CN112003750B - Data center host computer Overlay network access control method - Google Patents
Data center host computer Overlay network access control method Download PDFInfo
- Publication number
- CN112003750B CN112003750B CN202010854460.6A CN202010854460A CN112003750B CN 112003750 B CN112003750 B CN 112003750B CN 202010854460 A CN202010854460 A CN 202010854460A CN 112003750 B CN112003750 B CN 112003750B
- Authority
- CN
- China
- Prior art keywords
- network access
- access control
- strategy
- data center
- routing
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
- 238000000034 method Methods 0.000 title claims abstract description 31
- 238000011217 control strategy Methods 0.000 claims abstract description 39
- 230000008569 process Effects 0.000 description 7
- 238000001914 filtration Methods 0.000 description 5
- 230000003993 interaction Effects 0.000 description 2
- 230000002159 abnormal effect Effects 0.000 description 1
- 238000010586 diagram Methods 0.000 description 1
- 230000010354 integration Effects 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
- 239000002071 nanotube Substances 0.000 description 1
- 230000006855 networking Effects 0.000 description 1
- 238000006467 substitution reaction Methods 0.000 description 1
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L45/00—Routing or path finding of packets in data switching networks
- H04L45/38—Flow based routing
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L41/00—Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
- H04L41/08—Configuration management of networks or network elements
- H04L41/0803—Configuration setting
- H04L41/0823—Configuration setting characterised by the purposes of a change of settings, e.g. optimising configuration for enhancing reliability
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L49/00—Packet switching elements
- H04L49/70—Virtual switches
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/10—Network architectures or network communication protocols for network security for controlling access to devices or network resources
Landscapes
- Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Hardware Design (AREA)
- Computer Security & Cryptography (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Data Exchanges In Wide-Area Networks (AREA)
Abstract
The invention discloses a data center host computer Overlay network access control method, which relates to the field of network communication; configuring a network access control strategy, configuring the flow between virtual machines in the iptables rule limited-pass cluster according to the network access control strategy, configuring the data flow between the internal network and the external network of the routing strategy limited-pass cluster according to the network access control strategy at the gateway side, and further controlling the cluster network access; the difficulty of network access control for users is reduced, and the usability, safety and reliability of the data center network are improved.
Description
Technical Field
The invention discloses a network access control method, relates to the field of network communication, and in particular relates to a data center host computer Overlay network access control method.
Background
The integration has become an important sign of the Internet+ age, and the data center has interconnection and interworking with external networks no matter the size. In the interconnection and interworking process, in order to prevent unstable situations such as network attack, the reliability and the security of network communication need to be improved.
Disclosure of Invention
Aiming at the problems of the prior art, the invention provides a data center host computer Overlay network access control method, which avoids the problems of network attack of a public network, uncontrollable network flow in a cluster and the like, thereby achieving the purpose of preventing network anomaly attack and improving the safety and reliability of the network.
The specific scheme provided by the invention is as follows:
a data center host computer Overlay network access control method configures a network access control policy, configures the flow between virtual machines in an iptables rule limited-access cluster according to the network access control policy, configures a routing policy at a gateway side according to the network access control policy to limit the data flow between the internal network and the external network of the cluster, and further controls the cluster network access.
The network access control strategy in the data center host computer Overlay network access control method comprises an internal network access control strategy and an external network access control strategy, wherein the internal network access control strategy is converted into an iptables rule according to a network access control rule configured by a user, and the external network access control strategy is converted into a routing strategy according to the network access control rule configured by the user.
In the data center host Overlay network access control method, the iptables rule is issued to the vSwitch host, and the vSwitch host adds the corresponding iptables rule and executes the iptables rule.
The data center host computer Overlay network access control method informs the gateway of the routing strategy, and limits the external network flow of the access cluster by using the routing strategy.
In the data center host computer Overlay network access control method, virtual ports are utilized to bind internal network access control policy, the iptables rule is issued to the vSwitch host computer through the RPC,
the virtual port is utilized to unbind the internal network access control policy, and the vSwitch host deletes the iptables rule.
In the data center host computer Overlay network access control method, a virtual router is utilized to bind an external network access control strategy, all routing strategies are issued to a gateway through netconf connection,
and unbinding the last external network access control strategy by using the virtual router, and deleting the routing strategy of the gateway.
A data center host computer Overlay network access control system comprises a configuration module and a current limiting module,
the configuration module configures a network access control strategy, the current limiting module configures the flow between virtual machines in the iptables regular limited-access cluster according to the network access control strategy, and configures the data flow between the internal network and the external network of the routing strategy limited-access cluster according to the network access control strategy at the gateway side, so as to control the network access of the cluster.
A data center host Overlay network access control device, comprising: at least one memory and at least one processor;
the at least one memory for storing a machine readable program;
the at least one processor is configured to invoke the machine-readable program and execute the data center host Overlay network access control method.
The invention has the advantages that:
the invention provides a data center host computer Overlay network access control method, which integrates a network access control strategy into a data center network, realizes the UI (user interface) configuration of iptables and routing strategies, realizes that the flow between virtual machines is limited in a cluster according to the iptables rule, and the flow between the internal network and the external network of the cluster is limited at a gateway according to the routing strategies, thereby not only reducing the difficulty of using the network access control by a user, but also improving the usability, the safety and the reliability of the data center network.
Drawings
FIG. 1 is a schematic diagram of a data center host computer Overlay environment networking for the method of the present invention.
Detailed Description
The network access control (Network Access Control, NAC) limits traffic communication of the data center according to protocol types, port numbers, access directions and the like for traffic in the network, so that data messages are communicated according to a preset track, and the safety and controllability of data packets are achieved.
The data center network provides an interface capable of configuring the network access control strategy, is convenient for a user to operate complex control rules, simplifies the operation flow of the data center, reduces the use threshold of the user and improves the high availability of the system.
IPTABLES is a Linux kernel integrated IP packet filtering tool that facilitates better control of IP packet filtering and firewall configuration on a Linux system if the system is connected to the internet or LAN, a server, or a proxy server connecting the LAN and internet.
In making packet filtering decisions, firewalls have a set of rules that follow and compose, which are stored in dedicated packet filtering tables integrated in the Linux kernel, where the rules are grouped in so-called chains (chain). While netfilter/iptables IP packet filtering tools can be used to add, edit, and remove rules.
The present invention will be further described with reference to the accompanying drawings and specific examples, which are not intended to be limiting, so that those skilled in the art will better understand the invention and practice it.
The invention provides a data center host computer Overlay network access control method, which is used for configuring a network access control strategy, configuring iptables rules to limit the flow between virtual machines in a cluster according to the network access control strategy, configuring a routing strategy to limit the data flow between the internal network and the external network of the cluster according to the network access control strategy at a gateway side, and further controlling the network access of the cluster.
The invention provides a scheme of network access control limitation for a host Overlay network, and aims at the characteristics of a host Overlay flow forwarding mode to limit the flow of a cluster and the flow of the cluster to an external network, a white box mode of iptables can be configured on a vSwitch host to release the flow between virtual machines, a routing strategy is configured on a gateway side to limit the flow of the external network to an internal network and the flow of the internal network to the external network, thereby avoiding the problems of network attack of a public network, uncontrollable flow of the internal network in the cluster and the like, and achieving the purpose of preventing network anomaly attack and improving the safety and reliability of the network.
In one embodiment of the method, a data center nano tube vSwitch host and a Spine gateway are connected with the data center in an OpenFlow mode, the data center respectively carries out information intercommunication on the vSwitch host and the Spine gateway in an RPC and NetConf mode, network access control is divided into NAC strategy and NAC rule, the NAC strategy is divided into internal NAC strategy and external NAC strategy, the NAC rule belongs to the NAC strategy, the NAC rule can be divided into an ingress NAC rule and an egress NAC rule, the NAC strategy is an entity associated with a virtual port, a virtual sub-network and a virtual router,
the virtual port and the virtual sub-network in the data center apply internal NAC, the data center converts the NAC rule configured by a user into iptables rule, the input direction rule designates a source address and a source port number, the output direction rule designates a destination address and a destination port number, the generated rule is notified to a vSwitch host through RPC, and the vSwitch host generates a corresponding rule in a Forward chain of iptables and executes the corresponding rule;
the virtual router applies external NAC, the data center converts the NAC rule configured by the user into a routing strategy, the data center informs the Spine gateway of the converted routing strategy through netconf and sends the routing strategy to an external network port of the gateway, and therefore the routing strategy limits the external network traffic entering and exiting the cluster.
Through the process, the vSwitch host can limit the traffic between virtual machines according to NAC rules configured by users, and a routing strategy is configured on a gateway side to limit the traffic from the external network to the internal network and from the internal network to the external network, so that the problem that the traffic in the cluster is uncontrollable and the like is effectively avoided, abnormal attack of the network is prevented, and the safety and the reliability of the network are improved.
Based on the above embodiments, the specific flow of associating NAC policies with virtual ports (VM for short), virtual subnets (Subnet for short) and virtual routers (vruter for short) will be further described with reference to the specific application in fig. 1.
When the network inside the cluster is limited, the activated vm1 is operated at the data center to bind the internal nac strategy 1, the data center converts rules under the nac strategy 1 into iptables commands according to the priority, if vm1 is a virtual port of the first binding nac strategy 1 under the vSwitch1, a default-y iptables rule can be added, the generated iptables rule is notified to the vSwitch through the RPC, and the iptables rule is added in a Forward chain of the vSwitch under the naming space; otherwise, when vm1 unbinds the internal nac policy 1, the data center informs the vSwitch to delete the iptables rule, if vm1 is the virtual port of the last bound nac policy, the default dense iptables rule needs to be deleted, and in the default case of the dense iptables rule, all traffic is blocked,
if the data center operates the subnet1 to bind the internal nac strategy 1, if no virtual port is activated under the subnet, the operation is not performed;
if an activated virtual port exists under the subnet, issuing an iptables rule on a vSwitch host where the virtual port is located, and binding an internal nac strategy 1 with the flow with vm 1; if the sub-network where the activated virtual port is located already has a bound nac policy, the data center can calculate the iptables to be issued to the vSwitch host according to the nac policy bound by the port and the nac policy bound by the sub-network, and optionally, the nac policy priority of the port is higher than the nac policy of the sub-network.
The process is that the inside of the data center cluster is converted into the iptables command which can be identified by the vSwitch host according to the network access control strategy configured by the user, and the iptables command is issued to the vSwitch host to generate a linked list for limiting data message communication, so that the aim of controlling the inter-access of the network inside the cluster environment is fulfilled.
In another embodiment of the method of the present invention, still referring to fig. 1, a vruter binds an external NAC policy 2 in a data center, the data center converts rules under the NAC policy 2 into routing policies according to priority, if the router does not bind an NAC policy, a default dense routing policy is added, and all routing policies are issued to a Spine gateway through netconf connection; otherwise, when the vruter unbinds the NAC policy 2, if the NAC policy bound with the vruter is the last one, the default routing policy is deleted at the same time.
The above embodiments specifically illustrate the process of restricting network access control between external networks within a data center cluster, improving security and reliability of the data center network, and occurring simultaneously with intra-cluster network limiting access.
The invention also provides a data center host computer Overlay network access control system, which comprises a configuration module and a current limiting module,
the configuration module configures a network access control strategy, the current limiting module configures the flow between virtual machines in the iptables regular limited-access cluster according to the network access control strategy, and configures the data flow between the internal network and the external network of the routing strategy limited-access cluster according to the network access control strategy at the gateway side, so as to control the network access of the cluster.
The configuration module in the system configures a network access control strategy for a virtual router-based virtual machine and a subnet-based virtual switch host and configures a network access control strategy for a virtual router-based gateway, and the flow limiting module specifically performs the operation of a limited-pass network according to the network access control strategy.
The content of information interaction and execution process between the modules of the system is based on the same concept as the method embodiment of the present invention, and specific content can be referred to the description in the method embodiment of the present invention, which is not repeated here.
The invention also provides a data center host computer Overlay network access control device, which comprises: at least one memory and at least one processor;
the at least one memory for storing a machine readable program;
the at least one processor is configured to invoke the machine-readable program and execute the data center host Overlay network access control method.
The device can be applied to clusters, and the processor of the device performs information interaction, executes readable program process and the like, and the specific content can be referred to the description in the embodiment of the method according to the invention because the embodiment of the method is based on the same conception, and the description is not repeated here.
It should be noted that not all the steps and modules in the above processes and the system structures are necessary, and some steps or modules may be omitted according to actual needs. The execution sequence of the steps is not fixed and can be adjusted as required. The system structure described in the above embodiments may be a physical structure or a logical structure, that is, some modules may be implemented by the same physical entity, or some modules may be implemented by multiple physical entities, or may be implemented jointly by some components in multiple independent devices.
The above-described embodiments are merely preferred embodiments for fully explaining the present invention, and the scope of the present invention is not limited thereto. Equivalent substitutions and modifications will occur to those skilled in the art based on the present invention, and are intended to be within the scope of the present invention. The protection scope of the invention is subject to the claims.
Claims (3)
1. A data center host computer Overlay network access control method is characterized in that a network access control strategy is configured, the network access control strategy comprises an internal network access control strategy and an external network access control strategy, the internal network access control strategy is utilized to convert into an iptables rule according to a network access control rule configured by a user, the external network access control strategy is utilized to convert into a routing strategy according to the network access control rule configured by the user, the iptables rule is configured to limit the flow between virtual machines in a cluster according to the network access control strategy, the routing strategy is configured to limit the data flow between the internal network and the external network of the cluster according to the network access control strategy at a gateway side, and then the cluster network access is controlled,
binding internal network access control policy by virtual port, issuing iptables rule to the vSwitch host by RPC, adding corresponding iptables rule by the vSwitch host, executing, unbinding internal network access control policy by virtual port, deleting iptables rule by the vSwitch host,
and binding an external network access control strategy by using a virtual router, transmitting all routing strategies to the gateway through netconf connection, limiting the external network flow entering and exiting the cluster by using the routing strategies, unbinding the last external network access control strategy by using the virtual router, and deleting the routing strategy of the gateway.
2. A data center host computer Overlay network access control system is characterized by comprising a configuration module and a current limiting module,
the configuration module configures network access control policies including internal network access control policies and external network access control policies, converts the internal network access control policies into iptables rules according to network access control rules configured by users, converts the external network access control policies into routing policies according to network access control rules configured by users,
the flow limiting module configures the flow between virtual machines in the interior of the cluster according to the network access control strategy, configures the routing strategy to limit the data flow between the interior and the exterior of the cluster according to the network access control strategy at the gateway side, further controls the network access of the cluster,
the flow limiting module binds the internal network access control policy by using the virtual port, issues the iptables rule to the vSwitch host through the RPC, adds the corresponding iptables rule to the vSwitch host, and executes, unbinds the internal network access control policy by using the virtual port, deletes the iptables rule by the vSwitch host,
the flow limiting module utilizes the virtual router to bind an external network access control strategy, all routing strategies are issued to the gateway through netconf connection, the routing strategy is utilized to limit the external network flow entering and exiting the cluster, and the virtual router is utilized to unbind the last external network access control strategy, so that the routing strategy of the gateway is deleted.
3. A data center host computer Overlay network access control device is characterized by comprising: at least one memory and at least one processor;
the at least one memory for storing a machine readable program;
the at least one processor configured to invoke the machine readable program to perform a data center host Overlay network access control method of claim 1.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202010854460.6A CN112003750B (en) | 2020-08-24 | 2020-08-24 | Data center host computer Overlay network access control method |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202010854460.6A CN112003750B (en) | 2020-08-24 | 2020-08-24 | Data center host computer Overlay network access control method |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN112003750A CN112003750A (en) | 2020-11-27 |
| CN112003750B true CN112003750B (en) | 2023-11-21 |
Family
ID=73473066
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202010854460.6A Active CN112003750B (en) | 2020-08-24 | 2020-08-24 | Data center host computer Overlay network access control method |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN112003750B (en) |
Families Citing this family (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN112929290B (en) * | 2021-02-02 | 2023-02-24 | 湖南快乐阳光互动娱乐传媒有限公司 | Current limiting method, device, system, storage medium, equipment and gateway |
| CN114679290B (en) * | 2021-05-20 | 2023-03-24 | 腾讯云计算(北京)有限责任公司 | Network security management method and electronic equipment |
| CN115001906B (en) * | 2022-06-02 | 2024-03-29 | 广东电网有限责任公司 | Security gateway |
Citations (12)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102067525A (en) * | 2008-06-17 | 2011-05-18 | 高通股份有限公司 | Methods and apparatus for discovery of peer-to-peer overlay networks |
| CN102118320A (en) * | 2011-04-18 | 2011-07-06 | 北京神州数码思特奇信息技术股份有限公司 | Method for protocol identification and flow control |
| CA2763109A1 (en) * | 2011-02-15 | 2012-08-15 | Peerialism AB | P2p engine |
| CN103152256A (en) * | 2013-02-22 | 2013-06-12 | 浪潮电子信息产业股份有限公司 | Virtual routing network design method based on cloud computing data center |
| WO2015192584A1 (en) * | 2014-06-18 | 2015-12-23 | 中兴通讯股份有限公司 | Virtual routing system and method |
| CN105391771A (en) * | 2015-10-16 | 2016-03-09 | 张陵 | Multi-tenant-oriented cloud network architecture |
| CN106878484A (en) * | 2017-02-27 | 2017-06-20 | 郑州云海信息技术有限公司 | A kind of method of configuration Docker cluster external containers IP |
| CN107395781A (en) * | 2017-06-29 | 2017-11-24 | 北京小度信息科技有限公司 | Network communication method and device |
| CN107454207A (en) * | 2017-08-14 | 2017-12-08 | 郑州云海信息技术有限公司 | A kind of method and Docker clusters of configuration Overlay web container external IPs |
| CN109756422A (en) * | 2019-03-27 | 2019-05-14 | 山东浪潮云信息技术有限公司 | A kind of forwarding routing node choosing method |
| US10326845B1 (en) * | 2016-06-28 | 2019-06-18 | Virtustream Ip Holding Company Llc | Multi-layer application management architecture for cloud-based information processing systems |
| CN111314196A (en) * | 2020-01-21 | 2020-06-19 | 山东汇贸电子口岸有限公司 | Data center network hybrid overlay communication method |
Family Cites Families (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US9270559B2 (en) * | 2009-01-28 | 2016-02-23 | Headwater Partners I Llc | Service policy implementation for an end-user device having a control application or a proxy agent for routing an application traffic flow |
| CN108462594B (en) * | 2017-02-21 | 2022-03-04 | 阿里巴巴集团控股有限公司 | Virtual private network and rule table generation method, device and routing method |
-
2020
- 2020-08-24 CN CN202010854460.6A patent/CN112003750B/en active Active
Patent Citations (12)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102067525A (en) * | 2008-06-17 | 2011-05-18 | 高通股份有限公司 | Methods and apparatus for discovery of peer-to-peer overlay networks |
| CA2763109A1 (en) * | 2011-02-15 | 2012-08-15 | Peerialism AB | P2p engine |
| CN102118320A (en) * | 2011-04-18 | 2011-07-06 | 北京神州数码思特奇信息技术股份有限公司 | Method for protocol identification and flow control |
| CN103152256A (en) * | 2013-02-22 | 2013-06-12 | 浪潮电子信息产业股份有限公司 | Virtual routing network design method based on cloud computing data center |
| WO2015192584A1 (en) * | 2014-06-18 | 2015-12-23 | 中兴通讯股份有限公司 | Virtual routing system and method |
| CN105391771A (en) * | 2015-10-16 | 2016-03-09 | 张陵 | Multi-tenant-oriented cloud network architecture |
| US10326845B1 (en) * | 2016-06-28 | 2019-06-18 | Virtustream Ip Holding Company Llc | Multi-layer application management architecture for cloud-based information processing systems |
| CN106878484A (en) * | 2017-02-27 | 2017-06-20 | 郑州云海信息技术有限公司 | A kind of method of configuration Docker cluster external containers IP |
| CN107395781A (en) * | 2017-06-29 | 2017-11-24 | 北京小度信息科技有限公司 | Network communication method and device |
| CN107454207A (en) * | 2017-08-14 | 2017-12-08 | 郑州云海信息技术有限公司 | A kind of method and Docker clusters of configuration Overlay web container external IPs |
| CN109756422A (en) * | 2019-03-27 | 2019-05-14 | 山东浪潮云信息技术有限公司 | A kind of forwarding routing node choosing method |
| CN111314196A (en) * | 2020-01-21 | 2020-06-19 | 山东汇贸电子口岸有限公司 | Data center network hybrid overlay communication method |
Also Published As
| Publication number | Publication date |
|---|---|
| CN112003750A (en) | 2020-11-27 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN112003750B (en) | Data center host computer Overlay network access control method | |
| US11917044B2 (en) | Private allocated networks over shared communications infrastructure | |
| WO2021136311A1 (en) | Method and device for communication between vpcs | |
| EP3522485B1 (en) | Application-aware firewall policy enforcement by data center controller | |
| EP3304815B1 (en) | Operations, administration and management (oam) in overlay data center environments | |
| KR101478475B1 (en) | Computer system and communication method in computer system | |
| EP3143733B1 (en) | Virtual flow network in a cloud environment | |
| JP5645139B2 (en) | Network system, controller, and network control method | |
| JP5493926B2 (en) | Interface control method, interface control method, and interface control program | |
| CN105850102B (en) | Control of service chaining | |
| EP2974133B1 (en) | Method and system for controlling an underlying physical network by a software defined network | |
| EP2413549B1 (en) | Distributed switch domain of heterogeneous components | |
| US8327014B2 (en) | Multi-layer hardware-based service acceleration (MHSA) | |
| US20130010797A1 (en) | Custom routing decisions | |
| JP2008504777A (en) | Virtual broadcast network for inter-domain communication | |
| EP3937438A1 (en) | Service chaining with physical network functions and virtualized network functions | |
| US9397937B2 (en) | Computer system, server, open flow controller and communication method | |
| EP0967759B1 (en) | Broadcast traffic reduction in a communications network | |
| JP6280223B2 (en) | Method for providing control in a communication network | |
| KR101629089B1 (en) | Hybrid openFlow method for combining legacy switch protocol function and SDN function | |
| RU2757297C1 (en) | Method for security gateway cluster operation | |
| KR101538667B1 (en) | Network system and method for controlling network | |
| CN108599998B (en) | Network management and control method and device and computer readable storage medium | |
| CN113347101B (en) | Routing information sending control method, VTEP and computer readable storage medium | |
| Crouch et al. | Forwarding and control element separation (ForCES) applicability statement |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |