A structure of MPLS VPN for passing a MPLS VPN packet to non MPLS VPN safely using preservation table and method thereof and method for producting the preservation table

摘要

PURPOSE: An MPLS(MultiPoint Label Switching) VPN(Virtual Private Network) structure for securely transmitting a packet to a non-MPLS VPN by a security table, a method thereof and a method for generating the security table are provided to encapsulate an MPLS VPN packet by an IP(Internet Protocol) header and securely and efficiently transmit the MPLS VPN packet by the security table. CONSTITUTION: The first PE(Provider Edge) receives an MPLS VPN packet generated in a CE(Customer Edge), adds a label of an object host and a label of a next transmitted hop to a header of the MPLS VPN packet, and transmits the MPLS VPN packet(S511). Routers which exist on an LSP(Label Switching Path) perform a label switching operation, and transmit the MPLS VPN packet transmitted to the LSP corresponding to destination information included in the header to the second PE located in the boundary surface of a non-MPLS VPN(S512). The second PE changes the label of the next transmitted hop to an IP of the second PE and an IP of the third PE connected to the object host, and transmits the MPLS VPN packet through the non-MPLS VPN(S513,S514). The four PE located in the boundary surface of the non-MPLS VPN receives the MPLS VPN packet through the non-MPLS VPN(S515). The four PE compares information of a security table with header information of the MPLS VPN packet, and passes the MPLS VPN packet when an source label, an IP address of an object PE and an IP address of a source PE are identical(S516-S519). The MPLS VPN packet through the four PE is transmitted to the corresponding object host through the third PE(S520).