CN115834293A - Method for constructing building private network and building private network - Google Patents
Method for constructing building private network and building private network Download PDFInfo
- Publication number
- CN115834293A CN115834293A CN202211460294.7A CN202211460294A CN115834293A CN 115834293 A CN115834293 A CN 115834293A CN 202211460294 A CN202211460294 A CN 202211460294A CN 115834293 A CN115834293 A CN 115834293A
- Authority
- CN
- China
- Prior art keywords
- network
- virtual
- virtual network
- port
- building
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000000034 method Methods 0.000 title claims abstract description 90
- 239000003795 chemical substances by application Substances 0.000 claims description 78
- 238000000060 site-specific infrared dichroism spectroscopy Methods 0.000 claims description 40
- 230000005540 biological transmission Effects 0.000 claims description 35
- 230000006870 function Effects 0.000 claims description 25
- 230000002776 aggregation Effects 0.000 claims description 12
- 238000004220 aggregation Methods 0.000 claims description 12
- 239000013307 optical fiber Substances 0.000 claims description 4
- 238000012545 processing Methods 0.000 claims description 4
- 238000009434 installation Methods 0.000 claims description 3
- 238000010276 construction Methods 0.000 abstract description 6
- 238000012423 maintenance Methods 0.000 abstract description 4
- 238000007726 management method Methods 0.000 description 97
- 238000004891 communication Methods 0.000 description 12
- 238000005516 engineering process Methods 0.000 description 8
- 238000004134 energy conservation Methods 0.000 description 3
- 230000009467 reduction Effects 0.000 description 3
- 230000009286 beneficial effect Effects 0.000 description 2
- 238000011161 development Methods 0.000 description 2
- 239000000835 fiber Substances 0.000 description 2
- 230000010354 integration Effects 0.000 description 2
- 230000007547 defect Effects 0.000 description 1
- 230000007613 environmental effect Effects 0.000 description 1
- 230000006872 improvement Effects 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
- 238000012544 monitoring process Methods 0.000 description 1
- 230000003287 optical effect Effects 0.000 description 1
- 238000005457 optimization Methods 0.000 description 1
- 230000008569 process Effects 0.000 description 1
- 238000006467 substitution reaction Methods 0.000 description 1
- 230000002195 synergetic effect Effects 0.000 description 1
- 230000009466 transformation Effects 0.000 description 1
- 230000007723 transport mechanism Effects 0.000 description 1
- XLYOFNOQVPJJNP-UHFFFAOYSA-N water Substances O XLYOFNOQVPJJNP-UHFFFAOYSA-N 0.000 description 1
Images
Landscapes
- Data Exchanges In Wide-Area Networks (AREA)
Abstract
The invention discloses a method for constructing a building private network and the building private network, wherein the method comprises the following steps: creating a virtual computing unit for a virtual network, distributing a virtual network identifier, and configuring the virtual network identifier to network equipment through which traffic needs to pass in the virtual network; deploying a first network management agent in a gateway virtual computing unit of the virtual network, and deploying a second network management agent in the gateway virtual computing unit of the network management network; and/or deploying a first computing resource management agent in a gateway virtual computing unit of the virtual network, and deploying a second computing resource management agent in a gateway virtual computing unit of the network management network to realize virtual network management. The method of the invention realizes three-in-one network, effectively utilizes resources and reduces construction and maintenance cost.
Description
Technical Field
The invention relates to a method for constructing a building private network and the building private network.
Background
Intelligent buildings (Intelligent Building) are also called Intelligent buildings and Intelligent buildings, advanced technologies of various aspects such as buildings, communication, computers, control and the like are mutually fused, and the Intelligent buildings and the Intelligent Building are reasonably integrated into an optimized whole to form a modern novel Building capable of meeting the requirements of information-based social development.
The intelligent building mainly meets the requirements of customers in three levels in the building: owners, tenants in the building and individuals in the building. Building infrastructure needs to be improved by digital technology for owners, more intelligent automatic control, safety monitoring, energy conservation, emission reduction, personnel management and the like are realized, and cost reduction and efficiency improvement are realized. Tenants in the building expect that the building can provide more digital services, more conveniently and more cost-effectively acquire communication and information technologies, and quickly build the capacity required by digital transformation. The individual needs in the building can solve the mobile network coverage and the communication is smooth at high speed at any time and any place.
In the current building intelligent construction practice, three networks are formed, namely a basic communication network, an automatic control network and an enterprise information network. The communication network is built and operated by telecommunication operators, comprises 4G/5G in-building coverage, fiber to the building/to the home, and provides basic communication and broadband access service for the customers in the building. The automatic control network is built and operated by entrusts of building owners, realizes the automatic control function of key infrastructure facilities such as water routes, circuits, air conditioners, elevators, security guards, parking lots, property and the like in the building, and guarantees the public service of the building. The enterprise information network is built and maintained by the tenants of the enterprises in the building, so that the requirements of office informatization, management digitization and the like required by the enterprises are met.
Disclosure of Invention
At present, three networks in a building are mutually independent physical networks, different main bodies are responsible for construction and are in war, and the three networks have the following defects: no synergistic effect can be formed between the three webs,
for example, the service requirements of the automatic control network and the enterprise information network cannot be used for knowing the dynamic adjustment and optimization of the basic communication network, and the efficiency of the three networks is reduced. Three nets have part of facilities to be built repeatedly, and the cost burden of enterprises is increased to a great extent. Computing resources need to be deployed in the three networks or a physical server is used, so that the operation and maintenance complexity is high; or a public cloud host is leased, which requires public network access and higher cost to meet performance and security requirements. In addition, three nets in the current building are not beneficial to energy conservation and environmental protection.
Aiming at the problems, the invention provides a method for realizing a building private network integrating three networks, which can realize the integration development of the three networks, is beneficial to reducing the construction cost and brings great convenience to customers.
A method of constructing a building private network, the method comprising:
creating a virtual computing unit for a virtual network, distributing a virtual network identifier, and configuring the virtual network identifier to network equipment through which flow needs to pass in the virtual network; and
deploying a first network management agent in a gateway virtual computing unit of the virtual network, and deploying a second network management agent in the gateway virtual computing unit of the network management network; and/or deploying a first computing resource management agent in the gateway virtual computing unit of the virtual network, and deploying a second computing resource management agent in the gateway virtual computing unit of the network management network, so as to realize virtual network management.
In the method, an account can be allocated to the administrator of the virtual network in network management software, and an account can be allocated to the administrator of the virtual network in cloud computing management software.
In the method, the number of the virtual computing units required by the virtual network and the configuration parameter of each virtual computing unit can be determined according to the requirement of the virtual network, and a plurality of virtual computing units are allocated to the virtual network in an edge computing node according to the number and the configuration parameter; and
according to the network service requirement of the virtual network, determining the in-building network equipment through which the virtual network flow needs to pass; if the virtual computing unit is allocated, determining edge machine room network equipment through which the virtual network flow needs to pass according to the allocated virtual computing unit, and configuring the virtual network identifier to the in-building network equipment and the edge machine room network equipment.
In the method, the in-building network device may include an in-building network switch port and an in-building convergence device port, and the edge machine room network device may include a network switch port, a physical server, a machine room network switch port, and a machine room interface device port.
In the method, the virtual network identification may include a VLAN ID and/or a VxLAN ID.
In the method, the configuration parameters of the virtual computing unit may include processing power, storage capacity, and network bandwidth.
The method may further comprise:
determining one or more Wi-Fi SSIDs required by the virtual network and parameters of each SSID according to service requirements of the virtual network;
determining a plurality of Wi-Fi APs through which the virtual network traffic needs to pass, and configuring the virtual network identifier to the Wi-Fi APs; and
and creating the SSID on the Wi-Fi AP and the Wi-Fi AC by using the parameter of the SSID, and binding the virtual network identifier with the SSID, so that a data message generated by the SSID carries the virtual network identifier when being sent to a network switch, and when receiving the data message carrying the virtual network identifier from the network switch, the data message is forwarded to the SSID.
In the method, the parameter of the SSID may include a name, a frequency band, and an authentication method of the SSID.
The method may further comprise:
according to the network service requirement of the virtual network, if the virtual network needs to be connected to a public network, a transmission path from interface equipment to broadband access equipment is searched, and the virtual network identifier is configured to an interface equipment port, each network switch port and a broadband access equipment port on the transmission path; and
and on the port of the broadband access equipment, creating a virtual outlet gateway for the virtual network, wherein the virtual outlet gateway is responsible for forwarding the traffic needing to go to the public network.
In the method, the virtual network may be a 5G indoor bearer network, the 5G indoor bearer network including one or more micro base stations, each micro base station including one BBU and several prrus; the BBU and the pRRU communicate through an eCPRI protocol to create a virtual network for each micro base station or create a virtual network for several micro base stations,
the method may further comprise:
for each pRRU, finding a network switch nearby according to the installation position of the pRRU, allocating a free port on the network switch for connecting the pRRU, and configuring the virtual network identifier to the port of the network switch;
searching a transmission path from each network switch to an in-building convergence device, and configuring the virtual network identifier to a port of each network switch and a port of the in-building convergence device on the transmission path;
creating a second network interface for the virtual compute unit, the second network interface capable of connecting to a mobile core network; and
and installing BBU software in the virtual computing unit.
In the method, the pRRU may be a separate physical device.
In the method, the pRRU may be merged with the Wi-Fi AP in the same physical device.
In the method, the virtual network may be a building infrastructure management and control network, the building infrastructure management and control network includes two types of subnets, an autonomous network and a centralized management network, and the step of creating the autonomous network may include:
determining, for each Wi-Fi-accessed terminal/controller in the autonomous network, the Wi-Fi AP that can overlay the terminal/controller, creating the SSID on the Wi-Fi AP and the Wi-Fi AC using SSID parameters of the autonomous network, configuring the virtual network identification to a port of the network switch to which the Wi-Fi AP and the Wi-Fi AP are connected;
searching a network switch nearby each self-control network through a terminal/controller accessed by a wire, distributing an idle port on the network switch for connecting the terminal/controller, and configuring the virtual network identifier to the port of the network switch; and
and determining a transmission path required for realizing full interconnection of the network switch connected with the Wi-Fi AP and the network switch connected with the terminal/controller, and configuring the virtual network identifier to a port of each network switch on the transmission path.
In the method, transmission paths required for full interconnection can be determined according to a spanning tree algorithm.
In the method, the step of creating the centrally managed network may comprise:
for each automatic control network, selecting a network switch as an exit switch, selecting a port in the network switch as an exit port, configuring the virtual network identifier of the automatic control network to the exit port, and simultaneously creating a virtual exit gateway on the exit port, or connecting a router device as the exit gateway;
finding a transmission path from each of the egress gateways to a convergence device, and configuring the virtual network identifier of the centralized management network to a port of each of the network switches on the transmission path; and
deploying centralized management software of a building infrastructure in the virtual compute units.
In the method, the virtual network may be an enterprise information network, and the step of creating the enterprise information network may include:
determining a Wi-Fi AP covering an enterprise according to a floor and a room where the enterprise is located, creating an SSID on the Wi-Fi AP and a Wi-Fi AC by using SSID parameters of the enterprise information network, configuring the virtual network identifier to a port of a network switch connected with the Wi-Fi AP and the Wi-Fi AP, and binding the virtual network identifier with the SSID;
according to the quantity of the wired ports applied by the enterprise, network switches nearby the enterprise are found, the ports of the network switches are distributed to the enterprise, and the virtual network identifications are configured to the ports of the network switches;
and for the network switch connected with the Wi-Fi AP and the network switch for allocating ports to the enterprise, determining a transmission path from the network switch to an aggregation device, and configuring the virtual network identifier to the port of each network switch on the transmission path and the port of the aggregation device.
In the method, the corporate information network may not pass through an in-building aggregation device, but rather be connected directly to an interface device of an edge room using direct fiber by the network switch within the corporate information network.
The method may further comprise:
constructing a virtual network as a collaboration network, wherein the step of constructing the collaboration network may include:
configuring one virtual computing unit for each virtual network as the gateway virtual computing unit;
configuring a third network interface for the gateway virtual computing unit, wherein the third network interface of each gateway virtual computing unit is connected to a network switch;
for the network switch connected with the third network interface, determining a transmission path required for realizing full interconnection; and
and each virtual network provides a service API in the cooperation network through the gateway virtual computing unit.
The method may further comprise:
a terminal in the virtual network sends a network management function access request to the first network management agent;
the first network management agent forwards the access request to the second network management agent through a cooperative network;
if the access request does not carry an account, the second network management agent adds the account allocated for the virtual network in the access request, and forwards the access request to the network management software;
the network management software sends reply information to the second network management agent;
the second network management agent forwards the reply message to the first network management agent; and
and the first network management agent forwards the reply information to a terminal sending a request.
The method may further comprise:
the first network management agents of the virtual networks are configured to be uniform network addresses, so that the interior of each virtual network can access the network management function through the same network address, an independent domain name resolution system is deployed for the virtual networks, and the first network management agents of the virtual networks are configured to be uniform domain names, so that the interior of each virtual network can access the network management function through the same domain name.
The method may further comprise:
a terminal in the virtual network sends a computing resource management function access request to the first computing resource management agent;
the first computing resource management agent forwarding the access request to the second computing resource management agent over a collaborative network;
if the access request does not carry an account, the second computing resource management agent adds the account allocated for the virtual network in the access request, and forwards the access request to the cloud computing management software;
the cloud computing management software sends reply information to the second computing resource management agent;
the second computing resource management agent forwarding the reply message to the first computing resource management agent; and
the first computing resource management agent forwards the reply message to the requesting terminal;
the method may further comprise:
configuring the first computing resource management agent of each virtual network as a uniform network address, enabling the inside of each virtual network to access a computing resource management function through the same network address, deploying an independent domain name resolution system for the virtual networks, configuring the first computing resource management agent of each virtual network as a uniform domain name, and enabling the inside of each virtual network to access the computing resource management function through the same domain name.
The invention also discloses a building private network constructed according to the method.
By utilizing the method, a physical network with unified technical standards, which is formed by a network switch, a Wi-Fi AP and other equipment, is built in a building, and a basic communication network, a building automatic control network and an enterprise information network are constructed on the same physical network in a virtual local area network creating mode, so that the integration of three networks is realized, resources are effectively utilized, and the construction and maintenance cost is reduced. In addition, the computing nodes are deployed in the edge machine room, the building and operator edge machine room networks are communicated at the same time to form a virtual local area network, and virtual computing units are distributed to the virtual local area network, so that computing resources required by the building are centralized to the edge machine room, the flexibility and the use convenience of computing resource configuration are improved, the purchasing and using cost is reduced, and meanwhile, energy conservation and emission reduction are facilitated.
Drawings
Specific embodiments of the present invention will now be described with reference to the accompanying drawings, which are illustrative and not restrictive.
FIG. 1 illustrates a building private network constructed in accordance with an embodiment of the invention;
FIG. 2 illustrates a 5G indoor carrying net constructed in accordance with an embodiment of the invention;
FIG. 3 illustrates a building infrastructure management and control network constructed in accordance with an embodiment of the invention;
FIG. 4 illustrates an enterprise information network constructed in accordance with an embodiment of the invention;
FIG. 5 illustrates a building private network constructed in accordance with an embodiment of the invention;
fig. 6 illustrates a method of constructing a building private network according to an embodiment of the present invention; and
fig. 7 is a flowchart illustrating a method of constructing a private building network according to an embodiment of the present invention.
Detailed Description
As shown in fig. 1, a private building network 11 according to the present invention includes an in-building network 12 and an operator edge machine room network 13.
A Wi-Fi AP (access point device) 121 is installed in the building, and Wi-Fi wireless coverage of the whole building is achieved. The Wi-Fi AP121 is connected to a network switch (ethernet switch or triple-layer switch) 122, and implements intra-building full interconnection by deploying multistage cascaded switches or POL all-optical networks in a building, and converges traffic that needs to be exchanged with the outside to an intra-building convergence device 123. The convergence device 123 is connected to the in-building network 12 at one end and to the interface device 131 of the provider edge room 13 at the other end via the optical fiber 124.
The provider edge equipment room network 13 includes an interface device 131, a broadband access device 132, and an edge computing node 133, and the various devices are connected through a network switch 122. The interface device 131 is connected to the in-building network 12 through the optical fiber 124; the broadband access device 132 is connected with a public network (public internet) and provides service for accessing the terminal in the building to the internet; the edge computing node 133 is formed by a series of servers, is installed with cloud management software, and can allocate a plurality of virtual computing units (virtual machines or containers) as required, and each virtual computing unit has an independent virtual network interface connected to the edge machine room network 13. Traffic from within the building is split according to routing forwarding rules, with a portion going to the public network and a portion going to the edge computing node 133.
The in-building network 12 and the edge room network 13 form a complete physical network of the building. A plurality of virtual networks 14 may be partitioned over the physical network, with each virtual network being isolated from the other. The technology for dividing the virtual network can be various, such as VLAN technology, vxLAN technology and the like.
One virtual network 14 is a network management network. The virtual computing unit of the network management network is used for network management, and the following software is installed in the virtual computing unit: the cloud computing management software is used for managing the virtual computing unit; the Wi-Fi AC software is used for carrying out unified management on the Wi-Fi wireless network, and comprises SSID management, cross-AP switching management and the like; the network management software is used for uniformly managing all the network equipment, including configuring a virtual network; and the authentication server software is used for providing a unified authentication service for terminal access.
In each virtual network 14, after passing through the equipment room interface device 131, the communication traffic from the in-building network 12 is split according to the IP routing forwarding rule, and a part of the communication traffic enters the public network through the broadband access device 132; another portion enters the virtual compute unit of the edge compute node 133.
The in-building terminal accesses the virtual network 14 by connecting the Wi-Fi AP121 or accesses the virtual network 14 by connecting a network switch port. The same Wi-Fi AP121 may be assigned to one virtual network 14 for exclusive use or may be shared by multiple virtual networks.
The method for constructing the building private network comprises the steps of establishing a 5G indoor bearer network, a building infrastructure management and control network, an enterprise information network and other virtual networks.
Specifically, in one embodiment, the method comprises the steps of:
according to the computing power requirement of the virtual network 14, the number of virtual computing units required by the virtual network 14, and the configuration parameters of the processing power, the storage capacity, the network bandwidth, and the like of each virtual computing unit are determined. Depending on the number and configuration, several virtual compute units are allocated in the edge compute node 133 for the virtual network 14.
According to the network service requirement of the virtual network 14, determining an in-building network switch port and an in-building convergence equipment port through which virtual network traffic needs to pass; and if the virtual computing unit is distributed, determining a physical server, a machine room network switch port and a machine room interface equipment port which the virtual network flow needs to pass through according to the distributed virtual computing unit. And configuring the virtual network identifier to the in-building network switch port, the physical server, the machine room network switch port and the machine room interface equipment port.
A network management function is deployed for the virtual network 14, so that an administrator of the virtual network can manage and control the permission of the terminal in the network for accessing the network; the deployment of computing resource management functions for virtual network 14 allows an administrator of the virtual network to deploy application software in the virtual compute units.
In one embodiment, the method for constructing a building private network may further include the steps of:
one or more Wi-Fi SSIDs required by the virtual network 14, and parameters such as the name, frequency band, authentication method, etc. of each SSID are determined according to the service requirements of the virtual network 14.
Determining a plurality of Wi-Fi APs through which the virtual network traffic needs to pass, and configuring the virtual network identifier to the Wi-Fi APs.
And creating SSID on the Wi-Fi AP and the Wi-Fi AC by using the parameters. Binding the virtual network identifier with the SSID, that is, when a data message generated by the SSID is sent to the network switch 122, carrying the virtual network identifier; when receiving the data packet carrying the virtual network identifier from the network switch 122, the data packet is forwarded to the SSID.
In one embodiment, the method for constructing a building private network may further include the steps of:
if a connection to the public network is required, a transmission path from the interface device 131 to the broadband access device 132 is found according to the network service requirements of the virtual network 14, and the identification of the virtual network 14 is configured to the interface device port, each network switch port, and the broadband access device port on the transmission path.
On the broadband access device port, a virtual egress gateway is created for the virtual network 14. The egress gateway is responsible for forwarding traffic that needs to go to the public network.
As shown in fig. 2, in the private building network of one embodiment, the 5G indoor bearer network 14A includes one or more micro base stations, each of which includes one BBU 134 and several prrus 126; the BBU 134 and the pRRU126 communicate via the eccri protocol. The pRRU126 may be a separate physical device or may be merged with the Wi-Fi AP121 in the same physical device. It is necessary to create a virtual network for each micro base station or for several micro base stations.
Specifically, in one embodiment, a method of constructing a building ad hoc network includes the steps of:
for each pRRU126, a network switch 122 in its vicinity is found based on its installation location, and a free port is allocated on the network switch 122 for connection to the pRRU 126. A virtual network ID is configured to the network switch port.
A transmission path from each network switch 122 to the aggregation device 123 in the building is found, and the virtual network ID is configured to each network switch port on the transmission path and the port of the aggregation device 123.
A second network interface is created for the virtual computing unit, which may be connected to the mobile core network 15.
And installing BBU software in the virtual computing unit.
As shown in fig. 3, in the method for constructing the building private network according to one embodiment, the building infrastructure management and control network includes two types of subnets, i.e., autonomous networks 14C and 14D and a centralized management network 14B, and each subnet is also assigned with a separate virtual network identifier. The autonomous networks 14C and 14D need to assign Wi-Fi SSID parameters. Building infrastructure includes waterways, circuits, air conditioners, elevators, parking lots, security, property, and the like. The building infrastructure is organized according to the principles of centralized management and decentralized control. The infrastructure is typically divided into a plurality of control areas, each control area including a number of terminals, controllers.
Specifically, in one embodiment, a method of creating autonomous networks 14C and 14D includes:
the terminal 125/controller 127 accessing via Wi-Fi for each of the autonomous networks 14C and 14D determines a Wi-Fi AP121 that may overlay the terminal 125/controller 127, and creates an SSID on the Wi-Fi AP121 and the Wi-Fi AC using the SSID parameters of the autonomous networks 14C and 14D. The virtual network ID is configured to the Wi-Fi AP121 and the network switch port to which the Wi-Fi AP121 is connected.
Each of the autonomous networks 14C and 14D is sought for a network switch 122 in its vicinity by the wired-access terminal 125/controller 127, and a free port is allocated on the network switch 122 for connecting the terminal 125/controller 127. A virtual network ID is configured to the network switch port.
For the network switch 122 to which the Wi-Fi AP121 is connected and the network switch 122 to which the terminal 125/controller 127 is connected, a transmission path required to realize full interconnection thereof is determined. For example, the paths required for interconnection may be determined according to a spanning tree algorithm. A virtual network ID is configured to each network switch port on the transmission path.
In one embodiment of a method of constructing a building infrastructure management and control network, in particular, a method of creating a centralized management network 14B includes:
for each autonomous network 14C and 14D, one network switch 122 is selected as an egress switch, and one port in the network switch 122 is selected as an egress port. The virtual network IDs of the autonomous networks 14C and 14D are configured to the egress port, and a virtual egress gateway 128 is created on the egress port or a router device is connected as the egress gateway 128.
A transmission path is found from each egress gateway to the aggregation device 123, and a virtual network identifier of the centrally managed network is configured to each network switch port on the path.
Centralized management software for the building infrastructure is deployed in the virtual computing unit 134.
As shown in fig. 4, in a method of constructing a private building network according to an embodiment, a method of creating an enterprise information network 14E includes:
and determining the Wi-Fi AP121 covering the enterprise according to the floor and the room where the enterprise is located. SSIDs are created on these Wi-Fi APs 121 and Wi-Fi ACs using the SSID parameters of the enterprise information network 14E. The virtual network ID is configured to the Wi-Fi APs 121 and the network switch ports to which the Wi-Fi APs 121 are connected. The virtual network ID is bound to the SSID.
According to the number of wired ports applied by the enterprise, network switches 122 near the enterprise are found, and the ports of the network switches 122 are allocated to the enterprise. Virtual network IDs are configured to these network switch ports.
For the network switch 122 connected to the Wi-Fi AP121 and the network switch 122 that assigns a port to the enterprise, a transmission path to the aggregation device 123 is determined, and a virtual network ID is configured to each network switch port and aggregation device port on the path.
As shown in fig. 4, in the method for constructing an enterprise information network according to an embodiment, the enterprise information network 14E may also be directly connected to the interface device 131 of the edge machine room 13C by the network switch 122 in the enterprise information network 14E using the direct-connected optical fiber 129, without going through the in-building aggregation device 123, so as to provide a stable transmission rate for the enterprise information network 14E.
As shown in fig. 5, the method for constructing a private building network of one embodiment further includes: a virtual network is constructed as the cooperation network 14G, and the interconnection of the virtual computing units 135 of the respective virtual networks 14A, 14B, 14E and 14F is realized, so that the data sharing and exchange of the respective networks are realized.
Specifically, in one embodiment, the method comprises:
one virtual computing unit is configured for each virtual network 14A, 14B, 14E, and 14F as a gateway virtual computing unit 135.
The gateway virtual computing units 135 are configured with a third network interface, and the third network interface of each gateway virtual computing unit 135 is connected to the network switch 122.
For the network switch 122 connected to the third network interface, a transmission path required for realizing the full interconnection is determined. For example, the paths required for interconnection may be determined according to a spanning tree algorithm. And configuring the virtual network ID of the cooperative network to each network switch port on the transmission path.
Each of the virtual networks 14A, 14B, 14E, and 14F provides a service API within the collaboration network 14G through the gateway virtual computing unit 135. For example, an API in the form of HTTP Service is provided.
As shown in fig. 6, in a method for constructing a private building network according to an embodiment, a method for deploying a network management function for a virtual network includes: an account is allocated to the administrator of the virtual network in the network management software 19, and the network management software 19 can be accessed and the virtual network can be managed and controlled through the account. A first network management agent 17 is deployed in a gateway virtual computing unit of a virtual network, and a second network management agent 18 is deployed in the gateway virtual computing unit of the network management network.
Specifically, in one embodiment, the access procedure includes:
the terminal 16 in the virtual network sends a network management function access request to the first network management agent 17.
The first network management agent 17 forwards the access request to the second network management agent 18 via the cooperative network.
If the access request does not carry an account, the second network management agent 18 adds the account allocated for the virtual network in the access request. The second network management agent 18 forwards the access request to the network management software 19.
The network management software 19 sends a reply message back to the second network management agent 18.
The second network management agent 18 forwards the reply message to the first network management agent 17.
The first network management agent 17 forwards the reply message to the requesting terminal 16.
The method for constructing the building private network of one embodiment further comprises the following steps: the first network management agents 17 of each virtual network are configured as uniform network addresses, so that the inside of each virtual network can access the network management function through the same network address. An independent domain name resolution system is deployed for the virtual networks, and the first network management agents 17 of each virtual network are configured into a uniform domain name, so that the network management function can be accessed through the same domain name in each virtual network.
In a method of constructing a private building network of one embodiment, a method of deploying computing resource management functions for a virtual network includes:
an account is allocated to an administrator of the virtual network in the cloud computing management software, and the cloud computing management software can be accessed and the virtual computing resources of the virtual network can be managed and controlled through the account. A first computing resource management agent is deployed in a gateway virtual computing unit of a virtual network, and a second computing resource management agent is deployed in a gateway virtual computing unit of a network management network.
Specifically, in one embodiment, the access process includes the steps of:
and the terminal in the virtual network sends a computing resource management function access request to the first computing resource management agent.
The first computing resource management agent forwards the access request to the second computing resource management agent over the collaborative network.
And if the access request does not carry the account, the second computing resource management agent adds the account allocated for the virtual network in the access request. The second computing resource management agent forwards the access request to the cloud computing management software.
The cloud computing management software sends the reply information back to the second computing resource management agent.
The second computing resource management agent forwards the reply message to the first computing resource management agent.
The first computing resource management agent forwards the reply message to the requesting terminal.
The method for constructing the building private network of one embodiment further comprises the following steps: the first computing resource management agents of the respective virtual networks are configured to unify network addresses, so that the computing resource management function can be accessed through the same network address inside each virtual network. An independent domain name resolution system is deployed for the virtual networks, and the first computing resource management agents of the virtual networks are configured into uniform domain names, so that the computing resource management function can be accessed through the same domain name in each virtual network.
Fig. 7 is a flowchart illustrating a method of constructing a private building network according to an embodiment of the present invention. In this embodiment of the present invention, a method of constructing a building ad hoc network includes the steps of:
s1: creating a virtual computing unit for a virtual network, distributing a virtual network identifier, and configuring the virtual network identifier to network equipment through which flow needs to pass in the virtual network; and
s2: deploying a first network management agent in a gateway virtual computing unit of a virtual network, and deploying a second network management agent in the gateway virtual computing unit of the network management; and/or deploying a first computing resource management agent in a gateway virtual computing unit of the virtual network, and deploying a second computing resource management agent in a gateway virtual computing unit of the network management network to realize virtual network management.
The method of the invention can realize three-in-one network, effectively utilize resources and reduce construction and maintenance costs.
It will be understood by those of ordinary skill in the art that all or some of the steps of the methods, systems, functional modules/units in the devices disclosed above may be implemented as software, firmware, hardware, and suitable combinations thereof. In a hardware implementation, the division between functional modules/units mentioned in the above description does not necessarily correspond to the division of physical components; for example, one physical component may have multiple functions, or one function or step may be performed by several physical components in cooperation. Some or all of the physical components may be implemented as software executed by a processor, such as a central processing unit, digital signal processor, or microprocessor, or as hardware, or as an integrated circuit, such as an application specific integrated circuit. Such software may be distributed on computer readable media, which may include computer storage media (or non-transitory media) and communication media (or transitory media). The term computer storage media includes volatile and nonvolatile, removable and non-removable media implemented in any method or technology for storage of information such as computer readable instructions, data structures, program modules or other data, as is well known to those of ordinary skill in the art. Computer storage media includes, but is not limited to, RAM, ROM, EEPROM, flash memory or other memory technology, CD-ROM, digital Versatile Disks (DVD) or other optical disk storage, magnetic cassettes, magnetic tape, magnetic disk storage or other magnetic storage devices, or any other medium which can be used to store the desired information and which can accessed by a computer. In addition, communication media typically embodies computer readable instructions, data structures, program modules or other data in a modulated data signal such as a carrier wave or other transport mechanism and includes any information delivery media as known to those skilled in the art.
Finally, it should be noted that: the above embodiments are only used to illustrate the technical solution of the present invention, and not to limit the same; while the invention has been described in detail and with reference to the foregoing embodiments, it will be understood by those skilled in the art that: the technical solutions described in the foregoing embodiments may still be modified, or some or all of the technical features may be equivalently replaced; and the modifications or the substitutions do not make the essence of the corresponding technical solutions depart from the scope of the technical solutions of the embodiments of the present invention.
Claims (23)
1. A method of constructing a building private network, the method comprising:
creating a virtual computing unit for a virtual network, distributing a virtual network identifier, and configuring the virtual network identifier to network equipment through which flow needs to pass in the virtual network; and
deploying a first network management agent in a gateway virtual computing unit of the virtual network, and deploying a second network management agent in the gateway virtual computing unit of the network management network; and/or deploying a first computing resource management agent in the gateway virtual computing unit of the virtual network, and deploying a second computing resource management agent in the gateway virtual computing unit of the network management network, so as to realize virtual network management.
2. The method of claim 1, wherein,
and allocating accounts for the administrator of the virtual network in the network management software, and allocating accounts for the administrator of the virtual network in the cloud computing management software.
3. The method of claim 1 or 2,
determining the number of the virtual computing units required by the virtual network and the configuration parameters of each virtual computing unit according to the requirements of the virtual network, and distributing a plurality of virtual computing units for the virtual network in an edge computing node according to the number and the configuration parameters; and
according to the network service requirement of the virtual network, determining the in-building network equipment through which the virtual network flow needs to pass; if the virtual computing unit is allocated, determining edge machine room network equipment through which the virtual network flow needs to pass according to the allocated virtual computing unit, and configuring the virtual network identifier to the in-building network equipment and the edge machine room network equipment.
4. The method of claim 3, wherein,
the in-building network equipment comprises in-building network switch ports and in-building convergence equipment ports, and the edge machine room network equipment comprises network switch ports, physical servers, machine room network switch ports and machine room interface equipment ports.
5. The method of claim 1 or 2,
the virtual network identification includes a vlan id and/or a vxlnid.
6. The method of claim 3, wherein,
the configuration parameters of the virtual computing unit comprise processing capacity, storage capacity and network bandwidth.
7. The method of claim 1 or 2, further comprising:
determining one or more Wi-FiSSIDs required by the virtual network and parameters of each SSID according to the service requirements of the virtual network;
determining a plurality of Wi-Fi APs through which the virtual network traffic needs to pass, and configuring the virtual network identifier to the Wi-Fi APs; and
and creating the SSID on the Wi-Fi AP and the Wi-Fi AC by using the parameter of the SSID, and binding the virtual network identifier with the SSID, so that a data message generated by the SSID carries the virtual network identifier when being sent to a network switch, and when receiving the data message carrying the virtual network identifier from the network switch, the data message is forwarded to the SSID.
8. The method of claim 7, wherein,
the parameters of the SSID comprise the name, the frequency band and the authentication method of the SSID.
9. The method of claim 1 or 2, further comprising:
according to the network service requirement of the virtual network, if the virtual network needs to be connected to a public network, a transmission path from interface equipment to broadband access equipment is searched, and the virtual network identifier is configured to an interface equipment port, each network switch port and a broadband access equipment port on the transmission path; and
and on the port of the broadband access equipment, creating a virtual outlet gateway for the virtual network, wherein the virtual outlet gateway is responsible for forwarding the traffic needing to go to the public network.
10. The method of claim 1 or 2,
the virtual network is a 5G indoor bearer network, the 5G indoor bearer network comprises one or more micro base stations, and each micro base station comprises a BBU and a plurality of pRRUs; the BBU and the pRRU communicate through an eCPRI protocol to create a virtual network for each micro base station or create a virtual network for several micro base stations,
the method further comprises the following steps:
for each pRRU, finding a network switch nearby according to the installation position of the pRRU, allocating a free port on the network switch for connecting the pRRU, and configuring the virtual network identifier to the port of the network switch;
searching a transmission path from each network switch to an in-building convergence device, and configuring the virtual network identifier to a port of each network switch and a port of the in-building convergence device on the transmission path;
creating a second network interface for the virtual compute unit, the second network interface being connectable to a mobile core network; and
and installing BBU software in the virtual computing unit.
11. The method of claim 10, wherein,
the pRRU is a standalone physical device.
12. The method of claim 10, wherein,
the pRRU and the Wi-FiAP are fused in the same physical device.
13. The method of claim 7, wherein,
the virtual network is a building infrastructure management and control network, the building infrastructure management and control network comprises two sub-networks of an automatic control network and a centralized management network, and the step of establishing the automatic control network comprises the following steps:
determining the Wi-Fi AP capable of covering the terminal/controller for each terminal/controller accessed through Wi-Fi in the self-control network, creating the SSID on the Wi-FiAP and the Wi-FiAC by using SSID parameters of the self-control network, and configuring the virtual network identifier to a port of the network switch connected with the Wi-FiAP and the Wi-FiAP;
searching a network switch nearby each self-control network through a terminal/controller accessed by a wire, distributing an idle port on the network switch for connecting the terminal/controller, and configuring the virtual network identifier to the port of the network switch; and
and determining a transmission path required for realizing full interconnection of the network switch connected with the Wi-FiAP and the network switch connected with the terminal/controller, and configuring the virtual network identifier to a port of each network switch on the transmission path.
14. The method of claim 13, wherein,
and determining a transmission path required by full interconnection according to a spanning tree algorithm.
15. The method of claim 13, wherein,
the step of creating the centrally managed network comprises:
for each automatic control network, selecting a network switch as an exit switch, selecting a port in the network switch as an exit port, configuring the virtual network identifier of the automatic control network to the exit port, and simultaneously creating a virtual exit gateway on the exit port, or connecting a router device as the exit gateway;
finding a transmission path from each of the egress gateways to a convergence device, and configuring the virtual network identifier of the centralized management network to a port of each of the network switches on the transmission path; and
deploying centralized management software of a building infrastructure in the virtual compute units.
16. The method of claim 7, wherein,
the virtual network is an enterprise information network, and the step of creating the enterprise information network comprises:
determining a Wi-Fi AP covering an enterprise according to a floor and a room where the enterprise is located, creating an SSID on the Wi-FiAP and the Wi-FiAC by using SSID parameters of the enterprise information network, configuring the virtual network identifier to a port of a network switch connected with the Wi-FiAP and the Wi-Fi AP, and binding the virtual network identifier with the SSID;
according to the quantity of the wired ports applied by the enterprise, network switches nearby the enterprise are found, the ports of the network switches are distributed to the enterprise, and the virtual network identifications are configured to the ports of the network switches;
and determining a transmission path from the network switch connected with the Wi-FiAP and the network switch for distributing ports for the enterprise to the aggregation equipment, and configuring the virtual network identifier to the port of each network switch and the port of the aggregation equipment on the transmission path.
17. The method of claim 16, wherein,
the corporate information network is not routed through in-building aggregation equipment, but rather is directly connected by the network switch within the corporate information network to interface equipment of an edge room using direct-connect optical fibers.
18. The method of claim 1 or 2, further comprising:
constructing a virtual network as a collaboration network, the steps of constructing the collaboration network comprising:
configuring one virtual computing unit for each virtual network as the gateway virtual computing unit;
configuring a third network interface for the gateway virtual computing unit, wherein the third network interface of each gateway virtual computing unit is connected to a network switch;
for the network switch connected with the third network interface, determining a transmission path required for realizing full interconnection of the network switch; and
and each virtual network provides a service API in the cooperation network through the gateway virtual computing unit.
19. The method of claim 1 or 2, further comprising:
a terminal in the virtual network sends a network management function access request to the first network management agent;
the first network management agent forwards the access request to the second network management agent through a cooperative network;
if the access request does not carry an account, the second network management agent adds the account allocated for the virtual network in the access request, and forwards the access request to the network management software;
the network management software sends a reply message to the second network management agent;
the second network management agent forwards the reply message to the first network management agent; and
and the first network management agent forwards the reply information to a terminal sending a request.
20. The method of claim 19, further comprising:
the first network management agents of the virtual networks are configured to be uniform network addresses, so that the interior of each virtual network can access the network management function through the same network address, an independent domain name resolution system is deployed for the virtual networks, and the first network management agents of the virtual networks are configured to be uniform domain names, so that the interior of each virtual network can access the network management function through the same domain name.
21. The method of claim 1 or 2, further comprising:
a terminal in the virtual network sends a computing resource management function access request to the first computing resource management agent;
the first computing resource management agent forwarding the access request to the second computing resource management agent over a collaborative network;
if the access request does not carry an account, the second computing resource management agent adds the account allocated for the virtual network in the access request, and forwards the access request to the cloud computing management software;
the cloud computing management software sends reply information back to the second computing resource management agent;
the second computing resource management agent forwarding the reply message to the first computing resource management agent; and
and the first computing resource management agent forwards the reply information to the requesting terminal.
22. The method of claim 21, further comprising:
configuring the first computing resource management agents of the virtual networks into uniform network addresses, enabling the interior of each virtual network to access computing resource management functions through the same network addresses, deploying an independent domain name resolution system for the virtual networks, configuring the first computing resource management agents of the virtual networks into uniform domain names, and enabling the interior of each virtual network to access computing resource management functions through the same domain names.
23. A private building network constructed in accordance with the method of any one of claims 1 to 22.
Priority Applications (2)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202211460294.7A CN115834293A (en) | 2022-11-17 | 2022-11-17 | Method for constructing building private network and building private network |
| PCT/CN2023/127282 WO2024104090A1 (en) | 2022-11-17 | 2023-10-27 | Method for constructing building private network, and building private network |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202211460294.7A CN115834293A (en) | 2022-11-17 | 2022-11-17 | Method for constructing building private network and building private network |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN115834293A true CN115834293A (en) | 2023-03-21 |
Family
ID=85529911
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202211460294.7A Pending CN115834293A (en) | 2022-11-17 | 2022-11-17 | Method for constructing building private network and building private network |
Country Status (2)
| Country | Link |
|---|---|
| CN (1) | CN115834293A (en) |
| WO (1) | WO2024104090A1 (en) |
Citations (12)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102694732A (en) * | 2012-05-31 | 2012-09-26 | 中国科学院计算技术研究所 | Method and system for constructing virtual network based on local virtualization |
| JP2013062775A (en) * | 2011-09-15 | 2013-04-04 | Alaxala Networks Corp | Network management system and device |
| US20140244851A1 (en) * | 2013-02-26 | 2014-08-28 | Zentera Systems, Inc. | Secure virtual network platform for enterprise hybrid cloud computing environments |
| WO2014166247A1 (en) * | 2013-04-12 | 2014-10-16 | 中兴通讯股份有限公司 | Implementation method and system for virtual network management |
| CN104521196A (en) * | 2012-06-06 | 2015-04-15 | 瞻博网络公司 | Physical path determination for virtual network packet flows |
| US20150244617A1 (en) * | 2012-06-06 | 2015-08-27 | Juniper Networks, Inc. | Physical path determination for virtual network packet flows |
| US20160191381A1 (en) * | 2013-12-19 | 2016-06-30 | International Business Machines Corporation | Virtual machine network controller |
| CN107222353A (en) * | 2017-07-11 | 2017-09-29 | 中国科学技术大学 | The unrelated software defined network virtual management platform of supported protocol |
| CN108494894A (en) * | 2018-03-27 | 2018-09-04 | 快云信息科技有限公司 | A kind of privately owned cloud cluster access system and cut-in method |
| CN110875844A (en) * | 2018-08-30 | 2020-03-10 | 丛林网络公司 | Multiple virtual network interface support for virtual execution elements |
| US20200314015A1 (en) * | 2019-03-29 | 2020-10-01 | Juniper Networks, Inc. | Configuring service load balancers with specified backend virtual networks |
| US20220278927A1 (en) * | 2021-03-01 | 2022-09-01 | Juniper Networks, Inc. | Data interfaces with isolation for containers deployed to compute nodes |
-
2022
- 2022-11-17 CN CN202211460294.7A patent/CN115834293A/en active Pending
-
2023
- 2023-10-27 WO PCT/CN2023/127282 patent/WO2024104090A1/en unknown
Patent Citations (12)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| JP2013062775A (en) * | 2011-09-15 | 2013-04-04 | Alaxala Networks Corp | Network management system and device |
| CN102694732A (en) * | 2012-05-31 | 2012-09-26 | 中国科学院计算技术研究所 | Method and system for constructing virtual network based on local virtualization |
| CN104521196A (en) * | 2012-06-06 | 2015-04-15 | 瞻博网络公司 | Physical path determination for virtual network packet flows |
| US20150244617A1 (en) * | 2012-06-06 | 2015-08-27 | Juniper Networks, Inc. | Physical path determination for virtual network packet flows |
| US20140244851A1 (en) * | 2013-02-26 | 2014-08-28 | Zentera Systems, Inc. | Secure virtual network platform for enterprise hybrid cloud computing environments |
| WO2014166247A1 (en) * | 2013-04-12 | 2014-10-16 | 中兴通讯股份有限公司 | Implementation method and system for virtual network management |
| US20160191381A1 (en) * | 2013-12-19 | 2016-06-30 | International Business Machines Corporation | Virtual machine network controller |
| CN107222353A (en) * | 2017-07-11 | 2017-09-29 | 中国科学技术大学 | The unrelated software defined network virtual management platform of supported protocol |
| CN108494894A (en) * | 2018-03-27 | 2018-09-04 | 快云信息科技有限公司 | A kind of privately owned cloud cluster access system and cut-in method |
| CN110875844A (en) * | 2018-08-30 | 2020-03-10 | 丛林网络公司 | Multiple virtual network interface support for virtual execution elements |
| US20200314015A1 (en) * | 2019-03-29 | 2020-10-01 | Juniper Networks, Inc. | Configuring service load balancers with specified backend virtual networks |
| US20220278927A1 (en) * | 2021-03-01 | 2022-09-01 | Juniper Networks, Inc. | Data interfaces with isolation for containers deployed to compute nodes |
Non-Patent Citations (3)
| Title |
|---|
| VMWARE: ""Configure VLAN for Edges"", Retrieved from the Internet <URL:"https://docs.vmware.com/en/VMware-SD-WAN/4.0/VMware-SD-WAN-by-VeloCloud-Administration-Guide/GUID-B8E879F9-E113-4113-AC5B-EC5D2CE41E84.html"> * |
| 卢小林: ""基于虚拟网络计算的网管***集成的设计与实现"", 《计算机工程》, vol. 33, no. 3, 28 February 2007 (2007-02-28) * |
| 徐济成;: "基于三层中继的多VLAN终端地址自动获取方法", 重庆科技学院学报(自然科学版), no. 05, 15 October 2018 (2018-10-15) * |
Also Published As
| Publication number | Publication date |
|---|---|
| WO2024104090A1 (en) | 2024-05-23 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US8428036B2 (en) | System and method for providing wireless local area networks as a service | |
| CN104202266B (en) | A kind of communication means, interchanger, controller and communication system | |
| CN106487695B (en) | A kind of data transmission method, virtual network managing device and data transmission system | |
| US8467355B2 (en) | System and method for providing wireless local area networks as a service | |
| JP6718966B2 (en) | Methods for establishing a roaming connection | |
| US9137198B2 (en) | Centralized configuration with dynamic distributed address management | |
| CN109923838A (en) | Bridge the elastic VPN of long-range isolated island | |
| JP2019506053A (en) | Communication system for communication in a communication network having a sub-network | |
| US8611358B2 (en) | Mobile network traffic management | |
| US20050157690A1 (en) | Wireless network cell controller | |
| CN107769939B (en) | Network element management method, network management, gateway network element and system in data communication network | |
| Soenen et al. | Demystifying network slicing: From theory to practice | |
| CN102656932A (en) | Allocating an IP subnet address in a local network comprising a plurality of devices and connected to the Internet | |
| CN100413260C (en) | Method for configurating slave node of virtual LAN | |
| CN106792821B (en) | Access control method and device based on virtual gateway | |
| Basilier et al. | Applied network slicing scenarios in 5G | |
| KR20170076064A (en) | Method, apparatus and computer program for subnetting of software defined network | |
| US20200336411A1 (en) | Management of the connection with other residential gateways of a residential gateway implementing link aggregation | |
| CN116367106B (en) | Electric power-oriented communication system integrating 5G short slices and 4G short multiplexing | |
| CN115834293A (en) | Method for constructing building private network and building private network | |
| CN112671811B (en) | Network access method and equipment | |
| WO2014084716A2 (en) | A method for creating virtual links in a wireless mesh network | |
| CN115333819A (en) | Remote network access system and communication method | |
| CN111585864A (en) | Intelligent reverse control method and system based on tunnel technology | |
| KR101786616B1 (en) | Method, apparatus and computer program for subnetting of software defined network |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination |