CN103036919A

CN103036919A - Method and device for achieving migration of virtual machine in virtual private cloud (VPC)

Info

Publication number: CN103036919A
Application number: CN2011102992718A
Authority: CN
Inventors: 梁铮; 宾梵翔; 温海波; 郑军
Original assignee: Alcatel Lucent Shanghai Bell Co Ltd
Current assignee: Nokia Shanghai Bell Co Ltd
Priority date: 2011-09-30
Filing date: 2011-09-30
Publication date: 2013-04-10
Anticipated expiration: 2031-09-30
Also published as: CN103036919B

Abstract

The invention provides a method and a device for achieving migration of a virtual machine in VPC. The method includes maintaining binding information between a virtual machine binary identifier for identifying the virtual machine and a provider edge router for providing service for the virtual machine; and under the condition that grouped data to the virtual machine are received, determining a binary identifier of a target virtual machine based on a received data packet, and determining the provider edge router associated with the binary identifier according to the maintained binding information, wherein the grouped data are to be routed to the determined provider edge router, and the binary identifier of the virtual machine comprises a private IP address of the virtual machine and a specificator capable of identifying a virtual private network (VPN) where the virtual machine is located.

Description

Be used for realizing the method and apparatus of the migration of virtual machine in virtual privately owned cloud

Technical field

The present invention relates generally to network service.More specifically, the present invention relates to the migration of the virtual machine in the virtual privately owned cloud.

Background technology

The appearance of cloud computing has changed the computation schema of user terminal--and computer center is transferred to network side from client, greatly reduced the requirement to the serviceability of client.Such computing architecture is so that thin-client becomes possibility, thereby provides wider development space for client device.In addition, such computing architecture is also so that the client device that allows script not possess large capacity, high processing and computational speed uses more network application, and especially those require the application of high calculating and strength reason ability.Therefore, cloud computing can provide than any prior art to client and all more many renewal, attractive service.The application that at present cloud computing combines with thin-client becomes more and more popular, and will become one of focus of networking technology area in future.

In simple terms, cloud computing mainly is by Intel Virtualization Technology, and the evaluation work on the client device is transferred on the equipment in the network, and the equipment of having accepted this evaluation work often is called the cloud center visually, comprises such as resource pool, data center etc.Such cloud center can provide good fail safe, flexibility and extensibility for client device.

Be appreciated that client can expect that the cloud center can provide more and more higher efficiency of service, thereby promote service quality, obtain good service experience.Therefore the virtual machine VM (Virtual Machine) of concrete operation cloud center calculation task needs to move to dynamically, adaptively the optimum position according to the up-to-date state of client (for example where, when may use cloud computing service, needs are carried out which cloud computing etc.), and has high flexibility.This not only needs the hardware and software support, also needs to eliminate simultaneously the position dependence of virtual machine.That is to say, virtual machine should be between a plurality of different or distributed cloud centers free migration.Like this, operate on the virtual machine based on the application of cloud for client device, be exactly all to be available, addressable in any place, any time, and can satisfy the requirement of the concrete conditions such as user's position and connection status.

As seen, realize that virtual machine (vm) migration is one of main path that improves cloud center service efficient.Several distributed cloud central integration can be got up (such as conformity calculation resource, storage resources etc.) based on virtual machine (vm) migration, become a cloud center with better function.In addition, realize that virtual machine (vm) migration can also bring plurality of advantages, for example, can improve the distribution of operating load by migration, make things convenient for the cloud center management, improve the whole system performance, improve the fault-tolerant ability at cloud center etc.

Recently, privately owned cloud in other words virtual privately owned cloud (VPC, Virtual Private Cloud) becoming one of developing direction of cloud computing.Virtual privately owned cloud can use a part of Resource Supply of that share or publicly-owned cloud to the user.Utilize virtual privately owned cloud, cloud service can integrate by mode and the existing IP network infrastructure that VPN connects.All multiple enterprises such as Amazon, Google have all been developed so virtual privately owned cloud at present.

The purpose of using VPN is exactly to realize isolation between a plurality of virtual privately owned clouds.Virtual machine in the virtual privately owned cloud can be assigned with private IP address.When belonging to different VPN but the virtual machine that has an identical private address when crossing over simultaneously the wide area network migration can produce address conflict in network, cause PE to distinguish having two virtual machines of identical private address.Be used at present realizing that virtual machine in the virtual privately owned cloud crosses over the scheme that wide area network moves and be: for the IP address that guarantees mobile virtual machine is unique in whole Networks Environment, namely, avoid the IP address of the virtual machine in the different VPN to conflict each other or overlapping, for the virtual machine with migration demand distributes public ip address.Like this, when migration occurs in the virtual machine in the virtual privately owned cloud, provider edge router just is mapped to its private IP address the public ip address into its distribution, and then indicates by public ip address the destination is where the grouping of this mobile virtual machine should be forwarded to.

But along with increasing of the virtual machine with migration demand, such migration scheme will consume a large amount of public ip address, and its extensibility and efficient are all more weak.In view of the time that also needs to grow just can be finished conversion from IPv4 to IPv6, so the publicly-owned address in publicly-owned address, particularly IPv4 remains valuable Internet resources.

By as seen above-mentioned, be badly in need of effective virtual machine (vm) migration scheme, so that in the situation that do not expend or do not expend at least a large amount of public ip address, realize that virtual machine is based on the flexible migration in the virtual privately owned cloud of MPLS VPN.

Summary of the invention

In order to solve or to alleviate at least the problems referred to above of the prior art, the invention provides a kind of for realizing virtual machine at the method and apparatus based on the migration in the virtual privately owned cloud of MPLS VPN, and corresponding computer program and the computer-readable medium that stores computer-readable code.

According to a first aspect of the invention, provide a kind of method for realize that virtual machine moves in virtual privately owned cloud, described method comprises:

Safeguard the binding information between the Provider edge router that is used for identifying the virtual machine binary identifier of virtual machine and service being provided for this virtual machine;

In the situation that receives the grouped data of going to virtual machine, based on the binary identifier of the reception of data grouping being determined the purpose virtual machine, and according to the definite Provider edge router that is associated with this binary identifier of the binding information of safeguarding;

Wherein, described grouped data will be routed to determined Provider edge router; The binary identifier of virtual machine comprises the private IP address of this virtual machine and the specificator that can identify the Virtual Private Network at this virtual machine place.

Preferably, according to the determined Provider edge router that is associated with the binary identifier, determine the label switched path of described grouped data.

According to a second aspect of the invention, provide a kind of method for realizing the migration of virtual machine in virtual privately owned cloud, described method comprises:

Safeguard the binary identifier of sign virtual machine and binding information between the Provider edge router of service is provided for this virtual machine;

In situation about receiving about the renewal of the binding information safeguarded or new binding information, upgrade the binding information of safeguarding;

Under the message scenario that receives the inquiry binding information, if the binding information of inquiring about to some extent in the binding information of safeguarding then as response, sends corresponding binding information; If there is not the message of the binding information inquired about and described inquiry binding information to send from Provider edge router in the binding information of safeguarding, then inquire about this binding information to other route mapped devices, and the binding information that obtains is sent to described Provider edge router; Otherwise, inquire about this binding information to other route mapped devices, and send the binding information that obtains as response, perhaps do not do any response;

Wherein, the binary identifier of virtual machine comprises the private IP address of this virtual machine and the specificator that can identify the Virtual Private Network at this virtual machine place.

According to a third aspect of the invention we, provide a kind of equipment, this equipment comprises the device for any means that realizes said method and embodiments of the invention.

According to a forth aspect of the invention, provide a kind of equipment for realizing the migration of virtual machine in virtual privately owned cloud, described equipment comprises:

Transmit-Receive Unit is used for receiving and sending messages;

Database, the binding information between the Provider edge router that is used for safeguarding the virtual machine binary identifier of sign virtual machine and service being provided for this virtual machine;

The binding information administrative unit, receiving via Transmit-Receive Unit in the situation of the grouped data of going to virtual machine, based on the binary identifier of the reception of data grouping being determined the purpose virtual machine, and according to the definite Provider edge router that is associated with this binary identifier of the binding information of safeguarding;

According to a fifth aspect of the invention, provide a kind of equipment for realizing the migration of virtual machine in virtual privately owned cloud, described equipment comprises:

Transmit-Receive Unit is used for receiving and sending messages;

The binding information administrative unit is under the message scenario that receives the inquiry binding information via Transmit-Receive Unit, if the binding information of inquiring about to some extent in the binding information of safeguarding then as response, sends corresponding binding information via described Transmit-Receive Unit; If there is not the message of the binding information inquired about and described inquiry binding information to send from Provider edge router in the binding information of safeguarding, then inquire about this binding information via described Transmit-Receive Unit to other route mapped devices, and the binding information that obtains is sent to described Provider edge router; Otherwise, inquire about this binding information via described Transmit-Receive Unit to other route mapped devices, and send the binding information that obtains as response, perhaps do not do any response;

According to a sixth aspect of the invention, preceding method and can be realized by computer program according to any means that embodiments of the invention are realized.

According to a seventh aspect of the invention, provide a kind of equipment, it comprises interface, is used for receiving and transmission information; Memory stores on it be used to the computer-executable code that realizes any means of the present invention or equipment; Processor, described processor can cause that the computer-executable code of storing on the described memory carried out by described equipment.

According to an eighth aspect of the invention, provide a kind of computer-readable recording medium, stored on it be used to the computer executable instructions of realizing method of the present invention or equipment.

According to the solution of the present invention, use virtual machine just can realize that based on the private IP address in the virtual privately owned cloud of MPLS VPN virtual machine is based on the migration in the virtual privately owned cloud of MPLS VPN.So that when migration occurs virtual machine, that is, when virtual machine becomes the mobile virtual machine, need not to distribute separately public ip address for it again.Like this, as long as need, any one virtual machine in the network environment of employing the solution of the present invention can become mobile virtual machine at any time.Thereby the present invention has realized that virtual machine is based on the migration in the virtual privately owned cloud of MPLS VPN.For virtual privately owned cloud provider, use virtual machine (vm) migration technology of the present invention, can be more easily that virtual privately owned cloud service and MPLS VPN is integrated, and need not as its corresponding virtual privately owned cloud service or use to make up especially the MPLS network.

And, in a preferred embodiment of the invention, for the virtual privately owned cloud center based on the MPLS VPN of multi-protocols (such as IPv4, IPv6 etc.), can utilize the ICMP message that proposes to carry the message of the registration process among the present invention, utilize expansion bgp update message (Update message) to carry the message such as the renewal of the relevant binding information among the present invention, inquiry, notice.Like this, realize the change to the minimum of existing networking operational environment, communication protocol, communication equipment, minimized the impact on available frame.In addition, in another preferred embodiment, in above-mentioned message, introduced new optional non-transitive attribute as the expansion to existing protocol.Like this, further realized the compatibility (not supporting the network equipment of the present invention can directly abandon the information related to the present invention that receives) with the existing network framework.

Description of drawings

By the detailed description of carrying out below in conjunction with accompanying drawing, will further understanding be arranged to the present invention, thereby other characteristic and the advantage of above-mentioned and other advantages of the present invention, disclosed exemplary embodiment will become obvious to those skilled in the art.Yet, it should be noted that no matter be accompanying drawing or instantiation hereinafter, the exemplary description of all just making for thinking of the present invention is described should not be used as the restriction to any aspect of the present invention.Protection scope of the present invention is limited by content and the equivalents thereof of claims.In the accompanying drawings,

Fig. 1 schematically shows for a kind of exemplary network architecture of implementing the solution of the present invention;

Fig. 2 schematically shows according to one embodiment of present invention the processing procedure at the PE place.

Fig. 3 a schematically shows the block diagram that can be deployed in the equipment that is used for realization one embodiment of the present of invention on the pe router.

Fig. 3 b schematically shows the schematic block diagram be used to another embodiment that implements equipment of the present invention.

Fig. 4 shows for the another kind of exemplary preferred network architecture of implementing the solution of the present invention.

Fig. 5 schematically shows the processing procedure of carrying out at the ARR place according to one embodiment of present invention.

Fig. 6 a illustrates the block diagram that is used for according to one embodiment of present invention the equipment of realization the solution of the present invention at the ARR place.

Fig. 6 b illustrates the block diagram that is used for according to another embodiment of the invention the equipment of realization the solution of the present invention at the ARR place.

Thereby Fig. 7 schematically shows the handling process of VM through communicating with client device to PE registration.

Fig. 8 schematically shows VM according to one embodiment of present invention in the situation that the communication instance between migration client and the VM occurs intra-zone.

Fig. 9 schematically shows VM according to one embodiment of present invention in the situation that the communication instance between interregional generation migration client and the VM.

Embodiment

Fig. 1 illustrates for a kind of exemplary network architecture of implementing the solution of the present invention.To those skilled in the art, as shown in Figure 1, be used for implementing network environment of the present invention and prior art integrated the MPLS VPN networking operational environment of virtual privately owned cloud identical.That is to say, can implement the present invention by realizing that method of the present invention, function, equipment directly append in the existing network according to the solution of the present invention, need not existing network frame is made change.This has also embodied the good compatibility of the present invention.

As shown in Figure 1, MPLS VPN network comprises Provider edge router PE (Provider Edge), that is, and and tag edge router LER (Label Edge Router) and the P of provider (Provider) router.The station network A of VPC provider, B, C and VPC service predetermined network comprise Customer Edge router CE (CE, Customer Edge) and common user C (Customer) router.Wherein, pe router has with the direct layer 3 of CE and is connected, and here, CE is that VPC provider station network or VPC serve the edge router in the predetermined network.And the P router is only communicated by letter with other P routers and pe router, and can not set up direct network connection with CE.As well known to those skilled in the art, the C router all connects by ce router and pe router, and ce router is communicated by letter with extraneous all and all finished by PE.Particularly, when virtual machine VM or client need to be communicated by letter with the external world, it was connected on the PE (in this case, being also referred to as entry PE) via ce router by corresponding C router.Then, be responsible for packet encapsulate inner layer waiting for transmission and outer layer label by PE, and then transmit between the P router according to outer layer label, until transfer data to determined outlet PE router.So the outlet PE router carries out decapsulation to label, and packet is transmitted to client or the VM of destination as transmission.As seen by above-mentioned, in this framework, the treatment mechanism of data plane is same as the prior art.That is, grouping is come additional label as prefix according to its forwarding equivalence class, and is delivered to another PE along label switched path (LSR) from a PE.As described below, the solution of the present invention has been made improvement at control plane.

In order to support VM to cross over the migration of MPLS network in VPC, the present invention comes each VM of mark in the mode of binary, that is, and and specificator and private address.Here, specificator is used for the VPN at mark VM place, distinguishing different MPLS VPN, and then so that has the VM of identical private IP address and can distinguish mutually each other.Here, specificator can be any type of identifier that can be used for distinguishing different VPN, for example includes, but are not limited to identify the VPC at VM place and/or the identifier of VPN.The identifier that is used for identifying VPN for example is, can the whole network identifies uniquely the route-distinguisher RD (Route Distinguisher) of specific VPN.Be appreciated that as long as specificator can identify the different VPN in the network, so for PE, just can identify the VM with identical private IP address.And in some cases, VPC often includes only a VPN.In this case, alternately, can come different VPN in the diffServ network with the identifier that VPC is identified.That is, use the identifier of VPC as the specificator among the present invention, can avoid too the VM address conflict problem at PE place.Especially, implement in the network environment of the present invention as specificator at the identifier with VPC, if there is the VPC that includes a plurality of VPN, then can carry out mark to the VPN in this VPC respectively, and the identifier of the identifier of use VPC and the specific VPN among this VPC of mark is as specificator of the present invention.Like this, in the later case, have identical private address even if be arranged in the virtual machine of two different Virtual Private Networks of a VPC, also can be by another element in the specificator---the VPN identifier comes the virtual machine in the different VPN of same VPC is distinguished.Particularly, for example, if A comprises a plurality of Virtual Private Network a, b, c etc. in virtual privately owned cloud, then can come to identify jointly, uniquely with VPC and VPN the VPN at VM place, for example Aa, Ab, Ac etc., and with it as the specificator in the identifier of virtual machine VM.

Easily understand, except utilizing the existing attribute that can be distinguished different VPN, can directly re-start sign to the VPN in the network.Then, with again the sign identifier as the specificator in the identifier of virtual machine VM.The result is, the VM in the network has unique identifier, this in the situation that not additional allocation public ip address VM cross over the MPLS network arbitrarily migration provide may (As mentioned above).

In the present invention, the use of this binary identifier of virtual machine VM mainly is to realize at pe router.In a preferred embodiment of the invention, the specificator in the binary identifier of virtual machine VM, for example, RD is to utilize existing parameter in the network to distinguish the VPN at VM place.And in the situation that use data packet transfer mode of the prior art, PE just can determine and utilize such specificator to come VM is distinguished.In addition, the binary identifier that is used for VM that the present invention proposes is no matter to the P router of MPLS VPN network, or concerning VPC provider website or subscribe the network (for example CE in the network, C router), all is transparent.In above preferred embodiment, reduced substantially enforcement complexity of the present invention, and minimized the impact on network and the VPC service subscription network of VPC provider website.

In other embodiments, if according to existing data packet transfer mode, PE can not obtain such specificator, then may need the cooperation of the equipment (for example ce router) in VPC provider website or the VPC service subscription network.Particularly, for example, extraly required specificator is added in the packet of mailing to PE by CE, or directly send to PE by the message of existing or newtype.

About the operation relevant with the binary identifier of VM at the PE place, Fig. 2 schematically shows according to one embodiment of present invention the processing procedure at the PE place.As shown in Figure 2, PE safeguards the such binding information of service PE of VM and this VM.That is to say, binding information has embodied the mapping relations of certain virtual machine VM and a specific PE.For a binding information, can be considered as virtual machine VM that the binary identifier in the binding information represents and successfully be registered to (this will be described in more detail below) after the PE, become the service PE of this virtual machine with the PE of this binary identifier binding, that is, this virtual machine has been tied to this PE in logic.

Following table 1 illustrates the tabulation about the VM binding information that pe router is safeguarded.Here, the binary identifier list of virtual machine VM is shown VMID (Virtual Machine Identifier), and with RD as specificator.The embodiments of the invention majority that provides herein describes take RD as specificator, but it will be appreciated by those skilled in the art that RD is a kind of for example schematic.As mentioned above, any existing, be in the exploitation and following that occur or in implementing the solution of the present invention process separately the virtual machine VM that can determine of definition belong to the identifier of which virtual private network, can be as the specificator in the VM binary identifier of the present invention.In addition, as shown in table 1, come service PE is identified with the IP address of service PE.Be appreciated that it also is feasible that the information that adopts other identifies different PE, the present invention no longer endures at this and states.

The tabulation of table 1VM binding information

Wherein, PE safeguards the binding information (VM will be described hereinafter to the details of PE registration) of VM, has recorded respectively the binary identifier of VM, comprises specificator and private IP address, and corresponding with this VM provides the PE of service for it.Here, for the specific PE that safeguards binding information, the PE self that provides the service PE of service may safeguard exactly this binding information for a certain VM of the binding information indicating of safeguarding also may be other PE in the network.That is to say, PE not only safeguards the binding information of the VM that accepts its service, and preferably also safeguarding has the binding information of having set up the related VM of logic binding with other PE.

When PE receives grouping, determine whether this grouping goes to the packet of virtual machine VM.If the destination of the packet that receives is virtual machine, then PE can determine the binary identifier of purpose virtual machine.For example, if in the binary identifier of VM, specificator is RD, then PE can according to the packet that receives be from which input interface input of PE, directly determine the RD of this VM.So PE is with the RD of the VPN at determined and purpose virtual machine place and purpose IP address (private IP address) that should the grouping binary identifier as the purpose virtual machine VM of this packet.So PE searches the binding information of safeguarding, and determine that according to the binding information safeguarded this packet is with the outlet PE that is routed to (that is, with purpose VM binding and for it provides the PE of service), EO.

So as be known in the art such, grouping will be routed to determined outlet PE, and finally be routed to purpose virtual machine VM.Well known to those skilled in the art is that in MPLS VPN, the label switched path of packet depends on the forwarding equivalence class of grouping (forwarding equivalence class).In the present invention, the IP address of going to the service PE that the forwarding equivalence class of the packet of purpose VM is tied to according to purpose VM at the entry PE place is determined.That is to say, the private IP address of the forwarding equivalence class of packet and purpose VM is directly not related, but be tied to purpose VM its to serve PE relevant.

Be appreciated that in the situation of negligible amounts of or mobile virtual machine less in network size, it is feasible disposing the binding information that each PE safeguards all mobile virtual machines.But, if network size is larger, perhaps exist in the situation of a considerable amount of mobile virtual machines, guarantee that the whole PE in the network safeguard that at any time all move the binding information of VM, will expend a large amount of Internet resources (will for this reason produce a large amount of traffics).In this case, can dispose the binding information that PE safeguards a part of mobile VM.In the binding information of oneself safeguarding if PE receives the packet of going to a certain VM not about the binding information of this purpose VM, then PE can be to other PE, for example the PE of communication connection is crossed in nearest and its foundation, or all PE transmission message, so that the inquiry binding information relevant with purpose VM.So PE can according to the binding information about this purpose VM that receives, according to method shown in Figure 2, carry out route to grouped data.

In one exemplary embodiment, only may there be the situation of inquiring about each other specific VM binding information between the binding information of service portion VM and then the PE for PE, in the VM binding information tabulation that PE safeguards, have increased query note, namely, inquiry PE ID row are shown in following table 2.And, as shown in Table 2, may more than one for the query note of same binding information, also may be up to the present also not about the query note of this binding information.The advantage that increases query note is, when the binding information of safeguarding when the PE place changed, PE can be sent other PE of query messages to it with the change notification of binding information.In addition, be appreciated that if be fit to, PE notify in the time of also can changing at the binding information of its maintenance to selected a part of PE (for example to its inquired about information, apart from this PE certain limit, etc.) or notice to all PE.Extraly or additionally, corresponding with such scheme is that PE can also safeguard such information: it sent Query Information to which PE.Thereby, when next time need to be to other PE inquiry maintenance information, can be preferably in these PE some or all send query messages.

The binding information tabulation that table 2PE safeguards

In addition, since the virtual machine among the present invention can be crossed over the migration of MPLS VPN network freedom in VPC, so possible situation is that in the transmission course of packet, migration has occured the purpose VM of this packet.That is to say, along with the migration of purpose VM, its service PE will change.In this case, preferably, because entry PE has been determined the label switched path of packet according to the binding information before the purpose VM migration of its maintenance, packet will be routed to purpose VM migration service PE before.Service PE before purpose VM migration and with new service PE binding after, the notice of the service PE that will receive to make a fresh start, and obtain moving about this new binding information (will be described in more detail below) of VM.Like this, even the movement of VM causes the PE for its service to change and then causes binding information that change has also occured, but because service pe router is before known the new service PE that VM is tied to, so packet can be responsible for being transmitted to new service PE by the label switched path of interim foundation by pe router before, and then arrives VM.Until the entry PE router has obtained the new binding information of purpose VM.After entry PE has obtained new binding information, PE will determine label switched path based on new binding information.So packet will be routed directly to the new service PE of purpose VM.By such scheme, guaranteed the continuity of communication and service.

Be appreciated that, if virtual machine VM is not gone in the packet that PE receives, namely, packet be go to client device (in other words, this packet is to mail to client device from VM or other common clients), then PE processes grouping as prior art.And if packet sends self virtualizing machine, and migration occured in this virtual machine in the process that sends packet, and then virtual machine carries out the transmission of packet by its new service PE that is tied to after migration.

Replacedly, except maintenance mentioned above, inquiry binding information, in a preferred embodiment, PE also be responsible for accepting mobile virtual machine VM registration (thereby with the binary identifier of virtual machine and pe router binding), existing binding information is upgraded, distributes in the binding information etc. one or more.The below will describe in detail.It should be noted that, in the preferred embodiment of describing hereinafter, in order to minimize the change to existing communication agreement, network settings, the present invention is directed to the MPLS VPN network environment of using bgp protocol, describe in detail how by the existing message in the existing protocol---the present invention is implemented in the expansion of bgp update message.In the exemplary embodiment hereinafter, by introducing new multiprotocol bgp (Multiple Protocol-BGP) attribute, finish the operations such as above-mentioned inquiry, registration, renewal, distribution.But, those skilled in the art can understand, value in the attribute of any definition of hereinafter mentioning, the concrete structure of message (set field), the field, employed specific message etc. any cited specificity information, all be the purpose for the explanation the solution of the present invention, rather than limitation of the present invention.To those skilled in the art, can or be in agreement in the exploitation or that occur in the future according to follow existing of concrete network environment, application demand, the at present network operation, select suitable type of message, structure and concrete value.

When with the PE operation on when virtual machine VM occurring in the VPC provider station network that can communicate with one another or the VPC service subscription network, in order to realize and the communicating by letter of the external world, VM will initiate to the registration process of the pe router of communicating by letter with the ce router in the network at its place.By such registration process, virtual machine is tied to specific pe router, thus with in logic related of its foundation.Like this, the packet of mailing to this VM just can be determined the label switched path of grouping by entry PE according to this binding relationship, and then is transmitted to the service PE of this VM.Next, service PE is sent to purpose VM (through CE, C router, transmitting) according to this binding relationship with the packet that receives as prior art.So, just can be addressed to this VM according to the binding information of VM, no matter whether this VM has moved to other VPC.

Particularly, the registration message that VM sends can be called migration ena-bung function MEF (Migration Enablement Function) and find message (discovery message).Here, CE is as the intermediate node between VM and the PE, and CE can directly be transmitted to the PE that has annexation with it with this message.So the PE that receives this message can determine it is the MEF discovery message of VM according to type of message, that is to say, the mobile virtual machine occurred in the zone at the ce router place that PE is responsible for.So PE obtains the private IP address of this VM according to the message that receives, and determine specificator according to the input interface of message, for example RD.Like this, PE can set up this VM and the binding relationship of oneself, and this binding information is added in its binding information tabulation of safeguarding.And based on the reception of this MEF being found message, pe router responds with MEF notice message (advertisement message).In this notice message, PE can notify the identifier (ID) of PE oneself to VM.If virtual machine VM successfully is registered to a PE, that is, this PE becomes the service PE of this virtual machine, then can be for being tied in logic this PE with this virtual machine.

If send VM that MEF finds that message is registered and be from the station network migration of the diverse location of same VPC, then preferably, also include in this discovery message old PE before the migration (if this PE also promising its ARR of route reflection is provided, then can also comprise ARR).The benefit of doing like this is, with this move VM set up the related new service PE of binding new binding information can be sent to old PE (and the ARR of old PE, if any).Like this, just can guarantee to occur in the process of migration at VM, VM still can correctly receive the packet of mailing to this VM (by old service PE with the forwarding of packets that receives to new PE, if any), and do not have the situation of packet loss.That is to say, can guarantee like this continuity of transfer of data.Yet, be appreciated that this is not necessarily.On the contrary, nothing but a preferred embodiment of the present invention.Easily understand, if MEF finds not include in the message information about old PE, then can be by retransmitting or PE send to the accuracy that the mode such as all PE guarantees transmitted in packets to a certain extent when having determined new binding information.

In a preferred embodiment, find that message is from existing ICMP (Internet Control Message Protocol, internet control message protocol) route request information (Router Solicitation message) expands (in this message, the ICMP type field is set as 10).Particularly, being set to original value C1, type code by the ICMP code field is made as 0 and represents that this message is that MEF finds message.In addition, as known to those skilled in the art, type-length-value (type-length-value) form can be realized faster code analysis and have good protocol extension.Accordingly, in a preferred embodiment, the message that relates among the present invention is used the TLV coded system acquiescently.Particularly, for example, find message can comprise the code field of the type field of 1 byte, 1 byte, 2 bytes verification and, length is respectively type code field and the length field of 1 byte.In addition, such example message preferably comprises old PE field, old ARR field (if being deployed with the ARR Router Reflector in the network), and related id field.Wherein, if VM initiates registration process for the first time, then (old ARR field can be made as 0 to old PE field if any).Related id field is a sequence number, be used for identifying VM sends in this registration process discovery message and PE to the announcement of this response this to message.

Correspondingly, the MEF notice message of PE feedback expands from ICMP advertising of route message (Router Advertisement message).Corresponding with above-mentioned discovery message is, the ICMP type field is 9, and by untapped value C2,1 conduct of the type code value sign to this notice message.To notify VM to provide the PE of service and the ARR (if any) that the route mapping is provided for this service PE for it in this message.In addition, if find to include above-mentioned related id field in the message, then notice message also correspondingly comprises the related ID with identical value, is the response for the discovery message with identical related ID value to show this message.

In addition, in a preferred embodiment, after having determined binding information, pe router can also be notified to part pe router selected in the network by the binding information that this is new, for example, having at present PE that communication connection concerns, the PE in its certain limit with it, or once sent the PE (this show these PE once had with this pe router communicate by letter) of query messages to this PE, perhaps also can be every other PE.Yet, be appreciated that such information issue is not enforceable for PE.As an alternative, PE can not send (perhaps in some cases, when for example network traffic is excessive) new binding information yet.In this case, PE can when the query messages that receives from the VM that identifies about this binding information of other PE, just feed back.

Preferably, if the VM binding information that PE will just register it is distributed to other PE, then for better with the compatibility of existing network and communication protocol, can use the MP-BGP expansion.For this reason, can increase all different new attribute---＜AFI of the attribute set in a pair of and existing agreement, SAFI 〉, in order to realize back compatible.Here, AFI and SAFI are respectively Address-Family Identifier symbol (Address Family Identifier) and subsequent address family identifiers (Subsequent Address Family Identifier), introduce this attribute and represent address family about virtual machine (vm) migration.

In the exemplary embodiment, PE uses bgp update message (Update message) to transmit this new binding information to other PE.In this message, MP_REACH_NLRI in the existing protocol and MP_UNREACH_NLRI attribute all are set to optional non-transitive attribute, and utilize in the invention described above for MP_REACH_NLRI and MP_UNREACH_NLRI attribute in the existing information of carrying distinguish mutually and introduce＜AFI, SAFI〉right, for example＜and A1, S1〉to identifying, namely, AFI=A1, SAFI=S1.The impact that like this, can make the present invention possess compatibility and existing routing mechanism be brought minimum.This is because because its attribute is optional non-transitive, so do not support the equipment of the virtual machine (vm) migration function among the present invention just the information of carrying in this attribute to be ignored, and no longer it is transmitted to other peer device.Be understandable that, here, A1, S1 are exemplary, one of ordinary skill in the art will readily recognize that to set any other suitable value, character etc. in specific implementation process.

Wherein, name by above-mentioned attribute can understand, MP_REACH_NLRI is used for upgrading the Network layer reachability information NLRI relevant with the virtual machine binding information (Network Layer Reachability Information), and MP_UNREACH_NLRI abandons the NLRI that is associated with the virtual machine binding information.Here, these two attributes in the bgp update message that can be with PE send during to other PE notice binding informations make amendment and particularly called after MP_REACH_VMB and MP_UNREACH_VMB (in order to distinguish with existing MP_REACH_NLRI and MP_UNREACH_NLRI, and with other situations of the present invention in the message that sends distinguish mutually, thereby be convenient to describe and understand the present invention), be used for carrying binding information of the present invention.In one exemplary embodiment, the MP_REACH_VMB and the MP_UNREACH_VMB that have comprised the VM binding information can comprise following field (making modification with respect to existing MP_REACH_NLRI and MP_UNREACH_NLRI): the fields such as the SAFI of the AFI of 2 bytes (value is A1), 1 byte (value is S1), VM binding information field, next-hop network address size, reserved field.

In addition, in bgp update message, the NLRI coding will comprise the purpose router id of this updating message, the binary identifier (VMID) of VM, service PE, the service ARR of this VMID, and last service PE, last service ARR ID (if be deployed with ARR in the network, VM also set up the words of binding relationship before this with other PE).

As mentioned before, preferably, move among the VPC a new position and set up new binding information with new PE if VM is a position from VPC, then new PE sends to old PE with this new binding information by updating message.Like this, old service PE just knows where having moved to of VM.

In addition, as previously mentioned, in the binding information tabulation that PE safeguards, may not comprise the binding information of whole mobile VM.When PE need to when sending query messages, in one exemplary embodiment, PE still carries Query Information with bgp update message to other PE (the perhaps ARR in other networking operational environments hereinafter).Here, will be in this case (in the query messages) MP_REACH_NLRI attribute make amendment and called after MP_VMB_QUERY particularly, be used for the carrying information relevant with inquiry of the present invention.For the updating message that initiatively sends with PE is before this distinguished, in query messages, attribute＜AFI, SAFI〉value be＜A1 S2.In addition, the information such as binary identifier that include VM among the quantity (one can inquire about many binding informations in the query messages) of the ID of the pe router that sends this query messages, the VMID that will inquire about, the VMID that will inquire about in this message.

In a preferred embodiment of the invention, MPLS VPN network is divided into some zones as prior art, and the interior pe router in zone that has a route mapper RR to be responsible for its place in each zone provides route reflection.In this case, above-mentioned query messages then is to send to the service ARR that the route mapping is provided for this PE from inquiry PE, sent to again the service ARR of purpose PE by ARR, then just send to purpose PE by the service ARR of purpose PE, rather than directly mail to another PE from PE.And such query messages can comprise the ID of the ARR of the pe router that sends query messages.In addition, since network is divided into some zones, the PE that sends so query messages may be in the same zone, namely with the PE that will receive this query messages, the service ARR of two PE is identical, perhaps is in different zone (its service ARR is naturally also just different).In the present invention, the previous case is called upwards binding inquiry in the zone, latter event is called interregional binding inquiry.For these two kinds of different types, can in query messages, set the type code of different value and be distinguished.Subsequently, based on the reception to query messages, if the binding information that the ARR discovery is inquired about in the binding information tabulation of its maintenance is to some extent then no longer transmitted this query messages, and corresponding binding information is sent to the PE that has sent query messages.Otherwise, other ARR in the network of this ARR (for example, current foundation have the ARR of correspondence, before this set up ARR that correspondence is arranged, apart from the one or more ARR in the certain limit, whole ARR etc.) send the message of this binding information of inquiry.

Next, if certain PE or ARR (if being deployed with ARR in the network) have received the query messages from other PE or ARR, then judge whether to have the binding information of inquiring about.If no, then directly ignore this query messages.If have, then respond with VM binding information notice.Preferably, ARR should respond in the predetermined time section.And, preferably, if ARR except binding information, safeguards also that query note is arranged, then correspondingly the query note of safeguarding is upgraded.Particularly, in a preferred embodiment, this notification message is realized with bgp update message.In this updating message, similarly, the MP_REACH_NLRI attribute is made amendment and concrete called after MP_VMB_NTFC, be used for carrying binding information of the present invention.For the updating message, the query messages that initiatively send with PE are before this distinguished mutually, in the binding information notification message, attribute＜AFI, SAFI〉value be＜A1 S3.In addition, the VMID, the service PE ID with this virtual machine binding, the service ARR ID that comprise to some extent inquiry in this message.In addition, if comprised in certain query messages the inquiry more than one binding information, perhaps this inquiry is interregional inquiry, then can also comprise the PE ID that sends query messages in the binding information notification message and serve accordingly ARR ID.

Similar with the situation of sending query messages, correspond respectively to upwards binding inquiry and interregional binding inquiry in the zone, the binding information notification message is respectively binding notice downwards and interregional binding notice in the zone.Wherein, in the situation that binding notice downwards in the zone, inquire about PE in the message, the ARR identifier field can be omitted.In addition, if migration has occured VM, and in the situation about the message of binding information of PE that old service PE receives to make a fresh start, old PE can report to the binding information that receives its service ARR.Then, the service ARR of the PE that service ARR can newly be tied to this update notification of binding information to VM (certainly, notified to its corresponding service ARR by new service PE and also to be fine), such notification message is called as binding information database notification message.In order to distinguish this three kinds of dissimilar message, the type code field can additionally be set in notification message, and distinguish three kinds of different types by different values.

Above describe the relevant operation related to the present invention that will realize according to PE of the present invention in detail in conjunction with Fig. 2 and relevant table.Below in conjunction with the structural relative set of making in order to realize the solution of the present invention in Fig. 3 a, the 3b explanation pe router.

Fig. 3 a schematically shows the block diagram that can be deployed in the equipment that is used for realization one embodiment of the present of invention on the pe router.Shown in Fig. 3 a, equipment can comprise the device be used to the binding information of safeguarding VM, and the device that is used for determining for specific VM binary identifier the service PE that it is corresponding.By the structure of Fig. 3 a as can be known, the method that illustrates among the structure of this equipment and Fig. 2 is corresponding.Such equipment can be realized by computer program code.And, above can be realized by the corresponding device that is deployed on the PE in conjunction with the various operations relevant with PE in the method for Fig. 2 description.No longer endure at this and to state.It should be noted that the device that it will be understood by those skilled in the art that to carry out an operation in the said method can be one, also can be a plurality of, and vice versa.

Fig. 3 b schematically shows the schematic block diagram be used to another embodiment that implements equipment of the present invention.This equipment includes be used to the device of safeguarding binding information and binding information management devices.Wherein, the binding information management devices be used for according to the binary identifier of VM or service PE both one of come the device of maintenance information is inquired about, and according to the binding information that inquires to data grouping transmit.In addition, the binding information management devices can also be carried out the registration of the VM that will be described in more detail below, and the renewal of binding information, inquiry etc. are except safeguarding the related to the present invention operation of binding information to need on the external PE to carry out.Be appreciated that the equipment shown in Fig. 3 b can by software, hardware or it be in conjunction with realizing.For example, when this equipment was realized by software, the device of safeguarding binding information can be the tabulation of binding information, and the binding information management devices can be the executable code command of computer.When equipment was realized by hardware, the device of safeguarding binding information can be database.

The networking operational environment of describing in conjunction with the present invention so far is more suitable for, pe router not many situation not too large in network size.What easily expect is, is being deployed with a large amount of pe routers even is having in the applied environment of many mobile virtual machines, and the efficient of the execution mode of above introducing may descend.To this, the present invention proposes substituting execution mode, its network environment is as shown in Figure 4.

Fig. 4 shows for the another kind of exemplary preferred network architecture of implementing the solution of the present invention.In the preferred embodiment, to consider for autgmentability, MPLS VPN network is divided into some zones as prior art.In each zone, there is a Router Reflector RR (Area Route Reflector), its all PE that are responsible in this zone provide route reflection.As is well known, there is dissimilar Router Reflector RR, such as regional Router Reflector ARR (Area Route Reflector) etc.Among Fig. 4, introduce network environment with ARR as an example of Router Reflector.In this network environment, in order to keep preferably autgmentability, unless clear and definite opposite explanation is arranged, otherwise generally pe router only with its region in the ARR that serves for this PE carry out such as renewal, inquiry etc. communicate by letter relevant with binding information, directly do not carry out the communication of relevant binding information with other PE.Correspondingly, ARR carries out the communication relevant with binding information each other, ARR can not cross other ARR and directly with these other ARR zones in PE carry out communicate by letter relevant with binding information.In other words, in order to strengthen autgmentability, between PE, directly do not distribute VM binding information data.Transmit between the ARR of information in PE and this PE zone such as the inquiry of VM binding information, renewal, perhaps between ARR, transmit.

For example, thus when the registration of having accepted a VM as PE produced new binding information, in this example, PE notified this binding information to its service ARR, rather than directly this binding information is notified to other PE.Then, determine by this service ARR which ARR binding information is notified to, for example apart from the certain limit, current or once set up communication connection or all ARR.Next, the ARR that receives this binding information notifies such binding information to the PE in its zone again.Here be used for notifying the message of new binding information can be identical with the VM binding information updating message that preamble is mentioned.

An exception for mentioned above principle is, when VM migration occured and is registered to new service PE, this new service PE can directly notify new binding information to old service PE (notifying service ARR to the old PE of service by old service PE again).Certainly, as above, notified first to its service ARR by new service PE, notified to old service ARR by service ARR again, and then final notice also is feasible to old service PE.

Fig. 5 schematically shows the processing procedure of carrying out at the ARR place according to one embodiment of present invention.As shown in Figure 5, ARR safeguards the binding information of the service PE that VM and this VM are arranged, preferably, also comprises corresponding service ARR.An exemplary embodiment of the binding information tabulation that ARR safeguards is shown in Table 3.

As shown in table 3, when in network, being deployed with ARR and being responsible for the route reflection of relevant PE by ARR, can in VM binding information mentioned above, add an element: serve ARR.That is to say, in binding information, or binding corresponding with VM binary identifier except providing the PE ID of service for this virtual machine VM, also being included as this service PE provides route reflection and then also provides the service ARR ID that serves for virtual machine VM.At this moment, binding information can be considered as contain three clauses and subclauses:＜binding information, service PE, service ARR 〉.The binding information tabulation that institute's column information and PE safeguard in the table 3 is close, no longer elaborates here.

The binding information tabulation that table 3ARR safeguards

In addition, can safeguard that to the PE of previous example query note is similar, also can the additional queries record in the binding information tabulation that ARR safeguards.Similarly, such query note can be expanded the clauses and subclauses for containing two:＜service PE, service ARR 〉.And, it should be noted that the PE that sends query messages to ARR is also is possible for virtual machine that this VM binding information identifies provides the situation of the PE of service.For example, this service PE is because equipment fault, network problem etc. are former thereby lost partial data.

Next, get back to Fig. 5, as shown in the figure, if ARR receives the message about the renewal of binding information, then its tabulation of safeguarding is upgraded accordingly, and this lastest imformation is transmitted to PE and/or other ARR in its region.If ARR receives the query messages about binding information, then respond with the binding information of being inquired about.Particularly, if ARR safeguards the to some extent binding information of inquiry, then directly respond with corresponding binding information.Otherwise if that send query messages is PE, then ARR at first inquires about this binding information from other ARR, and then the binding information that obtains is sent to this PE.If that send query messages is ARR, the ARR that then receives query messages can process from the query messages of PE as processing, and also can not have to ignore this query messages in the situation of corresponding binding information in the information of oneself safeguarding.

Although it should be noted that Fig. 5 illustrates sequentially and the exemplary operation at ARR place be described above with reference to Fig. 5, do not show that the operation as shown in Figure 5 that ARR carries out has specific order.Easily understand, obviously need to be with the prerequisite that is updated to binding information to the inquiry of binding information, vice versa.That is to say, two operations shown in Fig. 5 can be carried out on ARR independently, the association on having no time each other, and both both can be carried out in succession, also can carry out simultaneously etc.

Fig. 6 a, 6b illustrate the block diagram that is used for the equipment of realization the solution of the present invention at the ARR place.Wherein, the device structure shown in Fig. 6 a is corresponding with operating process shown in Figure 5.Shown in Fig. 6 a, equipment can comprise the device be used to the binding information of safeguarding VM, the binding information updating device of VM, and the device that is used for the retrieval binding information.By the structure of Fig. 6 a as can be known, the method that illustrates among the structure of this equipment and Fig. 5 is corresponding.Such equipment can be realized by computer program code.And various operations relevant with ARR in the above-described method can be realized by the corresponding device that is deployed on the ARR.No longer endure at this and to state.It should be noted that the device that it will be understood by those skilled in the art that to carry out an operation in the said method can be one, also can be a plurality of, and vice versa.

Fig. 6 b schematically shows the schematic block diagram be used to another embodiment that implements equipment of the present invention.Identical with the structure shown in Fig. 3 b, equipment can include be used to the device of safeguarding binding information and binding information management devices.Wherein, the binding information management devices is used for according to the information that receives the binding information of safeguarding being upgraded, and perhaps the query messages that receives is processed.Be appreciated that the equipment shown in Fig. 6 b can by software, hardware or it be in conjunction with realizing.For example, when this equipment was realized by software, the device of safeguarding binding information can be the tabulation of binding information, and the binding information management devices can be the executable code command of computer.When equipment was realized by hardware, the device of safeguarding binding information can be database.

Above introduced the network environment that is used for implementing some embodiments of the present invention, and the configuration structure of setting up at network equipment PE, ARR in order to implement the present invention and corresponding the processing.It will be understood by those skilled in the art that thereby the configuration that can also dispose other in the said equipment realizes additional other function.

Above from the angle of Provider edge router PE, regional route mapper ARR some embodiment of the present invention have been described.Below, will from virtual machine VM registration, communication and the angle that migration has occured, introduce the solution of the present invention communication.

Thereby Fig. 7 schematically shows the handling process of VM through communicating with client device to PE registration.As shown in Figure 7, in step 701, finish registration process.Particularly, VM sends discovery message via the CE10 router to the PE11 router, and PE11 responds with the MEF notice message.So VM successfully is registered to PE, its service PE is PE 11, and service ARR is ARR 1.And PE11 according to which interface of this message from PE enters in this process, determines the RD of VM.

In step 702, PE11 sends virtual machine binding information updating message to its service ARR 1, in order to this new binding information is notified to ARR 1.Based on the reception to this message, ARR 1 safeguards that to it volume binding information tabulation upgrades.

In step 703, it is the packet of this VM that client device has been initiated the destination.This packet is forwarded to PE 33 via CE30.PE 33 searches the binding information tabulation of its maintenance, but does not find corresponding binding information.This may be because client had just sent packet at ARR 1 before the renewal of other ARR transmission binding informations, or because ARR 1 does not have the renewal of this binding information (is for example sent to ARR 3, ARR 1 and ARR 3 are current not to establish a communications link, perhaps do not set up communication connection between this first two ARR, perhaps both are distant).

In step 704, PE 33 sends binding information query messages (upwards inquiry in the zone) to its service ARR 3.Here, there is not corresponding binding information in the binding information table that ARR 3 finds oneself to safeguard, so send binding information query messages (interregional inquiry) to other ARR yet.

In step 705, when ARR 1 receives binding information query messages from ARR 3, search the database of oneself, and the binding information of the coupling that will retrieve sends to ARR 3.Then, ARR 3 sends to PE 33 with the binding information that receives downwards with VM binding information notification message.

In step 706, PE 33 receives after this binding information, and the service PE and the service ARR that just know purpose VM are respectively PE 11 and ARR 1.So PE 33 upgrades the binding information tabulation of its maintenance, and determine label switched path according to the IP address of PE 11 for this packet.

At last, in step 707, between PE 33 and PE 11, set up communication connection, thereby realized communicating by letter between client and the purpose VM.

Fig. 8 schematically shows VM according to one embodiment of present invention in the situation that the communication instance between migration client and the VM occurs intra-zone.Here, the migration of intra-zone represents, VM has moved to the station network of the diverse location in the same VPC that communicates by letter with another PE.But has identical service ARR with the old service PE of this VM binding and new service PE before and after the migration.For example, when VM slave site network A moved to station network B, the service PE (PE11) that it is old and new service PE (PE12) were in the zone of same service ARR (ARR 1).

As shown in Figure 8, in step 801, VM has been registered to service PE 11 and ARR 1, and and client between communicate by MPLS LSP.

In step 802, migration has occured in VM, and sends MEF discovery message to PE 12 via CE 20, and has carried the ID (for example being the IP address) of old PE, old ARR in this message.When receiving this message, PE 12 knows that this is migration in the zone, because the service ARR of old PE is identical with the service ARR of oneself.Here, PE 12 is to VM feedback MEF notice message.Thereby VM successfully is registered to new service PE 12.So the grouping of mailing to client device from this VM is transmitted through the label switched path of setting up between PE 12 and the PE 33.

In step 803, PE 12 sends this binding information updating message to old PE 11 and the service ARR of oneself 1 respectively.In this message, as indicated above, will comprise this VM the binary identifier and with the new service PE of its binding, service ARR.

In step 804, based on the reception to this binding information updating message, PE 11 knows that VM has moved to PE 12, and upgrades the binding information tabulation (that is, the service PE with this VM changes PE 12 into from PE 11) of its maintenance.And PE 11 will keep such modification information always, until receive the VM binding information updating message of the MP_UNREACH_VMB of including attribute mentioned above (seeing step 806).It should be noted that this not necessarily, for example, PE can also keep such modification information predetermined time section.Alternatively, even old service PE (PE 11) does not keep such modification, also can reissue missing data by the mode that retransmits.

So in the period, the packet of going to VM still is sent to PE11 at this section.Then, PE 11 these forwarding of packets that will receive by interim LSP are to the new service PE (PE 12) of VM.Finally, by PE12 packet is transmitted to VM.

In step 805, when the binding confidence updating message that receives from PE 12, ARR 1 knows VM still in its coverage, and the binding information tabulation of its maintenance is upgraded accordingly.Then, ARR 1 sends to selected some or all ARR (interregional binding information upgrades) with this binding information updating message, for example send to the transmission of in the query note of its maintenance, recording the ARR of query messages, current, once set up the ARR of communication connection, apart from the ARR in the certain limit etc.

After receiving the binding information updating message, ARR 3 with its be transmitted to downwards current in PE 33 in its zone or its zone, once inquired about or safeguarded the PE of relevant information.

In step 806, for binding information in the service PE that shows set up new PE and the ARR that the PE33 that communication connection is arranged has known purpose VM.So PE 33 upgrades the information of its maintenance, and determine the new label switched path of the packet of this VM according to the IP address of new service PE 12.After finishing these operations, PE 33 sends the binding information updating message to old PE 11, and in this message, attribute MP_UNREACH_VMB points out that PE11 is the old service PE of purpose VM.After receiving this message, PE11 is with the modification information deletion of the VM of its maintenance.

In step 807, final, the LSP between PE 33 and the PE 12 is established.

By preferred embodiment shown in Figure 8 as seen, the present invention has realized the continuation transfer of data between client and the purpose VM.

Fig. 9 schematically shows VM according to one embodiment of present invention in the situation that the communication instance between interregional generation migration client and the VM.Here, interregional migration represents, VM has moved to the station network of the diverse location in the same VPC that communicates by letter with another PE.Wherein, the service ARR of the old service PE that binds from this VM before and after the migration and new service PE is different.For example, when VM slave site network A moved to station network C, its old service PE (PE11) and new service PE (PE22) were in the zone of different service ARR (ARR 1 and ARR 2).

As shown in Figure 9, in step 901, VM has been registered to service PE 11 and ARR 1, and and client between communicate by MPLS LSP.

In step 802, migration has occured in VM, and sends MEF discovery message to PE 22 via CE 21, and has carried the ID (for example being the IP address) of old PE, old ARR in this message.When receiving this message, PE 22 knows that this is an interregional migration, because the service ARR of old PE is different from the service ARR of oneself.Here, PE 22 is to VM feedback MEF notice message.Thereby VM successfully is registered to new service PE 22.So the grouping of mailing to client device from this VM is transmitted through the label switched path of setting up between PE 22 and the PE 33.

In step 903, PE 22 sends this binding information updating message to old PE 11 and the service ARR of oneself 2 respectively.In this message, as indicated above, will comprise this VM the binary identifier and with the new service PE of its binding, service ARR.

In step 904, based on the reception to this binding information updating message, PE 11 knows that VM has moved to PE 22, and upgrades the binding information tabulation (that is, the service PE with this VM changes PE 22 into from PE 11) of its maintenance.And PE 11 will keep such modification information always, until receive the VM binding information updating message of the MP_UNREACH_VMB of including attribute mentioned above (seeing step 907).It should be noted that this not necessarily, for example, PE can also keep such modification information predetermined time section.Alternatively, even old service PE (PE 11) does not keep such modification, also can reissue missing data by the mode that retransmits.

So in the period, the packet of going to VM still is sent to PE11 at this section.Then, PE 11 these forwarding of packets that will receive by interim LSP are to the new service PE (PE 22) of VM.Finally, by PE22 packet is transmitted to VM.

In step 905, when the binding confidence updating message that receives from PE 22, ARR 2 knows that VM moves in its coverage, and the binding information tabulation of its maintenance is upgraded accordingly.Then, ARR 2 sends to selected some or all ARR (interregional binding information upgrades) with this binding information updating message, for example send to the transmission of in the query note of its maintenance, recording the ARR of query messages, current, once set up the ARR of communication connection, apart from the ARR in the certain limit etc.In this example, ARR2 sends to ARR 1 at least with the binding information updating message.

After receiving the binding information updating message, ARR1 knows that this VM has shifted out its coverage, and the information of its maintenance is upgraded.That is, change the service PE of this VM into PE22 from PE11, and change the service ARR of this VM into ARR2 from ARR1.Then, ARR1 sends binding information notice (binding information database notification) message to ARR2, in this message, ARR1 is with the full detail relevant with VM, and historical informations (if any) such as binding information amendment record, query note sends to ARR2.Certainly, here, this information that ARR1 sends to ARR2 is preferred, but not necessarily.

In step 906, when receiving this interregional binding information notification message, ARR 3 sends to the interior part or all of PE in its zone downwards with VM binding information notice.

In step 907, when receiving the binding information notification message, PE 33 knows that the service PE of this VM and service ARR are respectively PE 22 and ARR 2.So PE 33 upgrades the tabulation of its maintenance, and determine new label switched path according to the IP address of PE 22.Then, PE 33 sends the binding information updating message to old PE 11, and in this message, attribute MP_UNREACH_VMB points out that PE11 is the old service PE of purpose VM.After receiving this message, PE11 is with the modification information deletion of the VM of its maintenance.

In step 907, final, the LSP between PE 33 and the PE 22 is established.

By preferred embodiment shown in Figure 9 as seen, this embodiment of the present invention has realized the continuation transfer of data between client and the purpose VM equally.

By above as can be known, the present invention mainly pe router in network realizes, or realizes at pe router and route mapper RR.Accordingly, in a preferred embodiment, to the router in the network of the P router in the MPLS VPN network and VPC provider (it need to be transmitted in the information of transmitting between VM and the PE that this CE is connected and get final product) less than changing.

And in a preferred embodiment, VM occurs can directly be transmitted by new service PE after succeeding in registration from the packet that VM sends in the transition process.And the packet of mailing to this VM can under the assistance of old service PE, send to VM continuously.And like this, ongoing transfer of data does not just need to wait for that all relevant PE and RR (if any) finish the binding information relevant with the migration of VM fully and upgrade operation.

Above describe various embodiments of the present invention in detail in conjunction with several accompanying drawings.But, it should be noted that the value of above cited concrete field contents, field, the length of field, specifically having used the detailed information such as which type of message all is that schematically foregoing not should be understood to limitation of the present invention.And, it is also to be noted that, although the embodiment that the present invention provides all is take the IPv4 address as example,, be appreciated that the solution of the present invention is equally applicable to the situation of IPv6 address.

The description of front is illustrative rather than restrictive in essence.To those skilled in the art, to disclosed example any for the variants and modifications that adapts to the factors such as concrete environment, requirement and carry out all be feasible.For example, the step of said method, the apparatus structure of equipment are merged, make up, further split etc.And, one of ordinary skill in the art will readily recognize that do not have specific ordinal relation between the method step of the present invention.In any case protection scope of the present invention is determined by content and the equivalent thereof of claims.

Claims

1. method that be used for to realize the migration of virtual machine in virtual privately owned cloud, described method comprises:

2. the method for claim 1, wherein, if the binding information that is not associated with determined binary identifier in the information of safeguarding, then send the binding information query messages to other Provider edge routers, corresponding route mapper or via one in corresponding route mapper other route mappers in the network, to inquire about this binding information, and according to the binding information that is included in the binding information notification message that receives, determine the Provider edge router that is associated.

3. method as claimed in claim 1 or 2, wherein, if receive the registration message of self virtualizing machine, then based on the binary identifier of the reception of registration message being determined this virtual machine, and with own service provider edge router as this virtual machine and the binding of determined binary identifier, determined new binding information is updated in the binding information of safeguarding, and succeeds in registration to show to virtual machine transmission registration notifications message.

4. method as claimed in claim 3, described method further comprises: determined new binding information sent at least one in other Provider edge routers, corresponding service routing mapper, the old service provider edge router in the binding information updating message.

5. such as the described method of aforementioned arbitrary claim, described method further comprises: if receive binding information updating message from other Provider edge routers or corresponding route mapper, then the binding information that receives is updated in the binding information of safeguarding.

6. such as the described method of aforementioned arbitrary claim, described method further comprises: if receive binding information query messages from other Provider edge routers or corresponding route mapper, if the binding information of inquiring about to some extent in the information of then safeguarding then is included in the binding information that inquires in the binding information notification message and send to postbacking.

7. such as the described method of aforementioned arbitrary claim, wherein, described specificator is virtual privately owned cloud and/or the identifier of Virtual Private Network, the preferably route-distinguisher at sign VM place; And/or described registration message and registration notifications message is ICMP message, and described binding information query messages, binding information notice message, binding information updating message are the MP bgp update message of expansion.

8. such as the described method of aforementioned arbitrary claim, if receive the binding information updating message from other Provider edge routers or route mapper, and this message indication is tied to before this this virtual machine (vm) migration that top edge router is provided and has arrived new other Provider edge router, the migration information that then keeps this virtual machine, and in the situation that receives the packet of going to this virtual machine, the packet that receives is transmitted to new other Provider edge router, until through predetermined time section or receive notification data grouping and can not arrive again this top edge router is provided.

9. equipment of be used for realizing the migration of virtual machine in virtual privately owned cloud, described equipment comprises:

Transmit-Receive Unit is used for receiving and sending messages;

10. method that be used for to realize the migration of virtual machine in virtual privately owned cloud, described method comprises:

11. method as claimed in claim 10, wherein, described specificator is virtual privately owned cloud and/or the identifier of Virtual Private Network, the preferably route-distinguisher at sign VM place.

12. an equipment that is used for realizing the migration of virtual machine in virtual privately owned cloud, described equipment comprises:

Transmit-Receive Unit is used for receiving and sending messages;

13. an equipment that is used for realizing the migration of virtual machine in virtual privately owned cloud comprises for carrying out such as claim 1 to 8, the described step of 10 arbitrary claims.