CN101848161A - Communication method and equipment of MPLS L2VPN (Multiple protocol Label Switching Layer 2 Virtual Private Network) and MPLS L3VPN (Multiple protocol Label Switching Layer 3 Virtual Private Network) - Google Patents
Communication method and equipment of MPLS L2VPN (Multiple protocol Label Switching Layer 2 Virtual Private Network) and MPLS L3VPN (Multiple protocol Label Switching Layer 3 Virtual Private Network) Download PDFInfo
- Publication number
- CN101848161A CN101848161A CN201010186818A CN201010186818A CN101848161A CN 101848161 A CN101848161 A CN 101848161A CN 201010186818 A CN201010186818 A CN 201010186818A CN 201010186818 A CN201010186818 A CN 201010186818A CN 101848161 A CN101848161 A CN 101848161A
- Authority
- CN
- China
- Prior art keywords
- interface
- network
- message
- l3vpn
- mpls
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Images
Landscapes
- Data Exchanges In Wide-Area Networks (AREA)
Abstract
The invention discloses a communication method and equipment of MPLS L2VPN and MPLS L3VPN. The communication between an MPLS L2VPN network and an MPLS L3VPN network can be realized by a uniform VE (Video Engineer) interface by applying the technical scheme of the invention, and thereby, the corresponding operational process is simplified, and since the corresponding strategy settings can be applied in different MPLS L2VPN network types to realize message processing and forwarding, and thereby, the processing efficiency of carrying out message interaction between the MPLS L2VPN network and the MPLS L3VPN network is effectively improved, and the hardware adaptation cost is reduced.
Description
Technical field
The present invention relates to communication technical field, communication means and the equipment of particularly a kind of MPLS L2VPN and MPLS L3VPN.
Background technology
In MPLS (Multi-Protocol Label Switching, multiprotocol label switching) L3 (Layer3, three layers) VPN (Virtual Private Network, VPN (virtual private network)) networking structure, carry out schematic diagram that message transmits as shown in Figure 1.
CE (Customer Edge, user network boundary device) router normally, as CE and the PE that directly links to each other (Provider Edge, the service provider network edge device) set up syntople after, CE is distributed to PE to the VPN route of this node, after PE acquires the VPN routing iinformation of CE this locality from CE, by MP-IBGP (Multi-Protocol Internal Border Gateway Protocol, multi-protocols Internal BGP) and other PE switched vpc N routing iinformation.
When transmission VPN flow on the MPLS backbone network, the VPN message is transmitted and is adopted label stack:
Ground floor (skin) label exchanges in backbone network inside, the LSP (Label Switched Path, label switched path) of indication from PE to opposite end PE.
Utilize this layer label, can arrive opposite end PE along LSP; When adopting the layering lsp tunnel, has multilayer labels.
The second layer (internal layer) label arrives opposite end PE indication message at message and should be sent to which CE, and just opposite end PE can look for the outgoing interface that sends message according to vpn label.
Be example with Fig. 1 equally, the VPN message forwarding be described:
(1) the Site 1 IP message that to send a destination address be 1.1.1.2 is sent to PE 1 by CE 1 with message.
(2) PE 1 determines VRF (VPN Routing ﹠amp according to the incoming interface of message; Forwarding, the VPN (virtual private network) routing forwarding), search in VRF according to message IP (Internet Protocol, Internet protocol) destination address again, after the coupling message is forwarded, stamp internal layer and outer two labels simultaneously.
(3) outer layer label of MPLS network utilisation message is sent to PE2 with message, and wherein, message has been stripped from outer layer label when arriving PE 2 previous dives, only contain vpn label.
(4) PE 2 searches the VPN instance routing table according to vpn label and destination address, determines the outgoing interface of message, and message is forwarded to CE2.
(5) CE 2 is sent to the destination according to normal IP repeating process with message.
And at MPLS L2 (Layer2, two layers) among the VPN, VPWS (the Virtual Private Wire Services that specifically is divided into point-to-point mode, virtual dedicated line service) and the communication mode of the VPLS (Virtual Private LAN Services, virtual special local area network service) of point-to-multipoint mode.
Wherein, VPLS provides accessibility by MAC (Media Access Control, media interviews control) address learning.Each PE equipment can be safeguarded a mac address table.The typical operation of VPLS is the remote mac address learning:
PW (Pseudo Wire, virtual link) is made up of a pair of unidirectional VC (Virtual Circuit, virtual circuit) LSP, wherein, the VC LSP that has only both direction all up (being activated) just to be considered to PW be up.
When the VC LSP from Inbound receives a message, the source MAC of message and the VC LSP of outgoing direction are formed mapping relations.As shown in Figure 2, the arrow of solid line is represented the Ethernet message forwarding path, and after PE2 received message from PW1, can add outbound port in transmitting was the MAC forwarding-table item of PW1.
When message sends on PW, very similar with L3VPN, need stamp vpn label (PW label) and outer layer tunnel label.Outer layer label is mainly used in the label exchange by the tunnel intermediate equipment, message is delivered to opposite end PE equipment, the PW label is used for after message reaches opposite end PE, and opposite end PE can find corresponding VSI (Virtual Switch Instance, virtual switch instance) according to the PW label.
As shown in Figure 3, VPWS is the simplification of VPLS, only can transmit at a PW from the message that CE comes, rather than as in VPLS, need inquiry MAC to decide on which bar PW and transmit.
In the prior art scheme, MPLS is good with its reliability height, fail safe, have good operation maintenance ability and support QoS advantages such as (Quality of Service, service quality) based on the IP aspect, is widely used in the Access Network of operator.
L2VPN provides the two-layer VPN service based on the MPLS network, and transparent transmission user Layer 2 data on the MPLS network can provide the path of tunnel for the user, has reduced the LSP link that intermediate equipment need be safeguarded simultaneously.
And by the L2VPN tunnel user being inserted the L3VPN business of public network or bearer network, can reduce needs the user profile safeguarded in the access network equipment, thereby uses the equipment than low side in Access Network, has reduced networking cost.Access Network is transparent to the user, and the user makes networking mode more flexible as inserting public network or L3VPN in direct-connected mode.
Accordingly, VPWS and VPLS be linked into L3VPN typical networking as shown in Figure 4.
Realize in the prior art that MPLS L2VPN is as follows with the scheme that MPLS L3VPN communicates by letter:
(1) needs to set up virtual two layer interfaces on the PE, in order to foundation and user's L2VPN business, in order to termination user's L2VPN message.
(2) need to set up virtual three layer interfaces on the PE, be tied among the VRF of L3VPN, in order to carry out three layers of forwarding of user private network message.
(3) above-mentioned virtual two layer interfaces and the binding of virtual three layer interfaces are formed VE Group (VirtualEthernet Group, virtual ethernet group), realize inserting L3VPN after the L2VPN message termination.
Two virtual layer interfaces and virtual three layer interfaces all use VE (Virtual Ethernet, virtual ethernet) interface, can specify this interface during configuration VE Group is two layers of ve interface (realizing two layers of termination of VE Group) or three layers of ve interface (realizing three layers of access of VE Group).Only allow two layers of VE main interface and three layers of VE main interface binding among the VE Group, wherein, three layers of ve interface can be created a plurality of three layers of VE sub-interface, terminate in order to carry out Dot1q (encapsulated type of a kind of VLAN), and L2VPN only can be configured on two layers of VE main interface.
Such as:
Interface?VE1
Related L2VPN
Interface?VE2
Related L3VPN VPNA
The sub-interface of Interface VE2.1 #VE logic interfacing
Related L3VPN VPNB
VE Group # creates a VE group
Interface?VE1
Interface?VE2
Wherein, the forwarding principle among the VE Group in VE Group, have only two layers of ve interface and three layers of ve interface binding, and three layers of ve interface can have a plurality of sub-interfaces as Dot1q or QinQ termination as shown in Figure 5.
In realizing process of the present invention, the inventor finds that there is following problem at least in prior art:
The prior art arrangement more complicated, the product for hardware is transmitted drives adaptive also more complicated, because the forwarding-table item information of hardware store often all requires the information of the various configurations of combination, once generation, rather than every configuration is filled in separately, and therefore the interlock of every configuration initiation is many.
Transmit processing procedure in addition, may be more with the list item of searching because relate to link, so forwarding speed efficient is lower.
Summary of the invention
The invention provides communication means and the equipment of a kind of MPLS L2VPN and MPLS L3VPN, realize the intercommunication between MPLS L2VPN and the MPLS L3VPN.
For achieving the above object, one aspect of the present invention provides the communication means of a kind of MPLS L2VPN and MPLSL3VPN, be applied to comprise simultaneously in the system of MPLS L2VPN network and MPLS L3VPN network, be connected by NPE equipment between described MPLS L2VPN network and the MPLS L3VPN network, comprise a ve interface on the described NPE equipment, wherein, described ve interface is connected with the network equipment in the described MPLS L2VPN network by PW, described ve interface also carries out related with the L3VPN example of MPLSL3VPN network, and set up corresponding route forwarding table for described L3VPN example, described method specifically may further comprise the steps:
When described NPE equipment receives the network equipment in the described MPLS L2VPN network when sending to the message of described ve interface by PW, described NPE equipment is determined corresponding ve interface according to the identification information in the described message, and carries out described message forwarding according to the route forwarding table of the associated L3VPN example of described ve interface;
When described NPE equipment receives the message that the L3VPN example of described MPLS L3VPN network sends, described NPE equipment is determined the forwarding information of purpose IP address correspondence in the route forwarding table of described L3VPN example of described message, and select corresponding PW according to described forwarding information, by described PW, the network equipment in described MPLS L2VPN network carries out described message forwarding.
Preferably,
Described ve interface also carries out relatedly with the L3VPN example of MPLS L3VPN network, and sets up corresponding route forwarding table for described L3VPN example, is specially:
When described ve interface need carry out when related with a plurality of L3VPN examples of MPLS L3VPN network, further comprise a plurality of sub-interfaces in the described ve interface, it is related that each described sub-interface and each L3VPN example of MPLS L3VPN network carry out, and set up corresponding route forwarding table for each described L3VPN example.
Preferably, comprise a ve interface on the described NPE equipment, be specially:
Described NPE equipment is created a ve interface by interface configuration command;
Described NPE equipment is described ve interface configures physical interface attributes parameter;
Described NPE equipment is that described ve interface distributes identification label, and sets up the corresponding relation of described identification label and described ve interface;
Each sub-interface that described NPE equipment is described ve interface is set up identifying information, and sets up the corresponding relation of described identifying information and described sub-interface.
Preferably, described ve interface is connected with the network equipment in the described MPLS L2VPN network by PW, is specially:
Described NPE equipment is determined the network equipment in the described MPLS L2VPN network that described ve interface need connect, described NPE equipment sends to the network equipment in the described MPLS L2VPN network with the identification label of described ve interface by the PW label distribution protocol message, and set up PW between the network equipment in described ve interface and the described MPLS L2VPN network, with the PW label of described identification label as described PW;
Further comprise a plurality of sub-interfaces in the described ve interface, it is related that each described sub-interface and each L3VPN example of MPLS L3VPN network carry out, and set up corresponding route forwarding table for each described L3VPN example, is specially:
Described NPE equipment is defined as the part or all of sub-interface of described ve interface respectively the interface of monopolizing of each MPLSL3VPN network, the described sub-interface and the L3VPN example of corresponding M PLS L3VPN network are carried out related, and set up corresponding route forwarding table for each L3VPN example.
Preferably, if comprise a plurality of sub-interfaces in the described ve interface, when described NPE equipment receives the network equipment in the described MPLS L2VPN network when sending to the message of described ve interface by PW, described NPE equipment is determined corresponding ve interface according to the identification information in the described message, and carry out described message forwarding according to the route forwarding table of the associated L3VPN example of described ve interface, be specially:
When described MPLS L2VPN network is specially VPLS, described NPE equipment is determined the pairing ve interface of described message according to the PW label of described message, and whether the mac address information in the physical interface property parameters of the target MAC (Media Access Control) address of judging described message and described ve interface is identical, if it is identical, the heading of then analyzing described message obtains identification information, the identification information of each sub-interface in described identification information and the described ve interface is mated, and according to the route forwarding table of the associated L3VPN example of the sub-interface that the match is successful, by described sub-interface described message being carried out IP transmits, if it is inequality, then search MAC and transmit, described message is carried out MAC transmit;
When described MPLS L2VPN network is specially VPWS, described NPE equipment is determined the pairing ve interface of described message according to the PW label of described message, and the heading of analyzing described message obtains identification information, the identification information of each sub-interface in described identification information and the described ve interface is mated, and, by described sub-interface described message is carried out IP and transmit according to the route forwarding table of the associated L3VPN example of the sub-interface that the match is successful.
Preferably, when described NPE equipment receives the message that the L3VPN example of described MPLS L3VPN network sends, described NPE equipment is determined the forwarding information of purpose IP address correspondence in the route forwarding table of described L3VPN example of described message, and select corresponding PW according to described forwarding information, by described PW, the network equipment in described MPLS L2VPN network carries out described message forwarding, is specially:
The pairing ARP information of the network equipment in the described MPLS L2VPN of the described NPE learning equipment network, described ARP information comprises the IP address and the MAC Address of the interface that the network equipment in the described MPLS L2VPN network is connected with the purpose terminal at least;
Described NPE equipment is determined the outgoing interface and the next hop information of described message in the route forwarding table of described L3VPN example according to the purpose IP address of the message of the L3VPN example transmission of described MPLS L3VPN network;
Described NPE equipment obtains corresponding ARP information according to the outgoing interface and the next hop information of described message, by described ARP information described message is encapsulated, and select corresponding PW, the network equipment in described MPLS L2VPN network carries out described message forwarding.
On the other hand, the present invention also provides a kind of NPE equipment, is applied to comprise simultaneously in the system of MPLS L2VPN network and MPLS L3VPN network, is connected by NPE equipment between described MPLS L2VPN network and the MPLS L3VPN network, it is characterized in that, comprising:
Module is set, be used to create a ve interface, wherein, described ve interface is connected with the network equipment in the described MPLS L2VPN network by PW, and carry out relatedly with the L3VPN example of MPLS L3VPN network, and set up corresponding route forwarding table for the L3VPN example;
Processing module, be connected with the described module that is provided with, be used for when the network equipment that receives described MPLS L2VPN network sends to the message of described ve interface by PW, in the described sub-interface that the set ve interface of module is set, determine corresponding sub-interface according to the identification information in the described message, maybe the network equipment in receiving described MPLS L3VPN network send message the time, determine the forwarding information of purpose IP address correspondence in the route forwarding table of described L3VPN example of described message, be provided with among the continuous PW of the set ve interface of module described, select corresponding PW according to described forwarding information;
Forwarding module, be connected with described processing module, be used for carrying out described message forwarding according to the route forwarding table of the associated L3VPN example of the determined sub-interface of described processing module, or by the selected PW of described processing module, the network equipment in described MPLS L2VPN network carries out described message forwarding.
Preferably, when described ve interface need carry out when related with a plurality of L3VPN examples of MPLS L3VPN network, the described module that is provided with, also be used for creating a plurality of sub-interfaces at described ve interface, it is related that each described sub-interface and each L3VPN example of MPLS L3VPN network carry out, and set up corresponding route forwarding table for each described L3VPN example.
Preferably, the described module that is provided with is used to create a ve interface, is specially:
The described module that is provided with is created a ve interface by interface configuration command;
The described module that is provided with is described ve interface configures physical interface attributes parameter;
The described module that is provided with is that described ve interface distributes identification label, and sets up the corresponding relation of described identification label and described ve interface;
The described module that is provided with is that each sub-interface of described ve interface is set up identifying information, and sets up the corresponding relation of described identifying information and described sub-interface.
Preferably, the described network equipment that is provided with in the described MPLS L2VPN network that module determines that described ve interface need connect, the identification label of described ve interface is sent to the network equipment in the described MPLS L2VPN network by the PW label distribution protocol message, and set up PW between the network equipment in described ve interface and the described MPLSL2VPN network, with the PW label of described identification label as described PW;
Described the interface of monopolizing that module is defined as the part or all of sub-interface of described ve interface respectively each MPLSL3VPN network is set, the described sub-interface and the L3VPN example of corresponding M PLS L3VPN network are carried out related, and set up corresponding route forwarding table for each L3VPN example.
Preferably, during message that the network equipment in receiving described MPLS L2VPN network sends by PW, described forwarding module is used for carrying out described message forwarding according to the route forwarding table of the associated L3VPN example of the determined sub-interface of described processing module, is specially:
If described MPLS L2VPN network is specially VPLS, described processing module is determined the pairing ve interface of described message according to the PW label of described message, and whether the mac address information in the physical interface property parameters of the target MAC (Media Access Control) address of judging described message and described ve interface is identical, if it is identical, the heading of then analyzing described message obtains identification information, the identification information of each sub-interface in described identification information and the described ve interface is mated, described forwarding module is by the route forwarding table of the associated L3VPN example of the described processing module sub-interface that the match is successful, described message is carried out IP to be transmitted, if it is inequality, then search MAC and transmit, by described forwarding module described message is carried out MAC and transmit;
If described MPLS L2VPN network is specially VPWS, described processing module is determined the pairing ve interface of described message according to the PW label of described message, and the heading of analyzing described message obtains identification information, the identification information of each sub-interface in described identification information and the described ve interface is mated, and, described message is carried out IP transmit by the route forwarding table of described forwarding module by the associated L3VPN example of the described processing module sub-interface that the match is successful.
Preferably, during message that the network equipment in receiving described MPLS L3VPN network sends, described forwarding module is used for by the selected PW of described processing module, the network equipment in described MPLS L2VPN network carries out described message forwarding, is specially:
Described processing module is learnt the pairing ARP information of the network equipment in the described MPLS L2VPN network, and described ARP information comprises the IP address and the MAC Address of the interface that the network equipment in the described MPLS L2VPN network is connected with the purpose terminal at least;
Described processing module is determined the outgoing interface and the next hop information of described message in the route forwarding table of described L3VPN example according to the purpose IP address of the message of the L3VPN example transmission of described MPLS L3VPN network;
Described processing module is obtained corresponding ARP information according to the outgoing interface and the next hop information of described message, described forwarding module carries out two layers of encapsulation by the MAC Address in the described ARP information to described message, carries out described message forwarding by the specified network equipment of PW in described MPLS L2VPN network of described ARP information again.
Compared with prior art, the present invention has the following advantages:
By using technical scheme of the present invention, can be by unified ve interface realization MPLS L2VPN network and the communication between the MPLS L3VPN network, simplified corresponding operating process, and processing of realization message and forwarding are set owing in different MPLS L2VPN network types, all can use corresponding strategy, effectively raise the treatment effeciency that carries out message interaction between MPLS L2VPN network and the MPLS L3VPN network, reduced the adaptive cost of hardware.
Description of drawings
Fig. 1 is the schematic diagram that the VPN message is transmitted in the prior art;
Fig. 2 is that the message of VPLS network in the prior art is transmitted schematic diagram;
Fig. 3 is that the message of VPWS network in the prior art is transmitted schematic diagram;
Fig. 4 is the networking structure schematic diagram that VPWS inserts L3VPN in the prior art
Fig. 5 is that the message among the VE Group is transmitted schematic diagram in the prior art;
Fig. 6 is the schematic flow sheet of the communication means of a kind of MPLS L2VPN proposed by the invention and MPLS L3VPN;
Fig. 7 is the schematic flow sheet of the communication means of MPLS L2VPN and MPLSL3VPN under a kind of concrete application scenarios proposed by the invention;
Fig. 8 is the schematic flow sheet of the communication means of MPLS L2VPN and MPLSL3VPN under a kind of concrete application scenarios proposed by the invention
Fig. 9 is the structural representation of a kind of NPE equipment proposed by the invention.
Embodiment
At deficiency of the prior art, need to propose a kind of method, realize communicating by letter of MPLS L2VPN network and MPLS L3VPN network by configuration ve interface in NPE equipment.
Based on above-mentioned purpose, the present invention proposes the communication means of a kind of MPLS L2VPN and MPLS L3VPN, be applied to comprise simultaneously in the system of MPLS L2VPN network and MPLS L3VPN network, be connected by NPE equipment between MPLS L2VPN network and the MPLS L3VPN network, comprise a ve interface on the NPE equipment, wherein, ve interface is connected with the network equipment in the MPLS L2VPN network by PW, it is related that this ve interface and the L3VPN example of corresponding M PLS L3VPN network carry out, and set up corresponding route forwarding table for the L3VPN example.
As shown in Figure 6, the schematic flow sheet for the communication means of a kind of MPLS L2VPN proposed by the invention and MPLS L3VPN specifically may further comprise the steps:
Step S601, NPE equipment disposition ve interface.
This ve interface has been realized the interconnection of MPLS L2VPN network and MPLS L3VPN network, on the one hand, this ve interface is connected with the network equipment in the described MPLS L2VPN network by PW, on the other hand, this ve interface carries out related with the L3VPN example of MPLS L3VPN network, and, in ve interface, set up corresponding route forwarding table for this L3VPN example.
In concrete application scenarios, when described ve interface need carry out when related with a plurality of L3VPN examples of MPLS L3VPN network, further comprise a plurality of sub-interfaces in this ve interface, it is related that each sub-interface and each L3VPN example of MPLS L3VPN network carry out, and set up corresponding route forwarding table for each L3VPN example in ve interface.
Need further be pointed out that, if the ve interface in the NPE equipment only need carry out association with a MPLSL3VPN example, so, in ve interface, can no longer set up a plurality of sub-interfaces, but ve interface directly is associated with this L3VPN, like this, when transmitting, need not which L3VPN example of branch sensing and transmit, and in the MLPS L3VPN that NPE equipment is connected, have a plurality of MPLS
During the L3VPN example, need in the ve interface to set up a plurality of sub-interfaces, and each sub-interface is set is associated with each L3VPN example, and corresponding each sub-interface, be respectively each described L3VPN example and set up corresponding route forwarding table.
In concrete application scenarios, can carry out the adjustment that sub-interface is provided with according to the quantity of the L3VPN example in the associated MPLS L3VPN network of NPE equipment, such variation does not influence protection scope of the present invention.
For convenience of description, in the subsequent embodiment specifically the situation with a plurality of sub-interfaces be that example describes.
Wherein, the concrete configuration process of this ve interface is:
At first, NPE equipment is created a ve interface by interface configuration command, and promptly this ve interface is set up in NPE equipment as logic interfacing.
In order to realize the interconnection of MPLS L2VPN network and MPLS L3VPN network, NPE equipment need be the attribute of this ve interface configures physical Ethernet interface, thereby, make other network equipments in the system can perceive this ve interface as physical interface, and carry out corresponding physical layer forwarding process, the attribute of the physics Ethernet interface that wherein, is disposed comprises for example parameter value such as MAC Address and MTU.
On the one hand, in order to set up the interconnection with MPLS L2VPN network, NPE equipment is that ve interface distributes identification label, as the label of going into of this ve interface, and set up the corresponding relation of identification label and ve interface, thereby realize sign to the message that mails to this ve interface among the PW.
On the other hand, NPE equipment also needs to set up identifying information for each sub-interface of ve interface, and sets up the corresponding relation of identifying information and each sub-interface
Further, in concrete application scenarios, implementation concrete in the above-mentioned setting up procedure comprises:
NPE equipment is determined the network equipment in the MPLS L2VPN network that ve interface need connect, NPE equipment sends to the network equipment in the MPLS L2VPN network with the identification label of ve interface by the PW label distribution protocol message, and set up PW between the network equipment in ve interface and the MPLS L2VPN network, with the PW label of this identification label as PW, by such setting, can carry out two layers of encapsulation to the message that responds according to this PW label, realize the message transmissions of MPLS L2VPN network.
NPE equipment is defined as the interface of monopolizing of each MPLS L3VPN network respectively with the part or all of sub-interface of ve interface, the sub-interface and the L3VPN example of corresponding M PLS L3VPN network is carried out related, and sets up corresponding route forwarding table for each L3VPN example.
Owing in abovementioned steps, set up corresponding identifying information for each sub-interface, therefore, behind the corresponding relation of the L3VPN example of having set up corresponding sub-interface and MPLS L3VPN network, above-mentioned identifying information also can be added equally with corresponding corresponding relation in, thereby, in the process of the objective network inquiry of carrying out message, also can be by the identifying information that is complementary as the inquiry foundation, concrete, the identifying information of objective network identifying information and sub-interface in the message can be complementary, when the match is successful, determine the objective network Query Result of the L3VPN example of the pairing MPLS L3VPN of corresponding sub-interface network as this message.
Step S602, NPE recognition of devices receive the source of message.
When NPE equipment receives the message that the network equipment in the MPLS L2VPN network sends by PW, execution in step S603;
When NPE equipment receives the message that the L3VPN example of MPLS L3VPN network sends, execution in step S604.
Step S603, NPE equipment are determined corresponding sub-interface according to the identification information in this message, and carry out described message forwarding according to the route forwarding table of the associated L3VPN example of this sub-interface.
In this step, according to the type of MPLS L2VPN network, specifically be divided into following two kinds of situations:
Situation one, when MPLS L2VPN network is specially VPLS, this message has been carried out label eject to have handled, go into label according to ve interface entrained in this message, determine that this message is the message that sends to ve interface really.
Further determine that according to the target MAC (Media Access Control) address of this message this message is to transmit or needs carry out message to MPLS L3VPN network and send in MPLS L2VPN network, because the network equipment in the MPLSL2VPN network, NPE equipment is equivalent to a gateway device, transmit to MPLS L3VPN network if desired, then target MAC (Media Access Control) address should be set to the MAC Address of this NPE equipment, otherwise, if this message is to transmit in MPLS L2VPN network, then directly with the MAC Address of the destination network device in this MPLS L2VPN network target MAC (Media Access Control) address as this message.
Concrete processing mode be the NPE equipment target MAC (Media Access Control) address of judging this message with the physical interface property parameters of ve interface in mac address information whether identical, if it is identical, then this message need be transmitted to MPLS L3VPN network, therefore, the heading of this message of NPE device analysis is to obtain the objective network identifying information of this message, the identification information of each sub-interface in this objective network identification information and the ve interface is mated, and according to the route forwarding table of the associated L3VPN example of the sub-interface that the match is successful, by sub-interface described message being carried out IP transmits, if it is inequality, then this message is to transmit in the MPLSL2VPN network, the MAC that searches the MPLS L2VPN network of storing in the ve interface transmits, and this message is carried out MAC to the pairing network equipment of target MAC (Media Access Control) address transmit.
Situation two, when MPLS L2VPN network is specially VPWS, this message has been carried out label eject to have handled, go into label according to ve interface entrained in this message, determine that this message is the message that sends to ve interface really.
Because in VPWS, can not occur sending the message that in MPLS L2VPN, to transmit to ve interface by PW, therefore, NPE equipment directly carries out handling to the forwarding of MPLS L3VPN, at first, the heading of analyzing this message is to obtain the objective network identifying information of this message, the identification information of each sub-interface in this objective network identification information and the ve interface is mated, then, according to the route forwarding table of the associated L3VPN example of the sub-interface that the match is successful, by sub-interface described message is carried out IP and transmit.
Step S604, NPE equipment are determined the forwarding information of purpose IP address correspondence in the route forwarding table of L3VPN example of this message, and select corresponding PW according to this forwarding information, carry out this message forwarding by the network equipment of PW in MPLS L2VPN network of selecting.
Before transmitting processing accordingly, at first, NPE equipment need carry out the ARP learning process, the pairing ARP information of the network equipment in the study MPLS L2VPN network, this ARP information comprises the IP address and the MAC Address of the interface that the network equipment in the MPLS L2VPN network is connected with the purpose terminal at least, the destination address that this address information will be transmitted in MPLS L2VPN as this message.
After finishing above-mentioned ARP study, NPE equipment is determined the outgoing interface and the next hop information of described message in the route forwarding table of described L3VPN example according to the purpose IP address of the message of the L3VPN example transmission of MPLS L3VPN network, and obtain corresponding ARP information according to outgoing interface and next hop information, by the ARP information that gets access to this message is encapsulated, select corresponding PW, the network equipment in the MPLSL2VPN network carries out this message forwarding.
Compared with prior art, the present invention has the following advantages:
By using technical scheme of the present invention, can be by unified ve interface realization MPLS L2VPN network and the communication between the MPLS L3VPN network, simplified corresponding operating process, and processing of realization message and forwarding are set owing in different MPLS L2VPN network types, all can use corresponding strategy, effectively raise the treatment effeciency that carries out message interaction between MPLS L2VPN network and the MPLS L3VPN network, reduced the adaptive cost of hardware.
In order further to set forth technological thought of the present invention, existing in conjunction with concrete application scenarios, technical scheme of the present invention is described.
At first, in order to realize above-mentioned technical scheme, need on NPE equipment, carry out the setting of virtual intercommunication interface, a Virtual Ethernet (ve interface) promptly is set on NPE equipment, for other network equipment in the system can be communicated with this ve interface, need promptly carry out corresponding physical interface parameter configuration for ve interface is provided with physical layer state and link layer state.
In concrete the application, in order to realize two kinds of interactive communications between the MPLS network,, both can receive message so this ve interface need be configured to bidirectional interface, also can send message.
In concrete application scenarios, the key step that ve interface is set up comprises:
(1) on NPE equipment, creates a ve interface entity by interface configuration command.
(2) some parameter attributes that have for this ve interface configures physical Ethernet interface, as MAC Address and MTU (Maximum Transmission Unit, MTU), by such configuration, other network equipments in the system are treated this ve interface as physical interface, and carried out corresponding packet sending and receiving to it and handle.
(3) for this ve interface distributes a label (be called ve interface and go into label), set up the corresponding relation of this label and ve interface on NPE equipment, it mainly is in order to carry out the packet sending and receiving processing in the MPLS L2VPN network that such label is provided with.
Different with direct-connected devices communicating, in MPLS L2VPN network, NPE equipment is to be based upon on the virtual link (or being called pseudo-line, PW, Pseudo Wire) with the communication as the user-end provider edge of remote equipment.
Therefore, it is as follows to carry out further set handling:
(1) specifies by the opposite equip. among the MPLS L2VPN of this ve interface communication, the PW label that needs to specify the PW that communicates with this opposite equip. simultaneously for ve interface.
(2) with distributing to the label of going into of ve interface in the above-mentioned setting up procedure, announce to opposite equip. by the PW tag distribution protocol, and set up PW with opposite equip., in actual applications, ve interface is gone into the PW label that label is exactly this PW.
(3) NPE equipment has been announced the PW label to opposite equip., received the PW label affirmation that opposite equip. returns, and found the MPLS tunnel that arrives opposite equip., thereby, PW enters state of activation, after this, the physical state of Ethernet logic interfacing and Link State just enter state of activation thereupon.
(4) for set up and MPLS L3VPN between intercommunication, the quantity of Guan Lian MPLSL3VPN example is one if desired, then directly ve interface is associated with this MPLS L3VPN example, and related if desired MPLS L3VPN example is a plurality of, then ve interface can be created a plurality of sub-interfaces (sub-interface is a logic interfacing, or be called virtual interface), each sub-interface can be designated as specific L3VPN and monopolize interface.
As:
Interface?VE1
peer?10.10.10.10?pw-id?100
mac-address?H-H-H
Interface VE1.100 sub-interface
ip?vrf?vpn1
Interface VE1.101 sub-interface
ip?vrf?vpn1
Transmit in the processing procedure at concrete ve interface message, other network equipments in the system are used as ve interface as the Ethernet physical port and are treated.
Further, illustrate with VPWS and MPLS L3VPN intercommunication earlier, as shown in Figure 7.
At first, under this kind application scenarios, the PW on the ve interface itself is exactly a VPWS example, only need each sub-interface of ve interface is related with different MPLS L3VPN examples respectively, can realize a plurality of MPLS L3VPN and a VPWS intercommunication.
As:
Interface?VE1
peer?10.10.10.10?pw-id?100
Interface VE1.100 sub-interface is an example with this sub-interface hereinafter, and other sub-interface is handled similar.
Ip?vrf?VPN1
Interface VE1.101 sub-interface
Ip?vrf?VPN2
Further, according to the concrete routing direction of message, the intercommunication handling process between VPWS and the MPLS L3VPN is described:
Situation one, on NPE1, for the handling process that E-Packets to MPLS L3VPN direction by VPWS
NPE1 receives that the message that sends from UPE1 (is with two-layer label, outer layer label is the tunnel label of UPE1 to the MPLS tunnel of NPE, vpn label is that ve interface is gone into label), (this layer label may eject on the last two jump equipment at first will to eject tunnel label, it is a kind of in the tag operational that label ejects, just peel off a label) from message, further eject PW label (just ve interface is gone into label) then, thereby, find ve interface according to the PW label of having set up and the corresponding relation of ve interface, with the information setting of message receiving interface on the descriptor of message is ve interface, carries out the reception of interface then and handles.
Ve interface receives after this message, because being point-to-point, VPWS itself connects, therefore do not need the extra forwarding of tabling look-up, directly according to the information analysis result in the Ethernet heading of this message, the sub-interface coupling of carrying out ve interface is (in concrete application scenarios, can be relatively with the tag of appointment on the 802.1QVLAN tag of Ethernet protocol head and the sub-interface, identically then think coupling, difference does not then match), route forwarding table according to the MPLS L3VPN example of the sub-interface correspondence on the coupling is transmitted, message is forwarded to PE1 or PE2 the most at last, and and then sends to CE2 or CE3 by PE1 or PE2.
Situation two, on NPE1, for the handling process that E-Packets to the VPWS direction by MPLS L3VPN
The forwarding of this direction, NPE1 is last to need to carry out an ARP learning process before forwarding, promptly resolve the IP address and the MAC Address of the interface that the CE1 in MPLS L2VPN network links to each other with UPE.
In such ARP learning process, the ARP information of being learnt comprises following information at least:
1, ve interface index, i.e. the address information of the pairing opposite equip. of ve interface, on one side the MPLS L2VPN network of message be forwarded in to(for) needs carry out the destination address setting.
2, receive the sub-interface information corresponding of the ve interface of this message, as VLAN tag information, such information is used for the encapsulation to E-Packeting equally, thereby make the network equipment that receives the message after the forwarding can distinguish the source direction of this message, carry out message interaction if desired, also can realize the setting of destination address.
3, PW index by this information, can directly find the pairing PW of ve interface, to determine the PW of two layers of forwarding.
In the time of need carrying out the message forwarding, at first, NPE1 searches in the L3VPN route forwarding table according to the purpose IP address of the message that receives, and finds this pairing outgoing interface in IP address and next jumping.
Then, search corresponding ARP information (being the aforementioned sub-interface VLAN tag that learns, target MAC (Media Access Control) address, PW index etc.) according to the outgoing interface that finds and next jumping and this message is carried out the encapsulation of Ethernet network packet head.On the one hand, set this message forwarding target MAC (Media Access Control) address, on the other hand, obtain the PW that transmits this message, and stamp PW label and tunnel label for this message, finish and transmit two layers of encapsulation that need on the backbone network according to this PW.
After above-mentioned the finishing dealing with, because being point-to-point, VPWS itself connects, therefore do not need the extra forwarding of tabling look-up, directly specify ve interface to carry out physical interface process of transmitting (it is physical port that ve interface is used as), send this message to corresponding opposite equip. (UPE1) by PW.
Further again, illustrate with VPLS and MPLS L3VPN intercommunication, as shown in Figure 8.
Because can realize the transmission of point-to-multipoint among the VPLS, so, at first need ve interface is joined a VPLS example, realize the intercommunication of a plurality of MPLS L3VPN and a VPLS.
As:
Interface?VE1
peer?10.10.10.10?pw-id?100
mac-address?H-H-H
12?vsi?vsi1
Interface VE1.100 sub-interface
ip?vrf?vpn1
Interface VE1.101 sub-interface
ip?vrf?vpn2
Further, according to the concrete routing direction of message, the intercommunication handling process between VPLS and the MPLS L3VPN is described:
Situation one, on NPE1, for the handling process that E-Packets to MPLS L3VPN direction by VPLS
NPE1 receives that the message that public network sends (is with two-layer label, outer layer label is the public network label, vpn label is that ve interface is gone into label), at first to eject the public network label, further eject PW label (just ve interface is gone into label) then, thereby, ve interface found according to the PW label of having set up and the corresponding relation of ve interface, with the information setting of message receiving interface on the descriptor of message is ve interface, carries out the reception of interface then and handles.
Ve interface receives after this message, checks whether the purpose MAC of this message is identical with the MAC Address of ve interface.
If inequality, judge then and need carry out two layers of forwarding that the MAC that just searches the VPLS example transmits and does the MAC forwarding.
If it is identical, need carry out the IP routing forwarding, just search route forwarding table and do IP forwarding processing, before IP transmits, earlier the Ethernet heading with this message is analyzed, according to analysis result, the sub-interface coupling of carrying out ve interface is (in concrete application scenarios, can be relatively with the tag of appointment on the 802.1QVLAN tag of Ethernet protocol head and the sub-interface, identically then think coupling, difference does not then match), carry out message according to the route forwarding table of the MPLS L3VPN example of the sub-interface correspondence on the coupling and transmit, this message is forwarded to PE1 or PE2 the most at last, and and then sends to CE2 or CE3 by PE1 or PE2.
Situation two, on NPE1, for the handling process that E-Packets to the VPLS direction by MPLS L3VPN
Concrete repeating process comprises the ARP learning process equally, promptly resolves the IP address and the MAC Address of the interface that the CE1 in MPLS L2VPN network links to each other with UPE, and particular content please refer to preamble, in this no longer repeat specification.
In the time of need carrying out the message forwarding, at first, NPE1 searches in the L3VPN route forwarding table according to the purpose IP address of the message that receives, and finds this pairing outgoing interface in IP address and next jumping.
Then, search corresponding ARP information (being the aforementioned sub-interface VLAN tag that learns, target MAC (Media Access Control) address, PW index etc.) and this message is carried out the encapsulation of Ethernet network packet head according to the outgoing interface that finds and next jumping according to corresponding Query Result.On the one hand, set this message forwarding target MAC (Media Access Control) address, on the other hand, obtain the PW that transmits this message, and stamp PW label and tunnel label for this message, finish and transmit two layers of encapsulation that need on the backbone network according to this PW.
After above-mentioned the finishing dealing with, specify ve interface to carry out physical interface process of transmitting (it is physical port that ve interface is used as), send this message to corresponding opposite equip. (UPE2) by PW.
Compared with prior art, the present invention has the following advantages:
By using technical scheme of the present invention, can be by unified ve interface realization MPLS L2VPN network and the communication between the MPLS L3VPN network, simplified corresponding operating process, and processing of realization message and forwarding are set owing in different MPLS L2VPN network types, all can use corresponding strategy, effectively raise the treatment effeciency that carries out message interaction between MPLS L2VPN network and the MPLS L3VPN network, reduced the adaptive cost of hardware.
In order to realize technical scheme of the present invention, the invention allows for a kind of NPE equipment, be applied to comprise simultaneously in the system of MPLS L2VPN network and MPLS L3VPN network, be connected by NPE equipment between MPLS L2VPN network and the MPLS L3VPN network, its structural representation comprises as shown in Figure 9:
Wherein, when ve interface need carry out when related with a plurality of L3VPN examples of MPLS L3VPN network, module 91 is set also to be used for creating a plurality of sub-interfaces at described ve interface, it is related that each sub-interface and each L3VPN example of MPLS L3VPN network carry out, and set up corresponding route forwarding table for each L3VPN example.
In concrete application scenarios, can carry out the adjustment that sub-interface is provided with according to the quantity of the L3VPN example in the associated MPLS L3VPN network of NPE equipment, such variation does not influence protection scope of the present invention.
For convenience of description, in the subsequent embodiment specifically the situation with a plurality of sub-interfaces be that example describes.
The concrete process of setting up ve interface is as follows:
In the concrete application scenarios, during message that the network equipment in receiving MPLS L2VPN network sends by PW, forwarding module 93 is used for carrying out message forwarding according to the route forwarding table of the associated L3VPN example of processing module 92 determined sub-interfaces, is specially:
If MPLS L2VPN network is specially VPLS, processing module 92 is determined the pairing ve interface of message according to the PW label of message, and whether the mac address information in the physical interface property parameters of the target MAC (Media Access Control) address of judging message and ve interface is identical, if it is identical, the heading of then analyzing message obtains identification information, the identification information of each sub-interface in identification information and the ve interface is mated, forwarding module 93 is by the route forwarding table of the associated L3VPN example of processing module 92 sub-interface that the match is successful, message is carried out IP to be transmitted, if it is inequality, then search MAC and transmit, by forwarding module 93 message is carried out MAC and transmit;
If MPLS L2VPN network is specially VPWS, processing module 92 is determined the pairing ve interface of message according to the PW label of message, and the heading of analyzing message obtains identification information, the identification information of each sub-interface in identification information and the ve interface is mated, and, message is carried out IP transmit by the route forwarding table of forwarding module 93 by the associated L3VPN example of processing module 92 sub-interface that the match is successful.
On the other hand, during the message of the network equipment transmission in receiving MPLS L3VPN network, forwarding module 93 is used for by processing module 92 selected PW, and the network equipment in MPLS L2VPN network carries out message forwarding, is specially:
The pairing ARP information of the network equipment in the processing module 92 study MPLS L2VPN networks, ARP information comprises the IP address and the MAC Address of the interface that the network equipment in the MPLS L2VPN network is connected with the purpose terminal at least;
Compared with prior art, the present invention has the following advantages:
By using technical scheme of the present invention, can be by unified ve interface realization MPLS L2VPN network and the communication between the MPLS L3VPN network, simplified corresponding operating process, and processing of realization message and forwarding are set owing in different MPLS L2VPN network types, all can use corresponding strategy, effectively raise the treatment effeciency that carries out message interaction between MPLS L2VPN network and the MPLS L3VPN network, reduced the adaptive cost of hardware.
Through the above description of the embodiments, those skilled in the art can be well understood to the present invention and can realize by hardware, also can realize by the mode that software adds necessary general hardware platform.Based on such understanding, technical scheme of the present invention can embody with the form of software product, it (can be CD-ROM that this software product can be stored in a non-volatile memory medium, USB flash disk, portable hard drive etc.) in, comprise some instructions with so that computer equipment (can be personal computer, server, the perhaps network equipment etc.) each implements the described method of scene to carry out the present invention.
It will be appreciated by those skilled in the art that accompanying drawing is a preferred schematic diagram of implementing scene, module in the accompanying drawing or flow process might not be that enforcement the present invention is necessary.
It will be appreciated by those skilled in the art that the module in the device of implementing in the scene can be distributed in the device of implementing scene according to implementing scene description, also can carry out respective change and be arranged in the one or more devices that are different from this enforcement scene.The module of above-mentioned enforcement scene can be merged into a module, also can further split into a plurality of submodules.
The invention described above sequence number is not represented the quality of implementing scene just to description.
More than disclosed only be several concrete enforcement scene of the present invention, still, the present invention is not limited thereto, any those skilled in the art can think variation all should fall into protection scope of the present invention.
Claims (12)
1. the communication means of MPLS L2VPN and MPLS L3VPN, be applied to comprise simultaneously in the system of MPLS L2VPN network and MPLS L3VPN network, be connected by NPE equipment between described MPLS L2VPN network and the MPLS L3VPN network, it is characterized in that, comprise a ve interface on the described NPE equipment, wherein, described ve interface is connected with the network equipment in the described MPLS L2VPN network by PW, described ve interface also carries out related with the L3VPN example of MPLS L3VPN network, and set up corresponding route forwarding table for described L3VPN example, described method specifically may further comprise the steps:
When described NPE equipment receives the network equipment in the described MPLS L2VPN network when sending to the message of described ve interface by PW, described NPE equipment is determined corresponding ve interface according to the identification information in the described message, and carries out described message forwarding according to the route forwarding table of the associated L3VPN example of described ve interface;
When described NPE equipment receives the message that the L3VPN example of described MPLS L3VPN network sends, described NPE equipment is determined the forwarding information of purpose IP address correspondence in the route forwarding table of described L3VPN example of described message, and select corresponding PW according to described forwarding information, by described PW, the network equipment in described MPLS L2VPN network carries out described message forwarding.
2. the method for claim 1 is characterized in that, described ve interface also carries out relatedly with the L3VPN example of MPLSL3VPN network, and sets up corresponding route forwarding table for described L3VPN example, is specially:
When described ve interface need carry out when related with a plurality of L3VPN examples of MPLS L3VPN network, further comprise a plurality of sub-interfaces in the described ve interface, it is related that each described sub-interface and each L3VPN example of MPLS L3VPN network carry out, and set up corresponding route forwarding table for each described L3VPN example.
3. method as claimed in claim 2 is characterized in that, comprises on the described NPE equipment being specially a ve interface:
Described NPE equipment is created a ve interface by interface configuration command;
Described NPE equipment is described ve interface configures physical interface attributes parameter;
Described NPE equipment is that described ve interface distributes identification label, and sets up the corresponding relation of described identification label and described ve interface;
Each sub-interface that described NPE equipment is described ve interface is set up identifying information, and sets up the corresponding relation of described identifying information and described sub-interface.
4. method as claimed in claim 3 is characterized in that,
Described ve interface is connected with the network equipment in the described MPLS L2VPN network by PW, is specially:
Described NPE equipment is determined the network equipment in the described MPLS L2VPN network that described ve interface need connect, described NPE equipment sends to the network equipment in the described MPLS L2VPN network with the identification label of described ve interface by the PW label distribution protocol message, and set up PW between the network equipment in described ve interface and the described MPLS L2VPN network, with the PW label of described identification label as described PW;
Further comprise a plurality of sub-interfaces in the described ve interface, it is related that each described sub-interface and each L3VPN example of MPLS L3VPN network carry out, and set up corresponding route forwarding table for each described L3VPN example, is specially:
Described NPE equipment is defined as the part or all of sub-interface of described ve interface respectively the interface of monopolizing of each MPLSL3VPN network, the described sub-interface and the L3VPN example of corresponding M PLS L3VPN network are carried out related, and set up corresponding route forwarding table for each L3VPN example.
5. method as claimed in claim 4, it is characterized in that, if comprise a plurality of sub-interfaces in the described ve interface, when described NPE equipment receives the network equipment in the described MPLS L2VPN network when sending to the message of described ve interface by PW, described NPE equipment is determined corresponding ve interface according to the identification information in the described message, and carry out described message forwarding according to the route forwarding table of the associated L3VPN example of described ve interface, be specially:
When described MPLS L2VPN network is specially VPLS, described NPE equipment is determined the pairing ve interface of described message according to the PW label of described message, and whether the mac address information in the physical interface property parameters of the target MAC (Media Access Control) address of judging described message and described ve interface is identical, if it is identical, the heading of then analyzing described message obtains identification information, the identification information of each sub-interface in described identification information and the described ve interface is mated, and according to the route forwarding table of the associated L3VPN example of the sub-interface that the match is successful, by described sub-interface described message being carried out IP transmits, if it is inequality, then search MAC and transmit, described message is carried out MAC transmit;
When described MPLS L2VPN network is specially VPWS, described NPE equipment is determined the pairing ve interface of described message according to the PW label of described message, and the heading of analyzing described message obtains identification information, the identification information of each sub-interface in described identification information and the described ve interface is mated, and, by described sub-interface described message is carried out IP and transmit according to the route forwarding table of the associated L3VPN example of the sub-interface that the match is successful.
6. method as claimed in claim 4, it is characterized in that, when described NPE equipment receives the message that the L3VPN example of described MPLS L3VPN network sends, described NPE equipment is determined the forwarding information of purpose IP address correspondence in the route forwarding table of described L3VPN example of described message, and select corresponding PW according to described forwarding information, by described PW, the network equipment in described MPLS L2VPN network carries out described message forwarding, is specially:
The pairing ARP information of the network equipment in the described MPLS L2VPN of the described NPE learning equipment network, described ARP information comprises the IP address and the MAC Address of the interface that the network equipment in the described MPLS L2VPN network is connected with the purpose terminal at least;
Described NPE equipment is determined the outgoing interface and the next hop information of described message in the route forwarding table of described L3VPN example according to the purpose IP address of the message of the L3VPN example transmission of described MPLS L3VPN network;
Described NPE equipment obtains corresponding ARP information according to the outgoing interface and the next hop information of described message, by described ARP information described message is encapsulated, and select corresponding PW, the network equipment in described MPLS L2VPN network carries out described message forwarding.
7. a NPE equipment is applied to comprise simultaneously in the system of MPLS L2VPN network and MPLS L3VPN network, is connected by NPE equipment between described MPLS L2VPN network and the MPLS L3VPN network, it is characterized in that, comprising:
Module is set, be used to create a ve interface, wherein, described ve interface is connected with the network equipment in the described MPLS L2VPN network by PW, and carry out relatedly with the L3VPN example of MPLS L3VPN network, and set up corresponding route forwarding table for the L3VPN example;
Processing module, be connected with the described module that is provided with, be used for when the network equipment that receives described MPLS L2VPN network sends to the message of described ve interface by PW, in the described sub-interface that the set ve interface of module is set, determine corresponding sub-interface according to the identification information in the described message, maybe the network equipment in receiving described MPLS L3VPN network send message the time, determine the forwarding information of purpose IP address correspondence in the route forwarding table of described L3VPN example of described message, be provided with among the continuous PW of the set ve interface of module described, select corresponding PW according to described forwarding information;
Forwarding module, be connected with described processing module, be used for carrying out described message forwarding according to the route forwarding table of the associated L3VPN example of the determined sub-interface of described processing module, or by the selected PW of described processing module, the network equipment in described MPLS L2VPN network carries out described message forwarding.
8. NPE equipment as claimed in claim 7, it is characterized in that, when described ve interface need carry out when related with a plurality of L3VPN examples of MPLS L3VPN network, the described module that is provided with, also be used for creating a plurality of sub-interfaces at described ve interface, it is related that each described sub-interface and each L3VPN example of MPLS L3VPN network carry out, and set up corresponding route forwarding table for each described L3VPN example.
9. NPE equipment as claimed in claim 8 is characterized in that, the described module that is provided with is used to create a ve interface, is specially:
The described module that is provided with is created a ve interface by interface configuration command;
The described module that is provided with is described ve interface configures physical interface attributes parameter;
The described module that is provided with is that described ve interface distributes identification label, and sets up the corresponding relation of described identification label and described ve interface;
The described module that is provided with is that each sub-interface of described ve interface is set up identifying information, and sets up the corresponding relation of described identifying information and described sub-interface.
10. NPE equipment as claimed in claim 9 is characterized in that,
The described network equipment that is provided with in the described MPLS L2VPN network that module determines that described ve interface need connect, the identification label of described ve interface is sent to the network equipment in the described MPLS L2VPN network by the PW label distribution protocol message, and set up PW between the network equipment in described ve interface and the described MPLS L2VPN network, with the PW label of described identification label as described PW;
Described the interface of monopolizing that module is defined as the part or all of sub-interface of described ve interface respectively each MPLSL3VPN network is set, the described sub-interface and the L3VPN example of corresponding M PLS L3VPN network are carried out related, and set up corresponding route forwarding table for each L3VPN example.
11. NPE equipment as claimed in claim 10, it is characterized in that, during message that the network equipment in receiving described MPLSL2VPN network sends by PW, described forwarding module, be used for carrying out described message forwarding, be specially according to the route forwarding table of the associated L3VPN example of the determined sub-interface of described processing module:
If described MPLS L2VPN network is specially VPLS, described processing module is determined the pairing ve interface of described message according to the PW label of described message, and whether the mac address information in the physical interface property parameters of the target MAC (Media Access Control) address of judging described message and described ve interface is identical, if it is identical, the heading of then analyzing described message obtains identification information, the identification information of each sub-interface in described identification information and the described ve interface is mated, described forwarding module is by the route forwarding table of the associated L3VPN example of the described processing module sub-interface that the match is successful, described message is carried out IP to be transmitted, if it is inequality, then search MAC and transmit, by described forwarding module described message is carried out MAC and transmit;
If described MPLS L2VPN network is specially VPWS, described processing module is determined the pairing ve interface of described message according to the PW label of described message, and the heading of analyzing described message obtains identification information, the identification information of each sub-interface in described identification information and the described ve interface is mated, and, described message is carried out IP transmit by the route forwarding table of described forwarding module by the associated L3VPN example of the described processing module sub-interface that the match is successful.
12. NPE equipment as claimed in claim 10, it is characterized in that, during message that the network equipment in receiving described MPLSL3VPN network sends, described forwarding module, be used for by the selected PW of described processing module, the network equipment in described MPLS L2VPN network carries out described message forwarding, is specially:
Described processing module is learnt the pairing ARP information of the network equipment in the described MPLS L2VPN network, and described ARP information comprises the IP address and the MAC Address of the interface that the network equipment in the described MPLS L2VPN network is connected with the purpose terminal at least;
Described processing module is determined the outgoing interface and the next hop information of described message in the route forwarding table of described L3VPN example according to the purpose IP address of the message of the L3VPN example transmission of described MPLS L3VPN network;
Described processing module is obtained corresponding ARP information according to the outgoing interface and the next hop information of described message, described forwarding module carries out two layers of encapsulation by the MAC Address in the described ARP information to described message, carries out described message forwarding by the specified network equipment of PW in described MPLS L2VPN network of described ARP information again.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201010186818A CN101848161A (en) | 2010-05-31 | 2010-05-31 | Communication method and equipment of MPLS L2VPN (Multiple protocol Label Switching Layer 2 Virtual Private Network) and MPLS L3VPN (Multiple protocol Label Switching Layer 3 Virtual Private Network) |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201010186818A CN101848161A (en) | 2010-05-31 | 2010-05-31 | Communication method and equipment of MPLS L2VPN (Multiple protocol Label Switching Layer 2 Virtual Private Network) and MPLS L3VPN (Multiple protocol Label Switching Layer 3 Virtual Private Network) |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN101848161A true CN101848161A (en) | 2010-09-29 |
Family
ID=42772625
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201010186818A Pending CN101848161A (en) | 2010-05-31 | 2010-05-31 | Communication method and equipment of MPLS L2VPN (Multiple protocol Label Switching Layer 2 Virtual Private Network) and MPLS L3VPN (Multiple protocol Label Switching Layer 3 Virtual Private Network) |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN101848161A (en) |
Cited By (28)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101984607A (en) * | 2010-11-16 | 2011-03-09 | 中兴通讯股份有限公司 | Method of Ethernet interface to simultaneously support routing function and switching function |
| WO2011054263A1 (en) * | 2009-11-03 | 2011-05-12 | 中兴通讯股份有限公司 | Access method and access system for layer 3 virtual private networks(vpn) |
| CN102082738A (en) * | 2011-03-10 | 2011-06-01 | 迈普通信技术股份有限公司 | Method for extending MPLS VPN access through public network and PE equipment |
| CN102291317A (en) * | 2011-09-15 | 2011-12-21 | 中兴通讯股份有限公司 | Transmission method and device of message of virtual private network |
| CN102368726A (en) * | 2011-09-14 | 2012-03-07 | 杭州华三通信技术有限公司 | Forwarding method and device applied to L2VPN (layer 2 virtual private network) |
| CN102611618A (en) * | 2012-02-23 | 2012-07-25 | 中兴通讯股份有限公司 | Route protection converting method and device |
| CN102611603A (en) * | 2012-03-16 | 2012-07-25 | 中兴通讯股份有限公司 | Method and device for establishing static MPLS (Multi-Protocol Label Switch) tunnel forwarding table and transmitting data |
| CN102739501A (en) * | 2011-04-01 | 2012-10-17 | 中兴通讯股份有限公司 | Message forwarding method in two or three layer virtual private network (VPN) and system thereof |
| CN103491009A (en) * | 2013-09-27 | 2014-01-01 | 华为技术有限公司 | Flow forwarding method and device and gateway device |
| WO2014008802A1 (en) * | 2012-07-10 | 2014-01-16 | Hangzhou H3C Technologies Co., Ltd. | Traffic forwarding in a layer 2 edge network |
| CN103634210A (en) * | 2012-08-28 | 2014-03-12 | 杭州华三通信技术有限公司 | Method and apparatus for discovering opposite-end provider edge (PE) device of virtual private LAN service (VPLS) instance |
| CN104243264A (en) * | 2014-09-03 | 2014-12-24 | 烽火通信科技股份有限公司 | System and method for connecting PW to L3VPN through N:1 model |
| CN105049316A (en) * | 2015-08-26 | 2015-11-11 | 华为技术有限公司 | Communication method and communication device |
| CN105530661A (en) * | 2014-09-30 | 2016-04-27 | 中国电信股份有限公司 | Method, router and system for measuring L2+L3 VPN network performance |
| EP3021529A1 (en) * | 2013-09-23 | 2016-05-18 | Huawei Technologies Co., Ltd. | Method and device for implementing layer 3 virtual private network |
| WO2016119734A1 (en) * | 2015-01-29 | 2016-08-04 | Hangzhou H3C Technologies Co., Ltd. | Access layer-2 virtual private network from layer-3 virtual private network |
| WO2016150093A1 (en) * | 2015-03-20 | 2016-09-29 | 中兴通讯股份有限公司 | Packet forward method, device, and pe apparatus |
| WO2016155394A1 (en) * | 2015-03-31 | 2016-10-06 | 华为技术有限公司 | Method and device for establishing link between virtual network functions |
| CN106713140A (en) * | 2016-12-22 | 2017-05-24 | 武汉烽火网络有限责任公司 | Forwarding method of supporting co-working of various label distribution protocols and MPLS equipment |
| CN107770028A (en) * | 2017-09-28 | 2018-03-06 | 安徽皖通邮电股份有限公司 | The method realized for the point-to-multipoint virtual LAN services of China Telecom's scene |
| CN108092890A (en) * | 2017-12-26 | 2018-05-29 | 新华三技术有限公司 | Method for routing foundation and device |
| CN108989311A (en) * | 2013-05-31 | 2018-12-11 | 华为技术有限公司 | Generate the method and apparatus of input parameter |
| CN109379268A (en) * | 2018-11-27 | 2019-02-22 | 新华三技术有限公司合肥分公司 | Creation method, device and the server of Virtual Private Network |
| CN109756409A (en) * | 2017-11-01 | 2019-05-14 | 中兴通讯股份有限公司 | Bridge-connection transmitting method |
| CN110677337A (en) * | 2019-09-27 | 2020-01-10 | 新华三信息安全技术有限公司 | Data forwarding method and device, network equipment and computer readable storage medium |
| WO2021042446A1 (en) * | 2019-09-04 | 2021-03-11 | 厦门网宿有限公司 | Layer-two tunnel switching method, system, and apparatus |
| CN113315764A (en) * | 2021-05-25 | 2021-08-27 | 深圳壹账通智能科技有限公司 | ARP attack-preventing data packet sending method and device, router and storage medium |
| CN113691897A (en) * | 2021-08-27 | 2021-11-23 | 烽火通信科技股份有限公司 | Method and device for end-to-end reverse creation of EOO service |
Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20050190757A1 (en) * | 2004-02-27 | 2005-09-01 | Cisco Technology Inc. | Interworking between Ethernet and non-Ethernet customer sites for VPLS |
| CN1980176A (en) * | 2006-11-15 | 2007-06-13 | 杭州华为三康技术有限公司 | Mixed virtual private network system and backbone network edge apparatus and configuration method |
| WO2009021458A1 (en) * | 2007-08-14 | 2009-02-19 | Huawei Technologies Co., Ltd. | Method, apparatus and system for connecting layer2 network and layer3 network |
-
2010
- 2010-05-31 CN CN201010186818A patent/CN101848161A/en active Pending
Patent Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20050190757A1 (en) * | 2004-02-27 | 2005-09-01 | Cisco Technology Inc. | Interworking between Ethernet and non-Ethernet customer sites for VPLS |
| CN1980176A (en) * | 2006-11-15 | 2007-06-13 | 杭州华为三康技术有限公司 | Mixed virtual private network system and backbone network edge apparatus and configuration method |
| WO2009021458A1 (en) * | 2007-08-14 | 2009-02-19 | Huawei Technologies Co., Ltd. | Method, apparatus and system for connecting layer2 network and layer3 network |
Cited By (57)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| WO2011054263A1 (en) * | 2009-11-03 | 2011-05-12 | 中兴通讯股份有限公司 | Access method and access system for layer 3 virtual private networks(vpn) |
| CN101984607A (en) * | 2010-11-16 | 2011-03-09 | 中兴通讯股份有限公司 | Method of Ethernet interface to simultaneously support routing function and switching function |
| CN101984607B (en) * | 2010-11-16 | 2015-06-10 | 中兴通讯股份有限公司 | Method of Ethernet interface to simultaneously support routing function and switching function |
| CN102082738A (en) * | 2011-03-10 | 2011-06-01 | 迈普通信技术股份有限公司 | Method for extending MPLS VPN access through public network and PE equipment |
| CN102739501B (en) * | 2011-04-01 | 2017-12-12 | 中兴通讯股份有限公司 | Message forwarding method and system in two three layer virtual private networks |
| CN102739501A (en) * | 2011-04-01 | 2012-10-17 | 中兴通讯股份有限公司 | Message forwarding method in two or three layer virtual private network (VPN) and system thereof |
| CN102368726A (en) * | 2011-09-14 | 2012-03-07 | 杭州华三通信技术有限公司 | Forwarding method and device applied to L2VPN (layer 2 virtual private network) |
| CN102368726B (en) * | 2011-09-14 | 2014-09-10 | 杭州华三通信技术有限公司 | Forwarding method and device applied to L2VPN (layer 2 virtual private network) |
| WO2013037242A1 (en) * | 2011-09-15 | 2013-03-21 | 中兴通讯股份有限公司 | Method and device for forwarding message of virtual private network |
| CN102291317B (en) * | 2011-09-15 | 2018-03-02 | 中兴通讯股份有限公司 | A kind of retransmission method and device of virtual private network packet |
| CN102291317A (en) * | 2011-09-15 | 2011-12-21 | 中兴通讯股份有限公司 | Transmission method and device of message of virtual private network |
| CN102611618A (en) * | 2012-02-23 | 2012-07-25 | 中兴通讯股份有限公司 | Route protection converting method and device |
| CN102611618B (en) * | 2012-02-23 | 2015-06-03 | 中兴通讯股份有限公司 | Route protection converting method and device |
| CN102611603A (en) * | 2012-03-16 | 2012-07-25 | 中兴通讯股份有限公司 | Method and device for establishing static MPLS (Multi-Protocol Label Switch) tunnel forwarding table and transmitting data |
| CN103546374A (en) * | 2012-07-10 | 2014-01-29 | 杭州华三通信技术有限公司 | Message forwarding method and device in two-layered edge network |
| US9154419B2 (en) | 2012-07-10 | 2015-10-06 | Hangzhou H3C Technologies Co., Ltd. | Traffic forwarding in a layer 2 edge network |
| WO2014008802A1 (en) * | 2012-07-10 | 2014-01-16 | Hangzhou H3C Technologies Co., Ltd. | Traffic forwarding in a layer 2 edge network |
| CN103546374B (en) * | 2012-07-10 | 2016-08-03 | 杭州华三通信技术有限公司 | A kind of method and apparatus E-Packeted in edge double layer network |
| CN103634210A (en) * | 2012-08-28 | 2014-03-12 | 杭州华三通信技术有限公司 | Method and apparatus for discovering opposite-end provider edge (PE) device of virtual private LAN service (VPLS) instance |
| CN103634210B (en) * | 2012-08-28 | 2016-10-19 | 杭州华三通信技术有限公司 | Find the method and apparatus of the opposite end PE equipment of VPLS example |
| CN108989311A (en) * | 2013-05-31 | 2018-12-11 | 华为技术有限公司 | Generate the method and apparatus of input parameter |
| US10091106B2 (en) | 2013-09-23 | 2018-10-02 | Huawei Technologies Co., Ltd | Method for implementing layer 3 virtual private network and device |
| EP3021529A1 (en) * | 2013-09-23 | 2016-05-18 | Huawei Technologies Co., Ltd. | Method and device for implementing layer 3 virtual private network |
| EP3021529A4 (en) * | 2013-09-23 | 2016-07-20 | Huawei Tech Co Ltd | Method and device for implementing layer 3 virtual private network |
| CN103491009B (en) * | 2013-09-27 | 2017-01-04 | 华为技术有限公司 | The retransmission method of a kind of flow, device and gateway device |
| CN103491009A (en) * | 2013-09-27 | 2014-01-01 | 华为技术有限公司 | Flow forwarding method and device and gateway device |
| CN104243264B (en) * | 2014-09-03 | 2017-11-07 | 烽火通信科技股份有限公司 | Pseudo-wire PW uses N:1 model accesses L3VPN system and method |
| CN104243264A (en) * | 2014-09-03 | 2014-12-24 | 烽火通信科技股份有限公司 | System and method for connecting PW to L3VPN through N:1 model |
| CN105530661B (en) * | 2014-09-30 | 2018-09-21 | 中国电信股份有限公司 | Measure method, router and the system of L2+L3 VPN network performances |
| CN105530661A (en) * | 2014-09-30 | 2016-04-27 | 中国电信股份有限公司 | Method, router and system for measuring L2+L3 VPN network performance |
| WO2016119734A1 (en) * | 2015-01-29 | 2016-08-04 | Hangzhou H3C Technologies Co., Ltd. | Access layer-2 virtual private network from layer-3 virtual private network |
| US10505759B2 (en) | 2015-01-29 | 2019-12-10 | Hewlett Packard Enterprise Development Lp | Access layer-2 virtual private network from layer-3 virtual private network |
| CN105991433B (en) * | 2015-01-29 | 2019-06-07 | 新华三技术有限公司 | The method and apparatus of Layer3 Virtual Private Network access Layer 2 virtual private network |
| CN105991433A (en) * | 2015-01-29 | 2016-10-05 | 杭州华三通信技术有限公司 | Method and device of accessing layer 3 virtual private network (L3VPN) in layer 2 virtual private network (L2VPN) |
| CN106034072A (en) * | 2015-03-20 | 2016-10-19 | 中兴通讯股份有限公司 | Packet forwarding method and device and service provider network edge PE equipment |
| WO2016150093A1 (en) * | 2015-03-20 | 2016-09-29 | 中兴通讯股份有限公司 | Packet forward method, device, and pe apparatus |
| US10819538B2 (en) | 2015-03-31 | 2020-10-27 | Huawei Technologies Co., Ltd. | Method and apparatus for establishing link between virtualized network functions |
| WO2016155394A1 (en) * | 2015-03-31 | 2016-10-06 | 华为技术有限公司 | Method and device for establishing link between virtual network functions |
| CN105049316B (en) * | 2015-08-26 | 2018-08-14 | 华为技术有限公司 | Communication means and communication equipment |
| CN105049316A (en) * | 2015-08-26 | 2015-11-11 | 华为技术有限公司 | Communication method and communication device |
| CN106713140A (en) * | 2016-12-22 | 2017-05-24 | 武汉烽火网络有限责任公司 | Forwarding method of supporting co-working of various label distribution protocols and MPLS equipment |
| CN106713140B (en) * | 2016-12-22 | 2019-05-24 | 烽火通信科技股份有限公司 | Support the cooperative retransmission method of a variety of label distribution protocols and MPLS equipment |
| CN107770028B (en) * | 2017-09-28 | 2020-11-27 | 安徽皖通邮电股份有限公司 | Method for realizing point-to-multipoint virtual local area network service in China telecommunication scene |
| CN107770028A (en) * | 2017-09-28 | 2018-03-06 | 安徽皖通邮电股份有限公司 | The method realized for the point-to-multipoint virtual LAN services of China Telecom's scene |
| CN109756409A (en) * | 2017-11-01 | 2019-05-14 | 中兴通讯股份有限公司 | Bridge-connection transmitting method |
| CN109756409B (en) * | 2017-11-01 | 2021-10-26 | 中兴通讯股份有限公司 | Bridge forwarding method |
| CN108092890B (en) * | 2017-12-26 | 2020-01-07 | 新华三技术有限公司 | Route establishing method and device |
| CN108092890A (en) * | 2017-12-26 | 2018-05-29 | 新华三技术有限公司 | Method for routing foundation and device |
| CN109379268A (en) * | 2018-11-27 | 2019-02-22 | 新华三技术有限公司合肥分公司 | Creation method, device and the server of Virtual Private Network |
| CN109379268B (en) * | 2018-11-27 | 2021-05-07 | 新华三技术有限公司合肥分公司 | Virtual private network creating method and device and server |
| WO2021042446A1 (en) * | 2019-09-04 | 2021-03-11 | 厦门网宿有限公司 | Layer-two tunnel switching method, system, and apparatus |
| CN110677337A (en) * | 2019-09-27 | 2020-01-10 | 新华三信息安全技术有限公司 | Data forwarding method and device, network equipment and computer readable storage medium |
| CN110677337B (en) * | 2019-09-27 | 2021-10-12 | 新华三信息安全技术有限公司 | Data forwarding method and device, network equipment and computer readable storage medium |
| CN113315764A (en) * | 2021-05-25 | 2021-08-27 | 深圳壹账通智能科技有限公司 | ARP attack-preventing data packet sending method and device, router and storage medium |
| CN113315764B (en) * | 2021-05-25 | 2023-03-10 | 深圳壹账通智能科技有限公司 | ARP attack-preventing data packet sending method and device, router and storage medium |
| CN113691897A (en) * | 2021-08-27 | 2021-11-23 | 烽火通信科技股份有限公司 | Method and device for end-to-end reverse creation of EOO service |
| CN113691897B (en) * | 2021-08-27 | 2023-05-12 | 烽火通信科技股份有限公司 | Method and device for reversely creating EOO service end to end |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN101848161A (en) | Communication method and equipment of MPLS L2VPN (Multiple protocol Label Switching Layer 2 Virtual Private Network) and MPLS L3VPN (Multiple protocol Label Switching Layer 3 Virtual Private Network) | |
| CN101617305B (en) | Border gateway protocol procedures for MPLS and layer-2 VPN using ethernet-based tunnels | |
| JP4511532B2 (en) | Device for connection-oriented transfer in packet-switched communication networks | |
| EP2014035B1 (en) | Ethernet vll spoke termination at an ip interface | |
| CN101110745A (en) | Method, device and system for engaging second layer network and third layer network | |
| CN102045242B (en) | Network communication method and network node equipment | |
| CN100550814C (en) | A kind of system and method based on two layer VPN foreign medium communication | |
| EP3364613B1 (en) | Method and device for transmitting traffic via specified path | |
| CN104869042A (en) | Message forwarding method and message forwarding device | |
| CN102739501B (en) | Message forwarding method and system in two three layer virtual private networks | |
| CN101636724A (en) | Border gateway protocol extended community attribute for layer-2 and layer-3 virtual private networks using 802.1AH-based tunnels | |
| CN101217470B (en) | Method and device for forwarding message | |
| WO2011113340A1 (en) | Access method and apparatus for multi-protocol label switching layer 2 virtual private network | |
| CN100514929C (en) | Method and device for message transfer of virtual private local area network | |
| CN101115005A (en) | Method and apparatus for implementing edge-to-edge pseudo-line simulation | |
| CN101355516B (en) | Method and system for providing service quality tactics for various virtual special network | |
| CN102695103A (en) | Service forwarding method and system | |
| CN105453513A (en) | Packet forwarding method, forwarding entry delivery method, and network device | |
| CN101087257B (en) | Method for realizing service quality for VPN traffic based on Ethernet interface | |
| CN100450095C (en) | System and method for providing QoS service to virtual special line | |
| CN101552710B (en) | Method, system and router for realizing virtual special network cross-domain | |
| CN101286918A (en) | Virtual private network system and data processing method thereof | |
| CN100466590C (en) | Method for sharing V-Switch transparent-transferring data load | |
| CN102724126A (en) | Method, device and equipment for forwarding Ethernet tree (E-tree) service message | |
| CN102970224A (en) | Method compatible with ATM (asynchronous transfer mode) system and based on IP (Internet protocol) switched network for realizing MPLS (multi-protocol label switching) message forwarding |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C02 | Deemed withdrawal of patent application after publication (patent law 2001) | ||
| WD01 | Invention patent application deemed withdrawn after publication |
Application publication date: 20100929 |