CN100334849C - Method for realizing address synchronization in independant virtual LAN learning mode - Google Patents
Method for realizing address synchronization in independant virtual LAN learning mode Download PDFInfo
- Publication number
- CN100334849C CN100334849C CNB031440827A CN03144082A CN100334849C CN 100334849 C CN100334849 C CN 100334849C CN B031440827 A CNB031440827 A CN B031440827A CN 03144082 A CN03144082 A CN 03144082A CN 100334849 C CN100334849 C CN 100334849C
- Authority
- CN
- China
- Prior art keywords
- vlan
- address
- mac address
- access
- primary
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Expired - Fee Related
Links
Images
Abstract
The present invention relates to a method for realizing address synchronization in an independent VLAN learning mode. The method comprises that when an access address is added to or deleted from the independent VLAN (virtual local area network), the operation of adding or deleting the access addresses is carried out in the address table of an acquiescent VLAN of the access addresses and the address table of a VLAN sharing the access address simultaneously. The realization of the present invention avoids that a large number of broadcast messages appear in a network, and limited communication network resources are saved, so that the communication network can provide larger bandwidth resources for users, and simultaneously, the realization of the present invention also improves the security performance of the network communication, and in addition, the realization of the present invention also greatly improves the efficiency of searching for an MAC address table in an IVL mode, so that the performance of forwarding messages, of the communication network, is improved.
Description
Technical field
The present invention relates to network communications technology field, relate in particular to the method that realizes address synchronization under a kind of independent VLAN (VLAN) mode of learning.
Background technology
In network service, management for the ease of communication network, guarantee the safety of network service, usually need isolate for the application of network access equipments such as Ethernet switch, the method that is adopted is for each network access equipment that need isolate distributes a VLAN ID (VLAN ID), and the user in this VLAN all needs to realize by this network access equipment with extraneous communicating by letter.But, growing along with network service, network organizing huge day by day, the needed VLAN ID of networking is also more and more, and the VLAN ID resource that can distribute is limited, and therefore when network size is big, the VLAN ID number that can provide can't satisfy the needs of networking.
In order to address the above problem, in communication network, introduced Private VLAN (PVLAN, private virtual local area network) technology, this technology is a kind of vlan management method with two layers of isolation features of using at present, this method provide a kind of lower level (two layers) can polymerization VLAN means, in PVLAN, comprise: a primary VLAN (upper strata VLAN) and one or more secondary VLAN (two layers of VLAN).
As shown in Figure 1, Layer 2 switch Quidway S2403 and Quidway S3026 are connected to the port 7,8 of three-tier switch Quidway S3526 respectively by uplink port 5,6; On QuidwayS3526, think all users that Quidway S2403 inserts all in VLAN 5, and all users that Quidway S3026 inserts are in VLAN 6; Like this, on QuidwayS3526, only need get final product for VLAN 5 and VLAN 6 configuration corresponding IP (Internet protocol) network segments.Described VLAN 5 and VLAN 6 are respectively the Primary VLAN of two Layer 2 switch QuidwayS2403 of sign and Quidway S3026; And VLAN 1 and VLAN 2 are Secondary VLAN of VLAN5, VLAN 3 and VLAN 4 are Secondary VLAN of VLAN 6, the user of each port all by Secondary VLAN two layers of isolation, the intercommunication of three-tier message need by on the three-tier switch Quidway S3526 that connects transmit.
By foregoing description as can be seen, the essence of PVLAN is by dividing a plurality of VLAN, and the method that cooperatively interacts between the VLAN realizes.Wherein, secondary VLAN mainly realizes up function, and each secondary VLAN has comprised at least one user access port and a uplink port, guarantees that user's message can be up, and uplink message can not arrive other user simultaneously.Primary VLAN has then mainly realized descending function, primary VLAN will comprise all of the port in the PVLAN, each message that gets off from uplink port enters after the switch, the message that all is regarded as in the primary VLAN is handled, so downlink message can arrive any one user in the VLAN.Be that user's data is up in secondary VLAN, descending by primaryVLAN again.Therefore, the foundation of PVLAN had both realized two layers of user-isolated purpose, had saved the VLAN ID resource on the three-tier switch again, had also saved the IP network section simultaneously.
Network construction form based on above-mentioned PVLAN, the address enterprise schema that network access equipments such as present switch adopt is by comprising following two kinds: IVL (independent VLAN learning, independent VLAN study) mode and SVL (shared VLAN learning shares formula VLAN study) mode; Described IVL mode is the mac address table that each VLAN inside all has oneself, and identical MAC Address may learn goes among the different VLAN, and described all VLAN of SVL mode share mac address table, can not have a plurality of identical MAC Address in the list item.
Switch under the SVL working method is because all VLAN can share a mac address table, and therefore the resource that takies is fewer; Regardless of vlan information, need only and find corresponding port information when looking into address table in addition according to MAC Address.But the SVL mode also has a shortcoming that is difficult to overcome: under the multicast mode, the forwarding-table item of identical purpose is different at the forwarding destination interface of different VLAN, so limited the application of multicast mode.Though and IVL mode resource occupation is more, because each VLAN has own independent transmitting, so be no problem to the support of multicast, this just makes the mode of operation of IVL mode that more application arranged.
Under the IVL mode, use MAC Address and VLAN ID to search certain forwarding-table item as index, such as will in VLAN1, searching MAC1, and MAC1 is present among the VLAN2, be not present among the VLAN1, the checking result of this moment is to fail to hit, so the relative SVL mode of the efficient of tabling look-up of IVL mode is much lower.
And when using the IVL mode to realize PVLAN, the address of supposing user B is to come from VLAN2, belongs to VLAN2, and the address of user A enters from VLAN1, belongs to VLAN1.User A communicates by letter with B and a problem will occur, handle as broadcasting in switch to the message of A to B with by B by A, if in VLAN2, also have other user, can be received to the message of A by B that so the message from B to A can be received by all access users especially by the another one user.Therefore, the application of this IVL mode produces two problems: one is the problem of the bandwidth waste of the network equipment, and all messages all are to broadcast, and do not utilize the advantage of switch; Second is the problem of network security, and a user's message can be received by other user, can't be guaranteed on the safety.
Summary of the invention
The purpose of this invention is to provide the method that realizes address synchronization under a kind of independent VLAN mode of learning, thereby improve the efficient of searching address table under the IVL mode, prevent to produce a large amount of broadcasting packets in the network, can also improve the security performance of network service simultaneously.
The object of the present invention is achieved like this:
A kind of independent VLAN mode of learning is realized the method for address synchronization down, comprising:
Increase the address synchronization processing procedure of access address among the independent VLAN (VLAN): access address is added among the VLAN of its access interface acquiescence, simultaneously described access address is added among the VLAN that shares this access address, and will be the position, address mark position of this address setting, the VLAN that represents the port default that this access address inserts is not the VLAN that shares this access address;
Delete the address synchronization processing procedure of access address among the independent VLAN: access address is deleted, simultaneously this access address is deleted from the VLAN that shares this access address from the network access equipment of the VLAN (VLAN) of its access interface acquiescence.
Described access address is MAC (medium access control) address, and described MAC Address is deposited in the network access equipment with the form of mac address table.
The address synchronization processing procedure of access address also comprises among the independent VLAN of described increase: the ageing time that adds the access address among the VLAN that shares this access address cannot not be set to agingly.
Among the present invention, when the ageing time of the access address in adding the access interface default vlan cannot not be set to agingly, the address synchronization processing procedure of access address was carried out by order line by the user among the independent VLAN of described deletion.
Described independent VLAN mode of learning is realized the method for address synchronization down, also comprise: when the ageing time of the access address in the adding access interface default vlan was set to wear out, the address synchronization processing procedure of access address was carried out or is carried out by order line by the user by the ageing timer triggering of this access address among the independent VLAN of described deletion.
Described this access address is deleted from the VLAN that shares this access address further comprises:
Determine to share the VLAN of this access address;
From the address table of the described VLAN that determine to share this access address, search this access address;
Address mark position according to this access address judges whether to be shared access address, if, then delete this access address, otherwise, do not deal with.
Described independent VLAN comprises: Primary VLAN among the PVLAN (private virtual local area network) (upper strata VLAN) and Secondary VLAN (two layers of VLAN).
This method also comprises the address synchronization process when PVLAN sets up:
Mac address table among the traversal Primary VLAN, and wherein but ageing time is the aged MAC addresses deletion, can not aged MAC addresses add in the mac address table of Secondary VLAN, ageing time still cannot not be set to agingly, simultaneously with its position, address mark position;
The mac address table of traversal Secondary VLAN, wherein but ageing time is the aged MAC addresses deletion, with ageing time for can not wear out and the address mark position not the MAC Address of set add in the mac address table of PrimaryVLAN, simultaneously with its position, address mark position.
The address synchronization processing procedure of access address comprises among the independent VLAN of described increase (VLAN):
The VLAN of the MAC Address acquiescence that determine to need increases is Primary VLAN or SecondaryVLAN, and obtains described Secondary VLAN or the Primary VLAN that needs the VLAN correspondence of the MAC Address acquiescence that increases;
Judge the MAC Address that whether exists needs to increase among corresponding Secondary VLAN or the Primary VLAN;
If there is no, then in described Secondary VLAN or Primary VLAN, add this MAC Address that need increase, and with position, address mark position;
If exist, judge that then whether the ageing time of this MAC Address that need increase that exists is for not aging;
If for aging, judge further that then corresponding VLAN is Secondary VLAN or Primary is VLAN;
If corresponding VLAN is Secondary VLAN, then continue to judge the MAC Address that whether exists needs to increase among the corresponding Secondary VLAN of the affiliated Primary VLAN of other and this Secondary VLAN, if do not exist, then in described other Secondary VLANs corresponding, add this MAC Address that need increase with Primary VLAN under this Secondary VLAN, as if existence and for wearing out, then delete the MAC Address that in other Secondary VLANs corresponding, exists with Primary VLAN under this Secondary VLAN, and in other Secondary VLANs corresponding, add this MAC Address that need increase with Primary VLAN under this Secondary VLAN, as if existence and for aging, then do not process, all be performed up to all Secondary VLAN corresponding and finish with this Primary VLAN;
If corresponding VLAN is Primary VLAN, then process finishes;
If can wear out, then delete the MAC Address that in described Secondary VLAN or Primary VLAN, exists, and in described Secondary VLAN or Primary VLAN, add this MAC Address that need increase, and with this MAC Address flag bit set.
The address synchronization processing procedure of access address comprises among the independent VLAN of described deletion:
Determine needing the VLAN of the MAC Address acquiescence of deletion is Primary VLAN or SecondaryVLAN, and obtains the Secondary VLAN or the Primary VLAN of the VLAN correspondence of the described MAC Address acquiescence that needs deletion;
Judge the MAC Address that whether has the needs deletion among corresponding Secondary VLAN or the Primary VLAN;
If exist, then obtain the address mark position and the ageing time of this MAC Address, if ageing time is to wear out, and position, address mark position, the MAC Address of the needs deletion that exists among the Secondary VLAN of then deletion correspondence or the PrimaryVLAN, otherwise, by not existing this MAC Address to handle;
If there is no, judge further that then corresponding VLAN is Secondary VLAN or PrimaryVLAN;
If corresponding VLAN is Secondary VLAN, then continue to judge the MAC Address that whether has the needs deletion among the corresponding Secondary VLAN of the affiliated Primary VLAN of other and this Secondary VLAN, if exist, then delete the MAC Address that this need be deleted, all be performed up to all Secondary VLAN corresponding and finish with this Primary VLAN;
If corresponding VLAN is Primary VLAN, then process finishes.
This method also comprises when removing among the PVLAN Primary VLAN and Secondary VLAN corresponding relation, the delete procedure of the MAC Address of position, address mark position:
Obtaining needs to remove Primary VLAN and the Primary VLAN of Secondary VLAN corresponding relation and all corresponding Secondary VLAN thereof among the PVLAN;
The mac address table of traversal Primary VLAN and corresponding all Secondary VLAN thereof, for wearing out, and the MAC Address of position, address mark position is deleted from mac address table with ageing time.
Described independent VLAN mode of learning is realized the method for address synchronization down, also comprises:
The address synchronization processing procedure of access address among the independent VLAN of described increase is to carry out when increasing access address;
The address synchronization processing procedure of access address is to carry out in the deletion access address among the independent VLAN of described deletion.
The address synchronization processing procedure of access address is to carry out in the cycle with the address synchronization processing procedure of deleting access address among the independent VLAN among the independent VLAN of described increase, increase among the Primary VLAN of the promptly periodic PVLAN of determining and the Secondary VLAN or the access address of deletion, and between Primary VLAN and Secondary VLAN, carry out the Synchronous Processing of access address.
By technique scheme as can be seen, realization of the present invention has guaranteed the synchronism of the address of writing down in the address table under the independent VLAN mode of learning, promptly realized in PVLAN mac address table between each VLAN synchronously, avoided in network, occurring a large amount of broadcasting packets, saved limited communication network resource, thereby made communication network provide bigger bandwidth resources for the user; Simultaneously, realization of the present invention has also improved the security performance of network service.In addition, realization of the present invention has also improved under the IVL mode greatly searches the efficient of mac address table, thereby has improved the performance that communication network E-Packets.
Description of drawings
Fig. 1 is the networking structure schematic diagram of PVLAN;
Fig. 2 is the management schematic diagram of VLAN among the PVLAN;
MAC Address simultaneous operation process when Fig. 3 sets up PVLAN for the present invention;
Fig. 4 is for increasing the simultaneous operation process of MAC Address among the present invention;
Fig. 5 is the simultaneous operation process of deletion MAC Address among the present invention;
Fig. 6 is for removing among the present invention or operating process when changing PVLAN.
Embodiment
The existing narration in content of the present invention front, existing is that example is described further the specific embodiment of the present invention with PVLAN.Under IVL (independent VLAN study) pattern, not sharing owing to MAC Address between the server among main frame among the SecondaryVLAN of PVAN and the Primary VLAN, so can only realize mutual information exchange by the mode of broadcasting, it is obvious that a large amount of broadcasting packets must influence the performance of network in the network.For this reason, the problem that the present invention need solve is to realize the shared of MAC Address between Secondary VLAN and the Primary VLAN under the IVL pattern, guarantee that promptly same MAC Address exists simultaneously in Secondary VLAN and Primary VLAN, the MAC Address that is to say a user must be added in adding place port default VLAN to be needed to share among other VLAN of this MAC Address, we can be called this MAC Address that exists among other VLAN " shadow address ", with convenient following narration.As shown in Figure 2, for the downlink port of LAN switch LanSwitch, 1 MAC Address has 1 shadow address; Uplink port for switch LanSwitch, 1 MAC Address has n shadow address, wherein n is the number of the Secondary VLAN that comprises of PrimaryVLAN, the present invention will make the mac address table of each VLAN in the PVLAN under the IVL realize synchronously, and promptly described MAC Address and its shadow address increase or deletion in each VLAN simultaneously.
Operation to MAC Address in the mac address table can be divided into two classes: static configuration and Dynamic Maintenance.Static configuration is the operation that the user adds, deletes and revise mac address table automatically.Dynamic Maintenance then is the operation that switch carries out address learning automatically, wears out and delete according to port status and the situation that receives message.MAC Address in the mac address table can also be divided into two big classes according to ageing time: can wear out and can not wear out.For the address that can not wear out, normally dispose and safeguard by the user; The address that can wear out then both can also can Dynamic Maintenance by user configuration, will be deleted automatically by switch if this address never sends message in the time interval of setting.
With reference to the maintenance mode on the MAC face of land in the above-mentioned existing switch, but the present invention considers to solve the address synchronization problem the PVLAN under the IVL mode from Synchronous Processing that can not aged MAC addresses and two aspects of Synchronous Processing of aged MAC addresses.Interpolation that wherein can not aged MAC addresses and deletion be all by user's configure trigger, so for can not aged MAC addresses just passable as long as carry out the mac address table synchronous maintenance of each VLAN on the time point of user's operation.As the user B among Fig. 2, can its MAC Address be added among Primary VLAN and the Secondary VLAN1 by user's configuration, address state all is made as and can not wears out, and before the keeper deleted them, user B can well carry out Network like this.That is: in Primary VLAN, add, delete the address, then in all Secondary VLAN, add, delete the shadow address; In Secondary VLAN, add, delete the address, then in Primary VLAN, add, delete the shadow address.Simultaneously,, need to give each address to increase an address mark position, improve the validity that mac address table is safeguarded for user configured address and the shadow address of can not wearing out among the VLAN made a distinction.And for wearing out MAC Address, because the influence that safeguarded by system dynamics, so only by user's configuration operation can't realize each VLAN mac address table synchronously, and need with reference to processing procedure that can not aged MAC addresses, the ageing time of shadow address is set to and can not wears out, and triggers the respective handling process of shadow address when adding or delete MAC Address.
Be described further below in conjunction with accompanying drawing specific implementation process of the present invention:
When PVLAN sets up, for improving treatment effeciency, consider that existing dynamic MAC address can relearn by message, so can remove all the worn out addresses among Primary VLAN and the SecondaryVLAN earlier, only keep and relate to wherein by the user configured address of can not wearing out the synchronization of row addresses of going forward side by side operation; And for avoiding the situation of regeneration shadow address, shadow address, adopted at first and will can not aged MAC addresses be synchronized to SecondaryVLAN among the Primary VLAN, when the MAC Address among the Secondary VLAN is synchronized to Primary VLAN, then check and get rid of shadow address in the mac address table, judge whether MAC Address is that the foundation of shadow address is whether the address mark position of this MAC Address is set, if be set, then be defined as the shadow address; Now the MAC Address synchronizing process in conjunction with each VLAN of Fig. 3 when setting up PVLAN is elaborated:
Step 301: in communication network, set up PVLAN as required, determine Primary VLAN and Secondary VLAN that PVLAN comprises, determine the mac address table index of described each VLAN simultaneously;
Step 302:, obtain the ageing state of MAC Address, i.e. ageing time according to the mac address table of the mac address table index of Primary VLAN traversal PrimaryVLAN;
Step 303: whether the ageing time of judging MAC Address is to wear out, if, execution in step 304, otherwise, execution in step 305, but ageing time is an aged MAC addresses in the mac address table to remove;
Step 304: can not aged MAC addresses add the mac address table of all the Secondary VLAN under the Primary VLAN to, and, represent that this MAC Address is the shadow address position, address mark position, and execution in step 306;
The purpose of this step is with can not aged MAC addresses be synchronized among all Secondary VLAN corresponding with it among Primary VLAN, be to increasing and delete effective management of MAC Address simultaneously, also the MAC Address that will pass by has synchronously been made mark, is labeled as the shadow address;
Step 305: but deletion should aged MAC addresses, and execution in step 6, but because aged MAC addresses can be learnt, and then carry out the corresponding synchronous operating process in study in the address learning process, so herein with its deletion;
Step 306: judging whether mac address table among the Primary VLAN travels through finishes, if then execution in step 307, otherwise execution in step 302 continues this mac address table of traversal, obtains the next MAC Address in the address table;
Step 307: the mac address table of determining this Secondary VLAN that need travel through each Secondary VLAN under Primary VLAN successively;
In PVLAN, comprise a plurality of Secondary VLAN usually among a Primary VLAN, therefore, at first need the mac address table index of a Secondary VLAN of definite needs traversal;
Step 308: travel through this mac address table according to the mac address table index of determining, obtain the ageing time and the address mark position of MAC Address;
Step 309: whether the ageing time of judging MAC Address is to wear out, if, execution in step 311, otherwise, execution in step 310;
Step 310: but aged MAC addresses is somebody's turn to do in deletion, and execution in step 313;
Step 311: judge whether the address mark position that this can not aged MAC addresses is set, and whether is the shadow address promptly, if, execution in step 313, otherwise, execution in step 312;
This step has avoided the shadow address to generate new shadow address once more;
Step 312: this can not aged MAC addresses be added in the mac address table of Primary VLAN, and, represent that this MAC Address is the shadow address with its position, address mark position;
Step 313: judge whether to travel through the mac address table of this Secondary VLAN of finishing, if, execution in step 314, otherwise, execution in step 308;
Step 314: judge whether to have traveled through the mac address table of SecondaryVLAN all under this Primary VLAN,, otherwise continue execution in step 7 if the address synchronization process when PVLAN sets up finishes.
After address synchronization process when setting up PVLAN is finished, the Primary VLAN of PVLAN after then needing to determine to set up and the synchronous maintenance process of the mac address table among the Secondary VLAN, after PVLAN sets up and finishes among the present invention, be mac address table synchronous of realizing each VLAN according to user configuration and Dynamic Maintenance, and no matter be that the user disposes or Dynamic Maintenance is increase or the deletion of the address information realization of operation as required to this address, and in conjunction with the configuring condition of PVLAN the MAC Address of each VLAN is carried out synchronously, need the address information of operation to comprise: affiliated VLAN, MAC Address, ageing time, the address mark position, the port that uses etc.In fact the address synchronization maintenance process of PVLAN after the foundation comprises: the Synchronous Processing process when Synchronous Processing process when adding MAC Address and deletion MAC Address.
The address synchronization process operation of PVLAN is referring to Fig. 4 during described increase MAC Address, and adding MAC Address can be that operation is added in the address that the user carries out, and also can be to learn the address that new MAC Address causes to add operation, specifically may further comprise the steps:
Step 401: the mac address information that determine to need adds comprises VLAN, MAC Address value, access interface, address mark position, the ageing time of address etc. of acquiescence of the MAC Address of needs interpolation;
Step 402: whether the VLAN of the access interface information of the MAC Address of the Tian Jiaing MAC Address acquiescence of judge adding is the Primary VLAN among the PVLAN as required, if, execution in step 404, otherwise, execution in step 403;
Step 403: the port information of the MAC Address of Tian Jiaing judges that whether the VLAN of this MAC Address acquiescence is the Secondary VLAN among the PVLAN as required, if, execution in step 410, otherwise process finishes;
The VLAN of the MAC Address acquiescence of promptly adding if desired is neither Primary VLAN neither Secondary VLAN, and then this synchronizing process of adding MAC Address finishes;
Step 404: from all Secondary VLAN of this Primary VLAN correspondence, determine the mac address table of this Secondary VLAN that need travel through successively, and obtain the index of this mac address table;
Step 405: travel through MAC Address in this mac address table according to the MAC Address index, and judge whether the MAC Address that needs to add is present in this mac address table, if exist, execution in step 406, otherwise, execution in step 408;
Step 406: whether the ageing time of judging the MAC Address of the needs interpolation that is present in this mac address table is to wear out, if then execution in step 409, otherwise, execution in step 407;
Step 407: the MAC Address that needs add is deleted from this mac address table, and execution in step 408;
This step also directly the ageing time of this MAC Address be set to and can not wear out, for it is provided with the address mark position, and set, execution in step 409;
Step 408: the MAC Address that needs are added is added in the mac address table of SecondaryVLAN of this traversal, and its ageing time is set to and can not wears out, and position, address mark position represents that this address is the shadow address, and execution in step 409;
Step 409: whether the mac address table of judging all the Secondary VLAN under the Primary VLAN has all traveled through and has finished, if, terminal procedure then, otherwise, execution in step 404 continued;
Step 410: the Primary VLAN that obtains this Secondary VLAN correspondence;
Step 411: judge in the mac address table of this Primary VLAN whether have this MAC Address that need add, if then execution in step 412, otherwise, execution in step 414;
Step 412: whether the address aging time of judging the MAC Address of this existence is to wear out, if, terminal procedure, otherwise, execution in step 413;
Step 413: delete this MAC Address in the mac address table that is present in Primary VLAN, execution in step 414;
This step also directly the ageing time of this MAC Address be set to and can not wear out, for it is provided with the address mark position, and set, and the end address synchronizing process;
Step 414: the MAC Address that needs add is added in the mac address table of Primary VLAN, and its address aging time is set to and can not wears out, and position, address mark position represents that this address is the shadow address.
The address synchronization process operation of PVLAN is referring to Fig. 5 during described deletion MAC Address, the deletion MAC Address can be the address deletion action that the user carries out, also can be the address deletion action that when ageing timer is overtime in the system worn out and cause in the address, specifically may further comprise the steps:
Step 501: determine to need the mac address information of deletion, comprise VLAN, MAC Address value, access interface, the address mark position of the acquiescence of the MAC Address that needs are deleted, the ageing time of address etc.;
Step 502: whether the VLAN of the MAC Address acquiescence of the needs of judgement deletion is the Primary VLAN among the PVLAN, if, execution in step 504, otherwise, execution in step 503;
Step 503: whether the VLAN that judge to need the MAC Address acquiescence of deletion is the Secondary VLAN among the PVLAN, if, execution in step 509, otherwise process finishes;
Step 504: from all Secondary VLAN of this Primary VLAN correspondence, determine the mac address table of this Secondary VLAN that need travel through successively, and obtain the index of this mac address table;
Step 505: travel through MAC Address in this mac address table according to the MAC Address index, and judge to need the MAC Address of deletion whether to be present in this mac address table, if exist, execution in step 506, otherwise, execution in step 508;
Step 506: whether the MAC Address of judging the needs deletion that is present in this mac address table is that ageing time is set to and can not wears out, and the address mark position is set (this MAC Address is the shadow address), if then execution in step 507, otherwise, execution in step 508;
Step 507: the MAC Address that will need to delete is deleted from this mac address table, and execution in step 508;
Step 508: whether the mac address table of judging all the Secondary VLAN under the Primary VLAN has all traveled through and has finished, if, terminal procedure then, otherwise, execution in step 504 continued;
Step 509: the Primary VLAN that obtains this Secondary VLAN correspondence;
Step 510: judge in the mac address table of this Primary VLAN whether have this MAC Address that need delete, if then execution in step 511, otherwise process finishes;
Step 511: whether the MAC Address of judging this existence is that ageing time is set to and can not wears out, and the address mark position is set, if not, terminal procedure, otherwise, execution in step 512;
Step 512: delete this MAC Address in the mac address table that is present in Primary VLAN, process finishes.
In a word, when in PVLAN, adding MAC Address,, then in each Secondary VLAN of its correspondence, increase the shadow address of this MAC Address if the MAC Address of adding is the address among the Primary VLAN; If the address among the Secondary VLAN, then the shadow address of this MAC Address of increase in its corresponding Primary VLAN; When the MAC Address of deletion among the PVLAN, if the MAC Address of deletion is the address among the Primary VLAN, the shadow address of this MAC Address of deletion in each Secondary VLAN of its correspondence then; If the address among the SecondaryVLAN, then the shadow address of this MAC Address of deletion in its corresponding Primary VLAN.
Realization of the present invention also comprises to be removed or when changing among the PVLAN Primary VLAN and SecondaryVLAN mapping relations, deletion action to shadow address in the mac address table of Primary VLAN and Secondary VLAN, concrete specific implementation flow process may further comprise the steps referring to Fig. 6:
Step 601: Primary VLAN and SecondaryVLAN among the PVLAN that determines to need to remove;
Step 602: travel through the mac address table of each VLAN among the PVLAN successively, obtain the ageing time and the address mark position of each MAC Address;
Step 603: judge whether this MAC Address is that ageing time is to wear out, and the address mark position is set, if then execution in step 604, otherwise, execution in step 605;
Step 604: delete this MAC Address, and execution in step 605;
Step 605: whether the mac address table of judging current traversal travels through and finishes, if process finishes, otherwise, execution in step 606;
Step 606: obtain the ageing time and the address mark position of the next MAC Address in the mac address table, and execution in step 603.
Through the description of said process, realized that the shadow address can be removed effectively, so that set up new PVLAN, begins new address synchronization process when removing the VLAN that change PVLAN comprises.
Claims (13)
1, a kind of independent VLAN mode of learning is realized the method for address synchronization down, it is characterized in that comprising:
Increase the address synchronization processing procedure of access address among the independent VLAN: access address is added among the VLAN of its access interface acquiescence, simultaneously described access address is added among the VLAN that shares this access address, and will be the position, address mark position of this address setting, the VLAN of the port default that inserts by this access address of this address mark bit representation is not the VLAN that shares this access address;
Delete the address synchronization processing procedure of access address among the independent VLAN: access address is deleted, simultaneously this access address is deleted from the VLAN that shares this access address from the network access equipment of the VLAN of its access interface acquiescence.
2, independent VLAN mode of learning according to claim 1 is realized the method for address synchronization down, it is characterized in that described access address is the medium access control MAC Address, and described MAC Address is deposited in the network access equipment with the form of mac address table.
3, independent VLAN mode of learning according to claim 1 and 2 is realized the method for address synchronization down, it is characterized in that the address synchronization processing procedure of access address among the independent VLAN of described increase also comprises: the ageing time that adds the access address among the VLAN that shares this access address cannot not be set to agingly.
4, independent VLAN mode of learning according to claim 3 is realized the method for address synchronization down, it is characterized in that: when the ageing time of the access address in adding the access interface default vlan cannot not be set to agingly, the address synchronization processing procedure of access address was carried out by order line by the user among the independent VLAN of described deletion.
5, independent VLAN mode of learning according to claim 3 is realized the method for address synchronization down, it is characterized in that: when the ageing time of the access address in the adding access interface default vlan was set to wear out, the address synchronization processing procedure of access address was carried out or is carried out by order line by the user by the ageing timer triggering of this access address among the independent VLAN of described deletion.
6, independent VLAN mode of learning according to claim 1 and 2 is realized the method for address synchronization down, it is characterized in that described this access address is deleted from the VLAN that shares this access address further comprises:
Determine to share the VLAN of this access address;
From the address table of the described VLAN that determine to share this access address, search this access address;
Address mark position according to this access address judges whether to be shared access address, if, then delete this access address, otherwise, do not deal with.
7, independent VLAN mode of learning according to claim 1 is realized the method for address synchronization down, it is characterized in that described independent VLAN comprises: the upper strata VLANPrimary VLAN among the private virtual local area network PVLAN and two layers of VLAN Secondary VLAN.
8, independent VLAN mode of learning according to claim 7 is realized the method for address synchronization down, it is characterized in that this method also comprises the address synchronization process when PVLAN sets up:
Mac address table among the traversal Primary VLAN, and wherein but ageing time is the aged MAC addresses deletion, can not aged MAC addresses add in the mac address table of Secondary VLAN, ageing time still cannot not be set to agingly, simultaneously with its position, address mark position;
The mac address table of traversal Secondary VLAN, wherein but ageing time is the aged MAC addresses deletion, with ageing time for can not wear out and the address mark position not the MAC Address of set add in the mac address table of Primary VLAN, simultaneously with its position, address mark position.
9, independent VLAN mode of learning according to claim 7 is realized the method for address synchronization down, it is characterized in that the address synchronization processing procedure of access address comprises among the independent VLAN of described increase:
The VLAN of the MAC Address acquiescence that determine to need increases is Primary VLAN or SecondaryVLAN, and obtains described Secondary VLAN or the Primary VLAN that needs the VLAN correspondence of the MAC Address acquiescence that increases;
Judge the MAC Address that whether exists needs to increase among corresponding Secondary VLAN or the Primary VLAN;
If there is no, then in described Secondary VLAN or Primary VLAN, add this MAC Address that need increase, and with position, address mark position;
If exist, judge that then whether the ageing time of this MAC Address that need increase that exists is for not aging;
If for aging, judge further that then corresponding VLAN is Secondary VLAN or Primary is VLAN;
If corresponding VLAN is Secondary VLAN, then continue to judge the MAC Address that whether exists needs to increase among the corresponding Secondary VLAN of the affiliated Primary VLAN of other and this Secondary VLAN, if do not exist, then in described other Secondary VLANs corresponding, add this MAC Address that need increase with Primary VLAN under this Secondary VLAN, as if existence and for wearing out, then delete the MAC Address that in described other SecondaryVLANs corresponding, exists with Primary VLAN under this Secondary VLAN, and in described other Secondary VLANs corresponding, add this MAC Address that need increase with Primary VLAN under this Secondary VLAN, as if existence and for aging, then do not process, all be performed up to all Secondary VLAN corresponding and finish with this PrimaryVLAN;
If corresponding VLAN is Primary VLAN, then process finishes;
If can wear out, then delete the MAC Address that exists among described Secondary VLAN or the Primary VLAN, and in described Secondary VLAN or Primary VLAN, add this MAC Address that need increase, and with this MAC Address flag bit set.
10, independent VLAN mode of learning according to claim 7 is realized the method for address synchronization down, it is characterized in that the address synchronization processing procedure of access address comprises among the independent VLAN of described deletion:
Determine needing the VLAN of the MAC Address acquiescence of deletion is Primary VLAN or SecondaryVLAN, and obtains the Secondary VLAN or the Primary VLAN of the VLAN correspondence of the described MAC Address acquiescence that needs deletion;
Judge the MAC Address that whether has the needs deletion among corresponding Secondary VLAN or the Primary VLAN;
If exist, then obtain the address mark position and the ageing time of this MAC Address, if ageing time is to wear out, and position, address mark position, the MAC Address of the needs deletion that exists among the Secondary VLAN of then deletion correspondence or the Primary VLAN, otherwise, by not existing this MAC Address to handle;
If there is no, further judge that then corresponding VLAN is Secondary VLAN or Primary is VLAN;
If corresponding VLAN is Secondary VLAN, then continue to judge the MAC Address that whether has the needs deletion among the corresponding Secondary VLAN of the affiliated Primary VLAN of other and this Secondary VLAN, if exist, then delete the MAC Address that this need be deleted, all be performed up to all Secondary VLAN corresponding and finish with this Primary VLAN;
If corresponding VLAN is Primary VLAN, then process finishes.
11, independent VLAN mode of learning according to claim 7 is realized the method for address synchronization down, it is characterized in that this method also comprises when removing among the PVLAN Primary VLAN and SecondaryVLAN corresponding relation the delete procedure of the MAC Address of position, address mark position:
Obtaining needs to remove Primary VLAN and the Primary VLAN of Secondary VLAN corresponding relation and all corresponding Secondary VLAN thereof among the PVLAN;
The mac address table of traversal Primary VLAN and corresponding all Secondary VLAN thereof, for wearing out, and the MAC Address of position, address mark position is deleted from mac address table with ageing time.
12, according to the method that realizes address synchronization under claim 1 or the 7 described independent VLAN modes of learning, it is characterized in that:
The address synchronization processing procedure of access address among the independent VLAN of described increase is to carry out when increasing access address;
The address synchronization processing procedure of access address is to carry out in the deletion access address among the independent VLAN of described deletion.
13, according to the method that realizes address synchronization under claim 1 or the 7 described independent VLAN modes of learning, it is characterized in that: the address synchronization processing procedure of access address is to carry out in the cycle with the address synchronization processing procedure of deleting access address among the independent VLAN among the independent VLAN of described increase, increase among the Primary VLAN of the promptly periodic PVLAN of determining and the Secondary VLAN or the access address of deletion, and between Primary VLAN and Secondary VLAN, carry out the Synchronous Processing of access address.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CNB031440827A CN100334849C (en) | 2003-07-31 | 2003-07-31 | Method for realizing address synchronization in independant virtual LAN learning mode |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CNB031440827A CN100334849C (en) | 2003-07-31 | 2003-07-31 | Method for realizing address synchronization in independant virtual LAN learning mode |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN1581819A CN1581819A (en) | 2005-02-16 |
| CN100334849C true CN100334849C (en) | 2007-08-29 |
Family
ID=34579583
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CNB031440827A Expired - Fee Related CN100334849C (en) | 2003-07-31 | 2003-07-31 | Method for realizing address synchronization in independant virtual LAN learning mode |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN100334849C (en) |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN103414801A (en) * | 2013-08-12 | 2013-11-27 | 杭州华三通信技术有限公司 | Method and device for synchronizing medium access control addresses in stacking system |
Families Citing this family (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN100435528C (en) * | 2005-08-29 | 2008-11-19 | 杭州华三通信技术有限公司 | Method for reducing learning of media accessing control address in network |
| CN100382531C (en) * | 2005-10-28 | 2008-04-16 | 杭州华三通信技术有限公司 | Switching in method for virtual special network and realizing apparatus |
| CN101505282B (en) * | 2009-03-31 | 2013-01-16 | 杭州华三通信技术有限公司 | Method and equipment for deleting VLAN information |
| CN101572668B (en) * | 2009-05-21 | 2012-10-10 | 中兴通讯股份有限公司 | Method for deleting MAC addresses and device therefor |
| CN103227757B (en) | 2012-08-31 | 2016-12-28 | 杭州华三通信技术有限公司 | A kind of message forwarding method and equipment |
Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| JPH11150553A (en) * | 1997-11-17 | 1999-06-02 | Nec Corp | Switching hub with virtual lan function |
| US6111874A (en) * | 1997-02-14 | 2000-08-29 | Advanced Micro Devices, Inc. | Shared address table with source and destination two-pass algorithm |
| US6188694B1 (en) * | 1997-12-23 | 2001-02-13 | Cisco Technology, Inc. | Shared spanning tree protocol |
| CN1411213A (en) * | 2002-11-14 | 2003-04-16 | 烽火通信科技股份有限公司 | Ethernet switch in net virtual local network switch in technique |
| CN1426199A (en) * | 2001-12-13 | 2003-06-25 | 华为技术有限公司 | Method for managing users in wide hand city network |
-
2003
- 2003-07-31 CN CNB031440827A patent/CN100334849C/en not_active Expired - Fee Related
Patent Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US6111874A (en) * | 1997-02-14 | 2000-08-29 | Advanced Micro Devices, Inc. | Shared address table with source and destination two-pass algorithm |
| JPH11150553A (en) * | 1997-11-17 | 1999-06-02 | Nec Corp | Switching hub with virtual lan function |
| US6188694B1 (en) * | 1997-12-23 | 2001-02-13 | Cisco Technology, Inc. | Shared spanning tree protocol |
| CN1426199A (en) * | 2001-12-13 | 2003-06-25 | 华为技术有限公司 | Method for managing users in wide hand city network |
| CN1411213A (en) * | 2002-11-14 | 2003-04-16 | 烽火通信科技股份有限公司 | Ethernet switch in net virtual local network switch in technique |
Cited By (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN103414801A (en) * | 2013-08-12 | 2013-11-27 | 杭州华三通信技术有限公司 | Method and device for synchronizing medium access control addresses in stacking system |
| CN103414801B (en) * | 2013-08-12 | 2016-08-17 | 杭州华三通信技术有限公司 | The method and apparatus of Media Access Controlled address synchronization in a kind of pile system |
Also Published As
| Publication number | Publication date |
|---|---|
| CN1581819A (en) | 2005-02-16 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| EP1757028B1 (en) | A method for providing efficient multipoint network services | |
| US9154330B2 (en) | Method and device of link aggregation and method and system for transceiving MAC frames | |
| CN111638957B (en) | Method for realizing cluster sharing type public cloud load balance | |
| CN109660442B (en) | Method and device for multicast replication in Overlay network | |
| EP2612468A1 (en) | A control apparatus, a communication system, a communication method and a recording medium having recorded thereon a communication program | |
| CN104022960A (en) | Method and device realizing PVLAN through OpenFlow protocol | |
| CN103139037A (en) | Method and device used for achieving flexible virtual local area network | |
| CN1533108A (en) | Method for realizing dynamic gateway load sharing and backup | |
| CN101616014A (en) | A kind of method that realizes cross-virtual private local area network multicast | |
| CN100435528C (en) | Method for reducing learning of media accessing control address in network | |
| CN100586088C (en) | Method for realizing virtual LAN aggregation and aggregation exchanger | |
| CN101572669A (en) | Transmitting method of VPN message as well as allocating and deleting method of the router marks thereof | |
| CN106899478B (en) | Method for realizing resource elastic expansion of power test service through cloud platform | |
| Saigushev et al. | Information systems at enterprise. Design of secure network of enterprise | |
| CN101364889A (en) | Method for multicast user quick access | |
| CN101729355A (en) | Method for realizing particular virtual local area network and device | |
| CN100334849C (en) | Method for realizing address synchronization in independant virtual LAN learning mode | |
| CN100413260C (en) | Method for configurating slave node of virtual LAN | |
| CN100479371C (en) | Method of broadcast transmitting message and an exchange equipment | |
| JP2003244185A (en) | Vlan and vlan frame switching apparatus | |
| CN101304338B (en) | Method and apparatus for discovering equipment in multi-protocol label switching three-layer VPN | |
| CN105376231A (en) | Method and device for realizing service isolation | |
| CN1277378C (en) | Two-layer message isolating method | |
| US20180198708A1 (en) | Data center linking system and method therefor | |
| CN103354567A (en) | Method for synchronizing media access control (MAC) addresses and device |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C14 | Grant of patent or utility model | ||
| GR01 | Patent grant | ||
| CF01 | Termination of patent right due to non-payment of annual fee |
Granted publication date: 20070829 Termination date: 20150731 |
|
| EXPY | Termination of patent right or utility model |