CN1297105C - Method for implementing multirole main machine based on virtual local network - Google Patents
Method for implementing multirole main machine based on virtual local network Download PDFInfo
- Publication number
- CN1297105C CN1297105C CNB031013996A CN03101399A CN1297105C CN 1297105 C CN1297105 C CN 1297105C CN B031013996 A CNB031013996 A CN B031013996A CN 03101399 A CN03101399 A CN 03101399A CN 1297105 C CN1297105 C CN 1297105C
- Authority
- CN
- China
- Prior art keywords
- vpn
- message
- role host
- host
- role
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Expired - Fee Related
Links
Abstract
The present invention discloses a method for realizing a multi-role host computer based on a virtual private network (VPN). In the method, a provider edge (PE) router which is connected with a VPN site where a multi-role host computer is positioned is provided with an access control strategy of a VPN retransmitting table of a message which can be accessed by the multi-role host computer. Thus, when the PE router receives a data message from the VPN site, the identity of a host computer which transmits the message is identified according to a source address of the message; if the host computer is the multi-role host computer, then information of a target VPN to be accessed is obtained according to the source address of the message, and the corresponding retransmitting table of the VPN message is searched, and the message is transmitted according to the information, else the message is transmitted according to the VPN attribute of an accessed interface of the host computer. The multi-role host computer based on an operator virtual private network is easy to realize by adopting the scheme and has the advantages of high flexibility and manageability.
Description
Technical field
The present invention relates to VPN(Virtual Private Network), especially relate to the method for the realization multi-role host among the VPN.
Background technology
VPN (Virtual Private Network, Virtual Private Network), be enterprise or specific user colony utilize public network (as the Internet resources of operator) make up the private network of oneself, to satisfy self application demand; By VPN, enterprise or specific user colony can set up safe and reliable connection, transmit data at low cost between its branch, long-distance user, business parnter etc.Traditional VPN network is based upon on the IP technical foundation, and it uses the IP network facility to private wide area network emulation, is that enterprise or specific user colony utilize public ip network to make up the private network of oneself.MPLS/BGP VPN, be that a kind of multiprotocol label switching (mpls) technology and Border Gateway Protocol (BGP) used in public network provides IP VPN service, with it is that the basis has formed RFC2547 standard (RFC, request note agreement, the standard of Internet), the described VPN of this standard is VPN (the Provider Provide VPN that a kind of operator provides, PPVPN), VPN equipment is positioned at network side, provide VPN service by operator for the user, subscriber equipment does not need perception VPN, as long as be connected to the PE equipment that operator provides.With reference to figure 1.Among Fig. 1, service provider's backbone network is made up of P equipment and PE equipment.In the equipment shown in Figure 1:
CE (Custom Edge, Customer Edge router): being a part in the user network, having interface directly to link to each other with the service provider, generally is router, is used for the user site (Site) of VPN is connected to PE.
PE (Provider Edge, the backbone network edge router): i.e. provider edge router is the edge device of carrier network, is the realization body of MPLS/BGP vpn service, it is that each VPN user site is safeguarded an independently routing table, directly links to each other with user's CE.In the MPLS network, all processing of VPN are all occurred on the pe router.
P (Provider, backbone network core router): the P in the carrier network, the CE that mainly gets along well directly links to each other.The P router has the basic transfer capability of MPLS.
Now in the PP vpn solution based on RFC2547, requirement is associated an interface and a VPN instance, be about to this interface and give some VPN attributes, show from the next data service of this interface and all want the associated VPN of access interface, the user who inserts from this interface can only visit this specific VPN in other words, and the data service that flows into from this interface also can only be the business of the VPN that belongs to of this interface equally.But under a lot of the application, can not guarantee under the interface the client all belong to same VPN, for example, some special servers, or some important main frames of government network, the VPN that they can insert and other main frame in the same region are different, these main frames require to have more access rights usually, be not subjected to the restriction of a VPN, promptly require this main frame to have the ability of polygonal look.Also have those to pass through access server authentication by the dialing authentication mode, the client who inserts different VPN then also requires to have the ability of polygonal look, because they are in the same place with other main frames on the region, if insert VPN by same interface, according to the solution of the PP VPN among the RFC2547, just restrict diversity and the particularity of the VPN that these special main frames can insert.In addition, all different words of the VPN that each main frame in a region can be visited like that just do not need access link and certain VPN of this region are associated, and can realize the access of user's VPN according to the actual needs of user's access fully.
In using at present based on the scheme of the PP VPN of RFC2547, for this multi-role host solution is not proposed also, therefore, in actual networking is used, have only so special main frame is inserted PE with independent interface, use the Extranet network topology to solve this problem then.For example in Fig. 2, host PC 1 requires to have the polygonal look ability of visit VPN1 and VPN2, with the edge router PE1 of PC1 with an independent interface or link access carrier, transmits the polygonal look of realizing PC1 by the VPN on the configuration PE1.But like this, when if the VPN that this special main frame can be visited differs greatly, main frame for each VPN visit difference all needs to monopolize an access interface, and VPN quantity and relation all can be gathered expansion like this, will cause the waste and the managerial trouble of a large amount of interface resources.
Summary of the invention
The object of the present invention is to provide a kind of method of the realization multi-role host based on Virtual Private Network, use this method to realize that the polygonal look of main frame has stronger flexibility and manageability.
For achieving the above object, the method for the realization multi-role host based on Virtual Private Network provided by the invention comprises:
On the backbone network edge router PE that multi-role host place virtual private network website is connected, the VPN message that multi-role host can visit is set transmits, the interface of this VPN website is associated with place VPN;
When the backbone network edge router receives data message from above-mentioned VPN website, send the host identities of message according to the source address identification of message, if be multi-role host, obtain the information of purpose VPN again according to the source address of message, transmit and E-Packet according to the corresponding VPN message of this information searching, otherwise, transmit according to the message of VPN under the main frame and to E-Packet.
Static routing of configuration in the transmitting of each VPN that multi-role host need be visited, next of this route jumped and is the VPN interface name of multi-role host place VPN website.
In the associated VPN of the interface of multi-role host place VPN website, do not dispose static routing.
Described static routing is published to VPN inside except that the associated VPN of the interface of multi-role host place VPN website.
When the multi-role host that belongs to same VPN website is two when above, be continuous with the address setting of above-mentioned multi-role host.
When multi-role host was one, described static routing was a main frame route; When multi-role host when being a plurality of, described static routing is a network segment route.
Configuration is for the filtering policy of multi-role host on PE, and should be associated with the interface of the VPN website that comprises multi-role host by strategy, so that when PE receives data message from multi-role host place VPN website, send the host identities of message according to the source address identification of message.
The VPN website that comprises multi-role host is connected to PE by the public network interface.
The invention provides the method for another kind, comprising based on the realization multi-role host of Virtual Private Network:
On the backbone network edge router PE that multi-role host place VPN website is connected, create the virtual private network message that multi-role host can visit and transmit, the interface of this VPN website is associated with place VPN;
When the backbone network edge router received data message from above-mentioned VPN website, the VPN that the main frame that sends message according to the source address and the destination address identification of message can insert transmitted the forwarding user's message according to the message of this VPN.
Set up the VPN access control list on the backbone network edge router, this table comprises source address and VPN field, is used to describe user that the message source address identified and the visit relation of VPN.
Because the mode that the present invention transmits by the VPN message that multi-role host is set on the PE that is connected at multi-role host place VPN website can visits, not only be easy to realize multi-role host based on operator's Virtual Private Network, can also make the multi-role host of realization have stronger flexibility and manageability by configuration on PE for the filtering policy of multi-role host or the multi-role host table is set.
Description of drawings
Fig. 1 is a MPLS/BGP VPN illustraton of model;
Fig. 2 is the implementation method schematic diagram of existing multi-role host;
Fig. 3 is the structure chart of multi-role host visit different VPN;
Fig. 4 is the embodiment flow chart of institute of the present invention book method;
Fig. 5 is the data flow con-trol exemplary plot of multi-role host.
Embodiment
The present invention is described in further detail below in conjunction with accompanying drawing.
In existing PP VPN application scheme based on RFC2547, can only distinguish different VPN by interface, for example in network shown in Figure 3, the website 1 (site1) of VPN1 is by the PE1 equipment of an interface access backbone network, and this interface is bundled under the VPN1.Regulation according to RFC2547, all should transmit from the data service that this interface enters by transmitting of VPN1 the PE1 equipment, that is to say, as long as inserted VPN1, just can't visit again the equipment beyond the VPN1 or visited by the equipment beyond the VPN1, the All hosts that has so just limited among the VPN1 site1 can only belong to VPN1.But in actual networking, often can not guarantee that the VPN attribute of the All hosts among the VPN1 site1 is identical, such as having a station server PC1 in the middle of this, it is everybody services shared device, and the user among other a plurality of VPN also can visit it; Or this PC is one and has certain franchise main frame that it can visit the resource that adheres to separately in a plurality of VPN networks.The demand explanation, in actual networking, need to eliminate the limitation that to distinguish vpn service by interface, the demand that realization can realize visiting different VPN and visit a plurality of VPN simultaneously by the multi-role host user among the site of same interface access PE, and the user among the above-mentioned VPN also can visit this multi-role host among this site.
The present invention solves this application demand like this, on the PE of backbone network equipment, distinguish each main frame according to the source address of datagram, if confirm this main frame is a user that the special access demand is arranged, just according to this user's requirements for access, its is inserted the VPN network that institute can visit, make this special user can visit the VPN of needs.And still carry out access to netwoks according to the VPN that access interface belongs to for those common VPN users.Specifically, the present invention solves this application demand like this, on PE equipment, distinguish the main frame of this specific properties according to the source address of datagram, for this special main frame, configuration allows each VPN that it can be visited as required, and for there not being these franchise main frames, also judges its identity by its source address, the VPN that allows its access interface belong to walks normal forwarding process.Such as the PC1 among Fig. 3, it inserts from the interface of VPN1, the datagram of coming according to this main frame on PE is obtained its source address and is identified its identity, then, obtain the information of purpose VPN according to this source address, and remove to search the different VPN message according to the purpose VPN information of datagram and transmit, like this, the datagram of going out from PC1 can arrive the site of other VPN, equally also need also can be forwarded to this special P C1 from the datagram that the site of other VPN comes, therefore, static routing of VPN internal configurations of other permission PC1 visit on PE1, next jumping is VPN1 private network interface name or address, this static routing may be a main frame route, also may be network segment route, promptly in VPN1 site the main frame of such special role many in, give the identical subnet address of these host assignment.Again these static routing are published to different VPN inside.The VPN that belongs to of multi-role host itself is exactly can dispose among the associated VPN of access interface hereto, also can not dispose static routing, because can use dynamic routing protocol exchange route.
Be example explanation the present invention below with Fig. 3.Fig. 3 is a simple MPLS VPN network, wherein there are three VPN, VPN1, VPN2, VPN3, wherein site1 belongs to VPN1 on the region, it inserts PE1 by an interface serial 0, other site. that visits VPN1 is only owing to the reason of networking has a host PC 1 in site1, it is a station server, except by the user capture in the VPN1, VPN2, the user among the VPN3 also need to visit this station server, therefore this station server can not only insert VPN1, but do not wish to allow this station server insert PE1 yet, at this moment, adopt method of the present invention that relevant PE equipment just is configured and operates and can address this problem with an independent interface.
The address of supposing the PC1 among the figure is 10.110.1.1, inserts the PE1 of backbone network by VPN1 site1; The address of VPN1 site2 is 100.1.0.0/16, and the address of VPN2 site1 is 100.2.0.0/16, and the address of VPN3 site1 is 100.3.0.0/16, inserts the PE2 of backbone network; The address of VPN1 site3 is 100.4.0.0/16, and the address of VPN2 site2 is 100.5.0.0/16, and the address of VPN3 site3 is 100.6.0.0/16, inserts the PE3 of backbone network.Because the access of multi-role host PC1 is arranged on the PE1, PE1 is last must the information of transmitting of all VPN that the multi-role host PC1 among the own Site that is inserted will visit, this message that just need need to dispose corresponding VPN1, VPN2, VPN3 on PE1 is transmitted, also need transmit configuring static route down simultaneously at above-mentioned VPN, make from other VPN, promptly the next data message of the Site of VPN2, VPN3 can flow into the multi-role host of VPN1 Site.The concrete steps that said method is described are with reference to figure 4.At first carry out step 1 on the backbone network edge router PE1 that host PC 1 place VPN website VPN1 Site1 is connected, the VPN(Virtual Private Network) message that host PC 1 can visit is set transmits.Three VPN promptly are set, and the message of VPN1, VPN2 and VPN3 is transmitted.As the order of adopting the following VPN1 of setting is provided with above-mentioned VPN1 and transmits, and transmitting of VPN2, VPN3 in like manner is set.
Ip vrf VPN1; Create the VPN of a VPN1 by name
Rd 100:1; RD (route the is differentiated symbol) sign that disposes this VPN1 is 100:1
Route both 100:1; The VPN strategy that disposes this VPN1 is that to introduce, draw all be 100:1.
Above configuration can allow data message flow into correct VPN, the data message of returning so also needs to guarantee and can flow into by private network interface serial 0, owing to have only a multi-role host PC1 among the VPN1 Site1 in this example, therefore in VPN2, static routing of VPN3 internal configurations, next jumping can be a VPN1 private network interface name, this static routing is a main frame route, therefore can adopt the configuration shown in following order:
ip?route?vrf?VPN2?10.110.1.1?255.255.255.255?serial?0;
ip?route?vrf?VPN3?10.110.1.1?255.255.255.255?serial?0;
At VPN2, the address that disposes clauses and subclauses among the VPN3 respectively is 10.110.1.1, and next jumps out the static routing that interface is serial 0.
Like this, can be with from VPN2 by the configuring static route, the data flow introducting interface serial 0 that VPN3 comes.Above-mentioned static routing is published to the inside of VPN2, VPN3.
Like this VPN1 of She Zhiing, VPN2 and VPN3 transmit into:
VPN1:
100.1.0.0/16?nexthop:pe2
100.4.0.0/16?nexthop:pe3
VPN2:
100.2.0.0/16?nexthop:pe2
100.5.0.0/16?nexthop:pe3
10.110.1.1?nexthop:serial?0
VPN3:
100.3.0.0/16?nexthop:pe2
100.6.0.0/16?nexthop:pe3
10.110.1.1?nexthop:serial?0
Carry out step 2 then the interface serial 0 that VPN1 site1 inserts PE1 associated with VPN1, interface serial 0 is tied under the VPN1, as adopt following order to realize:
Interface serial 0; Use serial ports serial 0;
Ip vrf forwarding VPN1; Serial 0 is associated under the VPN1;
Ip addr 10.110.0.2 255.255.0.0; The IP address that disposes this interface is 10.110.0.2.
At the filtering policy of step 3 configuration, as adopt following order to realize for host PC 1:
Access-list 101 per 10.110.1.1 any; Disposing one, to allow source address be the strategy that the message of 10.110.1.1 passes through, and 101 be tactful number.
The filtering policy for host PC 1 that will dispose in step 4 is associated with private network interface serial 0, so that when PE1 receives data message from multi-role host place VPN1 website, identifies the identity of host PC 1 according to the source address of message.As adopt following order to realize:
Interface serial 0; Use serial ports serial 0;
Special-host access-list 101 access-vpn VPN1 VPN2 VPN3; The datagram that meets 101 access strategies can be visited VPN:VPN1, VPN2, VPN3.
Comprehensive above configuration can make the multi-role host PC1 among the VPN1 can be by VPN1, VPN2, VPN3 visits, if the main frame of identical access attribute is more among the site1, and can be by the method for making rational planning for, make their address continuous, so that these main frames are in the identical subnet, can be reduced at the configuration trouble on the PE1 equipment so greatly, like this, can directly dispose filtering policy, promptly dispose network segment route for a network segment.As:
Access-list 101 permit 10.110.0.0 255.255.0.0 any; Dispose the strategy that a message that allows source address to belong to the 10.110.0.0 network segment passes through.
Dispose reverse static routing again and point to this special network segment, as:
ip?route?vrf?VPN2?10.110.0.0?255.255.0.0?serial?0
ip?route?vrf?VPN3?10.110.0.0?255.255.0.0?serial?0
Change the VPN that the user can visit if desired, just can realize as long as on PE, change access strategy flexibly.For the unsuccessful data message of strategy matching, with the VPN under its direct access interface.If the user has the demand of visit public network, can in the VPN that can visit, not find under the situation of transmitting item and go to look into transmitting of public network, insert public network, prerequisite is that the address space of VPN is privately owned address space certainly.Can followingly dispose:
Special-host access-list 101 access-vpn VPN1 VPN2 VPN3 Internet; If the datagram that meets access strategy 101 is at VPN1, VPN2 does not find forwarding information among the VPN3, can allow it look into the forwarding of transmitting of public network.
In addition, if the VPN of the required access of each main frame among the site1 is when all difference is bigger, can no longer will insert the interface conjunctionn of PE under certain private network, but adopt the public network interface, but the Routing Protocol that do not have on this interface is mutual, so as not to the user when using the private net address space VPN route reveal into public network.If use the public network address space, insert when can directly realize user's different VPN and public network, realize the visit of Internet.In the case, for the unsuccessful data message of strategy matching, can be directly according to the forwarding of transmitting of public network.
In step 5, PE1 transmits the message that receives at last, realizes many VPN visits of multi-role host and user's the sharing multi-role host PC1 among many VPN.
The specific implementation of above-mentioned steps 5 is with reference to figure 5.When PE1 receives data message from VPN1 Site1, do strategy matching according to the policing rule that the source address of datagram and configured in advance are good, if the match is successful, illustrate that the main frame that sends datagram is a multi-role host, therefore the datagram that the match is successful visits corresponding VPN according to policy configurations, go to look into transmitting of the VPN that can visit, find transmit after and normal forwarding process transmit.Therefore, if datagram comes from PC1, then can the match is successful, forward thereby transmit by corresponding VPN; If datagram is from domestic consumer, then can the match is successful, can only VPN1 transmit forwarding.Also can be simultaneously should go transmitting of the VPN that looks into to this data message, carry out message forwarding then according to the purpose of datagram and source address one-time positioning.
The data flow of returning, promptly from the data message of VPN2, the static routing by PE1 releases is forwarded to PE1 from PE2, and the vpn label by data message is forwarded to VPN1 site1 then, arrives multi-role host PC1.
In a word, by on PE1 equipment, adjusting strategy flexibly, just can control the VPN scope of the visit of each main frame among the site that is connected.
Need to prove, the first, on PE1, also the multi-role host table can be set, and the interface of this main frame table with the VPN1 Site1 that comprises multi-role host PC1 is associated.This table can only comprise the message source address, like this, when PE1 receives data message from multi-role host place VPN website, can be complementary according to the source address of message and the message source address in this table, just can discern the host identities that sends message.
The second, on PE equipment, set up the VPN access control list, this table comprises source address and VPN field, is used to describe user that the message source address identified and the visit relation of VPN.Like this, when PE1 receives data message from VPN2, VPN3 website, identify the VPN that the main frame that sends message can insert, transmit the forwarding user's message according to the message of this VPN according to the source address of message.If above-mentioned VPN access list comprises destination address field (DAF), more help message forwarding.The VPN that is visited among the VPN Site that this situation is particularly useful for being inserted relatively disperses, and the situation that is difficult to determine, also can satisfy the demand that public network user inserts simultaneously.
Claims (10)
1, a kind of method of the realization multi-role host based on Virtual Private Network comprises:
On the backbone network edge router PE that multi-role host place virtual private network website is connected, the VPN message that multi-role host can visit is set transmits, the interface of this VPN website is associated with place VPN;
When the backbone network edge router receives data message from above-mentioned VPN website, send the host identities of message according to the source address identification of message, if be multi-role host, obtain the information of purpose VPN again according to the source address of message, transmit and E-Packet according to the corresponding VPN message of this information searching, otherwise, transmit according to the message of VPN under the main frame and to E-Packet.
2, method according to claim 1 is characterized in that: static routing of configuration in the transmitting of each VPN that multi-role host need be visited, next of this route jumped and is the VPN interface name of multi-role host place VPN website.
3, method according to claim 2 is characterized in that: do not dispose static routing in the associated VPN of the interface of multi-role host place VPN website.
4, method according to claim 2 is characterized in that: described static routing is published to VPN inside except that the associated VPN of the interface of multi-role host place VPN website.
5, method according to claim 4 is characterized in that: when the multi-role host that belongs to same VPN website is two when above, be continuous with the address setting of above-mentioned multi-role host.
6, method according to claim 5 is characterized in that: when multi-role host was one, described static routing was a main frame route; When multi-role host when being a plurality of, described static routing is a network segment route.
7, according to claim 1,2,4,5 or 6 described methods, it is characterized in that: configuration is for the filtering policy of multi-role host on PE, and should be associated with the interface of the VPN website that comprises multi-role host by strategy, so that when PE receives data message from multi-role host place VPN website, send the host identities of message according to the source address identification of message.
8, method according to claim 7 is characterized in that: the VPN website that comprises multi-role host is connected to PE by the public network interface.
9, a kind of method of the realization multi-role host based on Virtual Private Network comprises:
On the backbone network edge router PE that multi-role host place VPN website is connected, create the virtual private network message that multi-role host can visit and transmit, the interface of this VPN website is associated with place VPN;
When the backbone network edge router received data message from above-mentioned VPN website, the VPN that the main frame that sends message according to the source address and the destination address identification of message can insert transmitted the forwarding user's message according to the message of this VPN.
10, method according to claim 9 is characterized in that: set up the VPN access control list on the backbone network edge router, this table comprises source address and VPN field, is used to describe user that the message source address identified and the visit relation of VPN.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CNB031013996A CN1297105C (en) | 2003-01-06 | 2003-01-06 | Method for implementing multirole main machine based on virtual local network |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CNB031013996A CN1297105C (en) | 2003-01-06 | 2003-01-06 | Method for implementing multirole main machine based on virtual local network |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN1516401A CN1516401A (en) | 2004-07-28 |
| CN1297105C true CN1297105C (en) | 2007-01-24 |
Family
ID=34239110
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CNB031013996A Expired - Fee Related CN1297105C (en) | 2003-01-06 | 2003-01-06 | Method for implementing multirole main machine based on virtual local network |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN1297105C (en) |
Families Citing this family (15)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN100518138C (en) * | 2005-04-12 | 2009-07-22 | 华为技术有限公司 | Method for realizing virtual special network |
| CN100426791C (en) * | 2005-06-21 | 2008-10-15 | 中兴通讯股份有限公司 | Engine apparatus for route forwarding table address searching |
| CN100364278C (en) * | 2005-10-24 | 2008-01-23 | 南京邮电大学 | Method for controlling five layer resource access based on extending role |
| CN100463452C (en) * | 2006-03-21 | 2009-02-18 | 杭州华三通信技术有限公司 | VPN data forwarding method and VPN device for data forwarding |
| CN101179406B (en) * | 2006-11-30 | 2011-01-12 | 腾讯科技(深圳)有限公司 | Electronic pet tourism method, tourism server and system |
| CN101483594A (en) * | 2009-02-11 | 2009-07-15 | 成都市华为赛门铁克科技有限公司 | Packet sending method and customer terminal based on virtual private network tunnel |
| CN101626338B (en) * | 2009-08-03 | 2011-11-23 | 杭州华三通信技术有限公司 | Method and device for realizing multiple virtual private network (VPN) examples |
| CN101729409B (en) * | 2009-12-01 | 2012-05-23 | 杭州华三通信技术有限公司 | Method and device for implementing multirole host computer |
| US9116728B2 (en) * | 2010-12-21 | 2015-08-25 | Microsoft Technology Licensing, Llc | Providing a persona-based application experience |
| JP5673133B2 (en) * | 2011-01-24 | 2015-02-18 | 日本電気株式会社 | MAC search system and MAC search method for MPLS-TP device |
| CN107171857B (en) * | 2017-06-21 | 2021-04-27 | 杭州迪普科技股份有限公司 | Network virtualization method and device based on user group |
| CN107547509B (en) * | 2017-06-27 | 2020-10-13 | 新华三技术有限公司 | Message forwarding method and device |
| CN111107142B (en) * | 2019-12-16 | 2022-07-01 | 新华三大数据技术有限公司 | Service access method and device |
| US11469998B2 (en) * | 2020-05-27 | 2022-10-11 | Juniper Networks, Inc. | Data center tenant network isolation using logical router interconnects for virtual network route leaking |
| CN116760652B (en) * | 2023-08-23 | 2023-11-17 | 保大坊科技有限公司 | Method, apparatus and storage medium for simultaneously accessing multiple systems |
Citations (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1276666A (en) * | 1999-06-03 | 2000-12-13 | 财团法人资讯工业策进会 | Random selection system and method for access repeater of virtual private network |
| US6463061B1 (en) * | 1997-12-23 | 2002-10-08 | Cisco Technology, Inc. | Shared communications network employing virtual-private-network identifiers |
-
2003
- 2003-01-06 CN CNB031013996A patent/CN1297105C/en not_active Expired - Fee Related
Patent Citations (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US6463061B1 (en) * | 1997-12-23 | 2002-10-08 | Cisco Technology, Inc. | Shared communications network employing virtual-private-network identifiers |
| CN1276666A (en) * | 1999-06-03 | 2000-12-13 | 财团法人资讯工业策进会 | Random selection system and method for access repeater of virtual private network |
Also Published As
| Publication number | Publication date |
|---|---|
| CN1516401A (en) | 2004-07-28 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN1214583C (en) | Three layer virtual private network and its construction method | |
| CN1297105C (en) | Method for implementing multirole main machine based on virtual local network | |
| CN1266913C (en) | Tunneling through access network | |
| RU2357281C2 (en) | Virtual broadcasting network for inter-domain connection | |
| CN101616014B (en) | Method for realizing cross-virtual private local area network multicast | |
| WO2011032473A1 (en) | Implementation method and system of virtual private network | |
| CN1471259A (en) | User authentication system and user authentication method | |
| CN1913523A (en) | Method for implementing layer level virtual private exchange service | |
| CN1708029A (en) | Method for establizing retransmission flow table | |
| CN1722698A (en) | MPLS VPN and its control and forwarding method | |
| CN101499965B (en) | Method for network packet routing forwarding and address converting based on IPSec security association | |
| CN1863127A (en) | Method for core network access to multi-protocol sign exchange virtual special network | |
| WO2008014723A1 (en) | Method and device for implementing vpn based on ipv6 address structure | |
| CN1866904A (en) | Method and apparatus for astringing two layer MAC address | |
| CN1716904A (en) | Group broadcast realizing method based on multiple service transmission platform | |
| CN1921441A (en) | Method and device for message transfer of virtual private local area network | |
| CN1199405C (en) | Enterprise external virtual special network system and method using virtual router structure | |
| CN1177433C (en) | Method for managing broadcast of multi-broadcast service source in mobile network | |
| CN1773949A (en) | Switching in method for virtual special network and realizing apparatus | |
| CN1180583C (en) | Realizing method and system of special network in wideband virtual network | |
| CN1870588A (en) | Implementing method and system for support VPLS service on IP skeletal network | |
| CN1520101A (en) | Method for determining relation between routers at fringe of client site and virtual private network | |
| US7773613B2 (en) | Communication control method and system | |
| CN1852255A (en) | System and method for providing QoS service to virtual special line | |
| CN1741500A (en) | Virtual exchanging method capable of routing |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C14 | Grant of patent or utility model | ||
| GR01 | Patent grant | ||
| CF01 | Termination of patent right due to non-payment of annual fee | ||
| CF01 | Termination of patent right due to non-payment of annual fee |
Granted publication date: 20070124 Termination date: 20200106 |