CN104734981B - A kind of method that MPLS VPN service traffics are accurately recognized based on equipment interconnecting relation - Google Patents
A kind of method that MPLS VPN service traffics are accurately recognized based on equipment interconnecting relation Download PDFInfo
- Publication number
- CN104734981B CN104734981B CN201510173272.6A CN201510173272A CN104734981B CN 104734981 B CN104734981 B CN 104734981B CN 201510173272 A CN201510173272 A CN 201510173272A CN 104734981 B CN104734981 B CN 104734981B
- Authority
- CN
- China
- Prior art keywords
- equipment
- mpls vpn
- service
- vpn
- interconnecting relation
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Abstract
The invention discloses a kind of method that MPLS VPN service traffics are accurately recognized based on equipment interconnecting relation, including service provider equipment P, edge router PE and customer edge CE, described method is to utilize the interconnecting relation between MPLS VPN networking structures and equipment:(1) VPN is bundled in PE equipment in MPLS VPN networking structures;(2) by gathering the interconnecting relation between PE equipment, analyzing and positioning flow source port and destination interface, and pass through many device data association analysis, NetStream/Netflow incoming traffic statistical function is enabled in PE1 and PE2 simultaneously, derive identification and be converted into and flow through PE1, MPLS vpn service flows between PE2, so as to more accurately count the service traffics data between the edge router PE of service provider backbone and equipment P, service traffics are not recognized by label, it is associated using the data on flows of source port and destination interface, analysis, calculate, so as to realize the identification of MPLS vpn service flows.
Description
Technical field
The present invention relates to a kind of method of network service traffic, specific design one kind is accurately recognized based on equipment interconnecting relation
The method of MPLS VPN service traffics, belongs to network management technology field.
Background technology
MPLS VPN refer to build IP private networks in backbone IP network using MPLS (multi protocol label conversion) technology, realized
The multiple services communication such as cross-region, safety, high speed, reliable data, voice, image.
MPLS VPN are based on service provider edge router (PE:Provider Edge) VPN technologies, it uses side
Boundary gateway protocol BGP (Border Gateway Protocol), VPN routes are issued on service provider backbone, are used
MPLS forwards VPN messages on service provider backbone.
Flow analysis to MPLS VPNs, can help network manager to find the bottleneck of Internet resources in time, and
Internet resources are optimized according to the development of business in time, are failure of the network management personnel during the network planning, daily O&M
Positioning provides effective decision support.
The flow analysis method to MPLS VPNs is (number of patent application at present:200910169601.4):Every PE
Equipment adds the private network tags corresponding with the VPN belonging to the data flow for the data flow of its forwarding, and in flow analysis system
The middle identification information and the corresponding relation of private network tags for recording the private network VPN in the VPN corresponding to all PE equipment, first
The traffic statistics generated according to different private network tags that flow analysis system receiving router is reported, then according to private network
Label, the traffic statistics based on private network VPN are generated according to its corresponding relation, so as to realize different VPN flow identification.
The process step of this method is as shown in Figure 1:
1st, flow analysis servers need respectively each PE equipment to distribute different available private network tags;
2nd, flow analysis servers must obtain all PE in the device id of PE equipment used in current system, current system
Private network tags determined by the identification information of private network VPN corresponding to equipment, each PE equipment corresponding to each private network VPN;
3rd, flow analysis servers generate and preserve the device id of all PE equipment, private network VPN identification information in system
With the corresponding relation of private network tags.
The problem of existing method is present:
1st, distribute comprehensive label by flow analysis servers, there is potential safety hazard, if PE to server route not
When reachable, then PE can not obtain private network tags;After Analysis server delays machine, the whole network can not all obtain private network tags;
2nd, there is incipient fault for data security using fixed labels, by analyzing the packet that packet capturing software is caught, energy
Enough contents according to tag resolution message;
3rd, this method is to distribute private network tags by flow analysis servers, if to realize this purpose, it is necessary to BGP
(Border Gateway Protocol, Border Gateway Protocol) is transformed, and existing PE equipment vendors are assisted using MBGP mostly
View distribution vpn label, it is impossible to support flow analysis system to distribute vpn label for VPN, therefore the practicality of this method is not high;
4th, for the scene across AS domains, especially for different operators across AS situation, this method can only recognize Home Network
VPN flows, and the flow of None- identified bipartite network.
The content of the invention
It is right the invention provides a kind of method that MPLS VPN service traffics are accurately recognized based on equipment interconnecting relation
Existing flow identification technology is improved, i.e., service traffics are not recognized by label, but utilize source port and destination
The data on flows of mouth is associated, analyzes, calculated, so as to realize the identification of MPLS vpn service flows.
In order to solve the above technical problems, the embodiment of the present application provides one kind accurately recognizes MPLS based on equipment interconnecting relation
The method of VPN service traffics, includes the edge router PE and use of service provider equipment P, service provider backbone
Family edge device CE, described method is to utilize the interconnecting relation between MPLS VPN networking structures and equipment:(1)MPLS VPN
VPN is bundled in PE equipment in networking structure;(2) by gathering the interconnecting relation between PE equipment, analyzing and positioning flow source
Mouth and destination interface, and by many device data association analysis, while enabling NetStream/Netflow's in PE1 and PE2
Incoming traffic statistical function, derives and recognizes and be converted into and flow through MPLS vpn service flows between PE1, PE2, so that more smart
The true service traffics data counted between the edge router PE of service provider backbone and service provider equipment P.
One or more technical schemes that the application is provided, have at least the following technical effects or advantages:
Existing flow identification technology is improved, i.e., service traffics are not recognized by label, but utilize source
The data on flows of mouth and destination interface is associated, analyzes, calculated, so as to realize the identification of MPLS vpn service flows.
Brief description of the drawings
In order to illustrate more clearly about the embodiment of the present invention or technical scheme of the prior art, below will be to embodiment or existing
There is the accompanying drawing used required in technology description to be briefly described, it should be apparent that, drawings in the following description are only this hairs
Some bright embodiments, for those of ordinary skill in the art, without having to pay creative labor, can be with
Other accompanying drawings are obtained according to these accompanying drawings.
Fig. 1 is prior-art illustration;
Fig. 2 is the structure chart of the embodiment of the present application one.
Embodiment
It is right the invention provides a kind of method that MPLS VPN service traffics are accurately recognized based on equipment interconnecting relation
Existing flow identification technology is improved, i.e., service traffics are not recognized by label, but utilize source port and destination
The data on flows of mouth is associated, analyzes, calculated, so as to realize the identification of MPLS vpn service flows.
In order to be better understood from above-mentioned technical proposal, below in conjunction with Figure of description and specific embodiment to upper
Technical scheme is stated to be described in detail.
Embodiment one:
Reference picture 2, in order to solve the above technical problems, the embodiment of the present application is there is provided a kind of accurate based on equipment interconnecting relation
The method for recognizing MPLS VPN service traffics, includes the edge route of service provider equipment P, service provider backbone
Device PE and customer edge CE, described method is to utilize the interconnecting relation between MPLS VPN networking structures and equipment:(1)
VPN is bundled in PE equipment in MPLS VPN networking structures;(2) by gathering the interconnecting relation between PE equipment, analyzing and positioning
Flow source port and destination interface, and by many device data association analysis, while enabling NetStream/ in PE1 and PE2
Netflow incoming traffic statistical function, derives and recognizes and be converted into and flow through MPLS vpn service streams between PE1, PE2
Amount, so as to more accurately count the industry between the edge router PE of service provider backbone and service provider equipment P
Business data on flows.
PE2 MPLS vpn service method of flow is flowed through in identification PE1:
Due to being None- identified PE1- in PE1>PE2MPLS vpn service flows, therefore flowed to identify in PE1
MPLS vpn services flow through PE2 is, it is necessary to using PE2 traffic statistics, the interface in PE2 by being connected with CE2
MPLS vpn service flows are recognized, that is, have following identification operational approach:
The flow flowed into PE1 into PE2 service traffics=PE2 from PE1, and the interface by being connected in PE2 with CE2
Recognize MPLS vpn service flows
MPLS vpn service method of calculating flux from PE1 to P1:
Flow from PE1 to P1 includes CE1->PE1->P1、CE2->PE2->PE1->P1 flow, and PE2 to PE1
Flow includes CE2->PE2->PE1->P1、P2->PE2->PE1->CE1 flow, therefore calculate the meter of the flow from PE1 to P1
Calculate formula as follows:
All Output interfaces are the flows of PE1 to P1 interface in MPLS vpn services flow=PE1 from PE1 to P1
In summation+PE2 all Output interfaces be PE2 to PE1 interface flow summation-PE2 in all Input interfaces be that P2 is arrived
PE2 interface and Output interfaces are the flow summations of PE2 to PE1 interface, while recognizing that outflow is held according to Input interfaces
The MPLS vpn services of load
MPLS vpn service method of calculating flux from P1 to PE1
Flow from P1 to PE1 includes P1->PE1->CE1、P1->PE1->PE2->CE2 flow, and PE1 to PE2
Flow includes P1->PE1->PE2->CE2、CE1->PE1->PE2->P2 flow, therefore calculate the meter of the flow from P1 to PE1
Calculation method is as follows:
All Input interfaces are the flows of P1 to PE1 interface in MPLS vpn services flow=PE1 from P1 to PE1
In summation+PE2 all Input interfaces be PE1 to PE2 interface flow summation-PE2 in all Output interfaces be that PE2 is arrived
P2 interface and Input interfaces are the flow summations of PE1 to PE2 interface, while recognizing that outflow is held according to Output interfaces
The MPLS vpn services of load.
One or more technical schemes that the application is provided, have at least the following technical effects or advantages:
Existing flow identification technology is improved, i.e., service traffics are not recognized by label, but utilize source
The data on flows of mouth and destination interface is associated, analyzes, calculated, so as to realize the identification of MPLS vpn service flows.
, but those skilled in the art once know basic creation although preferred embodiments of the present invention have been described
Property concept, then can make other change and modification to these embodiments.So, appended claims are intended to be construed to include excellent
Select embodiment and fall into having altered and changing for the scope of the invention.
Obviously, those skilled in the art can carry out the essence of various changes and modification without departing from the present invention to the present invention
God and scope.So, if these modifications and variations of the present invention belong to the scope of the claims in the present invention and its equivalent technologies
Within, then the present invention is also intended to comprising including these changes and modification.
Claims (1)
1. a kind of method that MPLS VPN service traffics are accurately recognized based on equipment interconnecting relation, it is characterised in that:Including
Service provider equipment P, the edge router PE of service provider backbone and customer edge CE, described method is profit
With the interconnecting relation between MPLS VPN networking structures and equipment:(1) VPN is bundled in PE equipment in MPLS VPN networking structures
On;(2) by gathering the interconnecting relation between PE equipment, analyzing and positioning flow source port and destination interface, and many equipment are passed through
Data relation analysis, while enabling NetStream/Netflow incoming traffic statistical function in PE1 and PE2, derives and knows
Not and it is converted into and flows through MPLS vpn service flows between PE1, PE2, so that it is key more accurately to count service provider
Service traffics data between the edge router PE and service provider equipment P of net.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201510173272.6A CN104734981B (en) | 2015-04-11 | 2015-04-11 | A kind of method that MPLS VPN service traffics are accurately recognized based on equipment interconnecting relation |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201510173272.6A CN104734981B (en) | 2015-04-11 | 2015-04-11 | A kind of method that MPLS VPN service traffics are accurately recognized based on equipment interconnecting relation |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN104734981A CN104734981A (en) | 2015-06-24 |
| CN104734981B true CN104734981B (en) | 2017-10-27 |
Family
ID=53458429
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201510173272.6A Active CN104734981B (en) | 2015-04-11 | 2015-04-11 | A kind of method that MPLS VPN service traffics are accurately recognized based on equipment interconnecting relation |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN104734981B (en) |
Families Citing this family (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN105871602B (en) | 2016-03-29 | 2019-10-18 | 华为技术有限公司 | A kind of control method, device and system counting flow |
| CN110311840A (en) * | 2019-07-31 | 2019-10-08 | 秒针信息技术有限公司 | Network flow identification method, device, equipment and storage medium |
| CN110868352B (en) * | 2019-11-14 | 2022-04-15 | 迈普通信技术股份有限公司 | Private network application identification system and method, SDN controller and P device |
Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US6205488B1 (en) * | 1998-11-13 | 2001-03-20 | Nortel Networks Limited | Internet protocol virtual private network realization using multi-protocol label switching tunnels |
| CN101488925A (en) * | 2009-03-03 | 2009-07-22 | 中兴通讯股份有限公司 | Method for collecting and designing VPN flow by using Netflow |
| CN101631089A (en) * | 2009-08-27 | 2010-01-20 | 杭州华三通信技术有限公司 | Flow calculating method, flow calculating device and flow calculating system based on private network VPN |
| CN101707554A (en) * | 2009-11-18 | 2010-05-12 | 华为技术有限公司 | Method and device for obtaining flow distribution of network |
| CN103746914A (en) * | 2013-12-31 | 2014-04-23 | 华为技术有限公司 | Method, device and system for building corresponding relationship between private network label and primary VRF (VPN (virtual private network) routing and forwarding table) |
-
2015
- 2015-04-11 CN CN201510173272.6A patent/CN104734981B/en active Active
Patent Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US6205488B1 (en) * | 1998-11-13 | 2001-03-20 | Nortel Networks Limited | Internet protocol virtual private network realization using multi-protocol label switching tunnels |
| CN101488925A (en) * | 2009-03-03 | 2009-07-22 | 中兴通讯股份有限公司 | Method for collecting and designing VPN flow by using Netflow |
| CN101631089A (en) * | 2009-08-27 | 2010-01-20 | 杭州华三通信技术有限公司 | Flow calculating method, flow calculating device and flow calculating system based on private network VPN |
| CN101707554A (en) * | 2009-11-18 | 2010-05-12 | 华为技术有限公司 | Method and device for obtaining flow distribution of network |
| CN103746914A (en) * | 2013-12-31 | 2014-04-23 | 华为技术有限公司 | Method, device and system for building corresponding relationship between private network label and primary VRF (VPN (virtual private network) routing and forwarding table) |
Also Published As
| Publication number | Publication date |
|---|---|
| CN104734981A (en) | 2015-06-24 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN103703722B (en) | The method and apparatus of fault detection conversation of booting on P2MP tunnels | |
| EP3151470B1 (en) | Analytics for a distributed network | |
| CN1866868B (en) | Multi protocol label switched network flow managing system, method and device | |
| CN110266592A (en) | The communication means and device of SRV6 network and IP MPLS network | |
| CN107637031A (en) | Path-calculating element central controller (PCECC) for Network | |
| EP3338414A1 (en) | Dynamic vpn policy model with encryption and traffic engineering resolution | |
| CN109863725A (en) | Segment routing based on maximum segment identifier depth | |
| CN101631089B (en) | Flow calculating method, flow calculating device and flow calculating system based on private network VPN | |
| CN101159656B (en) | Packet sampling method, system and equipment | |
| CN110868352B (en) | Private network application identification system and method, SDN controller and P device | |
| CN101156366A (en) | Control system and method for media stream choosing forwarding path in next generation network | |
| CN102195843A (en) | Flow control system and method | |
| US20170310581A1 (en) | Communication Network, Communication Network Management Method, and Management System | |
| CN104734981B (en) | A kind of method that MPLS VPN service traffics are accurately recognized based on equipment interconnecting relation | |
| CN1906902B (en) | Method for transferring packets in networks comprising a plurality of linked intermediate networks | |
| CN103795630B (en) | The message transmitting method and device of a kind of label exchange network | |
| CN103746914A (en) | Method, device and system for building corresponding relationship between private network label and primary VRF (VPN (virtual private network) routing and forwarding table) | |
| JP5303644B2 (en) | Transport control system and transport control server | |
| CN101087257B (en) | Method for realizing service quality for VPN traffic based on Ethernet interface | |
| US20050099947A1 (en) | Apparatus and methods for establishing virtual private networks in a broadband network | |
| CN102377645B (en) | Exchange chip and realization method thereof | |
| CN103888307A (en) | Method, user side board card and broadband access gateway used for optimizing deep packet detection | |
| CN101442468B (en) | Method and apparatus for processing local crossover of VPN route | |
| CA3029862C (en) | System and method for providing a control plane for quality of service | |
| CN106169969A (en) | Set up Virtual Private Network tag changeable path routing method, relevant device and system |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |