1. Field of the Invention
The present invention relates to a device, network, and system for forwarding frames between geographically dispersed user networks. More particularly, the present invention relates to a frame forwarding system which employs a plurality of devices and links to transport frames between external user networks that belong to a particular group. The present invention also relates to the devices and network involved in that system.
2. Description of the Related Art
Many companies have an enterprise network for communication between their geographically dispersed business units through the use of wide area network (WAN) connections. To support construction of such networks, Internet service providers and telecommunications carriers (collectively, WAN providers) are offering virtual private network (VPN) services on their backbone network, permitting a group of external user networks to use a part of the bandwidth of their backbone transport. With VPN facilities, a company can build their own intranet environment by interconnecting local area networks (LANs) located in distant sites. The present invention assumes the presence of an intermediary network system with VPN services, for example, which provides transparent connection between such LAN segments in a company. In this system, LANs in geographically dispersed user sites are attached to a WAN provider's backbone system as its external networks.
FIG. 30 illustrates the relationship between a backbone network and its external networks. Here, the backbone network refers to a network operated by a WAN provider, which provides users with wide area networking services. External networks, on the other hand, are user networks (e.g., company LANs) which are located at different user sites and attached to different edge devices of the backbone network.
More specifically, in the example network system of FIG. 30, a plurality of user networks (LAN segments) 14 to 16 are coupled to a carrier network 10 that a telecommunications carrier offers. The carrier network 10 includes carrier nodes 11 to 13 which transport packets between the user networks 14 to 16 attached to them. Here, the carrier network 10 serves as a VPN backbone that interconnects the user networks 14 to 16 as its external networks. From the user's point of view, the carrier network 10 functions as a transparent bridge, or a transparent bridge network which consists of bridges.
The user networks 14 to 16 are geographically dispersed LAN segments, being bridged to the carrier network 10 through their nearest carrier nodes 11 to 13. An end station 17 is a piece of equipment based on a personal computer or other similar platform, which communicates with other stations (not shown) via the user network 14. Besides using VPN service over the carrier network 10, the user network 14 also has a backdoor link 18 to reach the remote user network 16. This backdoor link 18 is a temporary connection established on, for example, a separate telecommunication circuit for maintenance purposes.
The backdoor link 18, when added, creates a closed loop within the system of FIG. 30 because it runs in parallel with an existing network path between the user networks 14 and 16. When a certain node flooded a packet out all ports in such a loop situation, broadcast packets would be generated endlessly, thus causing a problem known as a “broadcast storm.” Since the looping traffic overwhelms the network capacity, the broadcast storm substantially blocks other packet traffic on the network.
To avoid the above problem, conventional network nodes are designed to detect and block a potential loop path, using a method known as the spanning tree protocol (STP). This protocol creates a stable loop-free tree structure on any given physical topology, thus preventing packets from circulating endlessly. Specifically, the spanning tree algorithm uses the priorities assigned to individual bridges and their ports to determine which links should be used when there are multiple paths between bridges. By pruning redundant links with low priorities, the algorithm configures a loop-free logical network topology (called “spanning tree topology”) where a single network node is designated as the root bridge, and all other nodes are arranged in subtrees below that bridge.
To determine an appropriate logical topology with STP, all bridges in both the carrier network and user networks have to be involved in the spanning tree algorithm processing. For this reason, every node within a carrier network acts as a bridge that transmits and receives control messages called “STP Bridge Protocol Data Unit” (BPDU), and the inter-node links carry them from node to node. A more specific discussion follows below.
FIG. 31 shows an example of an intranet where three user networks 23 to 25 are interconnected with VPN services on a WAN provider's backbone network. As can be seen in FIG. 31, STP BPDUs are sent over a carrier network, which is now working as bridge-to-bridge links to connect between three carrier nodes 20 to 22. With STP BPDUs, the carrier nodes 20 to 22 manage the state of individual ports that accommodate those links. Here, the carrier nodes 20 to 22 each function as a bridge to serve user networks 23 to 25, which are attached to the remaining ports of them. Every link within the carrier network serves as an independent link to connect those nodes together. The spanning tree algorithm transmits and receives STP BPDUs on every port of the nodes in order to determine to which state they should be set. This means that the spanning tree topology involves all individual inter-node links within the carrier network.
As another example, FIG. 32 shows a conventional LAN emulation system where STP BPDUs are sent over an asynchronous transmission mode (ATM) backbone. The illustrated system includes an ATM network 30 which offers virtual connection-oriented service with cell switching techniques. This network 30 transports user data at high bitrates in the form of cells with VPI/VCI in their header field, over communication paths previously established between ATM devices by using hierarchically structured ATM addresses.
The ATM network 30 provides an emulated LAN (ELAN) with its fully meshed connectivity, which permits LAN emulation clients (LECs) 31 to 33 to broadcast packets. Each node has an ELAN connection port and manages the state of that port. LECs set up a point-to-point Control Direct VCC (virtual channel connection) and a point-to-multipoint Control Distribute VCC to the LAN emulation server (LES) when they initially join a particular emulated LAN. The LES offers central directory service of an emulated LAN, to which a LEC can turn to look up the ATM address of another LEC if it is unknown. When sending data to a new destination, the source LEC uses its Control Direct VCC to request LES to resolve the destination ATM address. The LES then returns the requested address to the source LEC through a relevant Control Distribute VCC, thus enabling the source LEC to set up a Data Direct VCC to the destination LEC.
In one aspect of the above-described ELAN environment, the LECs 31 to 33 function as bridges placed at the nodes of a carrier network having fully meshed links to convey broadcast traffic. Each node uses STP to manage its port accommodating a user network, as well as ports for node-to-node connections. Here, the internal topology of the carrier network will be treated as part of the spanning tree topology of a single broadcast network.
The carrier network, however, is primarily a private network that is owned and controlled by a telecommunications carrier, independently of user networks. The carrier naturally desires to control the logical topology of their own network so as to make efficient use of available resources. This desire is, however, not necessarily satisfied because the spanning tree algorithm may affect the internal configuration of a carrier network when it is a bridge network. Also in the case of ATM LAN emulation, the connectivity between LECs and ELAN is influenced by STP processing on the user side.
Further, referring back to the conventional bridge network discussed in FIGS. 30 and 31, it is the spanning tree algorithm that determines which inter-node links to use in defining loop-free logical paths. Even if there is a shorter way to go, the algorithm may take another path that is physically longer. For this reason, the resulting logical paths within the carrier network may not necessarily be efficient. If this is the case, the network traffic would concentrate into particular bridge devices and links that are near the root of the spanning tree, thus causing a load imbalance among the resources in the carrier network.
In the case of LAN emulation discussed in FIG. 32, each carrier node determines its ELAN port state according to STP BPDUs sent from a user network, and this means that the carrier is not allowed to control their network's internal configuration at their discretion. Normally, the carrier network nodes are given a higher STP priority, so that external networks be connected primarily through the carrier network. It is still possible, however, that a combination of some high-priority nodes and a backdoor link would accidentally supercede high-speed connection paths within the carrier network, resulting in a poor logical topology that detours around it.