CN100399767C - Method for access of IP public net of virtual exchanger system - Google Patents
Method for access of IP public net of virtual exchanger system Download PDFInfo
- Publication number
- CN100399767C CN100399767C CNB031600573A CN03160057A CN100399767C CN 100399767 C CN100399767 C CN 100399767C CN B031600573 A CNB031600573 A CN B031600573A CN 03160057 A CN03160057 A CN 03160057A CN 100399767 C CN100399767 C CN 100399767C
- Authority
- CN
- China
- Prior art keywords
- virtual switch
- data
- public network
- virtual
- interface
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Expired - Fee Related
Links
Images
Abstract
The present invention discloses a method for the access of IP public networks of virtual exchanger systems, which comprises: 1), a virtual interface is established between a virtual exchanger and an IP retransmission assembly of a virtual exchanger system; 2), the virtual interface is used for processing data from users of the virtual exchanger side, and transmitting the processed data to the IP retransmission assembly for transmitting the data to an IP public network; 3), the virtual interface is used for processing the data transmitted from the IP retransmission assembly from the IP public network, and transmitting the processed data to the virtual exchanger for transmitting the data to the users of the virtual exchanger side. The present invention enlarges the service range of the virtual exchanger system, and reduces the occupation of equipment port resources when VPLS users access the public network. Accordingly, the present invention adds the profit approach of a carrier, and reduces the cost of using VS to build VPLS and technical difficulty for enterprise users.
Description
Technical field
The present invention relates generally to the network communications technology, particularly a kind of method that makes virtual switch system insert the IP public network.
Technical background
Virtual switch (VS) is the implementation method of a kind of virtual private network (VPN).Virtual switch is the functional entity that generates by configuration on the network equipment, and it can finish the function of Ethernet switch.Can mark off a plurality of virtual switches on the network equipment, virtual switch can be used to set up virtual private LAN section (VPLS) and provide customer flow to converge.
Virtual switch is applied at first on ATM (asynchronous transfer mode) equipment virtual private LAN section business is provided.Afterwards, virtual switch has added that ether inserts and at GRE (generic route encapsulation) tunnel of IP public network transparent transmission Ethernet message access function.The networking mode that present virtual switch is built VPN is seen Fig. 1.
Virtual switch utilizes link layer (ether) information to carry out the forwarding of packet, and the network class that all uses virtual switch to build is similar to an Ethernet.
VS and IP (Internet protocol) forwarding component all are positioned on the edge service node of telecommunication bureau at present, and the basic function of edge service node is to satisfy user's online demand, and the IP forwarding component is one of core of edge service node, and function class is similar to router.And VS be on the edge service node in order to satisfy the demand that VPN is set up in enterprise, and the extension element of increasing income and adding for telecommunication bureau.On the edge service node, VS and IP forwarding component are functional modules independently.The edge service node has only the ability that the VS assembly just has establishment VPLS that adds.Owing to the network equipment of having realized virtual switch does not also possess message is not sent to the ability that the IP forwarding component carries out routing forwarding, therefore privately owned net of enterprise that is made of virtual switch or the user that converges will visit IP network and must add explicit outside interface channel, as router or line.
Fig. 2 is the technical scheme schematic diagram of prior art one.As shown in Figure 2, enterprise uses VS to make up VPLS, but needs to link to each other with public network at router of the inner configuration in addition of certain website.The equipment of VPLS inside is by this router access public network.On this router or within generally can configuration address conversion and packet filtering rule, be used to guarantee the fail safe of the privately owned net of enterprise.
In this scheme, the VPLS internal network devices is the VPLS side interface IP address setting of router a gateway.The inner message to the IP public network of VPLS all is forwarded to router.After router is searched route, message is delivered to the IP public network, promptly among the figure on the IP public network side interface of the edge service node of telecommunication bureau side.
From the IP message that the IP public network comes, promptly the next message of telecommunication bureau's method, edge service node public network side interface arrives router, and enterprise router is searched route.If message in VPLS inside, is then delivered to the VPLS side interface of router in the destination, transmit in VPLS inside.
This networking plan is applicable to the enterprise customer with strong technical strength and economic base.
The shortcoming of the prior art one is that it need add routing device, thereby has increased user's expense.And router is connected the port resource of the preciousness that has also taken the edge service node with the edge service node.In addition, NAT (network address translation) and the safety regulation used during owing to the visit public network need the user to dispose, thereby increase user's maintenance difficulties.
Fig. 3 shows prior art related to the present invention two.As shown in Figure 3, add an aerial lug, connect a port and a port that inserts the IP forwarding component that inserts VS at the edge service node.Like this, the user who inserts VS just can send to the IP assembly to data by this external channel and carries out the IP layer and transmitted.
In this scheme, the interface IP address setting of the IP forwarding component that inner of VPLS and VS are direct-connected is a gateway.VPLS inside is all transmitted on the interface with its direct-connected IP forwarding component by VS to the message of IP public network.After the IP forwarding component is searched route, message is delivered to the IP public network.
From the IP forwarding component of the next IP message arrival edge service node of IP public network, the IP forwarding component is searched route.If the destination in VPLS inside, is then delivered to message with its direct-connected VPLS side interface and given VS, message is transmitted in VPLS inside afterwards.
This scheme is usually used in converging by VS the access user's data flow of visit public network, can be used for also that some are not high to security requirement, the enterprise of limited fund makes up VPLS.
Because general edge service node is placed on telecommunication bureau.Telecommunication department is in order to obtain big profit, and the edge service node is that many users share, and edge service node external interface is a scarce resource, and an external interface can insert a plurality of enterprise customers.The prior art two will be carried out on the edge service node of telecommunication bureau, and the enterprise customer will take an external interface (for example an ATM mouth or an ether physical interface), costs dearly, and the VPLS enterprise customer is lacked fail safe.
Summary of the invention
Therefore, the present invention makes at solving above-mentioned shortcoming of the prior art, an one purpose provides the method that a kind of virtual switch system inserts the IP public network, make the external interface that when visiting the public network resource, neither takies valuable edge service node based on the enterprise customer of VS structure VPLS, need not add extra routing device again.
Another object of the present invention provides the method that a kind of virtual switch system inserts the IP public network, and this method can make the enterprise customer based on VS structure VPLS can visit the public network resource safely, easily
For achieving the above object, the invention provides the method that a kind of virtual switch system inserts the IP public network, described virtual switch system comprises virtual switch and IP forwarding component, and described method is characterised in that and may further comprise the steps: 1) set up virtual interface between described virtual switch and described IP forwarding component; 2) by described virtual interface to handling from described virtual switch pusher side user's data, and give described IP forwarding component to send it to the IP public network with treated data; And 3) by described virtual interface the data from the IP public network that transmit from described IP forwarding component are handled, and given described virtual switch to send it to the user of virtual switch pusher side treated data.
Described step 2) further may further comprise the steps: described virtual interface will be given described IP forwarding component through the data of de-links encapsulation then and look into routing table to send to the IP public network remove the operation of Ethernet link encapsulation from described virtual switch pusher side user's data.
Described step 3) further may further comprise the steps: if be the user of virtual switch pusher side from the IP message destination that the IP public network enters, then described IP forwarding component is looked into routing table and message is given the virtual interface that links to each other with described virtual switch, described virtual interface is searched the ARP node and is obtained link layer packaging information, afterwards the IP message is carried out link layer packaging and sends it to described virtual switch.
In an embodiment of the present invention, information exchange between described virtual interface and the described virtual switch is finished by internal data path, and described internal data path is to use the logical data passage of the bus of described virtual interface and described virtual switch place equipment.In addition, described internal data path has unique identification, is used for distinguishing different virtual switch systems.
In addition, be provided preferably with the access control list assembly between described virtual interface and the described IP forwarding component, be used for the data of coming and going between described virtual interface and the described IP forwarding component are carried out safety detection.Be provided preferably with the network address translation assembly between described virtual interface and the IP forwarding component, be used to finish the conversion of private net address and public network address.
The present invention provides a kind of safe, method easily for the enterprise customer who makes up VPLS based on VS visits the public network resource, because data transmit at the edge service intra-node, need not to use external interface, taking edge service node port resource in the time of can reducing the VPLS user to access public net.In addition, relative prior art two, the present invention can provide and more safely visit public network; And with respect to prior art one, the present invention gives telecommunication bureau with the work that originally is arranged on user's the router, dispose NAT (network address translation) and safety regulation by the user, need not the user and purchase router separately, finish by telecommunication bureau on the edge service node that is configured in telecommunication bureau of NAT (network address translation) and safety regulation, having reduced the enterprise customer uses VS to set up cost and the technical difficulty of VPLS, alleviate the burden of enterprise, increased the profit of telecommunication bureau again.
Description of drawings
Fig. 1 is the networking mode that present virtual switch is built VPN;
Fig. 2 is the technical scheme schematic diagram of prior art one;
Fig. 3 is the technical scheme schematic diagram of prior art two;
Fig. 4 is a principle flow chart of the present invention;
Fig. 5 is a schematic diagram of setting up internal data path of the present invention
Fig. 6 is the flow chart that user side sends datagram to network side in the preferred version of the present invention;
Fig. 7 is the flow chart that network side sends datagram to user side in the preferred version of the present invention.
Embodiment
With reference to Fig. 4, between VS and IP forwarding component, set up a virtual interface.This virtual interface has and the general same function of ether interface, is the data of general ether interface processing from external physical port, and " virtual interface " then handles the data from device interior exchanges data chip.
Virtual interface is a software module.The design of virtual interface is consistent with the design of general ether interface.Virtual interface is with the main distinction of general ether interface: general ether interface is handled the frame of the ether form of receiving from physics ether port.Virtual interface is then handled the Frame that the exchanges data hardware cell of slave unit inside is received, the form of these Frames is device interior definition, for example cell format of regular length.The Ethernet message that sends by internal data path is carried on the self-defining internal data frame of equipment with the self-defining form of equipment.The exchanges data hardware cell is responsible for assembling these Frames by the form of inside definition, removes internal form encapsulation back and takes out Ether frame, gives virtual interface then and carries out link layer process.When sending message, virtual interface is delivered the exchanges data hardware cell to the message of standard ether form, and the exchanges data hardware cell splits and the encapsulation Ethernet message according to the self-defining form of equipment, sends on internal data path then.
Above-mentioned virtual interface is finished following basic function:
1. data channel receives the ether bag internally;
2. resolve the ether bag of input, take out the IP message and give IP forwarding component;
3. receive the data that the IP forwarding component is sent here, carry out the encapsulation of Ethernet link layer;
4. the ether bag being delivered internal data path sends;
5. handle ARP (address resolution protocol) message, set up and safeguard ARP node on this interface, for newly-built ARP node reports route.
In addition, create an internal data path, promptly distribute an internal exchange of data path, it connects VS and virtual interface.The design of the method for building up of internal data path and equipment itself is closely related.
As shown in Figure 5, in the equipment of a distributed forwarding architecture, whole system is built by the veneer of various realization difference in functionalitys.Data communication between the different veneers is finished by the cell bus of system.In this system, the VS assembly realizes on veneer A, and virtual interface, IP forwarding component are realized on board B.For make on the veneer A the VS assembly can with the virtual interface swap data on the board B, the present invention distributes a cell passage between VS and virtual interface.If internal system adopts ATM cell, then this cell passage is exactly a PVC (PVC).The form that the data of transmitting between veneer are packaged into cell exchanges on cell bus.The cell channel information is encapsulated in the cell structure, described cell channel information is the sign of each cell passage, and in the present embodiment, each cell passage has unique identification in internal system, be used for distinguishing different virtual switch systems, described unique identification is a numeral that the overall situation is unique.The IP assembly is delivered to corresponding VS system to Ethernet message according to this unique identification.
Virtual interface on VS1 on the veneer A and VS2 and the board B has been set up inner cell passage Path1 and Path2 respectively.VS1 writes down the MAC Address of virtual interface by Path1 in its MAC (media interviews control) address learning list.When receiving the packet that need send to virtual interface, VS1 just seals the channel information of Path1 and ether and is contained in the cell, and first bus of delivering letters exchanges, and sends to virtual interface.Virtual interface is set up the ARP node table of VS1 system according to the PATH1 channel information, the user's that record VS1 inserts in this ARP node table MAC Address.When virtual interface received that target MAC (Media Access Control) address is the user's that inserts of VS1 the packet of MAC Address, virtual interface was sealed the channel information of Path1 and ether and is contained in the cell, and first bus of delivering letters exchanges.VS1 receives cell from Path1, and the ether bag of recombinating out is given the end user packet switch according to the target MAC (Media Access Control) address in the bag again.
So the message forwarding process of the system that makes up is as follows:
VS puts internal data path to data and sends to virtual interface, and the virtual interface hardware cell of data channel is internally obtained data, removes the Ethernet link encapsulation, gives the IP forwarding component then and looks into routing table and send to the network side interface.If the IP message destination that enters from the network side interface is VS side user, then the IP forwarding component is looked into routing table and message is given the virtual interface that links to each other with VS.Virtual interface is searched the ARP node and is obtained link layer packaging information, afterwards the IP message is carried out link layer packaging and it is put internal data path.VS data channel internally receives data, uses the ether destination address to search address learning list message is mail to VS side user.
The system of Gou Jianing just can make the user to access public net resource of VS side as stated above, that is to say the function that has realized " prior art scheme two ", and does not take valuable equipment to external port.But this scheme is difficult to satisfy the requirement of enterprise high to security requirement, because:
1. do not have address translation feature, therefore require VS side user to use public network address, and can not use private net address, can not satisfy the requirement that makes up VPLS.
2. do not have fire compartment wall, the user on the public network can visit the user resources of VS fully, has serious security breaches.
Use the requirement of private net address and VPLS enterprise customer to the consideration of network security aspect in order to satisfy the VPLS enterprise customer, can carry out following improvement to said method: added NAT assembly and ACL (access control table) assembly.The NAT assembly is finished the conversion of private net address and public network address; The ACL assembly can dispose and generate multiple security strategy, for example to entering packet (source IP address, purpose IP address, source port, destination interface, agreement) five-tuple matching detection, with the fail safe that guarantees that network connects.Fig. 6, Fig. 7 are improvement schematic diagrames of the present invention.
Address transition (NAT) claims address agency again, is used for realizing the conversion between private network address and the global network address.During when the host access internet of internal network or with the main-machine communication of external network, need use address transition.Described NAT assembly is responsible for writing down the mapping relations of private net address and public network address, and the message that passes in and out the NAT assembly is mated, and the message that satisfies the mapping relations that disposed is carried out the conversion of private net address and public network address.
ACL is meant some rules that dispose for the filtering data bag, stipulate which type of packet can pass through, which type of can not pass through, the packet filtering rules of described ACL component record configuration, bag to turnover ACL assembly mates one by one by filtering rule, for the bag that satisfies the rule rule, handle by the action of regular appointment, as allow by or abandon.
NAT and ACL are the mature technologies on the present network equipment.The implementation method of NAT assembly and ACL assembly has multiple, at the general books about network security, substantially all mentions on webpage and the document.The present invention does not have specific (special) requirements to the realization of NAT assembly and ACL assembly, can be used by the present invention as long as possess the software module of NAT and acl feature.
With reference to shown in Figure 6, the data of coming from VS side private user send to virtual interface, message is given the ACL assembly subsequently and message is carried out safety inspections such as five-tuple coupling, the message that does not satisfy the security strategy of having set is dropped, remaining message is delivered the NAT assembly and is carried out the conversion of source address private network to the public network address space, and the message after the conversion is given the IP forwarding component and looked into routing table and send to public network.Certainly, also can not use the NAT assembly, at this moment, message is directly given the IP forwarding component and is looked into routing table and send to public network, but this moment, the user can't use private net address.Also can not use the ACL assembly, message is delivered the NAT assembly and is carried out the conversion of source address private network to the public network address space, and the message after the conversion is given the IP forwarding component and looked into routing table and send to public network.
With reference to shown in Figure 7, the network side interface receives the data message of network side, at first gives the security strategy of ACL assembly coupling configuration, and invalid packet is dropped, and all the other messages are given the IP forwarding component and looked into routing table.Under the situation that the ACL assembly is not set, message is directly given the IP forwarding component and is looked into routing table.On routing table, through NAT conversion and the route that generates, route table items can be established a NAT attribute mark for private net address, and the route that public network address is generated, route table items is not then established the NAT attribute mark.Can know through looking into routing table like this, the destination of message be private network inside or public network on.If the destination of message is in private network inside, then the message destination address route entry that can mate has the NAT sign, this class message is delivered the conversion that the NAT assembly carries out destination address, message after the conversion is searched route once more and is delivered virtual interface, and virtual interface carries out giving VS by internal data path after link encapsulates to message and exchanges forwarding.Under the situation that the NAT assembly is not set, message is directly delivered virtual interface after searching route, and virtual interface carries out giving VS by internal data path after link encapsulates to message and exchanges forwarding.
Above-described the preferred embodiments of the present invention, only be for illustrative purposes, one of ordinary skill in the art should be appreciated that different improvement, increase and decrease all are possible, and can break away from the scope of the present invention that claim of the present invention limits.
Claims (7)
1. a virtual switch system inserts the method for IP public network, and described virtual switch system comprises virtual switch and IP forwarding component, and described virtual switch is used to set up the virtual private LAN section, and described method is characterised in that and may further comprise the steps:
1) between described virtual switch and described IP forwarding component, sets up virtual interface;
2) by described virtual interface to handling from described virtual switch pusher side user's data, and give described IP forwarding component to send it to the IP public network with treated data; And
3) by described virtual interface the data from the IP public network that transmit from described IP forwarding component are handled, and given described virtual switch to send it to the user of virtual switch pusher side treated data.
2. method according to claim 1 is characterized in that, described step 2) further may further comprise the steps:
Described virtual interface will be given described IP forwarding component through the data of de-links encapsulation then and look into routing table to send to the IP public network remove the operation of Ethernet link encapsulation from described virtual switch pusher side user's data.
3. method according to claim 1 is characterized in that, described step 3) further may further comprise the steps:
If the IP message destination that enters from the IP public network is the user of virtual switch pusher side, then described IP forwarding component is looked into routing table and message is given the virtual interface that links to each other with described virtual switch, described virtual interface is searched the ARP node and is obtained link layer packaging information, afterwards the IP message is carried out link layer packaging and sends it to described virtual switch.
4. method according to claim 1, it is characterized in that, information exchange between described virtual interface and the described virtual switch is finished by internal data path, and described internal data path is to use the logical data passage of the bus of described virtual interface and described virtual switch place equipment.
5. method according to claim 4 is characterized in that described internal data path has unique identification, is used for distinguishing different virtual switch systems.
6. according to any one described method in the claim 1 to 5, it is characterized in that, also be provided with the access control list assembly between described virtual interface and the described IP forwarding component, be used for the data of coming and going between described virtual interface and the described IP forwarding component are carried out safety detection.
7. method according to claim 6, it is characterized in that, also be provided with the network address translation assembly between described virtual interface and the IP forwarding component, the destination address that is used for entering the message of described private LAN section is converted to private net address by public network address, and the source address of the message that will send from described private LAN section is converted to public network address by private net address.
Priority Applications (2)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CNB031600573A CN100399767C (en) | 2003-09-26 | 2003-09-26 | Method for access of IP public net of virtual exchanger system |
| CNA2007101677917A CN101202706A (en) | 2003-09-26 | 2003-09-26 | Virtual switchboard system |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CNB031600573A CN100399767C (en) | 2003-09-26 | 2003-09-26 | Method for access of IP public net of virtual exchanger system |
Related Child Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CNA2007101677917A Division CN101202706A (en) | 2003-09-26 | 2003-09-26 | Virtual switchboard system |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN1601996A CN1601996A (en) | 2005-03-30 |
| CN100399767C true CN100399767C (en) | 2008-07-02 |
Family
ID=34660791
Family Applications (2)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CNB031600573A Expired - Fee Related CN100399767C (en) | 2003-09-26 | 2003-09-26 | Method for access of IP public net of virtual exchanger system |
| CNA2007101677917A Pending CN101202706A (en) | 2003-09-26 | 2003-09-26 | Virtual switchboard system |
Family Applications After (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CNA2007101677917A Pending CN101202706A (en) | 2003-09-26 | 2003-09-26 | Virtual switchboard system |
Country Status (1)
| Country | Link |
|---|---|
| CN (2) | CN100399767C (en) |
Families Citing this family (14)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN100433713C (en) * | 2005-07-15 | 2008-11-12 | 华为技术有限公司 | Virtual exchange access method, device and virtual exchange system based on IP |
| CN100428739C (en) * | 2005-12-31 | 2008-10-22 | 华为技术有限公司 | Implementing method and system for support VPLS service on IP skeletal network |
| US8169903B2 (en) * | 2006-03-07 | 2012-05-01 | Cisco Technology, Inc. | Managing traffic within and between virtual private networks when using a session border controller |
| CN101052022B (en) * | 2006-04-05 | 2010-10-13 | 华为技术有限公司 | System and method for virtual special net user to access public net |
| US8489701B2 (en) | 2007-01-30 | 2013-07-16 | Microsoft Corporation | Private virtual LAN spanning a public network for connection of arbitrary hosts |
| CN102104525B (en) | 2011-03-16 | 2013-04-24 | 华为技术有限公司 | Media gateway equipment and method for forwarding data frame |
| CN104221343B (en) * | 2012-03-29 | 2017-09-26 | 英特尔公司 | For the technology in input-output apparatus using the switch identification assigned |
| CN103516822A (en) * | 2012-06-29 | 2014-01-15 | 同方股份有限公司 | Virtualization data exchange safety system for virtualization network |
| CN102946354B (en) * | 2012-11-15 | 2016-11-23 | 华为技术有限公司 | Method, device and the network equipment that a kind of message forwards |
| CN105187312B (en) * | 2015-08-12 | 2018-05-01 | 北京锐安科技有限公司 | Batch terminal carries out network communication method, device and router |
| CN105429901B (en) * | 2015-11-06 | 2018-09-28 | 上海斐讯数据通信技术有限公司 | Uplink data packet forwarding method and device, downlink data packet forwarding method and device |
| CN107493180B (en) * | 2016-06-13 | 2021-04-30 | 阿里巴巴集团控股有限公司 | Upgrading method and device of virtual switch |
| CN110830594B (en) * | 2019-12-06 | 2022-04-01 | 广州微算互联信息技术有限公司 | Method, system, device and storage medium for expanding IP address of cloud mobile phone |
| CN113194020B (en) * | 2021-05-24 | 2022-09-09 | 臻乐尔科技服务(上海)有限公司 | Virtual network interaction method and virtual network architecture |
Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US6061349A (en) * | 1995-11-03 | 2000-05-09 | Cisco Technology, Inc. | System and method for implementing multiple IP addresses on multiple ports |
| CN1321025A (en) * | 1999-12-27 | 2001-11-07 | 日本电气株式会社 | ATM edge node exchange apparatus using IP-VPN function |
| JP2002247089A (en) * | 2001-02-22 | 2002-08-30 | Nippon Telegr & Teleph Corp <Ntt> | Packet routing method and device |
| CN1404263A (en) * | 2001-09-03 | 2003-03-19 | 华为技术有限公司 | Realizing method and system of special network in wideband virtual network |
| US6614800B1 (en) * | 1999-09-02 | 2003-09-02 | International Business Machines Corporation | Method and system for virtual private network administration channels |
-
2003
- 2003-09-26 CN CNB031600573A patent/CN100399767C/en not_active Expired - Fee Related
- 2003-09-26 CN CNA2007101677917A patent/CN101202706A/en active Pending
Patent Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US6061349A (en) * | 1995-11-03 | 2000-05-09 | Cisco Technology, Inc. | System and method for implementing multiple IP addresses on multiple ports |
| US6614800B1 (en) * | 1999-09-02 | 2003-09-02 | International Business Machines Corporation | Method and system for virtual private network administration channels |
| CN1321025A (en) * | 1999-12-27 | 2001-11-07 | 日本电气株式会社 | ATM edge node exchange apparatus using IP-VPN function |
| JP2002247089A (en) * | 2001-02-22 | 2002-08-30 | Nippon Telegr & Teleph Corp <Ntt> | Packet routing method and device |
| CN1404263A (en) * | 2001-09-03 | 2003-03-19 | 华为技术有限公司 | Realizing method and system of special network in wideband virtual network |
Also Published As
| Publication number | Publication date |
|---|---|
| CN1601996A (en) | 2005-03-30 |
| CN101202706A (en) | 2008-06-18 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US8908704B2 (en) | Switch with dual-function management port | |
| CN100399767C (en) | Method for access of IP public net of virtual exchanger system | |
| CN100472487C (en) | Virtual broadcast network for inter-domain communications | |
| US7672314B2 (en) | Scaling VLANs in a data network | |
| TW463508B (en) | Telecommunication network with variable address learning, switching and routing | |
| CN107113240A (en) | Expansible VLAN file transmitting method, computer equipment and computer-readable recording medium | |
| CN101635702B (en) | Method for forwarding data packet using security strategy | |
| CN101616014B (en) | Method for realizing cross-virtual private local area network multicast | |
| JPH11112577A (en) | Interconnection system between lan systems and network service system | |
| CN103428094A (en) | Method and device for packet transmitting in Open Flow system | |
| KR20030071552A (en) | Virtual local area network connecting equipment | |
| CN100502329C (en) | Ethernet exchanger and its service processing method | |
| CN100484080C (en) | Routing access method, system and operator edge equipment for virtual private network | |
| US7787461B2 (en) | System and a method for processing field frames for multiprotocol use in a communications network | |
| CN107360089A (en) | A kind of method for routing foundation, business datum conversion method and device | |
| CN100446509C (en) | Method for realizing re-oriented message correctly repeat and first-part and second-part | |
| US7773613B2 (en) | Communication control method and system | |
| US20110078181A1 (en) | Communication device | |
| JP2004159019A (en) | Extended vlan tag swap system | |
| CN101087258A (en) | A method and device for access to directly connected device across VPN | |
| CN112367263A (en) | Multicast data message forwarding method and equipment | |
| CN102055669A (en) | Method for realizing N:1 virtual local area network (VLAN) mapping in 10 gigabit-capable passive optical network (10GPON) system | |
| CN101316239B (en) | Method for controlling access and forwarding in virtual special LAN service network | |
| CN103036761A (en) | Tunnel server and client device | |
| JPS6163137A (en) | Mutual connection system of local area network |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C14 | Grant of patent or utility model | ||
| GR01 | Patent grant | ||
| C17 | Cessation of patent right | ||
| CF01 | Termination of patent right due to non-payment of annual fee |
Granted publication date: 20080702 Termination date: 20100926 |