CN107018058B - Method and system for sharing VLAN (virtual local area network) and VXLAN (virtual extensible local area network) communication in cloud environment - Google Patents

Method and system for sharing VLAN (virtual local area network) and VXLAN (virtual extensible local area network) communication in cloud environment Download PDF

Info

Publication number
CN107018058B
CN107018058B CN201710201366.9A CN201710201366A CN107018058B CN 107018058 B CN107018058 B CN 107018058B CN 201710201366 A CN201710201366 A CN 201710201366A CN 107018058 B CN107018058 B CN 107018058B
Authority
CN
China
Prior art keywords
vxlan
network
switch
virtual
vlan
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Expired - Fee Related
Application number
CN201710201366.9A
Other languages
Chinese (zh)
Other versions
CN107018058A (en
Inventor
王锟
高小天
舒敏
邹潇湘
金暐
樊兴军
张同浩
刘骏
杨云鹏
高昕
侯美佳
董琳
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
National Computer Network and Information Security Management Center
Dawning Information Industry Beijing Co Ltd
Original Assignee
National Computer Network and Information Security Management Center
Dawning Information Industry Beijing Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by National Computer Network and Information Security Management Center, Dawning Information Industry Beijing Co Ltd filed Critical National Computer Network and Information Security Management Center
Priority to CN201710201366.9A priority Critical patent/CN107018058B/en
Publication of CN107018058A publication Critical patent/CN107018058A/en
Application granted granted Critical
Publication of CN107018058B publication Critical patent/CN107018058B/en
Expired - Fee Related legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L12/00Data switching networks
    • H04L12/28Data switching networks characterised by path configuration, e.g. LAN [Local Area Networks] or WAN [Wide Area Networks]
    • H04L12/46Interconnection of networks
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L12/00Data switching networks
    • H04L12/28Data switching networks characterised by path configuration, e.g. LAN [Local Area Networks] or WAN [Wide Area Networks]
    • H04L12/46Interconnection of networks
    • H04L12/4641Virtual LANs, VLANs, e.g. virtual private networks [VPN]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L12/00Data switching networks
    • H04L12/28Data switching networks characterised by path configuration, e.g. LAN [Local Area Networks] or WAN [Wide Area Networks]
    • H04L12/46Interconnection of networks
    • H04L12/4641Virtual LANs, VLANs, e.g. virtual private networks [VPN]
    • H04L12/4675Dynamic sharing of VLAN information amongst network nodes
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/02Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/02Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
    • H04L63/0272Virtual private networks

Abstract

The invention discloses a method and a system for sharing VLAN and VXLAN communication in a cloud environment. The method comprises the following steps: when the network type connected with the virtual machine network card is VLAN, the distributed service network virtual switch packages VLAN messages into VLAN labels and then forwards the VLAN labels to a service network physical switch; when the network type connected with the network card of the virtual machine is VXLAN, the distributed service network virtual switch performs OVS flow control, guides the VXLAN message to the distributed VXLAN processing switch, and determines to forward the VXLAN message to the service network physical switch or other local virtual machines after the VXLAN message is processed by the distributed VXLAN processing switch. When the user does not need the virtual network isolated by the VLAN, the VXLAN encapsulation is selected to ensure that the virtual machine of the user is isolated from the virtual machines of other users, thereby saving the limitation of the VLAN number of the data center.

Description

Method and system for sharing VLAN (virtual local area network) and VXLAN (virtual extensible local area network) communication in cloud environment
Technical Field
The invention relates to the technical field of communication, in particular to a method and a system for sharing VLAN and VXLAN communication in a cloud environment.
Background
A conventional physical Network in a data center generally uses a VLAN (virtual Local Area Network) to divide a broadcast domain, and divides a physical server into a plurality of server groups, where the server groups in different broadcast domains are isolated from each other. The transmission of the physical two-layer broadcast message in the broadcast domain can be controlled through VLAN division, the risk of broadcast storm is reduced, and the network stability is enhanced.
In a data center of a cloud computing large environment, servers of the data center run virtual machines, and the virtual machines provide virtualization network services. The virtual machines also need to be isolated from the network like a two-layer broadcast domain of a physical server, and especially under the multi-user environment, the user virtual machines cannot communicate with each other, so that the network isolation becomes more and more important.
When providing virtualized network service, if VLAN isolation is used for a user virtual machine like a physical server, a large number of VLAN Trunk passing rules need to be configured on a port of a physical switch accessing the physical server. Since the number of VLANs is only 4096, which is an isolation rule designed for local area networks, 4096 virtual networks are not sufficient for data centers in a cloud computing large environment.
With the introduction of the new encapsulation technology VXLAN (Virtual Extensible LANs), the 12-bit VLAN number can be extended to the 24-bit VXLAN number. VXLAN uses UDP encapsulation, is not limited to two-layer physical network, and can solve the difficulty of data center network configuration by using VXLAN. However, both the VLAN and VXLAN are optional, i.e. only one of the virtual networks can be supported, but not both.
Disclosure of Invention
The embodiment of the invention provides a method and a device for sharing VLAN and VXLAN communication in a cloud environment, which are used for solving the problem that two virtual networks of VLAN and VXLAN cannot be simultaneously supported in the prior art.
According to an aspect of the present invention, there is provided a method for sharing VLAN and VXLAN communication in a cloud environment, comprising:
presetting a network type connected with a virtual machine network card; wherein the network type comprises VLAN or VXLAN;
when the network type connected with the virtual machine network card is VLAN, the distributed service network virtual switch encapsulates a VLAN message into a VLAN label and then forwards the VLAN label to a service network physical switch, so that the service network physical switch forwards the encapsulated message to a remote server;
when the network type connected with the virtual machine network card is VXLAN, the distributed service network virtual switch performs open virtual switch OVS flow control, guides VXLAN messages to the distributed VXLAN processing switch, and determines to forward the VXLAN messages to the service network physical switch or to other local virtual machines after the VXLAN messages are processed by the distributed VXLAN processing switch, so that the service network physical switch forwards the encapsulated messages to a remote server.
Optionally, after the network type of the virtual machine network card connection is preset, the method further includes:
when the virtual machine network card is configured to be a VLAN, the controller transmits VLAN configuration information to the network proxy, the network proxy accesses the network card of the virtual machine into the distributed service network virtual switch, and a port of the distributed service network virtual switch is configured to be VLAN package;
when the virtual machine network card is configured to be VXLAN, the controller sends VXLAN configuration information to the network agent; and the network agent accesses a virtual machine network card into a distributed service network virtual switch, establishes a flow guide rule and configures a port of the distributed VXLAN processing switch for VXLAN encapsulation.
Optionally, when the distributed VXLAN processing switch processes a VXLAN packet, the method specifically includes:
judging whether the destination MAC address of the VXLAN message exists locally:
if yes, directly forwarding to a local target virtual machine; and if the VXLAN message does not exist, adding a VXLAN label to the VXLAN message, and forwarding the VXLAN message to the physical switch of the service network.
Optionally, when the destination address of the VXLAN message is not local, learning a destination MAC address through a virtual network card; and after learning, sending the VXLAN message to the destination MAC address through the physical switch of the service network.
Optionally, when the distributed service network virtual switch directs the VXLAN packet to the distributed VXLAN processing switch, the VXLAN packet is transmitted to the distributed VXLAN processing switch by establishing linux path pair.
According to an aspect of the present invention, there is provided a system for sharing VLAN and VXLAN communications in a cloud environment, comprising:
the controller is used for presetting the network type connected with the network card of the virtual machine; wherein the network type comprises VLAN or VXLAN;
the distributed service network virtual switch is used for packaging a VLAN message into a VLAN label and then forwarding the VLAN label to a service network physical switch when the network type of the virtual machine is VLAN; and when the network type of the virtual machine is VXLAN, performing open virtual switching OVS flow control, and guiding the VXLAN message to a distributed VXLAN processing switch;
the distributed VXLAN processing switch is used for determining to forward the VXLAN message to the service network physical switch or to other local virtual machines after processing the VXLAN message;
and the service network physical switch forwards the packet encapsulated by the distributed service network virtual switch and the distributed VXLAN processing switch to a remote server.
Optionally, the system further comprises a network agent; the controller is further configured to send VLAN configuration information to the network proxy when the virtual machine network card is configured as a VLAN; the network agent is used for accessing a network card of the virtual machine into the distributed service network virtual switch and configuring a port of the distributed service network virtual switch as VLAN encapsulation;
the controller is further configured to send VXLAN configuration information to the network agent when the virtual machine network card is configured as VXLAN; and the network agent accesses a virtual machine network card into a distributed service network virtual switch, establishes a flow guide rule and configures a port of the distributed VXLAN processing switch for VXLAN encapsulation.
Optionally, the distributed VXLAN processing switch is specifically configured to:
judging whether the destination MAC address of the VXLAN message exists locally:
if yes, directly forwarding to a local target virtual machine; and if the VXLAN message does not exist, adding a VXLAN label to the VXLAN message, and forwarding the VXLAN message to the physical switch of the service network.
Optionally, when the destination address of the VXLAN message is judged not to be local, the distributed VXLAN processing switch learns the destination MAC address through a virtual network card; and after learning, sending the VXLAN message to the destination MAC address.
Optionally, when the distributed service network virtual switch directs the VXLAN packet to the distributed VXLAN processing switch, the VXLAN packet is transmitted to the distributed VXLAN processing switch by establishing linux path.
The invention has the following beneficial effects:
the shared VLAN and VXLAN communication method and system provided by the invention have the advantages that the virtual switch of the distributed service network automatically distinguishes the VLAN message and the VXLAN message, and the VXLAN message is processed through the distributed VXLAN processing switch. Therefore, when the user does not need the VLAN-isolated virtual network, the VXLAN encapsulation is selected to ensure that the virtual machine of the user is isolated from the virtual machines of other users, and the limitation of the VLAN number of the data center is saved.
The foregoing description is only an overview of the technical solutions of the present invention, and the embodiments of the present invention are described below in order to make the technical means of the present invention more clearly understood and to make the above and other objects, features, and advantages of the present invention more clearly understandable.
Drawings
In order to more clearly illustrate the embodiments of the present invention or the technical solutions in the prior art, the drawings needed to be used in the description of the embodiments or the prior art will be briefly described below, and it is obvious that the drawings in the following description are only some embodiments of the present invention, and it is obvious for those skilled in the art that other drawings can be obtained according to the drawings without creative efforts.
Fig. 1 is a flow chart of a method of sharing VLAN and VXLAN communications in an embodiment of the present invention;
fig. 2 is an architecture diagram of a shared VLAN and VXLAN communication system in an embodiment of the present invention;
fig. 3 is a schematic diagram of the interaction of devices sharing VLAN and VXLAN communication methods in an embodiment of the present invention;
fig. 4 is a schematic diagram of VXLAN message flow guidance in an embodiment of the present invention.
Detailed Description
The technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the drawings in the embodiments of the present invention, and it is obvious that the described embodiments are only a part of the embodiments of the present invention, and not all of the embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention.
The method for sharing VLAN and VXLAN communication in a cloud environment provided by the embodiment of the present invention, as shown in fig. 1, specifically includes the following steps:
step 101, presetting a network type for connecting a virtual machine network card; the network type includes VLAN or VXLAN.
In this step, how each device in the virtual network completes the configuration of the VLAN or VXLAN is mainly described from the control plane.
Specifically, the architecture diagram of the shared VLAN and VXLAN communication systems is shown in fig. 2. The virtual machine in the server communicates with the physical switch layer through the virtual switch layer. The equipment of the virtual switching layer comprises a distributed service network virtual switch and a distributed VXLAN processing switch. The equipment of the physical switching layer comprises a service network physical switch. The management node controls the configuration of the virtual switching layer on the server cluster through the controller.
When creating a virtual network, a two-layer network (data link layer) of VLAN and VXLAN types is selected. When the virtual machine is created, the network type of the virtual machine network card connection is set. When the virtual machine is started, the virtual network system responds to the starting event of the virtual machine, a network agent on the server is called to connect a network card for the virtual machine, and the network card of the virtual machine is connected to the virtual switch of the distributed service network.
Specifically, when the virtual network type accessed by the virtual machine network card is VLAN, the controller issues the VLAN configuration information to the network agent on the server; after the network card of the virtual machine is connected to the virtual switch of the distributed service network, the network agent configures the port of the virtual switch of the distributed service network for VLAN packaging and sends VLAN configuration information to the virtual switch of the distributed service network. The VLAN configuration information includes VLAN number, VLAN priority, and the like.
When the virtual network type accessed by the virtual machine network card is VXLAN, the controller sends VXLAN configuration information to a network agent on the server; the network agent accesses the network card of the virtual machine into the virtual switch of the distributed service network, configures a port of the virtual switch of the distributed service network as VXLAN, establishes a flow guide rule so as to introduce the flow of the virtual machine into the processing switch of the distributed VXLAN, and simultaneously sends the configuration information of the VXLAN to the virtual switch of the distributed service network and the processing switch of the distributed VXLAN. The VXLAN configuration information includes information such as a VXLAN number.
102, when the network type connected with the virtual machine network card is VLAN, the distributed service network virtual switch packages a VLAN message into a VLAN label and then transmits the VLAN label to a service network physical switch, so that the service network physical switch transmits the packaged message to a remote server; when the network type connected with the network card of the virtual machine is VXLAN, the distributed service network virtual switch performs OVS (Open virtual switch) flow control, the VXLAN message is guided to the distributed VXLAN processing switch, after the VXLAN message is processed by the distributed VXLAN processing switch, the VXLAN message is determined to be forwarded to the service network physical switch or to be forwarded to other local virtual machines, so that the service network physical switch forwards the encapsulated message to a remote server.
In this step, how to complete the processing of VLAN packets and VXLAN packets is mainly introduced from the forwarding plane. And after the virtual machine network card is accessed into the distributed service network virtual switch, the distributed service network virtual switch determines the relevant processing of the VLAN message and the VXLAN message according to the network type used by the virtual machine network card. Specifically, as shown in fig. 2, the following are included:
when the virtual machine network card uses the VLAN type, the distributed service network virtual switch is directly marked with the VLAN label for packaging and forwarding, after the VLAN label is packaged by the message, the message is forwarded to the service network physical switch, and the VLAN channel of the service network physical switch needs to be configured in advance.
When the virtual machine network card uses VXLAN type, the VXLAN message is firstly transmitted to the distributed VXLAN processing switch on the same host machine through OVS flow control, and the distributed VXLAN processing switch processes the message. And the distributed VXLAN processing switch determines to forward to a local virtual machine or a service network physical switch according to the carried content of the VXLAN message.
When the distributed service network virtual switch and the distributed VXLAN processing switch are used for flow guiding, as shown in fig. 3, linux path pair is established between the virtual network cards, and OVS flow control is configured on the virtual network cards. The distributed service network virtual switch does not process the VXLAN message, but directly transmits the VXLAN message to the distributed VXLAN processing switch. By establishing linux path pair on the flow guide layer, the VXLAN message can be transmitted transparently.
Specifically, when the distributed VXLAN processing switch processes a VXLAN message, the following steps are included:
judging whether the destination MAC address of the VXLAN message exists in a local host computer or not:
if the virtual machine is in the local host, the virtual machine is directly forwarded to the destination virtual machine of the local host without adding a VXLAN label;
and if the VXLAN message is not in the local host, the VXLAN label is added in the VXLAN message, and then the VXLAN message is forwarded to a physical switch of the service network.
The distributed VXLAN processing switch creates a virtual network card, and the virtual network card marks the local address and the remote server address. When the destination address of the virtual machine is not local, the distributed VXLAN processing switch learns the destination MAC address through the virtual network card, and the learning process is well known to those skilled in the art, for example, a port flooding manner may be adopted, and will not be described here.
After judging which virtual network card needs to be forwarded, the virtual network card is responsible for adding a VXLAN tag, then the virtual network card is communicated with the IP address of the remote server, and the VXLAN message is forwarded to the remote server. And when the distributed VXLAN processing switch receives the message returned by the remote server, finding the corresponding diversion virtual network card through the target MAC, removing the VXLAN label, and sending the VXLAN message to the diversion virtual network card.
An embodiment of the present invention further provides a communication system sharing a VLAN and a VXLAN in a cloud environment, as shown in fig. 2, including:
the controller is used for presetting the network type connected with the network card of the virtual machine; wherein, the network type comprises VLAN or VXLAN;
the distributed service network virtual switch is used for packaging the VLAN message into a VLAN label and then forwarding the VLAN label to the service network physical switch when the network type of the virtual machine is VLAN; and when the network type of the virtual machine is VXLAN, performing open virtual switching OVS flow control, and guiding the VXLAN message to a distributed VXLAN processing switch;
the distributed VXLAN processing switch is used for determining to forward the VXLAN message to a service network physical switch or to other local virtual machines after processing the VXLAN message;
and forwarding the messages processed by the distributed service network virtual switch and the distributed VXLAN processing switch to a remote server by the service network physical switch.
Further, the communication system further includes a network agent; the controller is also used for issuing VLAN configuration information to the network agent when the virtual machine network card is configured to be a VLAN; the network agent is used for accessing the network card of the virtual machine into the distributed service network virtual switch and configuring the port of the distributed service network virtual switch as VLAN encapsulation;
the controller is also used for sending VXLAN configuration information to the network agent when the virtual machine network card is configured into VXLAN; and the network agent accesses the network card of the virtual machine into the virtual switch of the distributed service network, establishes a flow guide rule and configures a port of the distributed VXLAN processing switch for packaging VXLAN.
The distributed VXLAN processing switch is specifically configured to determine whether a destination MAC address of a VXLAN packet exists locally:
if yes, directly forwarding to a local target virtual machine; and if the VXLAN message does not exist, adding a VXLAN label to the VXLAN message and forwarding the VXLAN message to the physical switch of the service network. When the destination address of the VXLAN message is judged not to be local, the distributed VXLAN processing switch learns the destination MAC address through the virtual network card; and after learning, sending the VXLAN message to a destination MAC address.
When the distributed service network virtual switch guides the VXLAN message to the distributed VXLAN processing switch, the VXLAN message is transmitted to the distributed VXLAN processing switch through building linux path pair.
The method and the system for sharing VLAN and VXLAN communication provided by the invention have the following effects:
1) the effective utilization of system resources, when the user does not need the VLAN isolated virtual network, the VXLAN encapsulation is selected to ensure that the virtual machine of the user is isolated from the virtual machines of other users, the limitation of the VLAN number of a data center is saved, and meanwhile, the user is allowed to apply for the VLAN network and configure the traditional network.
2) And the personalized customization of the user is met. The user is free to choose to access either VLAN or VXLAN. And a plurality of network cards of the virtual machine are supported to be respectively added into different VLAN or VXLAN virtual switches.
3) And the safety of the system at the bottom layer is protected. The user can not perceive the difference of using different two-layer virtual networks, the realization of the bottom layer is not concerned, the two-layer encapsulation is completely transparent to the user, and the same form is used for controlling two virtual switches. The user can not directly contact the system, so that the safety of the system is effectively protected.
It will be understood by those skilled in the art that all or part of the processes of the methods of the embodiments described above can be implemented by hardware related to instructions of a computer program, which can be stored in a computer-readable storage medium, and when executed, can include the processes of the embodiments of the methods described above.
Although the present application has been described with reference to embodiments, those skilled in the art will appreciate that there are numerous variations and permutations of the present application without departing from the spirit and scope of the invention. Thus, if such modifications and variations of the present invention fall within the scope of the claims of the present invention and their equivalents, the present invention is also intended to include such modifications and variations.

Claims (10)

1. A method for sharing VLAN and VXLAN communication in a cloud environment, comprising:
presetting a network type connected with a virtual machine network card; wherein the network type comprises VLAN or VXLAN;
when the network type connected with the virtual machine network card is VLAN, the distributed service network virtual switch encapsulates a VLAN message into a VLAN label and then forwards the VLAN label to a service network physical switch, so that the service network physical switch forwards the encapsulated message to a remote server;
when the network type connected with the virtual machine network card is VXLAN, the distributed service network virtual switch performs open virtual switch OVS flow control, guides VXLAN messages to the distributed VXLAN processing switch, and determines to forward the VXLAN messages to the service network physical switch or to other local virtual machines after the VXLAN messages are processed by the distributed VXLAN processing switch, so that the service network physical switch forwards the encapsulated messages to a remote server.
2. The method of claim 1, wherein after presetting the network type of the virtual machine network card connection, the method further comprises:
when the virtual machine network card is configured to be a VLAN, the controller transmits VLAN configuration information to a network proxy, the network proxy accesses the network card of the virtual machine into the distributed service network virtual switch, and a port of the distributed service network virtual switch is configured to be VLAN package;
when the virtual machine network card is configured to be VXLAN, the controller sends VXLAN configuration information to the network agent; and the network agent accesses a virtual machine network card into a distributed service network virtual switch, establishes a flow guide rule and configures a port of the distributed VXLAN processing switch for VXLAN encapsulation.
3. The method of claim 1, wherein when the distributed VXLAN processing switch processes a VXLAN message, the method specifically comprises:
judging whether the destination MAC address of the VXLAN message exists locally:
if yes, directly forwarding to a local target virtual machine; and if the VXLAN message does not exist, adding a VXLAN label to the VXLAN message, and forwarding the VXLAN message to the physical switch of the service network.
4. The method of claim 3, wherein when the destination address of the VXLAN message is determined not to be local, learning the destination MAC address via a virtual network card; and after learning, sending the VXLAN message to the destination MAC address through the physical switch of the service network.
5. The method of claim 1, wherein the VXLAN message is transmitted through the distributed VXLAN processing switch by establishing a linux path pair when the distributed service network virtual switch directs the VXLAN message to the distributed VXLAN processing switch.
6. A system for sharing VLAN and VXLAN communications in a cloud environment, comprising:
the controller is used for presetting the network type connected with the network card of the virtual machine; wherein the network type comprises VLAN or VXLAN;
the distributed service network virtual switch is used for packaging a VLAN message into a VLAN label and then forwarding the VLAN label to a service network physical switch when the network type of the virtual machine is VLAN; and when the network type of the virtual machine is VXLAN, performing open virtual switching OVS flow control, and guiding the VXLAN message to a distributed VXLAN processing switch;
the distributed VXLAN processing switch is used for determining to forward the VXLAN message to the service network physical switch or to other local virtual machines after processing the VXLAN message;
and the service network physical switch forwards the packet encapsulated by the distributed service network virtual switch and the distributed VXLAN processing switch to a remote server.
7. The system of claim 6, wherein the system further comprises a network agent; the controller is further configured to send VLAN configuration information to the network proxy when the virtual machine network card is configured as a VLAN; the network agent is used for accessing a network card of the virtual machine into the distributed service network virtual switch and configuring a port of the distributed service network virtual switch as VLAN encapsulation;
the controller is further configured to send VXLAN configuration information to the network agent when the virtual machine network card is configured as VXLAN; and the network agent accesses a virtual machine network card into a distributed service network virtual switch, establishes a flow guide rule and configures a port of the distributed VXLAN processing switch for VXLAN encapsulation.
8. The system of claim 6, wherein the distributed VXLAN processing switch is to:
judging whether the destination MAC address of the VXLAN message exists locally:
if yes, directly forwarding to a local target virtual machine; and if the VXLAN message does not exist, adding a VXLAN label to the VXLAN message, and forwarding the VXLAN message to the physical switch of the service network.
9. The system of claim 8, wherein the distributed VXLAN processing switch processes learning a destination MAC address through a virtual network card when determining that the destination address of the VXLAN message is not local; and after learning, sending the VXLAN message to the destination MAC address.
10. The system of claim 6, wherein the distributed services network virtual switch passes VXLAN messages through to a distributed VXLAN processing switch by establishing a linux path pair when the VXLAN messages are directed to the distributed VXLAN processing switch.
CN201710201366.9A 2017-03-30 2017-03-30 Method and system for sharing VLAN (virtual local area network) and VXLAN (virtual extensible local area network) communication in cloud environment Expired - Fee Related CN107018058B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201710201366.9A CN107018058B (en) 2017-03-30 2017-03-30 Method and system for sharing VLAN (virtual local area network) and VXLAN (virtual extensible local area network) communication in cloud environment

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201710201366.9A CN107018058B (en) 2017-03-30 2017-03-30 Method and system for sharing VLAN (virtual local area network) and VXLAN (virtual extensible local area network) communication in cloud environment

Publications (2)

Publication Number Publication Date
CN107018058A CN107018058A (en) 2017-08-04
CN107018058B true CN107018058B (en) 2020-04-21

Family

ID=59445542

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201710201366.9A Expired - Fee Related CN107018058B (en) 2017-03-30 2017-03-30 Method and system for sharing VLAN (virtual local area network) and VXLAN (virtual extensible local area network) communication in cloud environment

Country Status (1)

Country Link
CN (1) CN107018058B (en)

Families Citing this family (11)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN107911313A (en) * 2017-11-15 2018-04-13 北京易讯通信息技术股份有限公司 A kind of method that virtual machine port flow moves outside in private clound
CN108337192B (en) * 2017-12-28 2021-02-23 华为技术有限公司 Message communication method and device in cloud data center
US10476699B2 (en) 2018-01-31 2019-11-12 Hewlett Packard Enterprise Development Lp VLAN to VXLAN translation using VLAN-aware virtual machines
CN108900441B (en) * 2018-07-04 2021-01-15 联想(北京)有限公司 Network switching method, first electronic device and readable storage medium
CN110838964B (en) * 2018-08-16 2022-08-09 上海仪电(集团)有限公司中央研究院 Network docking system for virtual network and physical network
CN109981613B (en) * 2019-03-11 2021-10-22 北京启明星辰信息安全技术有限公司 Flow detection method for cloud environment and resource pool system
CN111556136B (en) * 2020-04-26 2022-08-30 全球能源互联网研究院有限公司 Data interaction method between internal containers of power edge Internet of things agent
CN113783910B (en) * 2020-06-09 2024-02-13 阿里巴巴集团控股有限公司 Data forwarding method, device and system
CN111800329B (en) * 2020-06-28 2022-01-21 浪潮思科网络科技有限公司 Message forwarding method, device and medium based on SDN and OVN
CN112671578B (en) * 2020-12-23 2022-06-03 北京浪潮数据技术有限公司 SRIOV virtual network configuration method and related device
CN112953858A (en) * 2021-03-05 2021-06-11 网宿科技股份有限公司 Message transmission method in virtual network, electronic device and storage medium

Citations (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US9509600B1 (en) * 2013-08-06 2016-11-29 F5 Networks, Inc. Methods for providing per-connection routing in a virtual environment and devices thereof

Family Cites Families (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102970204B (en) * 2012-10-24 2017-09-01 曙光信息产业(北京)有限公司 A kind of distribution switch system and its implementation based on xen virtual platforms
CN105306335B (en) * 2015-11-11 2019-10-22 杭州数梦工场科技有限公司 The retransmission method and device of message
CN106230749B (en) * 2016-08-30 2019-07-23 锐捷网络股份有限公司 A kind of method to E-Packet in virtual expansible local area network and convergence switch

Patent Citations (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US9509600B1 (en) * 2013-08-06 2016-11-29 F5 Networks, Inc. Methods for providing per-connection routing in a virtual environment and devices thereof

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
Renzo Davoli;Michael Goldweber.VXVDE: A Switch-Free VXLAN Replacement.《2015 IEEE Globecom Workshops (GC Wkshps)》.2015, *

Also Published As

Publication number Publication date
CN107018058A (en) 2017-08-04

Similar Documents

Publication Publication Date Title
CN107018058B (en) Method and system for sharing VLAN (virtual local area network) and VXLAN (virtual extensible local area network) communication in cloud environment
CN109660443B (en) SDN-based physical device and virtual network communication method and system
CN115699698B (en) Loop prevention in virtual L2 networks
EP4183121B1 (en) Systems and methods for a vlan switching and routing service
US10476699B2 (en) VLAN to VXLAN translation using VLAN-aware virtual machines
US10374972B2 (en) Virtual flow network in a cloud environment
CN107276783B (en) Method, device and system for realizing unified management and intercommunication of virtual machines
EP2776925B1 (en) Dynamic policy based interface configuration for virtualized environments
US9178828B2 (en) Architecture for agentless service insertion
US8964600B2 (en) Methods of forming virtual network overlays
US11909636B2 (en) Layer-2 networking using access control lists in a virtualized cloud environment
EP3327994B1 (en) Virtual network management
WO2019036381A1 (en) Managing network connectivity between cloud computing service endpoints and virtual machines
EP2987282A1 (en) Virtual machine migration
CN107809365B (en) Implementation method for providing VPN service based on OpenStack architecture
WO2016107594A1 (en) Accessing external network from virtual network
CN110311860B (en) Multilink load balancing method and device under VXLAN
US9590855B2 (en) Configuration of transparent interconnection of lots of links (TRILL) protocol enabled device ports in edge virtual bridging (EVB) networks
CN113746717B (en) Network equipment communication method and network equipment communication device
WO2021077995A1 (en) Method for network slices to share uplink port, apparatus, and storage medium
US20240031282A1 (en) Layer-2 networking span port in a virtualized cloud environment
US20240121186A1 (en) Layer-2 networking using access control lists in a virtualized cloud environment
CN108123865B (en) Message processing method and device
CN112671811B (en) Network access method and equipment
CN113709016B (en) Communication system, communication method, communication apparatus, communication device, and storage medium

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant
CF01 Termination of patent right due to non-payment of annual fee

Granted publication date: 20200421

Termination date: 20210330

CF01 Termination of patent right due to non-payment of annual fee