公开(公告)号：US09407607B2

公开(公告)日：2016-08-02

申请号：US14149221

申请日：2014-01-07

Applicant: HUAWEI TECHNOLOGIES CO., LTD.

Inventor： Ying Liu ,  Delei Yu ,  Shihui Hu ,  Fengkai Li

IPC: G06F15/16 ,  H04L29/06 ,  H04L12/46

CPC classification number: H04L63/0272 ,  H04L12/467

Abstract: The present invention provides a method for a virtual private cloud to access a network, a network side device and a data center device. When receiving a VPC configuration resource provided by a user, the network side device and the data center device exchange information, create a VPC, determine a PE interface address, a VCE uplink port address, an access tunnel and a VCE downlink port address for the VPC, and perform a corresponding configuration operation, thereby enabling the VPC to access a VPN in a basic bearer network without the need of uniform management of a control system, so as to solve a problem that the VPC cannot access the network when the basic bearer network and a data center belong to different operators, and meanwhile, save a device resource.

Abstract translation: 本发明提供了一种用于虚拟私有云访问网络的方法，网络侧设备和数据中心设备。 当接收用户提供的VPC配置资源时，网络侧设备和数据中心设备交互信息，创建VPC，确定PE接口地址，VCE上行端口地址，接入隧道和VCE下行端口地址 VPC，并进行相应的配置操作，从而使得VPC能够在基本承载网中访问VPN，而不需要对控制系统进行统一管理，从而解决当基本承载方式时VPC无法接入网络的问题 网络和数据中心属于不同的运营商，同时保存设备资源。

公开(公告)号：US20140230044A1

公开(公告)日：2014-08-14

申请号：US14255635

申请日：2014-04-17

Applicant: Huawei Technologies Co., Ltd.

Inventor： Ying Liu ,  Shihui Hu ,  Delei Yu

IPC: H04L29/06

CPC classification number: H04L63/08 ,  H04L12/4633 ,  H04L12/4641 ,  H04L41/28 ,  H04L63/0272

Abstract: A method can be used for authenticating access of a virtual private cloud, which are used for performing VPC access authentication between networks that communicate with each other using an IP routing protocol. A VPN routing device receives a request for accessing a virtual private network VPN by a virtual private cloud VPC. The request is sent by a cloud manager. The request for accessing a VPN by a VPC carries an identifier of a bearer network of a target VPN and a VPN identifier. The VPN routing device sends the VPC access request to a network edge device corresponding to the identifier of the bearer network. The VPC access request carries the VPN identifier.

Abstract translation: 可以使用一种方法来验证虚拟私有云的访问，虚拟私有云用于在使用IP路由协议彼此通信的网络之间执行VPC访问认证。 VPN路由设备通过虚拟私有云VPC接收到访问虚拟专用网VPN的请求。 该请求由云管理器发送。 由VPC访问VPN的请求携带目标VPN的承载网络和VPN标识符的标识符。 VPN路由设备将VPC访问请求发送到与承载网络的标识符相对应的网络边缘设备。 VPC访问请求携带VPN标识符。

公开(公告)号：US11563669B2

公开(公告)日：2023-01-24

申请号：US17236363

申请日：2021-04-21

Applicant: HUAWEI TECHNOLOGIES CO., LTD.

Inventor： Shihui Hu ,  Mingming Zhu ,  Guangpeng Li ,  Enhui Liu

IPC: H04L45/02 ,  H04L41/12 ,  H04L12/46 ,  H04L45/745

Abstract: A method for implementing network virtualization, and a related apparatus and a communications system are provided. The method for implementing network virtualization may include: receiving, by an SDN controller, a virtual network creation request that carries virtual network topology information; creating a virtual network in response to the virtual network creation request; establishing, by the SDN controller, a device mapping relationship; establishing, by the SDN controller, a port mapping relationship; allocating, by the SDN controller, a virtual SDN controller to the virtual network; and registering, by the SDN controller, a first virtual forwarding device and a second virtual forwarding device with the virtual SDN controller. Technical solutions of embodiments of the present invention help to improve networking flexibility, reduce service costs, and shorten a service deployment period.

公开(公告)号：US11005747B2

公开(公告)日：2021-05-11

申请号：US16541052

申请日：2019-08-14

Applicant: HUAWEI TECHNOLOGIES CO., LTD.

Inventor： Shihui Hu ,  Mingming Zhu ,  Guangpeng Li ,  Enhui Liu

IPC: H04L12/751 ,  H04L12/24 ,  H04L12/46 ,  H04L12/741

Abstract: A method for implementing network virtualization, and a related apparatus and a communications system are provided. The method for implementing network virtualization may include: receiving, by an SDN controller, a virtual network creation request that carries virtual network topology information; creating a virtual network in response to the virtual network creation request; establishing, by the SDN controller, a device mapping relationship; establishing, by the SDN controller, a port mapping relationship; allocating, by the SDN controller, a virtual SDN controller to the virtual network; and registering, by the SDN controller, a first virtual forwarding device and a second virtual forwarding device with the virtual SDN controller. Technical solutions of embodiments of the present invention help to improve networking flexibility, reduce service costs, and shorten a service deployment period.

公开(公告)号：US10469388B2

公开(公告)日：2019-11-05

申请号：US15837811

申请日：2017-12-11

Applicant: HUAWEI TECHNOLOGIES CO., LTD.

Inventor： Shihui Hu ,  Jie Hou

IPC: H04L12/801 ,  H04L12/715 ,  H04L12/751

Abstract: A flow entry delivering method includes: a controller obtains a device identifier of a network device and at least one flow entry used to perform a function on the network device. The controller obtains storage information of the network device according to the device identifier, and the storage information includes free space in storage space of the network device that is used to store a flow entry. The controller compares the free space with a total capacity of the at least one flow entry and determines whether the network device has sufficient free storage space to store the at least one flow entry. When the network device has the storage space greater than or equal to the capacity of the flow entry, the controller delivers the at least one flow entry, or when the network device has no storage space to store the flow entry, the controller does not deliver it.

公开(公告)号：US10148562B2

公开(公告)日：2018-12-04

申请号：US15006409

申请日：2016-01-26

Applicant: HUAWEI TECHNOLOGIES CO., LTD.

Inventor： Shihui Hu ,  Enhui Liu ,  Delei Yu ,  Chengyong Lin

IPC: H04L12/721 ,  H04L12/741

Abstract: The application provide a packet sending method, a router, and a service switching entity. According to the application, a router determines a flow group identifier of a service packet and information about a next-hop service switching entity according to a user identifier and IP 5-tuple information; and forwards the packet to the next-hop service switching entity according to the information about the next-hop service switching entity, so that the next-hop service switching entity determines a corresponding destination service instance according to the user identifier, the flow group identifier, a router identifier, and a processing result, and forwards the packet to the destination service instance, to perform corresponding service processing, thereby implementing service packet forwarding among service instances. The router in the method provided in the embodiments has a flow steering function, and steers a flow to a specified path to perform node-by-node processing.

公开(公告)号：US20140123270A1

公开(公告)日：2014-05-01

申请号：US14149221

申请日：2014-01-07

Applicant: HUAWEI TECHNOLOGIES CO., LTD.

Inventor： Ying LIU ,  Delei Yu ,  Shihui Hu ,  Fengkai Li

IPC: H04L29/06

CPC classification number: H04L63/0272 ,  H04L12/467

Abstract: The present invention provides a method for a virtual private cloud to access a network, a network side device and a data center device. When receiving a VPC configuration resource provided by a user, the network side device and the data center device exchange information, create a VPC, determine a PE interface address, a VCE uplink port address, an access tunnel and a VCE downlink port address for the VPC, and perform a corresponding configuration operation, thereby enabling the VPC to access a VPN in a basic bearer network without the need of uniform management of a control system, so as to solve a problem that the VPC cannot access the network when the basic bearer network and a data center belong to different operators, and meanwhile, save a device resource.

Abstract translation: 本发明提供了一种用于虚拟私有云访问网络的方法，网络侧设备和数据中心设备。 当接收用户提供的VPC配置资源时，网络侧设备和数据中心设备交互信息，创建VPC，确定PE接口地址，VCE上行端口地址，接入隧道和VCE下行端口地址 VPC，并进行相应的配置操作，从而使得VPC能够在基本承载网中访问VPN，而不需要对控制系统进行统一管理，从而解决当基本承载方式时VPC无法接入网络的问题 网络和数据中心属于不同的运营商，同时保存设备资源。

公开(公告)号：US20130110993A1

公开(公告)日：2013-05-02

申请号：US13656375

申请日：2012-10-19

Applicant: Huawei Technologies Co., Ltd.

Inventor： Ying Liu ,  Shihui Hu ,  Dele Yu

IPC: H04L29/08

CPC classification number: H04L67/34 ,  H04L12/4641 ,  H04L29/08981

Abstract: Embodiments of the present invention disclose a method, an apparatus and a system for accessing a virtual private network by a virtual private cloud. A data center breakout gateway receives first configuration information; creates a first VPN instance according to identifier information of the VPN; determines VPC according to parameter information of the VPC, and binds the VPC to the first VPN instance; and sends second configuration information to the network side PE according to address information of the network side PE, where the second configuration information includes the identifier information of the VPN, so that the network side PE configures an upper layer VPN instance for the first VPN instance on the network side PE according to the identifier information of the VPN. In the embodiments of the present invention, the problem of automatically accessing the virtual private network by the virtual private cloud is solved.

Abstract translation: 本发明的实施例公开了一种通过虚拟专用云访问虚拟专用网络的方法，装置和系统。 数据中心突围网关接收第一配置信息; 根据VPN的标识信息创建第一个VPN实例; 根据VPC的参数信息确定VPC，并将VPC绑定到第一个VPN实例; 并根据网络侧PE的地址信息向网络侧PE发送第二配置信息，其中第二配置信息包括VPN的标识信息，网络侧PE为第一VPN实例配置上层VPN实例 在网络侧PE根据VPN的标识信息。 在本发明的实施例中，解决了由虚拟私有云自动访问虚拟专用网络的问题。

公开(公告)号：US11570106B2

公开(公告)日：2023-01-31

申请号：US17153028

申请日：2021-01-20

Applicant: HUAWEI TECHNOLOGIES CO., LTD.

Inventor： Shoushou Ren ,  Delei Yu ,  Shihui Hu ,  Guangpeng Li

IPC: H04L12/745 ,  H04L29/12 ,  H04L45/748 ,  H04L61/5007

Abstract: This application provides an address processing method and a network device. The method includes: obtaining, by a first network device, an address; determining, by the first network device, a length of a valid address of the address, where the valid address of the address is a 1st bit, whose bit value is 1, of the address to a last bit of the address; and adding, by the first network device when the length of the valid address of the address is less than a table width of a target table, S zeros before the valid address of the address to obtain an adjusted address, and processing the adjusted address based on the adjusted address and the target table, where S is a difference between the table width of the target table and the length of the valid address of the address.

公开(公告)号：US11362938B2

公开(公告)日：2022-06-14

申请号：US16890547

申请日：2020-06-02

Applicant: Huawei Technologies Co., Ltd.

Inventor： Shihui Hu ,  Enhui Liu ,  Delei Yu ,  Chengyong Lin

IPC: H04L45/00 ,  H04L45/745

Abstract: The application provide a packet sending method, a router, and a service switching entity. According to the application, a router determines a flow group identifier of a service packet and information about a next-hop service switching entity according to a user identifier and IP 5-tuple information; and forwards the packet to the next-hop service switching entity according to the information about the next-hop service switching entity, so that the next-hop service switching entity determines a corresponding destination service instance according to the user identifier, the flow group identifier, a router identifier, and a processing result, and forwards the packet to the destination service instance, to perform corresponding service processing, thereby implementing service packet forwarding among service instances. The router in the method provided in the embodiments has a flow steering function, and steers a flow to a specified path to perform node-by-node processing.