共查询到18条相似文献,搜索用时 125 毫秒
1.
基于VRF和RT实现BGP/MPLS VPNs中的VPN拓扑发现 总被引:3,自引:0,他引:3
在RFC 2547中定义的BGP/MPLS VPNs允许服务提供者使用他们的IP骨干提供VPN服务,使用BGP对骨干网络的路由器分发VPN路由信息,使用MPLS转发VPN流量。BGP/MPLS VPNs允许服务提供者在VPN内定义拥有任意数量结点的任意拓扑。服务提供者能建立使用相同核心网络的多个VPN。目前大多数服务提供者手工地或通过使用配置的数据库实现BGP/MPLS VPNs。本文描述的算法使VPN拓扑发现过程自动化。使用该算法,服务提供者能使用当前网络配置信息自动地发现VPN拓扑。 相似文献
2.
3.
4.
5.
介绍BGP/MPLS IP VPN技术,又称三层MPLS VPN,它使用BGP进行路由信息的分发和使用MPLS进行包转发,具有较好的服务质量。重点分析BGP/MPLS IP VPN网络在IPv4和IPv6中的应用,并对基于Carrier of Cartier VPN的BGP/MPLS VPN的IPv6扩展方案进行研究,此方案提供了运营级的解决方法,并能利用现有的IPv4资源,有较好的灵活性和扩展性。 相似文献
6.
7.
8.
9.
BGP MPLS VPN是未来VPN技术的主流,随着企业信息化进程的加快,越来越多的用户要求能够跨市、跨省甚至跨国的通信。在不同服务商的AS域中,通过配置ABSR之间互连接口的IP地址、为VPN配置VRF的导入,导出策略以及在ASBR上对MP—BGP的特殊配置,实现了Multi—hopMP—EBGP运行,并分析了这种组网方式的性能。 相似文献
10.
基于BGP/MPLS的VPN解决方案 总被引:1,自引:0,他引:1
马荣飞 《计算机测量与控制》2005,13(2):180-183
分析了基于BGP/MPLS技术的CISCO IP VPN模型,重点论述了BGP/MPLS IP VPN的网络构成,技术特点,路由转发过程,并给出了CISCO路由器的配置过程及具体示例,最后测试表明,该方案具有较大的真实性、完整性、可靠性和实用性。 相似文献
11.
边界网关协议(BGP)是Internet域间路由的事实标准,它允许各自治系统独立配置路由选择和播发策略,但这种局部配置可能导致全局策略配置冲突和低效,从而引起路由振荡的问题。文章分析了域间路由振荡问题,并综述了其相应的各种解决方案。 相似文献
12.
Huaming Guo 《Computer Communications》2011,34(2):192-199
The Internet composes of thousands of Autonomous System (ASes). The Border Gateway Protocol (BGP) is the standard protocol for sharing inter-domain routing information. Unlike OSPF and IS-IS, BGP allows an AS to use a lot of attributes to express semantic rich routing policies that are consistent with its desired economic, business, performance, and security goals. However, the expressiveness could cause to delay convergence or even divergence in BGP. Recent work do not rigorously analyze the impact of the general routing policies on the convergence condition and convergence time of BGP, especially considering the widely used Multi-Exit Discriminator (MED) attribute. In this paper, we will fill this gap and give the rigorous analysis on the impact of the general routing policies on the convergence condition and convergence time of BGP, including MED attribute. We first introduce a timeless model to represent BGP with the general routing policies including the MED attribute. By incorporating the timeless model we derive a sufficient condition on these general routing policies for robust convergence of BGP. We then extend the timeless model to the real-time model by adding the edge delay. Finally, we find an upper bound on convergence time of BGP by incorporating the real-time model. 相似文献
13.
Jose M. Camacho Alberto García-Martínez Marcelo Bagnulo Francisco Valera 《Computer Networks》2013,57(4):954-975
Multipath interdomain routing has been proposed to enable flexible traffic engineering for transit Autonomos Systems (ASes). Yet, there is a lack of solutions providing maximal path diversity and backwards compatibility at the same time. The BGP-XM (Border Gateway Protocol-eXtended Multipath) extension presented in this paper is a complete and flexible approach to solve many of the limitations of previous BGP multipath solutions. ASes can benefit from multipath capabilities starting with a single upgraded router, and without any coordination with other ASes. BGP-XM defines an algorithm to merge into regular BGP updates information from paths which may even traverse different ASes. This algorithm can be combined with different multipath selection algorithms, such as the K-BESTRO (K-Best Route Optimizer) tunable selection algorithm proposed in this paper. A stability analysis and stable policy guidelines are provided. The performance evaluation of BGP-XM, running over an Internet-like topology, shows that high path diversity can be achieved even for limited deployments of the multipath mechanism. Further results for large-scale deployments reveal that the extension is suitable for large deployment since it shows a low impact in the AS path length and in the routing table size. 相似文献
14.
域间路由系统自治域(ASes)间具有不同的商业关系和路由策略.违反自治域间出站策略协定的路由传播可能引发路由泄露,进而导致网络中断、流量窃听、链路过载等严重后果.路由策略符合性验证对于保证域间路由系统安全性和稳定性至关重要.但自治域对本地路由策略自主配置与隐私保护的双重需求增加了验证路由策略符合性的难度,使其一直是域间路由安全领域尚未妥善解决的难点问题.提出一种基于区块链的域间路由策略符合性验证方法.该方法以区块链和密码学技术作为信任背书,使自治域能够以安全和隐私的方式发布、交互、验证和执行路由策略期望,通过生成对应路由更新的路由证明,保证路由传播过程的真实性,从而以多方协同的方式完成路由策略符合性验证.通过实现原型系统并基于真实路由数据开展实验与分析,结果表明该方法可以在不泄露自治域商业关系和本地路由策略的前提下针对路由传播出站策略符合性进行可追溯的验证,以合理的开销有效抑制策略违规路由传播,在局部部署情况下也具有显著的策略违规路由抑制能力. 相似文献
15.
16.
Jian Jiang Wei Li Junzhou Luo Jing Tan 《Journal of Network and Computer Applications》2013,36(6):1671-1683
Border Gateway Protocol (BGP) has no mechanism to guarantee the consistency between actual routing path and announced routing path in the inter-domain routing. Due to incentives of gaining more economic benefits, malicious Autonomous Systems (AS) could announce inconsistent path and misroute data packets. In this case, routing policies are meaningless, rational ASes are cheated and stability of Internet is destroyed seriously. Existing methods are devoted to securing announce routing path only or discovering path inconsistency with lots of overhead. Based on network accountability, a routing path verification mechanism is proposed to detect path inconsistency. The mechanism enables ASes in the path to generate routing evidence. Routing evidence is produced by analyzing packets in a time slot and is encrypted with the key of AS. With routing evidence, source AS checks every subpath connecting adjacent ASes until it confirms the existence of path inconsistency. The factors that influence the mechanism and the deployment in the real network are also discussed. The experiment results show that it has a good performance from aspects of effectiveness, overhead and scalability. 相似文献
17.
路由协同监测通过在自治系统之间共享路由监测信息来形成更为完整的全局监测视图,从而克服域间路由系统自治性的制约,提高单个自治系统的路由监测能力.针对路由协同监测的核心问题——监测信息共享,基于自组织思想设计了信息共享机制CoISM.该机制利用BGP路由策略引起的信息局部性对路由监测信息的传播范围进行裁减和控制,在被动查询的基础上增加了信息"反射"行为,利用路由监测信息之间的相关性实现信息的主动推送,将自治系统的利益建立在主动信息共享这一利他行为的基础上.CoISM能够引导自治系统实现路由监测信息的自组织聚合与按需共享,具有激励性,能够促进自治系统之间的协同.该机制采用分布式体系结构,具有良好的扩展性和较低的通信开销,不需要修改BGP协议,支持可渐进部署,适用于域间路由协同监测、路由故障协同分析、协同入侵检测等多种跨域协同管理应用. 相似文献
18.
因特网边界网关协议BGP是基于策略的路由协议,它为路由选择提供了灵活性,然而,实践表面BGP路由会产生振荡,其原因是路由策略配置冲突,通过分析AS关系,提出一种基于AS关系的路由策略冲突检测算法,该算法根据AS关系下的路由策略配置原则检测路由策略配置错误。 相似文献