文章來源:神華集團有限(xian)責(ze)任公司 發布時間:2009-07-18
近日,經國際網絡巨鱷思科專家確認,神華集團所屬朔黃鐵路公司在國內第一個實現了虛擬網絡。目前國際上只有幾家企業實現了虛擬網絡,朔黃鐵路公司經過不斷學習,科學論證,實現了企業信息虛擬網絡,填補了國內虛擬網絡技術空白。
據悉,信息化(hua)(hua)網(wang)(wang)絡(luo)(luo)(luo)由于安全(quan)和(he)技(ji)(ji)(ji)術(shu)(shu)(shu)(shu)(shu)等(deng)(deng)原因,一(yi)(yi)個(ge)應用(yong)系(xi)(xi)(xi)(xi)統(tong)(tong)(tong)(tong)的(de)(de)(de)物理隔(ge)離(li)技(ji)(ji)(ji)術(shu)(shu)(shu)(shu)(shu)需要(yao)采(cai)用(yong)建(jian)設(she)一(yi)(yi)套網(wang)(wang)絡(luo)(luo)(luo)系(xi)(xi)(xi)(xi)統(tong)(tong)(tong)(tong)的(de)(de)(de)方(fang)(fang)(fang)(fang)(fang)法,對于高(gao)技(ji)(ji)(ji)術(shu)(shu)(shu)(shu)(shu)密集型企業(ye)而(er)言,各專業(ye)系(xi)(xi)(xi)(xi)統(tong)(tong)(tong)(tong)越(yue)多(duo),必將建(jian)設(she)網(wang)(wang)絡(luo)(luo)(luo)系(xi)(xi)(xi)(xi)統(tong)(tong)(tong)(tong)越(yue)多(duo),維護難,費用(yong)高(gao)。按照國內(nei)常規(gui)網(wang)(wang)絡(luo)(luo)(luo)技(ji)(ji)(ji)術(shu)(shu)(shu)(shu)(shu)慣例(li),如果涉及運輸、安全(quan)監控(kong)、自(zi)(zi)動(dong)化(hua)(hua)辦公、經(jing)(jing)營系(xi)(xi)(xi)(xi)統(tong)(tong)(tong)(tong)的(de)(de)(de)安全(quan)和(he)穩(wen)定(ding)性(xing)因素,需要(yao)建(jian)設(she)十幾套網(wang)(wang)絡(luo)(luo)(luo)。朔黃鐵路(lu)公司根據實(shi)際(ji)(ji)情況,從基礎做(zuo)起,經(jing)(jing)過(guo)(guo)與(yu)專家(jia)研究探討(tao)后,決(jue)定(ding)應用(yong)虛(xu)擬網(wang)(wang)絡(luo)(luo)(luo)(VPN)技(ji)(ji)(ji)術(shu)(shu)(shu)(shu)(shu),即在一(yi)(yi)張物理網(wang)(wang)絡(luo)(luo)(luo)平(ping)臺(tai)上,采(cai)用(yong)邏(luo)輯隔(ge)離(li)的(de)(de)(de)技(ji)(ji)(ji)術(shu)(shu)(shu)(shu)(shu),實(shi)現(xian)各個(ge)業(ye)務系(xi)(xi)(xi)(xi)統(tong)(tong)(tong)(tong)的(de)(de)(de)虛(xu)擬化(hua)(hua)信息交換,不僅可以(yi)節省(sheng)傳(chuan)輸部署成本(ben),而(er)且(qie)可以(yi)增加各業(ye)務系(xi)(xi)(xi)(xi)統(tong)(tong)(tong)(tong)之間的(de)(de)(de)安全(quan)性(xing)和(he)可靠性(xing)保障(zhang)。目前,國際(ji)(ji)成熟的(de)(de)(de)虛(xu)擬網(wang)(wang)絡(luo)(luo)(luo)技(ji)(ji)(ji)術(shu)(shu)(shu)(shu)(shu)主要(yao)有MPLS VPN、VLAN、MCE三種方(fang)(fang)(fang)(fang)(fang)式(shi)(shi)(shi)(shi)(shi):MPLS VPN方(fang)(fang)(fang)(fang)(fang)式(shi)(shi)(shi)(shi)(shi),雖然可以(yi)很好滿足要(yao)求(qiu),但是投資(zi)成本(ben)高(gao),而(er)且(qie)技(ji)(ji)(ji)術(shu)(shu)(shu)(shu)(shu)復雜度高(gao);VLAN方(fang)(fang)(fang)(fang)(fang)式(shi)(shi)(shi)(shi)(shi),建(jian)網(wang)(wang)成本(ben)低、VPN業(ye)務部署簡單,但是VLAN方(fang)(fang)(fang)(fang)(fang)式(shi)(shi)(shi)(shi)(shi)靈(ling)活性(xing)很差,容(rong)易形成廣播(bo)環路(lu)等(deng)(deng)問(wen)題,對于安全(quan)和(he)帶(dai)寬利用(yong)都帶(dai)來問(wen)題;虛(xu)擬網(wang)(wang)絡(luo)(luo)(luo)技(ji)(ji)(ji)術(shu)(shu)(shu)(shu)(shu)--MCE(Multi-VRF)方(fang)(fang)(fang)(fang)(fang)式(shi)(shi)(shi)(shi)(shi),具備(bei)VLAN方(fang)(fang)(fang)(fang)(fang)式(shi)(shi)(shi)(shi)(shi)的(de)(de)(de)低成本(ben)投資(zi)和(he)維護簡易特點的(de)(de)(de)同時,還具備(bei)MPLS VPN方(fang)(fang)(fang)(fang)(fang)式(shi)(shi)(shi)(shi)(shi)安全(quan)隔(ge)離(li)好,靈(ling)活性(xing)好,故(gu)障(zhang)自(zi)(zi)愈快的(de)(de)(de)優(you)點。通過(guo)(guo)對比分析,朔黃鐵路(lu)公司結合傳(chuan)輸的(de)(de)(de)MSTP技(ji)(ji)(ji)術(shu)(shu)(shu)(shu)(shu),將網(wang)(wang)絡(luo)(luo)(luo)采(cai)用(yong)三層交換機,實(shi)現(xian)各站的(de)(de)(de)互聯;選擇MCE技(ji)(ji)(ji)術(shu)(shu)(shu)(shu)(shu)實(shi)現(xian)業(ye)務系(xi)(xi)(xi)(xi)統(tong)(tong)(tong)(tong)的(de)(de)(de)邏(luo)輯隔(ge)離(li),在每個(ge)車站和(he)中心分別部署運輸管理、經(jing)(jing)營管理、視頻(pin)會議、工(gong)程管理、安全(quan)監控(kong)、5T系(xi)(xi)(xi)(xi)統(tong)(tong)(tong)(tong)、運力資(zi)源(yuan)等(deng)(deng)VPN業(ye)務系(xi)(xi)(xi)(xi)統(tong)(tong)(tong)(tong),并(bing)逐步擴展到了30多(duo)個(ge)VPN業(ye)務系(xi)(xi)(xi)(xi)統(tong)(tong)(tong)(tong),虛(xu)擬網(wang)(wang)絡(luo)(luo)(luo)經(jing)(jing)過(guo)(guo)一(yi)(yi)年的(de)(de)(de)應用(yong),達到了預期(qi)效果。