CN110875889B - Method and device for acquiring path - Google Patents

Method and device for acquiring path Download PDF

Info

Publication number
CN110875889B
CN110875889B CN201811023389.6A CN201811023389A CN110875889B CN 110875889 B CN110875889 B CN 110875889B CN 201811023389 A CN201811023389 A CN 201811023389A CN 110875889 B CN110875889 B CN 110875889B
Authority
CN
China
Prior art keywords
path
cloud
switch
network
session
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN201811023389.6A
Other languages
Chinese (zh)
Other versions
CN110875889A (en
Inventor
杨刚
温曙光
程刚
赵巍
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Alibaba Group Holding Ltd
Original Assignee
Alibaba Group Holding Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Alibaba Group Holding Ltd filed Critical Alibaba Group Holding Ltd
Priority to CN201811023389.6A priority Critical patent/CN110875889B/en
Publication of CN110875889A publication Critical patent/CN110875889A/en
Application granted granted Critical
Publication of CN110875889B publication Critical patent/CN110875889B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L49/00Packet switching elements
    • H04L49/25Routing or path finding in a switch fabric
    • H04L49/252Store and forward routing
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L45/00Routing or path finding of packets in data switching networks
    • H04L45/66Layer 2 routing, e.g. in Ethernet based MAN's
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L49/00Packet switching elements
    • H04L49/35Switches specially adapted for specific applications
    • H04L49/354Switches specially adapted for specific applications for supporting virtual local area networks [VLAN]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/10Protocols in which an application is distributed across nodes in the network
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/14Session management

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)

Abstract

The application discloses a method and a device for acquiring a path, which are characterized by comprising the following steps: when a first cloud network receives a data request from a second cloud network, a first path corresponding to the request from the second switch corresponding to the second cloud network to the first switch is obtained from the first switch corresponding to the first cloud network. By the method and the device, the first path on the first switch on the first cloud network can be obtained only when the data request is received, the hardware cost is reduced, and the operation amount is reduced.

Description

Method and device for acquiring path
Technical Field
The present application relates to the field of communications technologies, and in particular, to a method and an apparatus for acquiring a path.
Background
With the rise of the hybrid cloud architecture, an enterprise generally stores sensitive data in a private cloud inside the enterprise by putting resources on a public cloud and the private cloud at the same time so as to ensure data security; and other resources are placed on the public cloud to provide services for the customers. Under such a hybrid architecture, path planning is usually performed in a Software Defined Network (SDN) manner.
The SDN converts a forwarding process originally controlled by a Switch/router completely into a forwarding process jointly completed by an SDN Switch (SDN Switch) and a controller (controller) through an Open Flow (OF) technology, so as to implement separation OF data forwarding and routing control. Due to the separation of data forwarding and routing control, the SDN switch forwarding table can be configured by the controller, and thus dynamic updating can be achieved.
In this context, when a user in a private cloud desires to access data on a public cloud, an SDN controller needs to determine an access path for the user to reach the public cloud, and different adaptation modules may be generally set for switches of different vendors on the public cloud, and the adaptation modules continuously acquire the path on the switch to implement this function. That is, in the prior art, in order to obtain an access path from a user to a public cloud, hardware cost and software operation cost need to be increased. Therefore, there is a need in the art for a method for obtaining an access path from a user to a public cloud, which can reduce software operations without increasing hardware costs.
Disclosure of Invention
The exemplary embodiments of the present application provide a method for acquiring a path and a device thereof, which are used for solving the problem of learning a path on a switch on a public cloud.
An exemplary embodiment of the present application provides a method for obtaining a path, the method including, when a first cloud network receives a data request from a second cloud network, obtaining, from a first switch corresponding to the first cloud network, a first path corresponding to the request, which reaches the first switch from a second switch corresponding to the second cloud network.
Another exemplary embodiment of the present application provides a computer readable storage medium having stored thereon computer instructions, which when executed, implement the foregoing steps.
Another exemplary embodiment of the present application provides an apparatus for acquiring a path, the apparatus including: a processor; and a memory arranged to store computer executable instructions that, when executed, cause the processor to: when the first cloud network receives a data request from the second cloud network, a first path corresponding to the request and from the second switch corresponding to the second cloud network to the first switch is acquired from the first switch corresponding to the first cloud network.
Another exemplary embodiment of the present application provides a method for an SDN controller to acquire a path from a private cloud to a public cloud, the method comprising: when a user of a private cloud sends an access request for a public cloud, determining a first path from the user to a private cloud switch; receiving a session from the private cloud switch and determining a second path from the private cloud switch to the public cloud switch according to the session; distributing a Virtual Private Cloud (VPC) corresponding to a user in a public cloud and acquiring a third path from the VPC to a public cloud switch; and acquiring a path for the user of the private cloud to access the public cloud according to the first path, the second path and the third path.
Another exemplary embodiment of the present application provides a hybrid cloud system, comprising: the system comprises a public cloud server, a public cloud switch, a private cloud server, a private cloud switch and a path acquisition device, wherein the private cloud server receives an access request of a user from the private cloud server for the public cloud server, determines the private cloud switch corresponding to the user, forwards the access request to the private cloud switch and sends first information comprising a first path from the user to the private cloud switch to the path acquisition device; the private cloud switch receives the access request forwarded by the private cloud server and sends the session comprising the access request to the public cloud switch; the public cloud switch receives the session from the private cloud switch, determines a second path from the private cloud switch to the public cloud switch according to the session, and sends second information comprising the second path to the path acquisition device; the public cloud server is used for distributing the virtual private cloud VPC corresponding to the user, acquiring a third path from the VPC to the public cloud switch and sending third information comprising the third path to the path acquisition device; and the path acquisition device is used for receiving the first information, the second information and the third information and acquiring a path of a user of the private cloud accessing the public cloud server according to the first information, the second information and the third information.
The at least one technical scheme adopted by the embodiment of the application can acquire the first path on the first switch on the first cloud network only when the data request is received, so that the hardware cost is reduced, and the calculation amount is reduced.
Drawings
The accompanying drawings, which are included to provide a further understanding of the application and are incorporated in and constitute a part of this application, illustrate embodiment(s) of the application and together with the description serve to explain the application and not to limit the application. In the drawings:
figure 1 is a schematic diagram illustrating an exemplary SDN;
FIG. 2 is a schematic diagram illustrating a hybrid cloud architecture according to an exemplary embodiment of the present application;
figure 3 is a diagram illustrating an SDN based acquisition path according to an exemplary embodiment of the present application;
figure 4 is a diagram illustrating an SDN based acquisition path according to an example embodiment of the present application;
FIG. 5 is a flowchart illustrating a method for obtaining a path according to an exemplary embodiment of the present application;
fig. 6 is a block diagram illustrating an apparatus for acquiring a path according to an exemplary embodiment of the present application.
Detailed Description
To make the objects, technical solutions and advantages of the present application more clear, the technical solutions of the present application will be clearly and completely described below with reference to specific embodiments of the present application and the accompanying drawings. It should be apparent that the described embodiments are only a few embodiments of the present application, and not all embodiments. All other embodiments obtained by a person of ordinary skill in the art based on the embodiments in the present application without making any creative effort belong to the protection scope of the present application.
A communication network may include a system of hardware, software, protocols, and transport components that collectively allow individual devices to communicate, share data, and access resources (e.g., software applications). More specifically, a computer network may be a geographically distributed collection of nodes interconnected by communication links and segments that transport data between end nodes, such as personal computers and workstations. Many types of networks are available, ranging in type from Local Area Networks (LANs) and Wide Area Networks (WANs) to overlay and software defined networks (e.g., virtual extensible local area networks (VXLANs)) as well as virtual networks (e.g., Virtual Local Area Networks (VLANs)) and Virtual Private Networks (VPNs).
LANs typically connect nodes over dedicated private communications links located in the same general physical location, such as a building or campus. WANs, on the other hand, may connect geographically dispersed nodes over long-distance communication links (e.g., common carrier telephone lines, optical lightpaths, Synchronous Optical Networks (SONET), or Synchronous Digital Hierarchy (SDH) links). LANs and WANs may include layer 2(L2) and/or layer 3(L3) networks and devices.
The internet is an example of a WAN that connects disparate networks throughout the world, providing global communication between nodes on various networks. The nodes communicate over the network by exchanging discrete frames or data packets according to predefined protocols, such as the transmission control protocol/internet protocol (TCP/IP). In this context, a protocol may specify a set of rules defining how nodes interact with each other. Computer networks may be further interconnected by intermediate network nodes (e.g., routers, switches, hubs, or access points) that may effectively extend the size or footprint of the network.
The network may be partitioned into sub-networks to provide a hierarchical, multi-level routing structure. For example, subnet addressing may be used to partition a network into VLAN subnetworks to create segments. In this way, the network may assign various groups of IP addresses to particular segments and divide the network into multiple logical networks. In a hybrid cloud environment, different subnets may be assigned to different portions of the hybrid cloud environment. For example, one or more VLAN subnetworks may be assigned to a private cloud network of a hybrid cloud environment and a public cloud network of the hybrid cloud environment based on security permissions associated with the one or more VLAN subnetworks.
Other networks, such as virtual networks (e.g., VLANs), are also available. For example, one or more local area networks may be logically segmented to form VLANs and allow a group of machines to communicate as if in the same physical network, regardless of their actual physical locations. Thus, machines located on different physical local area networks may communicate as if they were located on the same physical local area network. As understood by those skilled in the art, interconnections between networks and devices may also be created using routers and tunnels, such as VPN tunnels. In a hybrid cloud computing environment, such tunnels may include encryption and/or firewalls at either end thereof to act as gatekeepers for data sent between a private Data Center (DC)/private cloud network and a public cloud network (e.g., a cloud network provided by a business entity).
The various networks may include various hardware or software devices or nodes to support data communications, security, and provide services. For example, the network may include routers, hubs, switches, APs (access points), firewalls, repeaters, intrusion detectors, servers, VMs, load balancers, Application Delivery Controllers (ADCs), and other hardware or software devices. These
A device may be distributed or deployed over one or more physical, overlay, or logical networks. Further, the devices may be deployed as clusters that may be formed using layer 2(L2) and layer 3(L3) technologies. Clusters can provide high availability, redundancy, and load balancing for flows associated with a particular device or node. A flow may contain packets with the same source and destination information. Thus, packets originating from device a to serving node B may all be part of the same flow.
The devices or nodes and clusters may be implemented in a cloud deployment. Cloud deployments may be provided in one or more networks to leverage computing services using shared resources. Cloud computing may generally include internet-based computing, where computing resources are dynamically provisioned and allocated on-demand to customer or user computers or other devices from a set of available resources via a network (e.g., a "cloud"). For example, cloud computing resources may include any type of resource (e.g., computing, storage, network devices, applications, Virtual Machines (VMs), services, etc.). For example, resources may include service devices (firewalls, deep packet detectors, traffic monitors, load balancers, etc.), computing/processing devices (servers, CPUs, memory, brute force processing capabilities), storage devices (e.g., network attached storage, storage area network devices), and so forth. Further, these resources may be used to support virtual networks, Virtual Machines (VMs), databases, applications (applications), and the like. Additionally, the services may include various types of services, such as monitoring services, management services, communication services, data services, bandwidth services, routing services, configuration services, wireless services, fabric services, and so forth.
The cloud controller and/or other cloud devices may be configured for cloud management. These devices may be preconfigured (i.e., "out of box") with centralized management, layer 7 (L7) device and application visibility, real-time Web-based diagnostics, monitoring, reporting, management, etc. As such, in some embodiments, the cloud may provide centralized management, visibility, monitoring, diagnostics, reporting, configuration (e.g., wireless, network, appliance, or protocol configuration), traffic distribution or redistribution, backup, disaster recovery, control, and any other services. In some cases, this can be done without the high cost and complexity of a specific device or overlay management software.
A hybrid cloud may refer to a cloud network architecture consisting of two or more cloud networks that communicate and/or share data. A hybrid cloud may be an interaction between a private cloud and a public cloud, where the private cloud connects to and utilizes public cloud resources in a secure and extensible manner. The hybrid cloud model may provide advantages over other cloud models. For example, the hybrid cloud model allows an enterprise to protect its existing assets, maintain control over sensitive data and applications, and maintain control over its network, processing, and storage resources. Further, hybrid clouds may allow enterprises to expand their environment as their demand for processing resources and storage increases or decreases. This upward or downward expansion may occur with minimal or no impact on existing physical network resources (e.g., on-site physical servers).
Fig. 1 is a schematic diagram illustrating an exemplary SDN 100. SDN 100 may include an SDN controller 102, a plurality of SDN switches 104, and a plurality of terminals 106. The control path is represented by a dashed line and the data path by a solid line. System configuration, management information, and routing table information may be interchanged between SDN controller 102 and SDN switch 104 via a control path. Data packets are forwarded between SDN switches 104 via data paths. SDN controller 102 may be a general purpose SDN controller for controlling SDN switch 104. SDN controller 102 may be used to perform control path or control plane functions such as mapping network images and defining information in routing tables that define what to do with incoming message packets.
SDN controller 102 may be used for management and control functions of the control plane, which may include routing and resource management. SDN switch 104 may be any device that receives and transmits data over network 100 according to a standard.
SDN controller 102 may receive messages from and transmit messages to SDN switch 104. Some of the incoming messages or portions of the incoming messages may be converted to a standard-independent format for processing by some modules in SDN controller 102. The standard-independent format may be based on an abstract network control data model that provides abstraction of attributes or features of various standard formats. Generic SDN controller 102 may interact with SDN switch 104 via any of a number of protocols. SDN controller 102 may determine a global network topology of network 100. Using global network topology, state information, dynamic traffic flow/capacity information, and other network state information, SDN controller 102 may make decisions on how to allocate resources and route different application/information flows through network 100.
In exemplary embodiments of the present application, an SDN controller may be utilized to enable interworking between public cloud and private cloud resources. A hybrid cloud architecture according to an exemplary embodiment of the present application will be specifically described below with reference to fig. 2.
Fig. 2 is a schematic diagram illustrating a hybrid cloud architecture according to an exemplary embodiment of the present application. As shown in fig. 2, the public cloud 200A and the private cloud 200B route interworking under the control of the SDN controller 210.
When a user in the Private Cloud 200B desires to access data in the public Cloud 200A, a data request sent by the user is routed to the switch 240, and a Virtual Private Cloud (VPC) 220 in the public Cloud is allocated to the user at the same time, where the VPC is a Cloud operating on the public Cloud and isolating part of resources on the public Cloud for each user.
At this point, the SDN controller may obtain from VPC 220 a path to VPC 220 by the user and a path to router 240 by the user. In this regard, the SDN controller should also obtain a path between the switch 230 and the switch 240, based on which the SDN controller may learn the path from the user to the switch 230, so that the user within the private cloud may access the public cloud 200A.
A diagram of an SDN-based acquisition path according to an exemplary embodiment of the present application will be explained below in conjunction with fig. 3 and 4.
As shown in fig. 3, in the case where the user 1, the user 2, and the user 3 make access requests, the virtual private clouds VPC 1, VPC 2, and VPC 3 corresponding to the user 1, the user 2, and the user 3, respectively, may be allocated in the public cloud and a path from the user to the private cloud switch may be obtained, and thus, a path processing module within the SDN controller only needs to obtain a path between the public cloud switch and the private cloud switch, and it should be noted that, although a path is obtained by a path processing module within the SDN controller in fig. 3, those skilled in the art should understand that steps performed by the path processing module may be performed by the SDN controller instead of the module necessarily existing in the SDN controller. As shown in fig. 3, switch 1 and switch 2 may send a border gateway protocol session (BGP session) to a path processing module within the SDN controller when a user issues a data request, the session including a path from a private cloud switch to a public cloud switch.
The path processing module can determine the corresponding relation between the public cloud switch and the user through the obtained path, so as to generate a path for issuing data. In the implementation process, the path processing module can establish connection with the public cloud switch through the IPv4BGP protocol, so that the route change of the switch can be quickly detected when the route of the switch changes.
It should be noted that in fig. 3, the BGP sessions issued correspond to the subscribers, that is, the number of requests issued by the subscribers corresponds to the number of BGP sessions sent to the path processing module. Thus, the SDN controller may obtain an access path for the user to the public cloud.
A diagram of an SDN controller based acquisition path according to an exemplary embodiment of the present application will be described below in conjunction with fig. 4.
As shown in fig. 4, a path processing module in the SDN controller may establish a connection with a public cloud switch through a multiprotocol bgp (MPBGP) and receive an MPBGP session sent from the public cloud switch, and it can be seen that each MPBGP may correspond to the public cloud switch.
The MPBGP protocol can convert BGP messages sent by the switch into friendly plain text or plain JSON, and the route change can be known only by monitoring the switch. In order to enable the public cloud switch to transmit the MPBGP session that satisfies the MPBGP protocol, it is necessary to set identification information in advance for the virtual private clouds on the public cloud switch, that is, a plurality of virtual private clouds corresponding to the public cloud switch have different identification information, so that different users are represented by the identification information only in the transmitted MPBGP session.
Having shown a scenario diagram of an SDN controller acquiring a path according to an exemplary embodiment of the present application, a flowchart of a method for acquiring a path according to an exemplary embodiment of the present application will be described in detail below.
Fig. 5 is a flowchart illustrating a method for acquiring a path according to an exemplary embodiment of the present application.
As shown in fig. 5, in step S510, when the first cloud network receives a data request from the second cloud network, a first path corresponding to the request is acquired from a first switch corresponding to the first cloud network to the first switch from the second switch corresponding to the second cloud network. Wherein the first cloud network may indicate a public cloud and the second cloud network may indicate a private cloud.
Subsequently, a second path for the vpn cloud to reach a second switch in a second cloud network may be determined after determining that the data request is in the vpn cloud in the first cloud network and by obtaining the path on the vpn cloud.
As such, the SDN controller may determine a path from the first path and the second path for the second cloud network to reach the first cloud network.
It should be noted that step S510 may include detecting a path change generated on the first switch based on a data request from the second cloud network when the first cloud network receives the data request; in response to the detected path change, a first path is obtained from the first switch. That is, the first switch may acquire and report a path to the SDN controller if and only if the path on the first switch changes.
The reporting of the path to the SDN controller may be divided into two ways, one is corresponding to a user who sends a data request, that is, as long as a user from a private cloud accesses a public cloud, the generated path may be sent to the SDN controller in the form of a BGP session, and the other is corresponding to a public cloud switch, that is, an MPBGP session about a path change sent to the SDN controller is in units of a public cloud switch, and a path generated by a virtual private cloud belonging to the same public cloud switch may be sent to the SDN controller through the same MPBGP session. While different users may be identified in an MPBGP session using the identification information.
According to an exemplary embodiment of the present application, there is provided a method for an SDN controller to acquire a path from a private cloud to a public cloud, the method comprising: when a user of a private cloud sends an access request aiming at a public cloud, a first path from the user to a private cloud switch is determined; receiving a session from the private cloud switch and determining a second path from the private cloud switch to the public cloud switch according to the session; distributing a Virtual Private Cloud (VPC) corresponding to a user in the public cloud and acquiring a third path from the VPC to a public cloud switch; and acquiring a path for the user of the private cloud to access the public cloud according to the first path, the second path and the third path.
Optionally, the session is a border gateway protocol session corresponding to the user.
Optionally, the session is a multi-protocol border network protocol session corresponding to a public cloud switch.
According to an exemplary embodiment of the present application, there is provided a hybrid cloud system, the system including: the system comprises a public cloud server, a public cloud switch, a private cloud server, a private cloud switch and a path acquisition device, wherein the private cloud server receives an access request of a user from the private cloud server for the public cloud server, determines the private cloud switch corresponding to the user, forwards the access request to the private cloud switch and sends first information comprising a first path from the user to the private cloud switch to the path acquisition device; the private cloud switch receives the access request forwarded by the private cloud server and sends the session comprising the access request to the public cloud switch; the public cloud switch receives the session from the private cloud switch, determines a second path from the private cloud switch to the public cloud switch according to the session, and sends second information comprising the second path to the path acquisition device; the public cloud server is used for distributing the virtual private cloud VPC corresponding to the user, acquiring a third path from the VPC to the public cloud switch and sending third information comprising the third path to the path acquisition device; and the path acquisition device receives the first information, the second information and the third information and acquires a path for the user of the private cloud to access the public cloud server according to the first information, the second information and the third information.
In summary, according to the method for acquiring a path in accordance with the exemplary embodiment of the present application, the first path between the first switch and the second switch is acquired after the data request is received, so that a routing path is prevented from being continuously acquired in a polling manner, the amount of computation is reduced, an adapter device for the switch does not need to be added, and manpower and material resources are reduced. Further, a user within the private cloud may access the public cloud by determining a path from the private cloud to the public cloud upon learning the first path. Further, by generating one communication session for the same switch, data traffic is reduced and operation speed is increased.
In order to more clearly understand the inventive concept of the exemplary embodiment of the present application, a block diagram of a test server for an application program of the exemplary embodiment of the present application will be described below with reference to fig. 6. Those of ordinary skill in the art will understand that: the apparatus for acquiring a path in fig. 6 shows only components related to the present exemplary embodiment, and general components other than those shown in fig. 6 are also included in the apparatus for acquiring a path.
Fig. 6 shows a block diagram of an apparatus for acquiring a path of an exemplary embodiment of the present application. It should be noted that the means for acquiring a path may be a path processing module in the SDN controller as shown in fig. 3 and 4, an SDN controller, or a server where the SDN controller is located. Referring to fig. 6, the apparatus includes, at a hardware level, a processor, an internal bus, and a computer-readable storage medium, wherein the computer-readable storage medium includes a volatile memory and a non-volatile memory. The processor reads the corresponding computer program from the non-volatile memory and then runs it. Of course, besides the software implementation, the present application does not exclude other implementations, such as logic devices or a combination of software and hardware, and the like, that is, the execution subject of the following processing flow is not limited to each logic unit, and may also be hardware or logic devices.
Specifically, the processor performs the following operations: when the first cloud network receives a data request from the second cloud network, a first path corresponding to the request and from the second switch corresponding to the second cloud network to the first switch is acquired from the first switch corresponding to the first cloud network.
Optionally, the processor further performs the following: determining a virtual private cloud of the data request in a first cloud network; and determining a second path of the virtual private cloud to a second switch in a second cloud network by acquiring the path on the virtual private cloud.
Optionally, the processor further performs the following: and determining a path from the second cloud network to the first cloud network according to the first path and the second path.
Optionally, the processor, when executing the step, when the first cloud network receives a data request from the second cloud network, acquiring, from a first switch corresponding to the first cloud network, a first path from a second switch corresponding to the second cloud network to the first switch includes: when a first cloud network receives a data request from a second cloud network, detecting a path change generated on a first switch based on the data request; in response to the detected path change, a first path is obtained from the first switch.
Optionally, the processor in performing the step of obtaining the first path from the first switch includes: the first switch generating a border network protocol session based on the detected path change, wherein the border network protocol session corresponds to a data request; and acquiring a first path through the border network protocol session.
Optionally, the processor in performing the step of obtaining the first path from the first switch includes: the first switch generates a multi-protocol border network protocol session based on the detected path change, wherein the multi-protocol border network protocol session corresponds to the first switch; a first path is obtained through a multi-protocol border network protocol session.
Optionally, different paths corresponding to different user requests are identified in the multi-protocol border network protocol session by using identification information.
In summary, the apparatus for acquiring a path according to the exemplary embodiment of the present application acquires the first path between the first switch and the second switch after receiving the data request, thereby avoiding acquiring the routing path continuously in a polling manner, reducing the amount of computation, and reducing manpower and material resources without increasing an adapter device for the switches. Further, a user within the private cloud may access the public cloud by determining a path from the private cloud to the public cloud upon learning the first path. Further, by generating one communication session for the same switch, data traffic is reduced and operation speed is increased.
It should be noted that the execution subjects of the steps of the method provided in embodiment 1 may be the same device, or different devices may be used as the execution subjects of the method. For example, the execution subject of steps 21 and 22 may be device 1, and the execution subject of step 23 may be device 2; for another example, the execution subject of step 21 may be device 1, and the execution subjects of steps 22 and 23 may be device 2; and so on.
As will be appreciated by one skilled in the art, embodiments of the present invention may be provided as a method, system, or computer program product. Accordingly, the present invention may take the form of an entirely hardware embodiment, an entirely software embodiment or an embodiment combining software and hardware aspects. Furthermore, the present invention may take the form of a computer program product embodied on one or more computer-usable storage media (including, but not limited to, disk storage, CD-ROM, optical storage, and the like) having computer-usable program code embodied therein.
The present invention is described with reference to flowchart illustrations and/or block diagrams of methods, apparatus (systems), and computer program products according to embodiments of the invention. It will be understood that each flow and/or block of the flowchart illustrations and/or block diagrams, and combinations of flows and/or blocks in the flowchart illustrations and/or block diagrams, can be implemented by computer program instructions. These computer program instructions may be provided to a processor of a general purpose computer, special purpose computer, embedded processor, or other programmable data processing apparatus to produce a machine, such that the instructions, which execute via the processor of the computer or other programmable data processing apparatus, create means for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.
These computer program instructions may also be stored in a computer-readable memory that can direct a computer or other programmable data processing apparatus to function in a particular manner, such that the instructions stored in the computer-readable memory produce an article of manufacture including instruction means which implement the function specified in the flowchart flow or flows and/or block diagram block or blocks.
These computer program instructions may also be loaded onto a computer or other programmable data processing apparatus to cause a series of operational steps to be performed on the computer or other programmable apparatus to produce a computer implemented process such that the instructions which execute on the computer or other programmable apparatus provide steps for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.
In a typical configuration, a computing device includes one or more processors (CPUs), input/output interfaces, network interfaces, and memory.
The memory may include forms of volatile memory in a computer readable medium, Random Access Memory (RAM) and/or non-volatile memory, such as Read Only Memory (ROM) or flash memory (flash RAM). Memory is an example of a computer-readable medium.
Computer-readable media, including both non-transitory and non-transitory, removable and non-removable media, may implement information storage by any method or technology. The information may be computer readable instructions, data structures, modules of a program, or other data. Examples of computer storage media include, but are not limited to, phase change memory (PRAM), Static Random Access Memory (SRAM), Dynamic Random Access Memory (DRAM), other types of Random Access Memory (RAM), Read Only Memory (ROM), Electrically Erasable Programmable Read Only Memory (EEPROM), flash memory or other memory technology, compact disc read only memory (CD-ROM), Digital Versatile Discs (DVD) or other optical storage, magnetic cassettes, magnetic tape magnetic disk storage or other magnetic storage devices, or any other non-transmission medium that can be used to store information that can be accessed by a computing device. As defined herein, a computer readable medium does not include a transitory computer readable medium such as a modulated data signal and a carrier wave.
It should also be noted that the terms "comprises," "comprising," or any other variation thereof, are intended to cover a non-exclusive inclusion, such that a process, method, article, or apparatus that comprises a list of elements does not include only those elements but may include other elements not expressly listed or inherent to such process, method, article, or apparatus. Without further limitation, an element defined by the phrase "comprising an … …" does not exclude the presence of other like elements in a process, method, article, or apparatus that comprises the element.
As will be appreciated by one skilled in the art, embodiments of the present application may be provided as a method, system, or computer program product. Accordingly, the present application may take the form of an entirely hardware embodiment, an entirely software embodiment or an embodiment combining software and hardware aspects. Furthermore, the present application may take the form of a computer program product embodied on one or more computer-usable storage media (including, but not limited to, disk storage, CD-ROM, optical storage, and the like) having computer-usable program code embodied therein.
The above description is only an example of the present application and is not intended to limit the present application. Various modifications and changes may occur to those skilled in the art. Any modification, equivalent replacement, improvement, etc. made within the spirit and principle of the present application should be included in the scope of the claims of the present application.

Claims (15)

1. A method for acquiring a path, the method being applied to a Software Defined Network (SDN) controller, the method comprising:
when a first cloud network receives a data request from a second cloud network, acquiring a first path corresponding to the request from a second switch corresponding to the second cloud network to the first switch from the first switch corresponding to the first cloud network, wherein the first cloud network is a public cloud network, the second cloud network is a private cloud network, and acquiring the first path from the first switch comprises: acquiring the first path through a border network protocol session; or acquiring a first path through a multi-protocol border network protocol session;
determining a virtual private cloud of the data request in a first cloud network;
determining a second path for the virtual private cloud to reach a first switch in a first cloud network by acquiring the path on the virtual private cloud;
and determining a path from the second cloud network to the first cloud network according to the first path and the second path.
2. The method of claim 1, wherein obtaining, from a first switch corresponding to the first cloud network, a first path from a second switch corresponding to the second cloud network to the first switch when the first cloud network receives a data request from the second cloud network comprises:
when a first cloud network receives a data request from a second cloud network, detecting a path change generated on a first switch based on the data request;
in response to the detected path change, a first path is obtained from the first switch.
3. The method of claim 2, wherein obtaining the first path from the first switch comprises:
the first switch generating a border network protocol session based on the detected path change, wherein the border network protocol session corresponds to a data request;
and acquiring a first path through the border network protocol session.
4. The method of claim 2, wherein obtaining the first path from the first switch comprises:
the first switch generates a multi-protocol border network protocol session based on the detected path change, wherein the multi-protocol border network protocol session corresponds to the first switch;
a first path is obtained through a multi-protocol border network protocol session.
5. The method of claim 4, wherein different paths corresponding to different user requests are identified in the multi-protocol border network protocol session using identification information.
6. A computer readable storage medium having computer instructions stored thereon that, when executed, implement the method of any of claims 1 to 5.
7. An apparatus for obtaining a path, comprising:
a processor; and
a memory arranged to store computer executable instructions that, when executed, cause the processor to:
when a first cloud network receives a data request from a second cloud network, acquiring a first path corresponding to the request from a second switch corresponding to the second cloud network to the first switch from the first switch corresponding to the first cloud network, wherein the first cloud network is a public cloud network, the second cloud network is a private cloud network, and acquiring the first path from the first switch comprises: acquiring the first path through a border network protocol session; or acquiring a first path through a multi-protocol border network protocol session;
determining a virtual private cloud of the data request in a first cloud network;
determining a second path of the virtual private cloud to a first switch in a first cloud network by acquiring the path on the virtual private cloud;
and determining a path from the second cloud network to the first cloud network according to the first path and the second path.
8. The apparatus of claim 7, wherein the processor, when performing the step of obtaining, from a first switch corresponding to the first cloud network, a first path from a second switch corresponding to the second cloud network to the first switch when the first cloud network receives the data request from the second cloud network, comprises:
when a first cloud network receives a data request from a second cloud network, detecting a path change generated on a first switch based on the data request;
in response to the detected path change, a first path is obtained from the first switch.
9. The apparatus of claim 8, wherein the processor in performing step obtaining the first path from the first switch comprises:
the first switch generating a border network protocol session based on the detected path change, wherein the border network protocol session corresponds to a data request;
and acquiring a first path through the border network protocol session.
10. The apparatus of claim 8, wherein the processor in performing the step of obtaining the first path from the first switch comprises:
the first switch generates a multi-protocol border network protocol session based on the detected path change, wherein the multi-protocol border network protocol session corresponds to the first switch;
a first path is obtained through a multi-protocol border network protocol session.
11. The apparatus of claim 10, wherein identification information is utilized in the multi-protocol border network protocol session to identify different paths for different user requests.
12. A method for an SDN controller to acquire a path from a private cloud to a public cloud, the method comprising:
when a user of a private cloud sends an access request for a public cloud, acquiring a first path from the user to a private cloud switch from the private cloud switch;
obtaining a second path from a public cloud switch, wherein the second path is obtained by: the public cloud switch receives a session from the private cloud switch and determines a second path from the private cloud switch to the public cloud switch according to the session, wherein the session is a border network protocol session or a multi-protocol border network protocol session, and the session comprises the access request;
obtaining a third path from the VPC to the public cloud switch from the public cloud server, wherein the third path is obtained by the following method: the public cloud server allocates a Virtual Private Cloud (VPC) corresponding to the user in the public cloud and acquires a third path from the VPC to a public cloud switch;
and acquiring a path for the user of the private cloud to access the public cloud according to the first path, the second path and the third path.
13. The method of claim 12, wherein the session is a border gateway protocol session corresponding to a user.
14. The method of claim 12, wherein the session is a multi-protocol border network protocol session corresponding to a public cloud switch.
15. A hybrid cloud system, comprising: a public cloud server, a public cloud switch, a private cloud server, a private cloud switch, and a path acquisition device, wherein,
the private cloud server receives an access request of a user from the private cloud server for the public cloud server, determines a private cloud switch corresponding to the user, forwards the access request to the private cloud switch, and sends first information including a first path from the user to the private cloud switch to the path acquisition device;
the private cloud switch receives the access request forwarded by the private cloud server and sends the session comprising the access request to the public cloud switch;
the public cloud switch receives the session from the private cloud switch, determines a second path from the private cloud switch to the public cloud switch according to the session, and sends second information comprising the second path to the path acquisition device, wherein the session is a border network protocol session or a multi-protocol border network protocol session;
the public cloud server is used for distributing the virtual private cloud VPC corresponding to the user, acquiring a third path from the VPC to the public cloud switch and sending third information comprising the third path to the path acquisition device;
and the path acquisition device receives the first information, the second information and the third information and acquires a path for the user of the private cloud to access the public cloud server according to the first information, the second information and the third information.
CN201811023389.6A 2018-09-03 2018-09-03 Method and device for acquiring path Active CN110875889B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201811023389.6A CN110875889B (en) 2018-09-03 2018-09-03 Method and device for acquiring path

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201811023389.6A CN110875889B (en) 2018-09-03 2018-09-03 Method and device for acquiring path

Publications (2)

Publication Number Publication Date
CN110875889A CN110875889A (en) 2020-03-10
CN110875889B true CN110875889B (en) 2022-09-27

Family

ID=69716156

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201811023389.6A Active CN110875889B (en) 2018-09-03 2018-09-03 Method and device for acquiring path

Country Status (1)

Country Link
CN (1) CN110875889B (en)

Families Citing this family (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN111817954B (en) * 2020-06-19 2022-07-26 聚好看科技股份有限公司 Switching method of route reflection mode and network architecture system
CN112134778B (en) * 2020-09-25 2022-10-28 优刻得科技股份有限公司 Dynamic routing method, system, device and medium in hybrid cloud scenario

Citations (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
KR101477012B1 (en) * 2014-05-23 2014-12-29 주식회사 파이오링크 Method, apparatus, system and computer-readable recording medium for sdn switching
TW201603531A (en) * 2014-07-07 2016-01-16 國立清華大學 Network-wide service controller
CN105379227A (en) * 2013-05-07 2016-03-02 环球互连及数据中心公司 A direct connect virtual private interface for a one to many connection with multiple virtual private clouds
CN103152267B (en) * 2013-02-04 2017-02-22 华为技术有限公司 Route managing method and route method and network controller and router
CN107295008A (en) * 2017-08-01 2017-10-24 广东云下汇金科技有限公司 A kind of connection method for building up under enterprise's mixing cloud computing environment
CN107959654A (en) * 2016-10-14 2018-04-24 北京金山云网络技术有限公司 A kind of data transmission method, device and mixing cloud system
CN108141456A (en) * 2015-10-13 2018-06-08 思科技术公司 Mixed cloud secure group

Family Cites Families (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103067416A (en) * 2011-10-18 2013-04-24 华为技术有限公司 Virtual private cloud (VPC) access authentication method and correlation apparatus
US9203784B2 (en) * 2012-04-24 2015-12-01 Cisco Technology, Inc. Distributed virtual switch architecture for a hybrid cloud
CN104283755B (en) * 2013-07-01 2018-10-30 阿里巴巴集团控股有限公司 A kind of virtual private cloud access method and system
US10367655B2 (en) * 2016-01-25 2019-07-30 Alibaba Group Holding Limited Network system and method for connecting a private network with a virtual private network
CN107086966B (en) * 2016-02-16 2021-07-27 阿里巴巴集团控股有限公司 Network load balancing, control and network interaction method and device
CN107948086A (en) * 2016-10-12 2018-04-20 北京金山云网络技术有限公司 A kind of data packet sending method, device and mixed cloud network system

Patent Citations (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103152267B (en) * 2013-02-04 2017-02-22 华为技术有限公司 Route managing method and route method and network controller and router
CN105379227A (en) * 2013-05-07 2016-03-02 环球互连及数据中心公司 A direct connect virtual private interface for a one to many connection with multiple virtual private clouds
KR101477012B1 (en) * 2014-05-23 2014-12-29 주식회사 파이오링크 Method, apparatus, system and computer-readable recording medium for sdn switching
TW201603531A (en) * 2014-07-07 2016-01-16 國立清華大學 Network-wide service controller
CN108141456A (en) * 2015-10-13 2018-06-08 思科技术公司 Mixed cloud secure group
CN107959654A (en) * 2016-10-14 2018-04-24 北京金山云网络技术有限公司 A kind of data transmission method, device and mixing cloud system
CN107295008A (en) * 2017-08-01 2017-10-24 广东云下汇金科技有限公司 A kind of connection method for building up under enterprise's mixing cloud computing environment

Also Published As

Publication number Publication date
CN110875889A (en) 2020-03-10

Similar Documents

Publication Publication Date Title
EP3509256B1 (en) Determining routing decisions in a software-defined wide area network
US20230370379A1 (en) Network Validation with Dynamic Tunneling
US10708342B2 (en) Dynamic troubleshooting workspaces for cloud and network management systems
US10148500B2 (en) User-configured on-demand virtual layer-2 network for Infrastructure-as-a-Service (IaaS) on a hybrid cloud network
US10034201B2 (en) Stateless load-balancing across multiple tunnels
US9584369B2 (en) Methods of representing software defined networking-based multiple layer network topology views
CN105610632B (en) Virtual network equipment and related method
US11671898B2 (en) Systems and methods for routing data
US11398956B2 (en) Multi-Edge EtherChannel (MEEC) creation and management
US11206210B2 (en) Packet processing method and system, and device
US20190238509A1 (en) Providing networking and security to workloads via a control virtual private cloud shared across multiple virtual private clouds
US20130297752A1 (en) Provisioning network segments based on tenant identity
WO2024067338A1 (en) Cloud networking system, secure access method, and device and storage medium
US20220166715A1 (en) Communication system and communication method
CN110875889B (en) Method and device for acquiring path
CN109194914B (en) Method and device for processing equipment information
KR20200076342A (en) Virtual network-based distributed multi-data processing method
US20180248751A1 (en) Method and system for virtualizing layer-3 (network) entities
US11218918B2 (en) Fast roaming and uniform policy for wireless clients with distributed hashing
KR20180105375A (en) Method for inter-cloud virtual networking over packet optical transport network
US11943101B2 (en) Joint orchestration for private mobile network

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant