文章來源:神華集團有限責任(ren)公司 發布時間:2009-07-18
近日,經國際網絡巨鱷思科專家確認,神華集團所屬朔黃鐵路公司在國內第一個實現了虛擬網絡。目前國際上只有幾家企業實現了虛擬網絡,朔黃鐵路公司經過不斷學習,科學論證,實現了企業信息虛擬網絡,填補了國內虛擬網絡技術空白。
據(ju)(ju)悉,信息化(hua)(hua)網(wang)(wang)絡(luo)(luo)由于(yu)安(an)(an)(an)全(quan)和(he)技(ji)(ji)術(shu)等原(yuan)因,一個(ge)應(ying)用(yong)(yong)(yong)系(xi)(xi)(xi)統(tong)(tong)(tong)(tong)的(de)(de)(de)(de)(de)物理(li)(li)隔離(li)技(ji)(ji)術(shu)需要(yao)采用(yong)(yong)(yong)建(jian)(jian)設(she)一套網(wang)(wang)絡(luo)(luo)系(xi)(xi)(xi)統(tong)(tong)(tong)(tong)的(de)(de)(de)(de)(de)方(fang)(fang)法,對于(yu)高(gao)技(ji)(ji)術(shu)密集型(xing)企業而(er)言,各(ge)專(zhuan)業系(xi)(xi)(xi)統(tong)(tong)(tong)(tong)越(yue)多(duo),必將建(jian)(jian)設(she)網(wang)(wang)絡(luo)(luo)系(xi)(xi)(xi)統(tong)(tong)(tong)(tong)越(yue)多(duo),維(wei)護(hu)難(nan),費用(yong)(yong)(yong)高(gao)。按照國內常規網(wang)(wang)絡(luo)(luo)技(ji)(ji)術(shu)慣(guan)例,如(ru)果(guo)(guo)涉及運輸(shu)(shu)、安(an)(an)(an)全(quan)監(jian)控、自動化(hua)(hua)辦公(gong)、經營系(xi)(xi)(xi)統(tong)(tong)(tong)(tong)的(de)(de)(de)(de)(de)安(an)(an)(an)全(quan)和(he)穩定性(xing)因素(su),需要(yao)建(jian)(jian)設(she)十幾套網(wang)(wang)絡(luo)(luo)。朔黃鐵(tie)路(lu)公(gong)司根據(ju)(ju)實(shi)際情況,從基礎做(zuo)起,經過與專(zhuan)家研究(jiu)探討后,決定應(ying)用(yong)(yong)(yong)虛(xu)(xu)擬網(wang)(wang)絡(luo)(luo)(VPN)技(ji)(ji)術(shu),即在一張物理(li)(li)網(wang)(wang)絡(luo)(luo)平臺(tai)上,采用(yong)(yong)(yong)邏輯(ji)隔離(li)的(de)(de)(de)(de)(de)技(ji)(ji)術(shu),實(shi)現(xian)各(ge)個(ge)業務(wu)(wu)系(xi)(xi)(xi)統(tong)(tong)(tong)(tong)的(de)(de)(de)(de)(de)虛(xu)(xu)擬化(hua)(hua)信息交換,不僅可以節省傳(chuan)輸(shu)(shu)部署成(cheng)(cheng)(cheng)本,而(er)且(qie)可以增加各(ge)業務(wu)(wu)系(xi)(xi)(xi)統(tong)(tong)(tong)(tong)之間的(de)(de)(de)(de)(de)安(an)(an)(an)全(quan)性(xing)和(he)可靠性(xing)保障。目前,國際成(cheng)(cheng)(cheng)熟的(de)(de)(de)(de)(de)虛(xu)(xu)擬網(wang)(wang)絡(luo)(luo)技(ji)(ji)術(shu)主要(yao)有MPLS VPN、VLAN、MCE三種(zhong)方(fang)(fang)式(shi)(shi):MPLS VPN方(fang)(fang)式(shi)(shi),雖然可以很好(hao)滿足要(yao)求(qiu),但(dan)是投資(zi)成(cheng)(cheng)(cheng)本高(gao),而(er)且(qie)技(ji)(ji)術(shu)復雜度高(gao);VLAN方(fang)(fang)式(shi)(shi),建(jian)(jian)網(wang)(wang)成(cheng)(cheng)(cheng)本低(di)、VPN業務(wu)(wu)部署簡(jian)單,但(dan)是VLAN方(fang)(fang)式(shi)(shi)靈(ling)活性(xing)很差(cha),容易形成(cheng)(cheng)(cheng)廣播(bo)環(huan)路(lu)等問(wen)題(ti),對于(yu)安(an)(an)(an)全(quan)和(he)帶寬(kuan)利用(yong)(yong)(yong)都帶來問(wen)題(ti);虛(xu)(xu)擬網(wang)(wang)絡(luo)(luo)技(ji)(ji)術(shu)--MCE(Multi-VRF)方(fang)(fang)式(shi)(shi),具備(bei)VLAN方(fang)(fang)式(shi)(shi)的(de)(de)(de)(de)(de)低(di)成(cheng)(cheng)(cheng)本投資(zi)和(he)維(wei)護(hu)簡(jian)易特(te)點(dian)的(de)(de)(de)(de)(de)同時,還具備(bei)MPLS VPN方(fang)(fang)式(shi)(shi)安(an)(an)(an)全(quan)隔離(li)好(hao),靈(ling)活性(xing)好(hao),故障自愈快的(de)(de)(de)(de)(de)優(you)點(dian)。通過對比分(fen)析(xi),朔黃鐵(tie)路(lu)公(gong)司結合傳(chuan)輸(shu)(shu)的(de)(de)(de)(de)(de)MSTP技(ji)(ji)術(shu),將網(wang)(wang)絡(luo)(luo)采用(yong)(yong)(yong)三層交換機,實(shi)現(xian)各(ge)站的(de)(de)(de)(de)(de)互(hu)聯;選(xuan)擇(ze)MCE技(ji)(ji)術(shu)實(shi)現(xian)業務(wu)(wu)系(xi)(xi)(xi)統(tong)(tong)(tong)(tong)的(de)(de)(de)(de)(de)邏輯(ji)隔離(li),在每個(ge)車(che)站和(he)中心分(fen)別部署運輸(shu)(shu)管理(li)(li)、經營管理(li)(li)、視(shi)頻會議、工程管理(li)(li)、安(an)(an)(an)全(quan)監(jian)控、5T系(xi)(xi)(xi)統(tong)(tong)(tong)(tong)、運力(li)資(zi)源等VPN業務(wu)(wu)系(xi)(xi)(xi)統(tong)(tong)(tong)(tong),并(bing)逐步擴展到了30多(duo)個(ge)VPN業務(wu)(wu)系(xi)(xi)(xi)統(tong)(tong)(tong)(tong),虛(xu)(xu)擬網(wang)(wang)絡(luo)(luo)經過一年的(de)(de)(de)(de)(de)應(ying)用(yong)(yong)(yong),達到了預(yu)期效果(guo)(guo)。