Design And Implementation Of VPN Service Based On SRv6

With the continuous deepening of reform and opening up,domestic enterprises have also achieved rapid growth.As the scale of the enterprise continues to grow,the performance requirements of the enterprise for the internal network are also getting higher and higher.The future network will develop in a more dimensional and refined direction.Based on the VPN technology of the SRv6 data plane,using SRv6 as the data plane,the use of SRv6 flexible network programming features will provide convenience for enterprises to finely customize the network.In this thesis,the VPN service data plane is replaced from traditional MPLS to SRv6,which solves the problem that the control plane protocol of MPLS is too complicated in the cross-domain communication in the network,and realizes the VPN service based on SRv6.The main tasks is as follows:（1）Explain the basic working principle of SRv6 technology.Researched and analyzed the implementation scheme of VPN service with SRv6 as the data plane,and discussed the feasibility of the scheme.（2）The design of each module of the VPN service control plane based on SRv6.Based on the analysis of the existing draft,the related data structure is designed for BGP and IGP protocol extension.According to the requirements of VPN service realization,the workflow of VPN service is designed.Including the issuance of the basic global configuration of SRv6,the design of the message processing and forwarding process of the IGP and BGP protocol modules,the design of the TE tunnel algorithm,and the storage and distribution of entries.A relatively independent design scheme is adopted for each module of the system,and the overall architecture design of the system and the interaction design between the main modules are completed through a top-down structural design method.（3）Function realization of VPN service based on SRv6.According to the design plan of each module,C language is used as the programming language to realize the function of each module.The SIDM module implements global locator configuration delivery and storage,expands the SRv6 TLV field in BGP and IGP messages,supports nodes to enable the SRv6 function,and defines TE path calculation rules in the IGP module to achieve dynamic tunnel generation and encapsulate the stack of SRv6 SID,and finally the communication structure between modules is defined to realize the issuance of configuration table items.（4）Software function testing.Use the virtual device equipped with the business realization system to test whether the functions of the system are realized.Build a network topology to test the SRv6 basic configuration delivery and VPN service connectivity.The test results show that the configuration is issued normally,the local SID table and the VPN routing table are generated normally,the TE tunnel is successfully connected,and the VPN service is successfully implemented between the devices.