30 results about "Virtual routing and forwarding" patented technology

Methods and Systems are provided for a distributed Provider Edge (PE). A single Virtual Routing and Forwarding device (VRF) is associated with a single customer site. The VRF includes a single routing table (RIB) and a single forwarding table (FIB). The VRF also includes a plurality of Virtual Private Network (VPN) Protocol Instance Modules (VRP), where each VRP is associated with a different VPN from the customer site. Each VRP accesses the RIB directly and the FIB indirectly to acquiring addressing / routing information for a received data packet. Moreover, each VRP uses a data plane of the VRP to communicate the data packets to a PE backbone device. In turn, the PE backbone device uses the data plane to communicate with each of the VRPs, and the PE backbone device communicates with one or more tunnels.

An apparatus for monitoring network connectivity is disclosed. A system that incorporates teachings of the present disclosure may include, for example, a network device having a controller element to route packets to one or more locations of a virtual private network utilizing Virtual Routing and Forwarding (VRF) functionality, and route a connectivity message to a connectivity server in response to receiving a query for connectivity information. The query can be grouped with at least one other query for at least one among a border network device of a service provider and a customer network device of the virtual private network. Additional embodiments are disclosed.

A system and method for transmitting data from a first site to a second site over a shared Multi-Protocol Label Switched (MPLS) network comprising a plurality of routers, including an ingress router in communication with the first site and an egress router in communication with the second site, includes configuring a plurality of label switching paths between the ingress router and the egress router over a plurality of label switching devices. The method further includes performing a first lookup on one of at least one virtual routing and forwarding (VRF) table stored in the ingress router, whereby the first lookup identifies one routing table from a plurality of routing tables stored in the ingress router, each routing table being associated with one of the plurality of label switched paths, and performing a second lookup on the one routing table, wherein the routing table defines the associated label switched path between the ingress router and the egress router for a virtual private network (VPN) between the first site and the second site.

The embodiment of the invention discloses a method and a device for maintaining a routing list, which relate to announcement of a routing message in a virtual private network (VPN) and solve the problem that the frequency of a virtual routing and forwarding (VRF) instance searching the same routing message in the prior VPN in case of announcement of a routing message is higher. The method comprises the following steps: selecting a source routing list and target routing lists; searching every routing message in the source routing list; and storing the searched routing message into at least two target lists, respectively. The device comprises a routing list selection module used for selecting the source routing list and the target routing lists; a routing message searching module used for searching the routing messages in the source routing list; and a distribution module used for distributing the searched routing messages into at least two target lists. The embodiment of the invention is mainly applicable in an edge router which constructs the VPN.

A system and method are disclosed for routing packet traffic. A system that incorporates teachings of the present disclosure may include, for example, a Provider Edge (PE) router having a routing element that routes packet traffic between a plurality of autonomous systems according to one or more Virtual Routing and Forwarding (VRF) tables each having a plurality of Enhanced Interior Gateway Routing Protocol (EIGRP) Autonomous System (AS) numbers. Other embodiments are disclosed.

The invention provides a message processing method, a message processing device and a switch. The method includes the following steps that: the switching chip of a three-layer authentication switch receives a data message from a user through a first port and obtains a source network protocol IP address from the data message, wherein the data message is forwarded by a three-layer core device; a preset virtual routing and forwarding identifier (VRFID) is distributed for the data message; routing table query is carried out according to the source network protocol IP address and the preset VRFID, and whether the user is an authenticated user is judged; if the user is an authenticated user, the data message is transmitted to an exit device, the destination MAC address and source MAC address of the data message do not change after routing table query; if the user is not an authenticated user, the data message is transmitted to the central processing unit (CPU) of the three-layer authentication switch, and the CPU transmits the data message to an authentication server for authenticating the data message. With the message processing method, the message processing device and the switch of the invention adopted, the processing speed of the message can be improved, and the load of the authentication server can be reduced.

The invention provides a multicast forwarding method and a device as well as a network device. The method comprises the following steps: a first PE (Provider Edge) in a first VPN (Virtual Private Network) receives a private network multicast message transmitted by a multicast source in the first VPN; the first PE encapsulates the private network multicast message according to a public network multicast address of MD (Multicast Domain) that the second PE belongs to in the second VPN configured under the MVRF (Multicast Virtual Routing and Forwarding) of the first PE to generate a public network multicast message whose destination address is the public network multicast address of the MD that the second PE belongs to, and transmits the public network multicast message to the second PE so that the second PE restores the public network multicast message into the private network multicast message and then transmits to the second VPN. The technical proposal of the invention ensures that the amount of MT (Multicast Tunnel) established between the VPN and the PE configured on the PE is reduced during VPN multicast spanning, and the resources of VPN and MT are saved.

The invention discloses a method for establishing a multicast distribution tree in a mode of inter-virtual private network (VPN), equipment and a system thereof. The method comprises the following steps that: when receiving bootstrap messages (BSM) published by a bootstrap router (BSR) in a first VPN, a first provider edge (PE), which is responsible for forwarding the message inter-VPN, floods on all multicast interfaces in virtual routing and forwarding (VRF) information of the first VPN and the VRF information of the each second VPN of the BSM according to the preconfigured VRF information of the first VPN and the VRF information of the each second VPN associated with the first VPN; customer edges (CEs) in the first VPN and the second VPN learn rendezvous point (RP) information which is in the received BSM; the CEs in the first VPN and the second VPN send Joint messages to the learned RP so as to construct the multicast distribution tree in the mode of inter-VPN. By using the invention, in the current multicast VPN outside network application, a problem of large network maintenance workload caused by static configuration of the RP can be solved and single point faults are not easy to be formed.

The embodiment of the invention discloses a method and a device of accessing virtual private network, relates to the field of communication technologies, and is capable of enabling a single user to access a plurality of VPNs (Virtual Private Network), and satisfying requirements of route isolation and information isolation among the VPNs. The method comprises the following steps of determining the virtual private network VPN to be accessed through user equipment according to account information of the user; transmitting a configuration message to a provider edge router PE, wherein the configuration message comprises an extension field, and the extension field comprises a virtual routing and forwarding instance VRF attribute value corresponding to the VPN; receiving acknowledgement information transmitted by the PE after configuration of the PE is completed; transmitting a service message to the VPN. The invention is suitable for the virtual private network VPN.

An information handling system is provided. The information handling system includes a customer edge device coupled to a provider edge device. The customer edge device provides a default virtual routing and forwarding (VRF) instance that receives a multicast stream from the provider edge device. The information handling system also includes a plurality of host devices and a plurality of virtual local area networks (VLANs). Each of the VLANs includes at least one of the host devices and is assigned to a subscribing VRF instance, with each of the subscribing VRF instances subscribing to the default VRF instance in order to receive a copy of the multicast stream from the provider edge device. The single copy of the multicast stream is transmitted over the PE-CE link regardless of the number of subscribing VRFs.

A system and method are disclosed for routing packet traffic. A system that incorporates teachings of the present disclosure may include, for example, a Provider Edge (PE) router having a routing element that routes packet traffic between a plurality of autonomous systems according to one or more Virtual Routing and Forwarding (VRF) tables each having a plurality of Enhanced Interior Gateway Routing Protocol (EIGRP) Autonomous System (AS) numbers. Other embodiments are disclosed.

The invention provides a method and device for achieving virtual routing and forwarding (VRF) on the basis of the Linux system. The method is applied to a network device based on the Linux system and comprises the steps of establishing a network name space in an inner core space, generating a name and a logo of a VRF example associated with a list item for message forwarding in the network name space, and storing the name and the logo of the VRF example in the network name space; configuring at least one VRF example which a network interface belongs to for the network interface of the network device; enabling the network device to receive messages through the network interface, enabling the logo of the VRF example configured for the network interface to serve as a keyword so as to find the network name space comprising the keyword, and utilizing the found list item for message forwarding in the network name space to select a route for the messages.

The problem of processing an egress packet by a data forwarding device having (1) a first routing stack associated with a first namespace and a first interface, (2) a second routing stack associated with a second namespace and a second interface, wherein at least some forwarding information included in the second namespace is incompatible with the first routing stack, (3) a virtual routing and forwarding instance (VRF), and (4) a shared session layer socket associated with both the first and second routing stack, and bound to the VRF, where the VRF is associated with the second interface via the second routing stack, is solved by: adding the first interface to the VRF whereby the VRF is associated with both the first and second interfaces; and responsive to the adding of the first interface to the VRF, (1) adding routes from the second namespace to the first namespace such that network address prefixes of the second namespace are associated with a “special” next hop, and (2) flagging the shared session layer socket bound to the VRF. When an egress packet on the flagged shared session layer socket is received, the data forwarding device (1) sends the egress packet to the first routing stack for processing, (2) looks up next hop information using the first namespace of the first routing stack, and (3) determines whether or not the next hop information is a “special” next hop. Responsive to a determination that the next hop information is a “special” next hop, the data forwarding device injects the egress packet into the second routing stack for processing.

Systems and methods for a VRF-aware socket are provided. According to one embodiment, a user-space application of a network device, maintaining a virtual routing table for each of multiple VRF domains, creates a VRF-aware listening socket. The socket includes information regarding: (i) which of the virtual routing tables is to be used to look up routing or forwarding information for outgoing traffic; (ii) the VRF domain(s) from which the socket is able to receive incoming traffic; and / or (iii) the last VRF domain from which the socket read data. The socket is configured to be a super-VRF listening socket capable of receiving incoming traffic from all VRF domains by setting its VRF domain(s) to a wildcard value. The super-VRF listening socket then receives from a client device associated with a first VRF domain of the multiple VRF domains a request on behalf of the user-space application.

The invention provides a multicast forwarding method and a device as well as a network device. The method comprises the following steps: a first PE (Provider Edge) in a first VPN (Virtual Private Network) receives a private network multicast message transmitted by a multicast source in the first VPN; the first PE encapsulates the private network multicast message according to a public network multicast address of MD (Multicast Domain) that the second PE belongs to in the second VPN configured under the MVRF (Multicast Virtual Routing and Forwarding) of the first PE to generate a public network multicast message whose destination address is the public network multicast address of the MD that the second PE belongs to, and transmits the public network multicast message to the second PE so that the second PE restores the public network multicast message into the private network multicast message and then transmits to the second VPN. The technical proposal of the invention ensures that the amount of MT (Multicast Tunnel) established between the VPN and the PE configured on the PE is reduced during VPN multicast spanning, and the resources of VPN and MT are saved.

A system includes a first MODEM configured to generate a first data packet (including a first virtual routing and forwarding (VRF) instance identifier associated with a first service, a first user group, or both) based on a first radio-frequency (RF) signal and a second MODEM configured to generate a second data packet (including a second VRF instance identifier associated with a second service, a second user group, or both) based on a second RF signal. The system includes a network device configured to receive the first data packet, transmit a first packet (including a first header that includes a first indicator associated with a first VRF instance) to a first device via a network, receive the second data packet, and transmit a second packet (including a second header that includes a second indicator associated with a second VRF instance) to a second device via the network.

Systems and methods for enabling access to dedicated resources in a virtual network using top of rack switches are disclosed. A method includes a virtual filtering platform encapsulating at least one packet, received from a virtual machine, to generate at least one encapsulated packet comprising a virtual network identifier (VNI). The method further includes a TOR switch for (1) receiving the at least one encapsulated packet and decapsulating the at least one encapsulated packet to create at least one decapsulated packet, (2) using the VNI to identify a virtual routing and forwarding artifact to determine a virtual local area network interface associated with the dedicated hardware portion, and (3) transmitting the at least one decapsulated packet to the dedicated hardware portion based on at least one policy provided by a controller, wherein the at least one policy comprises the information related to a customer of the service provider.

The invention discloses a method for establishing a multicast distribution tree in a mode of inter-virtual private network (VPN), equipment and a system thereof. The method comprises the following steps that: when receiving bootstrap messages (BSM) published by a bootstrap router (BSR) in a first VPN, a first provider edge (PE), which is responsible for forwarding the message inter-VPN, floods on all multicast interfaces in virtual routing and forwarding (VRF) information of the first VPN and the VRF information of the each second VPN of the BSM according to the preconfigured VRF information of the first VPN and the VRF information of the each second VPN associated with the first VPN; customer edges (CEs) in the first VPN and the second VPN learn rendezvous point (RP) information which is in the received BSM; the CEs in the first VPN and the second VPN send Joint messages to the learned RP so as to construct the multicast distribution tree in the mode of inter-VPN. By using the invention, in the current multicast VPN outside network application, a problem of large network maintenance workload caused by static configuration of the RP can be solved and single point faults are not easy to be formed.

A Long Term Evolution (LTE) network management system processes and displays Internet Protocol (IP) usage data between LTE network elements. A routing system exchanges IP packets between the LTE network elements using Virtual Routing and Forwarding (VRF) modules. The routing system generates usage data associating individual ones on the VRF modules with amounts of IP packets exchanged between the LTE network elements. A network control system processes the usage data to determine the amounts of the IP packets exchanged between the LTE network elements for each of the individual VRF modules. The network control system graphically displays the amounts of IP packets exchanged between the LTE network elements for each of the individual VRF modules.

Described herein are systems, methods, and software to manage virtual routing and forwarding (VRF) in a computing environments. In one example, a management service identifies a registration or import of a route target (RT) to communicate in a VRF and identifies a first unique identifier associated with the RT. The management service further identifies a second unique identifier associated with the VRF and compares the first unique identifier to the second unique identifier. When the unique identifiers match, the management service determines that intra-VRF encryption is required for the communication. In contrast, when the unique identifiers do not match, then the management service determine that inter-VRF encryption is required for the communication.

The invention belongs to the field of data processing, and discloses a virtual routing and forwarding method, device and system. The method is used to process a virtual routing and forwarding request of an industrial edge cloud of a third-party industrial application, including: obtaining multiple industrial edges of a third-party industrial application The cloud virtual routing forwarding request, each of the industrial edge cloud virtual routing forwarding requests includes evaluation indicators; in-depth analysis and in-depth analysis and evaluation are performed on the evaluation indicators in the multiple industrial edge cloud virtual routing forwarding requests to generate industrial edge cloud virtual routing requests. The forwarding analysis result of the routing forwarding request; sending the forwarding analysis result to the local industrial edge cloud, so that the local industrial edge cloud performs virtual routing forwarding according to the forwarding analysis result and feeds back the execution result to the third-party industrial application. The present invention can reduce the forwarding delay, traffic cost and routing cost of industrial edge cloud virtual routing and forwarding for third-party industrial applications.

A method, apparatus and computer program product for providing Virtual Routing and Forwarding (VRF) and gateway Media Access Controller (MAC) distribution is presented. At least one subnet associated with a Layer 2 Virtual Switching Network (L2VSN) is provided on a network device. A message is propagated to a distributed Datapath. Network devices install the message as a routable MAC address on the L2VSN for the Layer 3 Virtual Switching Network / Virtual Routing and Forwarding (L3VSN / VRF) associated with the message. Edge devices route packets on the L2VSN addressed to the gateway MAC address.