Virtual private network and method for controlling and forwarding route thereof
First Claim
1. A Virtual Private Network (VPN), comprising:
- a provider'"'"'s network and a customer'"'"'s network;
wherein, a Sub-Provider Edge (SUB_PE) is configured in the customer'"'"'s network, and the SUB-PE is connected with a PE in the provider'"'"'s network. at least one SUB_VPN belonging to the same customer is configured under the SUB_PE, and the SUB_VPN accesses the provider'"'"'s network via the SUB_PE.
3 Assignments
0 Petitions
Accused Products
Abstract
The present invention discloses a Virtual Private Network (VPN), which includes: a Sub-Provider Edge (SUB_PE), configured in a customer'"'"'s network and connected with a PE in a provider'"'"'s network; at least one SUB_VPN belonging to a same customer is configured under the SUB_PE and accesses the provider'"'"'s network through the SUB_PE. The present invention also discloses a method for controlling and forwarding route of the VPN, including: an SUB_PE or a PE adds an export target attribute of the VPN where it is located to the route before transmitting; after receiving the route, the SUB_PE or the PE compares the export target attribute in the route with the import target attribute saved by itself, if they match, accept the route and forward it to a lower layer VPN; otherwise, reject the route.
50 Citations
11 Claims
-
1. A Virtual Private Network (VPN), comprising:
-
a provider'"'"'s network and a customer'"'"'s network;
wherein,a Sub-Provider Edge (SUB_PE) is configured in the customer'"'"'s network, and the SUB-PE is connected with a PE in the provider'"'"'s network. at least one SUB_VPN belonging to the same customer is configured under the SUB_PE, and the SUB_VPN accesses the provider'"'"'s network via the SUB_PE. - View Dependent Claims (2, 3, 4, 5)
-
-
6. A method for controlling and forwarding route of a Virtual Private Network (VPN) which comprises a provider'"'"'s network and a customer'"'"'s network, comprising:
-
configuring a Sub-Provider Edge (SUB_PE) in the customer'"'"'s network, connected with a PE in the provider'"'"'s network;
configuring at least one SUB_VPN belonging to the same customer under the SUB_PE, and the SUB_VPN accessing the provider'"'"'s network through the SUB_PE;
adding, by a SUB_PE, an export target attribute of a SUB_VPN to a route of the SUB_VPN, and transmitting the route to the PE by Multi-protocol Border Gateway Protocol (MBGP);
adding, by the PE, an export target attribute of the SUB_VPN to the received route, and forwarding the route to a peer PE in the VPN through the provider'"'"'s network;
after receiving the route, comparing, by the peer PE, the export target attribute in the route with an import target attribute saved by the peer PE, if a matching VPN is found, accepting the route and forwarding the route to a SUB_VPN connected with the peer PE;
otherwise, rejecting the route;
after receiving the route, comparing, by a SUB_PE in the SUB_VPN connected with the peer PE, the export target attribute of the SUB_VPN connected with the PE in the route with an import target attribute of the SUB_VPN connected with the peer PE saved by the SUB_PE in the SUB_VPN connected with the peer PE, if they match, accepting the route;
otherwise, rejecting the route. - View Dependent Claims (7, 8, 9, 10, 11)
-
Specification