BRAS (Broadband Remote Access Server) forwarding and control separation backup method and device

[0019] The terms used in this application are only for the purpose of describing specific embodiments, rather than limiting the application. The singular forms of "a", "said" and "the" used in this application and claims are also intended to include plural forms, unless the context clearly indicates other meanings. It should also be understood that the term "and/or" as used herein refers to any or all possible combinations of one or more associated listed items.

[0020] It should be understood that, although the terms first, second, third, etc. may be used in this application to describe various information, the information should not be limited to these terms. These terms are only used to distinguish the same type of information from each other. For example, without departing from the scope of this application, the first information may also be referred to as second information, and similarly, the second information may also be referred to as first information. Depending on the context, in addition, the word "if" used can be interpreted as "when", or "when", or "in response to certainty."

[0021] The embodiment of the present application proposes a backup method for BRAS transfer and control separation. The method can be applied to a system including a BRAS-CP device and a BRAS-UP device, such as a vBRAS system. Among them, the BRAS-CP device is a device that implements a control plane, and is used to implement functions such as user control management, user access control, user authentication, authorization and billing, address management, and configuration management. The BRAS-UP device is a device that implements the forwarding plane, and is used to implement functions such as traffic forwarding, QoS, traffic statistics, ACL (Access Control List) control, CAR (Committed Access Rate), route release, etc. .

[0022] See figure 1 As shown, this is a schematic diagram of an application scenario of an embodiment of the application. The vBRAS system may include a BRAS-CP device and at least two BRAS-UP devices. in figure 1 In, one BRAS-CP device and three BRAS-UP devices are taken as an example for description. Of course, in practical applications, the number of BRAS-CP devices and the number of BRAS-UP devices can be more. There is no limit to this quantity.

[0023] in figure 1 Among them, the user equipment may be a virtual machine, a PC (Personal Computer, personal computer), a mobile phone, a host, etc. The authentication server may be an AAA (Authentication Authorization Accounting) server, a RADIUS (Remote Authentication Dial In User Service, remote user dial-in authentication system) server, etc. The management orchestrator can be MANO (management and organization), which is used to realize the management and control of BRAS-CP equipment and BRAS-UP equipment. It can call API (Application Programming Interface) through Netconf (Network Configuration Protocol) protocol. Program programming interface) The interface completes the interaction with BRAS-CP equipment and BRAS-UP equipment. The core router is CR, used for data packet routing and forwarding.

[0024] In an example, the BRAS-CP device can be a virtual BRAS-CP device in the form of software, such as a virtual resource with BRAS service processing capabilities running on an X86 server, or a physical BRAS-CP device in the form of hardware, such as a BRAS A server with business processing capabilities. The BRAS-UP device can be a virtual BRAS-UP device in the form of software, such as a virtual resource running on an X86 server, or a physical BRAS-UP device in the form of hardware, such as a router or a switch. Of course, the above process only introduces two manifestations of the BRAS-CP device and the BRAS-UP device, and there is no restriction on this. Moreover, when the BRAS-UP device is a virtual BRAS-UP device, different BRAS-UP devices can be deployed on the same server or on different servers. When the BRAS-CP device is a virtual BRAS-CP device, and the BRAS-UP device is a virtual BRAS-UP device, the BRAS-CP device and the BRAS-UP device can be deployed on the same server or on different servers.

[0025] In an example, the BRAS-CP device may establish tunnels with each BRAS-UP device separately, such as establishing an openflow tunnel. For example, tunnel A can be established between BRAS-CP device 141 and BRAS-UP device 131. On BRAS-CP device 141, the source address of tunnel A is the address of BRAS-CP device 141 and the destination address is BRAS-UP. The address of the device 131; on the BRAS-UP device 131, the destination address of the tunnel A is the address of the BRAS-CP device 141, and the source address is the address of the BRAS-UP device 131. Similarly, tunnel B can be established between BRAS-CP device 141 and BRAS-UP device 132, and tunnel C can be established between BRAS-CP device 141 and BRAS-UP device 133. For the source addresses of tunnel B and tunnel C, The destination address is similar to tunnel A and will not be described in detail here.

[0026] On the basis of the above-mentioned tunnels, in this embodiment of the application, a tunnel backup group can be created first. The tunnel backup group can include the primary tunnel between the BRAS-CP device and the primary BRAS-UP device, the BRAS-CP device and the backup BRAS-UP device. For backup tunnels between UP devices, the number of primary tunnels can be one, and the number of backup tunnels can be one or more. The following takes one backup tunnel as an example for description. Moreover, the primary tunnels of different tunnel backup groups can be different, and the backup tunnels of different tunnel backup groups can be the same or different; or, the primary tunnels of different tunnel backup groups can be the same, and the backup tunnels of different tunnel backup groups can be different. For the convenience of description, in the subsequent process, the different primary tunnels of different tunnel backup groups are used as an example for description.

[0027] Among them, the process of "creating a tunnel backup group" can include but is not limited to the following methods:

[0028] Method 1: The BRAS-CP device obtains the tunnels between the BRAS-CP device and each BRAS-UP device in turn; the BRAS-CP device creates a tunnel backup group for the obtained tunnel. In the created tunnel backup group, the primary tunnel is The obtained tunnel, and the backup tunnel is a tunnel other than the obtained tunnel.

[0029] See figure 1 As shown, when BRAS-CP device 141 obtains tunnel A, it can create tunnel backup group 1 for tunnel A. The primary tunnel of tunnel backup group 1 is tunnel A, and the backup tunnel can be tunnel B or tunnel C. Take tunnel B as an example. When the BRAS-CP device 141 obtains tunnel B, it can create tunnel backup group 2 for tunnel B. The primary tunnel of the tunnel backup group 2 is tunnel B, and the backup tunnel can be tunnel A or tunnel C. Subsequent use tunnel C as Examples are explained. When the BRAS-CP device 141 obtains tunnel C, it can create tunnel backup group 3 for tunnel C. The primary tunnel of this tunnel backup group 3 is tunnel C, and the backup tunnel can be tunnel A or tunnel B. Subsequent use tunnel A as Examples are explained.

[0030] Method 2: The BRAS-CP device receives the tunnel backup message sent by the management orchestrator, and parses the main tunnel information and backup tunnel information from the tunnel backup message, and uses the main tunnel information and backup tunnel information to create a tunnel backup group, which is based on The primary tunnel information determines the primary tunnel, and the secondary tunnel is determined based on the secondary tunnel information.

[0031] See figure 1 As shown, when the management orchestrator 161 determines that the tunnel between the BRAS-CP device 141 and the BRAS-UP device 131 is the primary tunnel, and the tunnel between the BRAS-CP device 141 and the BRAS-UP device 132 is the backup tunnel, then A tunnel backup message can be sent to the BRAS-CP device 141. The primary tunnel information carried in the tunnel backup message is the tunnel between the BRAS-CP device 141 and the BRAS-UP device 131, and the backup tunnel information carried in the tunnel backup message is the BRAS-UP device. The tunnel between the CP device 141 and the BRAS-UP device 132. After the BRAS-CP device 141 receives the tunnel backup message, it can create tunnel backup group 1. The primary tunnel of the tunnel backup group 1 is tunnel A, and the backup tunnel is tunnel B.

[0032] In an example, the management orchestrator 161 can determine the primary tunnel and the backup tunnel in the tunnel backup group according to a preset policy, as long as the primary tunnels of different tunnel backup groups are different, and there is no restriction on this preset policy. For example, the management orchestrator 161 can determine that the primary tunnel in tunnel backup group 1 is tunnel A and the backup tunnel is tunnel B, and can determine that the primary tunnel in tunnel backup group 2 is tunnel B and the backup tunnel is tunnel C, and can determine In tunnel backup group 3, the primary tunnel is tunnel C, the backup tunnel is tunnel A, and so on.

[0033] In an example, based on the above method 1 and method 2, after the BRAS-CP device creates the tunnel backup group, it can also adjust the backup tunnel in the tunnel backup group. For example, after the BRAS-CP device creates tunnel backup group 1, it adjusts the backup tunnel to tunnel C, that is, the primary tunnel is tunnel A and the backup tunnel is tunnel C.

[0034] After the BRAS-CP device creates a tunnel backup group, it can also delete the tunnel backup group, that is, release the active/standby relationship between the primary tunnel and the standby tunnel. For example, after the BRAS-CP device creates tunnel backup group 1, it can also delete tunnel backup group 1. That is, the primary tunnel is no longer tunnel A, and the backup tunnel is the active/standby relationship of tunnel B.

[0035] After the BRAS-CP device creates a tunnel backup group, it can also exchange the roles of active and standby to form a 1+1 backup, that is, the main tunnel and the standby tunnel are each other's active and standby. For example, after the BRAS-CP device creates tunnel backup group 1, the primary tunnel is tunnel A, the backup tunnel is tunnel B, the primary tunnel is tunnel B, and the backup tunnel is tunnel A.

[0036] In an example, the BRAS-CP device can transmit session information to the BRAS-UP device through the above-mentioned tunnel (such as an openflow tunnel, etc.). In addition, the BRAS-CP device can also establish a VXLAN (Virtual Extensible Local Area Network) tunnel with each BRAS-UP device, and the BRAS-UP device and the BRAS-CP device can transmit related messages through the VXLAN tunnel.

[0037] For example, a VXLAN tunnel 1 can be established between the BRAS-CP device 141 and the BRAS-UP device 131. On the BRAS-CP device 141, the source address of the VXLAN tunnel 1 is the address of the BRAS-CP device 141, and the destination address is the BRAS The address of the UP device 131; on the BRAS-UP device 131, the destination address of the VXLAN tunnel 1 is the address of the BRAS-CP device 141, and the source address is the address of the BRAS-UP device 131. In the same way, VXLAN tunnel 2 can be established between BRAS-CP device 141 and BRAS-UP device 132, and VXLAN tunnel 3 can be established between BRAS-CP device 141 and BRAS-UP device 133. For VXLAN tunnel 2 and VXLAN tunnel 3 I won't go into details again.

[0038] In the above application scenarios, the user equipment can authenticate the user equipment before accessing the Internet, and the user equipment can access the Internet only after the user equipment passes the authentication. Since the authentication process of each user equipment is the same, the authentication process of the user equipment 111 will be described as an example in the following.

[0039] Take the IPoE (Internet Protocol over Ethernet) access process triggered by DHCP (Dynamic Host Configuration Protocol) as an example.

[0040] The user equipment 111 sends a DHCP-DISCOVER (discovery) message. After receiving the DHCP-DISCOVER message, the BRAS-UP device 131 sends the DHCP-DISCOVER message to the BRAS-CP device 141 through the VXLAN tunnel 1. The BRAS-CP device 141 creates an IPoE session and sends an authentication request message to the authentication server. The authentication request message contains user information, such as the Client ID option in the DHCP-DISCOVER message, and the source MAC address (that is, the user device 111’s MAC address) etc.

[0041] The BRAS-CP device 141 receives the authentication result returned by the authentication server. If the authentication is passed, the authentication result is an authentication acceptance message, and the authentication acceptance message carries authorization information for the user equipment 111; if the authentication fails, the authentication result is an authentication rejection message. The following is an example of certification.

[0042] The BRAS-CP device 141 updates the IPoE session status to be authenticated, and forwards the DHCP-DISCOVER message to the DHCP server. The DHCP server can respond to the DHCP-OFFER (offer) message, and the BRAS-CP device 141 forwards the DHCP-OFFER message to the BRAS-UP device 131 through the VXLAN tunnel 1, and the BRAS-UP device 131 forwards the DHCP-OFFER message to User equipment 111.

[0043] The user equipment 111 sends a DHCP-REQUEST (request) message. After receiving the DHCP-REQUEST message, the BRAS-UP device 131 sends the DHCP-REQUEST message to the BRAS-CP device 141 through the VXLAN tunnel 1. The BRAS-CP device 141 sends the DHCP-REQUEST message to the DHCP server. The DHCP server responds with a DHCP-ACK (confirmation) message, which carries the assigned IP address.

[0044] The BRAS-CP device 141 parses the user's IP address and other address parameter information from the DHCP-ACK message, updates the session information of the IPoE session, and sets the status of the IPoE session to online. In addition, the BRAS-CP device 141 forwards the DHCP-ACK message to the BRAS-UP device 131 through the VXLAN tunnel 1, and the BRAS-UP device 131 forwards the DHCP-ACK message to the user equipment 111. The user equipment 111 obtains an IP address and related address parameter information according to the received DHCP-ACK message.

[0045] Of course, the above process is just an example. In practical applications, an access method such as PPPoE (Point to Point Protocol over Ethernet, Point to Point Protocol over Ethernet) can also be used, and there is no restriction on this.

[0046] After the foregoing implementation process, the user equipment 111 can access the Internet through the BRAS-UP device, and the session information corresponding to the user equipment 111 is recorded on the BRAS-CP device 141.

[0047] Among them, the process of "BRAS-UP device 131 sends DHCP-DISCOVER message to BRAS-CP device 141 through VXLAN tunnel 1" can also be implemented in the following ways:

[0048] The BRAS-UP device 131 establishes the correspondence between VSI interface 1 (Virtual Switch Interface) and VXLAN tunnel 1, establishes the correspondence between VSI interface 2 and VXLAN tunnel 1, and establishes the correspondence between VSI interface 3 and VXLAN tunnel 1. Among them, VSI interface 1 corresponds to physical interface 1 (the interface connected to the switch 121 on the BRAS-UP device 131), and VSI interface 2 corresponds to the physical interface 2 (the interface connected to the switch 122 on the BRAS-UP device 131), The VSI interface 3 corresponds to the physical interface 3 (the interface connected to the switch 123 on the BRAS-UP device 131).

[0049] Based on this, after the BRAS-UP device 131 receives the DHCP-DISCOVER message through the physical interface 1, it can first determine the VSI interface 1 corresponding to the physical interface 1. Then, the BRAS-UP device 131 queries the VSI interface and the tunnel According to the corresponding relationship, the VXLAN tunnel 1 corresponding to the VSI interface 1 can be obtained, and the DHCP-DISCOVER message is sent to the BRAS-CP device 141 through the VXLAN tunnel 1.

[0050] In an example, in order to make the access BRAS-UP device of each user equipment connected to the switch 121 be the BRAS-UP device 131, the switch 121 can be controlled to send the DHCP-DISCOVER message to the BRAS-UP device 131 instead of Send to the BRAS-UP device 132 and the BRAS-UP device 133. In order to realize "the switch 121 sends the DHCP-DISCOVER message to the BRAS-UP device 131", it can be implemented in the following manner: the BRAS-CP device 141 or the management orchestrator 161 notifies the BRAS-UP device 132 and the BRAS-UP device 133 The interface connected to the switch 121 is set to the DOWM (fault) state. Based on this, the BRAS-UP device 132 can set the interface connected to the switch 121 on the device to the DOWM state, and the BRAS-UP device 133 can connect the device with The interface to which the switch 121 is connected is set to the DOWM state. That is to say, the interface connected to the BRAS-UP device 132 on the switch 121 is in the DOWM state, and the interface connected to the BRAS-UP device 133 on the switch 121 is in the DOWM state, but the interface on the switch 121 connected to the BRAS-UP device 131 Still in the UP (normal) state. The BRAS-UP device 132/BRAS-UP device 133 sets the interface between the device and the switch 121 to the DOWM state, which can be the VSI interface to the DOWM state, or the Layer 2 VSI instance to the DOWN state. No restrictions.

[0051] In summary, when the switch 121 receives the DHCP-DISCOVER message, because only the interface connected to the BRAS-UP device 131 is in the UP state on the switch 121, the interface connected to the BRAS-UP device 132, the BRAS-UP device The interfaces connected to 133 are all in the DOWM state, therefore, the switch 121 can send the DHCP-DISCOVER message to the BRAS-UP device 131.

[0052] In the above application scenarios, see figure 2 As shown, this is a flowchart of the backup method for BRAS transfer and control separation proposed in the embodiments of the application. The BRAS transfer and control separation backup method can be applied to the BRAS-CP device. The BRAS transfer and control separation backup method may include the following steps :

[0053] Step 201: After the user equipment is authenticated, the session information corresponding to the user equipment is determined, and the tunnel backup group corresponding to the user equipment is determined. The tunnel backup group may include the master between the BRAS-CP device and the master BRAS-UP device. Tunnel, backup tunnel between BRAS-CP equipment and backup BRAS-UP equipment.

[0054] Among them, both the primary tunnel and the backup tunnel in the tunnel backup group may be the above-mentioned openflow tunnel. Of course, the primary tunnel and the backup tunnel are not limited to the openflow tunnel, as long as they are reliable connection tunnels. This article takes the openflow tunnel as an example.

[0055] The above-mentioned session information is used to guide the BRAS-UP device to perform data transmission according to the session information, and there is no restriction on the content of the session information. For example, the session information may include, but is not limited to, one or any combination of the following: IP address, MAC (Media Access Control, media access control) address, VLAN (Virtual Local Area Network, virtual local area network) information, VPN (Virtual Private Network, Virtual private network) information, VXLAN tunnel information, authorization information, user traffic, etc. The authorization information may further include but not limited to one or any combination of the following: QoS strategy, speed limit strategy, statistical strategy, ACL strategy, etc. Of course, the above session information is only an example, and there is no restriction on this.

[0056] Regarding the method of obtaining session information, the BRAS-CP device can obtain from the authentication server, such as obtaining authorization information from the authentication server. The BRAS-CP device can also collect it by itself, such as analyzing the MAC address and VLAN information of the user equipment from the DHCP-REQUEST message, and analyzing the IP address and VPN information of the user equipment from the DHCP-ACK message, so as to make statistics on users User traffic currently used by the device.

[0057] Of course, the above method of obtaining session information is only an example of this application, and there is no limitation on this.

[0058] In an example, the process of "determining the tunnel backup group corresponding to the user equipment" may include, but is not limited to, the following methods: determining a receiving tunnel for an address request message (such as a DHCP-DISCOVER message), and the receiving tunnel may be The tunnel through which the address request message is received on the BRAS-CP device, and the address request message is sent by the user equipment through the BRAS-UP device. Query the tunnel backup group matching the primary tunnel and the receiving tunnel, and determine the tunnel backup group that is queried as the tunnel backup group corresponding to the user equipment. Of course, the above method is only an example of determining the tunnel backup group corresponding to the user equipment, and there is no restriction on this.

[0059] Among them, as described in the above process, the receiving tunnel (that is, the tunnel that receives the DHCP-DISCOVER message) can be a VXLAN tunnel, and the tunnel in the tunnel backup group can be an openflow tunnel. Therefore, the matching of the primary tunnel and the receiving tunnel is Means: The source IP address of the receiving tunnel is the same as the source IP address of the main tunnel, and the destination IP address of the receiving tunnel is the same as the destination IP address of the main tunnel. Of course, in practical applications, you can also specify the corresponding relationship between the VXLAN tunnel and the openflow tunnel. Based on this, after determining the VXLAN tunnel that receives the DHCP-DISCOVER message, you can query the corresponding relationship by querying the VXLAN tunnel. The openflow tunnel is the main tunnel.

[0060] It has been introduced in the above process that the BRAS-UP device 131 can send the DHCP-DISCOVER message to the BRAS-CP device 141 through the VXLAN tunnel 1, that is, the BRAS-CP device 141 receives the DHCP-DISCOVER through the VXLAN tunnel 1. The message, that is, the receiving tunnel is VXLAN tunnel 1. In the three tunnel backup groups created by BRAS-CP device 141, the primary tunnel of tunnel backup group 1 is tunnel A, and the source IP address of tunnel A is the same as the source IP address of VXLAN tunnel 1, and the destination IP address of tunnel A The destination IP address of VXLAN tunnel 1 is the same. Therefore, the tunnel backup group matching the receiving tunnel is tunnel backup group 1, and the tunnel backup group corresponding to the user device is tunnel backup group 1.

[0061] In the tunnel backup group 1, the primary tunnel is the tunnel A between the BRAS-CP device 141 and the BRAS-UP device 131, and the backup tunnel is the tunnel B between the BRAS-CP device 141 and the BRAS-UP device 132.

[0062] Step 202: Send the session information to the primary BRAS-UP device through the primary tunnel, so that the primary BRAS-UP device performs data transmission according to the session information; send the session information to the secondary BRAS-UP device through the secondary tunnel , So that the standby BRAS-UP device performs data transmission according to the session information.

[0063] In an example, after the BRAS-CP device 141 obtains the session information corresponding to the user equipment, it sends the session information to the main BRAS-UP device and the backup BRAS-UP device, both of which are the main BRAS-UP device and the backup BRAS-UP device. Data transmission can be performed based on the session information. For example, if the data sent by the user equipment to the Internet is transmitted to the master BRAS-UP device, the master BRAS-UP device can perform data transmission based on the session information, if the data sent by the user equipment to the Internet is transmitted to the standby BRAS-UP device , The standby BRAS-UP device can also perform data transmission based on the session information. For another example, if the data sent by the Internet to the user equipment is transmitted to the master BRAS-UP device, the master BRAS-UP device can perform data transmission based on the session information, if the data sent by the Internet to the user equipment is transmitted to the standby BRAS-UP Device, the standby BRAS-UP device can also perform data transmission based on the session information.

[0064] Among them, the process of the main BRAS-UP device/backup BRAS-UP device performing data transmission according to the session information may include: obtaining IP address, MAC address, VLAN information, VPN information, VXLAN tunnel information, etc. from the session information, based on These contents generate a forwarding entry, and the BRAS-UP device is guided to realize traffic forwarding through the forwarding entry. The QoS policy can also be obtained from the session information, and the BRAS-UP device can be guided to implement QoS control through the QoS policy; the speed limit policy can be obtained from the session information, and the BRAS-UP device can be guided to implement CAR through the speed limit policy; The statistical policy is obtained from the session information, and the BRAS-UP device is guided to implement traffic statistics through the statistical policy; the ACL policy is obtained from the session information, and the BRAS-UP device is guided to implement ACL control through the ACL policy; from the session information Obtain user traffic, and count the traffic size on the basis of the user traffic.

[0065] Of course, the above method is only an example of data transmission based on the session information, and there is no restriction on this.

[0066] In summary, because the session information is sent to the main BRAS-UP device and the backup BRAS-UP device, when the main BRAS-UP device fails, the data sent through the main BRAS-UP device can be switched to the backup BRAS -UP equipment, such as switching the data sent from the user equipment to the Internet through the main BRAS-UP equipment to the standby BRAS-UP equipment, and switching the data sent from the Internet to the user equipment through the main BRAS-UP equipment to the standby BRAS-UP equipment, so , Since the backup BRAS-UP also has the session information of the user equipment, the session information can be directly used for data transmission, thereby avoiding service interruption of the user equipment, improving the user’s service experience, and quickly switching between BRAS-UP devices to improve reliability Sex.

[0067] In an example, when the main BRAS-UP device does not fail, the user equipment can send data to the Internet through the main BRAS-UP device, and the Internet sends data to the user device through the main BRAS-UP device. When the main BRAS-UP device fails At this time, the user equipment can send data to the Internet through the standby BRAS-UP device, and the Internet sends data to the user equipment through the standby BRAS-UP device.

[0068] Among them, in order to realize "when the main BRAS-UP equipment does not fail, the Internet sends data to the user equipment through the main BRAS-UP equipment, and when the main BRAS-UP equipment fails, the Internet sends data to the user equipment through the standby BRAS-UP equipment" , The above-mentioned backup method for BRAS transfer and control separation may further include the following steps:

[0069] Step 203: Determine the network segment to which the user equipment belongs. If the network segment has not been sent, the network segment is sent to the master BRAS-UP device through the master tunnel, so that the master BRAS-UP device publishes the first network segment carrying the network segment. Routing, where the first routing is used to send data destined for the network segment to the main BRAS-UP device.

[0070] Such as figure 1 As shown, the user equipment (such as user equipment 111, user equipment 112) connected to the switch 121 may belong to the same network segment, such as network segment 10.1.1.0/24, and the user equipment (such as user equipment 113, user equipment 114) connected to the switch 122 ) Can belong to the same network segment, such as the network segment 10.1.2.0/24, and so on.

[0071] After the user equipment 111 is authenticated, the BRAS-CP device 141 determines the network segment to which the IP address of the user equipment 111 belongs, such as the network segment 10.1.1.0/24. Since this network segment has not been sent to the BRAS-UP device before, therefore, The network segment 10.1.1.0/24 is sent to the BRAS-UP device 131 through the main tunnel (tunnel A). In addition, after the user equipment 112 is authenticated, the BRAS-CP device 141 determines the network segment to which the IP address of the user equipment 112 belongs, such as the network segment 10.1.1.0/24, because the network segment 10.1.1.0 has been passed through the tunnel A before. /24 is sent to the BRAS-UP device 131, so the network segment 10.1.1.0/24 is no longer sent.

[0072] After the BRAS-UP device 131 (that is, the main BRAS-UP device) receives the network segment 10.1.1.0/24, since the BRAS-UP device 131 has a route publishing function, the BRAS-UP device 131 can publish and carry the network segment The first route of 10.1.1.0/24, which is sent to the core router 151. After the core router 151 receives the first route through the interface A, it records the correspondence between the network segment 10.1.1.0/24 carried by the first route and the interface A in the local routing table. In this way, when the core router 151 receives data whose destination IP address matches the network segment 10.1.1.0/24 (such as data sent by the Internet to the user equipment 111), it sends the data through interface A, that is, the data will be It is sent to the BRAS-UP device 131 instead of being sent to the BRAS-UP device 132. After receiving the data, the BRAS-UP device 131 can send the data based on the aforementioned session information, that is, send the data to the user equipment 111.

[0073] Through the above-mentioned transmission process, it is possible to realize "when the main BRAS-UP device does not fail, the Internet sends data to the user device through the main BRAS-UP device" instead of the standby BRAS-UP device.

[0074] In one example, after the BRAS-CP device sends the network segment to the master BRAS-UP device through the primary tunnel, if the primary BRAS-UP device fails, the BRAS-CP device can also send the network segment to the backup device through the backup tunnel. The BRAS-UP device, so that the backup BRAS-UP device advertises a second route carrying the network segment, where the second route is used to send data destined for the network segment to the backup BRAS-UP device.

[0075] For example, when the BRAS-UP device 131 fails, the BRAS-CP device 141 may also send the network segment 10.1.1.0/24 to the BRAS-UP device 132 through the backup tunnel (tunnel B). After the BRAS-UP device 132 (that is, the standby BRAS-UP device) receives the network segment 10.1.1.0/24, since the BRAS-UP device 132 has the route publishing function, the BRAS-UP device 132 can publish and carry the network The second route of the segment 10.1.1.0/24, which is sent to the core router 151. After the core router 151 receives the second route through the interface B, it may record the correspondence between the network segment 10.1.1.0/24 carried by the second route and the interface B in the local routing table. In this way, when the core router 151 receives data whose destination IP address matches the network segment 10.1.1.0/24 (such as the data sent by the Internet to the user equipment 111), it sends the data through interface B, that is, the data will be It is sent to the BRAS-UP device 132 instead of being sent to the BRAS-UP device 131. Moreover, after receiving the data, the BRAS-UP device 132 can also send the data based on the above session information, that is, send the data to the user equipment 111.

[0076] Through the above-mentioned transmission process, it is possible to realize "when the main BRAS-UP device fails, the Internet sends data to the user device through the standby BRAS-UP device" instead of the main BRAS-UP device.

[0077] In an example, in order to avoid two routes corresponding to the network segment 10.1.1.0/24 in the local routing table, the core router 151 records the correspondence between the network segment 10.1.1.0/24 and interface B in the local routing table, You can also delete the correspondence between the network segment 10.1.1.0/24 and interface A from the local routing table.

[0078] One way to delete may be: when the core router 151 records the correspondence between the network segment 10.1.1.0/24 and the interface B in the local routing table, it queries whether there are other routes corresponding to the network segment 10.1.1.0/24 in the local routing table. Since there is a correspondence between the network segment 10.1.1.0/24 and the interface A, the core router 151 directly deletes the previously recorded correspondence between the network segment 10.1.1.0/24 and the interface A from the local routing table.

[0079] Another way to delete can be: when the link between the BRAS-UP device 131 and the switch on the user side fails, the BRAS-CP device 141 can also send to the BRAS-UP device 131 through the primary tunnel to cancel the first The routing notification message (carrying the network segment 10.1.1.0/24) enables the BRAS-UP device 131 to advertise to the core router 151 the withdrawal route carrying the network segment 10.1.1.0/24. After the core router 151 receives the withdrawn route through the interface A, it can delete the correspondence between the network segment 10.1.1.0/24 and the interface A from the local routing table.

[0080] In an example, the process of "BRAS-CP device sending network segment to backup BRAS-UP device through backup tunnel" can include but not limited to the following methods: Method 1: BRAS-CP device is sensing the main BRAS-UP After the device fails, the network segment can be sent to the backup BRAS-UP device through the backup tunnel. Method 2: After the BRAS-CP device senses the failure of the main BRAS-UP device, it sends the failure information of the main BRAS-UP device to the management orchestrator; if the BRAS-CP device receives the active/standby switch from the management orchestrator Message, the network segment can be sent to the standby BRAS-UP device through the standby tunnel. Manner 3: If the BRAS-CP device receives the master/backup switch message sent by the management orchestrator, it can determine that the master BRAS-UP device is faulty, and send the network segment to the backup BRAS-UP device through the backup tunnel; where, The master/backup switch message is sent by the management orchestrator when it senses that the master BRAS-UP device fails.

[0081] Regarding the first method, after sensing the failure of the primary BRAS-UP device, the BRAS-CP device decides whether to perform the primary/backup switch, and if so, the network segment is sent to the backup BRAS-UP device through the backup tunnel.

[0082] For the second method, after sensing the failure of the main BRAS-UP device, it is not the BRAS-CP device that decides whether to switch between the main and standby devices. The BRAS-CP device can send the failure information of the main BRAS-UP device to the management orchestrator. The management orchestrator decides whether to switch between active and standby. If the management orchestrator decides to switch between master and backup, it can send a master/backup switch message to the BRAS-CP device, and after receiving the master/backup switch message, the BRAS-CP device can send the network segment to the backup BRAS through the backup tunnel -UP device. If the management orchestrator decides not to perform the master/backup switch, it will not send the master/backup switch message to the BRAS-CP device, and the BRAS-CP device will not send the network segment to the backup BRAS-UP device through the backup tunnel.

[0083] Regarding the third method, the management orchestrator can decide whether to switch between active and standby after sensing the failure of the main BRAS-UP device. If the master/backup switch is performed, the master/backup switch message is sent to the BRAS-CP device, and after the BRAS-CP device receives the master/backup switch message, it can send the network segment to the backup BRAS-UP device through the backup tunnel. If the master/backup switch is not performed, the master/backup switch message will not be sent to the BRAS-CP device, and the BRAS-CP device will not send the network segment to the backup BRAS-UP device through the backup tunnel.

[0084] In an example, the failure type of the main BRAS-UP device may be: failure of the main BRAS-UP device itself, or failure of the link between the main BRAS-UP device and the switch.

[0085] If the main BRAS-UP device itself fails, the way to perceive the failure of the main BRAS-UP device is as follows: For mode 1 and mode 2, the BRAS-CP device and the main BRAS-UP device can exchange heartbeat packets regularly. If a heartbeat message is not received within a preset time, it can be sensed that the main BRAS-UP device is malfunctioning. Regarding the third method, the management orchestrator and the main BRAS-UP device can periodically exchange heartbeat messages. If the heartbeat message is not received within the preset time, it can be sensed that the main BRAS-UP device is malfunctioning.

[0086] If the link between the main BRAS-UP device and the switch fails, the way to perceive the failure of the main BRAS-UP device is: For mode 1 and mode 2, the main BRAS-UP device connects the link between itself and the switch The information that the circuit fails is sent to the BRAS-CP device. Regarding the third method, when the link between the main BRAS-UP device and the switch fails, the main BRAS-UP device sends information about the failure of the link between itself and the switch to the management orchestrator. Or, the management orchestrator regularly queries the link status of the main BRAS-UP device, and the main BRAS-UP device sends the information about the link failure between itself and the switch to the management after receiving the query message from the management orchestrator. Orchestrator.

[0087] In the above process, it has been introduced that the BRAS-UP device 132/BRAS-UP device 133 sets the interface connected to the switch 121 on this device to the DOWM state. Based on this, when the BRAS-UP device 131 fails, the BRAS-CP device 141 or the management orchestrator 161 can also notify the BRAS-UP device 132 to restore the interface connected to the switch 121 on the device to the UP (fault) state, so that the interface connected to the BRAS-UP device 132 on the switch 121 is in the UP state. Also, because the interface connected to the BRAS-UP device 131 on the switch 121 is in the DOWM state (due to the failure of the BRAS-UP device 131), the switch 121 can send data to the BRAS-UP device 132.

[0088] In one example, in order to achieve "when the main BRAS-UP device does not fail, the user equipment sends data to the Internet through the main BRAS-UP device, and when the main BRAS-UP device fails, the user device sends data to the Internet through the standby BRAS-UP device. Sending data", the above-mentioned backup method of BRAS transfer and control separation may also include:

[0089] If the main BRAS-UP device does not fail, the main BRAS-UP device sends a gratuitous ARP (Address Resolution Protocol, address resolution protocol) message to the switch. The gratuitous ARP message can carry the MAC address of the main BRAS-UP device to enable The switch uses the MAC address of the main BRAS-UP device to update the MAC table entry. In this way, the switch uses the MAC table entry to send data (data sent by the user equipment to the Internet) to the main BRAS-UP device, and the main BRAS-UP device can use the above session Information sends data to the Internet. If the main BRAS-UP device fails, the standby BRAS-UP device sends a gratuitous ARP packet to the switch, which can carry the MAC address of the standby BRAS-UP device, so that the switch can use the MAC address of the standby BRAS-UP device The address updates the MAC table entry, so that the switch uses the MAC table entry to send data (data sent by the user equipment to the Internet) to the standby BRAS-UP device, and the standby BRAS-UP device can use the above session information to send the data to the Internet.

[0090] In an example, if the main BRAS-UP device does not fail, the BRAS-CP device or the management orchestrator can send a stop sending message to the standby BRAS-UP device. The stop sending message is used to indicate that the standby BRAS-UP device is no longer Send a gratuitous ARP message to the switch, so that the switch will not update the MAC table entries with the MAC address of the standby BRAS-UP device. If the main BRAS-UP device fails, the BRAS-CP device or the management orchestrator can send a start sending message to the backup BRAS-UP device. The start sending message is used to instruct the backup BRAS-UP device to send a free ARP message to the switch. In this way, the switch can update the MAC table entries with the MAC address of the standby BRAS-UP device.

[0091] The BRAS-UP device can be used as the gateway of the user equipment. In order to enable the traffic of the user equipment to be switched between different BRAS-UP devices, the MAC address of each BRAS-UP device can be the same, and this MAC address is used as the gateway MAC. Based on this, the MAC address of the primary BRAS-UP device is the same as the MAC address of the backup BRAS-UP device. The above-mentioned switch uses the MAC address of the primary BRAS-UP device/backup BRAS-UP device to update the MAC table entries, which is to adjust the MAC address The corresponding outgoing interface.

[0092] In summary, when the BRAS-UP device 131 does not fail, when the switch 121 receives the data sent by the user equipment 111 to the Internet, it sends the data to the BRAS-UP device 131 based on the MAC table entry, and the BRAS-UP device 131 After receiving the data, it sends the data to the Internet based on the above-mentioned session information. In addition, when the BRAS-UP device 131 fails, the switch 121 sends the data to the BRAS-UP device 132 based on the MAC table entry when receiving the data sent by the user equipment 111 to the Internet, and the BRAS-UP device 132 receives the data After that, the data is sent to the Internet based on the above-mentioned session information.

[0093] Among them, after the BRAS-UP device 131/BRAS-UP device 132 receives the data (data sent by the user equipment 111 to the Internet), it can query the routing table based on the destination IP address of the data, and send the data to the core router based on the routing table 151. The core router 151 sends data to the Internet.

[0094] In order to implement the above process, the core router 151 can also send a route to the BRAS-UP device 131/BRAS-UP device 132, so that both the BRAS-UP device 131 and the BRAS-UP device 132 can perform data transmission from the user device 111 to the Internet. The core router 151 can send the route to the BRAS-UP device 131 and the BRAS-UP device 132, so that when data needs to be switched between the BRAS-UP device 131 and the BRAS-UP device 132, each BRAS-UP device All UP devices can forward data based on the local routing table, which reduces the convergence time of handover and can transmit data normally.

[0095] In order to reduce the number of routes maintained by the BRAS-UP device 131/BRAS-UP device 132, when the core router 151 sends routes to the BRAS-UP device 131/BRAS-UP device 132, it can use aggregate routing, network segment routing, static routing, etc. In this way, the aggregate route, or network segment route, or static route is sent to the BRAS-UP device 131/BRAS-UP device 132, so that the number of routes sent by the core router 151 can be reduced, and the BRAS-UP device 131/BRAS-UP device can be reduced 132 The number of routes maintained.

[0096] Based on the same application concept as the above method, an embodiment of this application also proposes a backup device for BRAS transfer and control separation, which is applied to BRAS-CP equipment, see image 3 Shown is the structure diagram of the backup device for the BRAS transfer and control separation. The backup device for the BRAS transfer and control separation includes:

[0097] The determining module 301 is configured to determine the session information corresponding to the user equipment after the user equipment passes the authentication, and determine the tunnel backup group corresponding to the user equipment, the tunnel backup group including the BRAS-CP device and the main BRAS-UP device The main tunnel, the backup tunnel between the BRAS-CP device and the backup BRAS-UP device;

[0098] The sending module 302 is configured to send the session information to the master BRAS-UP device through the primary tunnel, so that the primary BRAS-UP device performs data transmission according to the session information; sends the session information to the backup BRAS-UP device through the backup tunnel, So that the backup BRAS-UP device performs data transmission according to the session information.

[0099] The determining module 301 is further configured to determine the network segment to which the user equipment belongs;

[0100] The sending module 302 is further configured to send the network segment to the main BRAS-UP device through the main tunnel when the network segment has not been sent, so that the main BRAS-UP device publishes and carries the network segment The first route is used to send data destined for the network segment to the master BRAS-UP device.

[0101] The sending module 302 is further configured to send the network segment through the backup tunnel if the primary BRAS-UP device fails after sending the network segment to the primary BRAS-UP device To the backup BRAS-UP device, so that the backup BRAS-UP device advertises a second route carrying the network segment, and the second route is used to send data destined for the network segment to the backup BRAS- UP equipment.

[0102] The sending module 302 is specifically configured to send the network segment to the backup BRAS-UP device through the backup tunnel, after sensing that the primary BRAS-UP device is faulty, send the The information that the primary BRAS-UP device fails is sent to the management orchestrator; if the master/backup switch message sent by the management orchestrator is received, the network segment is sent to the backup BRAS-UP device through the backup tunnel Or, if the master/backup switch message sent by the management orchestrator is received, it is determined that the master BRAS-UP device is faulty, and the network segment is sent to the backup BRAS-UP device through the backup tunnel; wherein, The master/backup switch message is sent when the management orchestrator senses that the master BRAS-UP device fails.

[0103] The determining module 301 is specifically configured to determine the receiving tunnel of the address request message in the process of determining the tunnel backup group corresponding to the user equipment; the receiving tunnel is the one that receives the address request message on the BRAS-CP device Tunnel, the address request message is sent by the user equipment through the BRAS-UP device;

[0104] Query the tunnel backup group matching the primary tunnel and the receiving tunnel, and determine the queried tunnel backup group as the tunnel backup group corresponding to the user equipment; wherein, the primary tunnels of different tunnel backup groups are different.

[0105] In an example, the backup device for BRAS transfer and control separation may further include (not shown in the figure): an establishment module for sequentially acquiring the tunnel between the BRAS-CP device and each BRAS-UP device ; Create a tunnel backup group for the acquired tunnel. In the created tunnel backup group, the primary tunnel is the acquired tunnel, and the backup tunnel is the tunnel other than the acquired tunnel; or,

[0106] The tunnel backup message sent by the management orchestrator is received, the primary tunnel information and the backup tunnel information are parsed from the tunnel backup message, and the tunnel backup group is created by using the primary tunnel information and the backup tunnel information.

[0107] The sending module 302 is further configured to send a stop sending message to the backup BRAS-UP device when the main BRAS-UP device does not fail, where the stop sending message is used to instruct the backup BRAS-UP device to stop sending. The UP device prohibits sending gratuitous ARP messages to the switch on the user side; when the primary BRAS-UP device fails, it sends a start sending message to the standby BRAS-UP device, where the start sending message is used to indicate all It is stated that the BRAS-UP device sends a gratuitous ARP message to the switch on the user side.

[0108] For the BRAS-CP device provided in the embodiments of the present application, from a hardware perspective, the hardware architecture diagram of the BRAS-CP device can be found in Figure 4. Including: machine-readable storage medium and processor, where:

[0109] Machine-readable storage medium: stores instruction codes.

[0110] The processor: communicates with a machine-readable storage medium, reads and executes the instruction code stored in the machine-readable storage medium, and implements the backup operation of BRAS transfer and control separation disclosed in the above examples of this application.

[0111] Here, the machine-readable storage medium may be any electronic, magnetic, optical, or other physical storage device, and may contain or store information, such as executable instructions, data, and so on. For example, the machine-readable storage medium may be: RAM (Radom Access Memory, random access memory), volatile memory, non-volatile memory, flash memory, storage drives (such as hard drives), solid state drives, any type of storage disks ( Such as CD, DVD, etc.), or similar storage media, or a combination of them.

[0112] An embodiment of the present application also proposes a machine-readable storage medium, which is characterized in that the machine-readable storage medium stores a number of computer instructions, and the following processing is performed when the computer instructions are executed:

[0113] After the user equipment is authenticated, the session information corresponding to the user equipment is determined, and the tunnel backup group corresponding to the user equipment is determined. The tunnel backup group includes the main tunnel between the BRAS-CP device and the main BRAS-UP device , The backup tunnel between the BRAS-CP device and the backup BRAS-UP device;

[0114] The session information is sent to the master BRAS-UP device through the primary tunnel, so that the primary BRAS-UP device performs data transmission according to the session information; the session information is sent to the backup BRAS-UP through the backup tunnel Device, so that the standby BRAS-UP device performs data transmission according to the session information.

[0115] The systems, devices, modules or units explained in the above embodiments may be implemented by computer chips or entities, or implemented by products with certain functions. A typical implementation device is a computer. The specific form of the computer can be a personal computer, a laptop computer, a cellular phone, a camera phone, a smart phone, a personal digital assistant, a media player, a navigation device, an email receiving and sending device, and a game control A console, a tablet computer, a wearable device, or a combination of any of these devices.

[0116] For the convenience of description, when describing the above device, the functions are divided into various units and described separately. Of course, when implementing this application, the functions of each unit can be implemented in the same one or more software and/or hardware.

[0117] Those skilled in the art should understand that the embodiments of the present application can be provided as methods, systems, or computer program products. Therefore, this application may adopt the form of a complete hardware embodiment, a complete software embodiment, or an embodiment combining software and hardware. Moreover, the embodiments of the present application may adopt the form of a computer program product implemented on one or more computer-usable storage media (including but not limited to disk storage, CD-ROM, optical storage, etc.) containing computer-usable program codes.

[0118] This application is described with reference to flowcharts and/or block diagrams of methods, equipment (systems), and computer program products according to the embodiments of this application. It should be understood that each process and/or block in the flowchart and/or block diagram, and the combination of processes and/or blocks in the flowchart and/or block diagram can be implemented by computer program instructions. These computer program instructions can be provided to the processor of a general-purpose computer, a special-purpose computer, an embedded processor, or other programmable data processing equipment to generate a machine, so that the instructions executed by the processor of the computer or other programmable data processing equipment are generated In the process Figure one Process or multiple processes and/or boxes Figure one A device with functions specified in a block or multiple blocks.

[0119] Moreover, these computer program instructions can also be stored in a computer-readable memory that can guide a computer or other programmable data processing equipment to work in a specific manner, so that the instructions stored in the computer-readable memory produce an article of manufacture including the instruction device, The instruction device is implemented in the process Figure one A process or multiple processes and/or boxes Figure one Functions specified in a box or multiple boxes.

[0120] These computer program instructions can also be loaded on a computer or other programmable data processing equipment, so that a series of operating steps are executed on the computer or other programmable equipment to produce computer-implemented processing, so that the computer or other programmable equipment is executed Instructions are provided to implement the process Figure one Process or multiple processes and/or boxes Figure one Steps of functions specified in a box or multiple boxes.

[0121] The above descriptions are only examples of this application and are not intended to limit this application. For those skilled in the art, this application can have various modifications and changes. Any modification, equivalent replacement, improvement, etc. made within the spirit and principle of this application shall be included in the scope of the claims of this application.