| 主权项 |
1. A virtual network connection method in a network system configured to configure VPNs and including:
a first network that is connected to the VPNs and configured to conduct packet forwarding between hubs of the VPNs; a second network that has a first terminal and is layer-3-connected to the first network; and a third network that has a second terminal and is layer-2-connected to the first network, wherein the network system includes a first network device (PE1) that is connected to the second network and belongs to the first network, wherein the PE1 includes: a forwarding table configured to store an IP address of a destination, an output interface (IF), a next hop and a MAC address of a destination network device (PE) in association with a VPN number; and a terminal information table configured to store the IP address and a MAC address of the destination in association with the VPN number, the method comprising: in the PE1, receiving a first packet from the first terminal toward the second terminal; searching the forwarding table by using the VPN number and the IP address of the destination second terminal based on the first packet, temporarily saving the first packet when there is no output IF and/or no MAC address of a destination second network device (PE2) necessary for packet forwarding, and transmitting an ARP request packet to the second terminal through the first network; receiving an ARP reply packet from the second terminal through the first network in response to the ARP request packet; storing the output IF and the MAC address of the destination PE2 in association with the VPN number and the destination IP address based on the ARP reply packet, on the forwarding table, and storing and updating VLAN number, and the IP address and the MAC address of the destination second terminal in association with the VPN number on the terminal information table; creating a second packet in which a header having the MAC address of the destination PE2, the MAC address of the source PE1, the VPN number, the MAC address of the destination second terminal, and the VLAN number for the first packet temporarily saved is added to the IP packet included in the first packet, by using the updated forwarding table and terminal information table; transmitting the second packet to the second terminal through the first network, receiving a third packet from the second terminal toward the first terminal; searching the forwarding table by using the VPN number and the IP address of the destination first terminal based on the third packet, obtaining that a subsequent forwarding destination is a network device (CE1) of the third network, searching the terminal information table for the CE1, temporarily saving the packet when there is no entry necessary for packet forwarding, and transmitting an ARP request packet to the CE1 toward the second network; receiving an ARP reply packet from the CE1 in response to the ARP request packet; storing and updating the VLAN number, the IP address and the MAC address of the destination CE1 in association with the VPN number on the terminal information table on the basis of the ARP reply packet; creating a fourth packet in which a header having the MAC address of the destination CE1, the MAC address of the source PE1, and the VLAN number for the third packet temporarily saved is added to the IP packet included in the third packet, by using the updated terminal information table; and transmitting the fourth packet to the first terminal through the CE1. |
