according to the MAC routing table, and periodically send the data packet to the terminal after being elected as the primary designated forwarder.
  • the incoming user network edge device sends a probe packet.
  • the routing table adding module 102 is further configured to receive a MAC address advertisement route sent by the remote operator edge device, obtain an IP address of the remote carrier edge device according to the MAC address advertisement route, and The MAC address of the remote user network edge device, and adds the obtained IP address and MAC address to the MAC routing table.
  • the data packet forwarding module 108 is further configured to obtain a MAC address of a remote user network edge device included in the data packet, and search for the remote user network in the MAC routing table.
  • the IP address of the edge device is the IP address of the remote edge carrier device to which it is connected; the data packet is encapsulated into an IP network data packet, and the encapsulated IP network data packet is sent to the IP network through the IP network.
  • the remote carrier edge device corresponding to the discovered IP address is unpacked by the remote carrier edge device and forwarded to the remote user network edge device corresponding to the MAC address.
  • the data packet forwarding module 108 is further configured to receive the data packet sent by the remote operator edge device, and determine whether it is a multicast packet, and if yes, forward the data packet.
  • the operator edge device selected as the designated forwarder is excluded.
  • the access device of the Ethernet virtual network further includes a forwarding link switching module 110, configured to receive a response packet returned by the accessed user network edge device, and detect the response. Whether the packet times out, if yes, notifying the remote user network edge device to the edge of the operator selected as the designated forwarder The device forwards data packets.
  • the designated forwarder election module 106 is further configured to obtain, according to the received Ethernet segment route, an IP address of the operator edge device corresponding to the Ethernet segment identifier of the accessed user network edge device; The size of the IP address elects the primary designated forwarder and the alternate designated forwarder.
  • the foregoing mechanism for the CE to access the PE includes the service recovery method of the user network edge device running on the foregoing CE.
  • the operation of the method may depend on a computer program that can run on a computer system that conforms to the von Neumann system.
  • the computer system can be a router device that acts as a CE in the EVN network.
  • the method includes:
  • step S202 the MAC address is obtained, and the address resolution protocol packet including the MAC address is sent to the two or more carrier edge devices, and is added by the operator edge device to the respective MAC routing table.
  • CE1 is connected to two edge devices of PE1 and PE2, and CE2 is connected to PE3.
  • CE1 broadcasts the address resolution protocol (ARP) packet to broadcast the MAC address of CE1 to PE1 and PE2.
  • ARP address resolution protocol
  • PE1 and PE2 can obtain the MAC address of CE1.
  • CE1 also receives the ARP packet broadcasted by PE1 or PE2, and then responds to the MAC address of CE1 by passively responding to the ARP packet, so that PE1 and PE2 obtain CE1.
  • PE3 can also obtain the MAC address of CE2.
  • the Ethernet segment route (ESR) can be sent to the PE2 and the PE3 in the neighbor relationship.
  • the IP address of the obtained MAC_1 and PE1 (in the application scenario corresponding to FIG. 3, the IP address of PE1 is IP1) is diffused to PE2 and PE3.
  • PE2 and PE3 After receiving the Ethernet segment route, PE2 and PE3 can add MAC_1 and IP1 to the routing table.
  • the MAC routing table entry shown in Figure 3 exists in the MAC routing table stored on the PE1.
  • the MAC address table stored in the PE1 records the IP address of the next hop forwarded by the MAC_1 and the MAC_2, for example, the destination MAC address of the received data packet. If the IP address of the next hop corresponding to MAC_2 in the MAC routing entry is "IP3", the data packet is forwarded to the PE3 whose IP address is IP3. If the received data packet is received, The destination MAC address is MAC_1.
  • the IP address of the next hop corresponding to MAC_2 in the MAC routing entry is ETH. This means that the next hop will be forwarded directly through the Layer 2 Ethernet link, that is, through Layer 2 Ethernet.
  • the network link is forwarded to CE1 with MAC address MAC_1.
  • Step S204 Receive an Ethernet segment route sent by two or more carrier edge devices, and determine, as the primary designated forwarder and the secondary designated forwarder, the operator edge device according to the Ethernet segment route.
  • the VLAN IDs of CE1 and PE1 can be set to 100.
  • CE1 configures the port connected to PE1 as a trusted port.
  • the trusted port stores the trusted MAC address corresponding to VLAN ID 100.
  • the list of trusted MAC addresses is generated by receiving an Ethernet segment route sent by PE1.
  • PE1 sends the MAC entry in its MAC routing table to CE1 through the Ethernet segment route.
  • CE1 adds the received MAC address corresponding to the same VLAN ID to the trusted MAC address list.
  • the corresponding trusted MAC address list on the trusted port connected to CE1 and CE1 contains the MAC address of CE2, and CE1 can use CE2 as The destination of the data transmission; if the VLAN ID of the CE2 is not configured as 100 (the PE can be configured with multiple VLAN IDs, and the MAC address of the CE2 is also included in the MAC routing table), the MAC address of the CE2 will not be added to the CE1.
  • the trusted MAC address list corresponding to the trusted port connected to the other PE1 does not cause data transmission between CE1 and CE2.
  • a unique Ethernet segment identifier (English: Ethernet Segment Identifier, ESI) can be defined for the connection to the CE.
  • ESI Ethernet Segment Identifier
  • CE1 is connected to both PE1 and PE2.
  • the Ethernet segment identifier assigned by PE1 to CE1 is ESI1
  • the Ethernet segment identifier assigned by PE2 to CE1 is also ESI1.
  • CE2 is connected to PE3
  • the Ethernet segment identifier assigned by PE3 to the CE3 connection is ESI2 for distinguishing.
  • PEs need to be configured to be fully connected so that all PEs are in a neighbor relationship.
  • a route reflector (English: Route Reflector, RR for short) can be configured.
  • the RR discovers and receives a connection based on the Border Gateway Protocol (BGP) initiated by other PEs in the EVN to establish a client list. If the RR receives a route sent by a PE, it forwards it to All other PEs in this client list. That is to say, PEs can form a fully connected network through RRs to establish neighbor relationships.
  • Border Gateway Protocol BGP
  • PE1, PE2, and PE3 are connected to each other through the RR.
  • CE1 is connected to both PE1 and PE2, and CE2 is connected to PE3, PE1 and PE2 are connected to CE1.
  • the same ESI: ESI1 was connected; and the ESI assigned to CE2 by PE3 was: ESI2.
  • PE1, PE2, and PE3 exchange Ethernet segments with each other through the RR.
  • the route contains ESI information.
  • PE1, PE2, and PE3 can determine that the corresponding ESI1 is PE1 and PE2, and the corresponding ESI2 is PE3.
  • a list of terminals corresponding to ESI1 can be established on the PE1, and the list includes the identifiers of the PE1 and the PE2 (for example, the information identifying the PE such as the IP address), and the same is established on the PE2.
  • the list also contains the identifiers of PE1 and PE2.
  • PE1 and PE2 can elect the primary designated forwarder and the specified forwarder corresponding to ESI1 according to the identifier included in the terminal list.
  • the PE obtains an IP address of the operator edge device corresponding to the Ethernet segment identifier of the accessed user network edge device according to the received Ethernet segment route; and elects the primary designated forwarder by comparing the size of the IP address. And specify the forwarder.
  • the IP addresses of PE1 and PE2 are used as the respective identifiers in the terminal list corresponding to ESI1 stored on PE1 and PE2, and then the PE with the smallest IP address can be elected as the primary designated forwarder.
  • the PE election corresponding to the remaining IP addresses is the designated forwarder. For PE1, it is only necessary to determine whether the IP address of the PE1 itself is the smallest IP address in the terminal list, and it can be determined whether the PE1 itself is elected as the designated forwarder. If the PE1 determines that the IP address is not the same, If the IP address of the terminal list is the smallest, the PE1 can determine that the PE1 itself is elected as the designated forwarder. Therefore, the CE1 can send the Ethernet segment route notification CE1 to the primary designated forwarder.
  • step S206 the data packet is obtained, and the data packet is sent to the operator edge device as the primary designated forwarder, and the data packet is forwarded according to the MAC routing table.
  • CE1 and CE2, and PE1, PE2, and PE3 are all assigned the same VLAN identifier, and PE1 is selected as the primary designated forwarder of CE1, and PE2 is selected as the designated forwarder of CE2. .
  • the data packet sent by CE1 to CE2 (Layer 2 Ethernet data packet) will be forwarded to PE1 through the link between CE1 and PE1.
  • PE1 After receiving the data packet, PE1 sends the packet according to the data packet.
  • Remote The user network changes the MAC address of the edge device, that is, the MAC address of the CE2, and the MAC address of the CE1 that sends the data packet, and then encapsulates the data packet into a data packet of the VxLan IP network, and obtains the MAC routing table by querying the MAC routing table. If the IP address of the next hop is the IP address of the PE3, the encapsulated data packet is sent to the PE3 through the IP network.
  • the format of the data packet of the encapsulation may be as shown in FIG. 5, and the VxLAN protocol header (including the “original Layer 2 data packet” part in FIG. 5) needs to be added to the received CE1 data packet (including the “original Layer 2 data packet” part in FIG. 5). VLAN identification and other information), and then add the IP protocol header (including the IP address of PE1 and the IP address of PE3), plus the prohibition fragmentation.
  • the fragment identification identifies the MAC address of the CE3 that contains the target received data message (ie, the DMAC data segment in the fragmentation identifier in FIG. 5) and the MAC address of the CE1 that sends the data packet (ie, in FIG. 5).
  • the SMAC data segment in the fragmentation identifier is prohibited, and the additional information (ie, the TYPE data segment in the fragmentation identifier is prohibited in FIG. 5).
  • the PE3 After receiving the encapsulated data packet, the PE3 can obtain the MAC address of the device that is sent by the destination of the data packet to the CE3 by querying the data packet. If the address of the one-hop forwarding is an Ethernet network (that is, the port connected to CE3), the data segment of the original Layer 2 data packet in the encapsulated data packet is extracted and sent to CE3.
  • the address of the one-hop forwarding is an Ethernet network (that is, the port connected to CE3)
  • the trusted port corresponding to PE3 on CE3 is configured to determine that the device that originated the data packet is CE1. If the MAC address of CE1 is in the list of trusted MAC addresses, the data packet is successfully received.
  • Step S208 detecting the probe packet sent by the operator edge device that is the primary designated forwarder, and if it times out, sending the data packet to the operator edge device that is the designated forwarder, and Forward.
  • the probe packet needs to be sent to the CE1 periodically.
  • the time can be set to a short period of time, such as 10ms. It is used to check whether the link between CE1 and PE1 is clear. That is, CE1 and PE1 can determine whether the other party is reachable.
  • the CE After detecting the timeout of the probe packet sent by the edge device of the carrier that is the primary designated forwarder, the CE can send the data packet to the edge device of the carrier that is the designated forwarder and forward it.
  • PE1 which is the primary designated forwarder, can send probe packets to CE1 every 10 ms.
  • CE1 detects whether If it is received, if the preset duration threshold is exceeded, for example, if it is not detected within 30 ms, it may be determined that PE1 is in a data packet unreachable state.
  • CE1 can send data packets to PE2 as the designated forwarder and forward it by PE2.
  • CE1 can find the trusted port connected to PE1, obtain the trusted MAC address corresponding to the VLAN ID of the trusted port, and then delete it. Then CE1 does not perform data transmission with PE1.
  • the probe packet sent by the PE as the primary designated forwarder can also quickly detect that the link between CE1 and PE1 is in the unreachable state of the data packet, and switch to the designated forwarder in time.
  • the PE2 forwards the data, which greatly shortens the time for the CE1 to recover the data transmission service and improves the reliability of the EVN network.
  • the apparatus in order to shorten the time for the CE to recover the data transmission service when the link is faulty, a service recovery device of the user network edge device corresponding to the foregoing service recovery of the user network edge device is also provided.
  • the apparatus includes a MAC address issuing module 202, a designated forwarder determining module 204, a data packet sending module 206, and a designated forwarder switching module 208, wherein:
  • the MAC address issuing module 202 is configured to obtain a MAC address, and send an address resolution protocol packet including the MAC address to two or more carrier edge devices, where the carrier edge device adds the MAC address to the MAC address.
  • the carrier edge device adds the MAC address to the MAC address.
  • the designated forwarder determining module 204 is configured to receive an Ethernet segment route sent by the two or more carrier edge devices, and determine, as the primary designated forwarder and the designated forwarder, according to the Ethernet segment route.
  • Edge device
  • the data packet sending module 206 is configured to: obtain the data packet, and send the data packet to the operator edge device that is the primary designated forwarder, and forward the data packet according to the MAC routing table;
  • the forwarder switching module 208 is configured to detect the probe packet sent by the operator edge device that is the primary designated forwarder, and if the timeout occurs, send the data packet to the operator that is the designated forwarder.
  • the edge device is forwarded by it.
  • Ethernet virtual network access method and device and the user network edge device service recovery method and device
  • the user network edge device accesses the Ethernet virtual network, it is not only accessing a single carrier edge device but Enter two or more carrier edge devices, all carriers that access the user's network edge device
  • the edge device performs election to determine the identity of the primary designated forwarder and the designated forwarder, and then forwards the data packet of the user network edge device by the carrier edge device that is the primary designated forwarder, and operates as the primary designated forwarder.
  • the edge device of the user and the edge device of the user network detect each other's data packet reachability status through the probe packet. When the state becomes unreachable due to a link problem or other reasons, the user network edge device can quickly switch.
  • the forwarding forwarding data packet is forwarded to the forwarding link without waiting for a long time, so that the recovery time of the data transmission service of the user network edge device is greatly shortened, thereby improving the reliability of the EVN network.
  • the storage medium may be a magnetic disk, an optical disk, a read-only memory (ROM), or a random access memory (RAM).

Abstract

An access method for an Ethernet virtual network, comprising: receiving an address resolution protocol message sent by an accessed customer edge, acquiring a MAC address of the accessed customer edge according to the address resolution protocol message, and adding the MAC address into a pre-set MAC routing table; acquiring an Ethernet segment identifier of the accessed customer edge; exchanging an Ethernet segment route comprising the Ethernet segment identifier with one or more provider edges in the neighbourhood of the customer edge, and selecting a main designated forwarder and a backup designated forwarder according to the received Ethernet segment route; and regularly sending a sounding message to the accessed customer edge. In addition, also provided is an access apparatus for an Ethernet virtual network. The method and apparatus can shorten the time for the CE to recover the data transmission service when a link failure occurs in the Ethernet virtual network, thereby improving the reliability of the Ethernet virtual network.

Description

以太虚拟网络的接入方法及装置Ethernet virtual network access method and device
本申请要求于2014年12月22日提交中国专利局、申请号为201410803549.4、发明名称为“以太虚拟网络的接入方法及装置”的中国专利申请的优先权,其全部内容通过引用结合在本申请中。The present application claims priority to Chinese Patent Application No. 201410803549.4, entitled "Access Method and Apparatus for Ethernet Virtual Network", filed on December 22, 2014, the entire contents of which are incorporated herein by reference. In the application.
技术领域Technical field
本发明涉及通信技术领域,特别是涉及一种以太虚拟网络的接入方法及装置、用户网络边缘设备的业务恢复方法及装置。The present invention relates to the field of communications technologies, and in particular, to an access method and device for an Ethernet virtual network, and a service recovery method and device for a user network edge device.
背景技术Background technique
以太虚拟网络(英文:Ethernet Virtual Network,简称:EVN)是一种基于虚拟可扩展局域网(英文:Virtual eXtensible Local Area Network,简称:VXLAN)隧道的二层网络互联虚拟专用网络(英文:Virtual Private Network,简称:VPN)技术。EVN中包含运营商边缘设备(英文:Provider Edge,简称:PE)和用户网络边缘设备(英文:Customer Edge,简称:CE,为方便表述,下文中均使用PE指代运营商边缘设备,使用CE指代用户网络边缘设备)。如图1所示,PE1、PE2和PE3为用户网络边缘设备;CE1、CE2和CE3分别为接入PE1、PE2和PE3的用户网络边缘设备。PE1、PE2和PE3之间建立邻居关系以及虚拟可扩展局域网VXLAN隧道(IP网络)。但是在EVN网络中,PE由CE获取的是CE的硬件地址(英文:Media Access Control,简称:MAC),而不是路由信息。如图1中,PE1获取的是接入的CE1的MAC地址而并不是CE1的路由信息。PE1获取到CE1的MAC地址后可将其发送给PE2,接入PE2的CE2发送的数据报文即可由PE2转发至PE1,再由PE1根据CE1的MAC地址转发至CE1,从而实现了二层网络互联虚拟专用网络。Ethernet Virtual Network (EVN) is a Layer 2 Internetworking virtual private network based on Virtual eXtensible Local Area Network (VXLAN) tunnel (English: Virtual Private Network) , referred to as: VPN) technology. The EVN includes the carrier edge device (English: Provider Edge, PE for short) and the user network edge device (English: Customer Edge, referred to as CE, for convenience of description. The following uses PE to refer to the carrier edge device and uses CE. Refers to the user network edge device). As shown in Figure 1, PE1, PE2, and PE3 are user network edge devices. CE1, CE2, and CE3 are user network edge devices that access PE1, PE2, and PE3. A neighbor relationship and a virtual scalable LAN VXLAN tunnel (IP network) are established between PE1, PE2, and PE3. However, in the EVN network, the CE obtains the hardware address of the CE (English: Media Access Control, MAC for short) instead of routing information. As shown in Figure 1, PE1 obtains the MAC address of the accessed CE1 and is not the routing information of CE1. After PE1 obtains the MAC address of CE1, it can send it to PE2. The data packet sent by CE2 that is connected to PE2 can be forwarded to PE1 by PE2. Then, PE1 forwards it to CE1 according to the MAC address of CE1, thus implementing Layer 2 network. Interconnected virtual private network.
然而,发明人经研究发现传统技术中的以太虚拟网络中CE接入PE的方式至少存在如下问题:However, the inventors have found through research that the CE accessing the PE in the Ethernet virtual network in the conventional technology has at least the following problems:
传统技术中,CE接入PE之后,则该PE即作为该CE的指定转发者,CE发送的数据报文均由该作为指定转发者的PE进行转发,但当该CE和PE之间的链路出现故障导 致CE或PE发送的数据报文不可达时,CE需要等待较长时间才能选择新的PE接入,将其作为指定转发者转发数据。因此,传统技术中,在发生链路故障时,CE恢复数据传输业务的时间较长,从而导致EVN网络的可靠性不足。In the conventional technology, after the CE accesses the PE, the PE is the designated forwarder of the CE. The data packets sent by the CE are forwarded by the PE as the designated forwarder, but the chain between the CE and the PE is used. Road fault When the data packet sent by the CE or the PE is unreachable, the CE needs to wait for a long time to select a new PE access and forward the data as the designated forwarder. Therefore, in the conventional technology, when a link failure occurs, the CE recovers the data transmission service for a long time, which results in insufficient reliability of the EVN network.
发明内容Summary of the invention
基于此,有必要提供一种缩短发生链路故障时CE恢复数据传输业务的时间的以太虚拟网络接入方法。Based on this, it is necessary to provide an Ethernet virtual network access method that shortens the time when the CE recovers the data transmission service when a link failure occurs.
本发明第一方面提供了一种以太虚拟网络的接入方法,包括:A first aspect of the present invention provides an access method of an Ethernet virtual network, including:
接收接入的用户网络边缘设备发送的地址解析协议报文,根据所述地址解析协议报文获取所述接入的用户网络边缘设备的MAC地址,将所述MAC地址添加到预设的MAC路由表中;Receiving an address resolution protocol packet sent by the access user network edge device, obtaining a MAC address of the accessed user network edge device according to the address resolution protocol packet, and adding the MAC address to a preset MAC route In the table;
获取所述接入的用户网络边缘设备的以太网段标识;Obtaining an Ethernet segment identifier of the accessed user network edge device;
与处于其邻居关系的一个或一个以上的运营商边缘设备互发包含所述以太网段标识的以太网段路由,根据接收到的以太网段路由选举主指定转发者和备指定转发者;And transmitting, by the one or more carrier edge devices in the neighbor relationship, the Ethernet segment route including the identifier of the Ethernet segment, and electing the primary designated forwarder and the designated forwarder according to the received Ethernet segment route;
在被选举为主指定转发者后,根据所述MAC路由表通过IP网络转发所述接入的用户网络边缘设备发送的数据报文,并定时向所述接入的用户网络边缘设备发送探测报文。After being elected as the primary designated forwarder, the data packet sent by the accessed user network edge device is forwarded through the IP network according to the MAC routing table, and the probe is periodically sent to the accessed user network edge device. Text.
在第一方面的第一种可能的实现方式中,所述方法还包括:In a first possible implementation manner of the first aspect, the method further includes:
接收远端的运营商边缘设备发送的MAC地址通告路由,根据所述MAC地址通告路由获取所述远端的运营商边缘设备的IP地址及远端的用户网络边缘设备的MAC地址,并将该获取到的IP地址和MAC地址添加到所述MAC路由表中。Receiving a MAC address advertisement route sent by the remote carrier edge device, obtaining an IP address of the remote carrier edge device and a MAC address of the remote user network edge device according to the MAC address advertisement route, and The obtained IP address and MAC address are added to the MAC routing table.
结合第一方面以及第一方面的第一种可能实现的方式,在第二种可能实现方式中,根据所述MAC路由表通过IP网络转发所述用户网络边缘设备发送的数据报文的步骤还包括:With reference to the first aspect and the first possible implementation manner of the first aspect, in a second possible implementation, the step of forwarding the data packet sent by the user network edge device by using the IP routing table according to the MAC routing table is further include:
获取所述数据报文中包含的远端的用户网络边缘设备的MAC地址;Obtaining a MAC address of a remote user network edge device included in the data packet;
在所述MAC路由表查找与所述远端的用户网络边缘设备的MAC地址对应的其接入的远端的运营商边缘设备的IP地址; Locating, in the MAC routing table, an IP address of a remote edge operator's edge device that corresponds to a MAC address of the remote user network edge device;
将所述数据报文封装成IP网络数据报文,并将封装的IP网络数据报文通过IP网络发送至与所述查找到的IP地址对应的远端的运营商边缘设备,并由该远端的运营商边缘设备将其解包后,转发至所述MAC地址对应的远端的用户网络边缘设备。Encapsulating the data packet into an IP network data packet, and sending the encapsulated IP network data packet to the remote operator edge device corresponding to the found IP address through the IP network, and After the carrier edge device of the terminal unpacks it, it forwards it to the remote user network edge device corresponding to the MAC address.
结合第一方面以及第一方面的第一种可能实现的方式,在第三种可能实现方式中,所述根据接收到的以太网段路由选举主指定转发者和备指定转发者,并被选举为主指定转发者的步骤之后还包括:With reference to the first aspect and the first possible implementation manner of the first aspect, in a third possible implementation manner, the routing the primary designated forwarder and the specified forwarder according to the received Ethernet segment route, and is elected After the step of specifying the forwarder for the master, it also includes:
接收所述远端的运营商边缘设备发送的数据报文,判断其是否为组播报文,若是,则在转发所述数据报文时,排除所述被选为备指定转发者的运营商边缘设备。Receiving a data packet sent by the remote carrier edge device to determine whether it is a multicast packet, and if yes, excluding the operator selected as the designated forwarder when forwarding the data packet Edge device.
结合第一方面以及第一方面的第一种可能实现的方式,在第四种可能实现方式中,所述定时向所述接入的用户网络边缘设备发送探测报文的步骤之后还包括:With reference to the first aspect, and the first possible implementation manner of the first aspect, in a fourth possible implementation, after the step of sending the probe packet to the access user network edge device, the step further includes:
接收所述接入的用户网络边缘设备返回的响应报文,检测所述响应报文是否超时,若是,则通知所述远端的用户网络边缘设备向被选为备指定转发者的运营商边缘设备转发数据报文。Receiving a response packet returned by the accessed user network edge device, detecting whether the response packet times out, and if yes, notifying the remote user network edge device to the operator edge selected as the designated forwarder The device forwards data packets.
结合第一方面可能实现的方式,在第五种可能实现方式中,所述根据接收到的以太网段路由选举主指定转发者和备指定转发者的步骤还包括:In the fifth possible implementation manner, in the fifth possible implementation manner, the step of electing the primary designated forwarder and the standby designated forwarder according to the received Ethernet segment route further includes:
根据接收到的以太网段路由获取与该接入的用户网络边缘设备的以太网段标识对应的运营商边缘设备的IP地址;Obtaining, according to the received Ethernet segment route, an IP address of the operator edge device corresponding to the Ethernet segment identifier of the accessed user network edge device;
通过比较所述IP地址的大小选举主指定转发者和备指定转发者。The primary designated forwarder and the secondary designated forwarder are elected by comparing the sizes of the IP addresses.
此外,还有必要提供一种缩短发生链路故障时CE恢复数据传输业务的时间的以太虚拟网络接入装置。In addition, it is also necessary to provide an Ethernet virtual network access device that shortens the time during which a CE recovers a data transmission service when a link failure occurs.
一种以太虚拟网络的接入装置,包括:An access device for an Ethernet virtual network, comprising:
路由表添加模块,用于接收接入的用户网络边缘设备发送的地址解析协议报文,根据所述地址解析协议报文获取所述接入的用户网络边缘设备的MAC地址,将所述MAC地址添加到预设的MAC路由表中;a routing table adding module, configured to receive an address resolution protocol packet sent by an access user network edge device, obtain a MAC address of the accessed user network edge device according to the address resolution protocol packet, and use the MAC address Add to the default MAC routing table;
以太网段标识获取模块,用于获取所述接入的用户网络边缘设备的以太网段标识;An Ethernet segment identifier obtaining module, configured to acquire an Ethernet segment identifier of the accessed user network edge device;
指定转发者选举模块,用于与处于其邻居关系的一个或一个以上的运营商边缘设备 互发包含所述以太网段标识的以太网段路由,根据接收到的以太网段路由选举主指定转发者和备指定转发者;Designate a forwarder election module for use with one or more carrier edge devices in their neighbor relationship Transmitting an Ethernet segment route that includes the identifier of the Ethernet segment, and electing a primary designated forwarder and a designated forwarder according to the received Ethernet segment route;
数据报文转发模块,用于在被选举为主指定转发者后,根据所述MAC路由表通过IP网络转发所述接入的用户网络边缘设备发送的数据报文,并定时向所述接入的用户网络边缘设备发送探测报文。a data packet forwarding module, configured to forward, according to the MAC routing table, a data packet sent by the user network edge device that is accessed by the user according to the MAC routing table, and periodically send the data packet to the access device. The user network edge device sends a probe packet.
结合第一方面以及第一方面的第一种可能实现的方式,在第二种可能实现方式中,所述路由表添加模块还用于接收远端的运营商边缘设备发送的MAC地址通告路由,根据所述MAC地址通告路由获取所述远端的运营商边缘设备的IP地址及远端的用户网络边缘设备的MAC地址,并将该获取到的IP地址和MAC地址添加到所述MAC路由表中。In combination with the first aspect and the first possible implementation manner of the first aspect, in a second possible implementation manner, the routing table adding module is further configured to receive a MAC address advertisement route sent by a remote carrier edge device, Obtaining, according to the MAC address advertisement route, an IP address of the remote operator edge device and a MAC address of the remote user network edge device, and adding the acquired IP address and MAC address to the MAC routing table. in.
结合第一方面以及第一方面的第一种可能实现的方式,在第三种可能实现方式中,数据报文转发模块还用于获取所述数据报文中包含的远端的用户网络边缘设备的MAC地址;在所述MAC路由表查找与所述远端的用户网络边缘设备的MAC地址对应的其接入的远端的运营商边缘设备的IP地址;将所述数据报文封装成IP网络数据报文,并将封装的IP网络数据报文通过IP网络发送至与所述查找到的IP地址对应的远端的运营商边缘设备,并由该远端的运营商边缘设备将其解包后,转发至所述MAC地址对应的远端的用户网络边缘设备。In combination with the first aspect and the first possible implementation manner of the first aspect, in a third possible implementation, the data packet forwarding module is further configured to obtain a remote user network edge device included in the data packet. a MAC address; searching, in the MAC routing table, an IP address of a remote edge operator's edge device corresponding to a MAC address of the remote user network edge device; encapsulating the data packet into an IP address Network data packet, and the encapsulated IP network data packet is sent to the remote operator edge device corresponding to the found IP address through the IP network, and is solved by the remote carrier edge device. After the packet, the packet is forwarded to the remote user network edge device corresponding to the MAC address.
结合第一方面以及第一方面的第一种可能实现的方式,在第四种可能实现方式中,所述数据报文转发模块还用于接收所述远端的运营商边缘设备发送的数据报文,判断其是否为组播报文,若是,则在转发所述数据报文时,排除所述被选为备指定转发者的运营商边缘设备。With reference to the first aspect and the first possible implementation manner of the first aspect, in a fourth possible implementation, the data packet forwarding module is further configured to receive a data packet sent by the remote operator edge device. And determining whether the packet is a multicast packet, and if yes, excluding the carrier edge device selected as the designated forwarder when forwarding the data packet.
结合第一方面以及第一方面的第一种可能实现的方式,在第五种可能实现方式中,所述装置还包括转发链路切换模块,用于接收所述接入的用户网络边缘设备返回的响应报文,检测所述响应报文是否超时,若是,则通知所述远端的用户网络边缘设备向被选为备指定转发者的运营商边缘设备转发数据报文。With reference to the first aspect and the first possible implementation manner of the first aspect, in a fifth possible implementation, the apparatus further includes a forwarding link switching module, configured to receive the accessed user network edge device and return The response packet is sent to detect whether the response packet has timed out. If yes, the remote network edge device is notified to forward the data packet to the operator edge device selected as the designated forwarder.
结合第一方面可能实现的方式,在第六种可能实现方式中,所述指定转发者选举模块还用于根据接收到的以太网段路由获取与该接入的用户网络边缘设备的以太网段标 识对应的运营商边缘设备的IP地址;通过比较所述IP地址的大小选举主指定转发者和备指定转发者。In a sixth possible implementation manner, the specified forwarder election module is further configured to obtain an Ethernet segment of the user network edge device with the access according to the received Ethernet segment route. Standard The IP address of the corresponding carrier edge device is identified; the primary designated forwarder and the designated forwarder are elected by comparing the sizes of the IP addresses.
此外,还有必要提供一种缩短发生链路故障时CE恢复数据传输业务的时间的用户网络边缘设备的业务恢复方法。In addition, it is also necessary to provide a service recovery method for a user network edge device that shortens the time when the CE recovers the data transmission service when a link failure occurs.
一种用户网络边缘设备的业务恢复方法,包括:A service recovery method for a user network edge device includes:
获取MAC地址,向两个或两个以上的运营商边缘设备发送包含所述MAC地址的地址解析协议报文,由所述运营商边缘设备添加到各自的MAC路由表中;Obtaining a MAC address, and sending an address resolution protocol packet including the MAC address to two or more carrier edge devices, where the operator edge device is added to a corresponding MAC routing table;
接收所述两个或两个以上的运营商边缘设备发送的以太网段路由,根据所述以太网段路由确定作为主指定转发者和备指定转发者的运营商边缘设备;Receiving, by the two or more carrier edge devices, an Ethernet segment route, and determining, according to the Ethernet segment route, an operator edge device that is a primary designated forwarder and a designated forwarder;
获取数据报文,将所述数据报文发送至所述作为主指定转发者的运营商边缘设备,由其根据所述MAC路由表转发所述数据报文;Obtaining a data packet, and sending the data packet to the operator edge device as the primary designated forwarder, and forwarding the data packet according to the MAC routing table;
检测所述作为主指定转发者的运营商边缘设备发送的探测报文,若超时,则将所述数据报文发送至所述作为备指定转发者的运营商边缘设备,并由其进行转发。The probe packet sent by the operator edge device that is the primary designated forwarder is detected, and if it times out, the data packet is sent to the operator edge device that is the designated forwarder and forwarded by the operator.
此外,还有必要提供一种缩短发生链路故障时CE恢复数据传输业务的时间的用户网络边缘设备的业务恢复装置。In addition, it is also necessary to provide a service recovery device for a user network edge device that shortens the time when the CE recovers the data transmission service when a link failure occurs.
一种用户网络边缘设备的业务恢复装置,包括:A service recovery device for a user network edge device, comprising:
MAC地址发布模块,用于获取MAC地址,向两个或两个以上的运营商边缘设备发送包含所述MAC地址的地址解析协议报文,由所述运营商边缘设备添加到各自的MAC路由表中;a MAC address issuing module, configured to obtain a MAC address, and send an address resolution protocol packet including the MAC address to two or more carrier edge devices, where the operator edge device adds to a corresponding MAC routing table. in;
指定转发者确定模块,用于接收所述两个或两个以上的运营商边缘设备发送的以太网段路由,根据所述以太网段路由确定作为主指定转发者和备指定转发者的运营商边缘设备;And a specified forwarder determining module, configured to receive an Ethernet segment route sent by the two or more carrier edge devices, and determine, as the primary designated forwarder and the designated forwarder, the operator according to the Ethernet segment route Edge device
数据报文发送模块,用于获取数据报文,将所述数据报文发送至所述作为主指定转发者的运营商边缘设备,由其根据所述MAC路由表转发所述数据报文;a data packet sending module, configured to: send the data packet to the operator edge device as the primary designated forwarder, and forward the data packet according to the MAC routing table;
指定转发者切换模块,用于检测所述作为主指定转发者的运营商边缘设备发送的探测报文,若超时,则将所述数据报文发送至所述作为备指定转发者的运营商边缘设备, 并由其进行转发。And a forwarder switching module, configured to detect the probe packet sent by the operator edge device that is the primary designated forwarder, and if the timeout occurs, send the data packet to the edge of the operator that is the designated forwarder. Equipment, And forwarded by it.
上述以太虚拟网络的接入方法及装置、以及用户网络边缘设备的业务恢复方法及装置中,用户网络边缘设备接入以太虚拟网络时,并不只是接入单一的运营商边缘设备,而是接入两个或两个以上的运营商边缘设备,所有接入该用户网络边缘设备的运营商边缘设备进行选举,确定各自主指定转发者和备指定转发者的身份,然后由作为主指定转发者的运营商边缘设备转发该用户网络边缘设备的数据报文,且作为主指定转发者的运营商边缘设备与该用户网络边缘设备之间通过探测报文相互检测对方的数据报文可达状态,在该状态由于链路问题或其他原因变为不可达时,用户网络边缘设备可快速地切换至备转发链路转发数据报文,而无需等待较长时间,使得用户网络边缘设备的数据传输业务的恢复时间大大缩短,从而提高了EVN网络的可靠性。In the above-mentioned Ethernet virtual network access method and device, and the user network edge device service recovery method and device, when the user network edge device accesses the Ethernet virtual network, it is not only accessing a single carrier edge device but Enter two or more carrier edge devices, and all the operator edge devices accessing the user network edge device perform election, determine the identity of each primary designated forwarder and the specified forwarder, and then be the designated forwarder. The operator edge device forwards the data packet of the user network edge device, and the carrier edge device that is the primary designated forwarder and the user network edge device detect the reachability state of the data packet of the other party through the probe packet. When the state becomes unreachable due to a link problem or other reasons, the user network edge device can quickly switch to the standby forwarding link to forward data packets without waiting for a long time, so that the data transmission service of the user network edge device The recovery time is greatly shortened, thereby improving the reliability of the EVN network.
附图说明DRAWINGS
图1为一种以太虚拟网络的组网示意图;FIG. 1 is a schematic diagram of networking of an Ethernet virtual network;
图2为本发明一个实施例中一种以太虚拟网络接入方法的流程图;2 is a flowchart of an Ethernet virtual network access method according to an embodiment of the present invention;
图3为本发明一个实施例中CE接入多个PE的以太虚拟网络的组网示意图;3 is a schematic diagram of networking of an Ethernet virtual network in which a CE accesses multiple PEs according to an embodiment of the present invention;
图4为本发明一个实施例中PE之间通过路由反射器建立邻居关系的组网示意图;4 is a schematic diagram of networking for establishing a neighbor relationship between PEs through a route reflector according to an embodiment of the present invention;
图5为本发明一个实施例中PE对CE发送的数据报文进行封包的报文结构示意图;FIG. 5 is a schematic structural diagram of a packet for a PE to encapsulate a data packet sent by a CE according to an embodiment of the present invention;
图6为本发明一个实施例中作为主指定转发者的PE转发组播报文的示意图;FIG. 6 is a schematic diagram of a PE forwarding a multicast packet as a primary designated forwarder according to an embodiment of the present invention;
图7为本发明一个实施例中PE之间进行数据转发链路切换的过程示意图;FIG. 7 is a schematic diagram of a process of performing data forwarding link switching between PEs according to an embodiment of the present invention; FIG.
图8为本发明一个实施例中作为CE重新选择指定转发者转发数据的过程示意图;FIG. 8 is a schematic diagram of a process of re-selecting a designated forwarder to forward data as a CE according to an embodiment of the present invention; FIG.
图9为本发明另一个实施例中以太虚拟网络接入装置的示意图;FIG. 9 is a schematic diagram of an Ethernet virtual network access device according to another embodiment of the present invention; FIG.
图10为本发明另一个实施例中用户网络边缘设备的业务恢复方法的流程图;FIG. 10 is a flowchart of a service recovery method of a user network edge device according to another embodiment of the present invention;
图11为本发明另一个实施例中用户网络边缘设备的业务恢复装置的示意图。FIG. 11 is a schematic diagram of a service recovery apparatus of a user network edge device according to another embodiment of the present invention.
具体实施方式detailed description
下面将结合本发明实施例中的附图,对本发明实施例中的技术方案进行清楚、完整 地描述,显然,所描述的实施例仅仅是本发明一部分实施例,而不是全部的实施例。基于本发明中的实施例,本领域普通技术人员在没有作出创造性劳动前提下所获得的所有其他实施例,都属于本发明保护的范围。The technical solutions in the embodiments of the present invention will be clear and complete in the following with reference to the accompanying drawings in the embodiments of the present invention. It is apparent that the described embodiments are only a part of the embodiments of the invention, and not all of the embodiments. All other embodiments obtained by those skilled in the art based on the embodiments of the present invention without creative efforts are within the scope of the present invention.
为了缩短发生链路故障时CE恢复数据传输业务的时间,特提出了一种CE接入PE的机制,该机制由两部分方法步骤组成,包括运行于前述PE上的以太虚拟网络的接入方法和运行于前述CE上的用户网络边缘设备的业务恢复方法。上述以太虚拟网络的接入方法和用户网络边缘设备的业务恢复方法均可依赖于计算机程序,该计算机程序可运行于符合冯诺依曼体系的计算机系统之上。In order to reduce the time for the CE to recover the data transmission service when the link is faulty, a mechanism for the CE to access the PE is proposed. The mechanism consists of two parts, including the access method of the Ethernet virtual network running on the PE. And a service recovery method of the user network edge device running on the foregoing CE. The access method of the above Ethernet virtual network and the service recovery method of the user network edge device may all depend on a computer program, and the computer program may run on a computer system conforming to the Von Neumann system.
在一个实施例中,具体的,该方法如图2所示,包括:In one embodiment, specifically, the method is as shown in FIG. 2, including:
步骤S102,接收接入的用户网络边缘设备(CE)发送的地址解析协议报文,根据该地址解析协议报文获取接入的用户网络边缘设备(CE)的MAC地址,将该MAC地址添加到预设的MAC路由表中。Step S102: Receive an address resolution protocol packet sent by an access user network edge device (CE), obtain a MAC address of the accessed user network edge device (CE) according to the address resolution protocol packet, and add the MAC address to the MAC address. The default MAC routing table.
请参考图3所示,CE1接入PE1和PE2两个运营商边缘设备,CE2接入PE3。CE1在与PE1和PE2建立物理链路之后,广播地址解析协议(英文:Address Resolution Protocol,简称:ARP)报文,将CE1的MAC地址广播给PE1和PE2。PE1和PE2即可得到CE1的MAC地址。或者,CE1在与PE1和PE2建立物理链路之后,也会接收到PE1或PE2广播的ARP报文,则可通过被动响应该ARP报文返回CE1的MAC地址,从而使得PE1和PE2获取到CE1的MAC地址。同理,PE3也可获取到CE2的MAC地址。As shown in Figure 3, CE1 is connected to two edge devices of PE1 and PE2, and CE2 is connected to PE3. After establishing a physical link with PE1 and PE2, CE1 broadcasts the address resolution protocol (ARP) packet to broadcast the MAC address of CE1 to PE1 and PE2. PE1 and PE2 can obtain the MAC address of CE1. Alternatively, after establishing a physical link with PE1 and PE2, CE1 also receives the ARP packet broadcasted by PE1 or PE2, and then responds to the MAC address of CE1 by passively responding to the ARP packet, so that PE1 and PE2 obtain CE1. MAC address. Similarly, PE3 can also obtain the MAC address of CE2.
另外,在本实施例中,该方法还包括接收远端的运营商边缘设备发送的MAC地址通告路由,根据MAC地址通告路由获取远端的运营商边缘设备的IP地址及远端的用户网络边缘设备的MAC地址,并将该获取到的IP地址和MAC地址添加到MAC路由表中。In addition, in this embodiment, the method further includes receiving a MAC address advertisement route sent by the remote operator edge device, and obtaining the IP address of the remote operator edge device and the remote user network edge according to the MAC address advertisement route. The MAC address of the device, and add the obtained IP address and MAC address to the MAC routing table.
仍然请参考图3所示,若PE1获取到的CE1的MAC地址为MAC_1,则可通过向其处于邻居关系的PE2和PE3发送以太网段路由(英文:Ethernet Segment Route,简称ESR),将该获取到的MAC_1以及PE1的IP地址(在图3对应的应用场景中,PE1的 IP地址为IP1)扩散给PE2和PE3。PE2和PE3在接收到该以太网段路由之后,即可将MAC_1和IP1添加到路由表中。For example, as shown in Figure 3, if the MAC address of CE1 obtained by PE1 is MAC_1, the Ethernet segment route (ESR) can be sent to PE2 and PE3 in the neighbor relationship. Obtain the MAC_1 and the IP address of PE1 (in the application scenario corresponding to Figure 3, PE1 The IP address is IP1) and is flooded to PE2 and PE3. After receiving the Ethernet segment route, PE2 and PE3 can add MAC_1 and IP1 to the routing table.
待PE1和PE3均接收到对方发送的以太网段路由之后,其上存储的MAC路由表中即存在如图3所示的MAC路由表项。其中,PE1上存储的MAC路由表中,记录了MAC_1和MAC_2对应的下一跳转发的IP地址,例如,若接收到的数据报文的目标MAC地址为MAC_2,由于该MAC路由表项中MAC_2对应的下一跳转发的IP地址为“IP3”,则将数据报文转发至IP地址为IP3的PE3进行转发;若接收到的数据报文的目标MAC地址为MAC_1,由于该MAC路由表项中MAC_2对应的下一跳转发的IP地址为“ETH”,即表示下一跳将直接通过二层以太网链路转发,即通过二层以太网链路转发给MAC地址为MAC_1的CE1。After both PE1 and PE3 receive the Ethernet segment route sent by the peer, the MAC routing table entry shown in Figure 3 exists in the MAC routing table stored on the PE1. The MAC address table stored in the PE1 records the IP address of the next hop forwarded by the MAC_1 and the MAC_2. For example, if the destination MAC address of the received data packet is MAC_2, the MAC routing entry is If the IP address of the next hop forwarded by MAC_2 is "IP3", the data packet is forwarded to the PE3 whose IP address is IP3. If the destination MAC address of the received data packet is MAC_1, the MAC address is The IP address of the next hop forwarded by MAC_2 in the entry is "ETH", which means that the next hop will be forwarded directly through the Layer 2 Ethernet link, that is, it is forwarded to the MAC address as MAC_1 through the Layer 2 Ethernet link. CE1.
需要说明的是,PE上的MAC路由表中还可包含虚拟局域网(英文:Virtual Local Area Network,VLAN)标识。可预先为PE和CE配置VLAN标识,在EVN网络中,对应同一VLAN标识(某些PE或CE可进行VLAN映射扩展VLAN标识,因此可能存在两个设备的VLAN标识不相同而是相互对应的情况,在这种应用场景中,该两个设备仍然对应同一VLAN标识)的PE和CE之间以及对应同一VLAN标识的PE和PE之间才能进行数据转发。It should be noted that the MAC routing table on the PE may also include a virtual local area network (VLAN) identifier. You can configure the VLAN IDs for the PEs and CEs in advance. In the EVN network, the same VLAN ID is used. Some PEs or CEs can perform VLAN mapping and extended VLAN identification. Therefore, the VLAN IDs of the two devices are different but correspond to each other. In this application scenario, data forwarding can be performed between the PE and the CE of the same VLAN ID and between the PE and the PE corresponding to the same VLAN ID.
如图3中,可将CE1和PE1的VLAN标识均配置为100,CE1接入PE1后,CE1将与PE1连接的端口配置为信任端口,该信任端口上存储有与VLAN标识100对应的信任MAC地址列表。该信任MAC地址列表由接收PE1发送的以太网段路由生成。PE1将其MAC路由表中的MAC项通过以太网段路由发送给CE1,CE1即可将接收到的对应同一VLAN标识的MAC项添加到信任MAC地址列表中。As shown in Figure 3, the VLAN IDs of CE1 and PE1 can be set to 100. After CE1 is connected to PE1, CE1 configures the port connected to PE1 as a trusted port. The trusted port stores the trusted MAC address corresponding to VLAN ID 100. A list of addresses. The list of trusted MAC addresses is generated by receiving an Ethernet segment route sent by PE1. PE1 sends the MAC entry in its MAC routing table to CE1 through the Ethernet segment route. CE1 adds the received MAC address corresponding to the same VLAN ID to the trusted MAC address list.
例如,在图3中,若CE1和CE2的VLAN标识均被配置为100,则CE1与PE1连接的信任端口上对应的信任MAC地址列表中则包含了CE2的MAC地址,CE1即可将CE2作为数据传输的目标;若CE2的VLAN标识没有被配置为100(PE可以配置多个VLAN标识,因此其MAC路由表中也存在CE2的MAC地址),则CE2的MAC地址将不会被CE1添加到其余PE1连接的信任端口对应的信任MAC地址列表中,使得CE1和CE2之间不会发生数据传输。 For example, in Figure 3, if the VLAN IDs of CE1 and CE2 are both configured to be 100, the corresponding trusted MAC address list on the trusted port connected to CE1 and CE1 contains the MAC address of CE2, and CE1 can use CE2 as The destination of the data transmission; if the VLAN ID of the CE2 is not configured as 100 (the PE can be configured with multiple VLAN IDs, and the MAC address of the CE2 is also included in the MAC routing table), the MAC address of the CE2 will not be added to the CE1. The trusted MAC address list corresponding to the trusted port connected to the other PE1 does not cause data transmission between CE1 and CE2.
步骤S104,获取接入的用户网络边缘设备的以太网段标识。Step S104: Obtain an Ethernet segment identifier of the accessed user network edge device.
PE接入CE后可为与该CE的连接定义唯一的以太网段标识(英文:Ethernet Segment Identifier,简称:ESI),且不同的PE接入同一CE时,分别为与该CE的连接定义的以太网段标识均相同。如图3所示,CE1既接入了PE1也接入了PE2,PE1为与CE1的连接分配的以太网段标识为ESI1,PE2为与CE1的连接分配的以太网段标识也为ESI1。而CE2接入了PE3,则PE3为与CE3的连接分配的以太网段标识即为ESI2用于区分。After the PE accesses the CE, a unique Ethernet segment identifier (English: Ethernet Segment Identifier, ESI) can be defined for the connection to the CE. When different PEs access the same CE, they are respectively defined by the connection with the CE. The Ethernet segment identifiers are the same. As shown in Figure 3, CE1 is connected to both PE1 and PE2. The Ethernet segment identifier assigned by PE1 to CE1 is ESI1, and the Ethernet segment identifier assigned by PE2 to CE1 is also ESI1. When CE2 is connected to PE3, the Ethernet segment identifier assigned by PE3 to the CE3 connection is ESI2 for distinguishing.
步骤S106,与处于其邻居关系的一个或一个以上的运营商边缘设备互发包含所述以太网段标识的以太网段路由,根据接收到的以太网段路由选举主指定转发者和备指定转发者。In step S106, the Ethernet segment route including the Ethernet segment identifier is mutually exchanged with one or more carrier edge devices in the neighbor relationship, and the primary designated forwarder and the standby designated forwarding are elected according to the received Ethernet segment route. By.
在EVN网络中,PE之间需要被配置为全连接使得所有PE均为邻居关系。为方便进行全连接配置,优选的,可配置路由反射器(英文:Route Reflector,简称RR)。RR发现并接收EVN中其他PE发起的基于边界网关协议(英文:Border Gateway Protocol,简称:BGP)的连接从而建立客户端列表。若RR接收到某个PE发送的路由则转发给该客户端列表中的其他所有PE。也就是说,PE之间可通过RR构成全连接网络从而建立邻居关系。In an EVN network, PEs need to be configured to be fully connected so that all PEs are in a neighbor relationship. In order to facilitate the full connection configuration, a route reflector (English: Route Reflector, RR for short) can be configured. The RR discovers and receives a connection based on the Border Gateway Protocol (BGP) initiated by other PEs in the EVN to establish a client list. If the RR receives a route sent by a PE, it forwards it to all other PEs in the client list. That is to say, PEs can form a fully connected network through RRs to establish neighbor relationships.
如图4所示,PE1、PE2和PE3之间通过RR建立了邻居关系,在CE1既接入了PE1也接入了PE2,CE2接入PE3的情况下,PE1和PE2则会为与CE1的连接相同的ESI:ESI1;而PE3则为CE2分配的ESI为:ESI2。PE1、PE2和PE3通过RR互发以太网段路由,该路由中包含有ESI信息。PE1、PE2和PE3各自通过解析接收到的以太网段路由,即可判断出对应ESI1的为PE1和PE2,对应ESI2的为PE3。As shown in Figure 4, PE1, PE2, and PE3 are connected to each other through the RR. When CE1 is connected to both PE1 and PE2, and CE2 is connected to PE3, PE1 and PE2 are connected to CE1. The same ESI: ESI1 was connected; and the ESI assigned to CE2 by PE3 was: ESI2. PE1, PE2, and PE3 exchange Ethernet segments with each other through the RR. The route contains ESI information. PE1, PE2, and PE3 can determine that the corresponding ESI1 is PE1 and PE2, and the corresponding ESI2 is PE3.
优选的,参考图4所示,PE1上可建立与ESI1对应的终端列表,该列表中则包含了PE1和PE2的标识(例如IP地址等标识PE的信息),同理PE2上也建立有与ESI对应的终端列表,该列表中也包含了PE1和PE2的标识。PE1和PE2即可根据该终端列表中包含的标识选举与ESI1对应的主指定转发者和备指定转发者。Preferably, as shown in FIG. 4, a list of terminals corresponding to ESI1 can be established on the PE1, and the list includes the identifiers of the PE1 and the PE2 (for example, the information identifying the PE such as the IP address), and the same is established on the PE2. A list of terminals corresponding to the ESI. The list also contains the identifiers of PE1 and PE2. PE1 and PE2 can elect the primary designated forwarder and the specified forwarder corresponding to ESI1 according to the identifier included in the terminal list.
优选的,根据接收到的以太网段路由选举主指定转发者和备指定转发者的步骤还包括:Preferably, the step of electing the primary designated forwarder and the standby designated forwarder according to the received Ethernet segment route further includes:
根据接收到的以太网段路由获取与该接入的用户网络边缘设备的以太网段标识对 应的运营商边缘设备的IP地址;通过比较该IP地址的大小选举主指定转发者和备指定转发者。Obtaining an Ethernet segment identifier pair with the accessed user network edge device according to the received Ethernet segment route The IP address of the carrier's edge device; the primary designated forwarder and the specified forwarder are elected by comparing the size of the IP address.
也就是说,在图4中,PE1和PE2上存储的与ESI1对应的终端列表中采用PE1和PE2的IP地址作为各自的标识,然后可将IP地址最小的PE选举为主指定转发者,将剩余的IP地址对应的PE选举为备指定转发者。对于PE1而言,其只需要判断PE1自身的IP地址是否为该终端列表中最小的IP地址即可判断得到PE1自身是否被选举为主指定转发者,若PE1判断得到其IP地址并不为该终端列表中最小的IP地址,则PE1即可判断出PE1自身被选举为备指定转发者。That is, in FIG. 4, the IP addresses of PE1 and PE2 are used as the respective identifiers in the terminal list corresponding to ESI1 stored on PE1 and PE2, and then the PE with the smallest IP address can be elected as the primary designated forwarder. The PE election corresponding to the remaining IP addresses is the designated forwarder. For PE1, it is only necessary to determine whether the IP address of the PE1 itself is the smallest IP address in the terminal list, and it can be determined whether the PE1 itself is elected as the designated forwarder. If the PE1 determines that the IP address is not the same, If the IP address is the smallest IP address in the terminal list, PE1 can determine that PE1 is elected as the designated forwarder.
步骤S108,在被选举为主指定转发者后,根据MAC路由表通过IP网络转发接入的用户网络边缘设备发送的数据报文,并定时向接入的用户网络边缘设备发送探测报文。Step S108: After being elected as the primary designated forwarder, forward the data packet sent by the user network edge device that is accessed by the IP network according to the MAC routing table, and periodically send the probe packet to the accessed user network edge device.
具体的,根据所述MAC路由表通过IP网络转发所述用户网络边缘设备发送的数据报文的步骤还包括:Specifically, the step of forwarding the data packet sent by the user network edge device by using the IP routing table according to the MAC routing table further includes:
获取数据报文中包含的远端的用户网络边缘设备的MAC地址。Obtain the MAC address of the remote user network edge device included in the data packet.
在MAC路由表查找与远端的用户网络边缘设备的MAC地址对应的其接入的远端的运营商边缘设备的IP地址。The MAC routing table looks up the IP address of the remote carrier's edge device that it accesses corresponding to the MAC address of the remote user network edge device.
将数据报文封装成IP网络数据报文,并将封装的IP网络数据报文通过IP网络发送至与查找到的IP地址对应的远端的运营商边缘设备,并由该远端的运营商边缘设备将其解包后,转发至MAC地址对应的远端的用户网络边缘设备。Encapsulating the data packet into an IP network data packet, and sending the encapsulated IP network data packet to the remote carrier edge device corresponding to the found IP address through the IP network, and the remote carrier After the edge device unpacks it, it forwards it to the remote user network edge device corresponding to the MAC address.
参考图3所示,在图3中,CE1和CE2以及PE1、PE2和PE3均分配了相同的VLAN标识,且PE1被选为CE1的主指定转发者,PE2被选为CE2的备指定转发者。Referring to FIG. 3, in FIG. 3, CE1 and CE2, and PE1, PE2, and PE3 are all assigned the same VLAN identifier, and PE1 is selected as the primary designated forwarder of CE1, and PE2 is selected as the designated forwarder of CE2. .
对于CE1向CE2发送的数据报文(二层以太网数据报文),将先经由CE1与PE1之间的链路抵达PE1,PE1接收到该数据报文后,根据数据报文提取目标发送的远端的用户网络变边缘设备的MAC地址,即CE2的MAC地址,以及发送该数据报文的CE1的MAC地址,然后将该数据报文封装为VxLan的IP网络的数据报文,通过查询MAC路由表得到下一跳转发的IP地址为PE3的IP地址,则将该封装的数据报文通过IP网络发送至PE3。 The data packet sent by CE1 to CE2 (Layer 2 Ethernet data packet) will be forwarded to PE1 through the link between CE1 and PE1. After receiving the data packet, PE1 sends the packet according to the data packet. The remote user network changes the MAC address of the edge device, that is, the MAC address of the CE2, and the MAC address of the CE1 that sends the data packet, and then encapsulates the data packet into a data packet of the VxLan IP network, and queries the MAC address. If the routing table obtains the IP address of the next hop to be the IP address of the PE3, the encapsulated data packet is sent to the PE3 through the IP network.
该封装的数据报文的格式可参考图5所示,需要先为接收到的CE1发送的数据报文(即图5中的“原始二层数据报文”部分)加上VxLAN协议头(包括VLAN标识等信息),然后再加上IP协议头(包括PE1的IP地址和PE3的IP地址等信息),还要加上禁止分片标识。如图5所示,禁止分片标识包含目标接收数据报文的CE3的MAC地址(即图5中禁止分片标识中的DMAC数据段)和发送数据包的CE1的MAC地址(即图5中禁止分片标识中的SMAC数据段),以及附加信息(即图5中禁止分片标识中的TYPE数据段)。The format of the data packet of the encapsulation may be as shown in FIG. 5, and the VxLAN protocol header (including the “original Layer 2 data packet” part in FIG. 5) needs to be added to the received CE1 data packet (including the “original Layer 2 data packet” part in FIG. 5). VLAN identification and other information), and then add the IP protocol header (including the IP address of PE1 and the IP address of PE3), plus the prohibition fragmentation. As shown in FIG. 5, the fragment identification identifies the MAC address of the CE3 that contains the target received data message (ie, the DMAC data segment in the fragmentation identifier in FIG. 5) and the MAC address of the CE1 that sends the data packet (ie, in FIG. 5). The SMAC data segment in the fragmentation identifier is prohibited, and the additional information (ie, the TYPE data segment in the fragmentation identifier is prohibited in FIG. 5).
PE3通过IP网络接收到该封装的数据报文后,通过解析该数据报文即可获取该数据报文目标发送的设备的MAC地址为CE3的MAC地址,通过查询MAC路由表可知其对应的下一跳转发的地址为以太网络(即与CE3连接的端口),则将封装的数据报文中原始二层数据报文数据段提取出来,然后发送给CE3。After receiving the encapsulated data packet, the PE3 can obtain the MAC address of the device that is sent by the destination of the data packet to the CE3 by querying the data packet. If the address of the one-hop forwarding is an Ethernet network (that is, the port connected to CE3), the data segment of the original Layer 2 data packet in the encapsulated data packet is extracted and sent to CE3.
CE3上PE3对应的信任端口接收到该数据报文后,解析得到发起该数据报文的设备为CE1,若CE1的MAC地址在其信任MAC地址列表中,因此,该数据报文被成功接收。After receiving the data packet, the trusted port corresponding to PE3 on CE3 is configured to determine that the device that originated the data packet is CE1. If the MAC address of CE1 is in the list of trusted MAC addresses, the data packet is successfully received.
在本实施例中,若CE1向PE1(被选举为主指定转发者后)发送的是组播报文,则由PE1根据MAC路由表向组播报文对应的MAC路由表项依次转发组播报文的拷贝(仍需封装)。In this embodiment, if the CE1 sends a multicast packet to the PE1 (after being elected as the primary designated forwarder), the PE1 forwards the multicast to the MAC routing entry corresponding to the multicast packet according to the MAC routing table. A copy of the message (still required to be encapsulated).
而对于主指定转发者,接收远端的运营商边缘设备发送的数据报文后,则判断其是否为组播报文,若是,则在转发数据报文时,排除被选为备指定转发者的运营商边缘设备。After receiving the data packet sent by the remote carrier edge device, the primary designated forwarder determines whether it is a multicast packet, and if so, excludes the selected forwarder when forwarding the data packet. Carrier edge device.
如图6所示,若PE3向PE1发送的数据报文为组播报文,则作为CE1的主指定转发者的PE1在接受到该组播报文后,排除作为CE1的备指定转发者的PE2,也就是不转发数据报文给PE2,从而可防止形成PE3-PE1-PE2-PE3的环路。As shown in Figure 6, if the data packet sent by PE3 to PE1 is a multicast packet, PE1, which is the primary designated forwarder of CE1, rejects the designated forwarder as CE1 after receiving the multicast packet. PE2, that is, does not forward data packets to PE2, thus preventing the formation of a loop of PE3-PE1-PE2-PE3.
在本实施例中,PE1被选举为CE1的主指定转发者之后,还需要定时向CE1发送探测报文。定时的时间可设置为10ms等较短的时长,用于检测CE1与PE1之间的链路是否畅通,即帮助CE1和PE1判断对方是否为数据报文可达状态。In this embodiment, after the PE1 is elected as the primary designated forwarder of the CE1, the probe packet needs to be sent to the CE1 periodically. The time can be set to a short period of time, such as 10ms. It is used to check whether the link between CE1 and PE1 is clear. That is, CE1 and PE1 can determine whether the other party is reachable.
对于PE而言,在定时向接入的用户网络边缘设备发送探测报文的步骤之后还可接 收接入的用户网络边缘设备返回的响应报文,检测响应报文是否超时,若是,则通知远端的用户网络边缘设备向被选为备指定转发者的运营商边缘设备转发数据报文。For the PE, after the step of sending a probe packet to the user edge device of the access user, the PE can be connected. And receiving the response packet returned by the user network edge device, and detecting whether the response packet times out. If yes, the remote network edge device is notified to forward the data packet to the operator edge device selected as the designated forwarder.
如图7所示,PE1可每隔10ms向CE1发送探测报文,并检测是否接收到CE1返回的响应报文,若超过预设的时长阈值,例如,超过30ms未检测到接收到了CE1返回的响应报文,则可判定CE1为数据报文不可达状态,可通知与其处于邻居关系的PE3,即发送包含撤销CE1的MAC地址的以太网段路由给PE3。PE3接收到该撤销CE1的MAC地址的以太网段路由之后,即可在MAC路由表中将CE1的MAC地址对应PE1的IP地址的MAC路由表项删除,但仍然保留了CE1的MAC地址对应PE2的IP地址的MAC路由表项,因此,CE2向CE1发送的数据报文则经由PE3转发至PE2,再由PE2转发至CE1来实现。从而可快速地检测到CE1和PE1之间的链路处于数据报文不可达状态,并及时地通过作为备指定转发者的PE2转发数据给CE1,使得CE1恢复数据传输业务的时间大大缩短,也提高了EVN网络的可靠性。As shown in Figure 7, PE1 can send a probe packet to CE1 every 10 ms and detect whether it receives the response packet returned by CE1. If the threshold is exceeded, for example, if CE1 is not detected, it is not detected. The response packet can be used to determine that the CE1 is in the unreachable state of the data packet, and can notify the PE3 that is in the neighbor relationship, that is, the Ethernet segment that sends the MAC address of the CE1 to the PE3. After receiving the Ethernet segment route of the MAC address of the CE1, the PE3 can delete the MAC address entry of the IP address of the CE1 in the MAC routing table, but still retain the MAC address of the CE1. The MAC address entry of the IP address. Therefore, the data packet sent by CE2 to CE1 is forwarded to PE2 through PE3, and then forwarded to CE1 by PE2. Therefore, the link between the CE1 and the PE1 is in a state in which the data packet is unreachable, and the data is forwarded to the CE1 through the PE2 that is the designated forwarder. Improve the reliability of the EVN network.
而对于CE而言,在检测作为主指定转发者的运营商边缘设备发送的探测报文超时后,可将数据报文发送至作为备指定转发者的运营商边缘设备,并由其进行转发。For the CE, after detecting the timeout of the probe packet sent by the operator's edge device as the primary designated forwarder, the data packet can be sent to and forwarded by the operator edge device as the designated forwarder.
如上例中,作为主指定转发者的PE1可每隔10ms向CE1发送探测报文,CE1检测是否接收到,若超过预设的时长阈值,例如,超过30ms未检测到,则可判定PE1为数据报文不可达状态。CE1即可将数据报文发送至作为备指定转发者的PE2,由PE2进行转发。同时,CE1可查找与PE1连接的信任端口,获取信任端口对应的与CE1的VLAN标识对应的信任MAC列表,然后将其删除,则CE1不再与PE1进行数据传输。因此,该作为主指定转发者的PE定时发送的探测报文也使得CE能够快速地检测到CE1和PE1之间的链路处于数据报文不可达状态,并及时地切换至作为备指定转发者的PE2转发数据,使得CE1恢复数据传输业务的时间大大缩短,也提高了EVN网络的可靠性。In the above example, PE1, which is the primary designated forwarder, can send probe packets to CE1 every 10 ms. CE1 detects whether it is received. If the preset duration threshold is exceeded, for example, if it is not detected within 30 ms, PE1 can be determined as data. The packet is unreachable. CE1 can send data packets to PE2 as the designated forwarder and forward it by PE2. At the same time, CE1 can find the trusted port connected to PE1, obtain the trusted MAC address corresponding to the VLAN ID of the trusted port, and then delete it. Then CE1 does not perform data transmission with PE1. Therefore, the probe packet sent by the PE as the primary designated forwarder can also quickly detect that the link between CE1 and PE1 is in the unreachable state of the data packet, and switch to the designated forwarder in time. The PE2 forwards the data, which greatly shortens the time for the CE1 to recover the data transmission service and improves the reliability of the EVN network.
在本实施例中,为了缩短链路故障时CE恢复数据传输业务的时间,还提供了一种与前述以太虚拟网络的接入方法对应的以太虚拟网络的接入装置。如图8所示,该装置包括路由表添加模块102、以太网段标识获取模块104、指定转发者选举模块106和数据报文转发模块108,其中: In this embodiment, in order to shorten the time for the CE to recover the data transmission service when the link is faulty, an access device of the Ethernet virtual network corresponding to the access method of the foregoing Ethernet virtual network is also provided. As shown in FIG. 8, the device includes a routing table adding module 102, an Ethernet segment identifier obtaining module 104, a designated forwarder election module 106, and a data packet forwarding module 108, where:
路由表添加模块102,用于接收接入的用户网络边缘设备发送的地址解析协议报文,根据所述地址解析协议报文获取所述接入的用户网络边缘设备的MAC地址,将所述MAC地址添加到预设的MAC路由表中;The routing table adding module 102 is configured to receive an address resolution protocol packet sent by the user network edge device that is accessed, obtain the MAC address of the accessed user network edge device according to the address resolution protocol packet, and use the MAC address. The address is added to the preset MAC routing table;
以太网段标识获取模块104,用于获取所述接入的用户网络边缘设备的以太网段标识;The Ethernet segment identifier obtaining module 104 is configured to obtain an Ethernet segment identifier of the accessed user network edge device.
指定转发者选举模块106,用于与处于其邻居关系的一个或一个以上的运营商边缘设备互发包含所述以太网段标识的以太网段路由,根据接收到的以太网段路由选举主指定转发者和备指定转发者;The forwarder election module 106 is configured to exchange the Ethernet segment route including the Ethernet segment identifier with one or more carrier edge devices in the neighbor relationship, and elect the primary designation according to the received Ethernet segment route. Forwarder and standby forwarder;
数据报文转发模块108,用于在被选举为主指定转发者后,根据所述MAC路由表通过IP网络转发所述接入的用户网络边缘设备发送的数据报文,并定时向所述接入的用户网络边缘设备发送探测报文。The data packet forwarding module 108 is configured to forward, according to the MAC routing table, the data packet sent by the accessed user network edge device according to the MAC routing table, and periodically send the data packet to the terminal after being elected as the primary designated forwarder. The incoming user network edge device sends a probe packet.
在本实施例中,路由表添加模块102还用于接收远端的运营商边缘设备发送的MAC地址通告路由,根据所述MAC地址通告路由获取所述远端的运营商边缘设备的IP地址及远端的用户网络边缘设备的MAC地址,并将该获取到的IP地址和MAC地址添加到所述MAC路由表中。In this embodiment, the routing table adding module 102 is further configured to receive a MAC address advertisement route sent by the remote operator edge device, obtain an IP address of the remote carrier edge device according to the MAC address advertisement route, and The MAC address of the remote user network edge device, and adds the obtained IP address and MAC address to the MAC routing table.
在本实施例中,数据报文转发模块108还用于获取所述数据报文中包含的远端的用户网络边缘设备的MAC地址;在所述MAC路由表查找与所述远端的用户网络边缘设备的MAC地址对应的其接入的远端的运营商边缘设备的IP地址;将所述数据报文封装成IP网络数据报文,并将封装的IP网络数据报文通过IP网络发送至与所述查找到的IP地址对应的远端的运营商边缘设备,并由该远端的运营商边缘设备将其解包后,转发至所述MAC地址对应的远端的用户网络边缘设备。In this embodiment, the data packet forwarding module 108 is further configured to obtain a MAC address of a remote user network edge device included in the data packet, and search for the remote user network in the MAC routing table. The IP address of the edge device is the IP address of the remote edge carrier device to which it is connected; the data packet is encapsulated into an IP network data packet, and the encapsulated IP network data packet is sent to the IP network through the IP network. The remote carrier edge device corresponding to the discovered IP address is unpacked by the remote carrier edge device and forwarded to the remote user network edge device corresponding to the MAC address.
在本实施例中,数据报文转发模块108还用于接收所述远端的运营商边缘设备发送的数据报文,判断其是否为组播报文,若是,则在转发所述数据报文时,排除所述被选为备指定转发者的运营商边缘设备。In this embodiment, the data packet forwarding module 108 is further configured to receive the data packet sent by the remote operator edge device, and determine whether it is a multicast packet, and if yes, forward the data packet. The operator edge device selected as the designated forwarder is excluded.
在本实施例中,如图8所示,以太虚拟网络的接入装置还包括转发链路切换模块110,用于接收所述接入的用户网络边缘设备返回的响应报文,检测所述响应报文是否超时,若是,则通知所述远端的用户网络边缘设备向被选为备指定转发者的运营商边缘 设备转发数据报文。In this embodiment, as shown in FIG. 8, the access device of the Ethernet virtual network further includes a forwarding link switching module 110, configured to receive a response packet returned by the accessed user network edge device, and detect the response. Whether the packet times out, if yes, notifying the remote user network edge device to the edge of the operator selected as the designated forwarder The device forwards data packets.
在本实施例中,指定转发者选举模块106还用于根据接收到的以太网段路由获取与该接入的用户网络边缘设备的以太网段标识对应的运营商边缘设备的IP地址;通过比较所述IP地址的大小选举主指定转发者和备指定转发者。In this embodiment, the designated forwarder election module 106 is further configured to obtain, according to the received Ethernet segment route, an IP address of the operator edge device corresponding to the Ethernet segment identifier of the accessed user network edge device; The size of the IP address elects the primary designated forwarder and the alternate designated forwarder.
如前所述,为了缩短发生链路故障时CE恢复数据传输业务的时间,在前述提出的一种CE接入PE的机制中,还包括运行于前述CE上的用户网络边缘设备的业务恢复方法。该方法的运行可依赖于计算机程序,该计算机程序可运行于符合冯诺依曼体系的计算机系统之上。该计算机系统可以是在EVN网络中作为CE的路由器设备。As described above, in order to reduce the time for the CE to recover the data transmission service when the link is faulty, the foregoing mechanism for the CE to access the PE includes the service recovery method of the user network edge device running on the foregoing CE. . The operation of the method may depend on a computer program that can run on a computer system that conforms to the von Neumann system. The computer system can be a router device that acts as a CE in the EVN network.
具体的,如图9所示,该方法包括:Specifically, as shown in FIG. 9, the method includes:
步骤S202,获取MAC地址,向两个或两个以上的运营商边缘设备发送包含所述MAC地址的地址解析协议报文,由所述运营商边缘设备添加到各自的MAC路由表中。In step S202, the MAC address is obtained, and the address resolution protocol packet including the MAC address is sent to the two or more carrier edge devices, and is added by the operator edge device to the respective MAC routing table.
请参考图3所示,CE1接入PE1和PE2两个运营商边缘设备,CE2接入PE3。CE1在与PE1和PE2建立物理链路之后,广播地址解析协议(英文:Address Resolution Protocol,简称:ARP)报文,将CE1的MAC地址广播给PE1和PE2。PE1和PE2即可得到CE1的MAC地址。或者,CE1在与PE1和PE2建立物理链路之后,也会接收到PE1或PE2广播的ARP报文,则可通过被动响应该ARP报文返回CE1的MAC地址,从而使得PE1和PE2获取到CE1的MAC地址。同理,PE3也可获取到CE2的MAC地址。As shown in Figure 3, CE1 is connected to two edge devices of PE1 and PE2, and CE2 is connected to PE3. After establishing a physical link with PE1 and PE2, CE1 broadcasts the address resolution protocol (ARP) packet to broadcast the MAC address of CE1 to PE1 and PE2. PE1 and PE2 can obtain the MAC address of CE1. Alternatively, after establishing a physical link with PE1 and PE2, CE1 also receives the ARP packet broadcasted by PE1 or PE2, and then responds to the MAC address of CE1 by passively responding to the ARP packet, so that PE1 and PE2 obtain CE1. MAC address. Similarly, PE3 can also obtain the MAC address of CE2.
另外,仍然请参考图3所示,若PE1获取到的CE1的MAC地址为MAC_1,则可通过向其处于邻居关系的PE2和PE3发送以太网段路由(英文:Ethernet Segment Route,简称ESR),将该获取到的MAC_1以及PE1的IP地址(在图3对应的应用场景中,PE1的IP地址为IP1)扩散给PE2和PE3。PE2和PE3在接收到该以太网段路由之后,即可将MAC_1和IP1添加到路由表中。In addition, as shown in FIG. 3, if the MAC address of the CE1 obtained by the PE1 is MAC_1, the Ethernet segment route (ESR) can be sent to the PE2 and the PE3 in the neighbor relationship. The IP address of the obtained MAC_1 and PE1 (in the application scenario corresponding to FIG. 3, the IP address of PE1 is IP1) is diffused to PE2 and PE3. After receiving the Ethernet segment route, PE2 and PE3 can add MAC_1 and IP1 to the routing table.
待PE1和PE3均接收到对方发送的以太网段路由之后,其上存储的MAC路由表中即存在如图3所示的MAC路由表项。其中,PE1上存储的MAC路由表中,记录了MAC_1和MAC_2对应的下一跳转发的IP地址,例如,若接收到的数据报文的目标MAC地址 为MAC_2,由于该MAC路由表项中MAC_2对应的下一跳转发的IP地址为“IP3”,则将数据报文转发至IP地址为IP3的PE3进行转发;若接收到的数据报文的目标MAC地址为MAC_1,由于该MAC路由表项中MAC_2对应的下一跳转发的IP地址为“ETH”,即表示下一跳将直接通过二层以太网链路转发,即通过二层以太网链路转发给MAC地址为MAC_1的CE1。After both PE1 and PE3 receive the Ethernet segment route sent by the peer, the MAC routing table entry shown in Figure 3 exists in the MAC routing table stored on the PE1. The MAC address table stored in the PE1 records the IP address of the next hop forwarded by the MAC_1 and the MAC_2, for example, the destination MAC address of the received data packet. If the IP address of the next hop corresponding to MAC_2 in the MAC routing entry is "IP3", the data packet is forwarded to the PE3 whose IP address is IP3. If the received data packet is received, The destination MAC address is MAC_1. The IP address of the next hop corresponding to MAC_2 in the MAC routing entry is ETH. This means that the next hop will be forwarded directly through the Layer 2 Ethernet link, that is, through Layer 2 Ethernet. The network link is forwarded to CE1 with MAC address MAC_1.
步骤S204,接收两个或两个以上的运营商边缘设备发送的以太网段路由,根据所述以太网段路由确定作为主指定转发者和备指定转发者的运营商边缘设备。Step S204: Receive an Ethernet segment route sent by two or more carrier edge devices, and determine, as the primary designated forwarder and the secondary designated forwarder, the operator edge device according to the Ethernet segment route.
如图3中,可将CE1和PE1的VLAN标识均配置为100,CE1接入PE1后,CE1将与PE1连接的端口配置为信任端口,该信任端口上存储有与VLAN标识100对应的信任MAC地址列表。该信任MAC地址列表由接收PE1发送的以太网段路由生成。PE1将其MAC路由表中的MAC项通过以太网段路由发送给CE1,CE1即可将接收到的对应同一VLAN标识的MAC项添加到信任MAC地址列表中。As shown in Figure 3, the VLAN IDs of CE1 and PE1 can be set to 100. After CE1 is connected to PE1, CE1 configures the port connected to PE1 as a trusted port. The trusted port stores the trusted MAC address corresponding to VLAN ID 100. A list of addresses. The list of trusted MAC addresses is generated by receiving an Ethernet segment route sent by PE1. PE1 sends the MAC entry in its MAC routing table to CE1 through the Ethernet segment route. CE1 adds the received MAC address corresponding to the same VLAN ID to the trusted MAC address list.
例如,在图3中,若CE1和CE2的VLAN标识均被配置为100,则CE1与PE1连接的信任端口上对应的信任MAC地址列表中则包含了CE2的MAC地址,CE1即可将CE2作为数据传输的目标;若CE2的VLAN标识没有被配置为100(PE可以配置多个VLAN标识,因此其MAC路由表中也存在CE2的MAC地址),则CE2的MAC地址将不会被CE1添加到其余PE1连接的信任端口对应的信任MAC地址列表中,使得CE1和CE2之间不会发生数据传输。For example, in Figure 3, if the VLAN IDs of CE1 and CE2 are both configured to be 100, the corresponding trusted MAC address list on the trusted port connected to CE1 and CE1 contains the MAC address of CE2, and CE1 can use CE2 as The destination of the data transmission; if the VLAN ID of the CE2 is not configured as 100 (the PE can be configured with multiple VLAN IDs, and the MAC address of the CE2 is also included in the MAC routing table), the MAC address of the CE2 will not be added to the CE1. The trusted MAC address list corresponding to the trusted port connected to the other PE1 does not cause data transmission between CE1 and CE2.
PE接入CE后可为与该CE的连接定义唯一的以太网段标识(英文:Ethernet Segment Identifier,简称:ESI),且不同的PE接入同一CE时,分别为与该CE的连接定义的以太网段标识均相同。如图3所示,CE1既接入了PE1也接入了PE2,PE1为与CE1的连接分配的以太网段标识为ESI1,PE2为与CE1的连接分配的以太网段标识也为ESI1。而CE2接入了PE3,则PE3为与CE3的连接分配的以太网段标识即为ESI2用于区分。After the PE accesses the CE, a unique Ethernet segment identifier (English: Ethernet Segment Identifier, ESI) can be defined for the connection to the CE. When different PEs access the same CE, they are respectively defined by the connection with the CE. The Ethernet segment identifiers are the same. As shown in Figure 3, CE1 is connected to both PE1 and PE2. The Ethernet segment identifier assigned by PE1 to CE1 is ESI1, and the Ethernet segment identifier assigned by PE2 to CE1 is also ESI1. When CE2 is connected to PE3, the Ethernet segment identifier assigned by PE3 to the CE3 connection is ESI2 for distinguishing.
在EVN网络中,PE之间需要被配置为全连接使得所有PE均为邻居关系。为方便进行全连接配置,优选的,可配置路由反射器(英文:Route Reflector,简称RR)。RR发现并接收EVN中其他PE发起的基于边界网关协议(英文:Border Gateway Protocol,简称:BGP)的连接从而建立客户端列表。若RR接收到某个PE发送的路由则转发给 该客户端列表中的其他所有PE。也就是说,PE之间可通过RR构成全连接网络从而建立邻居关系。In an EVN network, PEs need to be configured to be fully connected so that all PEs are in a neighbor relationship. In order to facilitate the full connection configuration, a route reflector (English: Route Reflector, RR for short) can be configured. The RR discovers and receives a connection based on the Border Gateway Protocol (BGP) initiated by other PEs in the EVN to establish a client list. If the RR receives a route sent by a PE, it forwards it to All other PEs in this client list. That is to say, PEs can form a fully connected network through RRs to establish neighbor relationships.
如图4所示,PE1、PE2和PE3之间通过RR建立了邻居关系,在CE1既接入了PE1也接入了PE2,CE2接入PE3的情况下,PE1和PE2则会为与CE1的连接相同的ESI:ESI1;而PE3则为CE2分配的ESI为:ESI2。PE1、PE2和PE3通过RR互发以太网段路由,该路由中包含有ESI信息。PE1、PE2和PE3各自通过解析接收到的以太网段路由,即可判断出对应ESI1的为PE1和PE2,对应ESI2的为PE3。As shown in Figure 4, PE1, PE2, and PE3 are connected to each other through the RR. When CE1 is connected to both PE1 and PE2, and CE2 is connected to PE3, PE1 and PE2 are connected to CE1. The same ESI: ESI1 was connected; and the ESI assigned to CE2 by PE3 was: ESI2. PE1, PE2, and PE3 exchange Ethernet segments with each other through the RR. The route contains ESI information. PE1, PE2, and PE3 can determine that the corresponding ESI1 is PE1 and PE2, and the corresponding ESI2 is PE3.
优选的,参考图4所示,PE1上可建立与ESI1对应的终端列表,该列表中则包含了PE1和PE2的标识(例如IP地址等标识PE的信息),同理PE2上也建立有与ESI对应的终端列表,该列表中也包含了PE1和PE2的标识。PE1和PE2即可根据该终端列表中包含的标识选举与ESI1对应的主指定转发者和备指定转发者。Preferably, as shown in FIG. 4, a list of terminals corresponding to ESI1 can be established on the PE1, and the list includes the identifiers of the PE1 and the PE2 (for example, the information identifying the PE such as the IP address), and the same is established on the PE2. A list of terminals corresponding to the ESI. The list also contains the identifiers of PE1 and PE2. PE1 and PE2 can elect the primary designated forwarder and the specified forwarder corresponding to ESI1 according to the identifier included in the terminal list.
优选的,PE可根据接收到的以太网段路由获取与该接入的用户网络边缘设备的以太网段标识对应的运营商边缘设备的IP地址;通过比较该IP地址的大小选举主指定转发者和备指定转发者。Preferably, the PE obtains an IP address of the operator edge device corresponding to the Ethernet segment identifier of the accessed user network edge device according to the received Ethernet segment route; and elects the primary designated forwarder by comparing the size of the IP address. And specify the forwarder.
也就是说,在图4中,PE1和PE2上存储的与ESI1对应的终端列表中采用PE1和PE2的IP地址作为各自的标识,然后可将IP地址最小的PE选举为主指定转发者,将剩余的IP地址对应的PE选举为备指定转发者。对于PE1而言,其只需要判断PE1自身的IP地址是否为该终端列表中最小的IP地址即可判断得到PE1自身是否被选举为主指定转发者,若PE1判断得到其IP地址并不为该终端列表中最小的IP地址,则PE1即可判断出PE1自身被选举为备指定转发者,从而可向CE1发送以太网段路由通知CE1其为主指定转发者。That is, in FIG. 4, the IP addresses of PE1 and PE2 are used as the respective identifiers in the terminal list corresponding to ESI1 stored on PE1 and PE2, and then the PE with the smallest IP address can be elected as the primary designated forwarder. The PE election corresponding to the remaining IP addresses is the designated forwarder. For PE1, it is only necessary to determine whether the IP address of the PE1 itself is the smallest IP address in the terminal list, and it can be determined whether the PE1 itself is elected as the designated forwarder. If the PE1 determines that the IP address is not the same, If the IP address of the terminal list is the smallest, the PE1 can determine that the PE1 itself is elected as the designated forwarder. Therefore, the CE1 can send the Ethernet segment route notification CE1 to the primary designated forwarder.
步骤S206,获取数据报文,将所述数据报文发送至所述作为主指定转发者的运营商边缘设备,由其根据所述MAC路由表转发所述数据报文。In step S206, the data packet is obtained, and the data packet is sent to the operator edge device as the primary designated forwarder, and the data packet is forwarded according to the MAC routing table.
参考图3所示,在图3中,CE1和CE2以及PE1、PE2和PE3均分配了相同的VLAN标识,且PE1被选为CE1的主指定转发者,PE2被选为CE2的备指定转发者。Referring to FIG. 3, in FIG. 3, CE1 and CE2, and PE1, PE2, and PE3 are all assigned the same VLAN identifier, and PE1 is selected as the primary designated forwarder of CE1, and PE2 is selected as the designated forwarder of CE2. .
对于CE1向CE2发送的数据报文(二层以太网数据报文),将先经由CE1与PE1之间的链路抵达PE1,PE1接收到该数据报文后,根据数据报文提取目标发送的远端的 用户网络变边缘设备的MAC地址,即CE2的MAC地址,以及发送该数据报文的CE1的MAC地址,然后将该数据报文封装为VxLan的IP网络的数据报文,通过查询MAC路由表得到下一跳转发的IP地址为PE3的IP地址,则将该封装的数据报文通过IP网络发送至PE3。The data packet sent by CE1 to CE2 (Layer 2 Ethernet data packet) will be forwarded to PE1 through the link between CE1 and PE1. After receiving the data packet, PE1 sends the packet according to the data packet. Remote The user network changes the MAC address of the edge device, that is, the MAC address of the CE2, and the MAC address of the CE1 that sends the data packet, and then encapsulates the data packet into a data packet of the VxLan IP network, and obtains the MAC routing table by querying the MAC routing table. If the IP address of the next hop is the IP address of the PE3, the encapsulated data packet is sent to the PE3 through the IP network.
该封装的数据报文的格式可参考图5所示,需要先为接收到的CE1发送的数据报文(即图5中的“原始二层数据报文”部分)加上VxLAN协议头(包括VLAN标识等信息),然后再加上IP协议头(包括PE1的IP地址和PE3的IP地址等信息),还要加上禁止分片标识。如图5所示,禁止分片标识包含目标接收数据报文的CE3的MAC地址(即图5中禁止分片标识中的DMAC数据段)和发送数据包的CE1的MAC地址(即图5中禁止分片标识中的SMAC数据段),以及附加信息(即图5中禁止分片标识中的TYPE数据段)。The format of the data packet of the encapsulation may be as shown in FIG. 5, and the VxLAN protocol header (including the “original Layer 2 data packet” part in FIG. 5) needs to be added to the received CE1 data packet (including the “original Layer 2 data packet” part in FIG. 5). VLAN identification and other information), and then add the IP protocol header (including the IP address of PE1 and the IP address of PE3), plus the prohibition fragmentation. As shown in FIG. 5, the fragment identification identifies the MAC address of the CE3 that contains the target received data message (ie, the DMAC data segment in the fragmentation identifier in FIG. 5) and the MAC address of the CE1 that sends the data packet (ie, in FIG. 5). The SMAC data segment in the fragmentation identifier is prohibited, and the additional information (ie, the TYPE data segment in the fragmentation identifier is prohibited in FIG. 5).
PE3通过IP网络接收到该封装的数据报文后,通过解析该数据报文即可获取该数据报文目标发送的设备的MAC地址为CE3的MAC地址,通过查询MAC路由表可知其对应的下一跳转发的地址为以太网络(即与CE3连接的端口),则将封装的数据报文中原始二层数据报文数据段提取出来,然后发送给CE3。After receiving the encapsulated data packet, the PE3 can obtain the MAC address of the device that is sent by the destination of the data packet to the CE3 by querying the data packet. If the address of the one-hop forwarding is an Ethernet network (that is, the port connected to CE3), the data segment of the original Layer 2 data packet in the encapsulated data packet is extracted and sent to CE3.
CE3上PE3对应的信任端口接收到该数据报文后,解析得到发起该数据报文的设备为CE1,若CE1的MAC地址在其信任MAC地址列表中,因此,该数据报文被成功接收。After receiving the data packet, the trusted port corresponding to PE3 on CE3 is configured to determine that the device that originated the data packet is CE1. If the MAC address of CE1 is in the list of trusted MAC addresses, the data packet is successfully received.
步骤S208,检测所述作为主指定转发者的运营商边缘设备发送的探测报文,若超时,则将所述数据报文发送至所述作为备指定转发者的运营商边缘设备,并由其进行转发。Step S208, detecting the probe packet sent by the operator edge device that is the primary designated forwarder, and if it times out, sending the data packet to the operator edge device that is the designated forwarder, and Forward.
在本实施例中,PE1被选举为CE1的主指定转发者之后,还需要定时向CE1发送探测报文。定时的时间可设置为10ms等较短的时长,用于检测CE1与PE1之间的链路是否畅通,即帮助CE1和PE1判断对方是否为数据报文可达状态。In this embodiment, after the PE1 is elected as the primary designated forwarder of the CE1, the probe packet needs to be sent to the CE1 periodically. The time can be set to a short period of time, such as 10ms. It is used to check whether the link between CE1 and PE1 is clear. That is, CE1 and PE1 can determine whether the other party is reachable.
对于CE而言,在检测作为主指定转发者的运营商边缘设备发送的探测报文超时后,可将数据报文发送至作为备指定转发者的运营商边缘设备,并由其进行转发。After detecting the timeout of the probe packet sent by the edge device of the carrier that is the primary designated forwarder, the CE can send the data packet to the edge device of the carrier that is the designated forwarder and forward it.
例如,作为主指定转发者的PE1可每隔10ms向CE1发送探测报文,CE1检测是否 接收到,若超过预设的时长阈值,例如,超过30ms未检测到,则可判定PE1为数据报文不可达状态。CE1即可将数据报文发送至作为备指定转发者的PE2,由PE2进行转发。同时,CE1可查找与PE1连接的信任端口,获取信任端口对应的与CE1的VLAN标识对应的信任MAC列表,然后将其删除,则CE1不再与PE1进行数据传输。因此,该作为主指定转发者的PE定时发送的探测报文也使得CE能够快速地检测到CE1和PE1之间的链路处于数据报文不可达状态,并及时地切换至作为备指定转发者的PE2转发数据,使得CE1恢复数据传输业务的时间大大缩短,也提高了EVN网络的可靠性。For example, PE1, which is the primary designated forwarder, can send probe packets to CE1 every 10 ms. CE1 detects whether If it is received, if the preset duration threshold is exceeded, for example, if it is not detected within 30 ms, it may be determined that PE1 is in a data packet unreachable state. CE1 can send data packets to PE2 as the designated forwarder and forward it by PE2. At the same time, CE1 can find the trusted port connected to PE1, obtain the trusted MAC address corresponding to the VLAN ID of the trusted port, and then delete it. Then CE1 does not perform data transmission with PE1. Therefore, the probe packet sent by the PE as the primary designated forwarder can also quickly detect that the link between CE1 and PE1 is in the unreachable state of the data packet, and switch to the designated forwarder in time. The PE2 forwards the data, which greatly shortens the time for the CE1 to recover the data transmission service and improves the reliability of the EVN network.
在本实施例中,为了缩短链路故障时CE恢复数据传输业务的时间,还提供了一种与前述以用户网络边缘设备的业务恢复对应的用户网络边缘设备的业务恢复装置。如图8所示,该装置包括MAC地址发布模块202、指定转发者确定模块204、数据报文发送模块206和指定转发者切换模块208,其中:In this embodiment, in order to shorten the time for the CE to recover the data transmission service when the link is faulty, a service recovery device of the user network edge device corresponding to the foregoing service recovery of the user network edge device is also provided. As shown in FIG. 8, the apparatus includes a MAC address issuing module 202, a designated forwarder determining module 204, a data packet sending module 206, and a designated forwarder switching module 208, wherein:
MAC地址发布模块202,用于获取MAC地址,向两个或两个以上的运营商边缘设备发送包含所述MAC地址的地址解析协议报文,由所述运营商边缘设备添加到各自的MAC路由表中;The MAC address issuing module 202 is configured to obtain a MAC address, and send an address resolution protocol packet including the MAC address to two or more carrier edge devices, where the carrier edge device adds the MAC address to the MAC address. In the table;
指定转发者确定模块204,用于接收所述两个或两个以上的运营商边缘设备发送的以太网段路由,根据所述以太网段路由确定作为主指定转发者和备指定转发者的运营商边缘设备;The designated forwarder determining module 204 is configured to receive an Ethernet segment route sent by the two or more carrier edge devices, and determine, as the primary designated forwarder and the designated forwarder, according to the Ethernet segment route. Edge device
数据报文发送模块206,用于获取数据报文,将所述数据报文发送至所述作为主指定转发者的运营商边缘设备,由其根据所述MAC路由表转发所述数据报文;The data packet sending module 206 is configured to: obtain the data packet, and send the data packet to the operator edge device that is the primary designated forwarder, and forward the data packet according to the MAC routing table;
指定转发者切换模块208,用于检测所述作为主指定转发者的运营商边缘设备发送的探测报文,若超时,则将所述数据报文发送至所述作为备指定转发者的运营商边缘设备,并由其进行转发。The forwarder switching module 208 is configured to detect the probe packet sent by the operator edge device that is the primary designated forwarder, and if the timeout occurs, send the data packet to the operator that is the designated forwarder. The edge device is forwarded by it.
上述以太虚拟网络的接入方法及装置、以及用户网络边缘设备的业务恢复方法及装置中,用户网络边缘设备接入以太虚拟网络时,并不只是接入单一的运营商边缘设备,而是接入两个或两个以上的运营商边缘设备,所有接入该用户网络边缘设备的运营商边 缘设备进行选举,确定各自主指定转发者和备指定转发者的身份,然后由作为主指定转发者的运营商边缘设备转发该用户网络边缘设备的数据报文,且作为主指定转发者的运营商边缘设备与该用户网络边缘设备之间通过探测报文相互检测对方的数据报文可达状态,在该状态由于链路问题或其他原因变为不可达时,用户网络边缘设备可快速地切换至备转发链路转发数据报文,而无需等待较长时间,使得用户网络边缘设备的数据传输业务的恢复时间大大缩短,从而提高了EVN网络的可靠性。In the above-mentioned Ethernet virtual network access method and device, and the user network edge device service recovery method and device, when the user network edge device accesses the Ethernet virtual network, it is not only accessing a single carrier edge device but Enter two or more carrier edge devices, all carriers that access the user's network edge device The edge device performs election to determine the identity of the primary designated forwarder and the designated forwarder, and then forwards the data packet of the user network edge device by the carrier edge device that is the primary designated forwarder, and operates as the primary designated forwarder. The edge device of the user and the edge device of the user network detect each other's data packet reachability status through the probe packet. When the state becomes unreachable due to a link problem or other reasons, the user network edge device can quickly switch. The forwarding forwarding data packet is forwarded to the forwarding link without waiting for a long time, so that the recovery time of the data transmission service of the user network edge device is greatly shortened, thereby improving the reliability of the EVN network.
本领域普通技术人员可以理解实现上述实施例方法中的全部或部分流程,是可以通过计算机程序来指令相关的硬件来完成,所述的程序可存储于一计算机可读取存储介质中,该程序在执行时,可包括如上述各方法的实施例的流程。其中,所述的存储介质可为磁碟、光盘、只读存储记忆体(Read-Only Memory,ROM)或随机存储记忆体(Random Access Memory,RAM)等。One of ordinary skill in the art can understand that all or part of the process of implementing the foregoing embodiments can be completed by a computer program to instruct related hardware, and the program can be stored in a computer readable storage medium. When executed, the flow of an embodiment of the methods as described above may be included. The storage medium may be a magnetic disk, an optical disk, a read-only memory (ROM), or a random access memory (RAM).
以上所述实施例仅表达了本发明的几种实施方式,其描述较为具体和详细,但并不能因此而理解为对本发明专利范围的限制。应当指出的是,对于本领域的普通技术人员来说,在不脱离本发明构思的前提下,还可以做出若干变形和改进,这些都属于本发明的保护范围。因此,本发明专利的保护范围应以所附权利要求为准。 The above-mentioned embodiments are merely illustrative of several embodiments of the present invention, and the description thereof is more specific and detailed, but is not to be construed as limiting the scope of the invention. It should be noted that a number of variations and modifications may be made by those skilled in the art without departing from the spirit and scope of the invention. Therefore, the scope of the invention should be determined by the appended claims.

Claims (14)

  1. 一种以太虚拟网络的接入方法,包括:An access method for an Ethernet virtual network, including:
    接收接入的用户网络边缘设备发送的地址解析协议报文,根据所述地址解析协议报文获取所述接入的用户网络边缘设备的MAC地址,将所述MAC地址添加到预设的MAC路由表中;Receiving an address resolution protocol packet sent by the access user network edge device, obtaining a MAC address of the accessed user network edge device according to the address resolution protocol packet, and adding the MAC address to a preset MAC route In the table;
    获取所述接入的用户网络边缘设备的以太网段标识;Obtaining an Ethernet segment identifier of the accessed user network edge device;
    与处于其邻居关系的一个或一个以上的运营商边缘设备互发包含所述以太网段标识的以太网段路由,根据接收到的以太网段路由选举主指定转发者和备指定转发者;And transmitting, by the one or more carrier edge devices in the neighbor relationship, the Ethernet segment route including the identifier of the Ethernet segment, and electing the primary designated forwarder and the designated forwarder according to the received Ethernet segment route;
    在被选举为主指定转发者后,根据所述MAC路由表通过IP网络转发所述接入的用户网络边缘设备发送的数据报文,并定时向所述接入的用户网络边缘设备发送探测报文。After being elected as the primary designated forwarder, the data packet sent by the accessed user network edge device is forwarded through the IP network according to the MAC routing table, and the probe is periodically sent to the accessed user network edge device. Text.
  2. 根据权利要求1所述的以太虚拟网络的接入方法,其特征在于,所述方法还包括:The method for accessing an Ethernet virtual network according to claim 1, wherein the method further comprises:
    接收远端的运营商边缘设备发送的MAC地址通告路由,根据所述MAC地址通告路由获取所述远端的运营商边缘设备的IP地址及远端的用户网络边缘设备的MAC地址,并将该获取到的IP地址和MAC地址添加到所述MAC路由表中。Receiving a MAC address advertisement route sent by the remote carrier edge device, obtaining an IP address of the remote carrier edge device and a MAC address of the remote user network edge device according to the MAC address advertisement route, and The obtained IP address and MAC address are added to the MAC routing table.
  3. 根据权利要求2所述的以太虚拟网络的接入方法,其特征在于,根据所述MAC路由表通过IP网络转发所述用户网络边缘设备发送的数据报文的步骤还包括:The access method of the Ethernet virtual network according to claim 2, wherein the step of forwarding the data packet sent by the user network edge device by using the IP routing table according to the MAC routing table further includes:
    获取所述数据报文中包含的远端的用户网络边缘设备的MAC地址;Obtaining a MAC address of a remote user network edge device included in the data packet;
    在所述MAC路由表查找与所述远端的用户网络边缘设备的MAC地址对应的其接入的远端的运营商边缘设备的IP地址;Locating, in the MAC routing table, an IP address of a remote edge operator's edge device that corresponds to a MAC address of the remote user network edge device;
    将所述数据报文封装成IP网络数据报文,并将封装的IP网络数据报文通过IP网络发送至与所述查找到的IP地址对应的远端的运营商边缘设备,并由该远端的运营商边缘设备将其解包后,转发至所述MAC地址对应的远端的用户网络边缘设备。Encapsulating the data packet into an IP network data packet, and sending the encapsulated IP network data packet to the remote operator edge device corresponding to the found IP address through the IP network, and After the carrier edge device of the terminal unpacks it, it forwards it to the remote user network edge device corresponding to the MAC address.
  4. 根据权利要求2所述的以太虚拟网络的接入方法,其特征在于,所述根据接收到的以太网段路由选举主指定转发者和备指定转发者,并被选举为主指定转发者的步骤之后还包括: The access method of the Ethernet virtual network according to claim 2, wherein the step of electing the primary designated forwarder and the designated forwarder according to the received Ethernet segment route and being elected as the primary designated forwarder It also includes:
    接收所述远端的运营商边缘设备发送的数据报文,判断其是否为组播报文,若是,则在转发所述数据报文时,排除所述被选为备指定转发者的运营商边缘设备。Receiving a data packet sent by the remote carrier edge device to determine whether it is a multicast packet, and if yes, excluding the operator selected as the designated forwarder when forwarding the data packet Edge device.
  5. 根据权利要求2所述的以太虚拟网络的接入方法,其特征在于,所述定时向所述接入的用户网络边缘设备发送探测报文的步骤之后还包括:The access method of the Ethernet virtual network according to claim 2, wherein the step of sending the probe packet to the user network edge device of the access network after the step further comprises:
    接收所述接入的用户网络边缘设备返回的响应报文,检测所述响应报文是否超时,若是,则通知所述远端的用户网络边缘设备向被选为备指定转发者的运营商边缘设备转发数据报文。Receiving a response packet returned by the accessed user network edge device, detecting whether the response packet times out, and if yes, notifying the remote user network edge device to the operator edge selected as the designated forwarder The device forwards data packets.
  6. 根据权利要求1所述的以太虚拟网络的接入方法,其特征在于,所述根据接收到的以太网段路由选举主指定转发者和备指定转发者的步骤还包括:The access method of the Ethernet virtual network according to claim 1, wherein the step of electing the primary designated forwarder and the designated forwarder according to the received Ethernet segment route further includes:
    根据接收到的以太网段路由获取与该接入的用户网络边缘设备的以太网段标识对应的运营商边缘设备的IP地址;Obtaining, according to the received Ethernet segment route, an IP address of the operator edge device corresponding to the Ethernet segment identifier of the accessed user network edge device;
    通过比较所述IP地址的大小选举主指定转发者和备指定转发者。The primary designated forwarder and the secondary designated forwarder are elected by comparing the sizes of the IP addresses.
  7. 一种以太虚拟网络的接入装置,其特征在于,包括:An access device for an Ethernet virtual network, comprising:
    路由表添加模块,用于接收接入的用户网络边缘设备发送的地址解析协议报文,根据所述地址解析协议报文获取所述接入的用户网络边缘设备的MAC地址,将所述MAC地址添加到预设的MAC路由表中;a routing table adding module, configured to receive an address resolution protocol packet sent by an access user network edge device, obtain a MAC address of the accessed user network edge device according to the address resolution protocol packet, and use the MAC address Add to the default MAC routing table;
    以太网段标识获取模块,用于获取所述接入的用户网络边缘设备的以太网段标识;An Ethernet segment identifier obtaining module, configured to acquire an Ethernet segment identifier of the accessed user network edge device;
    指定转发者选举模块,用于与处于其邻居关系的一个或一个以上的运营商边缘设备互发包含所述以太网段标识的以太网段路由,根据接收到的以太网段路由选举主指定转发者和备指定转发者;The forwarder election module is configured to exchange the Ethernet segment route including the Ethernet segment identifier with one or more carrier edge devices in the neighbor relationship, and elect the primary designated forwarding according to the received Ethernet segment route. And the designated forwarder;
    数据报文转发模块,用于在被选举为主指定转发者后,根据所述MAC路由表通过IP网络转发所述接入的用户网络边缘设备发送的数据报文,并定时向所述接入的用户网络边缘设备发送探测报文。a data packet forwarding module, configured to forward, according to the MAC routing table, a data packet sent by the user network edge device that is accessed by the user according to the MAC routing table, and periodically send the data packet to the access device. The user network edge device sends a probe packet.
  8. 根据权利要求7所述的以太虚拟网络的接入装置,其特征在于,所述路由表添加模块还用于接收远端的运营商边缘设备发送的MAC地址通告路由,根据所述MAC地址通告路由获取所述远端的运营商边缘设备的IP地址及远端的用户网络边缘设备的 MAC地址,并将该获取到的IP地址和MAC地址添加到所述MAC路由表中。The access device of the Ethernet virtual network according to claim 7, wherein the routing table adding module is further configured to receive a MAC address advertisement route sent by the remote operator edge device, and advertise the route according to the MAC address. Obtaining the IP address of the remote carrier edge device and the remote user network edge device The MAC address is added to the MAC routing table by the obtained IP address and MAC address.
  9. 根据权利要求8所述的以太虚拟网络的接入装置,其特征在于,数据报文转发模块还用于获取所述数据报文中包含的远端的用户网络边缘设备的MAC地址;在所述MAC路由表查找与所述远端的用户网络边缘设备的MAC地址对应的其接入的远端的运营商边缘设备的IP地址;将所述数据报文封装成IP网络数据报文,并将封装的IP网络数据报文通过IP网络发送至与所述查找到的IP地址对应的远端的运营商边缘设备,并由该远端的运营商边缘设备将其解包后,转发至所述MAC地址对应的远端的用户网络边缘设备。The access device of the Ethernet virtual network according to claim 8, wherein the data packet forwarding module is further configured to acquire a MAC address of a remote user network edge device included in the data packet; The MAC routing table searches for the IP address of the operator edge device of the remote end that corresponds to the MAC address of the remote user network edge device; encapsulates the data packet into an IP network data packet, and The encapsulated IP network data packet is sent to the remote operator edge device corresponding to the found IP address through the IP network, and is unpacked by the remote carrier edge device, and then forwarded to the The remote user network edge device corresponding to the MAC address.
  10. 根据权利要求8所述的以太虚拟网络的接入装置,其特征在于,所述数据报文转发模块还用于接收所述远端的运营商边缘设备发送的数据报文,判断其是否为组播报文,若是,则在转发所述数据报文时,排除所述被选为备指定转发者的运营商边缘设备。The access device of the Ethernet virtual network according to claim 8, wherein the data packet forwarding module is further configured to receive a data packet sent by the remote operator edge device, and determine whether it is a group. The broadcast message, if yes, excludes the operator edge device selected as the designated forwarder when forwarding the data message.
  11. 根据权利要求8所述的以太虚拟网络的接入装置,其特征在于,所述装置还包括转发链路切换模块,用于接收所述接入的用户网络边缘设备返回的响应报文,检测所述响应报文是否超时,若是,则通知所述远端的用户网络边缘设备向被选为备指定转发者的运营商边缘设备转发数据报文。The access device of the Ethernet virtual network according to claim 8, wherein the device further comprises a forwarding link switching module, configured to receive a response packet returned by the accessed user network edge device, and detect the location The response packet is timed out. If yes, the remote network edge device is notified to forward the data packet to the operator edge device selected as the designated forwarder.
  12. 根据权利要求7所述的以太虚拟网络的接入装置,其特征在于,所述指定转发者选举模块还用于根据接收到的以太网段路由获取与该接入的用户网络边缘设备的以太网段标识对应的运营商边缘设备的IP地址;通过比较所述IP地址的大小选举主指定转发者和备指定转发者。The access device of the Ethernet virtual network according to claim 7, wherein the designated forwarder election module is further configured to acquire an Ethernet network with the accessed user network edge device according to the received Ethernet segment route. The IP address of the carrier edge device corresponding to the segment identifier; the primary designated forwarder and the specified forwarder are elected by comparing the sizes of the IP addresses.
  13. 一种用户网络边缘设备的业务恢复方法,包括:A service recovery method for a user network edge device includes:
    获取MAC地址,向两个或两个以上的运营商边缘设备发送包含所述MAC地址的地址解析协议报文,由所述运营商边缘设备添加到各自的MAC路由表中;Obtaining a MAC address, and sending an address resolution protocol packet including the MAC address to two or more carrier edge devices, where the operator edge device is added to a corresponding MAC routing table;
    接收所述两个或两个以上的运营商边缘设备发送的以太网段路由,根据所述以太网段路由确定作为主指定转发者和备指定转发者的运营商边缘设备;Receiving, by the two or more carrier edge devices, an Ethernet segment route, and determining, according to the Ethernet segment route, an operator edge device that is a primary designated forwarder and a designated forwarder;
    获取数据报文,将所述数据报文发送至所述作为主指定转发者的运营商边缘设备,由其根据所述MAC路由表转发所述数据报文;Obtaining a data packet, and sending the data packet to the operator edge device as the primary designated forwarder, and forwarding the data packet according to the MAC routing table;
    检测所述作为主指定转发者的运营商边缘设备发送的探测报文,若超时,则将所述 数据报文发送至所述作为备指定转发者的运营商边缘设备,并由其进行转发。Detecting the probe packet sent by the operator edge device that is the primary designated forwarder, if it times out, The data packet is sent to and forwarded by the operator edge device as the designated forwarder.
  14. 一种用户网络边缘设备的业务恢复装置,其特征在于,包括:A service recovery device for a user network edge device, comprising:
    MAC地址发布模块,用于获取MAC地址,向两个或两个以上的运营商边缘设备发送包含所述MAC地址的地址解析协议报文,由所述运营商边缘设备添加到各自的MAC路由表中;a MAC address issuing module, configured to obtain a MAC address, and send an address resolution protocol packet including the MAC address to two or more carrier edge devices, where the operator edge device adds to a corresponding MAC routing table. in;
    指定转发者确定模块,用于接收所述两个或两个以上的运营商边缘设备发送的以太网段路由,根据所述以太网段路由确定作为主指定转发者和备指定转发者的运营商边缘设备;And a specified forwarder determining module, configured to receive an Ethernet segment route sent by the two or more carrier edge devices, and determine, as the primary designated forwarder and the designated forwarder, the operator according to the Ethernet segment route Edge device
    数据报文发送模块,用于获取数据报文,将所述数据报文发送至所述作为主指定转发者的运营商边缘设备,由其根据所述MAC路由表转发所述数据报文;a data packet sending module, configured to: send the data packet to the operator edge device as the primary designated forwarder, and forward the data packet according to the MAC routing table;
    指定转发者切换模块,用于检测所述作为主指定转发者的运营商边缘设备发送的探测报文,若超时,则将所述数据报文发送至所述作为备指定转发者的运营商边缘设备,并由其进行转发。 And a forwarder switching module, configured to detect the probe packet sent by the operator edge device that is the primary designated forwarder, and if the timeout occurs, send the data packet to the edge of the operator that is the designated forwarder. The device is forwarded by it.
PCT/CN2015/088460 2014-12-22 2015-08-29 Access method and apparatus for ethernet virtual network WO2016101646A1 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
CN201410803549.4A CN105791072A (en) 2014-12-22 2014-12-22 Access method and device of Ethernet virtual network
CN201410803549.4 2014-12-22

Publications (1)

Publication Number Publication Date
WO2016101646A1 true WO2016101646A1 (en) 2016-06-30

Family

ID=56149172

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2015/088460 WO2016101646A1 (en) 2014-12-22 2015-08-29 Access method and apparatus for ethernet virtual network

Country Status (2)

Country Link
CN (1) CN105791072A (en)
WO (1) WO2016101646A1 (en)

Cited By (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN112333774A (en) * 2020-10-30 2021-02-05 南京邮电大学 Edge network control system and control method
CN112448889A (en) * 2019-08-28 2021-03-05 北京新能源汽车股份有限公司 Gateway controller route configuration method, device, equipment and automobile
CN113596821A (en) * 2021-07-15 2021-11-02 北京小米移动软件有限公司 Data communication method, device, computer equipment and storage medium
CN113992557A (en) * 2021-09-10 2022-01-28 新华三信息安全技术有限公司 Message processing method and device
CN114221834A (en) * 2021-11-24 2022-03-22 新华三技术有限公司合肥分公司 Message forwarding method and device

Families Citing this family (12)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN108075969B (en) 2016-11-17 2020-01-03 新华三技术有限公司 Message forwarding method and device
CN108574614B (en) 2017-03-10 2020-11-17 华为技术有限公司 Message processing method, device and network system
CN107948066B (en) * 2017-10-31 2020-11-03 新华三技术有限公司 Designated forwarder DF election method, system and device
CN108494701B (en) * 2018-03-30 2021-12-10 新华三技术有限公司 Load sharing method and device
CN110798403B (en) 2018-08-01 2021-02-23 华为技术有限公司 Communication method, communication device and communication system
CN111526108B (en) * 2019-02-01 2021-08-20 华为技术有限公司 Method and device for preventing network attack
CN109981452B (en) * 2019-02-28 2021-03-23 新华三技术有限公司 Method and device for switching back PW link
WO2020237639A1 (en) * 2019-05-31 2020-12-03 Telefonaktiebolaget Lm Ericsson (Publ) Method and apparatus for network communication
CN112910784B (en) * 2019-12-03 2023-03-24 华为技术有限公司 Method, device and system for determining route
CN112260949B (en) * 2020-10-16 2022-09-23 苏州盛科通信股份有限公司 EVPN local priority forwarding method and device based on SRV6 protocol
CN115499360A (en) * 2022-04-08 2022-12-20 锐捷网络股份有限公司 Fault processing method, device, equipment and medium under EVPN multi-homing scene
CN115314450A (en) * 2022-08-03 2022-11-08 昆高新芯微电子(江苏)有限公司 Method for realizing adaptation of low-rate port to high-rate port in cut-through forwarding mode

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102035681A (en) * 2010-12-17 2011-04-27 中兴通讯股份有限公司 Link protection method and system for virtual private network
CN103095507A (en) * 2013-02-04 2013-05-08 杭州华三通信技术有限公司 Message transmission method and edge device based on Ethernet virtualization internet network
US8576844B1 (en) * 2010-04-16 2013-11-05 Juniper Networks, Inc. Forwarding multicast packets in a VPLS router on the basis of MAC addresses

Family Cites Families (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN100550814C (en) * 2005-12-01 2009-10-14 华为技术有限公司 A kind of system and method based on two layer VPN foreign medium communication
CN102045178B (en) * 2009-10-16 2016-03-30 中兴通讯股份有限公司 The method of Virtual Private LAN Service multicast protection and device
US8724456B1 (en) * 2010-05-19 2014-05-13 Juniper Networks, Inc. Network path selection for multi-homed edges to ensure end-to-end resiliency
CN101977150B (en) * 2010-11-05 2012-05-23 华为技术有限公司 Method and equipment for real-time recovery of virtual private network (VPN) message forwarding in L3VPN
CN102694718B (en) * 2011-03-25 2016-03-30 华为技术有限公司 A kind of VPLS fast rerouting method and equipment
CN102413046B (en) * 2011-11-24 2014-08-20 杭州华三通信技术有限公司 Method for forwarding flow by means of virtual router redundancy protocol backup set and equipment

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US8576844B1 (en) * 2010-04-16 2013-11-05 Juniper Networks, Inc. Forwarding multicast packets in a VPLS router on the basis of MAC addresses
CN102035681A (en) * 2010-12-17 2011-04-27 中兴通讯股份有限公司 Link protection method and system for virtual private network
CN103095507A (en) * 2013-02-04 2013-05-08 杭州华三通信技术有限公司 Message transmission method and edge device based on Ethernet virtualization internet network

Cited By (9)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN112448889A (en) * 2019-08-28 2021-03-05 北京新能源汽车股份有限公司 Gateway controller route configuration method, device, equipment and automobile
CN112448889B (en) * 2019-08-28 2022-04-19 北京新能源汽车股份有限公司 Gateway controller route configuration method, device, equipment and automobile
CN112333774A (en) * 2020-10-30 2021-02-05 南京邮电大学 Edge network control system and control method
CN112333774B (en) * 2020-10-30 2022-07-05 南京邮电大学 Edge network control system and control method
CN113596821A (en) * 2021-07-15 2021-11-02 北京小米移动软件有限公司 Data communication method, device, computer equipment and storage medium
CN113596821B (en) * 2021-07-15 2024-03-01 北京小米移动软件有限公司 Data communication method, device, computer equipment and storage medium
CN113992557A (en) * 2021-09-10 2022-01-28 新华三信息安全技术有限公司 Message processing method and device
CN114221834A (en) * 2021-11-24 2022-03-22 新华三技术有限公司合肥分公司 Message forwarding method and device
CN114221834B (en) * 2021-11-24 2024-03-12 新华三技术有限公司合肥分公司 Message forwarding method and device

Also Published As

Publication number Publication date
CN105791072A (en) 2016-07-20

Similar Documents

Publication Publication Date Title
WO2016101646A1 (en) Access method and apparatus for ethernet virtual network
US11533249B2 (en) Route processing method and apparatus, and data transmission method and apparatus
US10050877B2 (en) Packet forwarding method and apparatus
CN109218178B (en) Message processing method and network equipment
EP3065342B1 (en) Update of mac routes in evpn single-active topology
US9397943B2 (en) Configuring virtual media access control addresses for virtual machines
US10193707B2 (en) Packet transmission method and apparatus
WO2017114196A1 (en) Packet processing method, related apparatus and nvo3 network system
US10263808B2 (en) Deployment of virtual extensible local area network
WO2014205784A1 (en) Method and device for processing multicast message in nvo3 network, and nvo3 network
WO2021031648A1 (en) Evpn and vpls coexistence method, apparatus, and system
CN110798403B (en) Communication method, communication device and communication system
US20210029022A1 (en) Packet forwarding method and apparatus
WO2021139289A1 (en) Packet sending method, routing table entry generation method, device, and storage medium
US20210119906A1 (en) Loop Avoidance Communications Method, Device, and System
WO2022001669A1 (en) Method for establishing vxlan tunnel, and related device
WO2018184496A1 (en) Multi-home access method, apparatus, and multi-home node
WO2022121466A1 (en) Data processing method and device for ethernet virtual private network, and storage medium
US20190215191A1 (en) Deployment Of Virtual Extensible Local Area Network
WO2019196914A1 (en) Method for discovering forwarding path, and related device thereof
WO2010045838A1 (en) Method and device for processing messages
US9654304B2 (en) Method and apparatus for sending transparent interconnection of lots of links data frame
WO2015085801A1 (en) Fault processing method and apparatus for edge route bridge in trill network
WO2012016471A1 (en) Topology convergence method and service provider edge
WO2024016869A1 (en) Multicast configuration method and apparatus

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 15871720

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 15871720

Country of ref document: EP

Kind code of ref document: A1