CN105099915B - A kind of method and apparatus for establishing service path - Google Patents

A kind of method and apparatus for establishing service path Download PDF

Info

Publication number
CN105099915B
CN105099915B CN201410173170.XA CN201410173170A CN105099915B CN 105099915 B CN105099915 B CN 105099915B CN 201410173170 A CN201410173170 A CN 201410173170A CN 105099915 B CN105099915 B CN 105099915B
Authority
CN
China
Prior art keywords
internet protocol
destination address
address
service
tunnel destination
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN201410173170.XA
Other languages
Chinese (zh)
Other versions
CN105099915A (en
Inventor
姚宁
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Huawei Technologies Co Ltd
Original Assignee
Huawei Technologies Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Huawei Technologies Co Ltd filed Critical Huawei Technologies Co Ltd
Priority to CN201410173170.XA priority Critical patent/CN105099915B/en
Priority to PCT/CN2014/090965 priority patent/WO2015165249A1/en
Publication of CN105099915A publication Critical patent/CN105099915A/en
Application granted granted Critical
Publication of CN105099915B publication Critical patent/CN105099915B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L12/00Data switching networks
    • H04L12/28Data switching networks characterised by path configuration, e.g. LAN [Local Area Networks] or WAN [Wide Area Networks]
    • H04L12/46Interconnection of networks

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)

Abstract

The present invention provides a kind of method and apparatus for establishing service path, is related to the communications field, can be realized the flexible deployment of service processing equipment, and the internet protocol address for understanding service processing equipment is only needed in strategy configuration, improves the maintainability of business chain.Its method is:Receive the request message that starting point device generates, the request message includes the internet protocol address of all service processing equipments of service path, indicate the pointer and flow point category information of internet protocol address, the internet protocol address being directed toward according to the pointer, determine forwarding table term of virtual private network to be generated enters tunnel destination address and out tunnel destination address, according to it is described enter tunnel destination address and it is described go out tunnel destination address and the flow point category information generate the forwarding table term of virtual private network, and pointer is added one, the request message is forwarded according still further to the internet protocol address that the pointer after adding one is directed toward.The present invention for establishing service path automatically.

Description

A kind of method and apparatus for establishing service path
Technical field
The present invention relates to the communications field more particularly to a kind of methods and apparatus for establishing service path.
Background technique
With the development of network technology, software, hardware product are more diversified, and performance constantly enhances, and user can be according to Business needs that various network service processing equipments is freely selected to carry out business processing.And increase in user choice same When, some problems have also been drawn, such as, how easily to have carried out networking, on-demand additions and deletions service processing equipment, neatly layout industry Business flow etc..Business chain (English:Service-Chaining be) a kind of is flexibly by several service processing equipments concatenation Business chain, and the network technology for the service processing equipment for guiding related service flow to be flowed through in the business chain by set sequence. By Service-Chaining technology, the industry of various complexity can be flexibly defined in the network environment of current various complexity Business service logic and model.
Generally by policy routing technique come approximate realization business chain function in current networking.Such as it is hung on an interchanger Three service processing equipments:Firewall, Anti Virus Gateway and application control gateway, can be had by several in these three equipment Sequence permutation and combination form multiple business chains, here by taking this business chain of firewall → Anti Virus Gateway as an example, when certain Business Stream Flow when passing through interchanger, interchanger needs to identify the Business Stream and successively guides it in sequence to firewall → anti- Viral gateway carries out business processing, and concrete implementation mode is to be routed by configuration strategy on switches, will meet tactful road By Business Stream be redirected to specified interface or next-hop Internet protocol (English:Internet Protocol, abbreviation:IP) Location can be realized.
Human configuration is carried out by traditional policybased routing, although business chain function also may be implemented, but it is clear that in the presence of Some problems and drawback, such as:Strategy configuration is complicated.User needs what be will be apparent that know which business processing interchanger has docked What equipment, the incoming interface of docking and outgoing interface be, what is, for each business with the interface IP of service processing equipment interconnection The problems such as chain flow will go to service processing equipment, then return from which interface from the interface of which on interchanger.Work as business When service processing equipment negligible amounts, Business Stream on chain are also more single, networks trategy is relatively simple, and user is by manually matching Setting can deal with.Once when service processing equipment quantity increases, Business Stream needs to segment, networks trategy complexity is at geometry grade Number increases, and user's human configuration task amount is big.For another example, because being the business chain function of realizing by policy routing mechanism, The connectivity between two the service of connection devices can only be checked in maintenance, can not be checked the connected state of whole business chain, be caused to tie up Shield is difficult.
Summary of the invention
The present invention provides a kind of method and apparatus for establishing service path, can be realized the flexible portion of service processing equipment Administration only needs the internet protocol address for understanding service processing equipment in strategy configuration, improves the maintainability of business chain.
In order to achieve the above objectives, the present invention adopts the following technical scheme that:
In a first aspect, a kind of method for establishing service path is provided, including:
The request message that starting point device generates is received, the request message includes at all business of the service path Manage the internet protocol address of equipment, the pointer and flow point category information of the instruction internet protocol address;
According to the internet protocol address that the pointer is directed toward, determine forwarding table term of virtual private network to be generated enters tunnel Destination address and out tunnel destination address;
According to it is described enter tunnel destination address and it is described go out described in tunnel destination address and the flow point category information generate Forwarding table term of virtual private network, and the pointer is added one, it is forwarded according still further to the internet protocol address that the pointer after adding one is directed toward The request message, in order to which when the request message reaches termination point device, the termination point device is to the starting point Equipment, which returns, indicates that the service path establishes the back message completed.
With reference to first aspect, in the first possible implementation of the first aspect, described to be directed toward according to the pointer Internet protocol address, determine forwarding table term of virtual private network to be generated enters tunnel destination address and out tunnel destination address Including:
The previous internet protocol address for judging that the pointer is directed toward whether there is, and if it exists, then by the previous net Internet protocol address enters tunnel destination address as forwarding table term of virtual private network to be generated, it is described enter tunnel destination address be Forward a upper internet protocol address for the request message;If it does not exist, it is determined that Virtual Private Network forwarding table to be generated Item enters tunnel destination address for sky;And
The latter internet protocol address for judging that the pointer is directed toward whether there is, and if it exists, then by the latter net Internet protocol address goes out tunnel destination address as forwarding table term of virtual private network to be generated, and the tunnel destination address out is Forward next internet protocol address of the request message;If it does not exist, it is determined that the Virtual Private Network to be generated turns The tunnel destination address that goes out of forwarding list item is sky.
With reference to first aspect or the first possible implementation of first aspect, second in first aspect are possible real In existing mode, the request message further includes the status information and relative time information of current business processing equipment;
The back message includes the status information of all service processing equipments so that the starting point device according to The state of all service processing equipments and the service path described in the state information acquisition establish situation.
With reference to first aspect or the first or second of possible implementation of first aspect, in the third of first aspect In kind mode in the cards, the method also includes:
When receiving the service message of the corresponding flow point category information, business processing is carried out to the service message, is obtained To treated service message, the forwarding table term of virtual private network is obtained, is forwarded according to the forwarding table term of virtual private network Treated the service message.
With reference to first aspect or any one into the third possible implementation of first aspect first, in first party In the 4th kind of mode in the cards in face, the flow point category information includes preset five-tuple classification information;
Or, the flow point category information includes classification control Access Column table number.
Second aspect provides a kind of equipment, including:
Receiving unit, the request message generated for receiving starting point device, the request message includes the business road The internet protocol address of all service processing equipments of diameter, the pointer and flow point category information for indicating the internet protocol address;
Determination unit, the internet protocol address for being directed toward according to the pointer determine that Virtual Private Network to be generated turns Forwarding list item enters tunnel destination address and out tunnel destination address;
Generation unit, for entering tunnel destination address and tunnel destination address and the flow point class out according to Information generates the forwarding table term of virtual private network;
Processing unit, for the pointer to be added one;
Transmission unit, the internet protocol address for being directed toward according to the pointer after adding one forward the request message, so as to In when the request message reaches termination point device, the termination point device is returned to the starting point device indicates the industry The back message completed is established in business path.
In conjunction with second aspect, in the first possible implementation of the second aspect, the determination unit is specifically used for:
The previous internet protocol address for judging that the pointer is directed toward whether there is, and if it exists, then by the previous net Internet protocol address enters tunnel destination address as forwarding table term of virtual private network to be generated, it is described enter tunnel destination address be Forward a upper internet protocol address for the request message;If it does not exist, it is determined that Virtual Private Network forwarding table to be generated Item enters tunnel destination address for sky;And
The latter internet protocol address for judging that the pointer is directed toward whether there is, and if it exists, then by the latter net Internet protocol address goes out tunnel destination address as forwarding table term of virtual private network to be generated, and the tunnel destination address out is Forward next internet protocol address of the request message;If it does not exist, it is determined that Virtual Private Network forwarding table to be generated The tunnel destination address that goes out of item is sky.
In conjunction with the possible implementation of the first of second aspect or second aspect, second in second aspect may be real In existing mode, the request message further includes the status information and relative time information of current business processing equipment;
The back message includes the status information of all service processing equipments so that the starting point device according to The state of all service processing equipments and the service path described in the state information acquisition establish situation.
In conjunction with the first or second of possible implementation of second aspect or second aspect, in the third of second aspect In kind mode in the cards, the processing unit is also used to, when receiving the service message of the corresponding flow point category information, Business processing is carried out to the service message, the service message that obtains that treated;The transmission unit is also used to, and obtains the void Quasi- private network forwarding-table item, according to forwarding table term of virtual private network forwarding treated the service message.
In conjunction with any one of second aspect or second aspect first into the third possible implementation, in second party In the 4th kind of mode in the cards in face, the flow point category information includes preset five-tuple classification information;
Or, the flow point category information includes classification control Access Column table number.
The present invention provides a kind of method and apparatus for establishing service path, the request report generated by receiving starting point device Text, request message include the internet protocol address of all service processing equipments of service path, the finger for indicating internet protocol address Needle and flow point category information determine forwarding table term of virtual private network to be generated according to the internet protocol address that pointer is directed toward Enter tunnel destination address and out tunnel destination address, believes according to tunnel destination address and out tunnel destination address and flow point class is entered Breath generates forwarding table term of virtual private network, and pointer is added one, turns according still further to the internet protocol address that the pointer after adding one is directed toward Request message is sent out, in order to which when request message reaches termination point device, termination point device is returned to starting point device indicates industry The back message completed is established in business path, can be realized the flexible deployment of service processing equipment, and the process of simplified strategy configuration mentions The maintainability of high business chain.
Detailed description of the invention
To describe the technical solutions in the embodiments of the present invention more clearly, make required in being described below to embodiment Attached drawing is briefly described, it should be apparent that, drawings in the following description are only some embodiments of the invention, for For those of ordinary skill in the art, without creative efforts, it can also be obtained according to these attached drawings other Attached drawing.
Fig. 1 is a kind of system schematic provided in an embodiment of the present invention;
Fig. 2 is a kind of method flow schematic diagram for establishing service path provided in an embodiment of the present invention;
Fig. 3 is a kind of device structure schematic diagram provided in an embodiment of the present invention;
Fig. 4 is another device structure schematic diagram provided in an embodiment of the present invention.
Specific embodiment
Following will be combined with the drawings in the embodiments of the present invention, and technical solution in the embodiment of the present invention carries out clear, complete Site preparation description, it is clear that described embodiments are only a part of the embodiments of the present invention, instead of all the embodiments.It is based on Embodiment in the present invention, it is obtained by those of ordinary skill in the art without making creative efforts every other Embodiment shall fall within the protection scope of the present invention.
Service-Chaining network technology can neatly define various in the network environment of current various complexity Complicated business service logic and model.In general, Service-Chaining may include following technology terms and concept:
Business Stream:Message (for example, the message for matching certain field) comprising certain service features or the certain industry of matching The data flow of the message (such as certain access IP, port) of business strategy.
Chain node:Refer to the service processing equipment in business chain, refer to separate traffic processing equipment, for example, can for firewall, Anti Virus Gateway, using control gateway etc..
Forward-path:Refer to the practical road of all devices composition passed through during message is forwarded from source to purpose Diameter.
Service path:Refer to the service processing equipment (link having to pass through during message is forwarded from source to purpose Point) composition logical path.
As shown in Figure 1, being a kind of system schematic provided in an embodiment of the present invention.The present invention essentially consists in starting point and end The change of node internal processes, processing mode.In Fig. 1, starting point and destination node are logical node, and starting point is generally by handing over Change planes, the forwarding devices such as router undertake, destination node is usually the last one service processing equipment in a business chain.Figure Solid line in 1 is a Business Stream, by the message forwarding path of user A access server A;Dotted line is Service-Chaining Virtual Private Network (the English of technical application:Virtual Private Network, abbreviation:VPN) turn of path clustering message Path is sent out, by defining this control message, and so that the control message is successively established two neighboring business processing in business chain and sets Standby vpn tunneling path, while generating Business Stream in tunnel upstream business processing equipment and redirecting strategy, for subsequent true Business matching forwarding;Dotted line describes the business processing path that the Business Stream needs to pass through, that is, Service-Chaining Business chain path, business chain in the embodiment of the present invention just with:Starting point → 1 → service processing equipment of service processing equipment 2 → It is illustrated for service processing equipment 3.
The Service-Chaining business chain mechanism that the present invention realizes is exactly to make business by set technological means The forward-path of stream can cover service path, and forward and processing business message according to preset service path.
Further, since the same service processing equipment may be used by multiple business chains, and therefore, a service processing equipment Tunnel may be established with a number of other service processing equipments, use more generic route encapsulations (English in the embodiment of the present invention: Multi-Generic Routing Encapsulation, abbreviation:MGRE) technology, in advance in starting point and each business processing Tunnel (the English of generated mGRE type in equipment:Tunnel) interface, the interface only need to configure the source of service processing equipment Address does not need specified destination address, and to realize, there are a plurality of gre tunnelings in a mgre tunnel interface, correspond to multiple GRE pairs End.
For the control message being mentioned in above description, the embodiment of the present invention provides a kind of special type of message, this In be known as VPN path clustering message, subsequent abbreviation controls message.Control message encapsulation implementation can there are many, this hair Bright embodiment provides a kind of packaged type for being typically directed to three-layer VPN.In order to improve on the forwarding devices such as exchange, routing Penetrability, the embodiment of the present invention is using User Datagram Protocol (English:User Datagram Protocol, abbreviation:UDP it) assists View encapsulation, is all set as 65001 for source, destination slogan, intermediate equipment can may determine that by udp protocol and port number information The control message out.Wherein, control relevant parameter can be placed on the Payload payload segment of UDP.
Specifically, as shown in table 1, control message structure may include Type (type), Length (length), Sequence No (sequence number) and path control information etc..Wherein, Type is the type for controlling message, including request message (please seek survival Message is deleted at message or request) and back message etc..Length refers to entire VPN Path Control Data (path clustering Data) length.Sequence No refers to the sequence number of current control message, and each request and back message can possess Identical sequence number.Path control information is according to the difference of control type of message, and the format of the field is different.
Table 1 controls message structure
It wherein, include source address and destination address in IP Header, to indicate the source and destination of the control message;UDP Header (UDP heading) is used to indicate the message class that the control message newly proposes for the embodiment of the present invention by port numbers Type;VPN Path Control Data (VPN path clustering data) is used to include above-mentioned Type, Length and Sequence The fields such as No.
On the basis of the structure of control message as shown in Table 1 provided by the invention, as shown in table 2, request message Structure may include:Define the field type (English of flow point category information:Traffic Classifier Type, abbreviation:TC Type), it can be control access list (English:Access Control List, abbreviation:ACL) type is also possible to five yuan Group information type;Flow point category information (English:Traffic Classifier), it can be No. ACL, be also possible to five-tuple flow point Category information;Define the field type (English of VPN node:Node Type), such as can be the IP address information of node;Pointer (English:Pointer), refer to the node information be directed toward when there are multiple VPN node informations and currently requesting to generate vpn tunneling; VPN node information, for filling in the address information of VPN node;Field type (the English of definition status information:Statistics Type), the operating status statistical information type that can be each VPN node is also possible to reach the temporal information of each node Type etc.;Statistics Length (field length of definition status information);Status information can be each VPN node Operating status statistical information is also possible to reach the temporal information etc. of each node.
2 request message structure of table
On the basis of the structure of control message as shown in Table 1 provided by the invention, as shown in table 3, back message Structure may include:Statistics Type, the field type of definition status information can be the operation shape of each VPN node State statistical information type is also possible to reach temporal information type of each node etc.;Statistics Length defines shape The field length of state information;Status information, i.e. definition status information can be the operating status statistical information of each VPN node, It is also possible to reach the temporal information etc. of each node.
The structure of 3 back message of table
Based on the control message of above-mentioned new definition, the present invention first needs to carry out initial configuration before this method execution, described Initial configuration includes:
A, a starting point device is selected in a network.
Specifically, the starting point device be it is selected by user, the starting point device make a living into control message, for the first time The equipment for sending control message to next service processing equipment, it is generally the case that starting point device here can be interchanger, Interchanger 1 for example, shown in FIG. 1.Request message can successively pass through each business processing of business chain from starting point device Equipment, and using the last one service processing equipment as destination node, each equipment is required to when issuing request message to its source, purpose IP modifies, and back message is then forwarded directly to starting point from destination node.Here the source of message, destination slogan can be 65001.Request message needs are identified and are handled on each service processing equipment.Request message is every to be sent once, Sequence No can be incremented by.In same secondary control request process, request, the Sequence No of back message are identical.
B, Service-Chaining business chain VPN path request message is defined on the starting point device.
Specifically, user needs to formulate two class main informations.First is that the service processing equipment information of business chain, second is that business Stream information.
Illustratively, by taking control requests to generate message as an example, for the service processing equipment information of specified services chain, System group network figure as shown in Figure 1, service processing equipment are equivalent to service processing equipment, then business chain A can with for:Business 1 → service processing equipment of processing equipment, 2 → service processing equipment 3, wherein three service processing equipment information:Service processing equipment 1, service processing equipment 2 and service processing equipment 3 add since starting point device (interchanger) needs to default as a drainage point Enter business chain, so business chain A is practical to become business chain A ':Starting point device → 1 → business processing of service processing equipment is set Standby 2 → service processing equipment 3, request message A will be issued to business personnel's equipment 1 from starting point, then reach service processing equipment 2, service processing equipment 3 is finally reached, therefore, user needs the IP address of the explicit specified service processing equipment of business chain out Information.In this way, starting point device when generating request message, can by the IP address of service processing equipment each in business chain A ' according to The VPN node information field of secondary filling request message A, is initially set to 1, message source for Pointer pointer and destination IP has been set to Initial point IP indicates the request message currently to be initially generated.
Definition business stream information defines which subsequent service traffics to be turned using the path VPN specifically generated Hair.Here the mode that Business Stream defines can there are many, typically there are several types of:
A) user can carry in the Traffic Classifier flow point category information field of the request message in advance Specific five-tuple flow point category information.Here five-tuple flow point category information can be source IP address, source port, destination IP One set of this five amount compositions of location, destination port and transport layer protocol number.
B) flow point class ACL can be carried in the request message, when generating vpn tunneling success again from policy service The specific rules strategy of the ACL is requested on device.
C) flow point class ACL is carried in the request message, specific rules strategy is in advance on each service processing equipment It is generated.
C in a manner of of the embodiment of the present invention is illustrated.For example, the example strategy on each service processing equipment is matched The specific implementation set can be:
1) fixed in advance first on starting point device, service processing equipment 1, service processing equipment 2 and service processing equipment 3 Justice control Access Column table number ACL is 9000:
The flow of acl9000//define source address section 172.168.0.0 to destination address section 10.1.0.0
rule permit ip source172.168.0.0.0.0.255.255destination10.1.0.0.0.0.2 55.255
2) the then configuration VPN coordinates measurement request on starting point device:Generate business chain A ' (starting point device → business 1 → service processing equipment of processing equipment, 2 → service processing equipment 3) description the path VPN, and the industry for ACL9000 will be met defining Business stream guidance is forwarded to the path VPN, and specific instructions row strategy is exemplified below:
Service-chaining VPN-path create acl9000vpn-node ip IP starting point IP1IP2IP3
Wherein, IP1, IP2 and IP3 are respectively the IP address of service processing equipment 1,2 and 3.
In this way, having selected starting point device in user, and Service-Chaining industry is defined on starting point device Be engaged in VPN path request message after, when originate point device obtain bring into operation instruction after, will according to above-mentioned definition generate ask Message is sought, according on purpose IP address forwarding request message to corresponding service processing equipment, intermediate equipment only makees transparent transmission, here Intermediate equipment for example can be interchanger 2 shown in FIG. 1 and interchanger 3.As shown in Fig. 2, specific processing step is as follows:
101, service processing equipment receives the request message that the starting point device generates, and the request message includes business The internet protocol address of all service processing equipments in path, the pointer and flow point category information for indicating internet protocol address.
Here service processing equipment can be service processing equipment 1, service processing equipment 2 or industry in Fig. 1 institute diagram Be engaged in processing equipment 3 in one of them.The format of the request message is as shown in table 2, wherein carrying the business road of user preset The IP address of all service processing equipments of diameter, Pointer pointer and need flow point category information by the service path.
102, the internet protocol address that service processing equipment is directed toward according to the pointer determines Virtual Private Network to be generated Forwarding-table item enters tunnel destination address and out tunnel destination address.
Specifically, first determining whether the finger of the request message when service processing equipment is when receiving the request message The previous IP address that needle is directed toward whether there is, and if it exists, then using previous IP address as VPN forwarding-table item to be generated Enter tunnel destination address, i.e., it is described enter tunnel destination address be the upper IP address for forwarding the request message, if it does not exist, Then current service processing equipment determines that the tunnel destination address that enters of VPN forwarding-table item to be generated is sky, i.e., current business Processing equipment is the starting point device.Then, whether the latter IP address for judging that the pointer of the request message is directed toward deposits , and if it exists, then go out tunnel destination address, the tunnel destination address out using the latter IP address as VPN forwarding-table item For the next IP address for forwarding the request message, if it does not exist, it is determined that VPN forwarding-table item to be generated goes out tunnel mesh Address be sky, that is, current business processing equipment is the termination point device for forwarding the request message.
103, service processing equipment enters tunnel destination address and tunnel destination address and the flow point class out according to Information generates the forwarding table term of virtual private network, and the pointer is added one, is directed toward according still further to the pointer after adding one internet Protocol address forwards the request message.
Specifically, entering tunnel destination address and out tunnel destination address what step 103 had determined the VPN forwarding-table item Afterwards, then by it is described enter tunnel destination address and it is described go out tunnel destination address with the flow point category information in request message be associated with generation The virtual forwarding-table item, and the forwarding-table item of each equipment is stored in respective local.Such as the starting point is set For standby, the content of the forwarding-table item of the starting point device is:Flow point class:ACL9000;Enter tunnel not limit;Enter tunnel mesh Address do not limit;Tunnel for example can be Tunnel1.1 out;Tunnel destination address out:IP1, that is to say, that the starting point The flow for meeting ACL9000 can be redirected to tunnel interface Tunnel1.1 by equipment.Analogized in this way, the starting point It is as shown in table 4 that the forwarding-table item of equipment and each service processing equipment, which can summarize,.
Table 4VPN forwarding-table item
It should be noted that in forwarding-table item enter tunnel and out tunnel be two tunnel faces in logic, actually exist The tunnel of only one tunnel face in each equipment, each equipment is separate tunnel, for sending and receiving message.
In the repeating process of request message, if necessary to echo the state of service processing equipment, it can also be reported in request The status information of current business processing equipment, relative time information etc. are filled in text.Here status information for example can wrap The problems such as including connectivity, delay, intermediate equipment utilization rate.
104, when the request message reaches termination point device, the termination point device is returned to the starting point device Indicate that the service path establishes the back message completed.
Specifically, with working as the latter IP that service processing equipment is directed toward according to the pointer in the request message received In the absence of location, which knows equipment of itself for termination point device, and terminate the request message, and the request is reported State information field in text is stripped out, be filled into indicate service path establish complete back message in, then directly to The starting point device sends the back message, and the starting point device, can be to this after receiving the back message The state and business chain of each chain node in secondary VPN generating process generate situation and are shown.Certainly, status information here It is the superposition of the status information of each service processing equipment.Service path is just successfully established automatically as a result,.
When the service message of corresponding flow point category information reaches starting point device, the starting point device is obtained in table 4 The VPN forwarding-table item for originating point device can make the service message pass sequentially through each business processing of vpn tunneling arrival and set It is standby, to complete whole business processings.
When service processing equipment receives the service message of the corresponding flow point category information, the service processing equipment pair The service message carries out business processing, the service message that obtains that treated, obtains the forwarding table term of virtual private network, according to Forwarding table term of virtual private network forwarding is described treated service message.
A kind of service path method for establishing business chain automatically may be implemented in the embodiment of the present invention, passes through the VPN newly formulated Path clustering message is successively established drainage point → business processing and is set to each service processing equipment in drainage point and business chain Standby 1,1 → service processing equipment of service processing equipment 2 ... ..., service processing equipment N-1 → service processing equipment N VPN two-by-two Tunnel path, the upstream node in each tunnel establish drainage strategy, specified services stream are guided into vpn tunneling and is forwarded to down Node is swum, to realize the function of Service-Chaining business chain.The mechanism establishes VPN industry by control message automatically Business path, therefore can be realized the flexible deployment of service processing equipment, it does not limit and is necessarily connected on a drainage point device, and Cumbersome strategy configuration is carried out without user.In addition, the mechanism may be selected responding carrying generation control message in control message Business chain node related status information, so as to show the system such as connectivity, delay on current business path to user Column information greatly simplifies maintenance work.
The embodiment of the present invention provides a kind of equipment 01, as shown in figure 3, including:
Receiving unit 011, the request message generated for receiving starting point device, the request message includes service path All service processing equipments internet protocol address, indicate internet protocol address pointer and flow point category information.
Determination unit 012, the internet protocol address for being directed toward according to pointer determine Virtual Private Network forwarding to be generated List item enters tunnel destination address and out tunnel destination address.
Generation unit 013, for entering tunnel destination address and tunnel destination address and the flow point class out according to Information generates the forwarding table term of virtual private network.
Processing unit 014, for the pointer to be added one.
Transmission unit 015, the internet protocol address for being directed toward according to the pointer after adding one forward the request message, with Convenient for when the request message reaches termination point device, the termination point device returns described in expression to the starting point device Service path establishes the back message completed.
Optionally, determination unit 012 can be specifically used for:
The previous internet protocol address for judging that the pointer is directed toward whether there is, and if it exists, then by the previous net Internet protocol address enters tunnel destination address as forwarding table term of virtual private network to be generated, it is described enter tunnel destination address be Forward a upper internet protocol address for the request message;If it does not exist, it is determined that Virtual Private Network forwarding table to be generated Item enters tunnel destination address for sky;
The latter internet protocol address for judging that the pointer is directed toward whether there is, and if it exists, then by the latter net Internet protocol address goes out tunnel destination address as forwarding table term of virtual private network to be generated, and the tunnel destination address out is Forward next internet protocol address of request message;If it does not exist, it is determined that forwarding table term of virtual private network to be generated Tunnel destination address is sky out.
Optionally, the request message can also include the status information and relative time letter of current business processing equipment Breath;
The back message includes the status information of all service processing equipments, so that the starting point device is according to The states of all service processing equipments of state information acquisition and the service path establish situation.
Optionally, the processing unit 014 is also used to, when receiving the service message of the corresponding flow point category information, Business processing is carried out to the service message, the service message that obtains that treated;The transmission unit 015 is also used to, and obtains institute Forwarding table term of virtual private network is stated, according to forwarding table term of virtual private network forwarding treated the service message.
Optionally, flow point category information may include preset five-tuple classification information;
Or, flow point category information may include classification control Access Column table number.
The embodiment of the present invention provides a kind of equipment, the request message generated by receiving starting point device, request message packet The internet protocol address for including all service processing equipments of service path, the pointer for indicating internet protocol address and flow point class letter Breath, according to the internet protocol address that pointer is directed toward, determine forwarding table term of virtual private network to be generated enters tunnel destination address Tunnel destination address out generates virtual private according to tunnel destination address and out tunnel destination address and flow point category information is entered Net forwarding-table item, and pointer is added one, request message is forwarded according still further to the internet protocol address that the pointer after adding one is directed toward, so as to In when request message reaches termination point device, the point device that terminates is returned to starting point device indicates that service path establishes completion Back message, can be realized the flexible deployment of service processing equipment, and the process of simplified strategy configuration improves safeguarding for business chain Property.
The embodiment of the present invention provides a kind of equipment 02, as shown in figure 4, the equipment 02 includes:Bus 021, processor 022, Transmitter 023, receiver 024 and memory 025, wherein the memory 025 is for storing instruction and data.The transmitting Device 023 and receiver with external equipment for being communicated.Receiver 024 is used to receive the request report that starting point device generates Text, the request message include the internet protocol address of all service processing equipments of service path, instruction internet protocol address Pointer and flow point category information.Processor 022 is for calling the instruction to realize:The Internet protocol being directed toward according to the pointer Address, determine forwarding table term of virtual private network to be generated enters tunnel destination address and out tunnel destination address;According to described Enter tunnel destination address and tunnel destination address and the flow point category information out determine the forwarding table term of virtual private network, and By pointer plus one.Transmitter 023 is used to forward the request message according to the internet protocol address that the pointer after adding one is directed toward, with Convenient for when the request message reaches termination point device, the termination point device returns described in expression to the starting point device Service path establishes the back message completed.
In embodiments of the present invention, optionally, the internet protocol address being directed toward according to the pointer, determines to be generated Forwarding table term of virtual private network enter tunnel destination address and tunnel destination address is specifically used for out:
The previous internet protocol address for judging that the pointer is directed toward whether there is, and if it exists, then by the previous net Internet protocol address enters tunnel destination address as forwarding table term of virtual private network to be generated, it is described enter tunnel destination address be Forward a upper internet protocol address for the request message;If it does not exist, it is determined that Virtual Private Network forwarding table to be generated Item enters tunnel destination address for sky;And
The latter internet protocol address for judging that the pointer is directed toward whether there is, and if it exists, then by the latter net Internet protocol address goes out tunnel destination address as forwarding table term of virtual private network to be generated, and the tunnel destination address out is Forward next internet protocol address of the request message;If it does not exist, it is determined that Virtual Private Network forwarding table to be generated The tunnel destination address that goes out of item is sky.
In embodiments of the present invention, optionally, the request message further includes the status information of current business processing equipment And relative time information;
The back message includes the status information of all service processing equipments, so that the starting point device is according to The states of all service processing equipments of state information acquisition and service path establish situation.
In embodiments of the present invention, processor 022 is for calling the instruction to realize:The flow point class is corresponded to when receiving When the service message of information, business processing is carried out to the service message, the service message that obtains that treated;
The transmitter 023 is also used to, and obtains the forwarding table term of virtual private network, is forwarded according to the Virtual Private Network List item forwarding is described treated service message.
In embodiments of the present invention, optionally, flow point category information includes preset five-tuple classification information;
Or, flow point category information includes classification control Access Column table number.
The embodiment of the present invention provides a kind of equipment, the request message generated by receiving starting point device, request message packet The internet protocol address for including all service processing equipments of service path, the pointer for indicating internet protocol address and flow point class letter Breath, according to the internet protocol address that pointer is directed toward, determine forwarding table term of virtual private network to be generated enters tunnel destination address Tunnel destination address out, according to entering tunnel destination address and out tunnel destination address and flow point category information determines virtual private Net forwarding-table item, and pointer is added one, request message is forwarded according still further to the internet protocol address that the pointer after adding one is directed toward, so as to In when request message arrival termination point device, established so that termination point device returns to expression service path to starting point device At back message, can be realized the flexible deployment of service processing equipment, the process of simplified strategy configuration, improve business chain can Maintainability.
In several embodiments provided herein, it should be understood that disclosed system, device and method can be with It realizes by another way.For example, apparatus embodiments described above are merely indicative, for example, the unit It divides, only a kind of logical function partition, there may be another division manner in actual implementation, such as multiple units or components It can be combined or can be integrated into another system, or some features can be ignored or not executed.Another point, it is shown or The mutual coupling, direct-coupling or communication connection discussed can be through some interfaces, the indirect coupling of device or unit It closes or communicates to connect, can be electrical property, mechanical or other forms.
In addition, each functional unit can integrate to be handled at one in equipment and system in each embodiment of the present invention In unit, being also possible to the independent physics of each unit includes that can also be integrated in one unit with two or more units. And above-mentioned each unit both can take the form of hardware realization, can also add the form of SFU software functional unit real using hardware It is existing.
This can be accomplished by hardware associated with program instructions for all or part of the steps of realization above method embodiment, preceding The program stated can be stored in a computer readable storage medium, and when being executed, execute includes that the above method is real to the program The step of applying;And storage medium above-mentioned includes:USB flash disk, mobile hard disk, read-only memory (English:Read Only Memory, abbreviation:ROM), random access memory (English:Random Access Memory, abbreviation:RAM), magnetic disk or The various media that can store program code such as CD.
The above description is merely a specific embodiment, but scope of protection of the present invention is not limited thereto, any Those familiar with the art in the technical scope disclosed by the present invention, can easily think of the change or the replacement, and should all contain Lid is within protection scope of the present invention.Therefore, protection scope of the present invention should be based on the protection scope of the described claims.

Claims (10)

1. a kind of method for establishing service path, which is characterized in that including:
The request message that starting point device generates is received, the request message includes that all business processings of the service path are set The pointer and flow point category information of standby internet protocol address, the instruction internet protocol address;
According to the internet protocol address that the pointer is directed toward, determine forwarding table term of virtual private network to be generated enters tunnel purpose Address and out tunnel destination address;
According to it is described enter tunnel destination address and it is described go out tunnel destination address and the flow point category information generate it is described virtual Private network forwarding-table item, and the pointer is added one, described in the internet protocol address forwarding being directed toward according still further to the pointer after adding one Request message, in order to which after the request message reaches termination point device, the termination point device is to the starting point device Returning indicates that the service path establishes the back message completed.
2. the method according to claim 1, wherein it is described according to the pointer be directed toward internet protocol address, Determine forwarding table term of virtual private network to be generated enter tunnel destination address and tunnel destination address includes out:
The previous internet protocol address for judging that the pointer is directed toward whether there is, and if it exists, then by the previous internet association View address enters tunnel destination address as forwarding table term of virtual private network to be generated, it is described enter tunnel destination address be forwarding A upper internet protocol address for the request message;If it does not exist, it is determined that forwarding table term of virtual private network to be generated Enter tunnel destination address for sky;And
The latter internet protocol address for judging that the pointer is directed toward whether there is, and if it exists, then by the internet association of described the latter Address is discussed as forwarding table term of virtual private network to be generated and goes out tunnel destination address, the tunnel destination address out is forwarding Next internet protocol address of the request message;If it does not exist, it is determined that forwarding table term of virtual private network to be generated Tunnel destination address is sky out.
3. method according to claim 1 or 2, which is characterized in that
The request message further includes the status information and relative time information of current business processing equipment;
The back message includes the status information of all service processing equipments, so that the starting point device is according to The state of all service processing equipments and the service path described in state information acquisition establish situation.
4. method according to claim 1 or 2, which is characterized in that the method also includes:
When receiving the service message of the corresponding flow point category information, business processing is carried out to the service message, is obtained everywhere Service message after reason obtains the forwarding table term of virtual private network, according to forwarding table term of virtual private network forwarding Treated service message.
5. method according to claim 1 or 2, which is characterized in that the flow point category information includes preset five-tuple point Category information;
Or, the flow point category information includes classification control Access Column table number.
6. a kind of equipment for establishing service path, which is characterized in that including:
Receiving unit, the request message generated for receiving starting point device, the request message include all of service path The internet protocol address of service processing equipment, the pointer and flow point category information for indicating the internet protocol address;
Determination unit, the internet protocol address for being directed toward according to the pointer, determines Virtual Private Network forwarding table to be generated Item enters tunnel destination address and out tunnel destination address;
Generation unit, for entering tunnel destination address and tunnel destination address and the flow point category information out according to Generate the forwarding table term of virtual private network;
Processing unit, for the pointer to be added one;
Transmission unit, the internet protocol address for being directed toward according to the pointer after adding one forwards the request message, in order to work as When the request message reaches termination point device, the termination point device is returned to the starting point device indicates the business road Diameter establishes the back message completed.
7. equipment according to claim 6, which is characterized in that the determination unit is specifically used for:
The previous internet protocol address for judging that the pointer is directed toward whether there is, and if it exists, then by the previous internet association View address enters tunnel destination address as forwarding table term of virtual private network to be generated, it is described enter tunnel destination address be forwarding A upper internet protocol address for the request message;If it does not exist, it is determined that forwarding table term of virtual private network to be generated Enter tunnel destination address for sky;And
The latter internet protocol address for judging that the pointer is directed toward whether there is, and if it exists, then by the internet association of described the latter Address is discussed as forwarding table term of virtual private network to be generated and goes out tunnel destination address, the tunnel destination address out is forwarding Next internet protocol address of the request message;If it does not exist, it is determined that forwarding table term of virtual private network to be generated Tunnel destination address is sky out.
8. equipment according to claim 6 or 7, which is characterized in that
The request message further includes the status information and relative time information of current business processing equipment;
The back message includes the status information of all service processing equipments, so that the starting point device is according to The state of all service processing equipments and the service path described in state information acquisition establish situation.
9. equipment according to claim 6 or 7, which is characterized in that
The processing unit is also used to, when receiving the service message of the corresponding flow point category information, to the service message Business processing is carried out, the service message that obtains that treated;
The transmission unit is also used to, and obtains the forwarding table term of virtual private network, according to the forwarding table term of virtual private network Forwarding is described treated service message.
10. equipment according to claim 6 or 7, which is characterized in that the flow point category information includes preset five-tuple point Category information;
Or, the flow point category information includes classification control Access Column table number.
CN201410173170.XA 2014-04-28 2014-04-28 A kind of method and apparatus for establishing service path Active CN105099915B (en)

Priority Applications (2)

Application Number Priority Date Filing Date Title
CN201410173170.XA CN105099915B (en) 2014-04-28 2014-04-28 A kind of method and apparatus for establishing service path
PCT/CN2014/090965 WO2015165249A1 (en) 2014-04-28 2014-11-13 Method and device for establishing service path

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201410173170.XA CN105099915B (en) 2014-04-28 2014-04-28 A kind of method and apparatus for establishing service path

Publications (2)

Publication Number Publication Date
CN105099915A CN105099915A (en) 2015-11-25
CN105099915B true CN105099915B (en) 2018-11-30

Family

ID=54358119

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201410173170.XA Active CN105099915B (en) 2014-04-28 2014-04-28 A kind of method and apparatus for establishing service path

Country Status (2)

Country Link
CN (1) CN105099915B (en)
WO (1) WO2015165249A1 (en)

Families Citing this family (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN106612267B (en) * 2015-10-27 2020-01-21 ***通信集团公司 Verification method and verification device
CN106464590B (en) 2015-11-27 2019-11-19 华为技术有限公司 A kind of method and device of to acquisite approachs information
CN107360011A (en) * 2016-05-10 2017-11-17 中兴通讯股份有限公司 A kind of business chain generation method and system
CN107786467A (en) * 2017-08-28 2018-03-09 深信服科技股份有限公司 Drainage method, drainage system and the system of network data based on transparent deployment
CN115225545B (en) * 2022-07-21 2023-11-03 天翼云科技有限公司 Message transmission method and device
CN115277640B (en) * 2022-07-29 2023-11-24 迈普通信技术股份有限公司 Data processing method, device, intelligent network card and storage medium

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1691636A (en) * 2004-04-26 2005-11-02 华为技术有限公司 Method of flow state establishment
CN101047614A (en) * 2006-05-01 2007-10-03 华为技术有限公司 Flow transmission route set-up method and data transmission system in IPv6 network environment
CN101515884A (en) * 2008-02-22 2009-08-26 华为技术有限公司 Method and device for implementing UNI service

Family Cites Families (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US7209439B2 (en) * 2001-03-20 2007-04-24 Mci, Llc Pool-based resource management in a data network
DE60223806T2 (en) * 2002-09-16 2008-10-30 Agilent Technologies, Inc. - a Delaware Corporation -, Santa Clara Measurement of network parameters as perceived by non-artificial network traffic
CN1645838B (en) * 2005-01-19 2010-04-28 哈尔滨工业大学 Self network organized and distance concerned multi-routing method for complete route information
CN100499719C (en) * 2005-09-09 2009-06-10 华为技术有限公司 NGN network system and call information transmitting method
CN103650436B (en) * 2013-07-25 2016-09-28 华为技术有限公司 Service path distribution method, router and business perform entity

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1691636A (en) * 2004-04-26 2005-11-02 华为技术有限公司 Method of flow state establishment
CN101047614A (en) * 2006-05-01 2007-10-03 华为技术有限公司 Flow transmission route set-up method and data transmission system in IPv6 network environment
CN101515884A (en) * 2008-02-22 2009-08-26 华为技术有限公司 Method and device for implementing UNI service

Also Published As

Publication number Publication date
CN105099915A (en) 2015-11-25
WO2015165249A1 (en) 2015-11-05

Similar Documents

Publication Publication Date Title
CN105099915B (en) A kind of method and apparatus for establishing service path
CN104954274B (en) Generate method, controller and the business Delivery Function of forwarding information
CN106664261B (en) A kind of methods, devices and systems configuring flow entry
CN104937879B (en) Method and apparatus for placing service in a network
CN108259237A (en) Network access accelerated method, cloud dns server, CE and cloud IP accelerate network system
CN105099917B (en) The retransmission method and device of service message
CN103391296B (en) A kind of controller, transponder and Path Setup method and system
CN104410541B (en) The method and device that VXLAN internal layer virtual machine traffics are counted in intermediary switch
CN107925624A (en) Message forwarding method, device and system based on business function chain SFC
US9210037B2 (en) Method, apparatus and system for interconnected ring protection
CN103428094A (en) Method and device for packet transmitting in Open Flow system
CN108463989A (en) It is linked across the business function of multiple sub-networks
CN110290093A (en) The SD-WAN network architecture and network-building method, message forwarding method
CN105681198B (en) A kind of business chain processing method, equipment and system
CN104301252B (en) A kind of data Transmission system and data transmission method for uplink
CN105337881A (en) Data message processing method, service node and stream guiding point
CN109194560A (en) Method of multicasting and VTEP
CN108833293A (en) A kind of data center's jamming control method and device based on software defined network SDN
CN105516025B (en) Path clustering and data transmission method, OpenFlow controller and interchanger end to end
CN107040942A (en) Business Stream transmission method, apparatus and system
CN106998347A (en) The apparatus and method of server virtualization network share
CN107800626A (en) Processing method, device and the equipment of data message
CN105337884A (en) Method and device for achieving multistage message editing service control on the basis of logic port
KR101841026B1 (en) Service function chaining network system for path optimization
CN107959611A (en) A kind of method to E-Packet, apparatus and system

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant