WO2017219910A1 - Translation method and apparatus for virtual local area network (vlan) - Google Patents

Translation method and apparatus for virtual local area network (vlan) Download PDF

Info

Publication number
WO2017219910A1
WO2017219910A1 PCT/CN2017/088463 CN2017088463W WO2017219910A1 WO 2017219910 A1 WO2017219910 A1 WO 2017219910A1 CN 2017088463 W CN2017088463 W CN 2017088463W WO 2017219910 A1 WO2017219910 A1 WO 2017219910A1
Authority
WO
WIPO (PCT)
Prior art keywords
vlan
virtual
port
same
mac address
Prior art date
Application number
PCT/CN2017/088463
Other languages
French (fr)
Chinese (zh)
Inventor
潘庭山
Original Assignee
中兴通讯股份有限公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 中兴通讯股份有限公司 filed Critical 中兴通讯股份有限公司
Publication of WO2017219910A1 publication Critical patent/WO2017219910A1/en

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L45/00Routing or path finding of packets in data switching networks
    • H04L45/74Address processing for routing
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L45/00Routing or path finding of packets in data switching networks
    • H04L45/32Flooding
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L49/00Packet switching elements
    • H04L49/35Switches specially adapted for specific applications
    • H04L49/354Switches specially adapted for specific applications for supporting virtual local area networks [VLAN]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/10Network architectures or network communication protocols for network security for controlling access to devices or network resources
    • H04L63/101Access control lists [ACL]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L12/00Data switching networks
    • H04L12/28Data switching networks characterised by path configuration, e.g. LAN [Local Area Networks] or WAN [Wide Area Networks]
    • H04L12/46Interconnection of networks
    • H04L12/4641Virtual LANs, VLANs, e.g. virtual private networks [VPN]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L2101/00Indexing scheme associated with group H04L61/00
    • H04L2101/60Types of network addresses
    • H04L2101/618Details of network addresses
    • H04L2101/622Layer-2 addresses, e.g. medium access control [MAC] addresses

Definitions

  • the embodiments of the present invention relate to, but are not limited to, the field of communications, and in particular, to a method and an apparatus for translating a virtual local area network vlan.
  • VLAN Virtual Local Area Network
  • the embodiment of the invention provides a method and a device for translating a virtual local area network vlan, and enhances the vlan translation function.
  • a method for translating a virtual local area network vlan includes:
  • the switch obtains the learning content
  • the step of determining the same network side vlan corresponding to the multiple users vlan includes:
  • the switch sets the virtual interface translated by vlan in the same virtual private LAN service vpls instance
  • the virtual interface attribute of all user side ports is set to the network network attribute.
  • the method further includes:
  • the switch When transmitting the uplink data, the switch sets the virtual interface forwarded by vpls according to the physical port and the user vlan.
  • the method further includes:
  • the virtual interface forwarded by vpls is set according to the physical port and the network side vlan.
  • the vlan translation method further includes:
  • the switch When the downlink data is transmitted, the switch is redirected to the port for the traffic forwarding according to the network side vlan, the source MAC address, and the destination MAC address, where the source MAC address and the destination MAC address are obtained from the learning content.
  • a translation device of a virtual local area network vlan which is applied to a switch, comprising: an obtaining module, a determining module and a redirection module, wherein
  • the obtaining module is configured to: acquire learning content
  • the determining module is configured to: determine that the same MAC address exists in the plurality of users vlan according to the learning content, and determine the same network side vlan corresponding to the multiple users vlan;
  • the redirection module is configured to: redirect to a port for traffic forwarding according to the network side vlan, source MAC, and destination MAC.
  • the determining module is further configured to: set the virtual interface of the vlan translation in the same virtual Private LAN service vpls instance;
  • the virtual interface attribute of all user side ports is set to the network network attribute.
  • the determining module is further configured to: before the switch sets the virtual interface translated by the vlan in the same virtual private local area network service vpls instance, when the uplink data is transmitted, the vpls are forwarded according to the physical port and the user vlan. interface.
  • the determining module is further configured to: before the switch sets the virtual interface translated by the vlan in the same virtual private local area network service vpls instance, when the downlink data is transmitted, the vpls is forwarded according to the physical port and the network side vlan. Virtual interface.
  • the redirection module is further configured to: when the downlink data is transmitted, redirect to the port for traffic forwarding according to the network side vlan, the source MAC address, and the destination MAC, where the source MAC and the destination MAC address Both are obtained from the learning content.
  • the switch obtains the learning content, and determines that the same MAC address is used to learn multiple vlans according to the learning content, which may cause confusion when the data is sent, and the switch obtains the network side vlan obtained from the learning content,
  • the source MAC address and the destination MAC address are redirected to the port to accurately deliver downlink data.
  • the vlan translation function has been greatly enhanced.
  • FIG. 1 is a flow chart of a method for translating a vlan according to an embodiment of the present invention
  • FIG. 2 is a schematic diagram of a vlan translation application according to an embodiment of the present invention.
  • FIG. 3 is a schematic flowchart of data forwarding when vlan translates
  • FIG. 4 is a schematic flow chart of data forwarding during vlan translation according to an optional embodiment of the present invention.
  • FIG. 5 is a schematic flowchart of updating an ACL rule according to an optional embodiment of the present invention.
  • FIG. 6 is a structural block diagram of an apparatus of a virtual local area network vlan according to an embodiment of the present invention.
  • the first problem is that there is no problem in unicast N:1vlan translation uplink and downlink, but for unknown unicast, unknown multicast, broadcast, etc. cannot be translated. If an unknown unicast or the like is translated, there is a problem that unnecessary traffic is flooded and forwarded between the user side ports.
  • the method described in this application file can be run on a network device such as a switch. It should be noted that it is not limited to devices such as switches.
  • FIG. 1 is a flowchart of a method for translating a vlan according to an embodiment of the present invention. As shown in FIG. 1, the process includes the following steps. :
  • Step S102 the switch acquires the learning content.
  • Step S104 determining, according to the learning content, that the same MAC address is learned/present in multiple users vlan, and determining the same network side vlan corresponding to the multiple users vlan;
  • Step S106 redirecting to the port for traffic forwarding according to the network side vlan, the source MAC address, and the destination MAC address.
  • the switch obtains the learning content, and according to the learning content, it is determined that the same MAC address exists in/learns multiple users vlan, and multiple vlans are translated into one network side vlan, and the switch is based on the network side vlan, the destination MAC, and the source.
  • the MAC determines to redirect to a specific port, and implements accurate delivery when performing downlink data forwarding, which greatly enhances the vlan translation function.
  • the same network side vlan corresponding to the multiple users vlan is determined by:
  • the switch sets the virtual interface of the vlan translation to the same virtual private LAN service vpls instance.
  • the virtual interface attribute of all user-side ports is set to the network network attribute.
  • the network attribute port cannot be flooded.
  • the vlan translation method described in this embodiment is used to accurately determine the network side vlan corresponding to multiple users vlan, and the user side port is resolved when the user side vlan is translated into the network side vlan. The problem that the flooding message cannot be suppressed is saved, and unnecessary network forwarding is saved.
  • the switch sets the virtual interface forwarded by the vpls according to the physical port and the user vlan before transmitting the uplink data.
  • the switch sets the virtual interface for the vlan translation in the same virtual private local area network service vpls instance, sets the virtual interface forwarded by the vpls according to the physical port and the network side vlan when transmitting the downlink data.
  • the switch redirects to the port for traffic forwarding according to the network side vlan, the source MAC address, and the destination MAC address, where the source MAC address and the destination MAC address are obtained from the learning content.
  • the VLAN translation process is implemented by using a virtual private LAN service (vpls) model, and the vlan translation network side port is configured as a non-network attribute, and the user side is configured.
  • the port is configured as the network attribute.
  • the network attribute port cannot be flooded, and other ports can be flooded.
  • Unnecessary network traffic forwarding After the vlan translation of the vpls model, the necessary 2, 3 layer forwarding is performed.
  • Step 1 When configuring vlan translation, when transmitting uplink data, set the virtual interface forwarded by vpls according to the physical port + user vlan. When transmitting downlink data, the virtual interface is forwarded according to the physical port + network side vlan setting vpls.
  • Step 2 Set the relevant virtual interface in the same vpls instance.
  • the relevant virtual interface here refers to the uplink and downlink virtual interface described in step 1.
  • Step 3 Set the virtual interface attribute of all user-side ports to the network attribute, and the user-side ports do not need to flood each other.
  • the second problem involves detecting whether the same source mac address exists in multiple user vlans and needs to be translated to the same network side vlan. In this case, you need to add the acl rule to handle the downstream vlan translation problem.
  • Step 1 The switch chip mac learns or aging generates a message to notify the switch Central Processing Unit (CPU).
  • CPU Central Processing Unit
  • Step 2 The switch CPU enables the vlan translation according to the user vlan, and the user mac reports in multiple vlans, and records the destination mac address, the source mac, and the vlan correspondence.
  • the vlan correspondence refers to the user side vlan and the network side vlan. Correspondence).
  • step three the CPU updates the ACL rule.
  • the forwarding behavior is determined by the destination mac, the source mac, and the translated network side vlan of the user vlan, and is used for forwarding when the subsequent vlan translates the downlink forwarding.
  • the above-mentioned method steps can solve the two problems that are common to the current vlan translation technology.
  • the first one is that when the user-side vlan is translated into a network-side vlan, the user-side ports cannot suppress the flooded packets.
  • the problem is the one mentioned above; the second problem is that for the same MAC address, in multiple users vlan, it needs to be translated into a core network vlan. This vlan translation requirement cannot be forwarded correctly, that is, The above question two.
  • the vlan translation function in the related art is greatly enhanced by implementing the method steps of the present application.
  • FIG. 2 is a schematic diagram of a vlan translation application according to an embodiment of the present invention.
  • a vlan translation method is implemented on a switch chip, and ports Port 1, vlan 1, and source mac 1 need to be translated to vlan 100, and the port is 2, vlan 2 source mac 1 uplink needs to be translated to vlan 100 to go out from port 3.
  • FIG. 3 is a schematic diagram of the flow of data forwarding during vlan translation, as shown in FIG. 3, showing the vlan translation data forwarding process.
  • FIG. 4 is a schematic flowchart of data forwarding during vlan translation according to an alternative embodiment of the present invention. As shown in FIG. 4, a flow chart of performing data forwarding according to the vlan translation method of the present application is shown.
  • Step 1 Port 1+vlan 1 is set to virtual port 1, Port 2+vlan 2 is set to virtual port 2, and port 3+vlan 100 is set to virtual port 3.
  • Step 2 Set the relevant virtual ports 1, 2, and 3 to belong to vpls instance 1, and forward them in vpls instance 1.
  • Step 3 Set the attributes of virtual ports 1 and 2 to the network attribute, and virtual port 3 to the non-network attribute, so that virtual ports 1 and 2 are not flooded, and other normal flooding is not affected.
  • This part needs to detect whether there is a same source mac address, which exists in multiple user vlans, and needs to be translated to the same network side vlan scenario. In this case, you need to add the acl rule to handle the downstream vlan translation problem.
  • Step one the exchange chip mac learns to notify the switch CPU, the source mac 1, vlan 1 learned Port 1, source mac 1, vlan 2 learns to port 2.
  • the destination mac of port 1 is 101, and the destination mac of port 2 is 202.
  • Step 2 The switch CPU learns different vlans 1 and 2 according to the same source mac. At the same time, vlan 1 and 2 enable the vlan translation function, and the translated vlan is 100.
  • step three the CPU updates the ACL rule.
  • Rule 1 matches vlan100+source mac101+
  • the destination mac1 is redirected to virtual port 1, the packet is sent to port 1, and vlan is changed to 1.
  • Rule 2 matches vlan100+source mac202+
  • the destination mac 1 is redirected to virtual port 2, the message is sent to port 2, and vlan is changed to 2.
  • FIG. 5 is a schematic flowchart of updating an ACL rule according to an alternative embodiment of the present invention. As shown in FIG. 5, a detailed process of updating an ACL rule is shown.
  • the packet forwarding process is as follows.
  • Port 1 vlan 1 is mapped to virtual port 1, and then vpls mac is learned.
  • the switch searches for it and finds that virtual port 3 is forwarded.
  • Virtual port 3 corresponds to port 3 and vlan 100.
  • Port 2 vlan 2 is mapped to virtual port 2, and then vpls mac is learned.
  • the switch performs corresponding search and finds that virtual port 3 is forwarded out.
  • Virtual port 3 corresponds to port 3 and vlan 100.
  • the virtual ports 1 and 2 are flooded and will not be forwarded, or will go to virtual port 3. You can see flooding isolation to avoid unnecessary traffic forwarding.
  • Vlan100+port3 maps to virtual port 3, and then learns vpls mac.
  • the switch system performs corresponding search. At this time, the search can only go to a fixed virtual port 1 or 2, because the destination mac address, vlan, are exactly the same.
  • the ACL rule matches the source MAC address of the data packet to determine the destination virtual port of the packet. If the match criterion is 1, that is, the source mac is 101, then go to virtual port 1, and the packet is sent to port 1. The vlan is changed to 1. If the rule 2 is matched, the packet is sent to virtual port 2, and the packet is sent to Port 2, vlan is changed to 2.
  • the same mac address is implemented, coexisting in multiple users vlan, and when translated to a network side vlan, when forwarding downlink data, accurate forwarding can be performed.
  • the method according to the above embodiment can be implemented by means of software plus a necessary general hardware platform, and of course It can be done through hardware, but in many cases the former is a better implementation.
  • the technical solution of the present invention which is essential or contributes to the prior art, may be embodied in the form of a software product stored in a storage medium (such as ROM/RAM, disk,
  • the optical disc includes a number of instructions for causing a terminal device (which may be a mobile phone, a computer, a server, or a network device, etc.) to perform the method of various embodiments of the present invention.
  • a device for a virtual local area network is also provided, which is applied to a switch.
  • the device is used to implement the foregoing embodiments and preferred embodiments, and details are not described herein.
  • the term "module” may implement a combination of software and/or hardware of a predetermined function.
  • the apparatus described in the following embodiments is preferably implemented in software, hardware, or a combination of software and hardware, is also possible and contemplated.
  • FIG. 6 is a structural block diagram of an apparatus for a virtual local area network vlan according to an embodiment of the present invention. As shown in FIG. 6, the apparatus includes:
  • the obtaining module 62 is configured to: acquire learning content
  • the determining module 64 is connected to the obtaining module 62, and is configured to: determine, according to the learning content, that the same MAC address is learned/present in the plurality of users vlan, and determine the same network side vlan corresponding to the plurality of users vlan;
  • the redirection module 66 is connected to the determining module 64 and configured to: redirect to the port for traffic forwarding according to the network side vlan, the source MAC, and the destination MAC.
  • the determining module 64 is further configured to: set the virtual interface related to the vlan translation in the same virtual private local area network service vpls instance;
  • the determining module 64 is further configured to: before the switch sets the virtual interface related to the vlan translation in the same virtual private local area network service vpls instance, when the uplink data is transmitted, the vpls is forwarded according to the physical port and the user vlan. Virtual interface.
  • the determining module 64 is further configured to: before the switch sets the virtual interface related to the vlan translation in the same virtual private local area network service vpls instance, when transmitting the downlink data, According to the physical port and the network side vlan, the virtual interface forwarded by vpls is set.
  • the redirection module 66 is further configured to: when the downlink data is transmitted, redirect to the port used for traffic forwarding according to the network side vlan, the source MAC address, and the destination MAC, where the source MAC address and the destination MAC address are both Get it from the learning content.
  • each of the above modules may be implemented by software or hardware.
  • the foregoing may be implemented by, but not limited to, the foregoing modules are all located in the same processor; or, the above modules are in any combination.
  • the forms are located in different processors.
  • Embodiments of the present invention also provide a storage medium.
  • the foregoing storage medium may be configured to store program code for performing the following steps:
  • the foregoing storage medium may include, but not limited to, a USB flash drive, a Read-Only Memory (ROM), a Random Access Memory (RAM), a mobile hard disk, and a magnetic memory.
  • ROM Read-Only Memory
  • RAM Random Access Memory
  • a mobile hard disk e.g., a hard disk
  • magnetic memory e.g., a hard disk
  • the processor executes the method steps described in the foregoing embodiments according to the stored program code in the storage medium.
  • the embodiment of the invention also discloses a computer program, comprising program instructions, which when executed by a computer, enable the computer to execute any of the above-mentioned vlan translation methods.
  • the embodiment of the invention also discloses a carrier carrying the computer program.
  • computer storage medium includes volatile and nonvolatile, implemented in any method or technology for storing information, such as computer readable instructions, data structures, program modules or other data. Sex, removable and non-removable media.
  • Computer storage media includes, but is not limited to, RAM, ROM, EEPROM, flash memory or other memory technology, CD-ROM, digital versatile disc (DVD) or other optical disc storage, magnetic cartridge, magnetic tape, magnetic disk storage or other magnetic storage device, or may Any other medium used to store the desired information and that can be accessed by the computer.
  • communication media typically includes computer readable instructions, data structures, program modules, or other data in a modulated data signal, such as a carrier wave or other transport mechanism, and can include any information delivery media. .
  • the switch obtains the learning content, and determines that the same MAC address is used to learn multiple vlans according to the learning content, which may cause confusion when the data is sent, and the switch obtains the network side vlan obtained from the learning content,
  • the source MAC address and the destination MAC address are redirected to the port to accurately deliver downlink data.
  • the vlan translation function has been greatly enhanced. Therefore, the application has strong industrial applicability.

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Hardware Design (AREA)
  • Computer Security & Cryptography (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)

Abstract

Provided are a translation method and apparatus for a virtual local area network (vlan). The method comprises: a switch obtains learning content; determine, according to the learning content, that a same MAC address is learnt into multiple user vlans, and determines a same network side vlan corresponding to the multiple user vlans; and redirect to a traffic forwarding port according to the network side vlan, a source MAC and a destination MAC.

Description

虚拟局域网vlan的翻译方法及装置Method and device for translating virtual local area network vlan 技术领域Technical field
本发明实施例涉及但不限于通信领域,具体而言,涉及一种虚拟局域网vlan的翻译方法及装置。The embodiments of the present invention relate to, but are not limited to, the field of communications, and in particular, to a method and an apparatus for translating a virtual local area network vlan.
背景技术Background technique
目前,虚拟局域网(Virtual Local Area Network,简称为vlan)技术已经得到广泛运用,其中每个网络内只有4k数量的vlan,从而引出了vlan翻译的技术概念,被广大运营商所青睐,vlan翻译能够将用户侧vlan根据需求进行划分,汇总成一个网络侧vlan ID(身份认证,Identification)进入运营商网络。At present, Virtual Local Area Network (VLAN) technology has been widely used, and there are only 4k vlans in each network, which leads to the technical concept of vlan translation, which is favored by operators, vlan translation can The user-side vlan is divided into a network-side vlan ID (identification) to enter the carrier network.
基于上述技术,存在将用户侧多个vlan在一个设备上面转换为网络侧一个vlan的需求,通俗讲就是vlan的N:1翻译问题。目前不少厂商的设备都已经支持了N:1vlan翻译问题。Based on the above technology, there is a need to convert multiple vlans on the user side into one vlan on the network side, which is a vlan N:1 translation problem. At present, many manufacturers' devices have already supported the N:1vlan translation problem.
发明内容Summary of the invention
以下是对本文详细描述的主题的概述,本概述并非是为了限制权利要求的保护范围。The following is a summary of the subject matter described in detail herein, and is not intended to limit the scope of the claims.
本发明实施例提供了一种虚拟局域网vlan的翻译方法及装置,增强了vlan翻译功能。The embodiment of the invention provides a method and a device for translating a virtual local area network vlan, and enhances the vlan translation function.
本发明实施例采用了如下技术方案:The embodiment of the invention adopts the following technical solutions:
一种虚拟局域网vlan的翻译方法,包括:A method for translating a virtual local area network vlan includes:
交换机获取学习内容;The switch obtains the learning content;
依据所述学习内容确定存在同一MAC地址学习到多个用户vlan内,以及确定所述多个用户vlan对应的同一网络侧vlan;Determining, by the learning content, that the same MAC address is learned in the plurality of users vlan, and determining that the plurality of users vlan correspond to the same network side vlan;
依据所述网络侧vlan、源MAC和目的MAC重定向到用于流量转发的 端口。Redirecting to the network side vlan, source MAC, and destination MAC for traffic forwarding port.
其中,所述确定所述多个用户vlan对应的同一网络侧vlan的步骤包括:The step of determining the same network side vlan corresponding to the multiple users vlan includes:
交换机将vlan翻译的虚接口设置在同一个虚拟专用局域网业务vpls实例中;The switch sets the virtual interface translated by vlan in the same virtual private LAN service vpls instance;
在所述vpls实例中,将所有用户侧端口的虚接口属性设置为网络network属性。In the vpls instance, the virtual interface attribute of all user side ports is set to the network network attribute.
其中,在所述交换机将vlan翻译的虚接口设置在同一个虚拟专用局域网业务vpls实例中的步骤之前,所述方法还包括:Before the step of setting the virtual interface of the vlan translation in the same virtual private local area network service vpls instance, the method further includes:
所述交换机在传输上行数据时,依据物理端口和所述用户vlan设置vpls转发的虚接口。When transmitting the uplink data, the switch sets the virtual interface forwarded by vpls according to the physical port and the user vlan.
其中,在所述交换机将vlan翻译的虚接口设置在同一个虚拟专用局域网业务vpls实例中的步骤之前,所述方法还包括:Before the step of setting the virtual interface of the vlan translation in the same virtual private local area network service vpls instance, the method further includes:
在传输下行数据时,依据物理端口和所述网络侧vlan设置vpls转发的虚接口。When transmitting downlink data, the virtual interface forwarded by vpls is set according to the physical port and the network side vlan.
所述的vlan的翻译方法还包括:The vlan translation method further includes:
交换机在下行数据传输时,依据所述网络侧vlan、源MAC和目的MAC重定向到用于流量转发的端口,其中,所述源MAC和所述目的MAC均从所述学习内容中获取。When the downlink data is transmitted, the switch is redirected to the port for the traffic forwarding according to the network side vlan, the source MAC address, and the destination MAC address, where the source MAC address and the destination MAC address are obtained from the learning content.
一种虚拟局域网vlan的翻译装置,应用于交换机,包括:获取模块、确定模块和重定向模块,其中A translation device of a virtual local area network vlan, which is applied to a switch, comprising: an obtaining module, a determining module and a redirection module, wherein
所述获取模块设置成:获取学习内容;The obtaining module is configured to: acquire learning content;
所述确定模块设置成:依据所述学习内容确定存在同一MAC地址学习到多个用户vlan内,以及确定所述多个用户vlan对应的同一网络侧vlan;The determining module is configured to: determine that the same MAC address exists in the plurality of users vlan according to the learning content, and determine the same network side vlan corresponding to the multiple users vlan;
所述重定向模块设置成:依据所述网络侧vlan、源MAC和目的MAC重定向到用于流量转发的端口。The redirection module is configured to: redirect to a port for traffic forwarding according to the network side vlan, source MAC, and destination MAC.
其中,所述确定模块还设置成:将vlan翻译的虚接口设置在同一个虚拟 专用局域网业务vpls实例中;The determining module is further configured to: set the virtual interface of the vlan translation in the same virtual Private LAN service vpls instance;
在所述vpls实例中,将所有用户侧端口的虚接口属性设置为网络network属性。In the vpls instance, the virtual interface attribute of all user side ports is set to the network network attribute.
其中,所述确定模块还设置成:在交换机将vlan翻译的虚接口设置在同一个虚拟专用局域网业务vpls实例中之前,在传输上行数据时,依据物理端口和所述用户vlan设置vpls转发的虚接口。The determining module is further configured to: before the switch sets the virtual interface translated by the vlan in the same virtual private local area network service vpls instance, when the uplink data is transmitted, the vpls are forwarded according to the physical port and the user vlan. interface.
其中,所述确定模块还设置成:在交换机将vlan翻译的虚接口设置在同一个虚拟专用局域网业务vpls实例中之前,在传输下行数据时,依据物理端口和所述网络侧vlan设置vpls转发的虚接口。The determining module is further configured to: before the switch sets the virtual interface translated by the vlan in the same virtual private local area network service vpls instance, when the downlink data is transmitted, the vpls is forwarded according to the physical port and the network side vlan. Virtual interface.
其中,所述重定向模块还设置成:在下行数据传输时,依据所述网络侧vlan、源MAC和目的MAC重定向到用于流量转发的端口,其中,所述源MAC和所述目的MAC均从所述学习内容中获取。The redirection module is further configured to: when the downlink data is transmitted, redirect to the port for traffic forwarding according to the network side vlan, the source MAC address, and the destination MAC, where the source MAC and the destination MAC address Both are obtained from the learning content.
通过上述技术方案,交换机获取学习内容,依据该学习内容确定存在同一MAC地址学习到多个vlan的情况下,有可能导致数据下发时混乱,交换机依据从学习内容中获取到的网络侧vlan、源MAC和目的MAC重定向到端口,准确下发下行数据。极大增强了vlan翻译功能。According to the foregoing technical solution, the switch obtains the learning content, and determines that the same MAC address is used to learn multiple vlans according to the learning content, which may cause confusion when the data is sent, and the switch obtains the network side vlan obtained from the learning content, The source MAC address and the destination MAC address are redirected to the port to accurately deliver downlink data. The vlan translation function has been greatly enhanced.
在阅读并理解了附图和详细描述后,可以明白其他方面。Other aspects will be apparent upon reading and understanding the drawings and detailed description.
附图概述BRIEF abstract
此处所说明的附图用来提供对本发明的进一步理解,构成本申请的一部分,本发明的示意性实施例及其说明用于解释本发明,并不构成对本发明的不当限定。在附图中:The drawings described herein are intended to provide a further understanding of the invention, and are intended to be a part of the invention. In the drawing:
图1是根据本发明实施例的一种vlan的翻译方法的流程图;1 is a flow chart of a method for translating a vlan according to an embodiment of the present invention;
图2是根据本发明实施例的vlan翻译应用示意图;2 is a schematic diagram of a vlan translation application according to an embodiment of the present invention;
图3是vlan翻译时数据转发时的流程示意图;FIG. 3 is a schematic flowchart of data forwarding when vlan translates;
图4是根据本发明可选实施例的vlan翻译时数据转发的流程示意图;4 is a schematic flow chart of data forwarding during vlan translation according to an optional embodiment of the present invention;
图5是根据本发明可选实施例的更新ACL规则的流程示意图; FIG. 5 is a schematic flowchart of updating an ACL rule according to an optional embodiment of the present invention; FIG.
图6是根据本发明实施例的虚拟局域网vlan的装置的结构框图。FIG. 6 is a structural block diagram of an apparatus of a virtual local area network vlan according to an embodiment of the present invention.
详述Detailed
以下是对本文详细描述的主题的概述。本概述并非是为了限制权利要求的保护范围。The following is an overview of the topics detailed in this document. This Summary is not intended to limit the scope of the claims.
下文中将参考附图并结合实施例来详细说明本发明。需要说明的是,在不冲突的情况下,本申请中的实施例及实施例中的特征可以相互组合。The invention will be described in detail below with reference to the drawings in conjunction with the embodiments. It should be noted that the embodiments in the present application and the features in the embodiments may be combined with each other without conflict.
需要说明的是,本发明的说明书和权利要求书及上述附图中的术语“第一”、“第二”等是用于区别类似的对象,而不必用于描述特定的顺序或先后次序。It is to be understood that the terms "first", "second" and the like in the specification and claims of the present invention are used to distinguish similar objects, and are not necessarily used to describe a particular order or order.
虽然目前不少厂商的设备都已经支持了N:1vlan翻译问题,但是都存在以下两个实现缺陷。Although many manufacturers' devices already support the N:1vlan translation problem, they all have the following two implementation flaws.
问题一,已知单播N:1vlan翻译上下行都没有问题,但是对于未知单播,未知组播,广播等无法进行翻译。如果对未知单播等进行翻译,存在用户侧端口之间不必要的流量洪泛转发的问题。The first problem is that there is no problem in unicast N:1vlan translation uplink and downlink, but for unknown unicast, unknown multicast, broadcast, etc. cannot be translated. If an unknown unicast or the like is translated, there is a problem that unnecessary traffic is flooded and forwarded between the user side ports.
问题二,对于同样的媒体介入控制层(Media Access Control,简称为MAC)地址,在多个用户vlan里面,都需要翻译成一个网络侧vlan,这种需求下行转发无法实现,而国内运营商不止一次对于设备厂商提出类似实现需求,但是几家主流设备厂商都无法支持。Question 2: For the same media access control layer (MAC) address, in multiple users vlan, it needs to be translated into a network side vlan. This kind of demand downlink forwarding cannot be realized, and domestic operators are not only A similar implementation requirement for device vendors was made, but several mainstream device vendors could not support it.
实施例1Example 1
本申请文件中记载的方法可以运行于交换机等网络设备,需要指出的是,不局限于交换机等设备。The method described in this application file can be run on a network device such as a switch. It should be noted that it is not limited to devices such as switches.
在本实施例中提供了一种运行于交换机的虚拟局域网vlan的翻译方法,图1是根据本发明实施例的一种vlan的翻译方法的流程图,如图1所示,该流程包括如下步骤:In this embodiment, a method for translating a virtual local area network vlan running on a switch is provided. FIG. 1 is a flowchart of a method for translating a vlan according to an embodiment of the present invention. As shown in FIG. 1, the process includes the following steps. :
步骤S102,交换机获取学习内容;Step S102, the switch acquires the learning content.
步骤S104,依据该学习内容确定存在同一MAC地址学习到/存在于多个用户vlan内,以及确定该多个用户vlan对应的同一网络侧vlan; Step S104, determining, according to the learning content, that the same MAC address is learned/present in multiple users vlan, and determining the same network side vlan corresponding to the multiple users vlan;
步骤S106,依据该网络侧vlan、源MAC和目的MAC重定向到用于流量转发的端口。Step S106, redirecting to the port for traffic forwarding according to the network side vlan, the source MAC address, and the destination MAC address.
通过上述步骤,交换机获取学习内容,依据该学习内容确定存在同一MAC地址存在于/学习到多个用户vlan中,将多个vlan翻译成一个网络侧vlan,交换机依据网络侧vlan、目的MAC和源MAC确定重定向到具体端口,在进行下行数据转发时,实现了精确下发,极大增强了vlan翻译功能。Through the above steps, the switch obtains the learning content, and according to the learning content, it is determined that the same MAC address exists in/learns multiple users vlan, and multiple vlans are translated into one network side vlan, and the switch is based on the network side vlan, the destination MAC, and the source. The MAC determines to redirect to a specific port, and implements accurate delivery when performing downlink data forwarding, which greatly enhances the vlan translation function.
可选地,通过以下方式确定该多个用户vlan对应的同一网络侧vlan:Optionally, the same network side vlan corresponding to the multiple users vlan is determined by:
交换机将有关vlan翻译的虚接口设置在同一个虚拟专用局域网业务vpls实例中;在该vpls实例中,将所有用户侧端口的虚接口属性设置为网络network属性。Network属性端口之间不能洪泛,采用本实施例记载的vlan翻译方法,精准的确定了多个用户vlan对应的网络侧vlan,解决了用户侧vlan翻译成网络侧vlan的时候,用户侧端口之间对于洪泛报文无法抑制的问题,节省了不必要的网络转发。The switch sets the virtual interface of the vlan translation to the same virtual private LAN service vpls instance. In the vpls instance, the virtual interface attribute of all user-side ports is set to the network network attribute. The network attribute port cannot be flooded. The vlan translation method described in this embodiment is used to accurately determine the network side vlan corresponding to multiple users vlan, and the user side port is resolved when the user side vlan is translated into the network side vlan. The problem that the flooding message cannot be suppressed is saved, and unnecessary network forwarding is saved.
可选地,在交换机将有关vlan翻译的虚接口设置在同一个虚拟专用局域网业务vpls实例中之前,该交换机在传输上行数据时,依据物理端口和该用户vlan设置vpls转发的虚接口。Optionally, before the switch sets the virtual interface related to the vlan translation in the same virtual private local area network service vpls instance, the switch sets the virtual interface forwarded by the vpls according to the physical port and the user vlan before transmitting the uplink data.
可选地,在交换机将有关vlan翻译的虚接口设置在同一个虚拟专用局域网业务vpls实例中之前,该交换机在传输下行数据时,依据物理端口和该网络侧vlan设置vpls转发的虚接口。Optionally, before the switch sets the virtual interface for the vlan translation in the same virtual private local area network service vpls instance, the switch sets the virtual interface forwarded by the vpls according to the physical port and the network side vlan when transmitting the downlink data.
可选地,交换机在下行数据传输时,依据该网络侧vlan、源MAC和目的MAC重定向到用于流量转发的端口,其中,该源MAC和该目的MAC均从该学习内容中获取。Optionally, the switch redirects to the port for traffic forwarding according to the network side vlan, the source MAC address, and the destination MAC address, where the source MAC address and the destination MAC address are obtained from the learning content.
在本发明的可选实施例中,采用以下技术方案,VLAN翻译流程采用虚拟专用局域网业务(Virtual Private Lan Service,简称为vpls)模型进行实现,vlan翻译网络侧端口配置为非network属性,用户侧端口配置为network属性。Network属性端口之间不能洪泛,其它端口之间都可以洪泛,这样就解决了vlan翻译对于知单播,未知组播,广播等报文转发的用户侧端口不必要洪泛的问题,节省了不必要的网络流量转发。经过vpls模型进行vlan翻译后,进行必要的2,3层转发。 In an optional embodiment of the present invention, the following technical solution is adopted, and the VLAN translation process is implemented by using a virtual private LAN service (vpls) model, and the vlan translation network side port is configured as a non-network attribute, and the user side is configured. The port is configured as the network attribute. The network attribute port cannot be flooded, and other ports can be flooded. This solves the problem that the vlan translation does not need to flood the user-side port for unicast, unknown multicast, and broadcast packets. Unnecessary network traffic forwarding. After the vlan translation of the vpls model, the necessary 2, 3 layer forwarding is performed.
目前还存在一个问题,对于同样的MAC地址,在多个用户vlan里面,都需要翻译成同一个网络vlan这种需求下行转发无法实现,也就是同一个mac,学习到多个用户vlan里面,同时需要翻译成网络侧vlan的情况无法实现,为此,需要在交换设备内部增加特殊处理,比如在访问控制列表(Access Control Lists,简称为ACL)环节增加一个针对这种问题的修正处理环节,通过匹配目的mac(下行的目的mac是用户mac),网络测vlan,和源mac(网络侧设备的mac)设置ACL规则,索引到出端口和最终翻译后的用户vlan。At present, there is still a problem. For the same MAC address, in multiple users vlan, it needs to be translated into the same network vlan. The downstream forwarding cannot be realized, that is, the same mac, learning multiple users vlan, at the same time The situation that needs to be translated into the network side vlan cannot be implemented. To this end, special processing needs to be added to the switching device. For example, in the Access Control Lists (ACL), a correction processing link for this problem is added. Match the destination mac (the destination MAC is the user mac), the network test vlan, and the source mac (the network side device mac) to set the ACL rule, index to the outbound port and the final translated user vlan.
本申请文件解决了上述两个技术问题,下面进行详细描述。This application file solves the above two technical problems and is described in detail below.
针对上述的第一个问题,采用如下技术方案:For the first problem mentioned above, the following technical solutions are adopted:
步骤一,配置vlan翻译的时候,在传输上行数据时,根据物理端口+用户vlan设置vpls转发的虚接口。在传输下行数据时,根据物理端口+网络侧vlan设置vpls转发虚接口。Step 1: When configuring vlan translation, when transmitting uplink data, set the virtual interface forwarded by vpls according to the physical port + user vlan. When transmitting downlink data, the virtual interface is forwarded according to the physical port + network side vlan setting vpls.
步骤二,设置相关虚接口在同一个vpls实例里面。Step 2: Set the relevant virtual interface in the same vpls instance.
此处的相关虚接口指的是步骤一里面描述的上下行虚接口。The relevant virtual interface here refers to the uplink and downlink virtual interface described in step 1.
步骤三,设置所有用户侧端口的虚接口属性为network属性,用户侧端口不需要进行相互洪泛。Step 3: Set the virtual interface attribute of all user-side ports to the network attribute, and the user-side ports do not need to flood each other.
针对上述的第二个问题:For the second question above:
第二个问题涉及到检测是否存在同一个源mac地址,存在于多个用户vlan里面,同时需要翻译到同一个网络侧vlan的场景。此时需要添加acl规则处理下行vlan翻译问题。The second problem involves detecting whether the same source mac address exists in multiple user vlans and needs to be translated to the same network side vlan. In this case, you need to add the acl rule to handle the downstream vlan translation problem.
步骤一,交换芯片mac学习或者老化产生消息通知交换机中央处理器(Central Processing Unit,简称为CPU)。Step 1: The switch chip mac learns or aging generates a message to notify the switch Central Processing Unit (CPU).
步骤二,交换机CPU根据用户vlan是否使能了vlan翻译,同时用户mac在多个vlan内上报,记录目的mac地址,源mac,vlan的对应关系(vlan对应关系指用户侧vlan和网络侧的vlan的对应关系)。Step 2: The switch CPU enables the vlan translation according to the user vlan, and the user mac reports in multiple vlans, and records the destination mac address, the source mac, and the vlan correspondence. The vlan correspondence refers to the user side vlan and the network side vlan. Correspondence).
步骤三,CPU更新ACL规则。通过目的mac,源mac和用户vlan翻译后的网络侧vlan,来决定转发行为,用于后续vlan翻译下行转发时按需进行转发。 In step three, the CPU updates the ACL rule. The forwarding behavior is determined by the destination mac, the source mac, and the translated network side vlan of the user vlan, and is used for forwarding when the subsequent vlan translates the downlink forwarding.
通过上述方法步骤,可以解决目前vlan翻译技术普遍存在的两个问题:第一个就是多个用户侧vlan翻译成一个网络侧vlan的时候,用户侧端口之间对于洪泛报文无法抑制的问题,也就是上面提到的问题一;第二个问题就是对于同样的MAC地址,在多个用户vlan里面,都需要翻译成一个核心网络vlan,这种vlan翻译需求下行转发无法正确转发,也就是上述问题二。通过实施本申请文件的方法步骤极大的增强了相关技术中vlan翻译功能。The above-mentioned method steps can solve the two problems that are common to the current vlan translation technology. The first one is that when the user-side vlan is translated into a network-side vlan, the user-side ports cannot suppress the flooded packets. The problem is the one mentioned above; the second problem is that for the same MAC address, in multiple users vlan, it needs to be translated into a core network vlan. This vlan translation requirement cannot be forwarded correctly, that is, The above question two. The vlan translation function in the related art is greatly enhanced by implementing the method steps of the present application.
以下是根据本发明可选实施例的具体实施方式The following is a specific embodiment in accordance with an alternative embodiment of the present invention.
图2是根据本发明实施例的vlan翻译应用示意图,如图2所示,在交换芯片上实现一种vlan翻译方法,端口Port 1、vlan 1、源mac 1上行需要翻译到vlan 100,且Port 2,vlan 2源mac 1上行需要翻译到vlan 100从port 3出去。2 is a schematic diagram of a vlan translation application according to an embodiment of the present invention. As shown in FIG. 2, a vlan translation method is implemented on a switch chip, and ports Port 1, vlan 1, and source mac 1 need to be translated to vlan 100, and the port is 2, vlan 2 source mac 1 uplink needs to be translated to vlan 100 to go out from port 3.
图3是vlan翻译时数据转发时的流程示意图,如图3所示,展示了vlan翻译数据转发流程。FIG. 3 is a schematic diagram of the flow of data forwarding during vlan translation, as shown in FIG. 3, showing the vlan translation data forwarding process.
图4是根据本发明可选实施例的vlan翻译时数据转发的流程示意图,如图4所示,展示了依据本申请文件的vlan翻译方法在进行数据转发时的流程图。FIG. 4 is a schematic flowchart of data forwarding during vlan translation according to an alternative embodiment of the present invention. As shown in FIG. 4, a flow chart of performing data forwarding according to the vlan translation method of the present application is shown.
针对上述两个技术问题的第一个技术问题的具体实施方式如下:The specific implementation of the first technical problem for the above two technical problems is as follows:
步骤一,Port 1+vlan 1设置为虚端口1,Port 2+vlan 2设置为虚端口2,port 3+vlan 100设置为虚端口3。Step 1: Port 1+vlan 1 is set to virtual port 1, Port 2+vlan 2 is set to virtual port 2, and port 3+vlan 100 is set to virtual port 3.
步骤二,设置相关虚端口1,2,3都属于vpls实例1,在vpls实例1里面进行转发。Step 2: Set the relevant virtual ports 1, 2, and 3 to belong to vpls instance 1, and forward them in vpls instance 1.
步骤三,设置虚端口1和2的属性为network属性,虚端口3为非network属性,这样虚端口1,2之间不会洪泛,其它正常的洪泛不受影响。Step 3: Set the attributes of virtual ports 1 and 2 to the network attribute, and virtual port 3 to the non-network attribute, so that virtual ports 1 and 2 are not flooded, and other normal flooding is not affected.
针对上述两个技术问题的第二个技术问题,具体实施方式如下:For the second technical problem of the above two technical problems, the specific implementation manner is as follows:
这一部分需要检测是否存在同一个源mac地址,存在于多个用户vlan里面,同时需要翻译到同一个网络侧vlan的场景。此时需要添加acl规则处理下行vlan翻译问题。This part needs to detect whether there is a same source mac address, which exists in multiple user vlans, and needs to be translated to the same network side vlan scenario. In this case, you need to add the acl rule to handle the downstream vlan translation problem.
步骤一,交换芯片mac学习通知交换机CPU,源mac 1,vlan 1学习到 端口1,源mac 1,vlan 2学习到端口2。同时可以知道端口1的目的mac为101,端口2的目的mac为202。Step one, the exchange chip mac learns to notify the switch CPU, the source mac 1, vlan 1 learned Port 1, source mac 1, vlan 2 learns to port 2. At the same time, it can be known that the destination mac of port 1 is 101, and the destination mac of port 2 is 202.
步骤二,交换机CPU根据发现同样的源mac,学习到了不同的vlan 1和2中,同时vlan 1和2又使能了vlan翻译功能,翻译后的vlan为100。Step 2: The switch CPU learns different vlans 1 and 2 according to the same source mac. At the same time, vlan 1 and 2 enable the vlan translation function, and the translated vlan is 100.
步骤三,CPU更新ACL规则。规则1匹配vlan100+源mac101+目的mac1重定向到虚端口1,报文会被发送到port 1,同时vlan修改为1。规则2匹配vlan100+源mac202+目的mac 1重定向到虚端口2,报文会被发送到port 2,同时vlan修改为2。图5是根据本发明可选实施例的更新ACL规则的流程示意图,如图5所示,展示了更新ACL规则的详细流程。In step three, the CPU updates the ACL rule. Rule 1 matches vlan100+source mac101+ The destination mac1 is redirected to virtual port 1, the packet is sent to port 1, and vlan is changed to 1. Rule 2 matches vlan100+source mac202+ The destination mac 1 is redirected to virtual port 2, the message is sent to port 2, and vlan is changed to 2. FIG. 5 is a schematic flowchart of updating an ACL rule according to an alternative embodiment of the present invention. As shown in FIG. 5, a detailed process of updating an ACL rule is shown.
在更行完ACL规则之后,报文转发流程如下。After the ACL rule is completed, the packet forwarding process is as follows.
在传输上行数据时,When transmitting upstream data,
Port 1,vlan 1映射到虚端口1,然后进行vpls mac学习,交换机进行相应查找,找到虚端口3转发出去,虚端口3对应端口3和vlan 100。 Port 1, vlan 1 is mapped to virtual port 1, and then vpls mac is learned. The switch searches for it and finds that virtual port 3 is forwarded. Virtual port 3 corresponds to port 3 and vlan 100.
Port 2,vlan 2映射到虚端口2,然后进行vpls mac学习,交换机进行相应查找,找到虚端口3转发出去,虚端口3对应端口3和vlan 100。 Port 2, vlan 2 is mapped to virtual port 2, and then vpls mac is learned. The switch performs corresponding search and finds that virtual port 3 is forwarded out. Virtual port 3 corresponds to port 3 and vlan 100.
如果上行没有找到目的mac,那么虚端口1,2之间洪泛隔离,不会转发,还是会去往虚端口3。可以看到洪泛隔离可以避免不必要的的流量转发。If the destination mac is not found on the upstream, the virtual ports 1 and 2 are flooded and will not be forwarded, or will go to virtual port 3. You can see flooding isolation to avoid unnecessary traffic forwarding.
在传输下行数据时,When transmitting downlink data,
vlan100+port3映射到虚端口3,然后进行vpls mac学习,交换机系统进行相应查找,此时查找只能去往一个固定的虚端口1或者2,那么因为目的mac地址,vlan,都是完全一样的,此时ACL规则会匹配报文根据数据报文的源mac地址来决定报文的目的虚端口。如果匹配上规则1,即源mac为101,那么就去往虚端口1,报文发往端口1,vlan修改为1,如果匹配上规则2,那么就发往虚端口2,报文发往端口2,vlan修改为2.从而实现了同样的mac地址,在多个用户vlan里面共存,而且翻译到一个网络侧vlan情况下,在传输下行数据时,可以进行精确转发。Vlan100+port3 maps to virtual port 3, and then learns vpls mac. The switch system performs corresponding search. At this time, the search can only go to a fixed virtual port 1 or 2, because the destination mac address, vlan, are exactly the same. The ACL rule matches the source MAC address of the data packet to determine the destination virtual port of the packet. If the match criterion is 1, that is, the source mac is 101, then go to virtual port 1, and the packet is sent to port 1. The vlan is changed to 1. If the rule 2 is matched, the packet is sent to virtual port 2, and the packet is sent to Port 2, vlan is changed to 2. Thus, the same mac address is implemented, coexisting in multiple users vlan, and when translated to a network side vlan, when forwarding downlink data, accurate forwarding can be performed.
通过以上的实施方式的描述,本领域的技术人员可以清楚地了解到根据上述实施例的方法可借助软件加必需的通用硬件平台的方式来实现,当然也 可以通过硬件,但很多情况下前者是更佳的实施方式。基于这样的理解,本发明的技术方案本质上或者说对现有技术做出贡献的部分可以以软件产品的形式体现出来,该计算机软件产品存储在一个存储介质(如ROM/RAM、磁碟、光盘)中,包括若干指令用以使得一台终端设备(可以是手机,计算机,服务器,或者网络设备等)执行本发明各个实施例该的方法。Through the description of the above embodiments, those skilled in the art can clearly understand that the method according to the above embodiment can be implemented by means of software plus a necessary general hardware platform, and of course It can be done through hardware, but in many cases the former is a better implementation. Based on such understanding, the technical solution of the present invention, which is essential or contributes to the prior art, may be embodied in the form of a software product stored in a storage medium (such as ROM/RAM, disk, The optical disc includes a number of instructions for causing a terminal device (which may be a mobile phone, a computer, a server, or a network device, etc.) to perform the method of various embodiments of the present invention.
实施例2Example 2
在本实施例中还提供了一种虚拟局域网vlan的装置,应用于交换机,该装置用于实现上述实施例及优选实施方式,已经进行过说明的不再赘述。如以下所使用的,术语“模块”可以实现预定功能的软件和/或硬件的组合。尽管以下实施例所描述的装置较佳地以软件来实现,但是硬件,或者软件和硬件的组合的实现也是可能并被构想的。In this embodiment, a device for a virtual local area network (WLAN) is also provided, which is applied to a switch. The device is used to implement the foregoing embodiments and preferred embodiments, and details are not described herein. As used below, the term "module" may implement a combination of software and/or hardware of a predetermined function. Although the apparatus described in the following embodiments is preferably implemented in software, hardware, or a combination of software and hardware, is also possible and contemplated.
图6是根据本发明实施例的虚拟局域网vlan的装置的结构框图,如图6所示,该装置包括:FIG. 6 is a structural block diagram of an apparatus for a virtual local area network vlan according to an embodiment of the present invention. As shown in FIG. 6, the apparatus includes:
获取模块62,设置成:获取学习内容;The obtaining module 62 is configured to: acquire learning content;
确定模块64,与获取模块62连接,设置成:依据该学习内容确定存在同一MAC地址学习到/存在于多个用户vlan内,以及确定该多个用户vlan对应的同一网络侧vlan;The determining module 64 is connected to the obtaining module 62, and is configured to: determine, according to the learning content, that the same MAC address is learned/present in the plurality of users vlan, and determine the same network side vlan corresponding to the plurality of users vlan;
重定向模块66,与确定模块64连接,设置成:依据该网络侧vlan、源MAC和目的MAC重定向到用于流量转发的端口。The redirection module 66 is connected to the determining module 64 and configured to: redirect to the port for traffic forwarding according to the network side vlan, the source MAC, and the destination MAC.
可选地,该确定模块64还设置成:将有关vlan翻译的虚接口设置在同一个虚拟专用局域网业务vpls实例中;Optionally, the determining module 64 is further configured to: set the virtual interface related to the vlan translation in the same virtual private local area network service vpls instance;
还设置成:在该vpls实例中,将所有用户侧端口的虚接口属性设置为网络network属性。It is also set to: in the vpls instance, set the virtual interface attribute of all user side ports to the network network attribute.
可选地,该确定模块64还设置成:在交换机将有关vlan翻译的虚接口设置在同一个虚拟专用局域网业务vpls实例中之前,在传输上行数据时,依据物理端口和该用户vlan设置vpls转发的虚接口。Optionally, the determining module 64 is further configured to: before the switch sets the virtual interface related to the vlan translation in the same virtual private local area network service vpls instance, when the uplink data is transmitted, the vpls is forwarded according to the physical port and the user vlan. Virtual interface.
可选地,该确定模块64还设置成:在交换机将有关vlan翻译的虚接口设置在同一个虚拟专用局域网业务vpls实例中之前,在传输下行数据时,依 据物理端口和该网络侧vlan设置vpls转发的虚接口。Optionally, the determining module 64 is further configured to: before the switch sets the virtual interface related to the vlan translation in the same virtual private local area network service vpls instance, when transmitting the downlink data, According to the physical port and the network side vlan, the virtual interface forwarded by vpls is set.
可选地,该重定向模块66还设置成:在下行数据传输时,依据该网络侧vlan、源MAC和目的MAC重定向到用于流量转发的端口,其中,该源MAC和该目的MAC均从该学习内容中获取。Optionally, the redirection module 66 is further configured to: when the downlink data is transmitted, redirect to the port used for traffic forwarding according to the network side vlan, the source MAC address, and the destination MAC, where the source MAC address and the destination MAC address are both Get it from the learning content.
需要说明的是,上述各个模块是可以通过软件或硬件来实现的,对于后者,可以通过以下方式实现,但不限于此:上述模块均位于同一处理器中;或者,上述各个模块以任意组合的形式分别位于不同的处理器中。It should be noted that each of the above modules may be implemented by software or hardware. For the latter, the foregoing may be implemented by, but not limited to, the foregoing modules are all located in the same processor; or, the above modules are in any combination. The forms are located in different processors.
实施例3Example 3
本发明的实施例还提供了一种存储介质。可选地,在本实施例中,上述存储介质可以被设置为存储用于执行以下步骤的程序代码:Embodiments of the present invention also provide a storage medium. Optionally, in the embodiment, the foregoing storage medium may be configured to store program code for performing the following steps:
S1,交换机获取学习内容;S1, the switch acquires learning content;
S2,依据该学习内容确定存在同一MAC地址学习到多个用户vlan内,以及确定该多个用户vlan对应的同一网络侧vlan;S2, determining, according to the learning content, that the same MAC address is learned in the plurality of user vlans, and determining that the plurality of users vlan correspond to the same network side vlan;
S3,依据该网络侧vlan、源MAC和目的MAC重定向到用于流量转发的端口。S3, redirecting to the port for traffic forwarding according to the network side vlan, the source MAC address, and the destination MAC address.
可选地,在本实施例中,上述存储介质可以包括但不限于:U盘、只读存储器(ROM,Read-Only Memory)、随机存取存储器(RAM,Random Access Memory)、移动硬盘、磁碟或者光盘等各种可以存储程序代码的介质。Optionally, in this embodiment, the foregoing storage medium may include, but not limited to, a USB flash drive, a Read-Only Memory (ROM), a Random Access Memory (RAM), a mobile hard disk, and a magnetic memory. A variety of media that can store program code, such as a disc or a disc.
可选地,在本实施例中,处理器根据存储介质中已存储的程序代码执行上述实施例记载的方法步骤。Optionally, in this embodiment, the processor executes the method steps described in the foregoing embodiments according to the stored program code in the storage medium.
可选地,本实施例中的具体示例可以参考上述实施例及可选实施方式中所描述的示例,本实施例在此不再赘述。For example, the specific examples in this embodiment may refer to the examples described in the foregoing embodiments and the optional embodiments, and details are not described herein again.
本发明实施例还公开了一种计算机程序,包括程序指令,当该程序指令被计算机执行时,使得该计算机可执行上述任意的vlan的翻译方法。The embodiment of the invention also discloses a computer program, comprising program instructions, which when executed by a computer, enable the computer to execute any of the above-mentioned vlan translation methods.
本发明实施例还公开了一种载有所述的计算机程序的载体。The embodiment of the invention also discloses a carrier carrying the computer program.
本领域的普通技术人员应当理解,可以对本发明的技术方案进行修改或 者等同替换,而不脱离本发明技术方案的精神和范围,均应涵盖在本发明的权利要求范围当中。Those skilled in the art should understand that the technical solutions of the present invention may be modified or The equivalents of the present invention are intended to be included in the scope of the appended claims.
本领域普通技术人员可以理解,上文中所公开方法中的全部或某些步骤、系统、装置中的功能模块/单元可以被实施为软件、固件、硬件及其适当的组合。在硬件实施方式中,在以上描述中提及的功能模块/单元之间的划分不一定对应于物理组件的划分;例如,一个物理组件可以具有多个功能,或者一个功能或步骤可以由若干物理组件合作执行。某些组件或所有组件可以被实施为由处理器,如数字信号处理器或微处理器执行的软件,或者被实施为硬件,或者被实施为集成电路,如专用集成电路。这样的软件可以分布在计算机可读介质上,计算机可读介质可以包括计算机存储介质(或非暂时性介质)和通信介质(或暂时性介质)。如本领域普通技术人员公知的,术语计算机存储介质包括在用于存储信息(诸如计算机可读指令、数据结构、程序模块或其他数据)的任何方法或技术中实施的易失性和非易失性、可移除和不可移除介质。计算机存储介质包括但不限于RAM,ROM,EEPROM、闪存或其他存储器技术、CD-ROM,数字多功能盘(DVD)或其他光盘存储、磁盒、磁带、磁盘存储或其他磁存储装置、或者可以用于存储期望的信息并且可以被计算机访问的任何其他的介质。此外,本领域普通技术人员公知的是,通信介质通常包含计算机可读指令、数据结构、程序模块或者诸如载波或其他传输机制之类的调制数据信号中的其他数据,并且可包括任何信息递送介质。Those of ordinary skill in the art will appreciate that all or some of the steps, systems, and functional blocks/units of the methods disclosed above may be implemented as software, firmware, hardware, and suitable combinations thereof. In a hardware implementation, the division between functional modules/units mentioned in the above description does not necessarily correspond to the division of physical components; for example, one physical component may have multiple functions, or one function or step may be composed of several physical The components work together. Some or all of the components may be implemented as software executed by a processor, such as a digital signal processor or microprocessor, or as hardware, or as an integrated circuit, such as an application specific integrated circuit. Such software may be distributed on a computer readable medium, which may include computer storage media (or non-transitory media) and communication media (or transitory media). As is well known to those of ordinary skill in the art, the term computer storage medium includes volatile and nonvolatile, implemented in any method or technology for storing information, such as computer readable instructions, data structures, program modules or other data. Sex, removable and non-removable media. Computer storage media includes, but is not limited to, RAM, ROM, EEPROM, flash memory or other memory technology, CD-ROM, digital versatile disc (DVD) or other optical disc storage, magnetic cartridge, magnetic tape, magnetic disk storage or other magnetic storage device, or may Any other medium used to store the desired information and that can be accessed by the computer. Moreover, it is well known to those skilled in the art that communication media typically includes computer readable instructions, data structures, program modules, or other data in a modulated data signal, such as a carrier wave or other transport mechanism, and can include any information delivery media. .
工业实用性Industrial applicability
通过上述技术方案,交换机获取学习内容,依据该学习内容确定存在同一MAC地址学习到多个vlan的情况下,有可能导致数据下发时混乱,交换机依据从学习内容中获取到的网络侧vlan、源MAC和目的MAC重定向到端口,准确下发下行数据。极大增强了vlan翻译功能。因此本申请具有很强的工业实用性。 According to the foregoing technical solution, the switch obtains the learning content, and determines that the same MAC address is used to learn multiple vlans according to the learning content, which may cause confusion when the data is sent, and the switch obtains the network side vlan obtained from the learning content, The source MAC address and the destination MAC address are redirected to the port to accurately deliver downlink data. The vlan translation function has been greatly enhanced. Therefore, the application has strong industrial applicability.

Claims (10)

  1. 一种虚拟局域网vlan的翻译方法,包括:A method for translating a virtual local area network vlan includes:
    交换机获取学习内容;The switch obtains the learning content;
    依据所述学习内容确定存在同一MAC地址学习到多个用户vlan内,以及确定所述多个用户vlan对应的同一网络侧vlan;Determining, by the learning content, that the same MAC address is learned in the plurality of users vlan, and determining that the plurality of users vlan correspond to the same network side vlan;
    依据所述网络侧vlan、源MAC和目的MAC重定向到用于流量转发的端口。Redirecting to the port for traffic forwarding according to the network side vlan, source MAC, and destination MAC.
  2. 根据权利要求1所述的vlan的翻译方法,其中,所述确定所述多个用户vlan对应的同一网络侧vlan的步骤包括:The method for translating a vlan according to claim 1, wherein the step of determining the same network side vlan corresponding to the plurality of users vlan comprises:
    交换机将vlan翻译的虚接口设置在同一个虚拟专用局域网业务vpls实例中;The switch sets the virtual interface translated by vlan in the same virtual private LAN service vpls instance;
    在所述vpls实例中,将所有用户侧端口的虚接口属性设置为网络network属性。In the vpls instance, the virtual interface attribute of all user side ports is set to the network network attribute.
  3. 根据权利要求2所述的vlan的翻译方法,其中,在所述交换机将vlan翻译的虚接口设置在同一个虚拟专用局域网业务vpls实例中的步骤之前,所述方法还包括:The method for translating a vlan according to claim 2, wherein before the step of setting the virtual interface of the vlan translation in the same virtual private local area network service vpls instance, the method further comprises:
    所述交换机在传输上行数据时,依据物理端口和所述用户vlan设置vpls转发的虚接口。When transmitting the uplink data, the switch sets the virtual interface forwarded by vpls according to the physical port and the user vlan.
  4. 根据权利要求2所述的vlan的翻译方法,其中,在所述交换机将vlan翻译的虚接口设置在同一个虚拟专用局域网业务vpls实例中的步骤之前,所述方法还包括:The method for translating a vlan according to claim 2, wherein before the step of setting the virtual interface of the vlan translation in the same virtual private local area network service vpls instance, the method further comprises:
    在传输下行数据时,依据物理端口和所述网络侧vlan设置vpls转发的虚接口。When transmitting downlink data, the virtual interface forwarded by vpls is set according to the physical port and the network side vlan.
  5. 根据权利要求1所述的vlan的翻译方法,所述方法还包括:The method for translating vlan according to claim 1, further comprising:
    交换机在下行数据传输时,依据所述网络侧vlan、源MAC和目的MAC重定向到用于流量转发的端口,其中,所述源MAC和所述目的MAC均从所述学习内容中获取。When the downlink data is transmitted, the switch is redirected to the port for the traffic forwarding according to the network side vlan, the source MAC address, and the destination MAC address, where the source MAC address and the destination MAC address are obtained from the learning content.
  6. 一种虚拟局域网vlan的翻译装置,应用于交换机,包括:获取模块、确定模块和重定向模块,其中A translation device of a virtual local area network vlan, which is applied to a switch, comprising: an obtaining module, a determining module and a redirection module, wherein
    所述获取模块设置成:获取学习内容; The obtaining module is configured to: acquire learning content;
    所述确定模块设置成:依据所述学习内容确定存在同一MAC地址学习到多个用户vlan内,以及确定所述多个用户vlan对应的同一网络侧vlan;The determining module is configured to: determine that the same MAC address exists in the plurality of users vlan according to the learning content, and determine the same network side vlan corresponding to the multiple users vlan;
    所述重定向模块设置成:依据所述网络侧vlan、源MAC和目的MAC重定向到用于流量转发的端口。The redirection module is configured to: redirect to a port for traffic forwarding according to the network side vlan, source MAC, and destination MAC.
  7. 根据权利要求6所述的vlan的翻译装置,其中,所述确定模块还设置成:将vlan翻译的虚接口设置在同一个虚拟专用局域网业务vpls实例中;The translation device of the vlan according to claim 6, wherein the determining module is further configured to: set a virtual interface of the vlan translation in the same virtual private local area network service vpls instance;
    在所述vpls实例中,将所有用户侧端口的虚接口属性设置为网络network属性。In the vpls instance, the virtual interface attribute of all user side ports is set to the network network attribute.
  8. 根据权利要求7所述的vlan的翻译装置,其中,所述确定模块还设置成:在交换机将vlan翻译的虚接口设置在同一个虚拟专用局域网业务vpls实例中之前,在传输上行数据时,依据物理端口和所述用户vlan设置vpls转发的虚接口。The translation device of the vlan according to claim 7, wherein the determining module is further configured to: when the switch sets the virtual interface of the vlan translation in the same virtual private local area network service vpls instance, when transmitting the uplink data, The physical port and the user vlan set the virtual interface forwarded by vpls.
  9. 根据权利要求7所述的vlan的翻译装置,其中,所述确定模块还设置成:在交换机将vlan翻译的虚接口设置在同一个虚拟专用局域网业务vpls实例中之前,在传输下行数据时,依据物理端口和所述网络侧vlan设置vpls转发的虚接口。The translation device of the vlan according to claim 7, wherein the determining module is further configured to: when the switch sets the virtual interface of the vlan translation in the same virtual private local area network service vpls instance, when transmitting the downlink data, The physical port and the network side vlan set the virtual interface forwarded by vpls.
  10. 根据权利要求6所述的vlan的翻译装置,其中,所述重定向模块还设置成:在下行数据传输时,依据所述网络侧vlan、源MAC和目的MAC重定向到用于流量转发的端口,其中,所述源MAC和所述目的MAC均从所述学习内容中获取。 The translation device of the vlan according to claim 6, wherein the redirection module is further configured to: when the downlink data transmission is performed, redirect to the port for traffic forwarding according to the network side vlan, the source MAC address, and the destination MAC address. The source MAC and the destination MAC are both obtained from the learning content.
PCT/CN2017/088463 2016-06-21 2017-06-15 Translation method and apparatus for virtual local area network (vlan) WO2017219910A1 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
CN201610451979.3 2016-06-21
CN201610451979.3A CN107528780A (en) 2016-06-21 2016-06-21 VLAN vlan interpretation method and device

Publications (1)

Publication Number Publication Date
WO2017219910A1 true WO2017219910A1 (en) 2017-12-28

Family

ID=60735118

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2017/088463 WO2017219910A1 (en) 2016-06-21 2017-06-15 Translation method and apparatus for virtual local area network (vlan)

Country Status (2)

Country Link
CN (1) CN107528780A (en)
WO (1) WO2017219910A1 (en)

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101409685A (en) * 2008-12-01 2009-04-15 杭州华三通信技术有限公司 Forwarding method based on virtual LAN mapping and access equipment
CN101707562A (en) * 2009-11-27 2010-05-12 中兴通讯股份有限公司 Method and device for realizing access of virtual local area network (VLAN) stacking in virtual private wire service (VPWS)
US7796593B1 (en) * 2007-12-21 2010-09-14 Juniper Networks, Inc. Router using internal flood groups for flooding VPLS traffic
CN102355410A (en) * 2011-08-17 2012-02-15 杭州依赛通信有限公司 Pseudo-wire labeling method for MPLS (Multiple Protocol Label Switching) network virtual exchange embodiment
CN102811173A (en) * 2012-07-26 2012-12-05 杭州华三通信技术有限公司 Media access control (MAC) address learning method and equipment

Family Cites Families (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN100502354C (en) * 2005-07-29 2009-06-17 华为技术有限公司 Data message transmission method and Ethernet bridge apparatus based on VLAN
JP5328622B2 (en) * 2009-12-04 2013-10-30 日立電線株式会社 Switching hub, frame relay method, and network relay device
US8659993B2 (en) * 2012-05-04 2014-02-25 Extreme Networks, Inc. Priority domains for protection switching processes

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US7796593B1 (en) * 2007-12-21 2010-09-14 Juniper Networks, Inc. Router using internal flood groups for flooding VPLS traffic
CN101409685A (en) * 2008-12-01 2009-04-15 杭州华三通信技术有限公司 Forwarding method based on virtual LAN mapping and access equipment
CN101707562A (en) * 2009-11-27 2010-05-12 中兴通讯股份有限公司 Method and device for realizing access of virtual local area network (VLAN) stacking in virtual private wire service (VPWS)
CN102355410A (en) * 2011-08-17 2012-02-15 杭州依赛通信有限公司 Pseudo-wire labeling method for MPLS (Multiple Protocol Label Switching) network virtual exchange embodiment
CN102811173A (en) * 2012-07-26 2012-12-05 杭州华三通信技术有限公司 Media access control (MAC) address learning method and equipment

Also Published As

Publication number Publication date
CN107528780A (en) 2017-12-29

Similar Documents

Publication Publication Date Title
US7948993B2 (en) Address resolution optimization procedure to effect a gradual cutover from a provider bridge network to a VPLS or provider backbone bridging network
US8730956B2 (en) Pay-as-you-grow gradual cutover method to scale a provider bridge network to a VPLS or provider backbone bridging network
US9537793B2 (en) Ensuring any-to-any reachability with opportunistic layer 3 forwarding in massive scale data center environments
WO2016101646A1 (en) Access method and apparatus for ethernet virtual network
US10505759B2 (en) Access layer-2 virtual private network from layer-3 virtual private network
WO2013155959A1 (en) Accessing ip network and edge devices
US8547877B2 (en) RSTP tracking
CN107547346B (en) Message transmission method and device
JP2019521619A (en) Packet forwarding
WO2016115698A1 (en) Data packet forwarding method, apparatus and device
WO2017219732A1 (en) Forwarding method and device for multicast message, router, and computer storage medium
US20180262364A1 (en) Uplink data packet forwarding method and apparatus, and downlink data packet forwarding method and apparatus
WO2014169812A1 (en) Forwarding processing method and device for message
WO2016101515A1 (en) Method and apparatus for determining information technology (it) device port
CN111107008A (en) Reverse path checking method and device
WO2014067328A1 (en) Layer 2 forwarding method and forwarding device
US11343153B2 (en) BGP logical topology generation method, and device
WO2016141818A1 (en) Service uplink forwarding and downlink forwarding methods and corresponding apparatus
EP3468286A1 (en) Method, device and system for data transmission, physical residential gateway and access node
WO2020119317A1 (en) Message forwarding method and apparatus, storage medium, and electronic apparatus
WO2017219910A1 (en) Translation method and apparatus for virtual local area network (vlan)
CN115695306A (en) Message transmission system, method, device, equipment and medium
WO2018161827A1 (en) Address self-learning method and device, and switch
WO2018024189A1 (en) Loopback detection method and apparatus
WO2017063578A1 (en) Data packet processing method and apparatus

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 17814648

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 17814648

Country of ref document: EP

Kind code of ref document: A1