CN106330709B

CN106330709B - Flow entry generates and method of reseptance, controller and interchanger

Info

Publication number: CN106330709B
Application number: CN201510374907.9A
Authority: CN
Inventors: 李广鹏; 胡士辉; 于德雷
Original assignee: Huawei Technologies Co Ltd
Current assignee: Huawei Technologies Co Ltd
Priority date: 2015-06-30
Filing date: 2015-06-30
Publication date: 2019-10-18
Anticipated expiration: 2035-06-30
Also published as: CN106330709A

Abstract

The present invention provides a kind of flow entry generation methods, are operated based on Openflow system to tenant's message with realizing.The method of the present invention includes: that the controller of Openflow system generates the first flow entry and the second flow entry, and the interchanger of the first flow entry and the second flow entry for Openflow system operates tenant's message；First flow entry indicates that tenant's information of tenant's message is associated with tunnel information, and tenant's information is used for for identifying tenant belonging to tenant's message, the tunnel of tunnel information instruction by tenant's message transmissions to interchanger；Second flow entry is for operating tenant's message according to tenant's information and tunnel information；First flow entry of generation and the second flow entry are handed down to interchanger by controller.

Description

Flow entry generates and method of reseptance, controller and interchanger

Technical field

The present invention relates to the communications field more particularly to a kind of flow entry generates and method of reseptance, a kind of controller, Yi Zhongjiao It changes planes and a kind of flow entry generates system.

Background technique

With the development of internet, the Internet service of today proposes higher and higher transmission quality to internet and wants It asks, proposes OpenFlow system to meet the needs of new business.OpenFlow system mainly includes OpenFlow interchanger (OpenFlow Switch) and controller, OpenFlow system will be forwarded by the message of switch/router control completely originally Process is converted by OpenFlow interchanger and controller and completes jointly, to realize point of message forwarding and route test From.Controller can control the flow entry in interchanger by the interface operation provided in advance, to reach control message The purpose of forwarding.

In the multi-tenant message forwarding scene based on OpenFlow virtual network, the entrance of virtual network in current mechanism After interchanger receives the message of different tenants, label is arranged in the message of respectively different tenants, which is used to indicate transmission The tunnel of message where label.The egress switch of virtual network removes tenant's message after receiving tenant's message with label Label, therefore egress switch can not know tenant belonging to the tunnel for being used for transmission tenant's message and tenant's message, into And tenant's message can not be operated, such as forwarding operation.Due to being used for transmission the tunnel of different tenant's messages in virtual network Road can be multiplexed same physical link, if the inbound port for transmitting the different tunnels of different tenant's messages is mapped to same physics chain The inbound port of the inbound port on road, i.e., different tunnels is identical, in current mechanism, due to determining by the matching field in flow entry Need to match the tunnel inbound port of tenant's message when the operational motion of message, therefore current mechanism can not be directed to the report of different tenants Text carries out corresponding operation, such as forwarding operation.

In tenant's message multicast scene based on OpenFlow virtual network, in current mechanism access switch be based on from The group table (Group Table) that controller issues carries out multicast to the tenant's message received by multicast spanning tree.But In scene based on Multicast Tunnel, that is, need to carry out multicast to tenant's message by different exit port and tunnel.Due to existing OpenFlow agreement in do not have for Multicast Tunnel virtual network tenant's message multicast mechanism corresponding definition, cause to be based on The virtual network of OpenFlow can not realize the multicast to tenant's message for Multicast Tunnel.

Summary of the invention

The embodiment of the invention provides a kind of flow entry generate and method of reseptance, a kind of controller, a kind of interchanger and A kind of flow entry generation system, to realize the forwarding of tenant's message and the multicast based on Openflow system.

In a first aspect, the embodiment of the present invention provides a kind of flow entry generation method, comprising:

The controller of Openflow system generates the first flow entry and the second flow entry, the first flow entry and the second flow entry Interchanger for Openflow system operates tenant's message；

First flow entry indicates that tenant's information of tenant's message is associated with tunnel information, and tenant's information is for identifying tenant The tunnel of tenant belonging to message, tunnel information instruction are used for tenant's message transmissions to interchanger；Second flow entry is used for root Tenant's message is operated according to tenant's information and tunnel information；

First flow entry of generation and the second flow entry are handed down to interchanger by controller.

With reference to first aspect, in the first possible implementation,

First flow entry includes the first matching field and the first operation field, and the first matching field carries the tunnel of tenant's message Road information, the first operation field carry tenant's information and tunnel information.

With reference to first aspect or the first possible implementation of first aspect, second in first aspect are possible In implementation,

Second flow entry includes the second matching field and the second operation field, and the second matching field carries tenant's information and tunnel Road information, the second operation field carry out port information, and the exit port of exit port information instruction is for transferring tenant's message It goes.

Second aspect, the embodiment of the present invention provide a kind of flow entry method of reseptance, comprising:

The interchanger of Openflow system receives that the controller of Openflow system is generated according to Openflow agreement One flow entry and the second flow entry；

Interchanger saves the first flow entry and the second flow entry.

In conjunction with second aspect, in the first possible implementation,

In conjunction with the first possible implementation of second aspect, in second of possible implementation of second aspect In,

In conjunction with second of possible implementation of second aspect, in the third possible implementation of second aspect In, after interchanger saves the first flow entry and the second flow entry, further includes:

Interchanger receives the first message from tenant；

The tunnel information that interchanger is carried according to the first matching field and the first message, determines the first operation field, according to First operation field removes the tunnel information that the first message carries to form the second message, and the corresponding tenant of the second message is believed Breath is written in metadatabase with tunnel information；

Interchanger according to the corresponding tenant's information of the second message and tunnel information in the second matching field and metadatabase, It determines the second operation field, and the second message is carried out according to the corresponding exit port information of the second message in the second operation field Forwarding.

The third aspect, the embodiment of the present invention provide a kind of controller, comprising:

Flow entry generation module, for generating the first flow entry and the second flow entry, the first flow entry and the second flow entry Interchanger for Openflow system operates tenant's message；

Flow entry issues module, and the first flow entry and the second flow entry for generating flow entry generation module are handed down to Interchanger.

In conjunction with the third aspect, in the first possible implementation,

In conjunction with the possible implementation of the first of the third aspect or the third aspect, second in the third aspect is possible In implementation,

Fourth aspect, the embodiment of the present invention provide a kind of interchanger, comprising:

Flow entry receiving module, the controller for receiving Openflow system generated according to Openflow agreement first Flow entry and the second flow entry；

First flow entry indicates that tenant's information of tenant's message is associated with tunnel information, and tenant's information is for identifying tenant The tunnel of tenant belonging to message, tunnel information instruction are used for the exchange where tenant's message transmissions to flow entry receiving module Machine；Second flow entry is for operating tenant's message according to tenant's information and tunnel information；

Flow entry memory module, for saving received first flow entry of flow entry receiving module and the second flow entry.

In conjunction with fourth aspect, in the first possible implementation,

In conjunction with the first possible implementation of fourth aspect, in second of possible implementation of fourth aspect In,

In conjunction with second of possible implementation of fourth aspect, in the third possible implementation of fourth aspect In, further includes:

Message receiving module, for receiving the first message from tenant；

Message processing module (MPM), the first matching field and message receiving module for being saved according to flow entry memory module connect The tunnel information that the first message received carries determines the first operation field that flow entry memory module saves, according to the first operation Field removes the tunnel information that the first message carries to form the second message, and by the corresponding tenant's information of the second message and tunnel Information is written in metadatabase；

Message processing module (MPM) is also used in the second matching field and metadatabase according to the preservation of flow entry memory module The corresponding tenant's information of second message and tunnel information, determine flow entry memory module save the second operation field, and according to The corresponding exit port information of the second message in second operation field is forwarded the second message.

5th aspect, the embodiment of the present invention provide a kind of controller, comprising:

Processor is used for for generating the first flow entry and the second flow entry, the first flow entry and the second flow entry The interchanger of Openflow system operates tenant's message；

Transceiver, the first flow entry and the second flow entry for generating processor are handed down to interchanger.

In conjunction with the 5th aspect, in the first possible implementation,

In conjunction with the first possible implementation of the 5th aspect or the 5th aspect, second at the 5th aspect is possible In implementation,

6th aspect, the embodiment of the present invention provide a kind of interchanger, comprising:

Transceiver, the first flow entry generated according to Openflow agreement for receiving the controller of Openflow system and Second flow entry；

First flow entry indicates that tenant's information of tenant's message is associated with tunnel information, and tenant's information is for identifying tenant The tunnel of tenant belonging to message, tunnel information instruction are used for the interchanger where tenant's message transmissions to transceiver；Second Flow entry is for operating tenant's message according to tenant's information and tunnel information；

Memory, for saving the first flow entry and the second flow entry of transceiver.

In conjunction with the 6th aspect, in the first possible implementation,

In conjunction with the first possible implementation of the 6th aspect, in second of possible implementation of the 6th aspect In,

In conjunction with second of possible implementation of the 6th aspect, in the third possible implementation of the 6th aspect In,

Transceiver is also used to receive the first message from tenant；

Interchanger further include:

Processor, the tunnel that the first message of the first matching field and transceiver for being saved according to memory carries Road information determines the first operation field that memory saves, the tunnel information for carrying the first message according to the first operation field Removing forms the second message, and will be in the corresponding tenant's information of the second message and tunnel information write-in metadatabase；According to storage The corresponding tenant's information of the second message and tunnel information in the second matching field and metadatabase that device saves, determine memory The second operation field saved, and transceiver pair is controlled according to the corresponding exit port information of the second message in the second operation field Second message is forwarded.

7th aspect, the embodiment of the present invention provide a kind of flow entry generation system, including controller and interchanger；

Controller includes controller described in the third aspect；

Interchanger includes interchanger described in fourth aspect.

In the embodiment of the present invention, the controller of Openflow system generates the first flow entry and the second flow entry, first-class The interchanger of list item and the second flow entry for Openflow system operates tenant's message；First flow entry indicates tenant Tenant's information of message is associated with tunnel information, and for identifying tenant belonging to tenant's message, tunnel information refers to tenant's information The tunnel shown is used for tenant's message transmissions to interchanger；Second flow entry is used for according to tenant's information and tunnel information to tenant Message is operated, which includes the modification and forwarding to tenant's message；Controller is by the first flow entry of generation and second Flow entry is handed down to interchanger.Interchanger saves the first flow entry and the second flow entry that controller issues, due to interchanger root According to the tenant's information and tunnel information of tenant's message known to the first flow entry, and then interchanger can be according to the second flow entry and rent The tenant's information and tunnel information of family message realize the operation to tenant's message, such as forwarding operation.Therefore real through the invention The technical solution for applying example offer can be realized operation in the virtual network based on Openflow system to tenant's message, such as turn Hair operation.

Eighth aspect, the embodiment of the present invention provide a kind of flow entry generation method, comprising:

The controller of Openflow system generates flow entry, and flow entry is used for the interchanger multicast tenant of Openflow system Message；

Flow entry indicates that the exit port information of tenant's message is associated with tunnel information, and the tunnel of tunnel information instruction is used for The exit port of tenant's message of transmission switching mechanism multicast, the instruction of exit port information is used for multicast tenant message；

The flow entry of generation is handed down to interchanger by controller.

In conjunction with eighth aspect, in the first possible implementation,

Flow entry includes matching field and operation field, and matching field carries the ingress port information of tenant's message, operational word Section includes label information, and label information is for carrying out port information and tunnel information.

9th aspect, the embodiment of the present invention provide a kind of flow entry method of reseptance, comprising:

The interchanger of Openflow system receives the stream that the controller of Openflow system is generated according to Openflow agreement List item；

Interchanger saves flow entry.

In conjunction with the 9th aspect, in the first possible implementation,

In conjunction with the first possible implementation of the 9th aspect, in second of possible implementation of the 9th aspect In, after interchanger saves flow entry, further includes:

Interchanger receives the first message from tenant；

The ingress port information that interchanger is carried according to matching field and the first message, determines operation field, by operation field The second message is formed in the heading of tunnel information the first message of write-in of carrying, it is corresponding according to the second message in operation field Exit port information and tunnel information, to the second message carry out multicast.

Tenth aspect, the embodiment of the present invention provide a kind of controller, comprising:

Flow entry generation module, for generating flow entry, flow entry is used for the interchanger multicast tenant of Openflow system Message；

Flow entry issues module, and the flow entry for generating flow entry generation module is handed down to interchanger.

In conjunction with the tenth aspect, in the first possible implementation,

Tenth on the one hand, and the embodiment of the present invention provides a kind of interchanger, comprising:

Flow entry receiving module, the flow table that the controller for receiving Openflow system is generated according to Openflow agreement ?；

Flow entry indicates that the exit port information of tenant's message is associated with tunnel information, and the tunnel of tunnel information instruction is used for Tenant's message of the interchanger multicast where flow entry receiving module is transmitted, the exit port of exit port information instruction is rented for multicast Family message；

Flow entry memory module, for saving the received flow entry of flow entry receiving module.

On the one hand in conjunction with the tenth, in the first possible implementation,

In conjunction with the first possible implementation of the tenth one side, in second of possible realization side of the tenth one side In formula, further includes:

Message receiving module, for receiving the first message from tenant；

Message processing module (MPM), the matching field and message receiving module for being saved according to flow entry memory module are received The ingress port information that first message carries determines the operation field that flow entry memory module saves, the tunnel that operation field is carried The second message is formed in the heading of road information the first message of write-in, according to the corresponding exit port of the second message in operation field Information and tunnel information carry out multicast to the second message.

12nd aspect, the embodiment of the present invention provide a kind of controller, including

Processor, for generating flow entry, flow entry is used for interchanger multicast tenant's message of Openflow system；

Transceiver, the flow entry for generating processor are handed down to interchanger.

In conjunction with the 12nd aspect, in the first possible implementation,

13rd aspect, the embodiment of the present invention provide a kind of interchanger, comprising:

Transceiver, the flow entry that the controller for receiving Openflow system is generated according to Openflow agreement；

Flow entry indicates that the exit port information of tenant's message is associated with tunnel information, and the tunnel of tunnel information instruction is used for The exit port of tenant's message of interchanger multicast where transmitting transceiver machine, the instruction of exit port information is used for multicast tenant message；

Memory, for saving the flow entry of transceiver.

In conjunction with the 13rd aspect, in the first possible implementation,

In conjunction with the first possible implementation of the 13rd aspect, in second of possible realization side of the 13rd aspect In formula,

Transceiver is also used to receive the first message from tenant；

Device further include:

Processor, the inbound port that the first message of matching field and transceiver for being saved according to memory carries Information, determines the operation field that memory saves, and the tunnel information that operation field is carried is written in the heading of the first message The second message is formed, according to the corresponding exit port information of the second message and tunnel information in operation field, controls transceiver pair Second message carries out multicast.

Fourteenth aspect, the embodiment of the present invention provide a kind of flow entry generation system, including controller and interchanger；

Controller includes controller described in the tenth aspect；

Interchanger includes interchanger described in the tenth one side.

In the embodiment of the present invention, the controller of Openflow system generates flow entry, and flow entry is used for Openflow system Interchanger multicast tenant's message；Flow entry indicates that the exit port information of tenant's message is associated with tunnel information, tunnel information The tunnel of instruction is used for transmission tenant's message of interchanger multicast, and the exit port of exit port information instruction is reported for multicast tenant Text；The flow entry of generation is handed down to interchanger by controller.Interchanger saves the flow entry that controller issues, due to interchanger root According to the exit port information and tunnel information known to flow entry for multicast tenant message, and then interchanger can be according to tenant's message Exit port information and tunnel information realize to the multicast of tenant's message.Therefore the technical solution provided through the embodiment of the present invention It can be realized the multicast in the Openflow virtual network for Multicast Tunnel scene to tenant's message.

Detailed description of the invention

Fig. 1 is Openflow system architecture schematic diagram provided in an embodiment of the present invention；

Fig. 2 is a kind of flow entry generation method flow diagram provided in an embodiment of the present invention；

Fig. 3 is a kind of flow entry method of reseptance flow diagram provided in an embodiment of the present invention；

Fig. 4 is a kind of virtual network schematic diagram based on Openflow system provided in an embodiment of the present invention；

Fig. 5 is that the embodiment of the invention provides a kind of controller architecture schematic diagrames；

Fig. 6 is that the embodiment of the invention provides a kind of switch architecture schematic diagrames；

Fig. 7 is that the embodiment of the invention provides a kind of control device structural schematic diagrams；

Fig. 8 is that the embodiment of the invention provides a kind of exchange apparatus structural schematic diagrams；

Fig. 9 is that the embodiment of the invention provides a kind of flow entrys to generate system structure diagram；

Figure 10 is a kind of flow entry generation method flow diagram provided in an embodiment of the present invention；

Figure 11 is a kind of flow entry method of reseptance flow diagram provided in an embodiment of the present invention；

Figure 12 is a kind of Openflow virtual network schematic diagram for Multicast Tunnel scene provided in an embodiment of the present invention；

Figure 13 is that the embodiment of the invention provides a kind of controller architecture schematic diagrames；

Figure 14 is that the embodiment of the invention provides a kind of switch architecture schematic diagrames；

Figure 15 is that the embodiment of the invention provides a kind of control device structural schematic diagrams；

Figure 16 is that the embodiment of the invention provides a kind of exchange apparatus structural schematic diagrams；

Figure 17 is that the embodiment of the invention provides a kind of flow entrys to generate system structure diagram.

Specific embodiment

Following will be combined with the drawings in the embodiments of the present invention, and technical solution in the embodiment of the present invention carries out clear, complete Site preparation description, it is clear that described embodiments are only a part of the embodiments of the present invention, instead of all the embodiments.It is based on Embodiment in the present invention, it is obtained by those of ordinary skill in the art without making creative efforts every other Embodiment shall fall within the protection scope of the present invention.

The present embodiments relate to Openflow system, Openflow system architecture as shown in Figure 1, OpenFlow system by OpenFlow interchanger (OpenFlow Switch), network virtualization layer (FlowVisor) and controller three parts composition. OpenFlow interchanger is used for the forwarding of data Layer；Network virtualization layer is for virtualizing system；Controller is to system Centralized control is carried out, realizes the function of control layer.OpenFlow system is by traditional complete report controlled by switch/router Literary repeating process is converted by OpenFlow interchanger and controller and completes jointly, to realize message forwarding and routing control The separation of system.Controller can control the flow entry in interchanger by the interface operation provided in advance, to reach control The purpose of message forwarding processed.

OpenFlow interchanger is the core component of OpenFlow system, is mainly used for managing the forwarding of data Layer. OpenFlow interchanger is forwarded message according to the flow entry of flow table (FlowTable), the generation of flow entry, maintenance and under Hair is realized by controller.It includes input port, multiple access access channel (Multiple in flow table that OpenFlow1.0 specification, which defines, Access Channel, MAC) source address, MAC destination address, ethernet type, VLAN ID (Virtual LAN Identify, VLAN ID), Internet Protocol (Internet Protocol, IP) source address, IP destination address, the port IP, pass Transport control protocol discusses 10 passes including (Transmission Control Protocol, TCP) source port and TCP destination port Key word (ten tuples).

Issuing for flow table can use aggressive mode or Passive Mode.

Aggressive mode: flow entry is actively handed down to OpenFlow interchanger by controller, and OpenFlow interchanger is according to stream List item is forwarded tenant's message.

Passive Mode: after OpenFlow interchanger receives tenant's message, tenant's message is determined according to local flow table first Tenant's message is sent to controller, is determined by control layer by forwarding behavior if the not flow entry with tenant's message matching Corresponding flow entry is handed down to OpenFlow interchanger by the forwarding behavior of tenant's message, controller, so as to OpenFlow exchange The forwarding behavior of machine execution tenant's message.Passive Mode is advantageous in that the flow entry of system Maintenance free whole, only works as reality OpenFlow interchanger just obtains flow entry to controller and then records and stores when the flow on border generates, can be old by deleting The flow entry of change saves storage space.

Flow entry can be divided into public flow entry and tenant's flow entry, and OpenFlow interchanger passes through determining and tenant's message Tenant's message is jumped to corresponding tenant's flow entry by the public flow entry matched, then by determining and tenant's message matching Tenant's flow entry determines the forwarding behavior of tenant's message, and is forwarded according to determining forwarding behavior to tenant's message.

Technical solution of the present invention is realized in virtual network by the flow entry that the OpenFlow agreement of extension generates Forwarding and multicast of the OpenFlow interchanger to tenant's message, virtual network refers to be made of Virtual NE equipment and virtual link Network, physical network is divided into mutually isolated number using technologies such as network equipment virtualization, link tunnels by virtual network According to forwarding network, it can generally be deployed in a variety of different physical network devices, on link.Provided in an embodiment of the present invention two Technical solution is planted, the controller of OpenFlow system is used for according to the generation of the OpenFlow agreement of extension in the first technical solution The flow entry that OpenFlow interchanger operates tenant's message, the operation include modification tenant's message and forwarding tenant's report Text；The controller of OpenFlow system generates according to the OpenFlow agreement of extension and is used for OpenFlow in second of technical solution The flow entry of interchanger multicast tenant's message.

Embodiment one

As shown in Fig. 2, the embodiment of the invention provides a kind of flow entry generation sides in the controller side of Openflow system Method, comprising:

The controller of S201, Openflow system generates the first flow entry and the second flow entry, the first flow entry and second Interchanger of the flow entry for Openflow system operates tenant's message；

First flow entry of generation and the second flow entry are handed down to interchanger by S202, controller.

It optionally, include to tenant according to the operation that tenant's information and tunnel information carry out tenant's message in the present embodiment The modification of message and forwarding to tenant's message.

In the present embodiment, the first flow entry that the controller of Openflow system generates includes the first matching field and first Operation field.First matching field carries the tunnel information of tenant's message, and the first operation field carries tenant's information and tunnel is believed Breath.The tunnel information and the first matching field carried by matching tenant's message can determine corresponding first behaviour of tenant's message Make field.

Optionally, the first matching field carries tunnel inbound port mark, tenant's type of message mark and label information, the mark It signs information and carries Tunnel Identifier.Optionally, the first operation field instruction performs the following operations tenant's message: removing tenant's message Tunnel information；Metadatabase is written into tenant's information of tenant's message, tunnel information associated with tenant's information (Metadatabase) in；The second flow entry is jumped to from the first flow entry.

In the present embodiment, the second flow entry that the controller of Openflow system generates includes the second matching field and second Operation field, the second matching field carries tenant's information and tunnel information, the second operation field carry out port information.Exit port The exit port of information instruction is for forwarding tenant's message.It is got by the second matching field of matching with from metadatabase Tenant's information and tunnel information, can determine corresponding second operation field of tenant's message.Optionally, the second matching field is taken With tunnel inbound port mark, the mark and Tunnel Identifier of tenant's message tenant.

For the flow entry shown in the table one, the controller of Openflow system generates flow entry shown in table one, the stream It include the first flow entry and the second flow entry in list item, the first flow entry matching field of the row is the first of the first flow entry Matching field, the first flow entry operation field of the row are the first operation field of the first flow entry；Second flow entry is similarly. The flow entry that flow table mark (Flow Table ID) is 0 in table one is public flow entry, includes the first flow table in public flow entry ?；The flow entry that flow table mark (Flow Table ID) is 1 in table one is tenant's flow entry, includes second in tenant's flow table List item.

This can be determined according to the first matching field that the information of tenant's message and the first flow entry carry in conjunction with table one Corresponding first operation field of tenant's message.Such as the information of tenant's message includes that inbound port (Inport) identifies 2, type of message (eth) identify 0x8847 and label (label) mark 100, by the first matching field with the first flow entry in table one into Row matching determines that corresponding first operation field of tenant's message is { pop label, write_vn (xxx), write_ Tunnel (100), goto table1 }.Wherein pop label indicates that the label for carrying tenant's message is removed, which carries Tunnel Identifier；Write_vn (xxx) and write_tunnel (100) is indicated the tenant identification vn (xxx) and tunnel of tenant's message Road identifies in tunnel (100) write-in metadatabase；Goto table1 indicates to jump to the second flow entry of tenant's flow entry. After the operation for executing the instruction of the first operation field, by obtaining the corresponding tenant identification vn of tenant's message from metadatabase (xxx) with Tunnel Identifier tunnel (100), the tenant in the second matching field and metadatabase carried according to the second flow entry The corresponding tenant identification vn (xxx) of message and Tunnel Identifier tunnel (100) can determine corresponding second behaviour of tenant's message Making field is { outport=1 }.Outport=1 indicates the exit port indicated by exit port mark 1 by the tenant after removing Message is forwarded to downstream router, and the operation of the second operation field instruction is executed to tenant's message.Optionally, if tenant's message pair The second operation field answered is { outport=-1 }, then it represents that will be after removing by the exit port of -1 instruction of exit port mark Tenant's message is forwarded to controller.

Table one

It is extended on the basis of existing Openflow agreement in the present embodiment, the controller of Openflow system The first flow entry and the second flow entry are generated according to the Openflow agreement after extension.

For example, instruction (Instruction) Extended-type of the present embodiment to existing Openflow agreement Write-VN Id vnid field and Write-Tunnel Id tunnelid field respectively indicate and mark the tenant of tenant's message Know and Tunnel Identifier is written in metadatabase.Controller according to the Write-VN Id vnid field of Openflow protocol extension and Write-Tunnel Id tunnelid field generates the first flow entry.Controller is before generating the first flow entry, Ke Yicong The upper layer device of controller knows tenant's information of tenant, also, controller is tenant's information distribution transmission tenant's message Tunnel, and then learn the associated tenant's information and tunnel information of the tenant, then according to the associated tenant of the tenant Information and tunnel information generate the first flow entry.

For example, flow table matching field (Flow Match of the present embodiment to existing Openflow agreement Fields OFPXMT_OFB_VN_ID and OFPXMT_OFB_TUNNEL_ID) are extended, indicates that matching field carries tenant identification And Tunnel Identifier, controller is according to the OFPXMT_OFB_VN_ID field and OFPXMT_OFB_ of the extension of Openflow agreement TUNNEL_ID field generates the second flow entry.Controller, can be from the upper layer device of controller before generating the second flow entry Know tenant's information of tenant, also, controller is the tunnel of tenant's information distribution transmission tenant's message, and then learns the rent Then associated tenant's information and tunnel information at family are generated according to the associated tenant's information and tunnel information of the tenant Second flow entry.

The first flow entry of generation and the second flow entry are handed down to by the controller of Openflow system in the present embodiment The interchanger of Openflow system, as shown in figure 3, the corresponding exchanger side in Openflow system, the embodiment of the present invention mention For a kind of flow entry method of reseptance, comprising:

The controller that the interchanger of S301, Openflow system receives Openflow system is generated according to Openflow agreement The first flow entry and the second flow entry；

S302, interchanger save the first flow entry and the second flow entry.

In the present embodiment, the first flow entry includes the first matching field and the first operation field, and the first matching field carries The tunnel information of tenant's message, the first operation field carry tenant's information and tunnel information.

Optionally, the first matching field carries tunnel inbound port mark, tenant's type of message mark and label information, the mark It signs information and carries Tunnel Identifier.Optionally, the first operation field instruction performs the following operations tenant's message: removing tenant's message Label, the label carry Tunnel Identifier, by the tenant's information and tunnel information of tenant's message be written in metadatabase and from First flow entry jumps to the second flow entry.

Second flow entry includes the second matching field and the second operation field, and the second matching field carries tenant's information and tunnel Road information, the second operation field carry out port information, and the exit port of exit port information instruction is for transferring tenant's message It goes.Optionally, the second matching field carries tunnel inbound port mark, the mark and Tunnel Identifier of tenant's message tenant.

In the present embodiment, after interchanger saves the first flow entry and the second flow entry, according to the first flow entry and second The method that list item is forwarded tenant's message is as follows:

Interchanger receives the first message from tenant；

The tunnel information that interchanger is carried according to the first matching field and the first message, determines the first operation field, first Operation field is used for for removing the tunnel information that the first message carries to form the second message by the corresponding rent of the second message In family information and tunnel information write-in metadatabase；

Interchanger in the present embodiment refers to the egress switch in the virtual network based on Openflow system, for example, Fig. 4 show the virtual network schematic diagram based on Openflow system, and interchanger 2 and interchanger 3 are respectively ingress switch in Fig. 4 Two egress switch in the corresponding different transmission path of machine 1.Optionally, the transmission direction relative to tenant's message, outlet Interchanger and access switch can be interchanged.For example, according to Fig. 4, it is assumed that tenant's message flows to interchanger 1 by interchanger 3 With interchanger 2, then interchanger 1 and interchanger 2 are respectively two oral sexes out in the corresponding different transmission path of access switch 3 It changes planes.It, can be by the tunnel of tenant's message after access switch 1 receives tenant's message in existing tenant's message forwarding mechanism In heading of the road mark as label information write-in tenant's message, then tenant's message is forwarded.With egress switch For machine 2, the label of tenant's message can be removed after tenant's message since egress switch 2 is received, egress switch 2 by In can not learn the tenant's information and tunnel information of message, therefore it cannot achieve the operation to message.

By taking the egress switch 2 of Openflow system shown in Fig. 4 as an example, the method provided through this embodiment can be real Now to the operation of tenant's message.Optionally, behaviour tenant's message carried out according to tenant's information and tunnel information in the present embodiment Work includes the modification to tenant's message and the forwarding to tenant's message.For the flow entry shown in the table two, egress switch 2 is protected Deposit flow entry shown in table two, in the flow entry include the first flow entry and the second flow entry, the first flow entry of the row It is the first matching field of the first flow entry with field, the first flow entry operation field of the row is the first of the first flow entry Operation field；Second flow entry is similarly.The flow entry that flow table mark (Flow Table ID) is 0 in table two is public flow entry, It include the first flow entry in public flow entry；The flow entry that flow table mark (Flow Table ID) is 1 in table two is tenant's flow table , it include the second flow entry in tenant's flow entry.

Table two

For example, egress switch 2 is as follows to the operating process of tenant's message by flow entry shown in table two:

After egress switch 2 receives the first message from tenant, the information and the first flow table that are carried according to the first message The first matching field that item carries, determines corresponding first operation field of the first message.Such as first message carry packet Tunnel inbound port (Inport) mark 2, type of message (eth) mark 0x8847 and label (label) mark 100 are included, is passed through It is matched with the first matching field of the first flow entry in table two, determines that corresponding first operation field of the first message is { pop Label, write_vn (xxx), write_tunnel (100), goto table1 }, egress switch 2 executes the first message The operation of first operation field instruction.Wherein, pop label indicates that the label for carrying the first message is removed, and forms the second report Text, the label carry Tunnel Identifier；Write_vn (xxx) and write_tunnel (100) indicates to mark the tenant of the second message Know in vn (xxx) and Tunnel Identifier tunnel (100) write-in metadatabase；Goto table1 expression jumps to tenant's flow entry The second flow entry in.

After jumping to the second flow entry of tenant's flow entry, egress switch 2 learns the second report by query metadata library The tenant identification vn (xxx) of text and Tunnel Identifier tunnel (100).Then the second matching field carried according to the second flow entry Tenant identification vn (xxx) corresponding with tenant's message by being obtained from metadatabase and Tunnel Identifier tunnel (100), really Fixed corresponding second operation field of second message is { outport=1 }.Outport=1 is indicated through 1 instruction of exit port mark Exit port the second message is forwarded, egress switch 2 to the second message execute the second operation field instruction operation, i.e., Second message is forwarded to downstream router by the exit port of 1 instruction of exit port mark by egress switch 2.If tenant's message pair The second operation field answered is { outport=-1 }, then it represents that by the exit port of -1 instruction of exit port mark by the second message It is forwarded to controller.

Optionally, the method that egress switch 3 can provide through the foregoing embodiment executes similar egress switch 2 Operation, herein without repeating.

In the present embodiment, the controller of Openflow system generates the first flow entry and the second flow entry, the first flow entry Interchanger with the second flow entry for Openflow system operates tenant's message；First flow entry indicates tenant's message Tenant's information it is associated with tunnel information, tenant's information for identifying tenant belonging to tenant's message, tunnel information instruction Tunnel is used for tenant's message transmissions to interchanger；Second flow entry is used for according to tenant's information and tunnel information to tenant's message It is operated；First flow entry of generation and the second flow entry are handed down to interchanger by controller.Interchanger saves under controller The first flow entry and the second flow entry of hair, since interchanger is according to the tenant's information and tunnel of first flow entry tenant's message Road information, and then interchanger can be realized according to the second flow entry and tenant's information of tenant's message and tunnel information and be reported to tenant The operation of text.

It is corresponding with method shown in Fig. 2, as shown in figure 5, the embodiment of the invention provides a kind of controllers, comprising:

Flow entry generation module 501, for generating the first flow entry and the second flow entry, the first flow entry and the second flow table Interchanger of the item for Openflow system operates tenant's message；

Flow entry issues module 502, the first flow entry and the second flow entry for generating flow entry generation module 501 It is handed down to interchanger.

Optionally, the first flow entry includes the first matching field and the first operation field, and the first matching field carries tenant The tunnel information of message, the first operation field carry tenant's information and tunnel information.

Optionally, the second flow entry includes the second matching field and the second operation field, and the second matching field carries tenant Information and tunnel information, the second operation field carry out port information, and the exit port of exit port information instruction is for reporting tenant Text forwards.

It is corresponding with method shown in Fig. 3, as shown in fig. 6, the embodiment of the invention provides a kind of interchangers, comprising:

Flow entry receiving module 601, what the controller for receiving Openflow system was generated according to Openflow agreement First flow entry and the second flow entry；

First flow entry indicates that tenant's information of tenant's message is associated with tunnel information, and tenant's information is for identifying tenant Tenant belonging to message, the tunnel of tunnel information instruction are used for tenant's message transmissions to 601 place of flow entry receiving module Interchanger；Second flow entry is for operating tenant's message according to tenant's information and tunnel information；

Flow entry memory module 602, for saving received first flow entry of flow entry receiving module 601 and the second flow table ?.

Optionally, Fig. 6 shown device further include:

Message receiving module 603, for receiving the first message from tenant；

Message processing module (MPM) 604, the first matching field and message for being saved according to flow entry memory module 602 receive The tunnel information that received first message of module 603 carries determines the first operation field that flow entry memory module 602 saves, The tunnel information that the first message carries is removed to form the second message according to the first operation field, and by the corresponding rent of the second message In family information and tunnel information write-in metadatabase；

Message processing module (MPM) 604, the second matching field for being also used to be saved according to flow entry memory module 602 and metadata The corresponding tenant's information of the second message and tunnel information in library determine the second operational word that flow entry memory module 602 saves Section, and the second message is forwarded according to the corresponding exit port information of the second message in the second operation field.

It is corresponding with method shown in Fig. 2, as shown in fig. 7, the embodiment of the invention provides a kind of controllers, comprising:

Processor 701 is used for for generating the first flow entry and the second flow entry, the first flow entry and the second flow entry The interchanger of Openflow system operates tenant's message；

Transceiver 702, the first flow entry and the second flow entry for generating processor 701 are handed down to interchanger.

It is corresponding with method shown in Fig. 3, as shown in figure 8, the embodiment of the invention provides a kind of interchangers, comprising:

Transceiver 801, the first flow table that the controller for receiving Openflow system is generated according to Openflow agreement Item and the second flow entry；

First flow entry indicates that tenant's information of tenant's message is associated with tunnel information, and tenant's information is for identifying tenant Tenant belonging to message, the tunnel of tunnel information instruction are used for the interchanger where tenant's message transmissions to transceiver 801；The Two flow entrys are for operating tenant's message according to tenant's information and tunnel information；

Memory 802, for saving received first flow entry of transceiver 801 and the second flow entry.

Optionally,

Transceiver 801 is also used to receive the first message from tenant；

Interchanger shown in Fig. 8 further include:

Processor 803 is also used to the first matching field and transceiver 801 received first saved according to memory 802 The tunnel information that message carries determines the first operation field that memory 802 saves, according to the first operation field by the first message The tunnel information of carrying is removed to form the second message, and metadata is written in the corresponding tenant's information of the second message and tunnel information In library；The corresponding tenant's information of the second message and tunnel in the second matching field and metadatabase saved according to memory 802 Road information determines the second operation field that memory 802 saves, and corresponding out according to the second message in the second operation field Port information control transceiver 801 operates the second message.

As shown in figure 9, the embodiment of the invention provides a kind of flow entrys to generate system, including controller 901 and interchanger 902；

Controller 901 includes controller shown in fig. 5；

Interchanger 902 includes interchanger shown in fig. 6.

Embodiment two

As shown in Figure 10, in the controller side of Openflow system, the embodiment of the invention provides a kind of generations of flow entry Method, comprising:

The controller of S1001, Openflow system generates flow entry, and flow entry is used for the group of switches of Openflow system Broadcast tenant's message；

The flow entry of generation is handed down to interchanger by S1002, controller.

In the present embodiment, the flow entry that the controller of Openflow system generates includes matching field and operation field, The ingress port information of tenant's message is carried with field, operation field includes label information, and label information is for carrying exit port letter Breath and tunnel information.

For the flow entry shown in the table three, the controller of Openflow system generates flow entry shown in table three, table three The flow entry that middle flow table mark (Flow Table ID) is 0 is public flow entry；Flow table identifies (Flow Table in table three ID) flow entry for 1 is tenant's flow entry, includes the flow entry provided in the present embodiment in tenant's flow entry.In conjunction with table three, rent After family message enters interchanger by the inbound port that inbound port (Inport) is identified as 1, according to the corresponding inbound port of tenant's message (Inport) matching field in mark 1 and public flow entry, determines tenant's message corresponding operational word in public flow entry Section is { goto table1 }, and goto table1 expression jumps to tenant's flow entry, executes operation field { goto to tenant's message Table1 } instruction operation.

After jumping to tenant's flow entry, according to of the corresponding inbound port of tenant's message (Inport) mark 1 and flow entry With field, determine tenant's message in tenant's flow entry corresponding operation field be Lable_output (101,2), Lable_output (201,3) }, Lable_output (101,2) and Lable_output (201,3) indicate respectively tunnel mark Know 101 and exit port mark 2 is associated, Tunnel Identifier 201 and exit port mark 3 are associated.The operation is executed to tenant's message The operation of field instruction, i.e., are as follows: tenant's message is copied into two parts, the exit port of multicast a copy of it tenant's message is identified as 2, According to operation field Lable_output (101,2), determine that the Tunnel Identifier of multicast tenant's message is 101, by Tunnel Identifier 101 are written in the heading of tenant's message as label, and 2 exit port and Tunnel Identifier are then identified as by exit port Multicast is carried out to the tenant's message for taking label Tunnel Identifier 101 for 101 tunnel；The exit port mark of another tenant's message of multicast Knowing is 3, according to operation field Lable_output (201,3), determines that the Tunnel Identifier of multicast tenant's message is 201, by tunnel Road mark 201 is written in the heading of tenant's message, is then identified as 3 exit port by exit port and Tunnel Identifier is 201 tunnel carries out multicast to the tenant's message for carrying label Tunnel Identifier 201.

It should be noted that in the heading for being written to tenant's message using the Tunnel Identifier of tenant's message as label information It, can be using the heading form of multi-label protocol exchange (Multi-Protocol Label Switching, MPLS) when middle Or the heading form of virtual LAN (Virtual Local Area Network, VLAN) carries label information, but this Both forms are not limited in embodiment.

Table three

It is extended on the basis of existing Openflow agreement in the present embodiment, the controller of Openflow system Flow entry is generated according to the Openflow agreement after extension.

For example, to the message instruction action (ofp_action_type) of existing Openflow agreement in the present embodiment Extended-type OFPAT Lable_OUTPUT field, after indicating that the operation field instruction message in flow entry carries label information Multicast is carried out, controller generates provided in this embodiment according to the OFPAT Lable_OUTPUT field of Openflow protocol extension Flow entry.Controller can know tenant's information of tenant before generating flow entry from the upper layer device of controller, also, Controller is the exit port and tunnel that tenant's information distributes multicast tenant message, and then according to the exit port of multicast tenant's message The operation field that flow entry carries is generated with tunnel.Operation field in flow entry provided in this embodiment is first to believe label Breath is written in the heading of tenant's message, then carries out group to the tenant's message for carrying label information by exit port and tunnel It broadcasts, which is the tunnel information of tenant's message.It should be noted that the heading of MPLS can be used in the present embodiment Form or the heading form of VLAN carry label information, but are not limited to both forms.

For using the message head file of MPLS carrying label information, to existing Openflow agreement in the present embodiment It is real that message instruction action (ofp_action_type) Extended-type OFPAT Lable_OUTPUT can pass through following program It is existing:

struct ofp_action_mpls_output{

uint16_t type；/*OFPAT_MPLS_OUTPUT.*/

uint16_t len；/*Length is 16.*/

Uint32_t label；/*MPLS lable for output port*/

uint32_t port；/*Output port.*/

uint16_t max_len；/*Max length to send to controller.*/

uint8_t pad[2]；/*Pad to 64bits.*/

}；

OFP_ASSERT (sizeof (struct ofp_action_mpls_output)==16)；

The flow entry of generation is handed down to the exchange of Openflow system by the controller of Openflow system in the present embodiment Machine, as shown in figure 11, the corresponding exchanger side in Openflow system, the embodiment of the present invention provide a kind of flow entry recipient Method, comprising:

The controller that the interchanger of S1101, Openflow system receives Openflow system is raw according to Openflow agreement At flow entry；

S1102, interchanger save flow entry.

In the present embodiment, flow entry includes matching field and operation field, and matching field carries the inbound port of tenant's message Information, operation field include label information, and label information is for carrying out port information and tunnel information.

In the present embodiment, after interchanger saves flow entry, the method for carrying out multicast to tenant's message according to flow entry is as follows:

Interchanger receives the first message from tenant；

Interchanger in the present embodiment refers to the ingress switch in the Openflow virtual network for Multicast Tunnel scene Machine, for example, Figure 12 show the Openflow virtual network schematic diagram for Multicast Tunnel scene, interchanger 2 and friendship in Figure 12 Change planes 3 be respectively the corresponding different transmission path of access switch 1 on two egress switch.Optionally, relative to tenant The transmission direction of message, egress switch and access switch can be interchanged.For example, according to Figure 12, it is assumed that tenant's message Interchanger 1 and interchanger 2 are flowed to by interchanger 3, then interchanger 1 and interchanger 2 are respectively the corresponding not simultaneous interpretation of access switch 3 Two egress switch on defeated path.Access switch is based on the rent table (Group issued from controller in existing multicast mechanism Table multicast) is carried out to the tenant's message received by multicast spanning tree.But the scene of the Multicast Tunnel shown in Figure 12 In, access switch 1 needs to carry out multicast to tenant's message by different exit port and tunnel.Due to existing OpenFlow There is no the corresponding definition of virtual network tenant's message multicast mechanism for Multicast Tunnel in agreement, therefore causes to be based on The virtual network of OpenFlow can not realize the multicast to tenant's message for Multicast Tunnel.

For the access switch 1 of the Openflow system shown in Figure 12, the method that provides through this embodiment can be with It realizes to the multicast of tenant's message, for the flow table shown in the table four, access switch 1 saves flow table shown in table four, table four The flow entry that middle flow table mark (Flow Table ID) is 0 is public flow entry；Flow table identifies (Flow Table in table four ID) flow entry for 1 is tenant's flow entry, includes the flow entry provided in the present embodiment in tenant's flow entry.

Table four

For example, access switch 1 is as follows to the multicast procedures of tenant's message by flow table shown in table four:

After access switch 1 receives the first message from tenant by the inbound port that inbound port (Inport) is identified as 1, According to the matching field in the corresponding inbound port of the first message (Inport) mark 1 and public flow entry, determine that the first message exists Corresponding operation field is { goto table1 } in public flow entry, and goto table1 expression jumps in tenant's flow entry.

After jumping to tenant's flow entry, access switch 1 identifies 1 He according to the corresponding inbound port of the first message (Inport) The matching field of tenant's flow entry determines that the first message corresponding operation field in tenant's flow table is { Lable_output (101,2), Lable_output (201,3) }, Lable_output (101,2) and Lable_output (201,3) are respectively referred to Show that Tunnel Identifier 101 and exit port identify 2 associated, Tunnel Identifiers 201 and exit port mark 3 is associated.First message is held The operation of row operation field instruction, i.e., are as follows: the first message is copied into two parts, the exit port of the first message of multicast a copy of it 2 are identified as, according to operation field Lable_output (101,2), determines that the Tunnel Identifier of multicast first message is 101, it will Tunnel Identifier 101, which is written in the heading of the first message as label, forms the second message, and access switch 1 passes through exit port Second message group is cast to egress switch 2 for 101 tunnel by exit port and the Tunnel Identifier for being identified as 2.Multicast another The exit port of one message is identified as 3, according to operation field Lable_output (201,3), determines the tunnel of multicast first message Road is identified as 201, Tunnel Identifier 201 is written in the heading of the first message and forms the second message, and access switch 1 passes through Second message group is cast to egress switch 3 for 201 tunnel by exit port and the Tunnel Identifier that exit port is identified as 3.

It should be noted that in the heading for being written to tenant's message using the Tunnel Identifier of tenant's message as label information When middle, label information can be carried using the heading form of MPLS or the heading form of VLAN, but in the present embodiment simultaneously It is not limited to both forms.

Optionally, tenant's message group is cast to egress switch 2 to access switch 1 by the middle method provided through this embodiment After egress switch 3, egress switch 2 or egress switch 3 can technical sides to provide in through the embodiment of the present invention one Method realizes the forwarding to tenant's message.

Optionally, the method that access switch 2 or access switch 3 can provide through the foregoing embodiment executes similar The operation of access switch 1, herein without repeating.

In the present embodiment, the controller of Openflow system generates flow entry, and flow entry is used for the friendship of Openflow system It changes planes multicast tenant's message；Flow entry indicates that the exit port information of tenant's message is associated with tunnel information, tunnel information instruction Tunnel be used for transmission tenant's message of interchanger multicast, the exit port of exit port information instruction is used for multicast tenant message；Control The flow entry of generation is handed down to interchanger by device processed.Interchanger saves the flow entry that controller issues, since interchanger is according to stream For the exit port information and tunnel information of multicast tenant message known to list item, and then interchanger being capable of going out according to tenant's message Port information and tunnel information realize the multicast to tenant's message.

Corresponding with method shown in Fig. 10, as shown in figure 13, the embodiment of the invention provides a kind of controllers, comprising:

Flow entry generation module 1301, for generating flow entry, flow entry is used for the interchanger multicast of Openflow system Tenant's message；

Flow entry issues module 1302, and the flow entry for generating flow entry generation module 1301 is handed down to interchanger.

Optionally, flow entry includes matching field and operation field, and matching field carries the ingress port information of tenant's message, Operation field includes label information, and label information is for carrying out port information and tunnel information.

Corresponding with method shown in Figure 11, as shown in figure 14, the embodiment of the invention provides a kind of interchangers, comprising:

Flow entry receiving module 1401, what the controller for receiving Openflow system was generated according to Openflow agreement Flow entry；

Flow entry indicates that the exit port information of tenant's message is associated with tunnel information, and the tunnel of tunnel information instruction is used for Tenant's message of the interchanger multicast where flow entry receiving module 1401 is transmitted, the exit port of exit port information instruction is used for group Broadcast tenant's message；

Flow entry memory module 1402, for saving the received flow entry of flow entry receiving module 1401.

Optionally, interchanger shown in Figure 14 further include:

Message receiving module 1403, for receiving the first message from tenant；

Message processing module (MPM) 1404, matching field and message for being saved according to flow entry memory module 1302 receive mould The ingress port information that received first message of block 1403 carries determines the operation field that flow entry memory module 1402 saves, will The second message is formed in the heading for tunnel information the first message of write-in that operation field carries, according to second in operation field The corresponding exit port information of message and tunnel information carry out multicast to the second message.

Corresponding with method shown in Fig. 10, as shown in figure 15, the embodiment of the invention provides a kind of controllers, comprising:

Processor 1501, for generating flow entry, flow entry is used for interchanger multicast tenant's message of Openflow system；

Transceiver 1502, the flow entry for generating processor 1501 are handed down to interchanger.

Corresponding with method shown in Figure 11, as shown in figure 16, the embodiment of the invention provides a kind of interchangers, comprising:

Transceiver 1601, the flow entry that the controller for receiving Openflow system is generated according to Openflow agreement；

Flow entry indicates that the exit port information of tenant's message is associated with tunnel information, and the tunnel of tunnel information instruction is used for The exit port of tenant's message of interchanger multicast where transmitting transceiver machine 1601, the instruction of exit port information is reported for multicast tenant Text；

Memory 1602, for saving the received flow entry of transceiver 1601.

Optionally,

Transceiver 1601 is also used to receive the first message from tenant；

Interchanger shown in Figure 16 further include:

Processor 1603, matching field and received first message of transceiver 1601 for being saved according to memory 1602 The ingress port information of carrying determines the operation field that memory 1602 saves, the tunnel information write-in that operation field is carried The second message is formed in the heading of one message, according to the corresponding exit port information of the second message and tunnel letter in operation field Breath, control transceiver 1601 carry out multicast to the second message.

As shown in figure 17, the embodiment of the invention provides a kind of flow entrys to generate system, including controller 1701 and exchange Machine 1702；

Controller 1701 includes controller shown in Figure 13；

Interchanger 1702 includes interchanger shown in Figure 14.

It should be understood by those skilled in the art that, the embodiment of the present invention can provide as method, system or computer program Product.Therefore, complete hardware embodiment, complete software embodiment or reality combining software and hardware aspects can be used in the present invention Apply the form of example.Moreover, it wherein includes the computer of computer usable program code that the present invention, which can be used in one or more, The computer program implemented in usable storage medium (including but not limited to magnetic disk storage, CD-ROM, optical memory etc.) produces The form of product.

The present invention be referring to according to the method for the embodiment of the present invention, the process of equipment (system) and computer program product Figure and/or block diagram describe.It should be understood that every one stream in flowchart and/or the block diagram can be realized by computer program instructions The combination of process and/or box in journey and/or box and flowchart and/or the block diagram.It can provide these computer programs Instruct the processor of general purpose computer, special purpose computer, Embedded Processor or other programmable data processing devices to produce A raw machine, so that being generated by the instruction that computer or the processor of other programmable data processing devices execute for real The device for the function of being specified in present one or more flows of the flowchart and/or one or more blocks of the block diagram.

These computer program instructions, which may also be stored in, is able to guide computer or other programmable data processing devices with spy Determine in the computer-readable memory that mode works, so that it includes referring to that instruction stored in the computer readable memory, which generates, Enable the manufacture of device, the command device realize in one box of one or more flows of the flowchart and/or block diagram or The function of being specified in multiple boxes.

These computer program instructions also can be loaded onto a computer or other programmable data processing device, so that counting Series of operation steps are executed on calculation machine or other programmable devices to generate computer implemented processing, thus in computer or The instruction executed on other programmable devices is provided for realizing in one or more flows of the flowchart and/or block diagram one The step of function of being specified in a box or multiple boxes.

Although preferred embodiments of the present invention have been described, it is created once a person skilled in the art knows basic Property concept, then additional changes and modifications may be made to these embodiments.So it includes excellent that the following claims are intended to be interpreted as It selects embodiment and falls into all change and modification of the scope of the invention.

Obviously, those skilled in the art can carry out various modification and variations without departing from this hair to the embodiment of the present invention The spirit and scope of bright embodiment.In this way, if these modifications and variations of the embodiment of the present invention belong to the claims in the present invention And its within the scope of equivalent technologies, then the present invention is also intended to include these modifications and variations.

Claims

1. a kind of flow entry generation method characterized by comprising

The controller of Openflow system generates the first flow entry and the second flow entry, first flow entry and the second Interchanger of the list item for the Openflow system operates tenant's message；

First flow entry indicates that tenant's information of tenant's message is associated with tunnel information, and tenant's information is used for Identify tenant belonging to tenant's message, the tunnel of the tunnel information instruction is used for tenant's message transmissions to described Interchanger；Second flow entry is for grasping tenant's message according to tenant's information and the tunnel information Make；

First flow entry of generation and second flow entry are handed down to the interchanger by the controller.

2. the method as described in claim 1, which is characterized in that

First flow entry includes the first matching field and the first operation field, and first matching field carries the tenant The tunnel information of message, first operation field carry tenant's information and the tunnel information.

3. method according to claim 1 or 2, which is characterized in that

Second flow entry includes the second matching field and the second operation field, and second matching field carries the tenant Information and the tunnel information, second operation field carry out port information, the exit port of the exit port information instruction For tenant's message to be forwarded.

4. a kind of flow entry method of reseptance characterized by comprising

The controller that the interchanger of Openflow system receives the Openflow system generated according to Openflow agreement One flow entry and the second flow entry；

Tenant's information of first flow entry instruction tenant's message is associated with tunnel information, and tenant's information is for identifying The tunnel of tenant belonging to tenant's message, the tunnel information instruction are used for tenant's message transmissions to the exchange Machine；Second flow entry is for operating tenant's message according to tenant's information and the tunnel information；

The interchanger saves first flow entry and the second flow entry.

5. method as claimed in claim 4, which is characterized in that

6. method as claimed in claim 5, which is characterized in that

7. method as claimed in claim 6, which is characterized in that the interchanger saves first flow entry and the second flow table Xiang Hou, further includes:

The interchanger receives the first message from tenant；

The tunnel information that the interchanger is carried according to first matching field and first message determines first behaviour Make field, remove the tunnel information that first message carries to form the second message according to first operation field, and will In the corresponding tenant's information of second message and tunnel information write-in metadatabase；

The interchanger is believed according to the corresponding tenant of second message in second matching field and the metadatabase Breath and tunnel information determine second operation field, and corresponding according to second message in second operation field Exit port information second message is forwarded.

8. a kind of controller characterized by comprising

Flow entry generation module, for generating the first flow entry and the second flow entry, first flow entry and the second Interchanger of the list item for Openflow system operates tenant's message；

Flow entry issues module, first flow entry and second flow table for generating the flow entry generation module Item is handed down to the interchanger.

9. controller as claimed in claim 8, which is characterized in that

10. controller as claimed in claim 8 or 9, which is characterized in that

11. a kind of interchanger characterized by comprising

Flow entry receiving module, the first flow table that the controller for receiving Openflow system is generated according to Openflow agreement Item and the second flow entry；

Tenant's information of first flow entry instruction tenant's message is associated with tunnel information, and tenant's information is for identifying The tunnel of tenant belonging to tenant's message, the tunnel information instruction are used for tenant's message transmissions to the flow table Interchanger where item receiving module；Second flow entry is used for according to tenant's information and the tunnel information to described Tenant's message operates；

Flow entry memory module, for saving received first flow entry of the flow entry receiving module and the second flow table ?.

12. interchanger as claimed in claim 11, which is characterized in that

13. interchanger as claimed in claim 12, which is characterized in that

14. interchanger as claimed in claim 13, which is characterized in that further include:

Message receiving module, for receiving the first message from tenant；

Message processing module (MPM), first matching field and the message for being saved according to the flow entry memory module connect The tunnel information that received first message of module carries is received, determines first behaviour that the flow entry memory module saves Make field, remove the tunnel information that first message carries to form the second message according to first operation field, and will In the corresponding tenant's information of second message and tunnel information write-in metadatabase；

The message processing module (MPM) is also used to second matching field and described saved according to the flow entry memory module The corresponding tenant's information of second message and tunnel information in metadatabase determine what the flow entry memory module saved Second operation field, and according to the corresponding exit port information of second message in second operation field to described Second message is forwarded.

15. a kind of flow entry generates system, which is characterized in that including controller and interchanger；

The controller includes controller described in any one of claim 8 to 10；

The interchanger includes interchanger described in any one of claim 11 to 14.