CN116896563B - Cloud private line opening method, device, system and storage medium - Google Patents

Abstract

The invention provides a method, a device, a system and a storage medium for opening a cloud private line, which relate to the technical field of communication, wherein the method for opening the cloud private line comprises the following steps: the first arranging device receives the Internet address information of the target CPE and the target VGW sent by the second arranging device; transmitting device information indicating the target control device to find a target NPE and first indicating information for creating a target VPN instance according to the device information of the target NPE, the Internet address information of the target CPE and the target VGW to the target control device; sending a target sub-interface which instructs the target control equipment to create the binding with the target VPN instance to the target control equipment, and adding second instruction information of the target port to the target VPN instance; and sending third indication information for indicating the third arranging device to perform route configuration of the intra-provincial target landing PTN to the third arranging device. The method reduces the limit of the number of VPN examples and the limit of resources in the cloud, and improves the utilization rate of the resources in the cloud.

Description

Cloud dedicated line activation method, device, system and storage medium

Technical field

The present invention relates to the field of communication technology, and in particular, to a method, device, system and storage medium for opening a cloud dedicated line.

Background technique

With the rapid development and advancement of enterprise business, more and more enterprises have the need to go to the cloud and open cloud dedicated lines. Especially large enterprises often have the need to access the cloud from a large number of user-side access points.

Among the existing technical solutions, a common method is to connect to the cloud provider's resource pool through the operator's Multi-Protocol Label Switching (MPLS) Virtual Private Network (VPN) MPLS-VPN dedicated line to achieve cloud access. When entering the cloud on a large scale, a dedicated line is used to create an MPLS-VPN to access the Virtual Private Cloud (VPC) device of the public cloud (mobile cloud). However, when this method is used on a large scale to enter the cloud through a dedicated line, It will be limited by the number of VPN instances and the cloud resources of mobile cloud, which will reduce the utilization of cloud network resources.

Contents of the invention

The purpose of the present invention is to provide a method, device, system and storage medium for opening a cloud dedicated line to solve the problem in the existing technology that when a large-scale dedicated line enters the cloud, it will be limited by the number of VPN instances and the in-cloud resources of the mobile cloud. , the problem of low utilization of cloud network resources.

In order to solve the above technical problems, embodiments of the present invention provide the following technical solutions:

In a first aspect, the present invention provides a method for opening a cloud dedicated line, which is applied to the first orchestration device. The method includes:

Receive the Internet address information of the target cloud edge device CPE and the Internet address information of the target virtual gateway VGW in the mobile cloud sent by the second orchestration device;

Send first instruction information to the target control device, where the first instruction information is used to instruct the target control device to search for device information of the target network-side operator edge device NPE, and instruct the target control device according to the device of the target NPE. information, the Internet address information of the target CPE and the Internet address information of the target VGW to create a target virtual private network VPN instance;

Send second instruction information to the target control device, where the second instruction information is used to instruct the target control device to create a target sub-interface bound to the target VPN instance and add a target port to the target VPN instance; The target port is used to connect the target NPE and the target CPE, and the target port is used to connect the target CPE and the target VGW;

Send third instruction information to the third orchestration device; the third instruction information is used to instruct the third orchestration device to perform routing configuration of the intra-provincial target landing packet transport network PTN; the target sub-interface is used to connect the target NPE and target landing PTN.

Optionally, receiving the Internet address information of the target cloud edge device CPE and the Internet address information of the target virtual gateway VGW in the mobile cloud sent by the second orchestration device includes:

Obtain the device identification information of the target CPE and the port identification information of the target CPE;

Send fourth instruction information to the second orchestration device, where the fourth instruction information is used to instruct the second orchestration device to use the device identification information of the target CPE and the port of the target CPE in the mobile cloud. The identification information creates an intra-cloud network in the mobile cloud, and obtains the Internet address information of the target CPE and the Internet address information of the target VGW;

Receive the Internet address information of the target CPE and the Internet address information of the target VGW sent by the second orchestration device.

Optionally, obtaining the device identification information of the target CPE and the port identification information of the target CPE includes:

Send fifth instruction information to the target control device, where the fifth instruction information is used to instruct the target control device to preempt the target CPE;

Receive the device identification information of the target CPE and the port identification information of the target CPE sent by the target control equipment after successfully pre-empting the target CPE.

Optionally, sending second indication information to the target control device includes:

Obtain the relevant information of the target landing PTN sent by the third orchestration device according to the business work order;

According to the relevant information of the target landing PTN, sixth instruction information is sent to the target control device. The sixth instruction information is used to instruct the target control device to prepare the target NPE corresponding to the target landing PTN. Account to obtain the device information of the target NPE;

Send second instruction information to the target control device, where the second instruction information is used to instruct the target control device to create a target sub-interface bound to the target VPN instance, and instruct the target control device according to the The device information of the target NPE adds a target port to the target VPN instance.

Optionally, obtain relevant information about the target landing PTN sent by the third orchestration device according to the service work order, including:

Send seventh instruction information to the third orchestration device, where the seventh instruction information is used to instruct the third orchestration device to determine relevant information that satisfies the target landing PTN of the business work order;

Receive information related to the target landing PTN sent by the third orchestration device.

Optionally, the method also includes:

Receive eighth instruction information sent by the third orchestration device, the eighth instruction information is used to indicate the connection between the user terminal and the virtual private cloud VPC device, and the eighth instruction information is the user terminal sending a request to the virtual private cloud VPC device. Sent by a third orchestration device;

Wherein, the user terminal is connected to the target landing PTN, and the VPC device is connected to the target VGW.

Optionally, the target VPN instance is a Border Gateway Protocol BGP or a Multi-Protocol Label Switching MPLS Internetworking Protocol IP VPN instance.

Optionally, the method also includes:

Send ninth instruction information to the target control device, the ninth instruction information is used to instruct the target control device to configure a bidirectional forwarding detection BFD function for the target CPE, and the target CPE is used to detect according to the BFD function Whether the target CPE is connected to the target VGW, and when the target CPE detects that the connection between the target CPE and the target VGW is disconnected, the target VGW switches to a connection with the first CPE;

Wherein, the IP addresses of the first CPE and the target CPE are the same, and the first CPE is connected to the target NPE.

Optionally, the method also includes:

Send tenth indication information to the second orchestration device, the tenth indication information is used to instruct the second orchestration device to configure the BFD function for the target VGW, and the target VGW is used to detect the BFD function according to the BFD function. Whether the target CPE is connected to the target VGW, and when the target VGW detects that the connection between the target CPE and the target VGW is disconnected, the target VGW switches to the first CPE;

Wherein, the IP addresses of the first CPE and the target CPE are the same, and the first CPE is connected to the target NPE.

In a second aspect, embodiments of the present invention also provide a method for opening a cloud dedicated line, which is applied to the second orchestration device. The method includes:

Send the Internet address information of the target cloud edge device CPE in the mobile cloud and the Internet address information of the target virtual gateway VGW to the first orchestration device.

Optionally, send the Internet address information of the target cloud edge device CPE and the Internet address information of the target virtual gateway VGW in the mobile cloud to the first orchestration device, including:

Receive fourth indication information sent by the first orchestration device;

According to the fourth instruction information, create an intra-cloud network in the mobile cloud based on the device identification information of the target CPE and the port identification information of the target CPE, and obtain the Internet address information of the target CPE and the Internet address information of the target VGW; Wherein, the fourth indication information includes device identification information of the target CPE and port identification information of the target CPE;

Send the Internet address information of the target CPE and the Internet address information of the target VGW to the first orchestration device.

Optionally, the method also includes:

Receive the tenth indication information sent by the first orchestration device;

According to the tenth instruction information, the target VGW is configured with a bidirectional forwarding detection BFD function. The target VGW is configured to detect whether the target CPE is connected to the target VGW according to the BFD function. When the target VGW detects the target CPE When the connection with the target VGW is disconnected, the target VGW switches to a connection with the first CPE;

Wherein, the Internet Protocol IP address of the first CPE and the target CPE are the same, and the first CPE is connected to the target network side operator edge equipment NPE;

The device information of the target NPE is obtained by searching the target control device according to the first indication information, and the first indication information is sent by the first orchestration device to the target control device.

In a third aspect, embodiments of the present invention also provide a method for opening a cloud dedicated line, which is applied to a target control device. The method includes:

Receive the first instruction information sent by the first orchestration device;

Search the device information of the target network-side operator's edge device NPE according to the first instruction information, and create the target virtual private address based on the device information of the target NPE, the Internet address information of the target cloud edge device CPE, and the Internet address information of the target virtual gateway VGW. Network VPN instance;

Receive the second instruction information sent by the first orchestration device, create a target sub-interface bound to the target VPN instance according to the second instruction information, and add a target port to the target VPN instance; the target port is used to The target NPE and the target CPE are connected, and the target port is used to connect the target CPE and the target VGW.

Optionally, before receiving the first indication information sent by the first orchestration device, the method further includes:

Receive the fifth instruction information sent by the first orchestration device, and preempt the target CPE according to the fifth instruction information;

After the target CPE is successfully pre-empted, the device identification information of the target CPE and the port identification information of the target CPE are sent to the first orchestration device.

Optionally, receiving the second indication information sent by the first orchestration device includes:

Receive the sixth instruction information sent by the first orchestration device according to the relevant information of the target landing packet transport network PTN in the province, and preempt the target NPE corresponding to the target landing PTN according to the sixth instruction information, and obtain the The equipment information of the target NPE, the relevant information of the target landing PTN is sent by the third orchestration device to the first orchestration device according to the business work order;

Receive the second instruction information sent by the first orchestration device, the second instruction information is used to instruct the target control device to create a target sub-interface bound to the target VPN instance, and instruct the target control device to create a target sub-interface bound to the target VPN instance. The device adds a target port to the target VPN instance according to the device information of the target NPE.

Optionally, the method also includes:

Receive ninth indication information sent by the first orchestration device;

Configure the bidirectional forwarding detection BFD function on the target CPE according to the ninth instruction information. The target CPE is used to detect whether the target CPE and the target VGW are connected according to the BFD function. When the target CPE detects When the connection between the target CPE and the target VGW is disconnected, the target VGW switches to the first CPE;

Wherein, the Internet Protocol IP addresses of the first CPE and the target CPE are the same, and the first CPE is connected to the target NPE.

In a fourth aspect, embodiments of the present invention also provide a method for opening a cloud dedicated line, which is applied to a third orchestration device. The method includes:

Receive the third instruction information sent by the first orchestration device;

Route configuration of the intra-provincial target landing packet transport network PTN is performed according to the third instruction information.

Optionally, before receiving the third indication information sent by the first orchestration device, the method further includes:

Receive seventh indication information sent by the first orchestration device;

Determine relevant information that meets the target landing PTN of the business work order according to the seventh instruction information;

Send relevant information of the target landing PTN to the first orchestration device.

Optionally, the method also includes:

Send eighth instruction information to the first orchestration device, the eighth instruction information is used to indicate the connection between the user terminal and the virtual private cloud VPC device, and the eighth instruction information is the request from the user terminal to the third Sent by three orchestration devices;

Wherein, the client is connected to the target landing PTN, and the VPC device is connected to the target virtual gateway VGW; the Internet address information of the target VGW is determined by the second orchestration device.

In a fifth aspect, embodiments of the present invention also provide a device for opening a cloud dedicated line, which is applied to the first orchestration device. The device includes:

The first receiving module is configured to receive the Internet address information of the target cloud edge device CPE and the Internet address information of the target virtual gateway VGW in the mobile cloud sent by the second orchestration device;

The first sending module is configured to send first indication information to the target control device, where the first indication information is used to instruct the target control device to search for device information of the target network side operator edge equipment NPE, and instruct the target The control device creates a target virtual private network VPN instance based on the device information of the target NPE, the Internet address information of the target CPE, and the Internet address information of the target VGW;

The second sending module is configured to send second instruction information to the target control device. The second instruction information is used to instruct the target control device to create a target sub-interface bound to the target VPN instance, and send the target sub-interface to the target control device. Add a target port to the VPN instance; the target port is used to connect the target NPE and the target CPE, and the target port is used to connect the target CPE and the target VGW;

The third sending module is used to send third instruction information to the third orchestration device; the third instruction information is used to instruct the third orchestration device to perform routing configuration of the provincial target landing packet transport network PTN; the target sub- The interface is used to connect the target NPE and the target landing PTN.

In a sixth aspect, embodiments of the present invention also provide a device for opening a cloud dedicated line, which is applied to the second orchestration device. The device includes:

The fourth sending module is configured to send the Internet address information of the target cloud edge device CPE in the mobile cloud and the Internet address information of the target virtual gateway VGW to the first orchestration device.

In the seventh aspect, embodiments of the present invention also provide a device for opening a cloud dedicated line, which is applied to target control equipment. The device includes:

a second receiving module, configured to receive the first indication information sent by the first orchestration device;

The first processing module is configured to search for the device information of the target network side operator edge device NPE according to the first instruction information, and according to the device information of the target NPE, the Internet address information of the target cloud edge device CPE and the target virtual gateway VGW. Internet address information to create the target virtual private network VPN instance;

A second processing module configured to receive second instruction information sent by the first orchestration device, create a target sub-interface bound to the target VPN instance according to the second instruction information, and add a target port to the target VPN instance. ; The target port is used to connect the target NPE and the target CPE, and the target port is used to connect the target CPE and the target VGW.

In an eighth aspect, embodiments of the present invention also provide a device for opening a cloud dedicated line, which is applied to the third orchestration device. The device includes:

A third receiving module, configured to receive the third instruction information sent by the first orchestration device;

The third processing module is configured to perform routing configuration of the intra-provincial target landing packet transport network PTN according to the third indication information.

In a ninth aspect, embodiments of the present invention also provide a cloud dedicated line activation system, including: a first orchestration device, a second orchestration device, a target control device, and a third orchestration device;

Wherein, the first orchestration device is used to execute the cloud dedicated line opening method according to any one of the first aspects;

The second orchestration device is used to execute the cloud dedicated line opening method according to any one of the second aspects;

The target control device is used to execute the cloud dedicated line opening method as described in any one of the third aspects;

The third orchestration device is used to execute the cloud dedicated line opening method according to any one of the fourth aspect.

In a tenth aspect, embodiments of the present invention further provide a readable storage medium on which a program or instructions are stored. When the program or instructions are executed by a processor, the cloud dedicated line activation as described in any one of the first aspects is implemented. The steps in the method, or implement the steps in the cloud dedicated line activation method as described in any one of the second aspect, or implement the steps in the cloud dedicated line activation method as described in any one of the third aspect, or , implement the steps in the cloud dedicated line activation method described in any one of the fourth aspects.

The beneficial effects of the above technical solutions of the present invention are as follows:

In the cloud dedicated line opening method provided by the solution of the present invention, the first orchestration device receives the Internet address information of the target CPE and the Internet address information of the target VGW in the mobile cloud sent by the second orchestration device, and instructs the target control device to search for the device information of the target NPE. And instruct the target control device to create a target VPN instance based on the device information of the target NPE, the Internet address information of the target CPE, and the Internet address information of the target VGW. Instruct the target control device to create a target sub-interface bound to the target VPN instance and send a request to the target VPN instance. Add a target port, and the first orchestration device also instructs the third orchestration device to perform routing configuration of the target landing PTN. The target sub-interface is used to connect the target NPE and the target landing PTN, and the target port is used to connect the target NPE and the target CPE. Connect the target CPE and the target VGW. Through the above target sub-interface and target port, the target landing PTN is connected to the target NPE, the target NPE is connected to the target CPE, the target CPE is connected to the target VGW, and the target VGW is connected to the target VPC device to form a cloud dedicated line. The invention provides Cloud dedicated line activation method. One VPN instance can realize the activation of multiple cloud dedicated lines through multiple sub-interfaces, which reduces the limit on the number of VPN instances when opening cloud dedicated lines. The cloud resources of Mobile Cloud only participate in the creation process of VPN instances. , reduce the limitations of mobile cloud's cloud resources during the activation of cloud dedicated lines, and improve the utilization of cloud resources.

Description of the drawings

Figure 1 is a flow chart of a cloud dedicated line activation method applied to a first orchestration device provided by an embodiment of the present invention;

Figure 2 is an overall cloud network orchestration architecture diagram of the cloud dedicated line activation system provided by an embodiment of the present invention;

Figure 3 is an overall flow chart of convergence point creation provided by an embodiment of the present invention;

Figure 4 is an overall flow chart for creating a cloud private line provided by an embodiment of the present invention;

Figure 5 is a network topology diagram of a cloud dedicated line provided by an embodiment of the present invention;

Figure 6 is a flow chart of a cloud dedicated line activation method applied to the second orchestration device according to an embodiment of the present invention;

Figure 7 is a flow chart of a cloud dedicated line activation method applied to a target control device provided by an embodiment of the present invention;

Figure 8 is a flow chart of a cloud dedicated line activation method applied to a third orchestration device according to an embodiment of the present invention;

Figure 9 is a schematic structural diagram of a cloud dedicated line opening device applied to the first orchestration device provided by an embodiment of the present invention;

Figure 10 is a schematic structural diagram of a cloud dedicated line opening device applied to the second orchestration device according to an embodiment of the present invention;

Figure 11 is a schematic structural diagram of a cloud dedicated line opening device applied to target control equipment provided by an embodiment of the present invention;

Figure 12 is a schematic structural diagram of a cloud dedicated line opening device applied to a third orchestration device according to an embodiment of the present invention;

Figure 13 is a schematic structural diagram of a cloud dedicated line activation system provided by an embodiment of the present invention.

Detailed ways

In order to make the technical problems, technical solutions and advantages to be solved by the present invention clearer, a detailed description will be given below with reference to the accompanying drawings and specific embodiments.

It will be understood that reference throughout this specification to "one embodiment" or "an embodiment" means that a particular feature, structure, or characteristic associated with the embodiment is included in at least one embodiment of the invention. Thus, appearances of "in one embodiment," "in an embodiment," or "in an alternative embodiment" in various places throughout this specification are not necessarily referring to the same embodiment. Furthermore, the particular features, structures or characteristics may be combined in any suitable manner in one or more embodiments.

In various embodiments of the present invention, it should be understood that the size of the sequence numbers of the following processes does not mean the order of execution. The execution order of each process should be determined by its functions and internal logic, and should not be implemented in the present invention. The implementation of the examples does not constitute any limitations.

Additionally, the terms "system" and "network" are often used interchangeably in this article.

In the embodiments provided in this application, it should be understood that "B corresponding to A" means that B is associated with A, and B can be determined based on A. However, it should also be understood that determining B based on A does not mean determining B only based on A. B can also be determined based on A and/or other information.

Before describing the specific implementation, the following is first explained:

In the existing technical solution, MPLS-VPN is used to access the public cloud, although it can meet the user's needs for high speed, security, stability, and isolation in the cloud. This traditional method of entering the cloud has the following shortcomings:

Consumes a lot of network resources in the cloud:

According to the existing technical solution, the standard cloud dedicated line method of entering the cloud will generate a large number of detailed routes and virtual interfaces, consuming a large amount of network resources in the cloud;

Unable to support large-scale dedicated lines into the cloud:

The standard cloud dedicated line access method requires a virtual private network (VPN) for each cloud leased line. However, resources such as the number of VPN instances on the cloud access device are limited and cannot support large-scale dedicated line access to the cloud;

The overall configuration process is lengthy:

If a user activates a large number of cloud dedicated lines according to the existing standard cloud dedicated line opening method, the overall configuration process will be very long and the activation time will be too long.

Fragmented cloud network resources:

Existing technical solutions separate the network resources in the cloud and the provision of network resources before entering the cloud. Most of them use traditional transmission lines to connect to the resource pool. The degree of automation is low, the construction time is long, and the distribution of bearer resources is insufficient. It is difficult to achieve high efficiency of the cloud and network. Collaboration.

In order to solve the problem in the existing technology that when a large-scale dedicated line is connected to the cloud, it will be limited by the number of VPN instances and the cloud resources of the mobile cloud, and the utilization rate of the cloud network resources is low, an embodiment of the present invention provides a cloud dedicated line activation method. Methods, apparatus, systems and storage media.

As shown in Figure 1, an embodiment of the present invention provides a method for opening a cloud dedicated line, which is applied to the first orchestration device. The method includes:

Step 101: Receive the Internet address information of the target cloud edge equipment (CloudProvider Equipment, CPE) and the Internet address information of the target virtual gateway (Virtual Gateway, VGW) in the mobile cloud sent by the second orchestration device.

It should be noted that the embodiment of the present invention provides a cloud dedicated line activation system. The overall cloud network orchestration architecture diagram of the cloud dedicated line activation system is shown in Figure 2. The cloud dedicated line activation system includes a business ordering layer, a business system layer, and a business control layer. layer and bearer network layer. Among them, the service ordering layer includes the mobile cloud operation management platform (Operation Management, OP) ordering module, and the business system includes the provincial comprehensive fund module, the provincial secondary business orchestration module, one-section business orchestration module, and unified The resource orchestration module, the business management and control layer includes the cloud private network super controller and the cloud orchestration module, and the bearer network layer includes the provincial network, cloud private network, and mobile cloud. The cloud private line opening system integrates the mobile cloud OP ordering module, provincial comprehensive financing module, provincial secondary business orchestration module, one-section business orchestration module, unified resource orchestration module, cloud private network super controller, and cloud orchestration module to form A three-layer loosely coupled architecture including business ordering, business collaboration, and business management and control realizes decoupling of the entire provisioning process, tracking, visualization, automation, and efficient collaboration to build a cloud network orchestration system, providing an end-to-end cloud network integrated solution.

In this embodiment of the present invention, the first orchestration device is the unified resource orchestration module in Figure 2, and the second orchestration device is the cloud orchestration module in Figure 2.

In the embodiment of the present invention, the method for opening a cloud dedicated line (which may also be called a method for implementing large-scale dedicated line aggregation into the cloud) is divided into two steps: creating a convergence point and creating a cloud dedicated line.

In this step, the first orchestration device initiates the process of creating a convergence point on the management page. In the step of creating the convergence point process, the first orchestration device calls the second orchestration device to create an intra-cloud network and receives the information returned by the second orchestration device. Information such as the Internet address information of the target CPE and the Internet address information of the target VGW.

Step 102: Send first instruction information to the target control device. The first instruction information is used to instruct the target control device to search for the device information of the target network side operator edge equipment (Network Provider Equipment, NPE), and to instruct the target network provider edge equipment (Network Provider Equipment, NPE). The target control device creates a target virtual private network VPN instance based on the device information of the target NPE, the Internet address information of the target CPE, and the Internet address information of the target VGW.

It should be noted that, in this embodiment of the present invention, the target control device is the cloud private network super controller in Figure 2.

In this step, during the process of creating a convergence point, the first orchestration device sends first instruction information to the target control device, and the target control device searches for the target NPE device corresponding to the province of the convergence point in the cloud private network based on the first instruction information. information, and the first instruction information also includes the Internet address information of the target CPE and the Internet address information of the target VGW. The target control device uses the device information of the target NPE, the Internet address information of the target CPE in the first instruction information, and the Internet address information of the target VGW. Internet address information, initiates the creation of the target VPN instance, and after successfully creating the target VPN based on the device information of the target NPE, the Internet address information of the target CPE in the first instruction information, and the Internet address information of the target VGW, call the target CPE pre-emption confirmation. interface to confirm the occupancy of the target CPE.

Through steps 101 and 102, the creation process of the convergence point is completed.

Wherein, the target VPN instance is a Border Gateway Protocol (BGP) or a multi-protocol label switching MPLS Internet Protocol (IP) VPN instance, that is, the target VPN instance is a BGP/MPLS IP VPN instance.

Step 103: Send second instruction information to the target control device. The second instruction information is used to instruct the target control device to create a target sub-interface bound to the target VPN instance and add a target to the target VPN instance. Port (endpoint); the target port is used to connect the target NPE and the target CPE, and the target port is used to connect the target CPE and the target VGW.

After the aggregation point is successfully created, in this step, the process of creating a cloud dedicated line is carried out. First, the user initiates an aggregation dedicated line subscription on the Mobile Cloud Portal (Mobile Cloud Operation Management Platform OP Ordering Module) and submits a request to the Mobile Cloud Management Operations Platform (Management Operations). Platform, MOP) initiates a transfer order and creates an order. After the provincial representative verifies the contract, it will approve the contract. If it is agreed, a business work order will be generated and the subsequent process will be entered. If not, the creation will be confirmed as failed and archived.

In this step, the first orchestration device calls the first-level service orchestration module to issue a business work order to the target control device, creates the target sub-interface and binds the target VPN instance generated during the aggregation point creation process, and sends the service to the activated aggregation point. (Target VPN instance) Add a target endpoint. Among them, there are one or more target sub-interfaces. The added target endpoint is used to connect the target NPE and the target CPE, and the target endpoint is used to connect the target CPE and the target VGW. The target control device returns instruction information to the first orchestration device through the first-level service orchestration module, and the instruction information indicates the target endpoint. Add the result. If the target endpoint is successfully added, proceed to the next step. If the addition fails, enter the failure archiving process.

Step 104: Send third instruction information to the third orchestration device; the third instruction information is used to instruct the third orchestration device to perform routing configuration of the provincial target landing packet transport network (Packet Transport Network, PTN); the The target sub-interface is used to connect the target NPE and the target landing PTN.

It should be noted that, in this embodiment of the present invention, the third orchestration device is the provincial secondary service orchestration module in Figure 2.

In this step, the first orchestration device sends the third instruction information to the third orchestration device. The third instruction information includes the business work order. The third orchestration device opens the intra-provincial route based on the third instruction information and the business work order. And perform routing related configuration of the target landing PTN.

The third orchestration device returns indication information through the first-level service orchestration module. This indication information is used to indicate the result of intra-provincial route activation. If the indication is that the intra-provincial route activation is successful, the subsequent process will be performed. If the intra-provincial route activation fails, , confirm the failure and enter the archiving process.

In an optional embodiment of the present invention, step 101 includes:

Obtain the device identification (Identity, ID) information of the target CPE and the port identification information of the target CPE;

Send fourth instruction information to the second orchestration device, where the fourth instruction information is used to instruct the second orchestration device to use the device identification information of the target CPE and the port of the target CPE in the mobile cloud. The identification information creates an intra-cloud network in the mobile cloud, and obtains the Internet address information of the target CPE and the Internet address information of the target VGW;

Receive the Internet address information of the target CPE and the Internet address information of the target VGW sent by the second orchestration device.

Specifically, in this optional embodiment, the first orchestration device obtains the device ID information of the target CPE and the port ID information of the target CPE, and the first orchestration device calls the second orchestration device to create an intra-cloud network in the mobile cloud, The fourth instruction information is sent to the second orchestration device through the first-level service orchestration module. The fourth indication information includes the device ID information of the target CPE and the port ID information of the target CPE. The second orchestration device in the mobile cloud according to the fourth instruction information Create an intra-cloud network using the device identification information of the target CPE and the port identification information of the target CPE, and obtain the Internet address information of the target CPE and the Internet address information of the target VGW. The second orchestration device returns the information to the first orchestration device through the first-level service orchestration module. Internet address information of the target CPE and Internet address information of the target VGW. The first orchestration device receives the Internet address information of the target CPE and the Internet address information of the target VGW sent by the second orchestration device.

Further, obtain the device identification information of the target CPE and the port identification information of the target CPE, including:

The first orchestration device calls the first-level service orchestration module to initiate CPE survey, and the first-level business orchestration module calls the Internet Protocol Security (IPSec) to perform CPE survey and preemption. That is, the first orchestration device calls the first-level business orchestration module to the target. The control device sends fifth instruction information. The fifth instruction information is used to instruct the target control device to pre-occupy the target CPE. The target control device performs survey and pre-emption of the target CPE according to the fifth instruction information. After the control device successfully preempts the target CPE, the target control device sends the device ID information of the target CPE and the port ID information of the target CPE to the first orchestration device through the first-level service orchestration module. The first orchestration device receives the The target control device sends the device identification information of the target CPE and the port identification information of the target CPE after successfully pre-empting the target CPE.

The following is a detailed description of the overall flow of convergence point creation provided by the embodiment of the present invention with reference to Figure 3:

Initiate the creation of a convergence point on the management page of the first orchestration device. The first orchestration device calls the target control device to find the device information of the target NPE corresponding to the province of the convergence point. The first orchestration device calls the first-level service orchestration module to initiate a CPE survey. The first-level business The orchestration module calls IPSec to perform CPE survey and pre-emption. If the CPE survey and pre-emption is successful, it returns the device ID information of the target CPE, the port ID information of the target CPE and other pre-emption information. The first orchestration device calls the second orchestration device to create an intra-cloud network. The Internet address information of the target CPE and the interconnection address information of the target VGW are returned. After the intra-cloud network is successfully created, the first orchestration device initiates the creation of the target based on the device information of the target NPE, the Internet address information of the target CPE, and the interconnection address information of the target VGW. When a VPN instance (i.e., layer 3 (L3) VPN instance) calls the CPE pre-occupancy confirmation interface to confirm the occupation of the target CPE, the aggregation point is successfully created. In the case of failure to create the intra-cloud network, re- try.

In an optional embodiment of the present invention, step 102 includes:

Obtain relevant information about the target landing PTN sent by the third orchestration device according to the business work order;

Send sixth instruction information to the target control device according to the relevant information of the target landing PTN, where the sixth instruction information is used to instruct the target control device to pre-occupy the target NPE corresponding to the target landing PTN, Obtain the device information of the target NPE;

Send second instruction information to the target control device, where the second instruction information is used to instruct the target control device to create a target sub-interface bound to the target VPN instance, and instruct the target control device according to the The device information of the target NPE adds a target port to the target VPN instance.

Specifically, in this optional embodiment, the first orchestration device obtains the relevant information of the target landing PTN obtained by the third orchestration device according to the provincial survey based on the business work order, and the first orchestration device passes a request based on the relevant information of the target landing PTN. The first-level service orchestration device initiates a cloud private network survey (that is, sends the sixth instruction information) to the first-level service orchestration module, and the first-level service orchestration module sends the sixth instruction information to the target control device, that is, initiates the target NPE pre-emption and pre-emption to the target control device. Confirm to obtain the device information of the target NPE. The first orchestration device sends second instruction information to the target control device through the first-level service orchestration module. The target control device creates a target sub-interface bound to the target VPN instance based on the second instruction information, and sends the target sub-interface to the target NPE according to the device information of the target NPE. The target VPN instance adds the target endpoint.

Further, obtain the relevant information of the target landing PTN sent by the third orchestration device according to the business work order, including:

The first orchestration device calls the first-level service orchestration module to initiate an intra-provincial survey to the third orchestration device. That is, the first orchestration device sends the seventh instruction information to the third orchestration device through the first-level service orchestration module. The seventh instruction information includes a business work order. , the seventh instruction information is used to instruct the third orchestration device to determine relevant information that satisfies the target landing PTN of the business work order, and the third orchestration device performs operations in the provincial network based on the business work order in the seventh instruction information. Conduct a provincial survey and determine the relevant information of the PTN that the provincial survey meets the target of the business work order. If the provincial survey does not meet the business work order, the confirmation fails and enters the archive process. The third orchestration device passes the first-level business orchestration module to the third level. The first arrangement device receives the relevant information of the target landing PTN sent by the first arrangement device, and the first arrangement device receives the relevant information of the target landing PTN sent by the third arrangement device.

Further, after the target endpoint is successfully added and the route of the target landing PTN is successfully configured, the method also includes:

Connectivity verification is performed through the user end. After the connectivity verification is passed, the user end generates a test report and uploads it to the third orchestration device. The third orchestration device sends the eighth instruction information to the first orchestration device. The first orchestration device receives the eighth instruction information. The eighth instruction information sent by the third orchestration device, the eighth instruction information is used to indicate the connection between the client and the virtual private cloud VPC device, that is, the eighth instruction information indicates that the connectivity verification is passed, and the eighth instruction information includes test Report.

Wherein, the user terminal is connected to the target landing PTN, and the VPC device is connected to the target VGW.

The first orchestration device approves the test report. If the approval is passed, the subsequent process will be carried out. If the approval is not passed, the failure archiving process will be entered.

After successful archiving, billing begins.

After failed archiving, relevant rollback processing is performed.

The following is a detailed description of the overall process of creating a cloud private line provided by the embodiment of the present invention with reference to Figure 4:

The user initiates a converged cloud dedicated line order in the mobile cloud OP ordering module, initiates a moved order to the mobile cloud MOP, and creates an order. After the provincial representative verifies the contract, the contract is approved. If the contract is approved successfully, the first-level business orchestration module is called to initiate a provincial survey. If the contract approval fails, it will enter the failure archiving process to confirm that the activation of the converged cloud dedicated line has failed. The first-level business orchestration module will conduct an intra-provincial survey and return relevant information about the target landing PTN. If the intra-provincial survey fails, it will enter the failed archiving process and confirm the activation. The aggregation of the cloud private line fails. The first orchestration device initiates a cloud private network survey to the first-level service orchestration module based on the relevant information of the target landing PTN. The first-level service orchestration module initiates pre-emption and confirmation of the target NPE to the target control device. The first orchestration device Call the first-level business orchestration module to issue a business work order to the target control device, create a sub-interface and bind the target VPN instance, and add the target endpoint on the cloud network side. If the cloud private network fails to add the target endpoint, enter the failure archiving process and confirm If the aggregation cloud dedicated line fails to be activated and the target endpoint is successfully added, the first orchestration device issues a business work order to the third orchestration device, connects the intra-provincial route, performs intra-provincial activation, and configures the relevant routing of the target PTN. If intra-provincial activation If it fails, enter the failure archiving process to confirm that the activation of the convergence cloud dedicated line failed. After the connectivity verification is passed, upload the test report for approval. If the approval is passed, it is confirmed that the activation of the convergence cloud dedicated line is successful.

It should be noted that the embodiment of the present invention uses MPLS-VPN-based technology to provide the ability to aggregate massive private line routes while ensuring low latency. The cloud private network adopts BGP/MPLS IP VPN networking, that is, the target The VPN instance is a BGP/MPLS IP VPN instance with fast transmission speed. Data packets do not require complex routing. They only need to match based on the labels between the Layer 2 Media Access Control (MAC) header and the Layer 3 IP header. and forwarding. In addition, MPLS-VPN instances can also provide differentiated Quality of Service (QoS) according to customer needs.

The network topology diagram of the cloud private line generated by the embodiment of the present invention is shown in Figure 5, in which the user terminal includes tenant A (CE), tenant B (CE) and tenant C (CE), and the PTN in the provincial network is the target PTN. , the cloud private network uses MPLS-VPN technology. The target NPE includes NPE1 and NPE2. The created target sub-interfaces include sub-interface 1, sub-interface 2, sub-interface 3, sub-interface 4, sub-interface 5 and sub-interface 6. "NPE" is Represents the target NPE, "VGW" refers to the target VGW, "VPC" refers to the VPC device, and "CPE" refers to the target CPE.

Further, the method also includes:

Send ninth instruction information to the target control device, the ninth instruction information is used to instruct the target control device to configure a bidirectional forwarding detection (BFD) function for the target CPE, and the target CPE is used to Detect whether the target CPE and the target VGW are connected according to the BFD function. When the target CPE detects that the connection between the target CPE and the target VGW is disconnected, the target VGW switches to the first CPE connection;

Wherein, the Internet Protocol IP addresses of the first CPE and the target CPE are the same, and the first CPE is connected to the target NPE.

And, the method also includes:

Send tenth indication information to the second orchestration device, the tenth indication information is used to instruct the second orchestration controller to configure the BFD function for the target VGW, and the target VGW is used to detect according to the BFD function Whether the target CPE is connected to the target VGW, and when the target VGW detects that the connection between the target CPE and the target VGW is disconnected, the target VGW switches to a connection with the first CPE;

Wherein, the Internet Protocol IP addresses of the first CPE and the target CPE are the same, and the first CPE is connected to the target NPE.

That is to say, the embodiment of the present invention provides end-to-end automatic configuration of BGP dynamic routing interworking plus bidirectional forwarding detection BFD function, which can quickly detect and monitor the forwarding connectivity status of links or IP routes in the network, and improve network performance. For example, each resource The pool has a pair of VGWs connected to a pair of CPEs in the cloud private network. Once BFD detects that the route is unreachable, it will achieve millisecond-level rapid route convergence and switching, that is, when the connection between the target CPE and the target VGW is disconnected. , the target VGW is switched to be connected to the first CPE, wherein the first CPE and the target CPE have the same Internet Protocol IP address, and the first CPE is connected to the target NPE. In comparison, the method of using static routing plus Software Defined Network (SDN) soft switching or BGP dynamic routing takes several seconds or even minutes to switch, which greatly improves the route switching speed and is almost invisible to users. High availability of the business.

As shown in Figure 6, an embodiment of the present invention also provides a method for opening a cloud dedicated line, which is applied to the second orchestration device. The method includes:

Step 601: Send the Internet address information of the target cloud edge device CPE in the mobile cloud and the Internet address information of the target virtual gateway VGW to the first orchestration device.

Optionally, step 601 includes:

Receive fourth indication information sent by the first orchestration device;

According to the fourth instruction information, create an intra-cloud network in the mobile cloud based on the device identification information of the target CPE and the port identification information of the target CPE, and obtain the Internet address information of the target CPE and the Internet address information of the target VGW; Wherein, the fourth indication information includes device identification information of the target CPE and port identification information of the target CPE;

Send the Internet address information of the target CPE and the Internet address information of the target VGW to the first orchestration device.

Optionally, the method also includes:

Receive the tenth indication information sent by the first orchestration device;

According to the tenth instruction information, the target VGW is configured with a bidirectional forwarding detection BFD function. The target VGW is configured to detect whether the target CPE is connected to the target VGW according to the BFD function. When the target VGW detects the target CPE When the connection with the target VGW is disconnected, the target VGW switches to a connection with the first CPE;

Wherein, the Internet Protocol IP address of the first CPE and the target CPE are the same, and the first CPE is connected to the target network side operator edge equipment NPE;

The device information of the target NPE is obtained by searching the target control device according to the first indication information, and the first indication information is sent by the first orchestration device to the target control device.

It should be noted that the cloud dedicated line activation method applied to the second orchestration device provided by the embodiment of the present invention is a cloud dedicated line activation method on the second orchestration device side corresponding to the cloud dedicated line activation method applied to the first orchestration device. Then all the above embodiments of the cloud dedicated line activation method applied to the first orchestration device are applicable to the cloud dedicated line activation method applied to the second orchestration device, and can achieve the same or similar technical effects.

As shown in Figure 7, an embodiment of the present invention also provides a method for opening a cloud dedicated line, which is applied to a target control device. The method includes:

Step 701: Receive the first instruction information sent by the first orchestration device;

Step 702: Search the device information of the target network-side operator edge device NPE according to the first instruction information, and create a creation based on the device information of the target NPE, the Internet address information of the target cloud edge device CPE, and the Internet address information of the target virtual gateway VGW. Target virtual private network VPN instance;

Step 703: Receive the second instruction information sent by the first orchestration device, create a target sub-interface bound to the target VPN instance according to the second instruction information, and add a target port to the target VPN instance; the target The port is used to connect the target NPE and the target CPE, and the target port is used to connect the target CPE and the target VGW.

Optionally, before receiving the first indication information sent by the first orchestration device, the method further includes:

Receive the fifth instruction information sent by the first orchestration device, and preempt the target CPE according to the fifth instruction information;

After the target CPE is successfully pre-empted, the device identification information of the target CPE and the port identification information of the target CPE are sent to the first orchestration device.

Optionally, receiving the second indication information sent by the first orchestration device includes:

Receive the sixth instruction information sent by the first orchestration device according to the relevant information of the target landing packet transport network PTN in the province, and preempt the target NPE corresponding to the target landing PTN according to the sixth instruction information, and obtain the The equipment information of the target NPE, the relevant information of the target landing PTN is sent by the third orchestration device to the first orchestration device according to the business work order;

Receive the second instruction information sent by the first orchestration device, the second instruction information is used to instruct the target control device to create a target sub-interface bound to the target VPN instance, and instruct the target control device to create a target sub-interface bound to the target VPN instance. The device adds a target port to the target VPN instance according to the device information of the target NPE.

Optionally, the method also includes:

Receive ninth indication information sent by the first orchestration device;

Configure the bidirectional forwarding detection BFD function on the target CPE according to the ninth instruction information. The target CPE is used to detect whether the target CPE and the target VGW are connected according to the BFD function. When the target CPE detects When the connection between the target CPE and the target VGW is disconnected, the target VGW switches to the first CPE;

Wherein, the Internet Protocol IP addresses of the first CPE and the target CPE are the same, and the first CPE is connected to the target NPE.

It should be noted that the cloud dedicated line activation method applied to the target control device provided by the embodiment of the present invention is a cloud dedicated line activation method on the target control device side corresponding to the cloud dedicated line activation method applied to the first orchestration device. All embodiments of the cloud dedicated line activation method applied to the first orchestration device are applicable to the cloud dedicated line activation method applied to the target control device, and can achieve the same or similar technical effects.

As shown in Figure 8, an embodiment of the present invention also provides a method for opening a cloud dedicated line, which is applied to the third orchestration device. The method includes:

Step 801: Receive the third instruction information sent by the first orchestration device;

Step 802: Perform route configuration for the intra-provincial target landing packet transport network PTN according to the third instruction information.

Optionally, before receiving the third indication information sent by the first orchestration device, the method further includes:

Receive seventh indication information sent by the first orchestration device;

Determine relevant information that meets the target landing PTN of the business work order according to the seventh instruction information;

Send relevant information of the target landing PTN to the first orchestration device.

Optionally, the method also includes:

Send eighth instruction information to the first orchestration device, the eighth instruction information is used to indicate the connection between the user terminal and the virtual private cloud VPC device, and the eighth instruction information is the request from the user terminal to the third Sent by three orchestration devices;

Wherein, the client is connected to the target landing PTN, and the VPC device is connected to the target virtual gateway VGW; the Internet address information of the target VGW is determined by the second orchestration device.

It should be noted that the cloud dedicated line activation method applied to the third orchestration device provided by the embodiment of the present invention is a cloud dedicated line activation method on the third orchestration device side corresponding to the cloud dedicated line activation method applied to the first orchestration device. Then all the above embodiments of the cloud dedicated line activation method applied to the first orchestration device are applicable to the cloud dedicated line activation method applied to the third orchestration device, and can achieve the same or similar technical effects.

The embodiment of the present invention proposes a method of using one VPN instance per user per access province, setting up multiple sub-interfaces between the PTN ground equipment and the NPE equipment managed by the cloud private network, and binding the same VPN instance. Before entering the cloud, Perform routing aggregation. It solves the limitations of the number of VPN instances and network resources in the cloud during large-scale access, and improves the utilization of cloud network resources. The standard cloud dedicated line activation process is divided into two steps: creating aggregation point and opening aggregation dedicated line, simplifying N network-side resource configurations plus N cloud-side resource configurations into N network-side configurations plus one cloud-side resource configuration, effectively simplifying The configuration process is simplified and the activation time is reduced. At the same time, the efficient cloud network orchestration system realizes end-to-end automated provisioning of the entire process, reducing the provisioning time and errors in manual configuration. BGP+BFD is used at both ends to achieve rapid route convergence between the local Internet Data Center (IDC) and VPC. Creating an aggregation point is mainly to connect the cloud private network NPE to the planned large IP network in the cloud. The step of creating a cloud private line is to dynamically add endpoints to the aggregation point and include them in the PTN floor equipment and cloud private network. Create multiple sub-interfaces between managed NPE devices and bind them to the same VPN instance.

In response to the large-scale local access point cloud access requirements of the same user, the cloud private line activation method provided by the embodiment of the present invention can effectively simplify the cloud private network and in-cloud configuration compared with the standard cloud private line activation method, and greatly improves the activation efficiency. For example, a user needs to access the cloud for N local access points. According to the standard cloud private line opening method, it is necessary to configure N times in the cloud and create N times of L3VPN for the cloud private network; using the large-scale cloud private line according to the embodiment of the present invention The activation method only needs to be configured once in the cloud and L3VPN is created once in the cloud private network. Not only that, because the routes are aggregated on the cloud private network NPE, compared with the standard cloud private line opening method that will generate N detailed routes in the cloud, the method proposed in the embodiment of the present invention will only add one detailed route in the cloud. Routing, which greatly reduces the consumption of network resources within the cloud.

The cloud dedicated line activation method provided by the embodiment of the present invention provides a high-speed, safe, and stable cloud dedicated line access method, saves a large number of network resources in the cloud and cloud device VPN instances, and divides large-scale dedicated lines into the cloud into creation and aggregation In the two steps of clicking and activating a dedicated line, you only need to configure cloud-side resources once and create L3VPN once. Then you can perform multiple network-side resource configurations as needed, and add endpoints to existing aggregation points, shortening the overall configuration process. The overall provisioning time is reduced. The proposed cloud network resource orchestration system realizes end-to-end fully automated provisioning between local IDC and VPC, improves the efficiency of cloud dedicated line provisioning, and adopts the BGP+BFD solution to realize local IDC and private network VPC. The routes between them are dynamically interconnected and bidirectional forwarding detection is enabled to achieve millisecond-level route convergence and switching, reducing manual intervention and maintenance costs.

Each user and each province share a VPN instance. Multiple sub-interfaces are created between the PTN floor equipment and the NPE managed by the cloud private network and are bound to this VPN instance. It can greatly alleviate the limitation on the number of VPN instances on cloud devices and support the cloud access requirements of more user-side access points.

The embodiments of the present invention improve the current cloud dedicated line technical solution, reduce the activation time of the cloud dedicated line, save network resources, reduce manual intervention, reduce maintenance costs, and can be widely used in large-scale local IDC cloud scenarios.

As shown in Figure 9, an embodiment of the present invention also provides a device for opening a cloud dedicated line, which is applied to the first orchestration device. The device includes:

The first receiving module 901 is configured to receive the Internet address information of the target cloud edge device CPE and the Internet address information of the target virtual gateway VGW in the mobile cloud sent by the second orchestration device;

The first sending module 902 is configured to send first indication information to the target control device, where the first indication information is used to instruct the target control device to search for device information of the target network side operator edge equipment NPE, and instruct the The target control device creates a target virtual private network VPN instance based on the device information of the target NPE, the Internet address information of the target CPE, and the Internet address information of the target VGW;

The second sending module 903 is configured to send second instruction information to the target control device. The second instruction information is used to instruct the target control device to create a target sub-interface bound to the target VPN instance, and send the target sub-interface to the target control device. Add a target port to the target VPN instance; the target port is used to connect the target NPE and the target CPE, and the target port is used to connect the target CPE and the target VGW;

The third sending module 904 is used to send third instruction information to the third orchestration device; the third instruction information is used to instruct the third orchestration device to perform routing configuration of the provincial target landing packet transport network PTN; the target The sub-interface is used to connect the target NPE and the target landing PTN.

Optionally, the first receiving module 901 includes:

The first obtaining unit is used to obtain the device identification information of the target CPE and the port identification information of the target CPE.

A first sending unit configured to send fourth indication information to the second orchestration device, where the fourth indication information is used to instruct the second orchestration device to perform the operation according to the device identification information of the target CPE in the mobile cloud. Create an intra-cloud network in the mobile cloud with the port identification information of the target CPE, and obtain the Internet address information of the target CPE and the Internet address information of the target VGW;

The first receiving unit is configured to receive the Internet address information of the target CPE and the Internet address information of the target VGW sent by the second orchestration device.

Optionally, the first acquisition unit is specifically used for:

Send fifth instruction information to the target control device, where the fifth instruction information is used to instruct the target control device to preempt the target CPE;

Receive the device identification information of the target CPE and the port identification information of the target CPE sent by the target control equipment after successfully pre-empting the target CPE.

Optionally, the second sending module 903 includes:

The second acquisition unit is used to acquire the relevant information of the target landing PTN sent by the third orchestration device according to the business work order;

The second sending unit is configured to send sixth instruction information to the target control device according to the relevant information of the target landing PTN. The sixth instruction information is used to instruct the target control device to correspond to the target landing PTN. Pre-empty the target NPE to obtain the device information of the target NPE;

The third sending unit is configured to send second instruction information to the target control device. The second instruction information is used to instruct the target control device to create a target sub-interface bound to the target VPN instance, and instruct the target control device to create a target sub-interface bound to the target VPN instance. The target control device adds a target port to the target VPN instance according to the device information of the target NPE.

Optionally, the second acquisition unit is specifically used for:

Send seventh instruction information to the third orchestration device, where the seventh instruction information is used to instruct the third orchestration device to determine relevant information that satisfies the target landing PTN of the business work order;

Receive information related to the target landing PTN sent by the third orchestration device.

Optionally, the device also includes:

The first information receiving module is configured to receive the eighth instruction information sent by the third orchestration device. The eighth instruction information is used to indicate the connection between the client and the virtual private cloud VPC device. The eighth instruction information Sent by the user terminal to the third orchestration device;

Wherein, the user terminal is connected to the target landing PTN, and the VPC device is connected to the target VGW.

Optionally, the target VPN instance is a Border Gateway Protocol BGP or a Multi-Protocol Label Switching MPLS Internetworking Protocol IP VPN instance.

Optionally, the device also includes:

The first information sending module is configured to send ninth instruction information to the target control device. The ninth instruction information is used to instruct the target control device to configure the bidirectional forwarding detection BFD function for the target CPE. The target CPE Used to detect whether the target CPE and the target VGW are connected according to the BFD function. When the target CPE detects that the connection between the target CPE and the target VGW is disconnected, the target VGW switches to First CPE connection;

Wherein, the IP addresses of the first CPE and the target CPE are the same, and the first CPE is connected to the target NPE.

Optionally, the device also includes:

The second information sending module is configured to send tenth instruction information to the second orchestration device. The tenth instruction information is used to instruct the second orchestration device to configure the BFD function for the target VGW. The target VGW uses After detecting whether the target CPE and the target VGW are connected according to the BFD function, when the target VGW detects that the connection between the target CPE and the target VGW is disconnected, the target VGW switches to the One CPE connection;

Wherein, the IP addresses of the first CPE and the target CPE are the same, and the first CPE is connected to the target NPE.

It should be noted that the cloud dedicated line activation device applied to the first orchestration device provided by the embodiment of the present invention is a device capable of executing the above-mentioned cloud dedicated line activation method applied to the first orchestration device, then the above-mentioned cloud dedicated line activation method applied to the first orchestration device All embodiments of the device's cloud dedicated line activation method are applicable to the device and can achieve the same or similar technical effects.

As shown in Figure 10, an embodiment of the present invention provides a device for opening a cloud dedicated line, which is applied to the second orchestration device. The device includes:

The fourth sending module 1001 is configured to send the Internet address information of the target cloud edge device CPE in the mobile cloud and the Internet address information of the target virtual gateway VGW to the first orchestration device.

Optionally, the fourth sending module 1001 includes:

a second receiving unit configured to receive the fourth indication information sent by the first orchestration device;

A first processing unit configured to create an intra-cloud network based on the device identification information of the target CPE and the port identification information of the target CPE in the mobile cloud according to the fourth instruction information, and obtain the Internet address information of the target CPE and Internet address information of the target VGW; wherein the fourth indication information includes device identification information of the target CPE and port identification information of the target CPE;

The fourth sending unit is configured to send the Internet address information of the target CPE and the Internet address information of the target VGW to the first orchestration device.

Optionally, the device also includes:

a second information receiving module, configured to receive the tenth indication information sent by the first arrangement device;

A first configuration module configured to configure a bidirectional forwarding detection BFD function on the target VGW according to the tenth instruction information. The target VGW is configured to detect whether the target CPE and the target VGW are connected according to the BFD function. When the VGW detects that the connection between the target CPE and the target VGW is disconnected, the target VGW switches to a connection with the first CPE;

Wherein, the Internet Protocol IP address of the first CPE and the target CPE are the same, and the first CPE is connected to the target network side operator edge equipment NPE;

The device information of the target NPE is obtained by searching the target control device according to the first indication information, and the first indication information is sent by the first orchestration device to the target control device.

It should be noted that the cloud dedicated line activation device applied to the second orchestration device provided by the embodiment of the present invention is a device capable of executing the above-mentioned cloud dedicated line activation method applied to the second orchestration device, then the above-mentioned cloud dedicated line activation method applied to the second orchestration device All embodiments of the device's cloud dedicated line activation method are applicable to the device and can achieve the same or similar technical effects.

As shown in Figure 11, an embodiment of the present invention also provides a device for opening a cloud dedicated line, which is applied to target control equipment. The device includes:

The second receiving module 1101 is used to receive the first indication information sent by the first orchestration device;

The first processing module 1102 is configured to search for the device information of the target network-side operator edge device NPE according to the first indication information, and use the device information of the target NPE, the Internet address information of the target cloud edge device CPE and the target virtual gateway VGW. Create a target virtual private network VPN instance using the Internet address information;

The second processing module 1103 is configured to receive the second instruction information sent by the first orchestration device, create a target sub-interface bound to the target VPN instance according to the second instruction information, and add a target to the target VPN instance. Port; the target port is used to connect the target NPE and the target CPE, and the target port is used to connect the target CPE and the target VGW.

Optionally, the device also includes:

A third information receiving module, configured to receive the fifth instruction information sent by the first orchestration device, and preempt the target CPE according to the fifth instruction information;

The third information sending module is configured to send the device identification information of the target CPE and the port identification information of the target CPE to the first orchestration device after the target CPE is successfully pre-empted.

Optionally, the second processing module 1103 includes:

The second processing unit is configured to receive the sixth instruction information sent by the first orchestration device according to the relevant information of the target landing packet transport network PTN in the province, and to perform the target landing corresponding to the target landing PTN according to the sixth instruction information. The NPE performs pre-emption and obtains the equipment information of the target NPE. The relevant information of the target landing PTN is sent by the third orchestration device to the first orchestration device according to the service work order;

A third receiving unit configured to receive the second instruction information sent by the first orchestration device, where the second instruction information is used to instruct the target control device to create a target sub-interface bound to the target VPN instance. , and instructs the target control device to add a target port to the target VPN instance according to the device information of the target NPE.

Optionally, the device also includes:

A fourth information receiving module, configured to receive the ninth instruction information sent by the first arrangement device;

The second configuration module is configured to configure a bidirectional forwarding detection BFD function for the target CPE according to the ninth indication information, and the target CPE is configured to detect whether the target CPE and the target VGW are connected according to the BFD function, When the target CPE detects that the connection between the target CPE and the target VGW is disconnected, the target VGW switches to a connection with the first CPE;

Wherein, the Internet Protocol IP addresses of the first CPE and the target CPE are the same, and the first CPE is connected to the target NPE.

It should be noted that the cloud dedicated line activation device applied to the target control device provided by the embodiment of the present invention is a device capable of executing the above-mentioned cloud dedicated line activation method applied to the target control device, then the above-mentioned cloud dedicated line activation method applied to the target control device All embodiments of the dedicated line opening method are applicable to this device and can achieve the same or similar technical effects.

As shown in Figure 12, an embodiment of the present invention also provides a device for opening a cloud dedicated line, which is applied to the third orchestration device. The device includes:

The third receiving module 1201 is used to receive the third indication information sent by the first orchestration device;

The third processing module 1202 is configured to perform routing configuration of the provincial target landing packet transport network PTN according to the third indication information.

Optionally, the device also includes:

A fifth information receiving module, configured to receive the seventh indication information sent by the first arrangement device;

The first determination module is configured to determine, according to the seventh instruction information, relevant information that satisfies the target landing PTN of the business work order;

The fourth information sending module is used to send the relevant information of the target landing PTN to the first orchestration device.

Optionally, the device also includes:

The fifth information sending module is configured to send eighth indication information to the first orchestration device. The eighth indication information is used to indicate the connection between the client and the virtual private cloud VPC device. The eighth indication information is Sent by the user end to the third orchestration device;

Wherein, the client is connected to the target landing PTN, and the VPC device is connected to the target virtual gateway VGW; the Internet address information of the target VGW is determined by the second orchestration device.

It should be noted that the cloud dedicated line activation device applied to the third orchestration device provided by the embodiment of the present invention is a device capable of executing the above-mentioned cloud dedicated line activation method applied to the third orchestration device, then the above-mentioned cloud dedicated line activation method applied to the third orchestration device All embodiments of the device's cloud dedicated line activation method are applicable to the device and can achieve the same or similar technical effects.

As shown in Figure 13, an embodiment of the present invention also provides a cloud dedicated line activation system, including: a first orchestration device 1301, a second orchestration device 1302, a target control device 1303, and a third orchestration device 1304;

Wherein, the first orchestration device 1301 is used to execute the following process:

Receive the Internet address information of the target cloud edge device CPE and the Internet address information of the target virtual gateway VGW in the mobile cloud sent by the second orchestration device;

Send first instruction information to the target control device, where the first instruction information is used to instruct the target control device to search for device information of the target network-side operator edge device NPE, and instruct the target control device according to the device of the target NPE. information, the Internet address information of the target CPE and the Internet address information of the target VGW to create a target virtual private network VPN instance;

Send second instruction information to the target control device, where the second instruction information is used to instruct the target control device to create a target sub-interface bound to the target VPN instance and add a target port to the target VPN instance; The target port is used to connect the target NPE and the target CPE, and the target port is used to connect the target CPE and the target VGW;

Send third instruction information to the third orchestration device; the third instruction information is used to instruct the third orchestration device to perform routing configuration of the intra-provincial target landing packet transport network PTN; the target sub-interface is used to connect the target NPE and target landing PTN.

Optionally, the first orchestration device 1301 is specifically used for:

Obtain the device identification information of the target CPE and the port identification information of the target CPE;

Send fourth instruction information to the second orchestration device, where the fourth instruction information is used to instruct the second orchestration device to use the device identification information of the target CPE and the port of the target CPE in the mobile cloud. The identification information creates an intra-cloud network in the mobile cloud, and obtains the Internet address information of the target CPE and the Internet address information of the target VGW;

Receive the Internet address information of the target CPE and the Internet address information of the target VGW sent by the second orchestration device.

Optionally, the first orchestration device 1301 is specifically used for:

Send fifth instruction information to the target control device, where the fifth instruction information is used to instruct the target control device to preempt the target CPE;

Receive the device identification information of the target CPE and the port identification information of the target CPE sent by the target control equipment after successfully pre-empting the target CPE.

Optionally, the first orchestration device 1301 is specifically used for:

Obtain the relevant information of the target landing PTN sent by the third orchestration device according to the business work order;

According to the relevant information of the target landing PTN, sixth instruction information is sent to the target control device. The sixth instruction information is used to instruct the target control device to prepare the target NPE corresponding to the target landing PTN. Account to obtain the device information of the target NPE;

Send second instruction information to the target control device, where the second instruction information is used to instruct the target control device to create a target sub-interface bound to the target VPN instance, and instruct the target control device according to the The device information of the target NPE adds a target port to the target VPN instance.

Optionally, the first orchestration device 1301 is specifically used for:

Send seventh instruction information to the third orchestration device, where the seventh instruction information is used to instruct the third orchestration device to determine relevant information that satisfies the target landing PTN of the business work order;

Receive information related to the target landing PTN sent by the third orchestration device.

Optionally, the first orchestration device 1301 is also used to:

Receive eighth instruction information sent by the third orchestration device, the eighth instruction information is used to indicate the connection between the user terminal and the virtual private cloud VPC device, and the eighth instruction information is the user terminal sending a request to the virtual private cloud VPC device. Sent by the third orchestration device;

Wherein, the user terminal is connected to the target landing PTN, and the VPC device is connected to the target VGW.

Optionally, the target VPN instance is a Border Gateway Protocol BGP or a Multi-Protocol Label Switching MPLS Internetworking Protocol IP VPN instance.

Optionally, the first orchestration device 1301 is also used to:

Send ninth instruction information to the target control device, the ninth instruction information is used to instruct the target control device to configure a bidirectional forwarding detection BFD function for the target CPE, and the target CPE is used to detect according to the BFD function Whether the target CPE is connected to the target VGW, and when the target CPE detects that the connection between the target CPE and the target VGW is disconnected, the target VGW switches to a connection with the first CPE;

Wherein, the IP addresses of the first CPE and the target CPE are the same, and the first CPE is connected to the target NPE.

Optionally, the first orchestration device 1301 is also used to:

Send tenth indication information to the second orchestration device, the tenth indication information is used to instruct the second orchestration device to configure the BFD function for the target VGW, and the target VGW is used to detect the BFD function according to the BFD function. Whether the target CPE is connected to the target VGW, and when the target VGW detects that the connection between the target CPE and the target VGW is disconnected, the target VGW switches to the first CPE;

Wherein, the IP addresses of the first CPE and the target CPE are the same, and the first CPE is connected to the target NPE.

The second orchestration device 1302 is used to execute the following process:

Send the Internet address information of the target cloud edge device CPE in the mobile cloud and the Internet address information of the target virtual gateway VGW to the first orchestration device.

Optionally, the second orchestration device 1302 is specifically used for:

Receive fourth indication information sent by the first orchestration device;

According to the fourth instruction information, create an intra-cloud network in the mobile cloud based on the device identification information of the target CPE and the port identification information of the target CPE, and obtain the Internet address information of the target CPE and the Internet address information of the target VGW; Wherein, the fourth indication information includes device identification information of the target CPE and port identification information of the target CPE;

Send the Internet address information of the target CPE and the Internet address information of the target VGW to the first orchestration device.

Optionally, the second orchestration device 1302 is also used to:

Receive the tenth indication information sent by the first orchestration device;

According to the tenth instruction information, the target VGW is configured with a bidirectional forwarding detection BFD function. The target VGW is configured to detect whether the target CPE is connected to the target VGW according to the BFD function. When the target VGW detects the target CPE When the connection with the target VGW is disconnected, the target VGW switches to a connection with the first CPE;

Wherein, the Internet Protocol IP address of the first CPE and the target CPE are the same, and the first CPE is connected to the target network side operator edge equipment NPE;

The device information of the target NPE is obtained by searching the target control device according to the first indication information, and the first indication information is sent by the first orchestration device to the target control device.

The target control device 1303 is used to execute the following process:

Receive the first instruction information sent by the first orchestration device;

Search the device information of the target network-side operator's edge device NPE according to the first instruction information, and create the target virtual private address based on the device information of the target NPE, the Internet address information of the target cloud edge device CPE, and the Internet address information of the target virtual gateway VGW. Network VPN instance;

Receive the second instruction information sent by the first orchestration device, create a target sub-interface bound to the target VPN instance according to the second instruction information, and add a target port to the target VPN instance; the target port is used to The target NPE and the target CPE are connected, and the target port is used to connect the target CPE and the target VGW.

Optionally, the target control device 1303 is also used to:

Receive the fifth instruction information sent by the first orchestration device, and preempt the target CPE according to the fifth instruction information;

After the target CPE is successfully pre-empted, the device identification information of the target CPE and the port identification information of the target CPE are sent to the first orchestration device.

Optionally, the target control device 1303 is specifically used for:

Receive the sixth instruction information sent by the first orchestration device according to the relevant information of the target landing packet transport network PTN in the province, and preempt the target NPE corresponding to the target landing PTN according to the sixth instruction information, and obtain the The equipment information of the target NPE, the relevant information of the target landing PTN is sent by the third orchestration device to the first orchestration device according to the business work order;

Receive the second instruction information sent by the first orchestration device, the second instruction information is used to instruct the target control device to create a target sub-interface bound to the target VPN instance, and instruct the target control device to create a target sub-interface bound to the target VPN instance. The device adds a target port to the target VPN instance according to the device information of the target NPE.

Optionally, the target control device 1303 is also used to:

Receive ninth indication information sent by the first orchestration device;

Configure the bidirectional forwarding detection BFD function on the target CPE according to the ninth instruction information. The target CPE is used to detect whether the target CPE and the target VGW are connected according to the BFD function. When the target CPE detects When the connection between the target CPE and the target VGW is disconnected, the target VGW switches to the first CPE;

Wherein, the Internet Protocol IP addresses of the first CPE and the target CPE are the same, and the first CPE is connected to the target NPE.

The third orchestration device 1304 is used to execute the following process:

Receive the third instruction information sent by the first orchestration device;

Route configuration of the intra-provincial target landing packet transport network PTN is performed according to the third instruction information.

Optionally, the third orchestration device 1304 is also used to:

Receive seventh indication information sent by the first orchestration device;

Determine relevant information that meets the target landing PTN of the business work order according to the seventh instruction information;

Send relevant information of the target landing PTN to the first orchestration device.

Optionally, the third orchestration device 1304 is also used to:

Send eighth instruction information to the first orchestration device, the eighth instruction information is used to indicate the connection between the user terminal and the virtual private cloud VPC device, and the eighth instruction information is the request from the user terminal to the third Sent by three orchestration devices;

Wherein, the client is connected to the target landing PTN, and the VPC device is connected to the target virtual gateway VGW; the Internet address information of the target VGW is determined by the second orchestration device.

In addition, specific embodiments of the present invention also provide a computer-readable storage medium on which a computer program is stored, wherein when the program is executed by a processor, the steps in the method for opening a cloud dedicated line as described in any one of the above are implemented.

In the several embodiments provided in this application, it should be understood that the disclosed methods and devices can be implemented in other ways. For example, the device embodiments described above are only illustrative. For example, the division of the units is only a logical function division. In actual implementation, there may be other division methods. For example, multiple units or components may be combined or can be integrated into another system, or some features can be ignored, or not implemented. On the other hand, the coupling or direct coupling or communication connection between each other shown or discussed may be through some interfaces, and the indirect coupling or communication connection of the devices or units may be in electrical, mechanical or other forms.

In addition, each functional unit in various embodiments of the present invention can be integrated into one processing unit, or each unit can be physically included separately, or two or more units can be integrated into one unit. The above integrated unit can be implemented in the form of hardware or in the form of hardware plus software functional units.

The above-mentioned integrated unit implemented in the form of a software functional unit can be stored in a computer-readable storage medium. The above-mentioned software functional unit is stored in a storage medium, and includes using several instructions to cause a computer device (which can be a personal computer, a server, or a network device, etc.) to execute some steps of the sending and receiving methods described in various embodiments of the present invention. The aforementioned storage media include: U disk, mobile hard disk, read-only memory (ROM), random access memory (RAM), magnetic disk or optical disk, etc., which can store program code. medium.

The above is the preferred embodiment of the present invention. It should be pointed out that for those of ordinary skill in the art, several improvements and modifications can be made without departing from the principles of the present invention. These improvements and modifications can also be made. should be regarded as the protection scope of the present invention.

Claims (21)

1. A cloud private line opening method, which is applied to a first orchestration device, the method comprising:

receiving Internet address information of a target cloud edge device CPE and Internet address information of a target virtual gateway VGW in the mobile cloud sent by the second arrangement device;

the method comprises the steps of sending first indication information to target control equipment, wherein the first indication information is used for indicating the target control equipment to search equipment information of target network side operator edge equipment NPE, and indicating the target control equipment to establish a target virtual private network VPN instance according to the equipment information of the target NPE, the Internet address information of target CPE and the Internet address information of target VGW;

sending second indication information to the target control equipment, wherein the second indication information is used for indicating the target control equipment to create a target subinterface bound with a target VPN instance and adding a target port to the target VPN instance; the target port is used for connecting the target NPE and the target CPE, and the target port is used for connecting the target CPE and the target VGW;

transmitting third indication information to a third orchestration device; the third indication information is used for indicating the third arrangement equipment to perform route configuration of the intra-provincial target landing packet transport network PTN; the target sub-interface is used for connecting the target NPE and the target landing PTN.

2. The cloud private line opening method according to claim 1, wherein the receiving the internet address information of the target cloud edge device CPE and the internet address information of the target virtual gateway VGW in the mobile cloud sent by the second arrangement device includes:

acquiring equipment identification information of the target CPE and port identification information of the target CPE;

sending fourth indication information to the second arrangement device, where the fourth indication information is used to indicate that the second arrangement device creates an intra-cloud network in the mobile cloud according to the device identification information of the target CPE and the port identification information of the target CPE, so as to obtain internet address information of the target CPE and internet address information of the target VGW;

and receiving the Internet address information of the target CPE and the Internet address information of the target VGW, which are sent by the second arrangement equipment.

3. The cloud private line provisioning method according to claim 2, wherein obtaining the device identification information of the target CPE and the port identification information of the target CPE comprises:

transmitting fifth instruction information to the target control device, wherein the fifth instruction information is used for instructing the target control device to camp on the target CPE;

And receiving the equipment identification information of the target CPE and the port identification information of the target CPE, which are sent by the target control equipment after the target CPE is successfully preempted.

4. The cloud private line opening method according to claim 1, wherein sending second instruction information to the target control device includes:

acquiring related information of the target landing PTN sent by the third arrangement equipment according to a service work order;

according to the related information of the target landing PTN, sixth indication information is sent to the target control equipment, wherein the sixth indication information is used for indicating the target control equipment to pre-occupy the target NPE corresponding to the target landing PTN, so as to obtain equipment information of the target NPE;

and sending second indication information to the target control equipment, wherein the second indication information is used for indicating the target control equipment to create a target subinterface bound with the target VPN instance and indicating the target control equipment to add a target port to the target VPN instance according to the equipment information of the target NPE.

5. The cloud private line opening method according to claim 4, wherein obtaining the related information of the target landing PTN sent by the third arrangement device according to a service work order includes:

Transmitting seventh indication information to the third arranging device, wherein the seventh indication information is used for indicating the third arranging device to determine relevant information meeting the target landing PTN of the service work order;

and receiving the related information of the target landing PTN sent by the third arrangement equipment.

6. The cloud private line opening method according to claim 1, further comprising:

receiving eighth indication information sent by the third arrangement device, wherein the eighth indication information is used for indicating communication between a user side and Virtual Private Cloud (VPC) equipment, and the eighth indication information is sent by the user side to the third arrangement device;

the user terminal is connected with the target landing PTN, and the VPC device is connected with the target VGW.

7. The cloud private provisioning method of claim 1, wherein the target VPN instance is a border gateway protocol BGP or a multiprotocol label switching MPLS internet protocol IP VPN instance.

8. The cloud private line opening method according to claim 1, further comprising:

transmitting ninth indication information to the target control device, where the ninth indication information is used to instruct the target control device to configure a bidirectional forwarding detection BFD function for the target CPE, and the target CPE is used to detect whether the target CPE is connected to the target VGW according to the BFD function, and if the target CPE detects that the target CPE is disconnected from the target VGW, the target VGW is switched to connect to the first CPE;

The first CPE is connected with the target NPE, and the IP addresses of the first CPE and the target CPE are the same.

9. The cloud private line opening method according to claim 1, further comprising:

transmitting tenth indication information to the second arranging device, where the tenth indication information is used to instruct the second arranging device to configure a BFD function for the target VGW, and the target VGW is used to detect whether the target CPE is connected to the target VGW according to the BFD function, and if the target VGW detects that the target CPE is disconnected from the target VGW, the target VGW is switched to connect to the first CPE;

the first CPE is connected with the target NPE, and the IP addresses of the first CPE and the target CPE are the same.

10. A cloud private line opening method, which is applied to a second orchestration device, the method comprising:

the method comprises the steps of sending Internet address information of a target cloud edge device CPE and Internet address information of a target virtual gateway VGW in a mobile cloud to first arrangement equipment;

the first arrangement device is used for sending first indication information to the target control device and sending second indication information to the target control device; the first indication information is used for indicating the target control equipment to search equipment information of the target network side operator edge equipment NPE, and indicating the target control equipment to establish a target virtual private network VPN instance according to the equipment information of the target NPE, the Internet address information of the target CPE and the Internet address information of the target VGW; the second indication information is used for indicating the target control equipment to create a target subinterface bound with a target VPN instance and adding a target port to the target VPN instance; the target port is used for connecting the target NPE and the target CPE, and the target port is used for connecting the target CPE and the target VGW.

11. The cloud private line opening method according to claim 10, wherein sending, to the first orchestration device, internet address information of the target cloud edge device CPE and internet address information of the target virtual gateway VGW in the mobile cloud, includes:

receiving fourth indication information sent by the first arrangement equipment;

according to the fourth indication information, an intra-cloud network is created in the mobile cloud according to the equipment identification information of the target CPE and the port identification information of the target CPE, and the Internet address information of the target CPE and the Internet address information of the target VGW are obtained; the fourth indication information comprises equipment identification information of the target CPE and port identification information of the target CPE;

and sending the Internet address information of the target CPE and the Internet address information of the target VGW to the first arrangement equipment.

12. The cloud private-line opening method according to claim 10, further comprising:

receiving tenth indication information sent by the first arranging device;

configuring a Bidirectional Forwarding Detection (BFD) function for a target VGW according to the tenth indication information, wherein the target VGW is used for detecting whether a target CPE is connected with the target VGW according to the BFD function, and switching the target VGW to be connected with a first CPE when the target VGW detects that the target CPE is disconnected with the target VGW;

The first CPE is connected with an NPE (network point equipment) of a target network side operator;

the equipment information of the target NPE is obtained by searching the target control equipment according to first indication information, and the first indication information is sent to the target control equipment by the first arrangement equipment.

13. The cloud private line opening method is characterized by being applied to target control equipment, and comprises the following steps:

receiving first indication information sent by first arrangement equipment;

searching equipment information of the target network side operator edge equipment NPE according to the first indication information, and creating a target virtual private network VPN instance according to the equipment information of the target NPE, the Internet address information of the target cloud edge equipment CPE and the Internet address information of the target virtual gateway VGW;

receiving second indication information sent by the first arrangement equipment, creating a target sub-interface bound with a target VPN instance according to the second indication information, and adding a target port to the target VPN instance; the target port is used for connecting the target NPE and the target CPE, and the target port is used for connecting the target CPE and the target VGW.

14. The cloud private-line opening method according to claim 13, wherein before receiving the first indication information sent by the first orchestration device, the method further comprises:

receiving fifth indicating information sent by the first arranging device, and pre-occupying the target CPE according to the fifth indicating information;

and after the target CPE is successfully preempted, transmitting the equipment identification information of the target CPE and the port identification information of the target CPE to the first arranging equipment.

15. The cloud private line opening method according to claim 13, wherein receiving the second indication information sent by the first orchestration device includes:

receiving sixth indication information sent by the first arrangement device according to related information of a destination landing packet transport network PTN in a province, and pre-occupying the destination NPE corresponding to the destination landing PTN according to the sixth indication information to obtain device information of the destination NPE, wherein the related information of the destination landing PTN is sent by a third arrangement device to the first arrangement device according to a business worker;

and receiving the second indication information sent by the first arrangement device, wherein the second indication information is used for indicating the target control device to create a target sub-interface bound with the target VPN instance and indicating the target control device to add a target port to the target VPN instance according to the device information of the target NPE.

16. The cloud private-line opening method according to claim 13, further comprising:

receiving ninth indication information sent by the first arrangement device;

configuring a Bidirectional Forwarding Detection (BFD) function for the target CPE according to the ninth indication information, wherein the target CPE is used for detecting whether the target CPE is connected with the target VGW according to the BFD function, and switching the target VGW to be connected with the first CPE when the target CPE detects that the target CPE is disconnected with the target VGW;

the first CPE is connected with the target NPE, and the Internet Interconnection Protocol (IP) address of the first CPE is the same as that of the target CPE.

17. A cloud private line opening device, characterized by being applied to a first orchestration device, the device comprising:

the first receiving module is used for receiving the internet address information of the target cloud edge equipment CPE and the internet address information of the target virtual gateway VGW in the mobile cloud sent by the second arrangement equipment;

the device comprises a first sending module, a second sending module and a target control device, wherein the first sending module is used for sending first indication information to the target control device, the first indication information is used for indicating the target control device to search equipment information of target network side operator edge equipment NPE, and the target control device is indicated to establish a target virtual private network VPN instance according to the equipment information of the target NPE, internet address information of target CPE and Internet address information of target VGW;

The second sending module is used for sending second indication information to the target control equipment, wherein the second indication information is used for indicating the target control equipment to create a target subinterface bound with a target VPN instance and adding a target port to the target VPN instance; the target port is used for connecting the target NPE and the target CPE, and the target port is used for connecting the target CPE and the target VGW;

the third sending module is used for sending third indication information to third arranging equipment; the third indication information is used for indicating the third arrangement equipment to perform route configuration of the intra-provincial target landing packet transport network PTN; the target sub-interface is used for connecting the target NPE and the target landing PTN.

18. A cloud private line opening device, characterized by being applied to a second orchestration device, the device comprising:

the fourth sending module is used for sending the internet address information of the target cloud edge equipment CPE and the internet address information of the target virtual gateway VGW in the mobile cloud to the first arrangement equipment;

the first arrangement device is used for sending first indication information to the target control device and sending second indication information to the target control device; the first indication information is used for indicating the target control equipment to search equipment information of the target network side operator edge equipment NPE, and indicating the target control equipment to establish a target virtual private network VPN instance according to the equipment information of the target NPE, the Internet address information of the target CPE and the Internet address information of the target VGW; the second indication information is used for indicating the target control equipment to create a target subinterface bound with a target VPN instance and adding a target port to the target VPN instance; the target port is used for connecting the target NPE and the target CPE, and the target port is used for connecting the target CPE and the target VGW.

19. A cloud private line opening device, characterized by being applied to a target control apparatus, the device comprising:

the second receiving module is used for receiving the first indication information sent by the first arranging equipment;

the first processing module is used for searching equipment information of the target network side operator edge equipment NPE according to the first indication information, and creating a target virtual private network VPN instance according to the equipment information of the target NPE, the Internet address information of the target cloud edge equipment CPE and the Internet address information of the target virtual gateway VGW;

the second processing module is used for receiving second indication information sent by the first arrangement device, creating a target subinterface bound with a target VPN instance according to the second indication information, and adding a target port to the target VPN instance; the target port is used for connecting the target NPE and the target CPE, and the target port is used for connecting the target CPE and the target VGW.

20. A cloud private line provisioning system, comprising: a first orchestration device, a second orchestration device, and a target control device;

wherein the first orchestration device is configured to perform the cloud private provisioning method according to any of claims 1 to 9;

The second orchestration device is configured to perform the cloud private provisioning method according to any one of claims 10 to 12;

the target control device is configured to perform the cloud private line opening method according to any one of claims 13 to 16.

21. A readable storage medium having stored thereon a program or instructions, which when executed by a processor, implements the steps in the cloud private-line opening method according to any one of claims 1 to 9, or the steps in the cloud private-line opening method according to any one of claims 10 to 12, or the steps in the cloud private-line opening method according to any one of claims 13 to 16.