(1) Field of the Invention
The present invention relates to a routing control system and, more particularly, to a routing control system that is suitable for a Layer 3 Virtual Private Network (L3VPN) accommodating a plurality of customer or user networks.
(2) Description of Related Art
An IP network system is composed of a plurality of communication nodes such as routers and switches. Each communication node is provided with a packet transport function unit for switching packets among a plurality of line interfaces and a control function unit connected to the packet transport function unit. Each communication node updates its route information table maintained thereon by communicating route information with the other communication nodes, using a distributive routing protocol such as OSPF (Open Shortest Path First), BGP (Broader Gateway Protocol), or the like.
For a network system in which a distributive routing protocol is applied, the reliability of the control function unit of each communication node influences the stability of the entire network. For example, if a malfunction occurs in one of the communication nodes due to a coding error in a control program or a shortage of memory capacity, this malfunction has an impact on routing control across the entire network system and may give rise to disrupted communication on a particular route according to circumstances.
For such a distributive routing based network, a network control scheme called C/U (Control plane/User plane) separation is under study. This network control scheme separates the routing function from the IP packet transport function of routers in an IP network. An example of the C/U separation scheme is provision of a server called a route server for intensively handling route control in the IP network. The route server collectively calculates route information for every communication node in the network when a link status changes in the IP network and distributes optimum route information to each communication node. According to this control scheme, it is possible to reduce the necessary time for route optimization, by notifying link status changes from each node to the route server so that the route server intensively controls routes in the network.
Meanwhile, communication carriers provide various types of private communication networks (VPNs: Virtual Private Networks) as wide area connection services instead of traditional dedicated line services. In such a VPN service, because a plurality of customers can share network resources provided by a carrier, each carrier can offer communication services to a larger number of customers at a lower price with reduced infrastructure investment cost.
One of the VPN services provided by a carrier is an L3 (Layer 3) VPN service that provides virtual IP networks to multiple customers. The L3VPN service can be implemented in several ways and a representative one is a peer-to-peer communication system using MPLS/BGP (Multi-Protocol Label Switching/Broader Gateway Protocol), e.g., described in “BGP/MPLS VPNs” RFC2547, Internet Engineering Task Force (IETF), March 1999 (Non-Patent Document 1). As other implementations, for example, an overlay type using IPsec, a separation type employing virtual routers, etc. are known.
In order to improve communication reliability in the VPN services, a technique to recover the communication by path switching when a route failure occurs is known, for example, as disclosed in Japanese Unexamined Patent Publication No. 2006-135686 (Patent Document 1). By adopting the path switching technique, in the case where disconnection of a communication line or a fault in a communication node occurs, communication over the VPN via the faulty line or faulty node can be recovered.
In one of the L3VPN services, a routing control interface at a network edge is prescribed so that the carrier network can be seen as a single router from each user network (customer network). In this case, each of the routers in the user networks can communicate route information with a routing system located in the carrier network in accordance with a routing protocol such as OSPF or RIP. According to this architecture, each user can reduce management cost because all route information for the VPN provided by the carrier and a plurality of access points connected to the VPN can be managed by a single routing protocol.
In a case where a carrier builds a routing system for L3VPN service by employing the above-mentioned route server, in order to improve the reliability of communication service and the performance of system management, and opens the routing protocol interface of the route server to the respective routers in the user networks, the route server (routing system) has to be provided with the following functions of:
(1) collecting routing control packets from each router in the user networks;
(2) VPN route information management for managing route information for each user network;
(3) VPN routing control for calculating route information for each user network; and
(4) route information distribution for converting route information for each user network into route information in the carrier network and reflecting the route information to each router in the user networks.
In a case where a plurality of user networks are connected to a single network, e.g., an L3VPN service network provided by the carrier and routing control for the user networks is performed by a route server, the carrier has to operate the routing system (route server) so that route setup requests issued from the user networks do not interfere with each other. However, when a plurality of user networks are connected to the L3VPN service network, the load of the routing system increases on account of various factors.
If a new customer joins in the L3VPN service, for example, the load of the routing system increases because of an increase in the number of networks to be controlled. Further, if a loop has occurred in an Ethernet (registered trademark) serving as a user network due to incorrect cable connection, for example, there is a risk that a storm of routing control packets (routing requests) transmitted from routers in the user network may occur. In this case, a burst of routing control packets not foreseen by the routing protocol will be transmitted into the routing system (route server), thereby causing a surge in the processing load on the route server.
Failure having occurred in one of the routers in the user networks and bugs involved in routing control software running on the router may result in a burst of routing control packets. In a communication network in which a routing protocol such as OSPF or RIP is applied, when reception of keep-alive packets from a neighboring router ceases, each router recalculates a route according to the routing protocol and advertises updated route information to other routers in the network. In this case, if a failed router performs routing control in a sequence different from the other routers, there is a possibility of no convergence of route calculation in the network. Transmission of a burst of routing control packets from a user network by a malicious user also causes a surge in the load on the route server.