WO2023105582A1 - Système de redondance de locataires et procédé de redondance de locataires - Google Patents

Système de redondance de locataires et procédé de redondance de locataires Download PDF

Info

Publication number
WO2023105582A1
WO2023105582A1 PCT/JP2021/044748 JP2021044748W WO2023105582A1 WO 2023105582 A1 WO2023105582 A1 WO 2023105582A1 JP 2021044748 W JP2021044748 W JP 2021044748W WO 2023105582 A1 WO2023105582 A1 WO 2023105582A1
Authority
WO
WIPO (PCT)
Prior art keywords
bgp
tenant
command
route
container
Prior art date
Application number
PCT/JP2021/044748
Other languages
English (en)
Japanese (ja)
Inventor
健太 篠原
紀貴 堀米
剛史 山田
奨 中澤
文彦 澤崎
雄貴 赤松
真生 上野
Original Assignee
日本電信電話株式会社
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 日本電信電話株式会社 filed Critical 日本電信電話株式会社
Priority to PCT/JP2021/044748 priority Critical patent/WO2023105582A1/fr
Publication of WO2023105582A1 publication Critical patent/WO2023105582A1/fr

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L41/00Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
    • H04L41/12Discovery or management of network topologies
    • H04L41/122Discovery or management of network topologies of virtualised topologies, e.g. software-defined networks [SDN] or network function virtualisation [NFV]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L45/00Routing or path finding of packets in data switching networks
    • H04L45/02Topology update or discovery
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L45/00Routing or path finding of packets in data switching networks
    • H04L45/76Routing in software-defined topologies, e.g. routing between virtual machines

Definitions

  • the present invention relates to a packet relay system and a packet relay method for transferring packets in a network device.
  • IPsec Internet Protocol Security
  • VXLAN Virtual Network Layer
  • GRE Generic Routing Encapsulation
  • packet relay devices use routing software such as Open vSwitch. Conceivable.
  • containers and virtual machines need to be stopped or relocated due to various factors. In order to deal with this, it is necessary to make the tenants redundant, and to quickly propagate the information of the network interfaces of the tenants to the relay device as the containers and virtual machines are relocated.
  • Cases where it is necessary to stop or relocate a container or virtual machine include, for example, a process failure of an application on a container, a forced stop from the base due to container overload, and a crash from the base due to overload of another container on the same server. Such as forced stop.
  • an object of the present invention is to quickly propagate the information of the tenant's network interface to the relay device.
  • the tenant redundancy system of the present invention comprises a relay device comprising a first autonomous system and having a route switching unit that is connected to an external device and performs route switching, and the first autonomous A tenant that constitutes a second autonomous system different from the system, is connected to the relay device, and includes a plurality of control units that include a route exchange unit that exchanges route information and a self-monitoring unit that monitors the interface. It is characterized by having Other means are described in the detailed description.
  • FIG. 11 is a configuration diagram of a packet relay system of a comparative example
  • 1 is a configuration diagram of a packet relay system according to this embodiment
  • FIG. 1 is a configuration diagram of a packet relay system according to the first embodiment
  • FIG. 4 is a flowchart showing initial setting processing
  • 4 is a flowchart showing self-monitoring processing
  • FIG. 10B shows the BGP configuration for the protocol part on the left
  • FIG. 10 is a diagram showing a routing table generated by a protocol section on the left
  • Fig. 3 shows the BGP configuration for the router on the left
  • FIG. 10 is a diagram showing a routing table generated by the router on the left
  • Fig. 3 shows the static and GRE settings for the router on the left
  • FIG. 10 shows the BGP settings for the protocol part on the right;
  • FIG. 10 is a diagram showing a routing table generated by the protocol section on the right;
  • Fig. 3 shows the BGP configuration for the router on the right;
  • FIG. 10 is a diagram showing a routing table generated by a router on the right;
  • FIG. 4B shows the BGP configuration for the upper container; It is a figure which shows the routing table produced
  • FIG. 12 shows static and GRE settings for the top container;
  • FIG. 10 illustrates BGP settings for the lower container; It is a figure which shows the routing table produced
  • FIG. 13 shows static and GRE settings for the lower container;
  • FIG. 13 shows static and GRE settings for the lower container;
  • FIG. 10 is a configuration diagram of a packet relay system according to the second embodiment; 4 is a flowchart showing initial setting processing; FIG. 10B shows the BGP configuration for the protocol part on the left; FIG. 10 is a diagram showing a routing table generated by a protocol section on the left; FIG. 10 illustrates NAT settings for the protocol part on the left; Fig. 3 shows the BGP configuration for the router on the left; FIG. 10 is a diagram showing a routing table generated by the router on the left; Fig. 10 shows the BGP settings for the protocol part on the right; FIG. 10 is a diagram showing a routing table generated by the protocol section on the right; Fig. 3 shows the BGP configuration for the router on the right; FIG.
  • FIG. 1 is a configuration diagram of a packet relay system 1A of a comparative example.
  • the packet relay system 1A treats an IP address as a logical address, and controls each device in the packet relay system 1A to perform routing appropriately based on the logical address.
  • the packet relay system 1A includes a container 6 constructed on a server 9 and relay devices 41 and 42 arranged in front and behind the container 6.
  • FIG. This packet relay system 1A is connected to a device 31 via a tunnel 81 and connected to a device 32 via a tunnel 82 .
  • a container 6 is a tenant control unit configured as a Pod on kubernetes (registered trademark). Tenant control unit is single and not redundant. The container 6 performs transfer processing based on a logical address that is independent of the physical addresses of the relay devices 41 and 42 . A plurality of tap devices 63 and 64 that terminate the tunneling protocol are constructed in the container 6 . These tap devices 63 and 64 are virtual network devices.
  • the devices 31 and 32 are routers that are connected to the relay devices 41 and 42 and exchange packets with each other via the packet relay system 1A.
  • the devices 31 and 32 are connected to a management device (not shown) of the packet relay system 1 and instruct to change settings of communication between terminals.
  • the relay devices 41 and 42 are connected to the devices 31 and 32, respectively, via a network capable of transmitting and receiving IP packets. These relay devices 41 and 42 connect the container 6 and the outside.
  • the relay device 41 includes network interfaces 411 and 412 and an FIB (Forwarding Information Base) 413 .
  • a network interface 411 is an interface that connects the relay device 41 with an external device 31 .
  • a network interface 412 is an interface that connects the relay device 41 to the container 6 .
  • the FIB 413 is a routing control table that is referred to when forwarding packets passing through the relay device 41 .
  • the relay device 42 similarly includes network interfaces 421 and 422 and an FIB 423 .
  • a network interface 422 is an interface that connects the relay device 42 with an external device 32 .
  • a network interface 421 is an interface that connects the relay device 42 with the container 6 .
  • the FIB 423 is a routing control table that is referred to when forwarding packets passing through this relay device 42 .
  • the relay devices 41 and 42 transmit tunneling protocol packets transmitted from the devices 31 and 32 to the container 6, and transmit tunneling protocol packets transmitted from the container 6 to the devices 31 and 32.
  • the container 6 has network interfaces 61 and 62 connected to the relay devices 41 and 42 via a network capable of transmitting and receiving IP packets.
  • the container 6 also has an FIB 65 and tap devices (described as tap in the drawing) 63 and 64 that terminate the transfer protocol. These two tap devices 63, 64 are virtual network devices that terminate the tunneling protocol.
  • the FIB 65 is a routing control table referred to when transferring packets passing through this container 6 .
  • the tap device 64 terminates the tunneling protocol. Then, the container 6 performs encapsulation with another tap device 63 as necessary and transfers it to the device 31 on the opposite side.
  • FIG. 2 is a configuration diagram of the packet relay system 1 according to this embodiment.
  • the packet relay system 1 connects and controls the GRE tunnel from the relay devices 41 and 42 to the loopback IP of the same IP address.
  • the packet relay system 1 includes a plurality of containers 6a and 6b constructed in a server 9, relay devices 41 and 42 arranged in front and behind them, and a control device 11.
  • FIG. This packet relay system 1 is connected to a device 31 via a tunnel 81 and connected to a device 32 via a tunnel 82 .
  • This packet relay system 1 is a redundant tenant system in which tenants are made redundant.
  • the device 31 is assigned an IP address 311 and has a BGP function by being provided with a BGP (Border Gateway Protocol) section 312 .
  • the device 31 thereby forms an autonomous system 71 .
  • BFD Bidirectional Forwarding Detection
  • the device 32 is assigned an IP address 321 and has a BGP function by being provided with a BGP section 322 .
  • the BGP unit 322 is a route exchange unit that is connected to an external device and exchanges routes.
  • the relay devices 41 and 42 are connected to the devices 31 and 32, respectively, via a network capable of transmitting and receiving IP packets. These relay devices 41 and 42 connect the container 6a or 6b and the outside.
  • the relay device 41 has an FIB 413 and a BGP unit 414 to have a BGP function.
  • the BGP unit 414 is a route exchange unit that is connected to an external device and exchanges routes.
  • the relay device 42 has an FIB 423 and a BGP unit 424 to have a BGP function.
  • the BGP unit 424 is a route exchange unit that is connected to an external device and exchanges routes.
  • the containers 6a and 6b have multiple tap devices 63 and 64 that terminate the tunneling protocol, and further have a self-monitoring unit 66.
  • the tap devices 63, 64 are virtual network devices.
  • the self-monitoring unit 66 monitors the network interfaces 61 and 62 to see if any abnormality has occurred in any of the network interfaces. When the self-monitoring unit 66 detects an abnormality, the self-monitoring unit 66 abnormally terminates its own container (control unit).
  • a tunnel 81 is constructed between the container 6a and the device 31 of FIG.
  • a tunnel 82 is constructed between the container 6 a and the device 32 .
  • the relay devices 41 and 42 transmit tunneling protocol packets transmitted from the devices 31 and 32 to the container 6 , and transmit tunneling protocol packets transmitted from the container 6 to the devices 31 and 32 .
  • the relay device 41 determines one of the containers 6a and 6b as the packet routing destination.
  • the relay device 42 determines one of the containers 6a and 6b as the packet routing destination.
  • the container 6 terminates the tunneling protocol at the tap device 63 when a tunneling protocol packet sent from the device 31 arrives at the network interface 61 . Then, the container 6 performs encapsulation with another tap device 64 as necessary and transfers it to the device 32 on the opposite side.
  • the container 6 further receives the tunneling protocol packet sent from the device 32 at the network interface 62 and terminates the tunneling protocol at the tap device 64 when the tunneling protocol is received. Then, the container 6 performs encapsulation with another tap device 63 as necessary and transfers it to the device 31 on the opposite side.
  • FIG. 3 is a configuration diagram of the packet relay system 1 according to the first embodiment.
  • the packet relay system 1 includes a tenant 5 having a plurality of containers 6a and 6b, and protocol units 43 and 44 arranged in front and behind the tenant 5. As shown in FIG.
  • the packet relay system 1 connects the routers 33 and 34 arranged before and after the protocol units 43 and 44 and further connects the terminals 21 and 22 arranged before and after the routers 33 and 34 .
  • Container 6a is connected to router 33 via tunnel 81 .
  • the containers 6 a , 6 b constitute an autonomous system 73 .
  • the protocol units 43 and 44 correspond to the relay devices 41 and 42 in FIG.
  • Routers 33 and 34 correspond to devices 31 and 32 in FIG.
  • a plurality of containers 6a and 6b constitute a second autonomous system, are connected to relay devices 41 and 42, are connected to a BGP section 67 that exchanges route information, and a self-monitoring section 66 that monitors network interfaces 61 and 62. is a control unit with
  • the link connecting terminal 21 and router 33 has an address range of 192.168.120.0/24.
  • the right network interface of terminal 21 is given an address of 192.168.120.78.
  • the left network interface of the router 33 is given an address of 192.168.120.88.
  • the link connecting the router 33 and the protocol unit 43 has an address range of 10.38.215.0/24.
  • the right network interface of the router 33 is given the address of 10.38.215.23.
  • An address of 10.38.215.32 is assigned to the network interface on the left side of the protocol section 43 .
  • the link connecting the protocol part 43 and the containers 6a and 6b is in the address range of 192.168.130.0/24.
  • An address of 192.168.130.42 is assigned to the network interface on the right side of the protocol section 43 .
  • An address of 192.168.130.11 is assigned to the left network interface of the container 6a.
  • An address of 192.168.130.12 is assigned to the left network interface of the container 6b.
  • the link that connects the containers 6a and 6b and the protocol unit 44 is in the address range of 192.168.110.0/24.
  • An address of 192.168.110.11 is assigned to the right network interface of the container 6a.
  • An address of 192.168.110.12 is assigned to the right network interface of the container 6b.
  • An address of 192.168.110.23 is assigned to the network interface on the left side of the protocol section 44 .
  • the link connecting the protocol unit 44 and the router 34 has an address range of 192.168.170.0/24.
  • An address of 192.168.170.23 is assigned to the network interface on the right side of the protocol section 44 .
  • the left network interface of the router 34 is assigned an address of 192.168.170.24.
  • the link connecting the router 34 and the terminal 22 has an address range of 192.168.180.0/24.
  • the right network interface of the router 34 is given an address of 192.168.180.24.
  • the left network interface of terminal 22 is given an address of 192.168.180.25.
  • a tunnel 81 is stretched between the right network interface of the router 33 and the left network interface of the container 6a.
  • the network interface on the right side of the router 33 is given the GRE connection IP address 50.1.1.1/32 in addition to the GRE tunnel starting IP address 10.38.215.23/24.
  • the network interface on the left side of the container 6a is given the GRE connection IP address 60.1.1.1/32 in addition to the GRE tunnel termination IP address and AnyCastIP 40.1.1.1/24.
  • the network interface of the container 6b is given the GRE connection IP address of 70.1.1.1/32 in addition to the GRE tunnel termination IP address of AnyCastIP of 40.1.1.1/24.
  • control device 11 when the control device 11 performs the GRE static setting for the container (step S13), it starts monitoring the survival status of the route with the aforementioned BFD (step S14), and ends the processing of FIG. Thus, initial setting of the packet relay system 1 is performed.
  • FIG. 5 is a flow chart showing the self-monitoring process.
  • the standby system container checks the existence of the active system container (step S20). Then, in step S21, if the standby system container does not detect the stoppage of the active system container (No), the process returns to step S20. In step S21, if the standby container detects that the active container has stopped (Yes), the process proceeds to step S22. In step S22, when the standby system container reconnects the GRE tunneling on the right side and the GRE tunneling on the left side, and itself transitions to the active system (step S23), the process of FIG. 5 ends.
  • FIG. 6A is a diagram showing BGP settings for the protocol section 43 on the left.
  • the control device 11 acquires the current BGP settings by executing the “router bgp 20” command to the protocol unit 43 .
  • the second argument of the router command is the AS number of the target device.
  • the control device 11 By executing the "network 10.38.215.0/24" command to the protocol unit 43, the control device 11 advertises the route information within its own AS as a BGP route.
  • the first argument of the network command is a network address that advertises route information within its own AS as a BGP route.
  • the control device 11 executes the "neighbor 192.168.130.11 remote-as 21" command to the protocol section 43 to set up route filtering in BGP using prefix-list.
  • the first argument of the neighbor command is the network address of the target device to be advertised.
  • the third argument of the neighbor command indicates the AS number.
  • the control device 11 executes the "neighbor 192.168.130.12 remote-as 21" command to the protocol unit 43 to set up route filtering in BGP using prefix-list.
  • the control device 11 executes the "neighbor 10.38.215.23 remote-as 10" command to the protocol unit 43 to set up route filtering in BGP using prefix-list.
  • the control device 11 sets the BGP keepalive timer and holdtime timer by executing the "timers bgp 3 9" command to the protocol unit 43 .
  • the keepalive timer is set to 3 seconds
  • the holdtime timer is set to 9 seconds.
  • FIG. 6B is a diagram showing a routing table generated by the protocol section 43 on the left side.
  • the control device 11 acquires the generated routing table by executing the “show ip bgp” command to the protocol section 43 .
  • An example of the resulting routing table is shown below.
  • FIG. 7A shows the BGP configuration for the router 33 on the left.
  • the control device 11 acquires the current BGP settings by executing the “router bgp 10” command to the router 33 .
  • the control device 11 By executing the "network 192.168.120.0/24" command to the router 33, the control device 11 advertises the route information within its own AS as a BGP route.
  • the control device 11 By executing the "network 50.1.1.1/32" command to the router 33, the control device 11 advertises the route information within its own AS as a BGP route.
  • the control device 11 executes the "neighbor 60.1.1.1 remote-as 21" command to the protocol unit 43 to set up route filtering in BGP using prefix-list.
  • the control device 11 executes the "neighbor 70.1.1.1 remote-as 21" command to the protocol section 43 to set up route filtering in BGP using the prefix-list.
  • the control device 11 executes the "neighbor 70.1.1.1 ebgp-multihop 255" command to the protocol unit 43 to set up route filtering in BGP using the prefix-list.
  • FIG. 7B is a diagram showing a routing table generated by the router 33 on the left.
  • the control device 11 acquires the generated routing table by executing the “show ip bgp” command to the router 33 .
  • An example of the resulting routing table is shown below.
  • FIG. 7C is a diagram showing static and GRE settings for router 33 on the left.
  • the control device 11 executes the “ip route 40.1.1.0/24 10.38.215.32” command to the router 33 . This is a static setting to router 33 . Note that the IP address must be specified as the third argument here.
  • the control device 11 executes the “ip route 60.1.1.1/32 gre” command to the router 33 . This is a static setting to router 33 .
  • the control device 11 executes the “ip route 70.1.1.1/32 gre” command to the router 33 . This is a static setting to router 33 .
  • the control device 11 executes the “ip link add gre type gre local 10.38.215.23 remote 40.1.1.1” command to the router 33 . This is the GRE setting.
  • the control device 11 executes the “ip addr add 50.1.1.1/32 dev gre” command to the router 33 . This is the GRE setting.
  • FIG. 8A is a diagram showing the BGP settings for the protocol section 44 on the right.
  • the control device 11 acquires the current BGP settings by executing the “router bgp 22” command to the protocol unit 44 .
  • the second argument of the router command is the AS number of the target device.
  • the control device 11 By executing the "network 192.168.170.0/24" command to the protocol unit 44, the control device 11 advertises the route information within its own AS as a BGP route.
  • the control device 11 executes the "neighbor 192.168.130.11 remote-as 21" command to the protocol unit 44 to set up route filtering in BGP using prefix-list.
  • the control device 11 executes the "neighbor 192.168.130.12 remote-as 21" command to the protocol unit 44 to set up route filtering in BGP using prefix-list.
  • the control device 11 executes the "neighbor 10.38.215.23 remote-as 10" command to the protocol unit 44 to set up route filtering in BGP using prefix-list.
  • the control device 11 sets the BGP keepalive timer and holdtime timer by executing the "timers bgp 3 9" command to the protocol unit 44 .
  • the keepalive timer is set to 3 seconds
  • the holdtime timer is set to 9 seconds.
  • FIG. 8B is a diagram showing a routing table generated by the protocol section 44 on the right side.
  • the control device 11 acquires the generated routing table by executing the “show ip bgp” command to the protocol unit 44 .
  • An example of the resulting routing table is shown below.
  • FIG. 9A shows the BGP configuration for the router 34 on the right.
  • the control device 11 acquires the current BGP settings by executing the “router bgp 30” command to the router 34 .
  • the second argument of the router command is the AS number of the target device.
  • the control device 11 By executing the "network 192.168.180.0/24" command to the router 34, the control device 11 advertises the route information within its own AS as a BGP route.
  • the control device 11 executes the "neighbor 192.168.170.23 remote-as 22" command on the router 34 to configure route filtering in BGP using prefix-list.
  • FIG. 9B is a diagram showing a routing table generated by the router 34 on the right side.
  • the control device 11 acquires the generated routing table by executing the “show ip bgp” command to the router 34 .
  • An example of the resulting routing table is shown below.
  • FIG. 10A shows the BGP settings for the upper container 6a.
  • the control device 11 acquires the current BGP settings by executing the "router bgp 21" command for the upper container 6a.
  • the second argument of the router command is the AS number of the target device.
  • the control device 11 By executing the "network 192.168.110.0/24" command to the container 6a, the control device 11 advertises the route information within its own AS as a BGP route.
  • the control device 11 executes the "neighbor 192.168.130.42 remote-as 20" command for the container 6a to configure route filtering in BGP using the prefix-list.
  • the control device 11 executes the "neighbor 192.168.110.23 remote-as 22" command for the container 6a to set up route filtering in BGP using the prefix-list.
  • the control device 11 By executing the "network 60.1.1.1/32" command to the container 6a, the control device 11 advertises the route information within its own AS as a BGP route.
  • the control device 11 executes the "neighbor 50.1.1.1 remote-as 10" command for the container 6a to set up route filtering in BGP using the prefix-list.
  • the control device 11 executes the "neighbor 50.1.1.1 ebgp-multihop 255" command for the container 6a to set up route filtering in BGP using prefix-list.
  • the control device 11 sets the BGP keepalive timer and holdtime timer by executing the "timers bgp 3 9" command for the container 6a. Specifically, the keepalive timer is set to 3 seconds, and the holdtime timer is set to 9 seconds.
  • FIG. 10B is a diagram showing a routing table generated in the upper container 6a.
  • the control device 11 acquires the generated routing table by executing the "show ip bgp" command for the container 6a.
  • An example of the resulting routing table is shown below.
  • FIG. 10C is a diagram showing the static and GRE settings for the upper container 6a.
  • the control device 11 executes the "ip addr add 40.1.1.1/32 dev lo" command for the container 6a. This is the setting of AnyCastIP to container 6a.
  • the control device 11 executes the "ip link add gre type gre local 40.1.1.1 remote 10.38.215.23" command to the container 6a. This is the GRE setting to container 6a.
  • the control device 11 executes the "ip addr add 60.1.1.1/32 dev gre" command for the container 6a. This is the GRE setting to container 6a.
  • the control device 11 executes the "ip route 50.1.1.1/32 gre" command for the container 6a. This is a static setting.
  • FIG. 11A shows the BGP settings for the lower container 6b.
  • the control device 11 acquires the current BGP settings by executing the "router bgp 21" command for the upper container 6b.
  • the second argument of the router command is the AS number of the target device.
  • the control device 11 By executing the "network 192.168.110.0/24" command to the container 6b, the control device 11 advertises the route information within its own AS as a BGP route.
  • the control device 11 executes the "neighbor 192.168.130.42 remote-as 20" command for the container 6b to configure route filtering in BGP using the prefix-list.
  • the control device 11 By executing the "network 192.168.130.0/24" command to the container 6b, the control device 11 advertises the route information within its own AS as a BGP route.
  • the control device 11 By executing the "network 40.1.1.0/24" command to the container 6b, the control device 11 advertises the route information within its own AS as a BGP route.
  • the control device 11 By executing the "network 70.1.1.1/32" command to the container 6b, the control device 11 advertises the route information within its own AS as a BGP route.
  • the control device 11 executes the "neighbor 50.1.1.1 ebgp-multihop 255" command for the container 6b to set up route filtering in BGP using prefix-list.
  • FIG. 11B is a diagram showing a routing table generated in the lower container 6b.
  • the control device 11 acquires the generated routing table by executing the "show ip bgp" command for the container 6b.
  • An example of the resulting routing table is shown below.
  • the protocol units 43 and 44 correspond to the relay devices 41 and 42 in FIG.
  • Routers 33 and 34 correspond to devices 31 and 32 in FIG.
  • Each part of the packet relay system 1 is given an IP address similar to that of each part of the packet relay system 1 shown in FIG.
  • the network interface on the left side of the protocol section 43 is the NAT segment of 20.1.1.2/24.
  • the network interface on the right side of protocol section 43 is the NAT segment of 20.1.1.3/24.
  • FIG. 14A is a diagram showing BGP settings for the protocol section 43 on the left.
  • the control device 11 acquires the current BGP settings by executing the “router bgp 20” command to the protocol unit 43 .
  • the second argument of the router command is the AS number of the target device.
  • the control device 11 By executing the "network 10.38.215.0/24" command to the protocol unit 43, the control device 11 advertises the route information within its own AS as a BGP route.
  • the control device 11 executes the "neighbor 192.168.130.11 remote-as 21" command to the protocol unit 43 to set up route filtering in BGP using prefix-list.
  • the control device 11 executes the "neighbor 192.168.130.12 remote-as 21" command to the protocol unit 43 to set up route filtering in BGP using prefix-list.
  • the control device 11 By executing the "network 192.168.130.0/24" command to the protocol unit 43, the control device 11 advertises the route information within its own AS as a BGP route.
  • the control device 11 executes the "neighbor 10.38.215.23 remote-as 10" command to the protocol unit 43 to set up route filtering in BGP using prefix-list.
  • the control device 11 By executing the "network 20.1.1.0/24" command to the protocol unit 43, the control device 11 advertises the route information within its own AS as a BGP route.
  • FIG. 14B is a diagram showing a routing table generated by the protocol section 43 on the left side.
  • the control device 11 acquires the generated routing table by executing the “show ip bgp” command to the protocol section 43 .
  • An example of the resulting routing table is shown below.
  • FIG. 14C is a diagram showing NAT settings for the protocol section 43 on the left.
  • the control device 11 executes the “iptables -t nat -A PREROUTING -d 20.1.1.3 -i eth2 -j DNAT --to-destination 192.168.180.25” command to the protocol unit 43 . This is the DNAT setting to router 33 .
  • the control device 11 executes the “iptables -t nat -A POSTROUTING -s 192.168.180.25 -o eth2 -j SNAT --to-source 20.1.1.3” command to the protocol unit 43 . This is the SNAT setting to the router 33.
  • the control device 11 executes the “iptables -t nat -A PREROUTING -d 20.1.1.2 -i ens10 -j DNAT --to-destination 192.168.120.78” command to the protocol unit 43 . This is the DNAT setting to router 33 .
  • the control device 11 executes the “iptables -t nat -A POSTROUTING -s 192.168.120.78 -o ens10 -j SNAT --to-source 20.1.1.2” command to the protocol unit 43 . This is the SNAT setting to the router 33.
  • FIG. 15A is a diagram showing the BGP settings for the router 33 on the left.
  • the control device 11 acquires the current BGP settings by executing the “router bgp 10” command to the router 33 .
  • the control device 11 By executing the "network 192.168.120.0/24" command to the router 33, the control device 11 advertises the route information within its own AS as a BGP route.
  • the control device 11 executes the "neighbor 10.38.215.32 remote-as 20" command on the router 33 to configure route filtering in BGP using the prefix-list.
  • FIG. 15B is a diagram showing a routing table generated by the router 33 on the left.
  • the control device 11 acquires the generated routing table by executing the “show ip bgp” command to the router 33 .
  • An example of the resulting routing table is shown below.
  • FIG. 16A is a diagram showing BGP settings for the protocol section 44 on the right.
  • the control device 11 acquires the current BGP settings by executing the “router bgp 22” command to the protocol unit 44 .
  • the second argument of the router command is the AS number of the target device.
  • the control device 11 By executing the "network 192.168.170.0/24" command to the protocol unit 44, the control device 11 advertises the route information within its own AS as a BGP route.
  • the control device 11 executes the "neighbor 192.168.110.11 remote-as 21" command to the protocol unit 44 to set up route filtering in BGP using prefix-list.
  • the control device 11 executes the "neighbor 192.168.110.12 remote-as 21" command to the protocol unit 44 to set up route filtering in BGP using prefix-list.
  • the control device 11 By executing the "network 192.168.110.0/24" command to the protocol unit 44, the control device 11 advertises the route information within its own AS as a BGP route.
  • the control device 11 executes the "neighbor 192.168.170.24 remote-as 30" command to the protocol unit 44 to set up route filtering in BGP using prefix-list.
  • FIG. 16B is a diagram showing a routing table generated by the protocol section 44 on the right side.
  • the control device 11 acquires the generated routing table by executing the “show ip bgp” command to the protocol unit 44 .
  • An example of the resulting routing table is shown below.
  • FIG. 17A shows the BGP configuration for the router 34 on the right.
  • the control device 11 acquires the current BGP settings by executing the “router bgp 30” command to the router 34 .
  • the second argument of the router command is the AS number of the target device.
  • the control device 11 executes the "neighbor 192.168.170.23 remote-as 22" command on the router 34 to configure route filtering in BGP using prefix-list.
  • FIG. 17B is a diagram showing a routing table generated by the router 34 on the right side.
  • the control device 11 acquires the generated routing table by executing the “show ip bgp” command to the router 34 .
  • An example of the resulting routing table is shown below.
  • FIG. 18A shows the BGP settings for the upper container 6a.
  • the control device 11 acquires the current BGP settings by executing the "router bgp 21" command for the upper container 6a.
  • the second argument of the router command is the AS number of the target device.
  • the control device 11 By executing the "network 192.168.110.0/24" command to the container 6a, the control device 11 advertises the route information within its own AS as a BGP route.
  • the control device 11 executes the "neighbor 192.168.130.42 remote-as 20" command for the container 6a to configure route filtering in BGP using the prefix-list.
  • the control device 11 By executing the "network 192.168.130.0/24" command to the container 6a, the control device 11 advertises the route information within its own AS as a BGP route.
  • FIG. 18B is a diagram showing a routing table generated in the upper container 6a.
  • the control device 11 acquires the generated routing table by executing the "show ip bgp" command for the container 6a.
  • An example of the resulting routing table is shown below.
  • a packet relay system is a system in which multiple tenants are connected in parallel. This allows services to be provided to a certain pair of terminal combinations and to another pair of terminal combinations.
  • FIG. 19 is a configuration diagram of a packet relay system 1B according to the third embodiment.
  • the packet relay system 1B includes a tenant 5a including a plurality of containers 6a and 6b, a tenant 5b including a plurality of containers 6c and 6d, and protocol units 45 and 46 and a control device 11 arranged before and after them. Configured.
  • the packet relay system 1B connects the routers 35 and 36 arranged before and after the protocol units 45 and 46, and further includes a pair of terminals 23 and 24 arranged before and after the routers 35 and 36, and a pair of terminals 25 and 26. to connect.
  • the protocol sections 45 and 46 correspond to the protocol sections 43 and 44 of the first embodiment.
  • Routers 35 and 36 correspond to routers 33 and 34 of the first embodiment.
  • FIG. 20A is a diagram showing BGP settings for containers 6a and 6b belonging to upper tenant 5a.
  • the control device 11 performs BGP settings by executing the command "neighbor ⁇ protocol part A IP ⁇ distribute-list 100 in" for the containers 6a and 6b.
  • ⁇ protocol part A IP ⁇ means the IP address of the protocol part 45 .
  • the control device 11 performs BGP settings by executing the "neighbor ⁇ protocol part B IP ⁇ distribute-list 100 in" command for the containers 6a and 6b.
  • ⁇ protocol part B IP ⁇ means the IP address of the protocol part 46 .
  • the control device 11 executes the "access-list 100 permit ip ⁇ terminal A network IP ⁇ ⁇ Wildcard mask ⁇ any" command for the containers 6a and 6b.
  • ⁇ terminal A network IP ⁇ means the IP address of terminal 23 .
  • the ⁇ Wildcard mask ⁇ is information about which part of the IP address of the terminal targeted by the containers 6a and 6b is to be read.
  • the control device 11 executes the "access-list 101 permit ip ⁇ terminal B network IP ⁇ ⁇ Wildcard mask ⁇ any" command for the containers 6a and 6b.
  • ⁇ terminal B network IP ⁇ means the IP address of terminal 23 .
  • FIG. 20B is a diagram showing a routing table generated in the containers 6a and 6b belonging to the upper tenant 5a.
  • the control device 11 acquires the generated routing table by executing the "show ip bgp" command for the containers 6a and 6b.
  • An example of the resulting routing table is shown below.
  • the control device 11 executes the "access-list 102 permit ip ⁇ terminal C network IP ⁇ ⁇ Wildcard mask ⁇ any" command for the containers 6c and 6d.
  • ⁇ terminal C network IP ⁇ means the IP address of terminal 25 .
  • ⁇ Wildcard mask ⁇ is information about which part of the IP address of the terminal targeted by the containers 6c and 6d is to be read.
  • the control device 11 executes the "access-list 103 permit ip ⁇ terminal D network IP ⁇ ⁇ Wildcard mask ⁇ any" command for the containers 6a and 6b.
  • ⁇ terminal D network IP ⁇ means the IP address of terminal 26 .
  • FIG. 21B is a diagram showing a routing table generated in the containers 6c and 6d belonging to the lower tenant 5b.
  • the control device 11 acquires the generated routing table by executing the "show ip bgp" command for the containers 6c and 6d.
  • An example of the resulting routing table is shown below.
  • a plurality of control units comprising a second autonomous system different from the first autonomous system, connected to the relay device, and provided with a route exchange unit for exchanging route information and a self-monitoring unit for monitoring an interface.
  • tenants to prepare A tenant redundancy system characterized by comprising:
  • Each said tenant control unit is constructed as a container or a virtual machine,
  • tenant control elements can be built as containers or virtual machines.
  • the tenant's control element can quickly terminate itself when an abnormality occurs.
  • the tenant's control element can establish a tunneling protocol with the external device.
  • the relay device determines one of the control units of the tenant as a packet routing destination based on the route information exchanged by the route exchange unit.
  • the tenant redundancy system according to claim 1, characterized by:
  • the tenant's control element can easily establish a tunneling protocol with the external device at the time of relocation.
  • route information can be easily exchanged between autonomous systems.
  • the standby system can appropriately transition to the active system.
  • 1A 1 Packet relay system (tenant redundancy system) 21 to 26 terminal 31 device 311 IP address 312 BGP unit 32 device 321 IP address 322 BGP unit (route switching unit) 33 to 36 router 41 relay device 411, 412 network interface 413 FIB 414 BGP part (route switching part) 42 relay devices 421, 422 network interface 423 FIB 424 BGP part (route switching part) 43 to 46 Protocol part 5a, 5b Tenant 6, 6a, 6b, 6c, 6d Container (control unit) 61, 62 network interface 63, 64 tap device 65 FIB 66 self-monitoring unit 67 BGP unit (route switching unit) 68, 69 logical address 71-75 autonomous system 81, 82 tunnel 9 server

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)

Abstract

L'invention concerne un système de relais de paquets (1) qui comprend : un dispositif de relais (41) qui constitue un système autonome (72) et qui est pourvu d'une unité BGP (414) connectée à un dispositif externe de façon à mettre en œuvre un échange de trajet ; et un locataire pourvu d'une pluralité de conteneurs (6a, 6b) qui constituent un système autonome (73) différent du système autonome (72), qui sont connectés au dispositif de relais (41), et qui sont pourvus d'unités BGP (67) pour échanger des informations de trajet et d'unités d'auto-surveillance (66) pour surveiller des interfaces de réseau (61, 62).
PCT/JP2021/044748 2021-12-06 2021-12-06 Système de redondance de locataires et procédé de redondance de locataires WO2023105582A1 (fr)

Priority Applications (1)

Application Number Priority Date Filing Date Title
PCT/JP2021/044748 WO2023105582A1 (fr) 2021-12-06 2021-12-06 Système de redondance de locataires et procédé de redondance de locataires

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
PCT/JP2021/044748 WO2023105582A1 (fr) 2021-12-06 2021-12-06 Système de redondance de locataires et procédé de redondance de locataires

Publications (1)

Publication Number Publication Date
WO2023105582A1 true WO2023105582A1 (fr) 2023-06-15

Family

ID=86729785

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/JP2021/044748 WO2023105582A1 (fr) 2021-12-06 2021-12-06 Système de redondance de locataires et procédé de redondance de locataires

Country Status (1)

Country Link
WO (1) WO2023105582A1 (fr)

Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20120137287A1 (en) * 2010-11-29 2012-05-31 The Board Of Trustees Of The University Of Illinois Optimized game server relocation environment
US10397189B1 (en) * 2016-09-27 2019-08-27 Amazon Technologies, Inc. Peered virtual private network endpoint nodes

Patent Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20120137287A1 (en) * 2010-11-29 2012-05-31 The Board Of Trustees Of The University Of Illinois Optimized game server relocation environment
US10397189B1 (en) * 2016-09-27 2019-08-27 Amazon Technologies, Inc. Peered virtual private network endpoint nodes

Similar Documents

Publication Publication Date Title
JP5131651B2 (ja) 負荷分散システム、負荷分散方法、及びプログラム
CN108141376B (zh) 网络节点、通信网络及通信网络中的方法
EP2523403B1 (fr) Système de réseau et procédé de redondance de réseau
WO2018054156A1 (fr) Système, dispositif et procédé de transmission de message vxlan
JP6562466B2 (ja) 冗長コントローラに対するルーティングプロトコルのプロキシ
EP2992644B1 (fr) Amélioration d'un canal de réserve de mobile pour traiter une défaillance de noeud dans un réseau filaire
WO2016177030A1 (fr) Procédé, dispositif, et système d'établissement de liaison de dispositif de réseau sdn
US20080225699A1 (en) Router and method of supporting nonstop packet forwarding on system redundant network
CN104541483B (zh) 用于连接性故障时为家庭网络启用重新路由的方法和系统
US9288140B2 (en) Multichassis failover and recovery for MLPPP wireless backhaul
JP4882026B2 (ja) 通信システム及び通信制御装置
JP5764820B2 (ja) 伝送システムおよび伝送システムの制御方法
CN111385138B (zh) 用于拼接多宿主evpn和l2电路的逻辑隧道的核心隔离
JP5987971B2 (ja) 通信システム、スイッチ、制御装置、制御用チャネルの構築方法及びプログラム
WO2019080592A1 (fr) Procédé et dispositif d'envoi de messages
US11165891B2 (en) Highly available transmission control protocol tunnels
EP3614794A1 (fr) Réseau d'accès à trajets multiples
WO2014069502A1 (fr) Système de communication, dispositif d'échange d'informations de voie, nœud de communication, procédé de transfert pour informations de voie et programme
JP2018007093A (ja) 中継装置の冗長化構成における物理的および論理的非対称ルーティング防止メカニズム
WO2023105582A1 (fr) Système de redondance de locataires et procédé de redondance de locataires
WO2021098806A1 (fr) Procédé, dispositif et système de commutation de trajet de transmission de messages
KR102376484B1 (ko) 이중화 회선 자동 절체를 위한 장치 및 방법
JP4992962B2 (ja) データ転送装置、マルチキャストシステム、およびプログラム
JP2022034323A (ja) 通信システム及び通信制御方法
JP2015226231A (ja) 中継装置および中継方法

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 21967089

Country of ref document: EP

Kind code of ref document: A1

ENP Entry into the national phase

Ref document number: 2023565689

Country of ref document: JP

Kind code of ref document: A