[go: up one dir, main page]

CN105099915A - Business path establishing method and device - Google Patents

Business path establishing method and device Download PDF

Info

Publication number
CN105099915A
CN105099915A CN201410173170.XA CN201410173170A CN105099915A CN 105099915 A CN105099915 A CN 105099915A CN 201410173170 A CN201410173170 A CN 201410173170A CN 105099915 A CN105099915 A CN 105099915A
Authority
CN
China
Prior art keywords
service
destination address
address
internet protocol
request message
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN201410173170.XA
Other languages
Chinese (zh)
Other versions
CN105099915B (en
Inventor
姚宁
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Huawei Technologies Co Ltd
Original Assignee
Huawei Technologies Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Huawei Technologies Co Ltd filed Critical Huawei Technologies Co Ltd
Priority to CN201410173170.XA priority Critical patent/CN105099915B/en
Priority to PCT/CN2014/090965 priority patent/WO2015165249A1/en
Publication of CN105099915A publication Critical patent/CN105099915A/en
Application granted granted Critical
Publication of CN105099915B publication Critical patent/CN105099915B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L12/00Data switching networks
    • H04L12/28Data switching networks characterised by path configuration, e.g. LAN [Local Area Networks] or WAN [Wide Area Networks]
    • H04L12/46Interconnection of networks

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)

Abstract

本发明提供一种建立业务路径的方法和设备,涉及通信领域,能够实现业务处理设备的灵活部署,在策略配置时仅需了解业务处理设备的网际协议地址,提高业务链的可维护性。其方法为:接收起始点设备生成的请求报文,所述请求报文包括业务路径的所有业务处理设备的网际协议地址、指示网际协议地址的指针以及流分类信息,根据所述指针指向的网际协议地址,确定待生成的虚拟专用网转发表项的入隧道目的地址和出隧道目的地址,根据所述入隧道目的地址和所述出隧道目的地址以及所述流分类信息生成所述虚拟专用网转发表项,并将指针加一,再按照加一后的指针指向的网际协议地址转发所述请求报文。本发明用于自动建立业务路径。

The invention provides a method and equipment for establishing a service path, which relate to the field of communication, can realize flexible deployment of service processing equipment, only need to know the Internet protocol address of the service processing equipment during policy configuration, and improve the maintainability of the service chain. The method is: receiving the request message generated by the starting point device, the request message includes the IP addresses of all service processing devices in the service path, the pointer indicating the IP address and the flow classification information, according to the Internet protocol address pointed to by the pointer Protocol address, determine the destination address of the tunnel entry and the destination address of the tunnel exit of the virtual private network forwarding entry to be generated, and generate the virtual private network according to the destination address of the tunnel entry, the destination address of the tunnel exit and the flow classification information The table entry is forwarded, and the pointer is incremented by one, and then the request message is forwarded according to the IP address pointed to by the incremented pointer. The invention is used for automatically establishing service paths.

Description

一种建立业务路径的方法和设备A method and device for establishing a service path

技术领域technical field

本发明涉及通信领域,尤其涉及一种建立业务路径的方法和设备。The present invention relates to the communication field, in particular to a method and equipment for establishing a service path.

背景技术Background technique

随着网络技术的发展,软件、硬件产品更加多样化,性能不断增强,用户可以按照业务需要自由的选择各种网络业务处理设备来进行业务处理。而在用户选择余地增多的同时,也引出了一些问题,诸如,如何方便的进行组网、按需增删业务处理设备、灵活地编排业务流量等。业务链(英文:Service-Chaining)是一种灵活的将若干个业务处理设备串接为业务链,并引导相关业务流量按既定顺序流过所述业务链中的业务处理设备的网络技术。通过Service-Chaining技术,可以在目前各种复杂的组网环境中灵活的定义各种复杂的业务服务逻辑和模型。With the development of network technology, software and hardware products have become more diversified and their performance has been continuously enhanced. Users can freely choose various network service processing devices for service processing according to service needs. While users have more choices, some problems have also been raised, such as how to conveniently form a network, add or delete service processing devices as needed, and flexibly arrange service traffic. Service-Chaining (English: Service-Chaining) is a network technology that flexibly connects several service processing devices into a service chain and guides related service traffic to flow through the service processing devices in the service chain in a predetermined order. Through Service-Chaining technology, various complex business service logics and models can be flexibly defined in various complex networking environments.

当前组网中一般通过策略路由技术来近似实现业务链功能。例如一台交换机上挂三台业务处理设备:防火墙、防病毒网关以及应用管控网关,由这三个设备中的若干个可有序地排列组合形成多个业务链,这里以防火墙→防病毒网关这条业务链为例,当某业务流的流量经过交换机时,交换机需要识别出该业务流并将其按照顺序依次引导至防火墙→防病毒网关进行业务处理,具体的实现方式为,通过在交换机上配置策略路由,将符合策略路由的业务流重定向到指定接口或下一跳网际协议(英文:InternetProtocol,缩写:IP)地址即可实现。In the current networking, the service chain function is generally approximated by policy routing technology. For example, three service processing devices are hung on a switch: firewall, anti-virus gateway and application management and control gateway. Several of these three devices can be arranged and combined in an orderly manner to form multiple service chains. Here, firewall → anti-virus gateway Take this service chain as an example. When the traffic of a certain service flow passes through the switch, the switch needs to identify the service flow and guide it to the firewall → anti-virus gateway for service processing in sequence. It can be realized by configuring policy routing on the Internet, and redirecting the service flow conforming to the policy routing to the specified interface or the next-hop Internet Protocol (English: Internet Protocol, abbreviation: IP) address.

通过传统的策略路由进行人工配置,虽然也可以实现业务链功能,但是显然存在一些问题和弊端,比如:策略配置复杂。用户需要很清楚的知道交换机对接了哪些业务处理设备、对接的入接口和出接口是什么、同业务处理设备互联的接口IP是什么、针对每个业务链流量要从交换机上的哪个接口去往业务处理设备,然后从哪个接口回来等问题。当业务链上的业务处理设备数量较少、业务流也较为单一时,组网策略较为简单,用户通过人工配置可以应付。一旦当业务处理设备数量增多、业务流需要细分时,组网策略复杂度成几何级数增大,用户人工配置任务量大。再比如,因为是靠策略路由机制实现的业务链功能,因此在维护上只能查看两个对接设备之间的连通性,无法查看整条业务链的连通状态,造成维护困难。Manual configuration through traditional policy routing can also realize the service chain function, but there are obviously some problems and disadvantages, such as: complex policy configuration. Users need to know clearly which service processing devices are connected to the switch, what are the inbound and outbound interfaces connected to, what is the IP address of the interface connected to the service processing device, and which interface on the switch should the traffic of each service chain go to Business processing equipment, and then which interface to come back from and other issues. When the number of service processing devices on the service chain is small and the service flow is relatively simple, the networking strategy is relatively simple, and users can handle it through manual configuration. Once the number of service processing devices increases and service flows need to be subdivided, the complexity of networking strategies increases exponentially, and the user's manual configuration tasks are heavy. For another example, because the service chain function is implemented by the policy routing mechanism, in maintenance, only the connectivity between two interconnected devices can be checked, and the connectivity status of the entire service chain cannot be checked, which makes maintenance difficult.

发明内容Contents of the invention

本发明提供一种建立业务路径的方法和设备,能够实现业务处理设备的灵活部署,在策略配置时仅需了解业务处理设备的网际协议地址,提高业务链的可维护性。The present invention provides a method and equipment for establishing a service path, which can realize flexible deployment of service processing equipment, and only need to know the Internet protocol address of the service processing equipment during policy configuration, thereby improving the maintainability of the service chain.

为达到上述目的,本发明采用如下技术方案:To achieve the above object, the present invention adopts the following technical solutions:

第一方面,提供一种建立业务路径的方法,包括:In the first aspect, a method for establishing a business path is provided, including:

接收起始点设备生成的请求报文,所述请求报文包括所述业务路径的所有业务处理设备的网际协议地址、指示所述网际协议地址的指针以及流分类信息;receiving a request message generated by the starting point device, the request message including the Internet Protocol addresses of all service processing devices in the service path, pointers indicating the Internet Protocol addresses, and flow classification information;

根据所述指针指向的网际协议地址,确定待生成的虚拟专用网转发表项的入隧道目的地址和出隧道目的地址;According to the IP address pointed to by the pointer, determine the incoming tunnel destination address and the outgoing tunnel destination address of the virtual private network forwarding entry to be generated;

根据所述入隧道目的地址和所述出隧道目的地址以及所述流分类信息生成所述虚拟专用网转发表项,并将所述指针加一,再按照加一后的指针指向的网际协议地址转发所述请求报文,以便于当所述请求报文到达终结点设备时,所述终结点设备向所述起始点设备返回表示所述业务路径建立完成的回应报文。Generate the virtual private network forwarding entry according to the destination address of the tunnel entry, the destination address of the tunnel exit, and the flow classification information, and add one to the pointer, and then follow the IP address pointed to by the pointer after adding one. Forwarding the request message, so that when the request message arrives at the termination device, the termination device returns a response message indicating that the establishment of the service path is completed to the starting point device.

结合第一方面,在第一方面的第一种可能的实现方式中,所述根据所述指针指向的网际协议地址,确定待生成的虚拟专用网转发表项的入隧道目的地址和出隧道目的地址包括:With reference to the first aspect, in the first possible implementation of the first aspect, the destination address of the tunnel entry and the destination of the tunnel exit of the virtual private network forwarding entry to be generated are determined according to the IP address pointed to by the pointer. Addresses include:

判断所述指针指向的前一个网际协议地址是否存在,若存在,则将所述前一个网际协议地址作为待生成的虚拟专用网转发表项的入隧道目的地址,所述入隧道目的地址为转发所述请求报文的上一个网际协议地址;若不存在,则确定待生成的虚拟专用网转发表项的入隧道目的地址为空;以及Judging whether the previous Internet Protocol address pointed to by the pointer exists, if it exists, then use the previous Internet Protocol address as the incoming tunnel destination address of the virtual private network forwarding table item to be generated, and the incoming tunnel destination address is forwarding The previous IP address of the request message; if it does not exist, then determine that the incoming tunnel destination address of the virtual private network forwarding entry to be generated is empty; and

判断所述指针指向的后一个网际协议地址是否存在,若存在,则将所述后一个网际协议地址作为待生成的虚拟专用网转发表项的出隧道目的地址,所述出隧道目的地址为转发所述请求报文的下一个网际协议地址;若不存在,则确定待生成的所述虚拟专用网转发表项的出隧道目的地址为空。Judging whether the last IP address pointed to by the pointer exists, if it exists, then use the latter IP address as the outgoing tunnel destination address of the virtual private network forwarding entry to be generated, and the outgoing tunnel destination address is forwarding The next IP address of the request message; if it does not exist, it is determined that the outbound tunnel destination address of the virtual private network forwarding entry to be generated is empty.

结合第一方面或第一方面的第一种可能的实现方式,在第一方面的第二种可能实现的方式中,所述请求报文还包括当前业务处理设备的状态信息和相对时间信息;With reference to the first aspect or the first possible implementation of the first aspect, in the second possible implementation of the first aspect, the request message further includes status information and relative time information of the current service processing device;

所述回应报文包括所述所有业务处理设备的状态信息,以使所述起始点设备根据所述状态信息获取所述所有业务处理设备的状态和所述业务路径的建立情况。The response message includes status information of all service processing devices, so that the starting point device obtains the status of all service processing devices and the establishment of the service path according to the status information.

结合第一方面或第一方面的第一种或第二种可能的实现方式,在第一方面的第三种可能实现的方式中,所述方法还包括:In combination with the first aspect or the first or second possible implementation manner of the first aspect, in the third possible implementation manner of the first aspect, the method further includes:

当接收到对应所述流分类信息的业务报文时,对所述业务报文进行业务处理,得到处理后的业务报文,获取所述虚拟专用网转发表项,根据所述虚拟专用网转发表项转发所述处理后的业务报文。When receiving a service message corresponding to the flow classification information, perform service processing on the service message, obtain the processed service message, obtain the VPN forwarding table item, and forward according to the VPN The published item forwards the processed service message.

结合第一方面或第一方面第一至第三种可能的实现方式中的任意一种,在第一方面的第四种可能实现的方式中,所述流分类信息包括预设的五元组分类信息;In combination with the first aspect or any one of the first to third possible implementation manners of the first aspect, in a fourth possible implementation manner of the first aspect, the flow classification information includes a preset five-tuple Classified information;

或,所述流分类信息包括分类控制访问列表号。Or, the flow classification information includes a classification control access list number.

第二方面,提供一种设备,包括:In a second aspect, a device is provided, including:

接收单元,用于接收起始点设备生成的请求报文,所述请求报文包括所述业务路径的所有业务处理设备的网际协议地址、指示所述网际协议地址的指针以及流分类信息;A receiving unit, configured to receive a request message generated by the starting point device, the request message including the Internet Protocol addresses of all service processing devices on the service path, pointers indicating the Internet Protocol addresses, and flow classification information;

确定单元,用于根据所述指针指向的网际协议地址,确定待生成的虚拟专用网转发表项的入隧道目的地址和出隧道目的地址;A determining unit, configured to determine the tunnel-entry destination address and the tunnel-out destination address of the virtual private network forwarding entry to be generated according to the IP address pointed to by the pointer;

生成单元,用于根据所述入隧道目的地址和所述出隧道目的地址以及所述流分类信息生成所述虚拟专用网转发表项;a generating unit, configured to generate the virtual private network forwarding entry according to the inbound tunnel destination address, the outbound tunnel destination address, and the flow classification information;

处理单元,用于将所述指针加一;a processing unit, configured to add one to the pointer;

发送单元,用于按照加一后的指针指向的网际协议地址转发所述请求报文,以便于当所述请求报文到达终结点设备时,所述终结点设备向所述起始点设备返回表示所述业务路径建立完成的回应报文。A sending unit, configured to forward the request message according to the IP address pointed to by the pointer after adding 1, so that when the request message arrives at the terminal device, the terminal device returns a representation to the starting point device A response message indicating that the establishment of the service path is completed.

结合第二方面,在第二方面的第一种可能的实现方式中,所述确定单元具体用于:With reference to the second aspect, in a first possible implementation manner of the second aspect, the determining unit is specifically configured to:

判断所述指针指向的前一个网际协议地址是否存在,若存在,则将所述前一个网际协议地址作为待生成的虚拟专用网转发表项的入隧道目的地址,所述入隧道目的地址为转发所述请求报文的上一个网际协议地址;若不存在,则确定待生成的虚拟专用网转发表项的入隧道目的地址为空;以及Judging whether the previous Internet Protocol address pointed to by the pointer exists, if it exists, then use the previous Internet Protocol address as the incoming tunnel destination address of the virtual private network forwarding table item to be generated, and the incoming tunnel destination address is forwarding The previous IP address of the request message; if it does not exist, then determine that the incoming tunnel destination address of the virtual private network forwarding entry to be generated is empty; and

判断所述指针指向的后一个网际协议地址是否存在,若存在,则将所述后一个网际协议地址作为待生成的虚拟专用网转发表项的出隧道目的地址,所述出隧道目的地址为转发所述请求报文的下一个网际协议地址;若不存在,则确定待生成的虚拟专用网转发表项的出隧道目的地址为空。Judging whether the last IP address pointed to by the pointer exists, if it exists, then use the latter IP address as the outgoing tunnel destination address of the virtual private network forwarding entry to be generated, and the outgoing tunnel destination address is forwarding The next IP address of the request message; if it does not exist, it is determined that the outgoing tunnel destination address of the virtual private network forwarding entry to be generated is empty.

结合第二方面或第二方面的第一种可能的实现方式,在第二方面的第二种可能实现的方式中,所述请求报文还包括当前业务处理设备的状态信息和相对时间信息;With reference to the second aspect or the first possible implementation manner of the second aspect, in the second possible implementation manner of the second aspect, the request message further includes status information and relative time information of the current service processing device;

所述回应报文包括所述所有业务处理设备的状态信息,以使所述起始点设备根据所述状态信息获取所述所有业务处理设备的状态和所述业务路径的建立情况。The response message includes status information of all service processing devices, so that the starting point device obtains the status of all service processing devices and the establishment of the service path according to the status information.

结合第二方面或第二方面的第一种或第二种可能的实现方式,在第二方面的第三种可能实现的方式中,所述处理单元还用于,当接收到对应所述流分类信息的业务报文时,对所述业务报文进行业务处理,得到处理后的业务报文;所述发送单元还用于,获取所述虚拟专用网转发表项,根据所述虚拟专用网转发表项转发所述处理后的业务报文。With reference to the second aspect or the first or second possible implementation manner of the second aspect, in a third possible implementation manner of the second aspect, the processing unit is further configured to, when receiving the corresponding stream When classifying the service message of information, perform business processing on the service message to obtain the processed service message; the sending unit is also used to obtain the forwarding entry of the virtual private network, according to the The forwarding entry forwards the processed service message.

结合第二方面或第二方面第一至第三种可能的实现方式中的任意一种,在第二方面的第四种可能实现的方式中,所述流分类信息包括预设的五元组分类信息;In combination with the second aspect or any one of the first to third possible implementations of the second aspect, in a fourth possible implementation of the second aspect, the flow classification information includes a preset quintuple Classified information;

或,所述流分类信息包括分类控制访问列表号。Or, the flow classification information includes a classification control access list number.

本发明提供一种建立业务路径的方法和设备,通过接收起始点设备生成的请求报文,请求报文包括业务路径的所有业务处理设备的网际协议地址、指示网际协议地址的指针以及流分类信息,根据指针指向的网际协议地址,确定待生成的虚拟专用网转发表项的入隧道目的地址和出隧道目的地址,根据入隧道目的地址和出隧道目的地址以及流分类信息生成虚拟专用网转发表项,并将指针加一,再按照加一后的指针指向的网际协议地址转发请求报文,以便于当请求报文到达终结点设备时,终结点设备向起始点设备返回表示业务路径建立完成的回应报文,能够实现业务处理设备的灵活部署,简化策略配置的过程,提高业务链的可维护性。The present invention provides a method and device for establishing a service path. By receiving the request message generated by the starting point device, the request message includes the Internet protocol address of all service processing devices in the service path, pointers indicating the Internet protocol address, and flow classification information. , according to the IP address pointed to by the pointer, determine the destination address of the tunnel entry and the destination address of the tunnel exit of the virtual private network forwarding table item to be generated, and generate the virtual private network forwarding table according to the destination address of the tunnel entry, the destination address of the tunnel exit and the flow classification information item, and add one to the pointer, and then forward the request message according to the IP address pointed to by the pointer after adding one, so that when the request message reaches the terminal device, the terminal device returns to the starting point device to indicate that the service path is established The response message can realize the flexible deployment of service processing equipment, simplify the process of policy configuration, and improve the maintainability of the service chain.

附图说明Description of drawings

为了更清楚地说明本发明实施例中的技术方案,下面将对实施例描述中所需要使用的附图作简单地介绍,显而易见地,下面描述中的附图仅仅是本发明的一些实施例,对于本领域普通技术人员来讲,在不付出创造性劳动的前提下,还可以根据这些附图获得其他的附图。In order to more clearly illustrate the technical solutions in the embodiments of the present invention, the drawings that need to be used in the description of the embodiments will be briefly introduced below. Obviously, the drawings in the following description are only some embodiments of the present invention. For those skilled in the art, other drawings can also be obtained based on these drawings without creative effort.

图1为本发明实施例提供的一种系统示意图;FIG. 1 is a schematic diagram of a system provided by an embodiment of the present invention;

图2为本发明实施例提供的一种建立业务路径的方法流程示意图;FIG. 2 is a schematic flowchart of a method for establishing a service path provided by an embodiment of the present invention;

图3为本发明实施例提供的一种设备结构示意图;FIG. 3 is a schematic structural diagram of a device provided by an embodiment of the present invention;

图4为本发明实施例提供的另一种设备结构示意图。Fig. 4 is a schematic structural diagram of another device provided by an embodiment of the present invention.

具体实施方式Detailed ways

下面将结合本发明实施例中的附图,对本发明实施例中的技术方案进行清楚、完整地描述,显然,所描述的实施例仅仅是本发明一部分实施例,而不是全部的实施例。基于本发明中的实施例,本领域普通技术人员在没有做出创造性劳动前提下所获得的所有其他实施例,都属于本发明保护的范围。The following will clearly and completely describe the technical solutions in the embodiments of the present invention with reference to the accompanying drawings in the embodiments of the present invention. Obviously, the described embodiments are only some, not all, embodiments of the present invention. Based on the embodiments of the present invention, all other embodiments obtained by persons of ordinary skill in the art without making creative efforts belong to the protection scope of the present invention.

Service-Chaining网络技术,可以在目前各种复杂的组网环境中灵活地定义各种复杂的业务服务逻辑和模型。一般来说,Service-Chaining可以包括如下技术术语和概念:Service-Chaining network technology can flexibly define various complex business service logic and models in various complex networking environments. Generally speaking, Service-Chaining can include the following technical terms and concepts:

业务流:包含特定业务特征的报文(例如,匹配一定字段的报文)或者匹配某些业务策略的报文(如某访问IP、端口等)的数据流。Service flow: A data flow containing packets with specific service characteristics (for example, packets matching a certain field) or packets matching certain business policies (such as a certain access IP, port, etc.).

链结点:指业务链上的业务处理设备,指独立业务处理设备,例如可以为防火墙、防病毒网关、应用管控网关等。Link point: refers to the business processing equipment on the business chain, and refers to the independent business processing equipment, such as firewall, anti-virus gateway, application management and control gateway, etc.

转发路径:指报文从源到目的进行转发的过程中经过的所有设备组成的实际路径。Forwarding path: refers to the actual path composed of all the devices that the packet passes through during the forwarding process from the source to the destination.

业务路径:指报文从源到目的进行转发的过程中必须经过的业务处理设备(链结点)组成的逻辑路径。Service path: refers to the logical path composed of service processing devices (link points) that must pass through when the message is forwarded from the source to the destination.

如图1所示,为本发明实施例提供的一种系统示意图。本发明主要在于起始点和终结点内部处理流程、处理方式的改变。图1中,起始点和终结点为逻辑结点,起始点一般由交换机、路由器等转发设备来承担,终结点一般是一条业务链中的最后一个业务处理设备。图1中的实线为一条业务流,由用户A访问服务器A的报文转发路径;虚线为Service-Chaining技术应用的虚拟专用网络(英文:VirtualPrivateNetwork,缩写:VPN)路径控制报文的转发路径,通过定义这种控制报文,并使该控制报文依次建立业务链中相邻两个业务处理设备的VPN隧道路径,同时在隧道上游业务处理设备上生成业务流重定向策略,用于后续真实业务匹配转发;点线描述了该业务流需要经过的业务处理路径,也就是Service-Chaining业务链路径,本发明实施例中的业务链就以:起始点→业务处理设备1→业务处理设备2→业务处理设备3为例进行说明。As shown in FIG. 1 , it is a schematic diagram of a system provided by an embodiment of the present invention. The present invention mainly lies in the change of the internal processing flow and processing mode of the start point and the end point. In Figure 1, the starting point and the ending point are logical nodes. The starting point is generally undertaken by forwarding devices such as switches and routers, and the ending point is generally the last service processing device in a service chain. The solid line in Fig. 1 is a service flow, and the message forwarding path of server A accessed by user A; the dotted line is the forwarding path of the virtual private network (English: VirtualPrivateNetwork, abbreviation: VPN) path control message applied by Service-Chaining technology , by defining such a control message, and making the control message sequentially establish a VPN tunnel path between two adjacent service processing devices in the service chain, and at the same time generate a service flow redirection policy on the upstream service processing device of the tunnel for subsequent Real business matching and forwarding; the dotted line describes the service processing path that the service flow needs to pass through, that is, the Service-Chaining service chain path. The service chain in the embodiment of the present invention is as follows: starting point → service processing device 1 → service processing device 2→Service processing device 3 is described as an example.

本发明实现的Service-Chaining业务链机制就是通过既定的技术手段使得业务流的转发路径能够覆盖业务路径,并按照预设的业务路径来转发和处理业务报文。The Service-Chaining mechanism realized by the present invention is to enable the forwarding path of the service flow to cover the service path through the established technical means, and to forward and process the service message according to the preset service path.

此外,由于同一个业务处理设备可能被多个业务链使用,因此,一个业务处理设备可能和多个其它业务处理设备建立隧道,本发明实施例中使用多通用路由封装(英文:multi-GenericRoutingEncapsulation,缩写:mGRE)技术,预先在起始点和各个业务处理设备上生成好mGRE类型的隧道(英文:Tunnel)接口,该接口只需要配置业务处理设备的源地址,不需要指定目的地址,来实现一个mGRE隧道接口上存在多条GRE隧道,对应多个GRE对端。In addition, since the same service processing device may be used by multiple service chains, one service processing device may establish tunnels with multiple other service processing devices. In the embodiment of the present invention, multi-generic routing encapsulation (English: multi-GenericRoutingEncapsulation, Abbreviation: mGRE) technology, the mGRE type tunnel (English: Tunnel) interface is generated in advance on the starting point and each service processing device. This interface only needs to configure the source address of the service processing device, and does not need to specify the destination address to realize a Multiple GRE tunnels exist on the mGRE tunnel interface, corresponding to multiple GRE peers.

针对上述说明中提及到的控制报文,本发明实施例提供一种特殊的报文类型,这里称为VPN路径控制报文,后续简称控制报文。控制报文的封装实现方式可以有多种,本发明实施例给出一种典型的针对三层VPN的封装方式。为了提高在交换、路由等转发设备上的穿透性,本发明实施例采用用户数据报协议(英文:UserDatagramProtocol,缩写:UDP)协议封装,将源、目的端口号都设为65001,中间设备可以通过UDP协议和端口号信息可以判断出该控制报文。其中,控制相关参数可以放在UDP的Payload载荷部分。For the control message mentioned in the above description, the embodiment of the present invention provides a special message type, which is called a VPN path control message here, and will be referred to as a control message hereinafter. There are many ways to realize the encapsulation of the control message, and the embodiment of the present invention provides a typical encapsulation mode for Layer 3 VPN. In order to improve the penetration on forwarding devices such as switching and routing, the embodiment of the present invention adopts User Datagram Protocol (English: UserDatagramProtocol, abbreviation: UDP) protocol encapsulation, and the source and destination port numbers are all set to 65001, and the intermediate device can The control packet can be determined through the UDP protocol and port number information. Among them, the control-related parameters can be placed in the Payload load part of UDP.

具体的,如表1所示,控制报文结构可以包括Type(类型)、Length(长度)、SequenceNo(序列号)以及路径控制信息等等。其中,Type即控制报文的类型,包括请求报文(请求生成报文或请求删除报文)和回应报文等。Length指整个VPNPathControlData(路径控制数据)的长度。SequenceNo指当前控制报文的序列号,每次的请求和回应报文都可以拥有相同的序列号。路径控制信息是根据控制报文类型的不同,该字段的格式不同。Specifically, as shown in Table 1, the structure of the control message may include Type (type), Length (length), SequenceNo (serial number), path control information, and so on. Wherein, Type is the type of the control message, including a request message (a request to generate a message or a request to delete a message) and a response message. Length refers to the length of the entire VPNPathControlData (path control data). SequenceNo refers to the sequence number of the current control message, and each request and response message can have the same sequence number. Path control information is based on different types of control packets, and the format of this field is different.

表1控制报文结构Table 1 Control message structure

其中,IPHeader里包含源地址和目的地址,用以指示该控制报文的源和目的;UDPHeader(UDP报文头)用于通过端口号指明该控制报文为本发明实施例所新提出的报文类型;VPNPathControlData(VPN路径控制数据)用于包括上述Type、Length以及SequenceNo等字段。Wherein, IPHeader contains source address and destination address, in order to indicate the source and purpose of this control message; Text type; VPNPathControlData (VPN path control data) is used to include the above-mentioned fields such as Type, Length, and SequenceNo.

在本发明提供的如表1所示的控制报文的结构的基础上,如表2所示,请求报文的结构可以包括:定义流分类信息的字段类型(英文:TrafficClassifierType,缩写:TCType),可以是控制访问列表(英文:AccessControlList,缩写:ACL)类型,也可以是五元组信息类型;流分类信息(英文:TrafficClassifier),可以是ACL号,也可以是五元组流分类信息;定义VPN结点的字段类型(英文:NodeType),例如可以是结点的IP地址信息;指针(英文:Pointer),指当有多个VPN结点信息时指向当前正在请求生成VPN隧道的结点信息;VPN结点信息,用于填写VPN结点的地址信息;定义状态信息的字段类型(英文:StatisticsType),可以是各个VPN结点的运行状态统计信息类型,也可以是到达每个结点的时间信息类型等;StatisticsLength(定义状态信息的字段长度);状态信息,可以是各个VPN结点的运行状态统计信息,也可以是到达每个结点的时间信息等。On the basis of the structure of the control message shown in Table 1 provided by the present invention, as shown in Table 2, the structure of the request message can include: define the field type (English: TrafficClassifierType, abbreviation: TCType) of flow classification information , which can be the control access list (English: AccessControlList, abbreviation: ACL) type, or the quintuple information type; the traffic classification information (English: TrafficClassifier), can be the ACL number, or the quintuple traffic classification information; Define the field type (English: NodeType) of the VPN node, for example, it can be the IP address information of the node; the pointer (English: Pointer) refers to the node that is currently requesting to generate a VPN tunnel when there are multiple VPN node information information; VPN node information, which is used to fill in the address information of the VPN node; the field type (English: StatisticsType) that defines the state information, which can be the type of statistical information of the running status of each VPN node, or it can be the The time information type, etc.; StatisticsLength (defining the field length of the status information); the status information can be the running status statistics information of each VPN node, or the time information of reaching each node, etc.

表2请求报文结构Table 2 Request message structure

在本发明提供的如表1所示的控制报文的结构的基础上,如表3所示,回应报文的结构可以包括:StatisticsType,定义状态信息的字段类型,可以是各个VPN结点的运行状态统计信息类型,也可以是到达每个结点的时间信息类型等;StatisticsLength,定义状态信息的字段长度;状态信息,即定义状态信息,可以是各个VPN结点的运行状态统计信息,也可以是到达每个结点的时间信息等。On the basis of the structure of the control message as shown in Table 1 provided by the present invention, as shown in Table 3, the structure of the response message can include: StatisticsType, which defines the field type of status information, can be each VPN node The type of running status statistics information can also be the type of time information arriving at each node; StatisticsLength defines the field length of the status information; status information defines the status information, which can be the running status statistics information of each VPN node, or It can be the time information of arriving at each node, etc.

表3回应报文的结构Table 3 Structure of response message

基于上述新定义的控制报文,本发明在该方法执行前,先需要进行初始配置,所述初始配置包括:Based on the above-mentioned newly defined control message, before the method is executed in the present invention, an initial configuration is first required, and the initial configuration includes:

A、在网络中选择一个起始点设备。A. Select a starting point device in the network.

具体的,所述起始点设备是由用户选择的,所述起始点设备为生成控制报文,首次发送控制报文至下一业务处理设备的设备,通常情况下,这里的起始点设备可以为交换机,例如为图1所示的交换机1。请求报文会从起始点设备出发,依次经过业务链各个业务处理设备,并以最后一个业务处理设备为终结点,每个设备发出请求报文时均需要对其源、目的IP进行修改,而回应报文则从终结点直接发往起始点。这里报文的源、目的端口号可以均为65001。请求报文需要在各个业务处理设备上进行识别和处理。请求报文每发送一次,SequenceNo都会递增。同一次控制请求过程中,请求、回应报文的SequenceNo相同。Specifically, the starting point device is selected by the user, and the starting point device is a device that generates a control message and sends the control message to the next service processing device for the first time. Usually, the starting point device here can be The switch is, for example, the switch 1 shown in FIG. 1 . The request message will start from the starting point device, pass through each business processing device in the service chain in turn, and take the last business processing device as the end point. When each device sends a request message, it needs to modify its source and destination IP, and The response message is sent directly from the termination point to the origination point. Here, the source and destination port numbers of the message may both be 65001. The request message needs to be identified and processed on each service processing device. Every time a request message is sent, SequenceNo will be incremented. During the same control request process, the SequenceNo of the request and response packets is the same.

B、在所述起始点设备上定义Service-Chaining业务链VPN路径请求报文。B. Define a Service-Chaining service chain VPN path request message on the starting point device.

具体的,用户需要制定两类主要信息。一是业务链的业务处理设备信息,二是业务流信息。Specifically, the user needs to formulate two main types of information. One is the service processing equipment information of the service chain, and the other is the service flow information.

示例性的,以控制请求生成报文为例,对于指定业务链的业务处理设备信息来说,如图1所示的系统组网图,业务处理设备相当于业务处理设备,那么业务链A就可以为:业务处理设备1→业务处理设备2→业务处理设备3,其中三个业务处理设备信息:业务处理设备1、业务处理设备2和业务处理设备3,由于起始点设备(交换机)作为一个引流点需要默认加入业务链,所以该业务链A实际变为业务链A’:起始点设备→业务处理设备1→业务处理设备2→业务处理设备3,请求报文A将会从起始点发出到业务员设备1,再到达业务处理设备2,最后到达业务处理设备3,因此,用户需要显式的指定出业务链的业务处理设备的IP地址信息。这样,起始点设备在生成请求报文时,会将业务链A’中各个业务处理设备的IP地址依次填入请求报文A的VPN结点信息字段,初始将Pointer指针置为1、报文源和目的IP置为起始点IP,表示当前为初始生成的请求报文。Exemplarily, taking the control request to generate a message as an example, for the service processing device information of the specified service chain, as shown in the system networking diagram in Figure 1, the service processing device is equivalent to the service processing device, then the service chain A is It can be: business processing device 1 → business processing device 2 → business processing device 3, where the information of three business processing devices: business processing device 1, business processing device 2 and business processing device 3, since the starting point device (switch) as a The drainage point needs to join the business chain by default, so the business chain A actually becomes the business chain A': starting point device → business processing device 1 → business processing device 2 → business processing device 3, and the request message A will be sent from the starting point To the salesman device 1, then to the service processing device 2, and finally to the service processing device 3, therefore, the user needs to explicitly specify the IP address information of the service processing device of the service chain. In this way, when the starting point device generates a request message, it will fill in the IP addresses of each service processing device in the service chain A' in the VPN node information field of the request message A in turn, and initially set the Pointer pointer to 1, and the message The source and destination IP are set as the starting point IP, indicating that the current request packet is initially generated.

定义业务流信息,即定义出后续哪些业务流量来使用这次生成的VPN路径进行转发。这里业务流定义的方式可以有多种,典型的有如下几种:Define service flow information, that is, define which subsequent service flows will be forwarded using the VPN path generated this time. There are many ways to define the business flow here, and the typical ones are as follows:

a)用户可以预先在所述请求报文的TrafficClassifier流分类信息字段里携带具体的五元组流分类信息。这里的五元组流分类信息可以为源IP地址,源端口,目的IP地址,目的端口,和传输层协议号这五个量组成的一个集合。a) The user may carry specific five-tuple traffic classification information in the TrafficClassifier traffic classification information field of the request message in advance. The five-tuple flow classification information here may be a set of five quantities consisting of source IP address, source port, destination IP address, destination port, and transport layer protocol number.

b)可以在所述请求报文中携带流分类ACL号,当生成VPN隧道成功时再从策略服务器上请求该ACL的具体规则策略。b) The traffic classification ACL number may be carried in the request message, and the specific rules and policies of the ACL are requested from the policy server when the VPN tunnel is successfully generated.

c)所述请求报文中携带流分类ACL号,具体规则策略预先在各个业务处理设备上生成好。c) The request message carries the flow classification ACL number, and the specific rules and policies are pre-generated on each service processing device.

本发明实施例以方式c进行阐述。举例来说,在各个业务处理设备上的典型策略配置的具体实现方式可以为:The embodiment of the present invention is described in manner c. For example, the specific implementation of typical policy configuration on each service processing device can be as follows:

1)首先在起始点设备、业务处理设备1、业务处理设备2和业务处理设备3上预先定义控制访问列表号ACL为9000:1) First, pre-define the control access list number ACL as 9000 on the starting point device, service processing device 1, service processing device 2 and service processing device 3:

acl9000//定义了源地址段172.168.0.0到目的地址段10.1.0.0的流量acl9000//Defines the traffic from the source address segment 172.168.0.0 to the destination address segment 10.1.0.0

rulepermitipsource172.168.0.0.0.0.255.255destination10.1.0.0.0.0.255.255rulepermitipsource172.168.0.0.0.0.255.255destination10.1.0.0.0.0.255.255

2)而后在起始点设备上配置VPN路径生成请求:生成业务链A’(起始点设备→业务处理设备1→业务处理设备2→业务处理设备3)描述的VPN路径,并将符合ACL9000定义的业务流引导至该VPN路径进行转发,具体命令行策略举例如下:2) Then configure the VPN path generation request on the starting point device: generate the VPN path described by the service chain A' (starting point device → business processing device 1 → business processing device 2 → business processing device 3), and will conform to the ACL9000 defined The service flow is guided to the VPN path for forwarding. The specific command line strategy is as follows:

service-chainingVPN-pathcreateacl9000vpn-nodeipIP起始点IP1IP2IP3service-chainingVPN-pathcreateacl9000vpn-nodeipIP start point IP1IP2IP3

其中,IP1,IP2以及IP3分别为业务处理设备1、2以及3的IP地址。Wherein, IP1, IP2 and IP3 are IP addresses of service processing devices 1, 2 and 3 respectively.

这样,在用户选择了起始点设备,并在起始点设备上定义了Service-Chaining业务VPN路径请求报文后,当起始点设备在获得了开始运行指令后,就会根据上述定义生成请求报文,按照目的IP地址转发请求报文至相应的业务处理设备上,中间设备仅作透传,这里的中间设备例如可以为图1所示的交换机2和交换机3。如图2所示,具体的处理步骤如下:In this way, after the user selects the starting point device and defines the Service-Chaining service VPN path request message on the starting point device, when the starting point device obtains the start operation command, it will generate the request message according to the above definition , forward the request message to the corresponding service processing device according to the destination IP address, and the intermediate device only performs transparent transmission. The intermediate devices here can be, for example, the switch 2 and the switch 3 shown in FIG. 1 . As shown in Figure 2, the specific processing steps are as follows:

101、业务处理设备接收所述起始点设备生成的请求报文,所述请求报文包括业务路径的所有业务处理设备的网际协议地址、指示网际协议地址的指针以及流分类信息。101. The service processing device receives a request message generated by the starting point device, where the request message includes Internet Protocol addresses of all service processing devices on a service path, pointers indicating Internet Protocol addresses, and flow classification information.

这里的业务处理设备可以为图1所示图中业务处理设备1、业务处理设备2或者业务处理设备3中的其中一个。所述请求报文的格式如表2所示,其中携带用户预设的业务路径的所有业务处理设备的IP地址、Pointer指针以及需要通过所述业务路径的流分类信息。The service processing device here may be one of the service processing device 1 , the service processing device 2 or the service processing device 3 shown in FIG. 1 . The format of the request message is shown in Table 2, which carries the IP addresses of all service processing devices of the service path preset by the user, Pointer pointers, and flow classification information that needs to pass through the service path.

102、业务处理设备根据所述指针指向的网际协议地址,确定待生成的虚拟专用网转发表项的入隧道目的地址和出隧道目的地址。102. The service processing device determines an in-tunnel destination address and an out-tunnel destination address of the virtual private network forwarding entry to be generated according to the IP address pointed to by the pointer.

具体的,当业务处理设备在接收到所述请求报文时,首先判断所述请求报文的指针指向的前一个IP地址是否存在,若存在,则将前一个IP地址作为待生成的VPN转发表项的入隧道目的地址,即所述入隧道目的地址为转发所述请求报文的上一个IP地址,若不存在,则当前的业务处理设备确定待生成的VPN转发表项的入隧道目的地址为空,即当前的业务处理设备为所述起始点设备。而后,判断所述请求报文的指针指向的后一个IP地址是否存在,若存在,则将后一个IP地址作为VPN转发表项的出隧道目的地址,所述出隧道目的地址为转发所述请求报文的下一个IP地址,若不存在,则确定待生成的VPN转发表项的出隧道目的地址为空,也就是当前业务处理设备为转发所述请求报文的终结点设备。Specifically, when the service processing device receives the request message, it first judges whether the previous IP address pointed to by the pointer of the request message exists, and if it exists, the previous IP address is used as the VPN transfer address to be generated. The entry tunnel destination address of the entry, that is, the entry tunnel destination address is the last IP address forwarding the request message, if it does not exist, the current service processing device determines the entry tunnel destination of the VPN forwarding entry to be generated The address is empty, that is, the current service processing device is the starting point device. Then, judge whether the last IP address pointed to by the pointer of the request message exists, if there is, then use the latter IP address as the outgoing tunnel destination address of the VPN forwarding entry, and the outgoing tunnel destination address is to forward the request If the next IP address of the message does not exist, it is determined that the outbound tunnel destination address of the VPN forwarding entry to be generated is empty, that is, the current service processing device is the termination device for forwarding the request message.

103、业务处理设备根据所述入隧道目的地址和所述出隧道目的地址以及流分类信息生成所述虚拟专用网转发表项,并将所述指针加一,再按照加一后的指针指向的网际协议地址转发所述请求报文。103. The service processing device generates the virtual private network forwarding entry according to the destination address of the inbound tunnel, the destination address of the outbound tunnel, and the flow classification information, and adds one to the pointer, and then points to the pointer according to the added one. The IP address forwards the request packet.

具体的,在步骤103确定了所述VPN转发表项的入隧道目的地址和出隧道目的地址后,再将所述入隧道目的地址和所述出隧道目的地址与请求报文中的流分类信息关联生成所述虚拟转发表项,并将各个设备的转发表项保存在各自的本地。例如对于所述起始点设备来说,所述起始点设备的转发表项的内容为:流分类:ACL9000;入隧道不限制;入隧道目的地址不限制;出隧道例如可以为Tunnel1.1;出隧道目的地址:IP1,也就是说所述起始点设备可以将符合ACL9000的流量重定向到隧道接口Tunnel1.1。这样进行类推,所述起始点设备和各个业务处理设备的转发表项可以汇总为如表4所示。Specifically, after determining the tunnel entry destination address and the tunnel exit destination address of the VPN forwarding entry in step 103, the tunnel entry destination address and the tunnel exit destination address are combined with the flow classification information in the request message The association generates the virtual forwarding entries, and saves the forwarding entries of each device locally. For example, for the starting point device, the content of the forwarding table entry of the starting point device is: flow classification: ACL9000; the incoming tunnel is not limited; the incoming tunnel destination address is not limited; the outgoing tunnel can be Tunnel1.1, for example; Tunnel destination address: IP1, that is to say, the starting point device can redirect the traffic conforming to ACL9000 to the tunnel interface Tunnel1.1. By analogy in this way, the forwarding entries of the starting point device and each service processing device can be summarized as shown in Table 4.

表4VPN转发表项Table 4VPN forwarding entry

需要说明的是,转发表项中的入隧道和出隧道为两个逻辑上的隧道口,实际上在每一个设备中只有一个隧道口,各个设备的隧道为独立隧道,用于接收和发送报文。It should be noted that the ingress tunnel and the egress tunnel in the forwarding entry are two logical tunnel ports. In fact, there is only one tunnel port in each device, and the tunnels of each device are independent tunnels for receiving and sending packets. arts.

在请求报文的转发过程中,如果需要回显业务处理设备的状态,还可以在请求报文中填充当前业务处理设备的状态信息,相对时间信息等等。这里的状态信息例如可以包括连通性、延时、中间设备利用率等问题。During the forwarding process of the request message, if the status of the service processing device needs to be echoed, the request message can also be filled with the status information of the current service processing device, relative time information, and the like. The status information here may include, for example, issues such as connectivity, delay, and utilization rate of intermediate devices.

104、当所述请求报文到达终结点设备时,所述终结点设备向所述起始点设备返回表示所述业务路径建立完成的回应报文。104. When the request message arrives at the termination device, the termination device returns a response message indicating that the establishment of the service path is completed to the start point device.

具体的,当业务处理设备根据接收到的所述请求报文中的指针指向的后一个IP地址不存在时,该业务处理设备获知自身设备为终结点设备,终结该请求报文,将所述请求报文中的状态信息字段剥离出来,填充到表示业务路径建立完成的回应报文中,然后直接向所述起始点设备发送所述回应报文,所述起始点设备在接收到所述回应报文后,即可对该次VPN生成过程中的各个链结点的状态和业务链生成情况进行展示。当然,这里的状态信息是各个业务处理设备的状态信息的叠加。由此,业务路径就自动建立成功。Specifically, when the next IP address pointed to by the pointer in the received request message does not exist, the service processing device learns that its own device is a terminal device, terminates the request message, and transfers the The status information field in the request message is stripped out, filled into the response message indicating that the service path is established, and then directly sends the response message to the starting point device, and the starting point device receives the response message After receiving the message, the status of each link node and the generation of the service chain in the VPN generation process can be displayed. Of course, the state information here is the superposition of the state information of each service processing device. Thus, the service path is automatically established successfully.

当对应流分类信息的业务报文到达起始点设备时,所述起始点设备获取表4中的起始点设备的VPN转发表项,即可使所述业务报文依次通过VPN隧道抵达各个业务处理设备,从而完成全部业务处理。When the service message corresponding to the flow classification information arrives at the starting point device, the starting point device obtains the VPN forwarding entry of the starting point device in Table 4, so that the service message can reach each service processing through the VPN tunnel in turn equipment to complete all business processing.

当业务处理设备接收到对应所述流分类信息的业务报文时,所述业务处理设备对所述业务报文进行业务处理,得到处理后的业务报文,获取所述虚拟专用网转发表项,根据所述虚拟专用网转发表项转发所述处理后的业务报文。When the service processing device receives the service message corresponding to the flow classification information, the service processing device performs service processing on the service message, obtains the processed service message, and obtains the virtual private network forwarding entry , forwarding the processed service packet according to the virtual private network forwarding entry.

本发明实施例可以实现一种自动建立业务链的业务路径方法,通过新制定的VPN路径控制报文,对引流点和业务链上的各个业务处理设备,依次建立引流点→业务处理设备1,业务处理设备1→业务处理设备2,……,业务处理设备N-1→业务处理设备N的两两VPN隧道路径,在每个隧道的上游节点建立引流策略,将指定业务流引导至VPN隧道中转发至下游结点,从而实现Service-Chaining业务链的功能。该机制通过控制报文来自动建立VPN业务路径,因此能够实现业务处理设备的灵活部署,不限制必须连接到一个引流点设备上,且无需用户进行繁琐的策略配置。此外,该机制可选择在回应控制报文里携带生成控制报文的业务链结点的相关状态信息,从而可向用户展示当前业务路径上的连通性、延时等一系列信息,极大地简化了维护工作。The embodiment of the present invention can implement a service path method for automatically establishing a service chain, through the newly formulated VPN path control message, for the flow point and each service processing device on the service chain, the flow point→service processing device 1 is sequentially established, Business processing device 1 → business processing device 2, ..., business processing device N-1 → business processing device N's two-two VPN tunnel path, establish a traffic diversion strategy at the upstream node of each tunnel, and direct the specified business flow to the VPN tunnel It is forwarded to the downstream node, so as to realize the function of Service-Chaining business chain. This mechanism automatically establishes a VPN service path through control packets, so it can realize flexible deployment of service processing equipment, does not limit the connection to a diversion point device, and does not require users to perform cumbersome policy configuration. In addition, this mechanism can choose to carry the relevant status information of the service link point that generated the control message in the response control message, so that it can display a series of information such as connectivity and delay on the current service path to the user, greatly simplifying the maintenance work.

本发明实施例提供一种设备01,如图3所示,包括:An embodiment of the present invention provides a device 01, as shown in FIG. 3 , including:

接收单元011,用于接收起始点设备生成的请求报文,所述请求报文包括业务路径的所有业务处理设备的网际协议地址、指示网际协议地址的指针以及流分类信息。The receiving unit 011 is configured to receive the request message generated by the starting point device, the request message includes the Internet Protocol addresses of all service processing devices in the service path, pointers indicating the Internet Protocol addresses, and flow classification information.

确定单元012,用于根据指针指向的网际协议地址,确定待生成的虚拟专用网转发表项的入隧道目的地址和出隧道目的地址。The determining unit 012 is configured to determine the tunnel-entry destination address and the tunnel-out destination address of the virtual private network forwarding entry to be generated according to the IP address pointed to by the pointer.

生成单元013,用于根据所述入隧道目的地址和所述出隧道目的地址以及流分类信息生成所述虚拟专用网转发表项。A generating unit 013, configured to generate the virtual private network forwarding entry according to the inbound tunnel destination address, the outbound tunnel destination address, and flow classification information.

处理单元014,用于将所述指针加一。The processing unit 014 is configured to add one to the pointer.

发送单元015,用于按照加一后的指针指向的网际协议地址转发所述请求报文,以便于当所述请求报文到达终结点设备时,所述终结点设备向所述起始点设备返回表示所述业务路径建立完成的回应报文。The sending unit 015 is configured to forward the request message according to the IP address pointed to by the added pointer, so that when the request message reaches the terminal device, the terminal device returns to the starting point device A response message indicating that the establishment of the service path is completed.

可选的,确定单元012可以具体用于:Optionally, the determining unit 012 may be specifically used for:

判断所述指针指向的前一个网际协议地址是否存在,若存在,则将所述前一个网际协议地址作为待生成的虚拟专用网转发表项的入隧道目的地址,所述入隧道目的地址为转发所述请求报文的上一个网际协议地址;若不存在,则确定待生成的虚拟专用网转发表项的入隧道目的地址为空;Judging whether the previous Internet Protocol address pointed to by the pointer exists, if it exists, then use the previous Internet Protocol address as the incoming tunnel destination address of the virtual private network forwarding table item to be generated, and the incoming tunnel destination address is forwarding The last IP address of the request message; if it does not exist, it is determined that the incoming tunnel destination address of the virtual private network forwarding entry to be generated is empty;

判断所述指针指向的后一个网际协议地址是否存在,若存在,则将所述后一个网际协议地址作为待生成的虚拟专用网转发表项的出隧道目的地址,所述出隧道目的地址为转发请求报文的下一个网际协议地址;若不存在,则确定待生成的虚拟专用网转发表项的出隧道目的地址为空。Judging whether the last IP address pointed to by the pointer exists, if it exists, then use the latter IP address as the outgoing tunnel destination address of the virtual private network forwarding entry to be generated, and the outgoing tunnel destination address is forwarding The next IP address of the request message; if it does not exist, it is determined that the outgoing tunnel destination address of the virtual private network forwarding entry to be generated is empty.

可选的,所述请求报文还可以包括当前业务处理设备的状态信息和相对时间信息;Optionally, the request message may also include status information and relative time information of the current service processing device;

所述回应报文包括所有业务处理设备的状态信息,以使所述起始点设备根据所述状态信息获取所有业务处理设备的状态和所述业务路径的建立情况。The response message includes status information of all service processing devices, so that the starting point device obtains the status of all service processing devices and the establishment of the service path according to the status information.

可选的,所述处理单元014还用于,当接收到对应所述流分类信息的业务报文时,对所述业务报文进行业务处理,得到处理后的业务报文;所述发送单元015还用于,获取所述虚拟专用网转发表项,根据所述虚拟专用网转发表项转发所述处理后的业务报文。Optionally, the processing unit 014 is further configured to, when receiving a service message corresponding to the flow classification information, perform service processing on the service message to obtain a processed service message; the sending unit 015 is also used to obtain the virtual private network forwarding entry, and forward the processed service message according to the virtual private network forwarding entry.

可选的,流分类信息可以包括预设的五元组分类信息;Optionally, the flow classification information may include preset five-tuple classification information;

或,流分类信息可以包括分类控制访问列表号。Alternatively, the flow classification information may include a classification control access list number.

本发明实施例提供一种设备,通过接收起始点设备生成的请求报文,请求报文包括业务路径的所有业务处理设备的网际协议地址、指示网际协议地址的指针以及流分类信息,根据指针指向的网际协议地址,确定待生成的虚拟专用网转发表项的入隧道目的地址和出隧道目的地址,根据入隧道目的地址和出隧道目的地址以及流分类信息生成虚拟专用网转发表项,并将指针加一,再按照加一后的指针指向的网际协议地址转发请求报文,以便于当请求报文到达终结点设备时,终结点设备向起始点设备返回表示业务路径建立完成的回应报文,能够实现业务处理设备的灵活部署,简化策略配置的过程,提高业务链的可维护性。An embodiment of the present invention provides a device. By receiving the request message generated by the starting point device, the request message includes the Internet protocol address of all service processing devices in the service path, pointers indicating the Internet protocol address, and flow classification information. The IP address of the Internet protocol, determine the destination address of the tunnel entry and the destination address of the tunnel exit of the virtual private network forwarding table entry to be generated, generate the virtual private network forwarding table entry according to the destination address of the tunnel entry, the destination address of the tunnel exit and the flow classification information, and send Add one to the pointer, and then forward the request message according to the IP address pointed to by the pointer after adding one, so that when the request message reaches the terminal device, the terminal device returns a response message indicating that the service path is established to the starting point device , which can realize flexible deployment of service processing equipment, simplify the process of policy configuration, and improve the maintainability of service chains.

本发明实施例提供一种设备02,如图4所示,该设备02包括:总线021、处理器022、发射器023、接收器024以及存储器025,其中,该存储器025用于存储指令和数据。所述发射器023以及接收器用于与外部设备进行通信。接收器024用于接收起始点设备生成的请求报文,所述请求报文包括业务路径的所有业务处理设备的网际协议地址、指示网际协议地址的指针以及流分类信息。处理器022用于调用该指令以实现:根据所述指针指向的网际协议地址,确定待生成的虚拟专用网转发表项的入隧道目的地址和出隧道目的地址;根据所述入隧道目的地址和所述出隧道目的地址以及流分类信息确定所述虚拟专用网转发表项,并将指针加一。发射器023用于按照加一后的指针指向的网际协议地址转发所述请求报文,以便于当所述请求报文到达终结点设备时,所述终结点设备向所述起始点设备返回表示所述业务路径建立完成的回应报文。An embodiment of the present invention provides a device 02. As shown in FIG. 4, the device 02 includes: a bus 021, a processor 022, a transmitter 023, a receiver 024, and a memory 025, wherein the memory 025 is used to store instructions and data . The transmitter 023 and the receiver are used for communicating with external devices. The receiver 024 is configured to receive a request message generated by the starting point device, and the request message includes IP addresses of all service processing devices in the service path, pointers indicating Internet protocol addresses, and flow classification information. The processor 022 is used to call this instruction to realize: according to the IP address pointed to by the pointer, determine the tunnel entry destination address and the tunnel destination address of the virtual private network forwarding entry to be generated; according to the tunnel entry destination address and The outbound tunnel destination address and flow classification information determine the virtual private network forwarding entry, and add one to the pointer. The transmitter 023 is configured to forward the request message according to the IP address pointed to by the pointer after adding 1, so that when the request message arrives at the terminal device, the terminal device returns a representation to the starting point device A response message indicating that the service path is established.

在本发明实施例中,可选的,所述根据所述指针指向的网际协议地址,确定待生成的虚拟专用网转发表项的入隧道目的地址和出隧道目的地址具体用于:In the embodiment of the present invention, optionally, according to the IP address pointed to by the pointer, determining the tunnel entry destination address and the tunnel exit destination address of the virtual private network forwarding entry to be generated is specifically used for:

判断所述指针指向的前一个网际协议地址是否存在,若存在,则将所述前一个网际协议地址作为待生成的虚拟专用网转发表项的入隧道目的地址,所述入隧道目的地址为转发所述请求报文的上一个网际协议地址;若不存在,则确定待生成的虚拟专用网转发表项的入隧道目的地址为空;以及Judging whether the previous Internet Protocol address pointed to by the pointer exists, if it exists, then use the previous Internet Protocol address as the incoming tunnel destination address of the virtual private network forwarding table item to be generated, and the incoming tunnel destination address is forwarding The previous IP address of the request message; if it does not exist, then determine that the incoming tunnel destination address of the virtual private network forwarding entry to be generated is empty; and

判断所述指针指向的后一个网际协议地址是否存在,若存在,则将所述后一个网际协议地址作为待生成的虚拟专用网转发表项的出隧道目的地址,所述出隧道目的地址为转发所述请求报文的下一个网际协议地址;若不存在,则确定待生成的虚拟专用网转发表项的出隧道目的地址为空。Judging whether the last IP address pointed to by the pointer exists, if it exists, then use the latter IP address as the outgoing tunnel destination address of the virtual private network forwarding entry to be generated, and the outgoing tunnel destination address is forwarding The next IP address of the request message; if it does not exist, it is determined that the outgoing tunnel destination address of the virtual private network forwarding entry to be generated is empty.

在本发明实施例中,可选的,所述请求报文还包括当前业务处理设备的状态信息和相对时间信息;In this embodiment of the present invention, optionally, the request message further includes status information and relative time information of the current service processing device;

所述回应报文包括所有业务处理设备的状态信息,以使所述起始点设备根据所述状态信息获取所有业务处理设备的状态和业务路径的建立情况。The response message includes status information of all service processing devices, so that the starting point device obtains the status of all service processing devices and establishment of service paths according to the status information.

在本发明实施例中,处理器022用于调用该指令以实现:当接收到对应所述流分类信息的业务报文时,对所述业务报文进行业务处理,得到处理后的业务报文;In the embodiment of the present invention, the processor 022 is used to call the instruction to realize: when receiving the service message corresponding to the flow classification information, perform service processing on the service message to obtain the processed service message ;

所述发射器023还用于,获取所述虚拟专用网转发表项,根据所述虚拟专用网转发表项转发所述处理后的业务报文。The transmitter 023 is further configured to acquire the VPN forwarding entry, and forward the processed service message according to the VPN forwarding entry.

在本发明实施例中,可选的,流分类信息包括预设的五元组分类信息;In this embodiment of the present invention, optionally, the flow classification information includes preset five-tuple classification information;

或,流分类信息包括分类控制访问列表号。Alternatively, the flow classification information includes a classification control access list number.

本发明实施例提供一种设备,通过接收起始点设备生成的请求报文,请求报文包括业务路径的所有业务处理设备的网际协议地址、指示网际协议地址的指针以及流分类信息,根据指针指向的网际协议地址,确定待生成的虚拟专用网转发表项的入隧道目的地址和出隧道目的地址,根据入隧道目的地址和出隧道目的地址以及流分类信息确定虚拟专用网转发表项,并将指针加一,再按照加一后的指针指向的网际协议地址转发请求报文,以便于当请求报文到达终结点设备时,使得终结点设备向起始点设备返回表示业务路径建立完成的回应报文,能够实现业务处理设备的灵活部署,简化策略配置的过程,提高业务链的可维护性。An embodiment of the present invention provides a device. By receiving the request message generated by the starting point device, the request message includes the Internet protocol address of all service processing devices in the service path, pointers indicating the Internet protocol address, and flow classification information. The IP address of the Internet protocol, determine the destination address of the incoming tunnel and the outgoing tunnel destination address of the virtual private network forwarding table entry to be generated, determine the virtual private network forwarding table entry according to the incoming tunnel destination address, the outgoing tunnel destination address and the flow classification information, and Increment the pointer by one, and then forward the request message according to the IP address pointed to by the pointer after adding one, so that when the request message arrives at the terminal device, the terminal device returns a response message indicating that the service path is established to the starting point device This can realize flexible deployment of service processing equipment, simplify the process of policy configuration, and improve the maintainability of service chains.

在本申请所提供的几个实施例中,应该理解到,所揭露的系统,设备和方法,可以通过其它的方式实现。例如,以上所描述的设备实施例仅仅是示意性的,例如,所述单元的划分,仅仅为一种逻辑功能划分,实际实现时可以有另外的划分方式,例如多个单元或组件可以结合或者可以集成到另一个系统,或一些特征可以忽略,或不执行。另一点,所显示或讨论的相互之间的耦合或直接耦合或通信连接可以是通过一些接口,装置或单元的间接耦合或通信连接,可以是电性,机械或其它的形式。In the several embodiments provided in this application, it should be understood that the disclosed system, device and method can be implemented in other ways. For example, the device embodiments described above are only illustrative. For example, the division of the units is only a logical function division. In actual implementation, there may be other division methods. For example, multiple units or components can be combined or May be integrated into another system, or some features may be ignored, or not implemented. In another point, the mutual coupling or direct coupling or communication connection shown or discussed may be through some interfaces, and the indirect coupling or communication connection of devices or units may be in electrical, mechanical or other forms.

另外,在本发明各个实施例中的设备和系统中,各功能单元可以集成在一个处理单元中,也可以是各个单元单独物理包括,也可以两个或两个以上单元集成在一个单元中。且上述的各单元既可以采用硬件的形式实现,也可以采用硬件加软件功能单元的形式实现。In addition, in the devices and systems in various embodiments of the present invention, each functional unit may be integrated into one processing unit, each unit may be physically included separately, or two or more units may be integrated into one unit. Moreover, each of the above-mentioned units can be implemented in the form of hardware, or can be implemented in the form of hardware plus software functional units.

实现上述方法实施例的全部或部分步骤可以通过程序指令相关的硬件来完成,前述的程序可以存储于一计算机可读取存储介质中,该程序在执行时,执行包括上述方法实施例的步骤;而前述的存储介质包括:U盘、移动硬盘、只读存储器(英文:ReadOnlyMemory,缩写:ROM)、随机存取存储器(英文:RandomAccessMemory,缩写:RAM)、磁碟或者光盘等各种可以存储程序代码的介质。All or part of the steps for realizing the above-mentioned method embodiments can be completed by hardware related to program instructions, and the aforementioned program can be stored in a computer-readable storage medium, and when the program is executed, the steps including the above-mentioned method embodiments are executed; The aforementioned storage media include: U disk, mobile hard disk, read-only memory (English: ReadOnlyMemory, abbreviated: ROM), random access memory (English: RandomAccessMemory, abbreviated: RAM), magnetic disk or optical disc, etc. The medium of the code.

以上所述,仅为本发明的具体实施方式,但本发明的保护范围并不局限于此,任何熟悉本技术领域的技术人员在本发明揭露的技术范围内,可轻易想到变化或替换,都应涵盖在本发明的保护范围之内。因此,本发明的保护范围应以所述权利要求的保护范围为准。The above is only a specific embodiment of the present invention, but the scope of protection of the present invention is not limited thereto. Anyone skilled in the art can easily think of changes or substitutions within the technical scope disclosed in the present invention. Should be covered within the protection scope of the present invention. Therefore, the protection scope of the present invention should be determined by the protection scope of the claims.

Claims (10)

1. set up a method for service path, it is characterized in that, comprising:
Receive the request message that starting point equipment generates, described request message comprises the internet protocol address of all service processing equipments of described service path, the pointer indicating described internet protocol address and traffic classification information;
According to the internet protocol address of described pointed, determine entering tunnel destination address and going out tunnel destination address of forwarding table term of virtual private network to be generated;
According to described enter tunnel destination address and described go out tunnel destination address and described traffic classification information generate described forwarding table term of virtual private network, and described pointer is added one, described request message is forwarded again according to the internet protocol address adding the pointed after, so that after described request message arrives destination node equipment, described destination node equipment returns the back message representing that described service path has been set up to described starting point equipment.
2. method according to claim 1, is characterized in that, the described internet protocol address according to described pointed, determines entering tunnel destination address and going out tunnel destination address and comprise of forwarding table term of virtual private network to be generated:
Judge whether the previous internet protocol address of described pointed exists, if exist, then described previous internet protocol address is entered tunnel destination address as forwarding table term of virtual private network to be generated, described in enter tunnel destination address be the upper internet protocol address forwarding described request message; If do not exist, then that determines forwarding table term of virtual private network to be generated enters tunnel destination address for empty; And
Judge whether a rear internet protocol address of described pointed exists, if exist, then a described rear internet protocol address is gone out tunnel destination address as forwarding table term of virtual private network to be generated, described in go out tunnel destination address be the next internet protocol address forwarding described request message; If do not exist, then that determines forwarding table term of virtual private network to be generated goes out tunnel destination address for empty.
3. method according to claim 1 and 2, is characterized in that,
Described request message also comprises state information and the relative time information of current business treatment facility;
Described back message comprises the state information of described all service processing equipments, sets up situation with what make the state of described starting point equipment all service processing equipments according to described state information acquisition and described service path.
4. the method according to any one of claims 1 to 3, is characterized in that, described method also comprises:
When receiving the service message of corresponding described traffic classification information, Business Processing is carried out to described service message, obtain the service message after processing, obtain described forwarding table term of virtual private network, forward the service message after described process according to described forwarding table term of virtual private network.
5. the method according to any one of Claims 1-4, is characterized in that, described traffic classification information comprises default five-tuple classified information;
Or described traffic classification information comprises the list number of classification access control.
6. an equipment, is characterized in that, comprising:
Receiving element, for receiving the request message that starting point equipment generates, described request message comprises the internet protocol address of all service processing equipments of service path, the pointer indicating described internet protocol address and traffic classification information;
Determining unit, for the internet protocol address according to described pointed, determines entering tunnel destination address and going out tunnel destination address of forwarding table term of virtual private network to be generated;
Generation unit, for enter described in basis tunnel destination address and described go out tunnel destination address and described traffic classification information generate described forwarding table term of virtual private network;
Processing unit, for adding one by described pointer;
Transmitting element, for forwarding described request message according to the internet protocol address adding the pointed after, so that when described request message arrives destination node equipment, described destination node equipment returns the back message representing that described service path has been set up to described starting point equipment.
7. equipment according to claim 6, is characterized in that, described determining unit specifically for:
Judge whether the previous internet protocol address of described pointed exists, if exist, then described previous internet protocol address is entered tunnel destination address as forwarding table term of virtual private network to be generated, described in enter tunnel destination address be the upper internet protocol address forwarding described request message; If do not exist, then that determines forwarding table term of virtual private network to be generated enters tunnel destination address for empty; And
Judge whether a rear internet protocol address of described pointed exists, if exist, then a described rear internet protocol address is gone out tunnel destination address as forwarding table term of virtual private network to be generated, described in go out tunnel destination address be the next internet protocol address forwarding described request message; If do not exist, then that determines forwarding table term of virtual private network to be generated goes out tunnel destination address for empty.
8. the equipment according to claim 6 or 7, is characterized in that,
Described request message also comprises state information and the relative time information of current business treatment facility;
Described back message comprises the state information of described all service processing equipments, sets up situation with what make the state of described starting point equipment all service processing equipments according to described state information acquisition and described service path.
9. the equipment according to any one of claim 6 to 8, is characterized in that,
Described processing unit also for, when receiving the service message of corresponding described traffic classification information, Business Processing is carried out to described service message, obtain process after service message;
Described transmitting element also for, obtain described forwarding table term of virtual private network, forward the service message after described process according to described forwarding table term of virtual private network.
10. the equipment according to any one of claim 6 to 9, is characterized in that, described traffic classification information comprises default five-tuple classified information;
Or described traffic classification information comprises the list number of classification access control.
CN201410173170.XA 2014-04-28 2014-04-28 A kind of method and apparatus for establishing service path Active CN105099915B (en)

Priority Applications (2)

Application Number Priority Date Filing Date Title
CN201410173170.XA CN105099915B (en) 2014-04-28 2014-04-28 A kind of method and apparatus for establishing service path
PCT/CN2014/090965 WO2015165249A1 (en) 2014-04-28 2014-11-13 Method and device for establishing service path

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201410173170.XA CN105099915B (en) 2014-04-28 2014-04-28 A kind of method and apparatus for establishing service path

Publications (2)

Publication Number Publication Date
CN105099915A true CN105099915A (en) 2015-11-25
CN105099915B CN105099915B (en) 2018-11-30

Family

ID=54358119

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201410173170.XA Active CN105099915B (en) 2014-04-28 2014-04-28 A kind of method and apparatus for establishing service path

Country Status (2)

Country Link
CN (1) CN105099915B (en)
WO (1) WO2015165249A1 (en)

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN106464590A (en) * 2015-11-27 2017-02-22 华为技术有限公司 Method and apparatus for obtaining path information
CN106612267A (en) * 2015-10-27 2017-05-03 中国移动通信集团公司 Verification method and verification device
WO2017193814A1 (en) * 2016-05-10 2017-11-16 中兴通讯股份有限公司 Service chain generation method and system

Families Citing this family (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN107786467A (en) * 2017-08-28 2018-03-09 深信服科技股份有限公司 Drainage method, drainage system and the system of network data based on transparent deployment
CN115225545B (en) * 2022-07-21 2023-11-03 天翼云科技有限公司 A message transmission method and device
CN115277640B (en) * 2022-07-29 2023-11-24 迈普通信技术股份有限公司 Data processing method, device, intelligent network card and storage medium
CN118400449B (en) * 2024-06-27 2024-08-23 杭州迪普科技股份有限公司 Scheduling normalization management method and device for multi-main-body safety forwarding module

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20020191539A1 (en) * 2001-03-20 2002-12-19 Worldcom, Inc. Pool-based resource management in a data network
US20040052259A1 (en) * 2002-09-16 2004-03-18 Agilent Technologies, Inc. Measuring network operational parameters as experienced by network operational traffic
CN1691636A (en) * 2004-04-26 2005-11-02 华为技术有限公司 Method of flow state establishment
CN101047614A (en) * 2006-05-01 2007-10-03 华为技术有限公司 Flow transmission route set-up method and data transmission system in IPv6 network environment
CN101515884A (en) * 2008-02-22 2009-08-26 华为技术有限公司 Method and device for implementing UNI service

Family Cites Families (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1645838B (en) * 2005-01-19 2010-04-28 哈尔滨工业大学 On-Demand Distance Vector Multiple Routing Method for Ad Hoc Networks with Complete Routing Information
CN100499719C (en) * 2005-09-09 2009-06-10 华为技术有限公司 NGN network system and call information transmitting method
EP3016329B1 (en) * 2013-07-25 2018-03-21 Huawei Technologies Co., Ltd. Service path allocation method, router and service execution entity

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20020191539A1 (en) * 2001-03-20 2002-12-19 Worldcom, Inc. Pool-based resource management in a data network
US20040052259A1 (en) * 2002-09-16 2004-03-18 Agilent Technologies, Inc. Measuring network operational parameters as experienced by network operational traffic
CN1691636A (en) * 2004-04-26 2005-11-02 华为技术有限公司 Method of flow state establishment
CN101047614A (en) * 2006-05-01 2007-10-03 华为技术有限公司 Flow transmission route set-up method and data transmission system in IPv6 network environment
CN101515884A (en) * 2008-02-22 2009-08-26 华为技术有限公司 Method and device for implementing UNI service

Cited By (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN106612267A (en) * 2015-10-27 2017-05-03 中国移动通信集团公司 Verification method and verification device
CN106464590A (en) * 2015-11-27 2017-02-22 华为技术有限公司 Method and apparatus for obtaining path information
CN106464590B (en) * 2015-11-27 2019-11-19 华为技术有限公司 A method and device for obtaining route information
US10554536B2 (en) 2015-11-27 2020-02-04 Huawei Technologies Co., Ltd. Method for obtaining path information and apparatus
WO2017193814A1 (en) * 2016-05-10 2017-11-16 中兴通讯股份有限公司 Service chain generation method and system
CN107360011A (en) * 2016-05-10 2017-11-17 中兴通讯股份有限公司 A kind of business chain generation method and system

Also Published As

Publication number Publication date
WO2015165249A1 (en) 2015-11-05
CN105099915B (en) 2018-11-30

Similar Documents

Publication Publication Date Title
US11770309B2 (en) On-demand probing for quality of experience metrics
EP3709573B1 (en) Satisfying service level agreement metrics for unknown applications
US10560352B2 (en) Subscriber-aware TWAMP data monitoring in computer networks
US10270843B2 (en) Chaining service zones by way of route re-origination
CN113395210B (en) Method for calculating forwarding path and network equipment
CN105099915A (en) Business path establishing method and device
CN110266578B (en) Method and system for transmitting and receiving packets
CN105337881B (en) A kind of processing method of data message, service node and drainage point
CN110557332B (en) Network construction method, system and routing equipment
JP2017529011A (en) Chaining network service functions in communication networks
CN104852855B (en) Jamming control method, device and equipment
EP3799366B1 (en) Mapping services to tunnels in order to forward packets using a network device
WO2022142905A1 (en) Packet forwarding method and apparatus, and network system
WO2018001373A1 (en) Method and device for limiting transmission speed of messages
US8675669B2 (en) Policy homomorphic network extension
EP2619952A1 (en) Pseudo-wire providing an in-band control channel using an offset
CN116886585A (en) A user-based traffic diversion method and device
CN116233006A (en) SDWAN-based link load balancing method and device, electronic equipment and storage medium
CN110945847B (en) Method, device and system for quickly recovering services during path switching
WO2018010618A1 (en) Method and device for acquiring path information about data packet
CN112910791A (en) Diversion system and method thereof
CN118175058A (en) Path quality detection method, device and medium
Theodoro et al. Entity Title Architecture Pilot: Scaling Out the Deployment of a Clean Slate SDN Based Network at a Telecom Operator

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant