A Multi-Protocol Label Switching (MPLS) Layer3 Virtual Private Network (L3VPN) is an L3VPN technology based on a service Provider Edge (PE) in a Service Provider (SP) VPN solution, which publishes a VPN route on a backbone network of an SP by using a Border Gateway Protocol (BGP) and forwards a VPN message on the backbone network of the SP by using MPLS.
The MPLS L3VPN has a flexible networking mode, is well expandable, and can conveniently support MPLS Quality of Service (QoS) and MPLS Traffic Engineering (TE), thereby obtaining an increasing number of applications.
An MPLS L3VPN model is composed of three parts namely a Customer Edge (CE) device, a PE device and a P device.
The CE device is also called a customer network edge device, directly connected to the SP via an interface. A CE may be a device or a switch and may be a host. The CE cannot ‘perceive’ the existence of a VPN and does not have to support the MPLS.
The PE device is also called a service PE device which is an edge device of an SP network and is directly connected to the CE of a customer. In an MPLS network, all processing for the VPN may occur on a PE.
The P device is a backbone device in the SP network, which is not directly connected to the CE. The P device only needs to have a basic MPLS forwarding ability.
The CE and the PE are mainly divided according to management ranges of the SP and the customer, and the CE and the PE are borders of the management ranges of the SP and the customer.
The CE device is a router generally, and when an adjacency relation is established between the CE and the PE directly connected thereto, the CE publishes the VPN route of this site and learns a far-end VPN route from the PE. Route information is switched between the CE and the PE by using the BGP/an Interior Gateway Protocol (IGP), and a static route can be used.
After learning local VPN route information of the CE from the CE, the PE switches the VPN route information to other PEs. A PE router only maintains the VPN route information directly connected thereto, and does not maintain all VPN routes in the SP network.
A P router only maintains a route to the PE and does not need to know any VPN route information.
When VPN traffic is transmitted on an MPLS backbone network, an ingress PE serves as an ingress Label Switch Router (LSR), an egress PE serves as an egress LSR, and the P router serves as a transit LSR.
In consideration of the forwarding reliability of an L3VPN service message, an L3VPN service can be protected by adopting a VPN Fast ReRoute (FRR), linear tunnel protection groups and loop network protection groups during networking, and three protection types can be freely combined.
FIG. 1 is a system structure diagram of superposed protection for an L3VPN service via three protection types. As shown in FIG. 1, there is an L3VPN service between a CE1 and a CE2, and a PE1->PE2 path and a PE1->PE3 path form the VPN FRR, wherein the PE1->PE2 path is a main VPN, and the PE1->PE3 path is a standby VPN; two paths of the PE1->PE2 path, namely a PE1->P1->PE2 path and a PE1->P2->PE2 path, form a main VPN linear tunnel protection group; two paths of the PE1->PE3 path, namely a PE1->P3->PE3 path and a PE1->P4->PE3 path, form a standby VPN linear tunnel protection group; the PE1->P1->PE2 path forms a main tunnel of a main VPN loop network protection group; a PE1->P1->PE2->P2->PE1 path forms a standby tunnel, also a loop tunnel, of the main VPN loop network protection group; likewise, the PE1->P3->PE3 path forms a main tunnel of a standby VPN loop network protection group; and a PE1->P3->PE3->P4->PE1 path forms a standby tunnel, also a loop tunnel, of the standby VPN loop network protection group. Layer3 superposed protection for the L3VPN service is formed by the VPN FRR, the linear tunnel protection groups and the loop network protection groups.
FIG. 2 is a flow diagram of uplink processing for an MPLS L3VPN of a PE device according to the relevant art. In FIG. 2, a processing flow of the L3VPN of an Application Specific Integrated Circuit (ASIC) chip, and next-hop forwarding information is obtained by route lookup for forwarding.
FIG. 3 is a switching process diagram of a Layer3 superposed protection method according to the relevant art. FIG. 3 shows a traditional MPLS L3VPN VPN FRR switching principle, namely: all possible next-hop forwarding tables (at most eight next-hop forwarding tables possibly) are created firstly; when switching is needed, a final forwarded next-hop is decided according to states of the linear tunnel protection groups, states of the loop network protection groups and a state of a VPN protection group; when the state of the VPN protection group changes or the state of each tunnel protection group changes, it is necessary to judge whether next-hop switching is needed; a great number of next-hop resources (namely the created next-hop forwarding tables) are consumed, and meanwhile, the complexity of the flow is higher; for example, if the states of the tunnel protection groups change, all services (namely service routes) on the tunnel protection groups need to be switched respectively; and thus, time for switching the tunnel protection groups will not meet a requirement of 50 ms when there are a lot of services.
An effective solution is not proposed currently for the problem in the relevant art that a time delay is overlong due to respective switching of each service route in layer3 superposed protection.