CN112187500A - Network element management device and message processing method - Google Patents
Network element management device and message processing method Download PDFInfo
- Publication number
- CN112187500A CN112187500A CN201910601817.7A CN201910601817A CN112187500A CN 112187500 A CN112187500 A CN 112187500A CN 201910601817 A CN201910601817 A CN 201910601817A CN 112187500 A CN112187500 A CN 112187500A
- Authority
- CN
- China
- Prior art keywords
- network element
- private
- message
- namespace
- global
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000003672 processing method Methods 0.000 title claims abstract description 8
- 238000000034 method Methods 0.000 claims description 29
- 238000012545 processing Methods 0.000 claims description 26
- 238000005538 encapsulation Methods 0.000 claims description 5
- 230000003993 interaction Effects 0.000 claims description 4
- 238000012546 transfer Methods 0.000 claims description 3
- 239000010410 layer Substances 0.000 description 11
- 238000010586 diagram Methods 0.000 description 5
- 238000005516 engineering process Methods 0.000 description 5
- 238000002955 isolation Methods 0.000 description 4
- 230000005641 tunneling Effects 0.000 description 3
- 238000011144 upstream manufacturing Methods 0.000 description 3
- 230000005540 biological transmission Effects 0.000 description 2
- 238000004891 communication Methods 0.000 description 2
- 238000012423 maintenance Methods 0.000 description 1
- 239000002356 single layer Substances 0.000 description 1
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L12/00—Data switching networks
- H04L12/28—Data switching networks characterised by path configuration, e.g. LAN [Local Area Networks] or WAN [Wide Area Networks]
- H04L12/46—Interconnection of networks
- H04L12/4633—Interconnection of networks using encapsulation techniques, e.g. tunneling
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L12/00—Data switching networks
- H04L12/28—Data switching networks characterised by path configuration, e.g. LAN [Local Area Networks] or WAN [Wide Area Networks]
- H04L12/46—Interconnection of networks
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L41/00—Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
- H04L41/08—Configuration management of networks or network elements
- H04L41/0803—Configuration setting
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L45/00—Routing or path finding of packets in data switching networks
- H04L45/74—Address processing for routing
- H04L45/745—Address table lookup; Address filtering
Landscapes
- Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Data Exchanges In Wide-Area Networks (AREA)
Abstract
The invention provides a network element management device and a message processing method, wherein the network element management device comprises: the system comprises a physical interface, a global naming space, a private naming space and a soft switch module, wherein the global naming space is used for managing the routing of a superior network element; the private namespace is used for managing the route of the subordinate network element; the soft switch module is used for connecting the global namespace, the private namespace and the physical interface. According to the network element management device, the global naming space and the private naming space are adopted to respectively manage the route of the upper network element and the route of the lower network element, so that the route of the upper network element and the route of the lower network element can be isolated, the route of the global IP address and the route of the local network IP address and the private IP address are isolated, and the existing functions of a network element manager cannot be influenced by the private network route. In addition, hardware equipment does not need to be additionally arranged, the network topology and the router configuration of a client do not need to be modified, and the influence on the existing network topology is avoided.
Description
Technical Field
The present invention relates to the field of communications technologies, and in particular, to a network element management apparatus and a message processing method.
Background
In practical deployment, the microwave product may have a very large network scale, tens of thousands of devices may exist in the network at the same time, and the microwave network generally has a chain-type or tree-type network topology. And the IP resources that the client can provide are limited and valuable. The problem of insufficient global IP resources often occurs, and a global IP address cannot be allocated to each device for network management. Especially for the capacity expansion of the existing network, the client usually does not allow to change the topology of the existing network or add other devices on the network management side.
If the IP In IP technology is adopted to use the local area network IP management equipment, the network management server is required to have a route to each local area network IP section to use the IP In IP technology to communicate with the equipment using the local area network IP address. When the network is large, the routing size is also huge. Establishing a tunnel in a global network namespace may also generate a large number of gre-type virtual network interfaces, affecting some commands and system calls that depend on the network interfaces. If the global space configuration of the network management server is directly carried out, the operation of the network management software function is probably influenced. For example, the network management software may query the network card information of the device.
Disclosure of Invention
The invention provides a network element management device and a message processing method, aiming at solving the technical problem of how to isolate local area network equipment routing from global space routing.
According to the network element management device of the present application, a network element using a global IP address is set as an upper network element, and a network element using a local area network IP or a private IP is set as a lower network element, and the network element management device includes:
the physical interface is used for the network element management device to respectively perform message interaction with the upper network element and the lower network element through the physical interface;
the global naming space is used for managing the routing of the superior network element;
a private namespace for managing the routing of the subordinate network element;
a soft switch module for connecting the global namespace, the private namespace, and the physical interface.
According to the network element management device, the global naming space and the private naming space are adopted to respectively manage the routing of the upper-level network element and the routing of the lower-level network element, so that the routing of the upper-level network element and the routing of the lower-level network element can be isolated, the routing of a global IP address and the routing of a local area network IP address and a private IP address are isolated, and the existing functions of a network element manager cannot be influenced by the private network routing. In addition, hardware equipment does not need to be additionally arranged, the network topology and the router configuration of a client do not need to be modified, and the influence on the existing network topology is avoided.
According to some embodiments of the present application, a GRE tunnel connected to a gateway network element is provided in the private namespace, and routes of the subordinate network elements all point to the corresponding GRE tunnel interfaces of the gateway network element.
In some embodiments of the present application, the global namespace and the private namespace are both connected to the soft switch module through virtual links.
According to some embodiments of the application, the global namespace and the private namespace are connected by a virtual link.
The method for processing the downlink message by the network element management device according to the embodiment of the invention is characterized in that the network element management device is the network element management device, and the method comprises the following steps:
when the network element management device sends a message to a target network element, the message is a downlink message,
if the target network element is a superior network element, the downlink message is sent from the physical interface to the target network element through the soft switch module;
and if the target network element is a lower-level network element, the downlink message enters the private naming space through the soft switch module, and the downlink message is packaged in the private naming space and then is sent to the target network element from the physical interface through the soft switch module.
According to the method for processing the downlink message by the network element management device provided by the embodiment of the invention, corresponding processing is respectively carried out on different conditions that the target network element is an upper network element and a lower network element. If the target network element is an upper network element, the downlink message is directly sent to the target network element from the physical interface through the soft switch module; if the target network element is a lower-level network element, the downlink message is encapsulated in the private naming space and then is sent to the target network element through the soft switch module.
According to some embodiments of the present application, the determining of the target network element includes:
searching a global routing table in the global namespace to obtain the IP of the target network element;
if the IP of the target network element is a local area network IP or a private IP, the target network element is judged to be a lower-level network element, and if the IP of the target network element is a global IP, the target network element is judged to be a higher-level network element.
In some embodiments of the present application, the encapsulating the packet in the private namespace includes:
and searching a private space routing table in the private namespace, determining a GRE tunnel interface corresponding to the downlink message, and encapsulating an outer layer IP header of the downlink message based on the IP of the gateway network element corresponding to the GRE tunnel interface.
According to the method for processing the uplink message by the network element management device in the embodiment of the application, the network element management device is the network element management device, and the method comprises the following steps:
when the network element sends a message to the network element management device, the message is an uplink message,
if the network element sending the uplink message is a superior network element, the network element sends the uplink message to the physical interface and sends the uplink message to network management software through the soft switch module;
and if the network element sending the uplink message is a lower-level network element, the lower-level network element sends the uplink message to a gateway network element, the uplink message enters the private name space through the soft switch module after being encapsulated by the gateway network element, and the uplink message is sent to network management software through the soft switch module after being decapsulated in the private name space.
According to the method for processing the uplink message by the network element management device provided by the embodiment of the invention, corresponding processing is respectively carried out on different conditions of the uplink message sent by the upper network element and the lower network element. If the network element sending the message is the upper network element, the uplink message is directly sent to the network management software from the physical interface through the soft switch module; if the network element sending the upper level message is the lower level network element, the downlink message is sent to the private namespace by the soft switch module after being encapsulated in the gateway network element, and then is sent to the network management software after being decapsulated.
According to some embodiments of the present application, the encapsulating, at the gateway network element, the uplink packet includes:
and the gateway network element performs IP header encapsulation on the uplink message based on the IP of the private namespace.
In some embodiments of the present application, the decapsulating the uplink packet in the private namespace includes:
and the uplink message is transmitted to a GRE tunnel corresponding to the gateway network element in the private name space, and outer-layer IP header decapsulation processing is carried out on the uplink message.
According to the computer-readable storage medium of the embodiment of the present application, the computer-readable storage medium stores an implementation program for information transfer, and the program, when executed by the processor, implements the steps of the method for processing a message by the network element management device as described above.
According to the computer-readable storage medium of the embodiment of the application, the GRE tunnel and the namespace isolation technology are adopted, I P addresses are saved, additional equipment does not need to be added, messages are correspondingly processed for an upper network element and a lower network element, and the operation is reliable and stable.
Drawings
Fig. 1 is a schematic structural diagram of a network element management apparatus according to an embodiment of the present invention.
Fig. 2 is a network topology diagram inside a network element management apparatus according to an embodiment of the present invention;
fig. 3 is a network topology diagram inside a network element management apparatus according to an embodiment of the present invention;
fig. 4 is a diagram illustrating the packet flow when communicating with the upper network element and the lower network element when using the topology shown in fig. 2 in the network element management apparatus according to an embodiment of the present invention.
Fig. 5 is a diagram illustrating the packet flow when communicating with the upper network element and the lower network element when using the topology shown in fig. 3 in the network element management apparatus according to an embodiment of the present invention.
Fig. 6 shows the message trends of the whole network when the upper network element and the lower network element communicate with the network element management device according to the embodiment of the present invention.
Fig. 7 is a processing flow of a downlink packet performed by the network element management device according to the embodiment of the present invention.
Fig. 8 is a detailed flowchart of downlink packet processing performed by the network element management device according to the embodiment of the present invention.
Fig. 9 is a processing flow of an uplink packet performed by the network element management device according to the embodiment of the present invention.
Fig. 10 is a detailed flowchart of uplink packet processing performed by the network element management device according to the embodiment of the present invention.
Description of the drawings:
the network element management device 100, the physical interface 10, the global namespace 20, the global routing table 210, the private namespace 30, the private routing table 310, the softswitch module 40, the network management software 50,
a gateway network element 600, a tunnel route forwarding module 610, an upper network element 700, and a lower network element 800.
Detailed Description
To further explain the technical means and effects of the present invention adopted to achieve the intended purpose, the present invention will be described in detail with reference to the accompanying drawings and preferred embodiments.
As shown in fig. 1 to fig. 3, according to the network element management apparatus 100 of the present application, the network element management apparatus 100 includes: physical interface 10, global namespace 20, private namespace 30, and soft switch module 40.
A network element using a global IP address is set as an upper network element 700, and a network element using a local network IP or a private IP is set as a lower network element 800.
As shown in fig. 1 to fig. 3, the physical interface 10 is used for the network element management apparatus 100 to perform message interaction with the upper level network element 700 and the lower level network element 800 through the physical interface 10, respectively.
The global namespace 20 is used to manage the routing of the upper network element 700 and the private namespace 30 is used to manage the routing of the lower network element 800. It should be noted that Linux may be used to create network namespace to implement isolation between the upper level network element 700 and the lower level network element 800. Where the global namespace 20 manages the routing of the upper network element 700 and the private namespace 30 manages the routing of the lower network element 800.
The softswitch module 40 is used to connect the global namespace 20, the private namespace 30, and the physical interface 10. It should be noted that the global namespace 20 and the private namespace 30 may be connected to the physical interface 10 through the softswitch module 40. Thereby, it may be achieved that the global namespace 20 and the private namespace 30 share one physical interface 10.
According to the network element management device 100 of the present application, the global namespace 20 and the private namespace 30 are used to manage the routing of the upper level network element 700 and the routing of the lower level network element 800, so that the routing of the upper level network element 700 and the routing of the lower level network element 800 can be isolated, the routing of the global IP address and the routing of the local area network IP address and the private IP address can be isolated, and the existing functions of the network element manager cannot be affected by the private network routing. In addition, hardware equipment does not need to be additionally arranged, the network topology and the router configuration of a client do not need to be modified, and the influence on the existing network topology is avoided.
According to some embodiments of the present application, as shown in fig. 2-6, a GRE tunnel connected to the gateway network element 600 is provided in the private namespace 30, and as shown in fig. 2-6, the private namespace 30 can create a plurality of GRE tunnels: gref1, gref2, gref3, and gref4, and the like. The routes of the lower level network element 800 all point to the GRE tunnel interfaces of the corresponding gateway network elements 600. Therefore, the lower network element 800 behind the gateway network element 600 can be managed through the configured GRE tunnel, so that the IP address of the lower network element 800 is not exposed. The IP address of the lower network element 800 is invisible to other devices in the global network and only visible to the network element management device 100, thereby saving IP address resources.
In some embodiments of the present application, both global namespace 20 and private namespace 30 are connected to soft switch module 40 through virtual links. The "virtual link" described herein may be a path link. As shown in fig. 2, the global namespace 20 and the softswitch module 40 may be connected via a path link, and the private namespace 30 may be connected via a path link.
According to some embodiments of the present application, global namespace 20 and private namespace 30 are connected by a virtual link. As shown in fig. 2, the global namespace 20 and the private namespace 30 are both connected to the soft switch module 40 through a veth link, and the global namespace 20 and the private namespace 30 can perform message interaction through the soft switch module 40. As shown in FIG. 3, a path may also be set between the global namespace 20 and the private namespace 30, where one of the paths 5 is connected to the global namespace 20, and the other of the paths 6 is connected to the private namespace 30. Global namespace 20 and private namespace 30 may communicate messages over the link.
It should be noted that the private namespace 30 in the present invention can be used to establish a routing and a GRE tunnel for each lower level network element 800 segment. The message of each lower level network element 800 may be forwarded to a designated tunnel, and the GRE tunnel is decapsulated and forwarded to the global namespace 20. While the Private namespace 30 may serve to isolate Private routing, GRE tunneling, and global routing. The network management software 50 and the operating system global namespace 20 are protected from Private routing and GRE tunneling.
The function of the global namespace 20 is to distinguish Private routes from global routes. The message of the private address field is transferred out of the private namespace 30.
The function of softswitch 40 is to connect global namespace 20, private namespace 30, and physical interface 10. And a path is provided for message forwarding among the modules.
The gateway network element 600 functions to provide tunneling and routing to the network management server for the lower level network element 800. While isolating the address of the lower network element 800 in the global network space. The communication between itself and the element management device 100 does not need to pass through a tunnel.
As shown in fig. 7, a method for a network element management device 100 to process a downlink packet according to an embodiment of the present invention is a method for a network element management device 100, where the network element management device 100 is the network element management device 100, and when the network element management device 100 sends a packet to a target network element, the packet is a downlink packet, and the method includes:
as shown in fig. 7, if the target network element is an upper network element 700, the downlink message is sent from the physical interface 10 to the target network element through the soft switch module 40. That is, if the target network element is the upper network element 700 using the global IP address, the network element manager may directly send the downlink packet from the physical interface 10 to the target network element through the soft switch module 40.
If the target network element is the lower network element 800, the downlink message enters the private namespace 30 through the soft switch module 40, and the downlink message is encapsulated in the private namespace 30 and then sent to the target network element from the physical interface 10 through the soft switch module 40. It should be noted that, by performing encapsulation processing on the downlink packet, the downlink packet can be accurately and reliably sent to the corresponding gateway network element 600, and after performing decapsulation processing on the gateway network element 600, the downlink packet can be sent to the corresponding lower level network element 800.
The network element management apparatus 100 according to the embodiment of the present invention performs a downlink packet processing method, and performs corresponding processing on different situations where the target network element is the upper network element 700 and the lower network element 800, respectively. If the target network element is the upper network element 700, the downlink message is directly sent to the target network element from the physical interface 10 through the soft switch module 40; if the target network element is the lower network element 800, the downlink message is encapsulated in the private namespace 30 and then sent to the target network element through the soft switch module 40.
According to some embodiments of the invention, the determining of the target network element comprises:
looking up the global routing table 210 in the global namespace 20 to obtain the IP of the target network element;
if the IP of the target network element is a local network IP or a private IP, the target network element is determined to be a lower network element 800, and if the IP of the target network element is a global IP, the target network element is determined to be an upper network element 700. Therefore, the target network element can be determined to be the upper network element 700 or the lower network element 800 by looking up the global routing table 210 according to the IP address of the network element.
In some embodiments of the present invention, the encapsulating of the packet in the private namespace 30 includes:
the private space routing table is searched in the private namespace 30, the GRE tunnel interface corresponding to the downlink message is determined, and the outer layer IP header of the downlink message is encapsulated based on the IP of the gateway network element 600 corresponding to the GRE tunnel interface.
It should be noted that the downlink packet may be encapsulated by an outer IP header and a GRE header through a GRE tunnel. Wherein, the outer IP header is the global IP of the gateway network element 600. Therefore, the encapsulated downlink message can be accurately and reliably transmitted to the gateway network element 600. After receiving the downlink packet, the gateway network element 600 decapsulates the outer IP header and the GRE header, and sends the downlink packet to the corresponding lower network element 800 according to the inner IP of the downlink packet, thereby completing the downlink packet transmission with the target network element being the lower network element 800.
The method for processing the downlink packet of the network element management device 100 according to the embodiment of the present invention is described in detail below with reference to fig. 8:
judging whether the destination IP address of the message is a private IP address:
setting the next hop address of the PrivateIP address message as the veth4 IP address of the PrivateNamespace;
the message with the destination address of the private IP address enters the private namespace through the soft switch;
searching a route in a private namespace for a message with a destination address of a private IP address, and determining a route outlet interface as a corresponding GRE tunnel interface;
encapsulating the gre outer layer IP head and sending back the global namespace;
sent out to the physical interface 10 of the network element management device 100 through the soft switch;
when the packet reaches the gateway network element 600, the outer layer IP is decapsulated, the packet is forwarded by using the inner layer IP, and the packet is forwarded to the lower network element 800;
for a message whose destination IP is globalinp:
searching a global routing for setting a next hop as a gateway IP address of a network management server for a message of which the destination address is a globalpIP address;
the message is sent to the soft switch module 40, the soft switch module 40 directly forwards the message to the physical interface 10 for sending, and the message is directly sent to the destination network element.
As shown in fig. 9, a method for a network element management device 100 to process an uplink packet according to an embodiment of the present invention is performed, where the network element management device 100 is the network element management device 100, where when a network element sends a packet to the network element management device 100, the packet is an uplink packet, and the method includes:
as shown in fig. 9, if the network element sending the uplink packet is the upper network element 700, the network element sends the uplink packet to the physical interface 10, and sends the uplink packet to the network management software 50 through the soft switch module 40. That is, if the network element sending the uplink packet is the upper level network element 700 using the global IP address, the upper level network element 700 sends the uplink packet to the physical interface 10 of the network element manager, and forwards the uplink packet to the network management software 50 through the soft switch module 40.
If the network element sending the uplink message is the lower network element 800, the lower network element 800 sends the uplink message to the gateway network element 600, the uplink message enters the private namespace 30 through the soft switch module 40 after being encapsulated by the gateway network element 600, and the uplink message is sent to the network management software 50 through the soft switch module 40 after being decapsulated by the private namespace 30. It should be noted that, by encapsulating the uplink packet, the uplink packet can be sent to the private namespace 30 of the network element management device 100, and after decapsulating the uplink packet in the private namespace 30, the uplink packet is sent to the network management software 50 through the soft switch module 40.
The method for processing the uplink packet by the network element management device 100 according to the embodiment of the present invention respectively performs corresponding processing on different situations of the uplink packet sent by the upper network element 700 and the lower network element 800. If the network element sending the message is the upper network element 700, the uplink message is directly sent to the network management software 50 from the physical interface 10 through the soft switch module 40; if the network element sending the upper level message is the lower level network element 800, the downlink message is sent to the private namespace 30 through the soft switch module 40 after being encapsulated in the gateway network element 600, and then is sent to the network management software 50 after being decapsulated.
According to some embodiments of the present invention, the encapsulating of the uplink packet at the gateway network element 600 includes:
the gateway network element 600 performs IP header encapsulation on the uplink packet based on the IP of the private namespace 30. That is, the gateway network element 600 encapsulates an outer IP header to the uplink packet, where the outer IP header is an IP of the private namespace 30. Thereby, upstream messaging may be enabled to the private namespace 30.
In some embodiments of the present invention, the decapsulating of the uplink packet in the private namespace 30 includes:
the uplink message is transmitted to a GRE tunnel corresponding to the gateway network element 600 in the private namespace 30, and outer-layer IP header decapsulation processing is performed on the uplink message. It should be noted that after the uplink packet is transmitted to the private namespace 30, the outer IP header of the uplink packet can be decapsulated through the GRE tunnel corresponding to the gateway network element 600, a route corresponding to the inner IP header is found by searching the private routing table 310, and the uplink packet is transmitted to the network management software 50 through the soft switch module 40.
The method for processing the uplink packet of the network element management device 100 according to the embodiment of the present invention is described in detail below with reference to fig. 10:
when the network element sending the uplink message is the lower network element 800, the lower network element 800 sends the message to the gateway network element 600;
the gateway network element 600 receives the message sent by the lower network element 800, and encapsulates the GRE header and the outer layer IP header;
the packet is forwarded to the network element management device 100 through the gateway network element 600;
the network element management device 100 determines that the destination IP address of the packet is the IP address of private namespace (private namespace 30) veth4, and forwards the packet to the private namespace through the soft switch module 30;
the message is sent to the corresponding GRE tunnel interface on the private namespace, the outer IP header is decapsulated, it is determined that the inner IP is the IP address of the network element management device 100, the message passes through the soft switch module 40 to the global veth1, and finally the message is sent to the network management software 50.
If the network element sending the uplink message is the upper network element 700, the message sent by the non-upper network element 700 is directly sent to the veth1 through the soft switch module 40, and finally sent to the network management software 50.
It should be noted that, in a scenario where there are many devices in the network and the IP address that can be provided to the devices is limited, according to the network element management apparatus 100 and the message processing method of the network element management apparatus 100 in the embodiment of the present invention, linux network namespace is applied on the network management server (the network element management apparatus 100) for route isolation, and the route of the local area network device (the lower level network element 800) is isolated from the route of the global space (the global namespace 20), so that the network management software 50 cannot perceive thousands of routes and GRE tunnel virtual network interfaces of the local area network. And the message communicated with the equipment using the local area network IP address can be correctly sent out of the network management server (the network element management device 100) in an IP in-IP mode, and the message is normally communicated with the equipment using the local area network IP address on the network through the global network. The present invention configures only the global IP address on the upstream device (upper network element 700). The downstream device (lower level network element 800) uses a local network IP address or a private network IP address, the IP address of the downstream device not being visible in the global network. The network management software 50 uses the global IP address and the local network IP address to manage the upstream and downstream devices, respectively.
The global namespace of the network management server (element management device 100) points to another private namespace 30 for all routes using private network IP. Only messages of devices using the global IP address directly look up the global routing table 210 of the global namespace 20 and are sent from the physical interface 10 of the network management server in the form of normal IP messages. For the device using the IP address of the local area network, when the network management server communicates with the device, the message first enters the private namespace (private namespace 30) through the route, and then enters the corresponding GRE tunnel interface through the private routing table 310 of the private namespace, the GRE header is encapsulated, and the message whose destination IP is the IP address of the gateway network element 600 is encapsulated on the outer layer and then returns to the global namespace 20 for sending.
Thus, when the network is deployed, only the first device of a plurality of devices on one link needs to globally manage the IP address, and the IP address used on the network is greatly saved. From the network management equipment. The routing and GRE tunnel to the IP address of the local area network 800 of the lower level network element of each gateway network element 600 are invisible to the network management software 50, and the private network routing is not exposed to the outside, so that the normal operation of various functions of the network management software 50 is not affected. Commands and system calls of the Linux operating system are not affected. In addition, new hardware resources do not need to be added and the network topology does not need to be modified, so that the real-time cost is low and the maintenance is convenient. And extra equipment does not need to be deployed for routing the equipment using the local area network IP, so that the cost is saved. The IP address resource and the equipment deployment cost are greatly solved.
The network element management apparatus 100 according to the present invention has two methods for network topology, the first method is as shown in fig. 2, there is only one veth link connected between global namespace (global namespace 20) and private namespace (private namespace 30), one end of the veth link has a veth4 interface at the private namespace (private namespace 30), the other end of the veth link has a veth3 interface directly connected to the soft switch module 40 of the global namespace (global namespace 20), and the soft switch module 40 may be linux bridge or openswitch. The path 4 interface in private namespace (private namespace 30) needs to have a global IP address. Linux connects a physical port, namely veth3 connected to global namespace (global namespace 20) and veth4 connected to private namespace (private namespace 30), together through a Linux bridge or openvswitch, so that the global namespace and the private namespace share the physical port. When the network element management software communicates with the device using the private IP address, the message enters the private namespace through a unique path link, is printed with a GRE (generic routing encapsulation) header and an external IP (Internet protocol) header, returns to the global network namespace through the original path, and is sent out to a physical port through soft switching.
In the second method, as shown in fig. 3, a path link is additionally established between the global namespace and the private space for message transmission without GRE header. When the network element management device 100 communicates with a device using an IP of a local area network, the device first sends a GRE header to a private namespace through the path link, encapsulates an external IP header, and sends the GRE header to a linux bridge or an openvswitch through another path link after soft forwarding. The processing of the uplink message is opposite to that of the downlink message, and is not described herein again.
According to the network element management apparatus 100 of the present invention, the network management software 50 manages the common network element and the gateway network element 600 through the global IP. The generic network element and the gateway network element 600 described here can be understood as the "upper level network element 700" described above. The route to the upper level network element 700 is stored in the global namespace 20, the message trend is shown as the solid line in fig. 4, after the message is sent and the route is searched, the message is connected to linux Bridge or openvswitch through veth, and is sent to the physical network port through the soft switch module 40. The message is a common single-layer IP header message. As shown by a line mixed by a dotted line and a solid line in the figure, the management of the lower-level network element 800 of the gateway network element 600 is that, first, by searching a route aiming at a private IP in the global namespace 20, the route is a route pointing to a veth in a private network namespace, after a message enters the private network namespace, the route of the namesapce is searched, the route pointing a route to a downstream network element IP address of the gateway network element 600 to a corresponding GRE tunnel, a GRE header is marked, an outer-layer IP is encapsulated (the destination IP address is the IP of the gateway network element 600, the message is changed into a GRE message, and the dotted line represents), and then, the message is sent to a linux bridge or an openswitch by connecting the veth between the private namespace and the linux bridge, and is sent to a physical network gateway to send out a server after soft forwarding. The message is a GRE message of IP in IP, the destination address of the outer IP is the IP of the gateway network element 600, and the destination address of the inner IP is the private network IP address used by the downstream device.
When the GRE packet for managing the lower network element 800 reaches the gateway network element 600, the gateway network element 600 drops the GRE header and the outer IP header, and delivers the packet to the lower network element 800 according to the inner IP. When the gateway network element 600 receives the message sent from the lower network element 800 to the network management server, the message is encapsulated into the GRE tunnel according to the policy routing, and the target IP address of the outer layer is the global IP address of the network management server. And delivering the message to the network management server by using the outer IP address.
According to the computer-readable storage medium of the embodiment of the present invention, the computer-readable storage medium stores an implementation program for information transfer, and when the program is executed by the processor, the method for processing a message by the network element management apparatus 100 as described above is implemented.
According to the computer-readable storage medium of the embodiment of the invention, the GRE tunnel and the namespace isolation technology are adopted, the IP address is saved, no additional equipment is required to be added, the messages are correspondingly processed aiming at the upper network element 700 and the lower network element 800, and the operation is reliable and stable.
While the invention has been described in connection with specific embodiments thereof, it is to be understood that it is intended by the appended drawings and description that the invention may be embodied in other specific forms without departing from the spirit or scope of the invention.
Claims (11)
1. A network element management apparatus, wherein a network element using a global IP address is set as an upper network element, and a network element using a local area network IP or a private IP is set as a lower network element, the network element management apparatus comprising:
the physical interface is used for the network element management device to respectively perform message interaction with the upper network element and the lower network element through the physical interface;
the global naming space is used for managing the routing of the superior network element;
a private namespace for managing the routing of the subordinate network element;
a soft switch module for connecting the global namespace, the private namespace, and the physical interface.
2. The apparatus according to claim 1, wherein a GRE tunnel connected to a gateway network element is provided in the private namespace, and routes of the lower level network elements all point to the GRE tunnel interfaces of the corresponding gateway network elements.
3. The apparatus of claim 1, wherein the global namespace and the private namespace are both connected to the soft switch module via virtual links.
4. The apparatus of claim 1, wherein the global namespace and the private namespace are connected by a virtual link.
5. A method for processing downlink packet by using the network element management apparatus according to any one of claims 1 to 4, the method comprising:
when the network element management device sends a message to a target network element, the message is a downlink message,
if the target network element is a superior network element, the downlink message is sent from the physical interface to the target network element through the soft switch module;
and if the target network element is a lower-level network element, the downlink message enters the private naming space through the soft switch module, and the downlink message is packaged in the private naming space and then is sent to the target network element from the physical interface through the soft switch module.
6. The method for processing downlink packet of the network element management device according to claim 5, wherein the step of determining the target network element comprises:
searching a global routing table in the global namespace to obtain the IP of the target network element;
if the IP of the target network element is a local area network IP or a private IP, the target network element is judged to be a lower-level network element, and if the IP of the target network element is a global IP, the target network element is judged to be a higher-level network element.
7. The method as claimed in claim 5, wherein the encapsulating the packet in the private namespace comprises:
and searching a private space routing table in the private namespace, determining a GRE tunnel interface corresponding to the downlink message, and encapsulating an outer layer IP header of the downlink message based on the IP of the gateway network element corresponding to the GRE tunnel interface.
8. A method for processing an uplink packet by using the network element management device according to any one of claims 1 to 4, the method comprising:
when the network element sends a message to the network element management device, the message is an uplink message,
if the network element sending the uplink message is a superior network element, the network element sends the uplink message to the physical interface and sends the uplink message to network management software through the soft switch module;
and if the network element sending the uplink message is a lower-level network element, the lower-level network element sends the uplink message to a gateway network element, the uplink message enters the private name space through the soft switch module after being encapsulated by the gateway network element, and the uplink message is sent to network management software through the soft switch module after being decapsulated in the private name space.
9. The method according to claim 8, wherein the encapsulating the uplink packet at the gateway network element includes:
and the gateway network element performs IP header encapsulation on the uplink message based on the IP of the private namespace.
10. The method according to claim 8, wherein the decapsulating the uplink packet in the private namespace comprises:
and the uplink message is transmitted to a GRE tunnel corresponding to the gateway network element in the private name space, and outer-layer IP header decapsulation processing is carried out on the uplink message.
11. A computer-readable storage medium, on which an information transfer implementation program is stored, and which, when executed by a processor, implements the steps of the message processing method performed by the network element management apparatus according to any one of claims 5 to 10.
Priority Applications (2)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201910601817.7A CN112187500A (en) | 2019-07-04 | 2019-07-04 | Network element management device and message processing method |
| PCT/CN2020/095661 WO2021000713A1 (en) | 2019-07-04 | 2020-06-11 | Network element management apparatus and message processing method |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201910601817.7A CN112187500A (en) | 2019-07-04 | 2019-07-04 | Network element management device and message processing method |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN112187500A true CN112187500A (en) | 2021-01-05 |
Family
ID=73915678
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201910601817.7A Pending CN112187500A (en) | 2019-07-04 | 2019-07-04 | Network element management device and message processing method |
Country Status (2)
| Country | Link |
|---|---|
| CN (1) | CN112187500A (en) |
| WO (1) | WO2021000713A1 (en) |
Citations (8)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1571440A (en) * | 2003-07-25 | 2005-01-26 | 中兴通讯股份有限公司 | A system and method for implementing multimedia call crossing private network |
| US6948003B1 (en) * | 2000-03-15 | 2005-09-20 | Ensim Corporation | Enabling a service provider to provide intranet services |
| CN101488904A (en) * | 2009-02-27 | 2009-07-22 | 杭州华三通信技术有限公司 | Method for GRE tunnel crossing network address translation apparatus and network address translation apparatus |
| CN102457586A (en) * | 2010-10-18 | 2012-05-16 | 中兴通讯股份有限公司 | Expanding method for realizing double-layer network and expanded double-layer network |
| CN106059803A (en) * | 2016-05-26 | 2016-10-26 | 国云科技股份有限公司 | Method for realizing southbound and northbound communication of virtual machines on computing nodes |
| CN107959614A (en) * | 2017-10-30 | 2018-04-24 | 广东睿江云计算股份有限公司 | A kind of self-defined network-building method of multi-tenant based on network namespace, system |
| US20180212788A1 (en) * | 2017-01-26 | 2018-07-26 | International Business Machines Corporation | Multicast helper to link virtual extensible lans |
| CN109547392A (en) * | 2017-09-21 | 2019-03-29 | 杭州达乎科技有限公司 | A kind of encryption cut-in method and system for supporting multi-user's isolation in SDN network |
Family Cites Families (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US8824274B1 (en) * | 2011-12-29 | 2014-09-02 | Juniper Networks, Inc. | Scheduled network layer programming within a multi-topology computer network |
| CN102437931B (en) * | 2011-12-29 | 2015-07-08 | 华为技术有限公司 | Detection method and device of service path |
| US9590901B2 (en) * | 2014-03-14 | 2017-03-07 | Nicira, Inc. | Route advertisement by managed gateways |
| CN106953788B (en) * | 2017-02-16 | 2019-12-13 | 北京西普阳光教育科技股份有限公司 | virtual network controller and control method |
-
2019
- 2019-07-04 CN CN201910601817.7A patent/CN112187500A/en active Pending
-
2020
- 2020-06-11 WO PCT/CN2020/095661 patent/WO2021000713A1/en active Application Filing
Patent Citations (8)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US6948003B1 (en) * | 2000-03-15 | 2005-09-20 | Ensim Corporation | Enabling a service provider to provide intranet services |
| CN1571440A (en) * | 2003-07-25 | 2005-01-26 | 中兴通讯股份有限公司 | A system and method for implementing multimedia call crossing private network |
| CN101488904A (en) * | 2009-02-27 | 2009-07-22 | 杭州华三通信技术有限公司 | Method for GRE tunnel crossing network address translation apparatus and network address translation apparatus |
| CN102457586A (en) * | 2010-10-18 | 2012-05-16 | 中兴通讯股份有限公司 | Expanding method for realizing double-layer network and expanded double-layer network |
| CN106059803A (en) * | 2016-05-26 | 2016-10-26 | 国云科技股份有限公司 | Method for realizing southbound and northbound communication of virtual machines on computing nodes |
| US20180212788A1 (en) * | 2017-01-26 | 2018-07-26 | International Business Machines Corporation | Multicast helper to link virtual extensible lans |
| CN109547392A (en) * | 2017-09-21 | 2019-03-29 | 杭州达乎科技有限公司 | A kind of encryption cut-in method and system for supporting multi-user's isolation in SDN network |
| CN107959614A (en) * | 2017-10-30 | 2018-04-24 | 广东睿江云计算股份有限公司 | A kind of self-defined network-building method of multi-tenant based on network namespace, system |
Also Published As
| Publication number | Publication date |
|---|---|
| WO2021000713A1 (en) | 2021-01-07 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN107517488B (en) | Message processing method and device | |
| CN107819677B (en) | Message forwarding method and device | |
| CN106936777B (en) | Cloud computing distributed network implementation method and system based on OpenFlow | |
| CN104506408B (en) | The method and device of data transfer based on SDN | |
| EP2579544B1 (en) | Methods and apparatus for a scalable network with efficient link utilization | |
| KR102342286B1 (en) | DCN message processing method, network device, and network system | |
| CN110324165B (en) | Network equipment management method, device and system | |
| EP3125476B1 (en) | Service function chaining processing method and device | |
| CN105577413A (en) | OAM (Operation, Administration and Management) message processing method and device | |
| CN108574616A (en) | A kind of method, equipment and the system of processing routing | |
| US20060182113A1 (en) | Automatic discovery of pseudo-wire peer addresses in ethernet-based networks | |
| WO2013185715A1 (en) | Method for implementing virtual network and virtual network | |
| CN108964940B (en) | Message sending method and device and storage medium | |
| CN103685022A (en) | Message forwarding method and service provider network edge equipment | |
| CN107306215B (en) | Data processing method, system and node | |
| CN104683210A (en) | Automatic tunnel establishing method and device | |
| CN112491706A (en) | Data message processing method and device, storage medium and electronic device | |
| CN108093041A (en) | Single channel VDI proxy servers and implementation method | |
| US20090245263A1 (en) | Apparatus and method for transmitting packets in a packet switched network | |
| CN113923158B (en) | Message forwarding, route sending and receiving method and device | |
| CN107659436A (en) | A kind of method and device for preventing service disconnection | |
| CN102316085B (en) | Communication method and system for stream control transmission protocol (SCTP) couple | |
| CN103986637B (en) | A kind of error message processing method and tunnel device | |
| CN112187500A (en) | Network element management device and message processing method | |
| CN114553707B (en) | Method and device for generating topology information of network and delimiting network faults |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| WD01 | Invention patent application deemed withdrawn after publication |
Application publication date: 20210105 |
|
| WD01 | Invention patent application deemed withdrawn after publication |