Method for virtual private cloud to access network, network side device and data center device

摘要

The present invention provides a method for a virtual private cloud to access a network, a network side device and a data center device. When receiving a VPC configuration resource provided by a user, the network side device and the data center device exchange information, create a VPC, determine a PE interface address, a VCE uplink port address, an access tunnel and a VCE downlink port address for the VPC, and perform a corresponding configuration operation, thereby enabling the VPC to access a VPN in a basic bearer network without the need of uniform management of a control system, so as to solve a problem that the VPC cannot access the network when the basic bearer network and a data center belong to different operators, and meanwhile, save a device resource.

主权项

1. A method for a virtual private cloud to access a network, comprising:
creating a Virtual Private Cloud (VPC) and a Virtual Customer network Edge device (VCE) after receiving a VPC initial access request sent by a user, and determining a downlink port address for the VCE according to a VPC configuration resource carried in the request; sending a data center identifier to a network side device through a VPC access request, wherein the VPC access request is used for instructing the network side device to determine, according to the data center identifier, a Provider network Edge router (PE) used for access of the VCE at a network side, determine an interface address for the PE and determine an uplink port address for the VCE from a Virtual Private Network (VPN) configuration resource provided by the user through a data center device, allocate an access tunnel for the VCE to access the PE, and configure the PE interface address and access tunnel information to the determined PE used for access of the VCE; and configuring the uplink port address, the downlink port address and the access tunnel information to the VCE after receiving the uplink port address and the access tunnel information that are sent by the network side device, so that the VCE accesses the PE, thereby enabling the created VPC to access the VPN; allocating a VPC identifier for the created VPC, wherein the VPC access request further carries the VPC identifier; saving VPC creation information, after receiving a second VPC initial delete request sent by the user, determining the VPC creation information according to a VPC name carried in the request; deleting the VPC creation information and releasing resources occupied by the VPC and the VCE; and sending a second VPC delete request carrying one of the VPC identifier and the VPC name, and the data center identifier to the network side device, wherein the VPC identifier is determined for the VPC creation information and the second VPC delete request is used for instructing the network side device to release a connection between the VCE and the PE.