WO2015180539A1 - Packet processing method and device - Google Patents

Packet processing method and device Download PDF

Info

Publication number
WO2015180539A1
WO2015180539A1 PCT/CN2015/076784 CN2015076784W WO2015180539A1 WO 2015180539 A1 WO2015180539 A1 WO 2015180539A1 CN 2015076784 W CN2015076784 W CN 2015076784W WO 2015180539 A1 WO2015180539 A1 WO 2015180539A1
Authority
WO
WIPO (PCT)
Prior art keywords
nve
entity
virtual machine
information
control plane
Prior art date
Application number
PCT/CN2015/076784
Other languages
French (fr)
Chinese (zh)
Inventor
范多亮
袁峰
郭凯
汪洋
Original Assignee
华为技术有限公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 华为技术有限公司 filed Critical 华为技术有限公司
Publication of WO2015180539A1 publication Critical patent/WO2015180539A1/en

Links

Images

Definitions

  • the second NVE entity directly receives the control plane signaling sent by the first NVE entity; or the second NVE entity receives the control plane signaling sent by a control node, where the control node is After receiving the control plane signaling sent by the first NVE entity, sending the control plane signaling to the second NVE entity that is determined by the first NVE entity and related to the unknown packet;
  • the second processing module sends a data plane packet to the virtual machine managed by the second processing module, including:
  • the target virtual machine After receiving the response message sent by the virtual machine, determining whether the virtual machine that sends the response message belongs to the same tenant as the source virtual machine; and determining that the virtual machine that sends the response message and the source virtual After the machine belongs to the same tenant, it is determined that the target virtual machine belongs to the NVE entity to which it belongs.
  • the determining module determines the unknown message A related second NVE entity, including:
  • a transceiver configured to receive a packet sent by the source virtual machine, and send control plane signaling to the second NVE entity related to the unknown packet, to instruct the second NVE entity to query the target virtual machine of the unknown packet Information
  • the control plane signaling includes indication information for instructing the second NVE entity to initiate a data plane query; and receiving response signaling returned by the second NVE entity;
  • an NVE entity includes:
  • the transceiver is triggered to send the data plane message to all virtual machines managed by itself.
  • a control node includes:
  • FIG. 4 is a structural diagram of a data center according to Embodiment 1 of the present invention.
  • the first NVE entity in the embodiment of the present invention After receiving the unknown packet sent by the source virtual machine, the first NVE entity in the embodiment of the present invention sends the control plane signaling to the second NVE entity related to the unknown packet, so that the second NVE entity starts the data plane query.
  • the second NVE entity starts the data plane query.
  • the words “first” and “second” are used in the embodiment of the present invention to distinguish different NVE entities, but the number of NVE entities and the operation priority are not limited.
  • the first NVE entity is In the data Any NVE entity in the heart, the second NVE entity is all NVE entities related to the unknown packet determined by the first NVE entity, and the number of the second NVE entities may be one, or two or more.
  • Address information (such as a MAC address or an IP address) of the target virtual machine
  • information of the NVE entity to which the target virtual machine belongs such as identification information, and the like
  • information of the tenant to which the target virtual machine belongs such as identification information, and the like
  • the address information of the target virtual machine to be queried is the MAC address; if the MAC address of the target virtual machine is known, the address information of the target virtual machine to be queried is IP. address.
  • step 11 includes the following two preferred implementations:
  • the first NVE entity after receiving the unknown packet, the first NVE entity sends control plane signaling to the control node; after receiving the control plane signaling, the control node determines a second NVE entity related to the unknown packet, and The control signaling is sent to each second NVE entity that is determined by itself to indicate that the second NVE entity queries the information of the target virtual machine of the unknown packet.
  • NVE#1 sends the location query signaling (control plane signaling) of Host#2 to NVE#2, or NVE#1 sends the location query signaling of Host#2 to NVE#2 through the NVA;
  • NVE#2 After receiving the location query signaling of Host#2, NVE#2 initiates an ARP request for querying Host#2 to all interfaces that belong to the tenant locally;
  • the above method processing flow can be implemented by a software program, which can be stored in a storage medium, and when the stored software program is called, the above method steps are performed.
  • the first determining module 51 is configured to: after determining that the received packet sent by the source virtual machine is an unknown packet whose location is unknown to the target virtual machine, send control plane signaling to the second NVE entity related to the unknown packet. Instructing the second NVE entity to query the information of the target virtual machine of the unknown packet, where the control plane signaling includes indication information for instructing the second NVE entity to start a data plane query;
  • the second determining module 52 is configured to receive response signaling returned by the second NVE entity, and determine information of the target virtual machine of the unknown packet according to the response signaling.
  • the unknown message received by the first determining module 51 includes at least the following two types:
  • the first type is a packet whose address information is unknown (for example, the MAC address is unknown or the IP address is unknown), and the type of unknown packet is used to query the address information of the target virtual machine.
  • control plane signaling sent by the first determining module 51 further includes at least one of the following information: address information of the target virtual machine (such as an IP address or a MAC address), and address information of the source virtual machine (eg, IP address or MAC address), information about the tenant to which the source virtual machine belongs.
  • address information of the target virtual machine such as an IP address or a MAC address
  • address information of the source virtual machine eg, IP address or MAC address
  • Control plane signaling is sent to the control node, so that the control node sends the control plane signaling to the second NVE entity determined by the control node and related to the unknown packet.
  • the first determining module 51 determines a second NVE entity related to the received unknown message, including:
  • Determining the information of the tenant to which the source virtual machine that sends the unknown packet belongs (such as the identifier information of the tenant); and determining the NVE entity of the other virtual machine used by the tenant based on the information of the tenant, and determining the NVE.
  • the entity acts as a second NVE entity associated with the unknown message.
  • the embodiment of the present invention further provides another NVE entity.
  • the NVE entity includes:
  • the first processing module 61 is configured to receive control plane signaling sent by the first NVE entity, where the control plane signaling is that the first NVE entity receives an unknown message whose location of the target virtual machine sent by the source virtual machine is unknown. And the information that is sent to the second NVE entity to query the target virtual machine of the unknown packet, where the control plane signaling includes indication information for instructing the second NVE entity to start the data plane query. ;
  • the second processing module 62 is configured to: when the information of the target virtual machine is not included in the locally stored virtual machine information, send a data plane message to the virtual machine managed by the NVE entity to which the user belongs to query the target virtual Whether the device belongs to itself, and when it is determined that the target virtual machine belongs to itself, the response signal is returned to the first NVE entity, where the response signaling carries the information of the target virtual machine.
  • control plane signaling sent by the first NVE entity further includes at least one of the following information: address information of the target virtual machine (such as an IP address or a MAC address), and address information of the source virtual machine (such as IP). Address or MAC address), information about the tenant to which the source virtual machine belongs.
  • the address information of the target virtual machine to be queried is the MAC address; if the MAC address of the target virtual machine is known, the address information of the target virtual machine to be queried is IP. address.
  • the first processing module 61 is specifically configured to: directly receive the control plane signaling sent by the first NVE entity; or receive the control plane signaling sent by the control node, where the control node After receiving the control plane signaling sent by the first NVE entity, sending the control plane signaling to the second NVE entity that is determined by the first NVE entity and related to the unknown packet;
  • the second processing module 62 is specifically configured to: directly return response signaling to the first NVE entity; or return a response signaling to the first NVE entity by using a control node.
  • the second processing module 62 sends a data plane message to the virtual machine managed by the second processing module 62, including:
  • the data plane message is sent to all virtual machines managed by itself.
  • the target virtual machine After receiving the response message sent by the virtual machine, determining whether the virtual machine that sends the response message belongs to the same tenant as the source virtual machine; and determining that the virtual machine that sends the response message and the source virtual After the machine belongs to the same tenant, it is determined that the target virtual machine belongs to the NVE entity to which it belongs.
  • an NVE entity that receives an unknown packet and sends control plane signaling may also be an NVE entity that receives control plane signaling and returns response signaling; correspondingly, receives control plane signaling and
  • the NVE entity that returns the response signaling may also be an NVE entity that receives the unknown message and sends the control plane signaling, so preferably, the module in the NVE entity shown in FIG. 5 and the module in the NVE entity shown in FIG. It can also be combined in an NVE entity and select the corresponding module to work as needed.
  • an embodiment of the present invention provides a control node. As shown in FIG. 7, the control node includes:
  • the determining module 72 is configured to determine a second NVE entity related to the unknown packet, and send the control plane signaling to the second NVE entity.
  • control node in the embodiment of the present invention may be an NVA entity.
  • the transceiver 81 is configured to receive a packet sent by the source virtual machine, and send control plane signaling to the second NVE entity related to the unknown packet, to instruct the second NVE entity to query the target virtual machine of the unknown packet.
  • the control plane signaling includes: indication information for instructing the second NVE entity to initiate a data plane query; and receiving response signaling returned by the second NVE entity;
  • the address information of the target virtual machine to be queried is the MAC address; if the MAC address of the target virtual machine is known, the address information of the target virtual machine to be queried is IP. address.
  • the address information of the target virtual machine to be queried is the MAC address; if the MAC address of the target virtual machine is known, the address information of the target virtual machine to be queried is IP. address.
  • an NVE entity that receives an unknown packet and sends control plane signaling may also be an NVE entity that receives control plane signaling and returns response signaling; correspondingly, receives control plane signaling and
  • the NVE entity that returns the response signaling may also be an NVE entity that receives the unknown message and sends the control plane signaling, so preferably, the function of the transceiver in the NVE entity shown in FIG. 8 and the NVE entity shown in FIG.
  • the function of the transceiver in the transceiver can be combined in one transceiver, and the corresponding module works according to the need; the function of the processor in the NVE entity shown in FIG. 8 and the function of the processor in the NVE entity shown in FIG. Can be combined in one processor and as needed Select the corresponding module to work.
  • control node provided by the embodiment of the present invention are described below in conjunction with the preferred hardware structure.
  • the transceiver 101 is configured to receive control plane signaling sent by the first NVE entity, where the control plane signaling is sent by the first NVE entity after receiving an unknown message whose location of the target virtual machine sent by the source virtual machine is unknown. And the second NVE entity that is related to the unknown packet is used to query the information of the target virtual machine of the unknown packet, where the control plane signaling includes, to indicate that the second NVE entity starts the data plane. Indication information of the query;
  • control plane signaling sent by the first NVE entity further includes at least one of the following information: address information of the target virtual machine (such as an IP address or a MAC address), and address information of the source virtual machine (such as IP). Address or MAC address), information about the tenant to which the source virtual machine belongs.
  • the information of the target virtual machine to be queried includes at least one of the following information: address information of the target virtual machine (such as a MAC address or an IP address), and information of the NVE entity to which the target virtual machine belongs (such as identification information, etc.), information about the tenant to which the target virtual machine belongs.
  • address information of the target virtual machine such as a MAC address or an IP address
  • information of the NVE entity to which the target virtual machine belongs Such as identification information, etc.
  • control plane signaling Obtaining, by the control plane signaling, information about a tenant to which the source virtual machine that sends the unknown packet belongs, and determining, according to the configured subnet attribution information of the tenant, the control plane signaling
  • the NVE entity to which the address information of the target virtual machine belongs, and the determined NVE entity is used as the second NVE entity related to the unknown packet.

Landscapes

  • Mobile Radio Communication Systems (AREA)

Abstract

Disclosed are a packet processing method and device, for solving the problem that an error easily occurs in the existing processing method of manually configuring required VM information. The method comprises: after determining that a received packet transmitted by a source virtual machine (VM) is an unknown packet with the position of the target VM being unknown, a first NVE entity transmits a control plane signaling to a second NVE entity related to the unknown packet to instruct the second NVE to query the information of the target VM of the unknown packet, the control plane signaling comprising the instruction for instructing the second NVE entity to start a data plane query; and the first NVE entity receives a response signaling returned by the second NVE entity, and determines the information of the target VM according to the response signaling. The present invention does not require manual configuration or VM information updating, thus improving the accuracy of acquiring target VM information, and having a wide application range.

Description

一种报文处理方法和设备Message processing method and device
本申请要求于2014年5月28日提交中国专利局、申请号为201410232568.6、发明名称为“一种报文处理方法和设备”的中国专利申请的优先权,其全部内容通过引用结合在本申请中。The present application claims priority to Chinese Patent Application No. 201410232568.6, entitled "A Message Processing Method and Apparatus", filed on May 28, 2014, the entire contents of in.
技术领域Technical field
本发明涉及通信技术领域,特别涉及一种报文处理方法和设备。The present invention relates to the field of communications technologies, and in particular, to a packet processing method and device.
背景技术Background technique
数据中心(Data Center,DC)是大量数据集中而形成的集成IT应用环境,是数据计算、网络传输、存储的中心。随着各行业IT应用的快速增长,“虚拟化”和“云计算”成为数据中心的发展趋势。在数据中心,需要支持大量的虚拟网络(Virtual Network,VN),为不同的租户提供相互隔离的网络服务。Data Center (DC) is an integrated IT application environment formed by a large number of data collections. It is the center of data computing, network transmission and storage. With the rapid growth of IT applications in various industries, “virtualization” and “cloud computing” have become the development trend of data centers. In the data center, a large number of virtual networks (VNs) need to be supported to provide different tenants with isolated network services.
随着数据中心的服务器虚拟化技术的大量使用,虚拟机(Virtual Machine,VM)的迁移需要一个容量大于现有层2网络容量的虚拟化技术,并且在混合云和公有云的数据中心,需要支持海量租户,传统网络无法满足需求。针对上述问题,基于层三网络的网络虚拟化(Network Virtualization over Layer3,NVO3)技术应运而生,NVO3可以不改动现有网络架构,仅需增加网关设备,就可以解决虚拟机迁移问题,并能够支持更多的租户。NVO3技术的基本思路是,通过引入隧道技术,对虚拟网络的报文进行隧道再封装,从而将不同的虚拟网络通过不同的隧道加以区分。With the massive use of server virtualization technology in the data center, the migration of virtual machines (VMs) requires a virtualization technology with a capacity larger than the existing layer 2 network capacity, and in the data center of the hybrid cloud and the public cloud, Supporting massive tenants, traditional networks cannot meet demand. In response to the above problems, Network Virtualization over Layer 3 (NVO3) technology emerges as the times require. NVO3 can solve the virtual machine migration problem without changing the existing network architecture. Support more tenants. The basic idea of the NVO3 technology is to tunnel the packets of the virtual network by tunneling, so that different virtual networks can be distinguished through different tunnels.
在数据中心中引入网络虚拟边缘(Network Virtualization Edge,NVE)实体,该NVE实***于承载网络和租户虚拟网络之间的网络边缘实体,实现对虚拟网络的隧道封装。面向虚拟网络侧,NVE实体的功能为负责封装租户数据,以及向其他NVE实体发送数据或接收其他NVE实体发送的数据;面向租户侧,NVE实体的功能为向租户***发送报文(数据面数据)或接收租户***发送的报文。A Network Virtualization Edge (NVE) entity is introduced in the data center, and the NVE entity is located at a network edge entity between the bearer network and the tenant virtual network to implement tunnel encapsulation of the virtual network. For the virtual network side, the function of the NVE entity is to encapsulate the tenant data, and send data to other NVE entities or receive data sent by other NVE entities. For the tenant side, the NVE entity functions to send packets to the tenant system (data plane data). ) or receive messages sent by the tenant system.
为避免三角路由造成的流量绕行,通常NVE实体会作为分布式网关(Distributed Gateway)对接收到的报文进行转发,这要求NVE实体需要能够获取到所有需要被访问的虚拟机的信息,如虚拟机的标识信息,虚拟机所属的NVE实体等。如果NVE实体接收到了未知报文(即目标VM的位置未知的数据面报文,例如目标虚拟机的媒体接入控制(Media Access Control,MAC)地址未知,或者目标虚拟机所属的NVE实体未知),现 有的处理方式为:在每个NVE实体上对所有VM的信息进行统一管理和配置,即在每个NVE实体上尽量配置所有VM的信息,若NVE实体接收到了未知报文,则直接丢弃该未知报文。该方式下,由于要求在每个NVE实体上对所有VM的信息进行统一管理和配置,即在每个NVE实体上尽量配置所有VM的信息,这样,该***每增加或修改一个VM的信息,则所有NVE实体的配置都需要修改,操作频繁,并且由于是手动配置,容易出错。In order to avoid the traffic bypass caused by the triangulation route, the NVE entity forwards the received packets as a distributed gateway. This requires the NVE entity to obtain information about all the virtual machines that need to be accessed, such as ID information of the virtual machine, the NVE entity to which the virtual machine belongs, and so on. If the NVE entity receives an unknown packet (that is, a data plane packet whose location of the target VM is unknown, for example, the media access control (MAC) address of the target virtual machine is unknown, or the NVE entity to which the target virtual machine belongs is unknown) Present The processing is as follows: The information of all the VMs is uniformly managed and configured on each NVE entity. That is, the information of all VMs is configured as much as possible on each NVE entity. If the NVE entity receives an unknown packet, the NVE entity directly discards the information. Unknown message. In this mode, since all the VM information is required to be uniformly managed and configured on each NVE entity, that is, all VM information is configured as much as possible on each NVE entity, so that each time the system adds or modifies a VM information, The configuration of all NVE entities needs to be modified, the operation is frequent, and it is easy to make mistakes because it is manually configured.
发明内容Summary of the invention
本发明实施例提供了一种报文处理方法和设备,解决了现有处理方式中由手动配置于需要VM的信息,容易出错的问题。The embodiment of the invention provides a packet processing method and device, which solves the problem that the information in the existing processing mode is manually configured in the VM, which is prone to error.
第一方面,一种报文处理方法,该方法包括:In a first aspect, a packet processing method includes:
第二NVE实体接收第一NVE实体发送的控制面信令,所述控制面信令是所述第一NVE实体在接收到源虚拟机发送的目标虚拟机位置未知的未知报文后发送的,用于指示所述第二NVE实体查询所述未知报文的目标虚拟机的信息,所述控制面信令中包括用于指示所述第二NVE实体启动数据面查询的指示信息;The second NVE entity receives the control plane signaling sent by the first NVE entity, where the control plane signaling is sent by the first NVE entity after receiving an unknown message whose location of the target virtual machine sent by the source virtual machine is unknown. And the information indicating that the second NVE entity queries the target virtual machine of the unknown packet, where the control plane signaling includes indication information for instructing the second NVE entity to start a data plane query;
若本地存储的虚拟机信息中未包含所述目标虚拟机的信息,所述第二NVE实体向自身所管理的虚拟机发送数据面报文,以查询所述目标虚拟机是否归属于自身,并在确定出所述目标虚拟机归属于自身时,向所述第一NVE实体返回响应信令,所述响应信令中携带所述目标虚拟机的信息。If the information of the target virtual machine is not included in the locally stored virtual machine information, the second NVE entity sends a data plane message to the virtual machine managed by the second NVE entity to query whether the target virtual machine belongs to itself, and When it is determined that the target virtual machine belongs to itself, the response signal is returned to the first NVE entity, where the response signaling carries the information of the target virtual machine.
结合第一方面,在第一种可能的实现方式中,所述第二NVE实体接收所述第一NVE实体发送的控制面信令,包括:With reference to the first aspect, in a first possible implementation, the second NVE entity receives the control plane signaling sent by the first NVE entity, including:
所述第二NVE实体直接接收所述第一NVE实体发送的所述控制面信令;或者,所述第二NVE实体接收控制节点发送的所述控制面信令,其中,所述控制节点在接收到所述第一NVE实体发送的所述控制面信令后,将所述控制面信令发送给自身确定出的与所述未知报文相关的第二NVE实体;The second NVE entity directly receives the control plane signaling sent by the first NVE entity; or the second NVE entity receives the control plane signaling sent by a control node, where the control node is After receiving the control plane signaling sent by the first NVE entity, sending the control plane signaling to the second NVE entity that is determined by the first NVE entity and related to the unknown packet;
所述第二NVE实体向所述第一NVE实体返回响应信令,包括:Returning the response signaling to the first NVE entity by the second NVE entity, including:
所述第二NVE实体直接向所述第一NVE实体返回响应信令;或者,所述第二NVE实体通过控制节点向所述第一NVE实体返回响应信令。The second NVE entity directly returns response signaling to the first NVE entity; or the second NVE entity returns response signaling to the first NVE entity by using a control node.
结合第一方面,在第二种可能的实现方式中,所述第二NVE实体向自身所管理的虚拟机发送数据面报文,包括:With reference to the first aspect, in a second possible implementation, the second NVE entity sends a data plane message to the virtual machine managed by the second NVE entity, including:
所述第二NVE实体从所述控制面信令中,获取发送所述未知报文的源虚拟机所属的 租户的信息,并向自身所管理的同一租户内的虚拟机发送所述数据面报文;或者Obtaining, by the second NVE entity, the source virtual machine that sends the unknown packet from the control plane signaling The information of the tenant and the data plane message is sent to the virtual machine in the same tenant managed by itself; or
所述第二NVE实体向自身所管理的所有虚拟机发送所述数据面报文。The second NVE entity sends the data plane message to all virtual machines managed by itself.
结合第一方面、第一方面的第一种可能的实现方式、或者第一方面的第二种可能的实现方式,在第三种可能的实现方式中,所述第二NVE实体确定所述目标虚拟机归属于自身,包括:With reference to the first aspect, the first possible implementation manner of the first aspect, or the second possible implementation manner of the first aspect, in a third possible implementation manner, the second NVE entity determines the target The virtual machine belongs to itself, including:
在接收到虚拟机发送的响应报文后,所述第二NVE实体确定发送所述响应报文的虚拟机与所述源虚拟机是否属于同一租户;After receiving the response message sent by the virtual machine, the second NVE entity determines whether the virtual machine that sends the response message and the source virtual machine belong to the same tenant;
在确定发送所述响应报文的虚拟机与所述源虚拟机属于同一租户后,所述第二NVE实体确定所述目标虚拟机归属于自身。After determining that the virtual machine that sends the response message belongs to the same tenant as the source virtual machine, the second NVE entity determines that the target virtual machine belongs to itself.
结合第一方面、第一方面的第一种可能的实现方式、或者第一方面的第二种可能的实现方式,在第四种可能的实现方式中,所述目标虚拟机的信息包括以下信息中的至少一种信息:With reference to the first aspect, the first possible implementation of the first aspect, or the second possible implementation of the first aspect, in a fourth possible implementation, the information of the target virtual machine includes the following information. At least one of the information:
所述目标虚拟机的地址信息、所述目标虚拟机所属的NVE实体的信息、所述目标虚拟机所属的租户的信息。The address information of the target virtual machine, the information of the NVE entity to which the target virtual machine belongs, and the information of the tenant to which the target virtual machine belongs.
第二方面,一种NVE实体,该NVE实体包括:In a second aspect, an NVE entity, the NVE entity includes:
第一确定模块,用于在确定接收到的源虚拟机发送的报文为目标虚拟机位置未知的未知报文后,向与所述未知报文相关的第二NVE实体发送控制面信令,以指示第二NVE实体查询所述未知报文的目标虚拟机的信息,所述控制面信令中包括用于指示所述第二NVE实体启动数据面查询的指示信息;a first determining module, configured to: after determining that the received packet sent by the source virtual machine is an unknown packet whose location is unknown to the target virtual machine, send control plane signaling to the second NVE entity related to the unknown packet, Instructing the second NVE entity to query the information of the target virtual machine of the unknown message, where the control plane signaling includes indication information for instructing the second NVE entity to start a data plane query;
第二确定模块,用于接收所述第二NVE实体返回的响应信令,并根据所述响应信令,确定所述未知报文的目标虚拟机的信息。And a second determining module, configured to receive response signaling returned by the second NVE entity, and determine information of the target virtual machine of the unknown packet according to the response signaling.
结合第二方面,在第一种可能的实现方式中,所述第一确定模块具体用于:With reference to the second aspect, in a first possible implementation manner, the first determining module is specifically configured to:
确定出与所述未知报文相关的第二NVE实体,并向每个所述第二NVE实体发送控制面信令;或者Determining a second NVE entity associated with the unknown message and transmitting control plane signaling to each of the second NVE entities; or
向控制节点发送控制面信令,以使所述控制节点将所述控制面信令发送给由所述控制节点确定出的与所述未知报文相关的第二NVE实体。And transmitting control plane signaling to the control node, so that the control node sends the control plane signaling to the second NVE entity that is determined by the control node and is related to the unknown packet.
第三方面,一种NVE实体,该NVE实体包括:In a third aspect, an NVE entity, the NVE entity includes:
第一处理模块,用于接收第一NVE实体发送的控制面信令,所述控制面信令是所述第一NVE实体在接收到源虚拟机发送的目标虚拟机位置未知的未知报文后发送的,用于指示所述第二NVE实体查询所述未知报文的目标虚拟机的信息,所述控制面信令中包括 用于指示所述第二NVE实体启动数据面查询的指示信息;a first processing module, configured to receive control plane signaling sent by the first NVE entity, where the control plane signaling is that the first NVE entity receives an unknown message that is unknown to the target virtual machine sent by the source virtual machine. And the information that is sent by the second NVE entity to query the target virtual machine of the unknown packet, where the control plane signaling includes Instructing information for instructing the second NVE entity to initiate a data plane query;
第二处理模块,用于在本地存储的虚拟机信息中未包含目标虚拟机的信息时,向自身所属的NVE实体所管理的虚拟机发送数据面报文,以查询所述目标虚拟机是否归属于自身,并在确定出所述目标虚拟机归属于自身时,向所述第一NVE实体返回响应信令,所述响应信令中携带所述目标虚拟机的信息。The second processing module is configured to send a data plane packet to the virtual machine managed by the NVE entity to which the virtual machine information is stored, to query whether the target virtual machine belongs to the virtual machine. And in the self, and when it is determined that the target virtual machine belongs to itself, the response signal is returned to the first NVE entity, where the response signaling carries the information of the target virtual machine.
结合第三方面,在第一种可能的实现方式中,所述第一处理模块具体用于:直接接收所述第一NVE实体发送的所述控制面信令;或者,接收控制节点发送的所述控制面信令,其中,所述控制节点在接收到所述第一NVE实体发送的所述控制面信令后,将所述控制面信令发送给自身确定出的与所述未知报文相关的第二NVE实体;With reference to the third aspect, in a first possible implementation, the first processing module is specifically configured to: directly receive the control plane signaling sent by the first NVE entity; or receive, by the control node, Control plane signaling, wherein, after receiving the control plane signaling sent by the first NVE entity, the control node sends the control plane signaling to the unknown packet that is determined by itself a related second NVE entity;
所述第二处理模块具体用于:直接向所述第一NVE实体返回响应信令;或者,通过控制节点向所述第一NVE实体返回响应信令。The second processing module is specifically configured to: directly return response signaling to the first NVE entity; or return a response signaling to the first NVE entity by using a control node.
结合第三方面,在第二种可能的实现方式中,所述第二处理模块向自身所管理的虚拟机发送数据面报文,包括:With reference to the third aspect, in a second possible implementation manner, the second processing module sends a data plane packet to the virtual machine managed by the second processing module, including:
从所述控制面信令中,获取发送所述未知报文的源虚拟机所属的租户的信息,并向自身所管理的同一租户内的虚拟机发送所述数据面报文;或者Obtaining, from the control plane signaling, information about a tenant to which the source virtual machine that sends the unknown packet belongs, and sending the data plane packet to a virtual machine in the same tenant managed by the host; or
向自身所管理的所有虚拟机发送所述数据面报文。The data plane message is sent to all virtual machines managed by itself.
结合第三方面、第三方面的第一种可能的实现方式、或者第三方面的第二种可能的实现方式,在第三种可能的实现方式中,所述第二处理模块确定所述目标虚拟机归属于自身所属的NVE实体,包括:With reference to the third aspect, the first possible implementation manner of the third aspect, or the second possible implementation manner of the third aspect, in a third possible implementation manner, the second processing module determines the target The virtual machine belongs to the NVE entity to which it belongs, including:
在接收到虚拟机发送的响应报文后,确定发送所述响应报文的虚拟机与所述源虚拟机是否属于同一租户;以及在确定发送所述响应报文的虚拟机与所述源虚拟机属于同一租户后,确定所述目标虚拟机归属于自身所属的NVE实体。After receiving the response message sent by the virtual machine, determining whether the virtual machine that sends the response message belongs to the same tenant as the source virtual machine; and determining that the virtual machine that sends the response message and the source virtual After the machine belongs to the same tenant, it is determined that the target virtual machine belongs to the NVE entity to which it belongs.
第四方面,一种控制节点,包括:In a fourth aspect, a control node includes:
收发模块,用于接收第一NVE实体发送的控制面信令,所述控制面信令是所述第一NVE实体在接收到源虚拟机发送的目标虚拟机位置未知的未知报文后发送的,用于指示与所述未知报文相关的第二NVE实体查询所述未知报文的目标虚拟机的信息,所述控制面信令中包括用于指示所述第二NVE实体启动数据面查询的指示信息;a transceiver module, configured to receive control plane signaling sent by the first NVE entity, where the control plane signaling is sent by the first NVE entity after receiving an unknown packet whose location of the target virtual machine sent by the source virtual machine is unknown And the second NVE entity that is related to the unknown packet is used to query the information of the target virtual machine of the unknown packet, where the control plane signaling includes indicating that the second NVE entity starts the data plane query. Instructions;
确定模块,用于确定出与所述未知报文相关的第二NVE实体,并将所述控制面信令发送给所述第二NVE实体。And a determining module, configured to determine a second NVE entity related to the unknown packet, and send the control plane signaling to the second NVE entity.
结合第四方面,在第一种可能的实现方式中,所述确定模块确定出与所述未知报文 相关的第二NVE实体,包括:With reference to the fourth aspect, in a first possible implementation, the determining module determines the unknown message A related second NVE entity, including:
从所述控制面信令中,获取发送所述未知报文的源虚拟机所属的租户的信息,根据所述租户的信息,确定出所述租户使用的其他虚拟机所在的NVE实体,并将确定出的NVE实体作为与所述未知报文相关的第二NVE实体;或者Obtaining, from the control plane signaling, information about a tenant to which the source virtual machine that sends the unknown packet belongs, and determining, according to the information of the tenant, an NVE entity where another virtual machine used by the tenant is located, and Determining the NVE entity as a second NVE entity associated with the unknown message; or
从所述控制面信令中,获取发送所述未知报文的源虚拟机所属的租户的信息,根据已配置的所述租户的子网归属信息,确定出所述控制面信令所包含的目标虚拟机的地址信息所归属的NVE实体,并将确定出的NVE实体作为与所述未知报文相关的第二NVE实体。Obtaining, by the control plane signaling, information about a tenant to which the source virtual machine that sends the unknown packet belongs, and determining, according to the configured subnet attribution information of the tenant, the control plane signaling The NVE entity to which the address information of the target virtual machine belongs, and the determined NVE entity is used as the second NVE entity related to the unknown packet.
第五方面,一种NVE实体,包括:In a fifth aspect, an NVE entity includes:
收发器,用于接收源虚拟机发送的报文;向与所述未知报文相关的第二NVE实体发送控制面信令,以指示第二NVE实体查询所述未知报文的目标虚拟机的信息,所述控制面信令中包括用于指示所述第二NVE实体启动数据面查询的指示信息;以及接收所述第二NVE实体返回的响应信令;a transceiver, configured to receive a packet sent by the source virtual machine, and send control plane signaling to the second NVE entity related to the unknown packet, to instruct the second NVE entity to query the target virtual machine of the unknown packet Information, the control plane signaling includes indication information for instructing the second NVE entity to initiate a data plane query; and receiving response signaling returned by the second NVE entity;
处理器,用于在确定所述收发器接收到的报文为目标虚拟机位置未知的未知报文后,触发所述收发器发送所述控制面信令;以及根据所述收发器接收到的响应信令,确定所述未知报文的目标虚拟机的信息。a processor, configured to: after determining that the packet received by the transceiver is an unknown message whose location of the target virtual machine is unknown, trigger the transceiver to send the control plane signaling; and receive according to the transceiver In response to the signaling, information of the target virtual machine of the unknown message is determined.
其中,所述收发器与所述处理器之间通过总线连接。The transceiver and the processor are connected by a bus.
结合第五方面,在第一种可能的实现方式中,处理器具体用于:In conjunction with the fifth aspect, in a first possible implementation, the processor is specifically configured to:
确定出与该未知报文相关的第二NVE实体,并触发所述收发器向每个第二NVE实体发送控制面信令;或者Determining a second NVE entity associated with the unknown message and triggering the transceiver to send control plane signaling to each second NVE entity; or
触发所述收发器向控制节点发送控制面信令,以使控制节点将该控制面信令发送给由该控制节点确定出的与该未知报文相关的第二NVE实体。The transceiver is triggered to send control plane signaling to the control node, so that the control node sends the control plane signaling to the second NVE entity determined by the control node and related to the unknown packet.
第六方面,一种NVE实体,包括:In a sixth aspect, an NVE entity includes:
收发器,用于接收第一NVE实体发送的控制面信令,所述控制面信令是所述第一NVE实体在接收到源虚拟机发送的目标虚拟机位置未知的未知报文后发送的,用于指示所述第二NVE实体查询所述未知报文的目标虚拟机的信息,所述控制面信令中包括用于指示所述第二NVE实体启动数据面查询的指示信息;以及向所述第一NVE实体返回响应信令,所述响应信令中携带所述目标虚拟机的信息;a transceiver, configured to receive control plane signaling sent by the first NVE entity, where the control plane signaling is sent by the first NVE entity after receiving an unknown packet whose location of the target virtual machine sent by the source virtual machine is unknown And the information that is used by the second NVE entity to query the target virtual machine of the unknown packet, where the control plane signaling includes indication information for instructing the second NVE entity to start a data plane query; The first NVE entity returns response signaling, where the response signaling carries information of the target virtual machine;
处理器,用于在本地存储的虚拟机信息中未包含所述目标虚拟机的信息时,向自身所属的NVE实体所管理的虚拟机发送数据面报文,以查询所述目标虚拟机是否归属于自 身,并在确定出所述目标虚拟机归属于自身时,触发所述收发器发送所述响应信令,所述响应信令中携带所述目标虚拟机的信息。The processor is configured to send a data plane message to the virtual machine managed by the NVE entity to which the virtual machine information is stored, to query whether the target virtual machine belongs to the virtual machine. Yu Zi The device, when determining that the target virtual machine belongs to itself, triggers the transceiver to send the response signaling, where the response signaling carries information of the target virtual machine.
其中,所述收发器与所述处理器之间通过总线连接。The transceiver and the processor are connected by a bus.
结合第六方面,在第一种可能的实现方式中,所述收发器具体用于:直接接收所述第一NVE实体发送的所述控制面信令;或者,接收控制节点发送的所述控制面信令,其中,所述控制节点在接收到所述第一NVE实体发送的所述控制面信令后,将所述控制面信令发送给自身确定出的与所述未知报文相关的第二NVE实体;With reference to the sixth aspect, in a first possible implementation, the transceiver is specifically configured to: directly receive the control plane signaling sent by the first NVE entity; or receive the control sent by a control node The signaling, after the control node receives the control plane signaling sent by the first NVE entity, sends the control plane signaling to the identifier that is determined by itself and is related to the unknown packet. a second NVE entity;
所述收发器具体用于:直接向所述第一NVE实体返回响应信令;或者,通过控制节点向所述第一NVE实体返回响应信令。The transceiver is specifically configured to: directly return response signaling to the first NVE entity; or return a response signaling to the first NVE entity by using a control node.
结合第六方面,在第二种可能的实现方式中,所述处理器具体用于:With reference to the sixth aspect, in a second possible implementation, the processor is specifically configured to:
从所述控制面信令中,获取发送所述未知报文的源虚拟机所属的租户的信息,并触所述发收发器向自身所管理的同一租户内的虚拟机发送所述数据面报文;或者Obtaining, from the control plane signaling, information about a tenant to which the source virtual machine that sends the unknown packet belongs, and contacting the transceiver to send the data report to a virtual machine in the same tenant managed by itself Text; or
触发所述收发器向自身所管理的所有虚拟机发送所述数据面报文。The transceiver is triggered to send the data plane message to all virtual machines managed by itself.
结合第六方面、第六方面的第一种可能的实现方式、或者第六方面的第二种可能的实现方式,在第三种可能的实现方式中,所述处理器确定目标虚拟机归属于自身所属的NVE实体,包括:With reference to the sixth aspect, the first possible implementation manner of the sixth aspect, or the second possible implementation manner of the sixth aspect, in a third possible implementation manner, the processor determines that the target virtual machine belongs to The NVE entity to which it belongs, including:
在所述收发器接收到虚拟机发送的响应报文后,确定发送所述响应报文的虚拟机与所述源虚拟机是否属于同一租户;以及在确定发送所述响应报文的虚拟机与所述源虚拟机属于同一租户后,确定所述目标虚拟机归属于自身所属的NVE实体。After the transceiver receives the response message sent by the virtual machine, determining whether the virtual machine that sends the response message and the source virtual machine belong to the same tenant; and determining that the virtual machine that sends the response message is After the source virtual machine belongs to the same tenant, it is determined that the target virtual machine belongs to the NVE entity to which it belongs.
第七方面,一种控制节点,包括:In a seventh aspect, a control node includes:
收发器,用于接收第一NVE实体发送的控制面信令,所述控制面信令是所述第一NVE实体在接收到源虚拟机发送的目标虚拟机位置未知的未知报文后发送的,用于指示与所述未知报文相关的第二NVE实体查询所述未知报文的目标虚拟机的信息,所述控制面信令中包括用于指示所述第二NVE实体启动数据面查询的指示信息;a transceiver, configured to receive control plane signaling sent by the first NVE entity, where the control plane signaling is sent by the first NVE entity after receiving an unknown packet whose location of the target virtual machine sent by the source virtual machine is unknown And the second NVE entity that is related to the unknown packet is used to query the information of the target virtual machine of the unknown packet, where the control plane signaling includes indicating that the second NVE entity starts the data plane query. Instructions;
处理器,用于确定出与所述未知报文相关的第二NVE实体,并触发所述收发器将所述控制面信令发送给所述第二NVE实体。And a processor, configured to determine a second NVE entity related to the unknown packet, and trigger the transceiver to send the control plane signaling to the second NVE entity.
其中,所述收发器与所述处理器之间通过总线连接。The transceiver and the processor are connected by a bus.
结合第七方面,在第一种可能的实现方式中,所述处理器确定出与所述未知报文相关的第二NVE实体,包括:With reference to the seventh aspect, in a first possible implementation, the determining, by the processor, the second NVE entity related to the unknown packet includes:
从所述控制面信令中,获取发送所述未知报文的源虚拟机所属的租户的信息,根据 所述租户的信息,确定出所述租户使用的其他虚拟机所在的NVE实体,并将确定出的NVE实体作为与所述未知报文相关的第二NVE实体;或者Obtaining, by the control plane signaling, information about a tenant to which the source virtual machine that sends the unknown packet belongs, according to Determining, by the information of the tenant, an NVE entity in which another virtual machine used by the tenant is located, and determining the NVE entity as a second NVE entity related to the unknown packet; or
从所述控制面信令中,获取发送所述未知报文的源虚拟机所属的租户的信息,根据已配置的所述租户的子网归属信息,确定出所述控制面信令所包含的目标虚拟机的地址信息所归属的NVE实体,并将确定出的NVE实体作为与所述未知报文相关的第二NVE实体。Obtaining, by the control plane signaling, information about a tenant to which the source virtual machine that sends the unknown packet belongs, and determining, according to the configured subnet attribution information of the tenant, the control plane signaling The NVE entity to which the address information of the target virtual machine belongs, and the determined NVE entity is used as the second NVE entity related to the unknown packet.
本发明实施例提供的方法和设备中,第一NVE实体接收到源虚拟机发送的未知报文后,通过向与该未知报文相关的第二NVE实体发送控制面信令,以使第二NVE实体启动数据面查询,以查询该未知报文的目标虚拟机的信息,从而无需手动配置或更新VM的信息,提高了查询的准确性。In the method and device provided by the embodiment of the present invention, after receiving the unknown packet sent by the source virtual machine, the first NVE entity sends control plane signaling to the second NVE entity related to the unknown packet to make the second The NVE entity starts the data plane query to query the information of the target virtual machine of the unknown packet, thereby eliminating the need to manually configure or update the VM information, thereby improving the accuracy of the query.
附图说明DRAWINGS
图1为本发明提供的第一种报文处理方法的流程示意图;FIG. 1 is a schematic flowchart diagram of a first packet processing method according to the present invention;
图2为本发明提供的第二种报文处理方法的流程示意图;2 is a schematic flowchart of a second packet processing method provided by the present invention;
图3为本发明提供的第三种报文处理方法的流程示意图;3 is a schematic flowchart of a third packet processing method provided by the present invention;
图4为本发明提供的实施例一的数据中心的架构图;4 is a structural diagram of a data center according to Embodiment 1 of the present invention;
图5为本发明提供的第一种NVE实体的示意图;5 is a schematic diagram of a first NVE entity provided by the present invention;
图6为本发明提供的第二种NVE实体的示意图;6 is a schematic diagram of a second NVE entity provided by the present invention;
图7为本发明提供的第一种控制节点的示意图;7 is a schematic diagram of a first control node provided by the present invention;
图8为本发明提供的第三种NVE实体的示意图;8 is a schematic diagram of a third NVE entity provided by the present invention;
图9为本发明提供的第四种NVE实体的示意图;9 is a schematic diagram of a fourth NVE entity provided by the present invention;
图10为本发明提供的第二种控制节点的示意图。FIG. 10 is a schematic diagram of a second control node provided by the present invention.
具体实施方式detailed description
本发明实施例的第一NVE实体接收到源虚拟机发送的未知报文后,通过向与该未知报文相关的第二NVE实体发送控制面信令,以使第二NVE实体启动数据面查询,以查询该未知报文的目标虚拟机的信息,从而无需手动配置或更新VM的信息,提高了查询的准确性。After receiving the unknown packet sent by the source virtual machine, the first NVE entity in the embodiment of the present invention sends the control plane signaling to the second NVE entity related to the unknown packet, so that the second NVE entity starts the data plane query. To query the information of the target virtual machine of the unknown message, thereby eliminating the need to manually configure or update the VM information, thereby improving the accuracy of the query.
为了便于描述,本发明实施例中使用了“第一”、“第二”的字样,对不同的NVE实体进行区分,但并不对NVE实体的数量和操作优先级进行限制,第一NVE实体为数据中 心中的任一NVE实体,第二NVE实体为第一NVE实体确定出的与未知报文相关的所有NVE实体,第二NVE实体的数量可能为一个,也可能为两个及两个以上。For the convenience of description, the words "first" and "second" are used in the embodiment of the present invention to distinguish different NVE entities, but the number of NVE entities and the operation priority are not limited. The first NVE entity is In the data Any NVE entity in the heart, the second NVE entity is all NVE entities related to the unknown packet determined by the first NVE entity, and the number of the second NVE entities may be one, or two or more.
下面结合说明书附图对本发明实施例作进一步详细描述。应当理解,此处所描述的实施例仅用于说明和解释本发明,并不用于限定本发明。The embodiments of the present invention are further described in detail below with reference to the accompanying drawings. It is to be understood that the embodiments described herein are merely illustrative of the invention and are not intended to limit the invention.
本发明实施例提供的一种报文处理方法,如图1所示,该方法包括:A packet processing method is provided in the embodiment of the present invention. As shown in FIG. 1 , the method includes:
步骤11、第一NVE实体在确定接收到的源虚拟机发送的报文为目标虚拟机位置未知的未知报文后,向与该未知报文相关的第二NVE实体发送控制面信令,以指示第二NVE查询该未知报文的目标虚拟机的信息,该控制面信令中包括用于指示第二NVE实体启动数据面查询的指示信息。Step 11: After determining that the received message sent by the source virtual machine is an unknown message whose location of the target virtual machine is unknown, the first NVE entity sends control plane signaling to the second NVE entity related to the unknown packet, to And indicating, by the second NVE, information about the target virtual machine of the unknown message, where the control plane signaling includes indication information for instructing the second NVE entity to start a data plane query.
较佳地,第一NVE实体接收到的未知报文至少包括以下两种类型:Preferably, the unknown message received by the first NVE entity includes at least the following two types:
第一种类型为地址信息未知(如MAC地址未知或IP地址未知)的报文,该类型未知报文用于查询目标虚拟机的地址信息;The first type is a packet whose address information is unknown (for example, the MAC address is unknown or the IP address is unknown), and the type of unknown packet is used to query the address information of the target virtual machine.
第二种类型为目标虚拟机所在的NVE实体未知的报文,该类型未知报文用于与所在NVE实体未知的目标虚拟机进行通信。The second type is a packet whose unknown NVE entity is located in the target virtual machine. The unknown type of packet is used to communicate with the target virtual machine whose NVE entity is unknown.
步骤12、第一NVE实体接收第二NVE实体返回的响应信令,并根据该响应信令确定目标虚拟机的信息。Step 12: The first NVE entity receives the response signaling returned by the second NVE entity, and determines information of the target virtual machine according to the response signaling.
本发明实施例中,第一NVE实体在确定接收到的源虚拟机发送的报文为目标虚拟机位置未知的未知报文后,向与该未知报文相关的第二NVE实体发送控制面信令,以指示第二NVE实体查询接收到的未知报文的目标虚拟机的信息,该控制面信令中包括用于指示第二NVE实体启动数据面查询的指示信息;以及第一NVE实体接收第二NVE实体返回的响应信令,并根据该响应信令确定目标虚拟机的信息。由于无需手动配置或更新VM的信息,提高了获取目标虚拟机的信息的准确性,应用范围更广。In the embodiment of the present invention, after determining that the received message sent by the source virtual machine is an unknown message whose location of the target virtual machine is unknown, the first NVE entity sends a control plane message to the second NVE entity related to the unknown message. And instructing the second NVE entity to query the information of the target virtual machine of the received unknown message, where the control plane signaling includes indication information for instructing the second NVE entity to start the data plane query; and receiving by the first NVE entity The response signal returned by the second NVE entity, and determining the information of the target virtual machine according to the response signaling. Since there is no need to manually configure or update the information of the VM, the accuracy of obtaining the information of the target virtual machine is improved, and the application range is wider.
本发明实施例中,第一NVE实体发送的控制面信令中包括用于指示第二NVE实体启动数据面查询的指示信息,较佳地,控制面信令中通过1比特表示该指示信息,例如,若为“1”则指示第二NVE实体启动数据面查询的指示信息,若为“0”则指示第二NVE实体不启动数据面查询的指示信息。In the embodiment of the present invention, the control plane signaling sent by the first NVE entity includes indication information for instructing the second NVE entity to start the data plane query. Preferably, the control plane signaling indicates the indication information by using 1 bit. For example, if it is "1", it indicates that the second NVE entity starts the data plane query indication information, and if it is "0", it indicates that the second NVE entity does not start the data plane query indication information.
较佳地,第一NVE实体发送的控制面信令中还包括以下信息中的至少一种信息:目标虚拟机的地址信息(如IP地址或MAC地址)、源虚拟机的地址信息(如IP地址或MAC地址)、源虚拟机所属的租户的信息。Preferably, the control plane signaling sent by the first NVE entity further includes at least one of the following information: address information of the target virtual machine (such as an IP address or a MAC address), and address information of the source virtual machine (such as IP). Address or MAC address), information about the tenant to which the source virtual machine belongs.
其中,若目标虚拟机的IP地址已知,则该控制面信令中的目标虚拟机的地址信息 即为目标虚拟机的IP地址;若目标虚拟机的MAC地址已知,则该控制面信令中的目标虚拟机的地址信息即为目标虚拟机的MAC地址。Wherein, if the IP address of the target virtual machine is known, the address information of the target virtual machine in the control plane signaling That is, the IP address of the target virtual machine; if the MAC address of the target virtual machine is known, the address information of the target virtual machine in the control plane signaling is the MAC address of the target virtual machine.
在实施中,第一NVE实体可以根据源虚拟机发送数据面报文的端口(或接口)、或本地已保存的源虚拟机的配置信息,确定出该源虚拟机所属的租户的信息。In an implementation, the first NVE entity may determine the information of the tenant to which the source virtual machine belongs according to the port (or interface) of the data plane packet sent by the source virtual machine or the configuration information of the locally saved source virtual machine.
较佳地,所需查询的目标虚拟机的信息包括以下信息中的至少一种信息:Preferably, the information of the target virtual machine to be queried includes at least one of the following information:
该目标虚拟机的地址信息(如MAC地址或IP地址)、该目标虚拟机所属的NVE实体的信息(如标识信息等)、该目标虚拟机所属的租户的信息。Address information (such as a MAC address or an IP address) of the target virtual machine, information of the NVE entity to which the target virtual machine belongs (such as identification information, and the like), and information of the tenant to which the target virtual machine belongs.
其中,若目标虚拟机的IP地址已知,则所需查询的目标虚拟机的地址信息为MAC地址;若目标虚拟机的MAC地址已知,则所需查询的目标虚拟机的地址信息为IP地址。If the IP address of the target virtual machine is known, the address information of the target virtual machine to be queried is the MAC address; if the MAC address of the target virtual machine is known, the address information of the target virtual machine to be queried is IP. address.
基于上述任一实施例,步骤11包括以下两种优选的实现方式:Based on any of the above embodiments, step 11 includes the following two preferred implementations:
方式1、第一NVE实体接收到未知报文后,确定出与该未知报文相关的第二NVE实体,并向每个第二NVE实体发送控制面信令,以指示第二NVE实体查询该未知报文的目标虚拟机的信息。After receiving the unknown packet, the first NVE entity determines a second NVE entity associated with the unknown packet, and sends control plane signaling to each second NVE entity to instruct the second NVE entity to query the Information about the target virtual machine of the unknown message.
该方式下,在实施中,第一NVE实体确定出与接收到的未知报文相关的第二NVE实体,包括:In this manner, in the implementation, the first NVE entity determines a second NVE entity related to the received unknown message, including:
第一NVE实体确定发送未知报文的源虚拟机所属的租户的信息(如该租户的标识信息等);以及Determining, by the first NVE entity, information about a tenant to which the source virtual machine that sends the unknown packet belongs, such as identification information of the tenant, and the like;
第一NVE实体根据该租户的信息,确定出该租户使用的其他虚拟机所在的NVE实体,将确定出的NVE实体作为与该未知报文相关的第二NVE实体。The first NVE entity determines, according to the information of the tenant, the NVE entity in which the other virtual machine used by the tenant is located, and uses the determined NVE entity as the second NVE entity related to the unknown packet.
方式2、第一NVE实体接收到未知报文后,向控制节点发送控制面信令,以使该控制节点将该控制面信令发送给由该控制节点确定出的与未知报文相关的第二NVE实体。After the second NVE entity receives the unknown packet, the first NVE entity sends control plane signaling to the control node, so that the control node sends the control plane signaling to the first packet related to the unknown packet determined by the control node. Two NVE entities.
该方式下,第一NVE实体接收到未知报文后,向控制节点发送控制面信令;控制节点在接收到控制面信令后,确定出与未知报文相关的第二NVE实体,并将该控制信令发送给自身确定出的每个第二NVE实体,以指示第二NVE实体查询该未知报文的目标虚拟机的信息。In this manner, after receiving the unknown packet, the first NVE entity sends control plane signaling to the control node; after receiving the control plane signaling, the control node determines a second NVE entity related to the unknown packet, and The control signaling is sent to each second NVE entity that is determined by itself to indicate that the second NVE entity queries the information of the target virtual machine of the unknown packet.
该方式下,在实施中,控制节点确定出与接收到的未知报文相关的第二NVE实体,包括:In this manner, in an implementation, the control node determines a second NVE entity related to the received unknown packet, including:
控制节点从接收到的控制面信令中,获取发送未知报文的源虚拟机所属的租户的信息,根据确定出的租户的信息,确定出该租户使用的其他虚拟机所在的NVE实体,并将确定出的NVE实体作为与未知报文相关的第二NVE实体; The control node obtains, from the received control plane signaling, the information of the tenant to which the source virtual machine that sends the unknown packet belongs, and determines the NVE entity of the other virtual machine used by the tenant according to the determined information of the tenant, and Determining the determined NVE entity as a second NVE entity associated with the unknown message;
或者or
控制节点从接收到的控制面信令中,获取发送未知报文的源虚拟机所属的租户的信息,根据已配置的该租户的子网归属信息,确定出控制面信令所包含的目标虚拟机的地址信息(IP地址或MAC地址)所归属的NVE实体,并将确定出的NVE实体作为与未知报文相关的第二NVE实体。The control node obtains, from the received control plane signaling, information about the tenant to which the source virtual machine that sends the unknown packet belongs, and determines the target virtuality included in the control plane signaling according to the configured subnet attribution information of the tenant. The NVE entity to which the machine's address information (IP address or MAC address) belongs, and the determined NVE entity is used as the second NVE entity associated with the unknown message.
较佳地,控制节点本地保存有已配置的各租户的子网归属信息。Preferably, the control node locally stores the subnet attribution information of each configured tenant.
较佳地,本发明实施例中的控制节点可以为网络虚拟化管理(Network Virtualization Authority,NVA)实体。Preferably, the control node in the embodiment of the present invention may be a Network Virtualization Authority (NVA) entity.
在实施中,第一NVE实体可以采用上述任一方式,向与该未知报文相关的第二NVE实体发送控制面信令,以指示第二NVE实体查询该未知报文的目标虚拟机的信息。In an implementation, the first NVE entity may send control plane signaling to the second NVE entity related to the unknown packet to indicate that the second NVE entity queries the target virtual machine of the unknown packet. .
基于上述任一实施例,步骤12中,第一NVE实体接收第二NVE实体返回的响应信令,包括以下两种优选的实现方式:Based on any of the foregoing embodiments, in step 12, the first NVE entity receives the response signaling returned by the second NVE entity, and includes the following two preferred implementation manners:
方式一、第一NVE实体直接接收第二NVE实体返回的响应信令。Manner 1: The first NVE entity directly receives the response signaling returned by the second NVE entity.
该方式下,该第二NVE实体在确定出目标虚拟机的信息后,直接向第一NVE实体返回响应信令。In this manner, after determining the information of the target virtual machine, the second NVE entity directly returns response signaling to the first NVE entity.
方式二、第一NVE实体接收第二NVE实体通过控制节点发送的响应信令。Manner 2: The first NVE entity receives the response signaling sent by the second NVE entity through the control node.
该方式下,第二NVE实体在确定出目标虚拟机的信息后,向控制节点返回响应信令;该控制节点在接收到该第二NVE实体返回的响应信令后,将该响应信令发送给第一NVE实体。In this manner, after determining the information of the target virtual machine, the second NVE entity returns response signaling to the control node; after receiving the response signaling returned by the second NVE entity, the control node sends the response signaling Give the first NVE entity.
在实施中,第一NVE实体可以采用上述任一方式,接收第二NVE实体返回的响应信令,以获取目标虚拟机的信息。In an implementation, the first NVE entity may receive the response signaling returned by the second NVE entity in any of the foregoing manners to obtain information about the target virtual machine.
基于上述任一实施例,第一NVE实体接收到的未知报文的类型不同,第一NVE实体根据第二NVE实体返回的响应信令,确定出目标虚拟机的信息之后,执行不同的处理。具体如下:Based on any of the foregoing embodiments, the type of the unknown message received by the first NVE entity is different, and the first NVE entity performs different processing after determining the information of the target virtual machine according to the response signaling returned by the second NVE entity. details as follows:
一、第一NVE实体接收到的未知报文为用于查询目标虚拟机的地址信息的报文,第一NVE实体接收第二NVE实体返回的响应信令之后,还包括:第一NVE实体通过本地数据面报文,将目标虚拟机的地址信息发送给源虚拟机。1. The unknown message received by the first NVE entity is a packet for querying the address information of the target virtual machine. After receiving the response signaling returned by the second NVE entity, the first NVE entity further includes: the first NVE entity passes The local data plane packet sends the address information of the target virtual machine to the source virtual machine.
二、第一NVE实体接收到的未知报文为用于与所在NVE实体未知的目标虚拟机进行通信的报文,第一NVE实体接收第二NVE实体返回的响应信令之后,还包括:第一NVE实体将未知报文发送给目标虚拟机所属的NVE实体。 The first NVE entity receives the response signal returned by the second NVE entity, and the first NVE entity receives the response signal returned by the second NVE entity, and the first NVE entity further includes: An NVE entity sends an unknown message to the NVE entity to which the target virtual machine belongs.
基于同一发明构思,本发明实施例还提供了一种报文处理方法,如图2所示,该方法包括:Based on the same inventive concept, the embodiment of the present invention further provides a packet processing method, as shown in FIG. 2, the method includes:
步骤21、第二NVE实体接收第一NVE实体发送的控制面信令,该控制面信令是第一NVE实体在接收到源虚拟机发送的目标虚拟机位置未知的未知报文后发送的,用于指示第二NVE实体查询该未知报文的目标虚拟机的信息,该控制面信令中包括用于指示第二NVE实体启动数据面查询的指示信息。Step 21: The second NVE entity receives the control plane signaling sent by the first NVE entity, where the control plane signaling is sent by the first NVE entity after receiving the unknown message whose location of the target virtual machine is unknown by the source virtual machine. And the information about the target virtual machine for instructing the second NVE entity to query the unknown message, where the control plane signaling includes indication information for instructing the second NVE entity to start the data plane query.
步骤22、若本地存储的虚拟机信息中未包含目标虚拟机的信息,第二NVE实体向自身所管理的虚拟机发送数据面报文,以查询目标虚拟机是否归属于自身,并在确定出目标虚拟机归属于自身时,向第一NVE实体返回响应信令,该响应信令中携带目标虚拟机的信息。Step 22: If the information of the target virtual machine is not included in the locally stored virtual machine information, the second NVE entity sends a data plane message to the virtual machine managed by the second NVE entity to query whether the target virtual machine belongs to itself, and determines When the target virtual machine belongs to itself, it returns a response signaling to the first NVE entity, where the response signaling carries the information of the target virtual machine.
本发明实施例中,第二NVE实体接收第一NVE实体发送的控制面信令;若本地存储的虚拟机信息中未包含目标虚拟机的信息,第二NVE实体向自身所管理的虚拟机发送数据面报文,以查询目标虚拟机是否归属于自身,并在确定出目标虚拟机归属于自身时,向第一NVE实体返回响应信令,该响应信令中携带目标虚拟机的信息。由于无需手动配置或更新VM的信息,提高了获取目标虚拟机的信息的准确性。In the embodiment of the present invention, the second NVE entity receives the control plane signaling sent by the first NVE entity; if the locally stored virtual machine information does not include the information of the target virtual machine, the second NVE entity sends the virtual machine to the virtual machine managed by itself. The data plane message is used to query whether the target virtual machine belongs to itself, and when it is determined that the target virtual machine belongs to itself, the response signal is returned to the first NVE entity, and the response signaling carries the information of the target virtual machine. The accuracy of obtaining the information of the target virtual machine is improved because there is no need to manually configure or update the VM information.
较佳地,第一NVE实体发送的控制面信令中还包括以下信息中的至少一种信息:目标虚拟机的地址信息(如IP地址或MAC地址)、源虚拟机的地址信息(如IP地址或MAC地址)、源虚拟机所属的租户的信息。Preferably, the control plane signaling sent by the first NVE entity further includes at least one of the following information: address information of the target virtual machine (such as an IP address or a MAC address), and address information of the source virtual machine (such as IP). Address or MAC address), information about the tenant to which the source virtual machine belongs.
较佳地,所需查询的目标虚拟机的信息包括但不限于以下信息中的至少一种信息:该目标虚拟机的地址信息(MAC地址或IP地址)、该目标虚拟机所属的NVE实体的信息(如标识信息等)、该目标虚拟机所属的租户的信息。Preferably, the information of the target virtual machine to be queried includes, but is not limited to, at least one of the following information: address information (MAC address or IP address) of the target virtual machine, and an NVE entity to which the target virtual machine belongs. Information (such as identification information, etc.), information about the tenant to which the target virtual machine belongs.
其中,若目标虚拟机的IP地址已知,则所需查询的目标虚拟机的地址信息为MAC地址;若目标虚拟机的MAC地址已知,则所需查询的目标虚拟机的地址信息为IP地址。If the IP address of the target virtual machine is known, the address information of the target virtual machine to be queried is the MAC address; if the MAC address of the target virtual machine is known, the address information of the target virtual machine to be queried is IP. address.
在实施中,步骤21包括以下两种优选的实现方式:In implementation, step 21 includes the following two preferred implementations:
方式A、第二NVE实体直接接收第一NVE实体发送的控制面信令。The mode A, the second NVE entity directly receives the control plane signaling sent by the first NVE entity.
该方式下,第一NVE实体接收到未知报文后,直接向每个第二NVE实体发送控制面信令,以查询该未知报文的目标虚拟机的信息。In this manner, after receiving the unknown packet, the first NVE entity directly sends control plane signaling to each second NVE entity to query the information of the target virtual machine of the unknown packet.
方式B、第二NVE实体接收控制节点发送的控制面信令,其中,该控制节点在接收到第一NVE实体发送的控制面信令后,将该控制面信令发送给自身确定出的与未知报文相关的第二NVE实体。 The mode B, the second NVE entity receives the control plane signaling sent by the control node, where the control node sends the control plane signaling to the determined one after receiving the control plane signaling sent by the first NVE entity. The second NVE entity associated with the unknown message.
该方式下,第一NVE实体接收到未知报文后,向控制节点发送控制面信令,以使控制节点将该控制面信令发送给与该未知报文相关的第二NVE实体。In this manner, after receiving the unknown packet, the first NVE entity sends control plane signaling to the control node, so that the control node sends the control plane signaling to the second NVE entity related to the unknown packet.
较佳地,本发明实施例中的控制节点可以为NVA实体。Preferably, the control node in the embodiment of the present invention may be an NVA entity.
在实施中,第二NVE实体可以采用上述任一方法,接收第一NVE实体发送的控制面信令。In an implementation, the second NVE entity may receive the control plane signaling sent by the first NVE entity by using any of the foregoing methods.
基于上述任一实施例,步骤22中,第二NVE实体向第一NVE实体返回响应信令,包括以下两种优选的实现方式:Based on any of the foregoing embodiments, in step 22, the second NVE entity returns response signaling to the first NVE entity, including the following two preferred implementation manners:
方式a、第二NVE实体直接向第一NVE实体返回响应信令。Mode a, the second NVE entity directly returns response signaling to the first NVE entity.
方式b、第二NVE实体通过控制节点向第一NVE实体返回响应信令。Mode b: The second NVE entity returns response signaling to the first NVE entity by using the control node.
在实施中,第二NVE实体可以采用上述任一方式,向第一NVE实体返回响应信令。In an implementation, the second NVE entity may return response signaling to the first NVE entity in any of the foregoing manners.
基于上述任一实施例,步骤22中,较佳地,第二NVE实体向自身所管理的虚拟机发送数据面报文,包括:Based on any of the foregoing embodiments, in step 22, the second NVE entity sends a data plane message to the virtual machine managed by the second NVE entity, including:
第二NVE实体从接收到的控制面信令中,获取发送未知报文的源虚拟机所属的租户的信息;以及The second NVE entity obtains, from the received control plane signaling, information about a tenant to which the source virtual machine that sends the unknown packet belongs;
第二NVE实体向自身所管理的同一租户(即源虚拟机所属的租户)内的所有虚拟机发送数据面报文。The second NVE entity sends a data plane message to all virtual machines in the same tenant (that is, the tenant to which the source virtual machine belongs) managed by itself.
当然,除了上述方式,还可以采用其他方式查询所述目标虚拟机是否归属于自身,如,第二NVE实体向自身所管理的所有虚拟机发送该数据面报文。Of course, in addition to the above manner, the method may be used to query whether the target virtual machine belongs to itself. For example, the second NVE entity sends the data plane message to all virtual machines managed by itself.
基于上述任一实施例,作为一种优选的实现方式,步骤12中,第二NVE实体确定目标虚拟机是否归属于自身,包括:Based on any of the foregoing embodiments, as a preferred implementation manner, in step 12, the second NVE entity determines whether the target virtual machine belongs to itself, including:
若接收到虚拟机发送的响应报文,第二NVE实体确定目标虚拟机归属于自身,向第一NVE实体返回响应信令,并在该响应信令中携带目标虚拟机的信息。If the response message sent by the virtual machine is received, the second NVE entity determines that the target virtual machine belongs to itself, returns response signaling to the first NVE entity, and carries the information of the target virtual machine in the response signaling.
具体的,目标虚拟机在接收到第二NVE实体发送的数据面报文后,向该第二NVE实体发送响应报文,该响应报文可以不携带任何信息,也可以携带该目标虚拟机的地址信息(MAC地址或IP地址);相应的,第二NVE实体在接收到目标虚拟机发送响应报文后,确定目标虚拟机归属于自身,进而向第一NVE实体发送响应信令,并在该响应信令中携带目标虚拟机的信息。Specifically, after receiving the data plane packet sent by the second NVE entity, the target virtual machine sends a response packet to the second NVE entity, where the response packet may not carry any information, and may also carry the target virtual machine. Address information (MAC address or IP address); correspondingly, after receiving the response message sent by the target virtual machine, the second NVE entity determines that the target virtual machine belongs to itself, and then sends response signaling to the first NVE entity, and The response signaling carries information of the target virtual machine.
在实施中,第二NVE实体根据可以根据目标虚拟机发送数据面报文的端口(或接口)、或本地已保存的源虚拟机的配置信息,确定出目标虚拟机所属的租户的信息。In an implementation, the second NVE entity determines the information of the tenant to which the target virtual machine belongs according to the port (or interface) that can send the data plane message according to the target virtual machine, or the configuration information of the locally saved source virtual machine.
该方式下,基于安全考虑,避免其他租户的虚拟机进行ARP欺骗,较佳地,第二NVE 实体确定目标虚拟机归属于自身,包括:In this mode, based on security considerations, the virtual machines of other tenants are prevented from performing ARP spoofing, and preferably, the second NVE The entity determines that the target virtual machine belongs to itself, including:
在接收到虚拟机发送的响应报文后,第二NVE实体确定发送该响应报文的虚拟机与源虚拟机是否属于同一租户;以及After receiving the response message sent by the virtual machine, the second NVE entity determines whether the virtual machine that sends the response message belongs to the same tenant as the source virtual machine;
在确定发送该响应报文的虚拟机与源虚拟机属于同一租户后,第二NVE实体确定目标虚拟机归属于自身。After determining that the virtual machine that sends the response message belongs to the same tenant as the source virtual machine, the second NVE entity determines that the target virtual machine belongs to itself.
较佳地,若第二NVE实体接收到多个虚拟机发送的响应报文,第二NVE实体确定目标虚拟机归属于自身,包括:Preferably, if the second NVE entity receives the response message sent by the multiple virtual machines, the second NVE entity determines that the target virtual machine belongs to itself, including:
第二NVE实体将接收到的最后一个响应报文对应的虚拟机,确定为目标虚拟机。The second NVE entity determines the virtual machine corresponding to the last response message received as the target virtual machine.
基于上述任一实施例,该方法还包括:若第二NVE实体未接收到任何虚拟机发送的响应报文,确定目标虚拟机不归属于自身,向第一NVE实体返回查询失败响应,或不向第一NVE实体返回任何响应信令。Based on any of the foregoing embodiments, the method further includes: if the second NVE entity does not receive any response message sent by the virtual machine, determining that the target virtual machine does not belong to itself, and returning a query failure response to the first NVE entity, or Any response signaling is returned to the first NVE entity.
基于上述任一实施例,较佳地,第二NVE实体向自身所管理的虚拟机发送数据面报文,包括:第二NVE实体通过地址解析协议(Address Resolution Protocol,ARP)请求,向自身所管理的虚拟机发送数据面报文;Based on any of the above embodiments, the second NVE entity sends a data plane message to the virtual machine managed by the second NVE entity, including: the second NVE entity requests through the Address Resolution Protocol (ARP) to the user. The managed virtual machine sends a data plane message;
第二NVE实体接收目标虚拟机发送的响应报文,包括:第二NVE实体接收目标虚拟机发送的ARP响应。The second NVE entity receives the response packet sent by the target virtual machine, and the second NVE entity receives the ARP response sent by the target virtual machine.
基于同一发明构思,本发明实施例还提供了一种报文处理方法,如图3所示,该方法包括:Based on the same inventive concept, the embodiment of the present invention further provides a packet processing method, as shown in FIG. 3, the method includes:
步骤31、控制节点接收第一NVE实体发送的控制面信令,该控制面信令是第一NVE实体在接收到源虚拟机发送的目标虚拟机位置未知的未知报文后发送的,用于指示与该未知报文相关的第二NVE实体查询该未知报文的目标虚拟机的信息,该控制面信令中包括用于指示第二NVE实体启动数据面查询的指示信息;Step 31: The control node receives the control plane signaling sent by the first NVE entity, where the control plane signaling is sent by the first NVE entity after receiving the unknown message whose location of the target virtual machine is unknown by the source virtual machine. And indicating, by the second NVE entity, the information about the target virtual machine of the unknown packet, where the control plane signaling includes indication information for instructing the second NVE entity to start a data plane query;
步骤32、控制节点确定出与该未知报文相关的第二NVE实体,并将接收到的控制面信令发送给第二NVE实体。Step 32: The control node determines a second NVE entity related to the unknown packet, and sends the received control plane signaling to the second NVE entity.
较佳地,本发明实施例中的控制节点可以为NVA实体。Preferably, the control node in the embodiment of the present invention may be an NVA entity.
较佳地,第一NVE实体发送的控制面信令中还包括以下信息中的至少一种信息:目标虚拟机的地址信息(如IP地址或MAC地址)、源虚拟机的地址信息(如IP地址或MAC地址)、源虚拟机所属的租户的信息。Preferably, the control plane signaling sent by the first NVE entity further includes at least one of the following information: address information of the target virtual machine (such as an IP address or a MAC address), and address information of the source virtual machine (such as IP). Address or MAC address), information about the tenant to which the source virtual machine belongs.
较佳地,所需查询的目标虚拟机的信息包括以下信息中的至少一种信息:该目标虚拟机的地址信息(如MAC地址或IP地址)、该目标虚拟机所属的NVE实体的信息(如标 识信息等)、该目标虚拟机所属的租户的信息。Preferably, the information of the target virtual machine to be queried includes at least one of the following information: address information of the target virtual machine (such as a MAC address or an IP address), and information of the NVE entity to which the target virtual machine belongs ( Such as standard Information, etc.), information about the tenant to which the target virtual machine belongs.
其中,若目标虚拟机的IP地址已知,则所需查询的目标虚拟机的地址信息为MAC地址;若目标虚拟机的MAC地址已知,则所需查询的目标虚拟机的地址信息为IP地址。If the IP address of the target virtual machine is known, the address information of the target virtual machine to be queried is the MAC address; if the MAC address of the target virtual machine is known, the address information of the target virtual machine to be queried is IP. address.
基于上述任一实施例,在实施中,控制节点确定出与接收到的未知报文相关的第二NVE实体,包括:Based on any of the foregoing embodiments, in an implementation, the control node determines a second NVE entity related to the received unknown message, including:
控制节点从接收到的控制面信令中,获取发送未知报文的源虚拟机所属的租户的信息,根据确定出的租户的信息,确定出该租户使用的其他虚拟机所在的NVE实体,并将确定出的NVE实体作为与该未知报文相关的第二NVE实体;The control node obtains, from the received control plane signaling, the information of the tenant to which the source virtual machine that sends the unknown packet belongs, and determines the NVE entity of the other virtual machine used by the tenant according to the determined information of the tenant, and Determining the determined NVE entity as a second NVE entity associated with the unknown message;
或者or
控制节点从接收到的控制面信令中,获取发送未知报文的源虚拟机所属的租户的信息,根据已配置的该租户的子网归属信息,确定出控制面信令所包含的目标虚拟机的地址信息(IP地址或MAC地址)所归属的NVE实体,并将确定出的NVE实体作为与该未知报文相关的第二NVE实体。The control node obtains, from the received control plane signaling, information about the tenant to which the source virtual machine that sends the unknown packet belongs, and determines the target virtuality included in the control plane signaling according to the configured subnet attribution information of the tenant. The NVE entity to which the machine's address information (IP address or MAC address) belongs, and the determined NVE entity is the second NVE entity associated with the unknown message.
较佳地,控制节点本地保存有已配置的各租户的子网归属信息。Preferably, the control node locally stores the subnet attribution information of each configured tenant.
基于上述任一实施例,该方法还包括:接收第二NVE实体返回的响应信令,并将该响应信令发送给第一NVE实体。Based on any of the foregoing embodiments, the method further includes: receiving response signaling returned by the second NVE entity, and transmitting the response signaling to the first NVE entity.
下面通过一个具体实施例,对本发明提供的报文处理方法进行详细说明。The message processing method provided by the present invention is described in detail below through a specific embodiment.
实施例一、本实施例中,假设租户使用的虚拟机包括Host#1和Host#2,其中,Host#1归属于NVE#1,Host#2归属于NVE#2,且Host#1和Host#2属于不同子网;数据中心的具体架构如图4所示。若Host#1需要访问Host#2,且NVE#1不知道Host#2的位置信息,本实施例中的未知报文为目标虚拟机所在的NVE实体未知的报文,则具体处理过程如下: Embodiment 1 In this embodiment, it is assumed that the virtual machine used by the tenant includes Host#1 and Host#2, wherein Host#1 belongs to NVE#1, Host#2 belongs to NVE#2, and Host#1 and Host #2 belongs to different subnets; the specific architecture of the data center is shown in Figure 4. If Host #1 needs to access Host #2, and NVE#1 does not know the location information of Host#2, the unknown packet in this embodiment is a packet whose NVE entity is unknown to the target VM. The specific processing procedure is as follows:
1、Host#1发送网关ARP请求给NVE#1;1. Host#1 sends a gateway ARP request to NVE#1;
2、NVE#1发送ARP响应给Host#1;2. NVE#1 sends an ARP response to Host#1;
3、Host#1将自身与Host#2的通信报文M1发送给NVE#1;3. Host#1 sends its own communication message M1 with Host#2 to NVE#1;
4、NVE#1发送Host#2的位置查询信令(控制面信令)给NVE#2,或者,NVE#1通过NVA将Host#2的位置查询信令发送给NVE#2;4. NVE#1 sends the location query signaling (control plane signaling) of Host#2 to NVE#2, or NVE#1 sends the location query signaling of Host#2 to NVE#2 through the NVA;
5、NVE#2接收到Host#2的位置查询信令后,则向本地归属该租户的所有接口发起查询Host#2的ARP请求;After receiving the location query signaling of Host#2, NVE#2 initiates an ARP request for querying Host#2 to all interfaces that belong to the tenant locally;
6、Host#2接收到NVE#2发送的ARP请求,向NVE#2发送ARP响应; 6. Host#2 receives the ARP request sent by NVE#2 and sends an ARP response to NVE#2.
7、NVE#2接收到Host#2的ARP响应后,生成Host#2在NVE#2的位置信息并将生成的位置信息发送给NVE#1,或者,通过NVA将生成的位置信息发送给NVE#1;7. After receiving the ARP response of Host#2, NVE#2 generates the location information of Host#2 in NVE#2 and sends the generated location information to NVE#1, or sends the generated location information to NVE through NVA. #1;
8、NVE#1根据接收到的位置信息,得知Host#2在NVE#2,则在M1报文外封装从NVE#1到NVE#2的头部H1,生成新的M2报文发给NVE#2;8. NVE#1, according to the received location information, knows that Host#2 is in NVE#2, and then encapsulates the header H1 from NVE#1 to NVE#2 outside the M1 message, and generates a new M2 message to be sent to NVE#2;
9、NVE#2接到M2报文后,去除封装头H1并取出M1报文,通过对M1报文的解析,发现该报文是发送给Host#2的,则NVE#2将M1报文发给Host#2;After receiving the M2 packet, NVE#2 removes the encapsulation header H1 and extracts the M1 packet. After parsing the M1 packet, it is found that the packet is sent to Host#2, then NVE#2 will M1 message. Send to Host#2;
10、Host#2收到来自Host#1发来的M1报文。10. Host#2 receives the M1 message from Host#1.
上述方法处理流程可以用软件程序实现,该软件程序可以存储在存储介质中,当存储的软件程序被调用时,执行上述方法步骤。The above method processing flow can be implemented by a software program, which can be stored in a storage medium, and when the stored software program is called, the above method steps are performed.
基于同一发明构思,本发明实施例还提供了一种NVE实体,如图5所示,该NVE实体包括:Based on the same inventive concept, an embodiment of the present invention further provides an NVE entity. As shown in FIG. 5, the NVE entity includes:
第一确定模块51,用于在确定接收到的源虚拟机发送的报文为目标虚拟机位置未知的未知报文后,向与所述未知报文相关的第二NVE实体发送控制面信令,以指示第二NVE实体查询所述未知报文的目标虚拟机的信息,所述控制面信令中包括用于指示所述第二NVE实体启动数据面查询的指示信息;The first determining module 51 is configured to: after determining that the received packet sent by the source virtual machine is an unknown packet whose location is unknown to the target virtual machine, send control plane signaling to the second NVE entity related to the unknown packet. Instructing the second NVE entity to query the information of the target virtual machine of the unknown packet, where the control plane signaling includes indication information for instructing the second NVE entity to start a data plane query;
第二确定模块52,用于接收所述第二NVE实体返回的响应信令,并根据所述响应信令,确定所述未知报文的目标虚拟机的信息。The second determining module 52 is configured to receive response signaling returned by the second NVE entity, and determine information of the target virtual machine of the unknown packet according to the response signaling.
较佳地,第一确定模块51接收到的未知报文至少包括以下两种类型:Preferably, the unknown message received by the first determining module 51 includes at least the following two types:
第一种类型为地址信息未知(如MAC地址未知或IP地址未知)的报文,该类型未知报文用于查询目标虚拟机的地址信息;The first type is a packet whose address information is unknown (for example, the MAC address is unknown or the IP address is unknown), and the type of unknown packet is used to query the address information of the target virtual machine.
第二种类型为目标虚拟机所在的NVE实体未知的报文,该类型未知报文用于与所在NVE实体未知的目标虚拟机进行通信。The second type is a packet whose unknown NVE entity is located in the target virtual machine. The unknown type of packet is used to communicate with the target virtual machine whose NVE entity is unknown.
较佳地,第一确定模块51发送的控制面信令中还包括以下信息中的至少一种信息:目标虚拟机的地址信息(如IP地址或MAC地址)、源虚拟机的地址信息(如IP地址或MAC地址)、源虚拟机所属的租户的信息。Preferably, the control plane signaling sent by the first determining module 51 further includes at least one of the following information: address information of the target virtual machine (such as an IP address or a MAC address), and address information of the source virtual machine (eg, IP address or MAC address), information about the tenant to which the source virtual machine belongs.
其中,若目标虚拟机的IP地址已知,则该控制面信令中的目标虚拟机的地址信息即为目标虚拟机的IP地址;若目标虚拟机的MAC地址已知,则该控制面信令中的目标虚拟机的地址信息即为目标虚拟机的MAC地址。Wherein, if the IP address of the target virtual machine is known, the address information of the target virtual machine in the control plane signaling is the IP address of the target virtual machine; if the MAC address of the target virtual machine is known, the control surface letter The address information of the target virtual machine in the command is the MAC address of the target virtual machine.
在实施中,第一确定模块51可以根据源虚拟机发送数据面报文的端口(或接口)、或本地已保存的源虚拟机的配置信息,确定出该源虚拟机所属的租户的信息。 In the implementation, the first determining module 51 may determine the information of the tenant to which the source virtual machine belongs according to the port (or interface) of the data plane message sent by the source virtual machine or the configuration information of the locally saved source virtual machine.
较佳地,所需查询的目标虚拟机的信息包括以下信息中的至少一种信息:该目标虚拟机的地址信息(如MAC地址或IP地址)、该目标虚拟机所属的NVE实体的信息(如标识信息等)、该目标虚拟机所属的租户的信息。Preferably, the information of the target virtual machine to be queried includes at least one of the following information: address information of the target virtual machine (such as a MAC address or an IP address), and information of the NVE entity to which the target virtual machine belongs ( Such as identification information, etc.), information about the tenant to which the target virtual machine belongs.
其中,若目标虚拟机的IP地址已知,则所需查询的目标虚拟机的地址信息为MAC地址;若目标虚拟机的MAC地址已知,则所需查询的目标虚拟机的地址信息为IP地址。If the IP address of the target virtual machine is known, the address information of the target virtual machine to be queried is the MAC address; if the MAC address of the target virtual machine is known, the address information of the target virtual machine to be queried is IP. address.
较佳地,第一确定模块51具体用于:Preferably, the first determining module 51 is specifically configured to:
确定出与该未知报文相关的第二NVE实体,并向每个第二NVE实体发送控制面信令;或者Determining a second NVE entity associated with the unknown message and transmitting control plane signaling to each second NVE entity; or
向控制节点发送控制面信令,以使控制节点将该控制面信令发送给由控制节点确定出的与该未知报文相关的第二NVE实体。Control plane signaling is sent to the control node, so that the control node sends the control plane signaling to the second NVE entity determined by the control node and related to the unknown packet.
较佳地,第一确定模块51确定出与接收到的未知报文相关的第二NVE实体,包括:Preferably, the first determining module 51 determines a second NVE entity related to the received unknown message, including:
确定发送未知报文的源虚拟机所属的租户的信息(如该租户的标识信息等);以及根据该租户的信息,确定出该租户使用的其他虚拟机所在的NVE实体,将确定出的NVE实体作为与该未知报文相关的第二NVE实体。Determining the information of the tenant to which the source virtual machine that sends the unknown packet belongs (such as the identifier information of the tenant); and determining the NVE entity of the other virtual machine used by the tenant based on the information of the tenant, and determining the NVE. The entity acts as a second NVE entity associated with the unknown message.
基于同一发明构思,本发明实施例还提供了另一种NVE实体,如图6所示,该NVE实体包括:Based on the same inventive concept, the embodiment of the present invention further provides another NVE entity. As shown in FIG. 6, the NVE entity includes:
第一处理模块61,用于接收第一NVE实体发送的控制面信令,所述控制面信令是所述第一NVE实体在接收到源虚拟机发送的目标虚拟机位置未知的未知报文后发送的,用于指示所述第二NVE实体查询所述未知报文的目标虚拟机的信息,所述控制面信令中包括用于指示所述第二NVE实体启动数据面查询的指示信息;The first processing module 61 is configured to receive control plane signaling sent by the first NVE entity, where the control plane signaling is that the first NVE entity receives an unknown message whose location of the target virtual machine sent by the source virtual machine is unknown. And the information that is sent to the second NVE entity to query the target virtual machine of the unknown packet, where the control plane signaling includes indication information for instructing the second NVE entity to start the data plane query. ;
第二处理模块62,用于在本地存储的虚拟机信息中未包含所述目标虚拟机的信息时,向自身所属的NVE实体所管理的虚拟机发送数据面报文,以查询所述目标虚拟机是否归属于自身,并在确定出所述目标虚拟机归属于自身时,向所述第一NVE实体返回响应信令,所述响应信令中携带所述目标虚拟机的信息。The second processing module 62 is configured to: when the information of the target virtual machine is not included in the locally stored virtual machine information, send a data plane message to the virtual machine managed by the NVE entity to which the user belongs to query the target virtual Whether the device belongs to itself, and when it is determined that the target virtual machine belongs to itself, the response signal is returned to the first NVE entity, where the response signaling carries the information of the target virtual machine.
较佳地,第一NVE实体发送的控制面信令中还包括以下信息中的至少一种信息:目标虚拟机的地址信息(如IP地址或MAC地址)、源虚拟机的地址信息(如IP地址或MAC地址)、源虚拟机所属的租户的信息。Preferably, the control plane signaling sent by the first NVE entity further includes at least one of the following information: address information of the target virtual machine (such as an IP address or a MAC address), and address information of the source virtual machine (such as IP). Address or MAC address), information about the tenant to which the source virtual machine belongs.
较佳地,所需查询的目标虚拟机的信息包括但不限于以下信息中的至少一种信息:该目标虚拟机的地址信息(MAC地址或IP地址)、该目标虚拟机所属的NVE实体的信息(如标识信息等)、该目标虚拟机所属的租户的信息。 Preferably, the information of the target virtual machine to be queried includes, but is not limited to, at least one of the following information: address information (MAC address or IP address) of the target virtual machine, and an NVE entity to which the target virtual machine belongs. Information (such as identification information, etc.), information about the tenant to which the target virtual machine belongs.
其中,若目标虚拟机的IP地址已知,则所需查询的目标虚拟机的地址信息为MAC地址;若目标虚拟机的MAC地址已知,则所需查询的目标虚拟机的地址信息为IP地址。If the IP address of the target virtual machine is known, the address information of the target virtual machine to be queried is the MAC address; if the MAC address of the target virtual machine is known, the address information of the target virtual machine to be queried is IP. address.
较佳地,第一处理模块61具体用于:直接接收所述第一NVE实体发送的所述控制面信令;或者,接收控制节点发送的所述控制面信令,其中,所述控制节点在接收到所述第一NVE实体发送的所述控制面信令后,将所述控制面信令发送给自身确定出的与所述未知报文相关的第二NVE实体;Preferably, the first processing module 61 is specifically configured to: directly receive the control plane signaling sent by the first NVE entity; or receive the control plane signaling sent by the control node, where the control node After receiving the control plane signaling sent by the first NVE entity, sending the control plane signaling to the second NVE entity that is determined by the first NVE entity and related to the unknown packet;
第二处理模块62具体用于:直接向所述第一NVE实体返回响应信令;或者,通过控制节点向所述第一NVE实体返回响应信令。The second processing module 62 is specifically configured to: directly return response signaling to the first NVE entity; or return a response signaling to the first NVE entity by using a control node.
较佳地,第二处理模块62向自身所管理的虚拟机发送数据面报文,包括:Preferably, the second processing module 62 sends a data plane message to the virtual machine managed by the second processing module 62, including:
从所述控制面信令中,获取发送所述未知报文的源虚拟机所属的租户的信息,并向自身所管理的同一租户(即该源虚拟机所属的租户)内的虚拟机发送所述数据面报文;或者Obtaining, from the control plane signaling, the information of the tenant to which the source virtual machine that sends the unknown packet belongs, and sending the information to the virtual machine in the same tenant (that is, the tenant to which the source virtual machine belongs) managed by itself Data face message; or
向自身所管理的所有虚拟机发送所述数据面报文。The data plane message is sent to all virtual machines managed by itself.
较佳地,第二处理模块62确定所述目标虚拟机归属于自身所属的NVE实体,包括:Preferably, the second processing module 62 determines that the target virtual machine belongs to the NVE entity to which the target virtual machine belongs, including:
在接收到虚拟机发送的响应报文后,确定发送所述响应报文的虚拟机与所述源虚拟机是否属于同一租户;以及在确定发送所述响应报文的虚拟机与所述源虚拟机属于同一租户后,确定所述目标虚拟机归属于自身所属的NVE实体。After receiving the response message sent by the virtual machine, determining whether the virtual machine that sends the response message belongs to the same tenant as the source virtual machine; and determining that the virtual machine that sends the response message and the source virtual After the machine belongs to the same tenant, it is determined that the target virtual machine belongs to the NVE entity to which it belongs.
在实施中,根据不同的应用场景,接收未知报文并发送控制面信令的NVE实体,也可能成为接收控制面信令并返回响应信令的NVE实体;相应的,接收控制面信令并返回响应信令的NVE实体也可能成为接收未知报文并发送控制面信令的NVE实体,所以较佳地,图5所示的NVE实体中的模块和图6所示的NVE实体中的模块还可以合在一个NVE实体中,并根据需要选择对应的模块工作。In an implementation, according to different application scenarios, an NVE entity that receives an unknown packet and sends control plane signaling may also be an NVE entity that receives control plane signaling and returns response signaling; correspondingly, receives control plane signaling and The NVE entity that returns the response signaling may also be an NVE entity that receives the unknown message and sends the control plane signaling, so preferably, the module in the NVE entity shown in FIG. 5 and the module in the NVE entity shown in FIG. It can also be combined in an NVE entity and select the corresponding module to work as needed.
基于同一发明构思,本发明实施例提供了一种控制节点,如图7所示,该控制节点包括:Based on the same inventive concept, an embodiment of the present invention provides a control node. As shown in FIG. 7, the control node includes:
收发模块71,用于接收第一NVE实体发送的控制面信令,所述控制面信令是所述第一NVE实体在接收到源虚拟机发送的目标虚拟机位置未知的未知报文后发送的,用于指示与所述未知报文相关的第二NVE实体查询所述未知报文的目标虚拟机的信息,所述控制面信令中包括用于指示所述第二NVE实体启动数据面查询的指示信息;The transceiver module 71 is configured to receive control plane signaling sent by the first NVE entity, where the control plane signaling is sent by the first NVE entity after receiving an unknown message whose location of the target virtual machine sent by the source virtual machine is unknown. And the second NVE entity that is related to the unknown packet is used to query the information of the target virtual machine of the unknown packet, where the control plane signaling includes, to indicate that the second NVE entity starts the data plane. Indication information of the query;
确定模块72,用于确定出与所述未知报文相关的第二NVE实体,并将所述控制面信令发送给所述第二NVE实体。 The determining module 72 is configured to determine a second NVE entity related to the unknown packet, and send the control plane signaling to the second NVE entity.
较佳地,本发明实施例中的控制节点可以为NVA实体。Preferably, the control node in the embodiment of the present invention may be an NVA entity.
较佳地,第一NVE实体发送的控制面信令中还包括以下信息中的至少一种信息:目标虚拟机的地址信息(如IP地址或MAC地址)、源虚拟机的地址信息(如IP地址或MAC地址)、源虚拟机所属的租户的信息。Preferably, the control plane signaling sent by the first NVE entity further includes at least one of the following information: address information of the target virtual machine (such as an IP address or a MAC address), and address information of the source virtual machine (such as IP). Address or MAC address), information about the tenant to which the source virtual machine belongs.
较佳地,所需查询的目标虚拟机的信息包括以下信息中的至少一种信息:该目标虚拟机的地址信息(如MAC地址或IP地址)、该目标虚拟机所属的NVE实体的信息(如标识信息等)、该目标虚拟机所属的租户的信息。Preferably, the information of the target virtual machine to be queried includes at least one of the following information: address information of the target virtual machine (such as a MAC address or an IP address), and information of the NVE entity to which the target virtual machine belongs ( Such as identification information, etc.), information about the tenant to which the target virtual machine belongs.
其中,若目标虚拟机的IP地址已知,则所需查询的目标虚拟机的地址信息为MAC地址;若目标虚拟机的MAC地址已知,则所需查询的目标虚拟机的地址信息为IP地址。If the IP address of the target virtual machine is known, the address information of the target virtual machine to be queried is the MAC address; if the MAC address of the target virtual machine is known, the address information of the target virtual machine to be queried is IP. address.
较佳地,确定模块72确定出与所述未知报文相关的第二NVE实体,包括:Preferably, the determining module 72 determines a second NVE entity related to the unknown packet, including:
从所述控制面信令中,获取发送所述未知报文的源虚拟机所属的租户的信息,根据所述租户的信息,确定出所述租户使用的其他虚拟机所在的NVE实体,并将确定出的NVE实体作为与所述未知报文相关的第二NVE实体;或者Obtaining, from the control plane signaling, information about a tenant to which the source virtual machine that sends the unknown packet belongs, and determining, according to the information of the tenant, an NVE entity where another virtual machine used by the tenant is located, and Determining the NVE entity as a second NVE entity associated with the unknown message; or
从所述控制面信令中,获取发送所述未知报文的源虚拟机所属的租户的信息,根据已配置的所述租户的子网归属信息,确定出所述控制面信令所包含的目标虚拟机的地址信息所归属的NVE实体,并将确定出的NVE实体作为与所述未知报文相关的第二NVE实体。Obtaining, by the control plane signaling, information about a tenant to which the source virtual machine that sends the unknown packet belongs, and determining, according to the configured subnet attribution information of the tenant, the control plane signaling The NVE entity to which the address information of the target virtual machine belongs, and the determined NVE entity is used as the second NVE entity related to the unknown packet.
较佳地,控制节点本地保存有已配置的各租户的子网归属信息。Preferably, the control node locally stores the subnet attribution information of each configured tenant.
基于上述任一实施例,收发模块71还用于:接收第二NVE实体返回的响应信令,并将该响应信令发送给第一NVE实体。Based on any of the foregoing embodiments, the transceiver module 71 is further configured to: receive response signaling returned by the second NVE entity, and send the response signaling to the first NVE entity.
下面结合优选的硬件结构,对本发明实施例提供的NVE实体的结构、处理方式进行说明。The structure and processing manner of the NVE entity provided by the embodiment of the present invention are described below in conjunction with the preferred hardware structure.
如图8所示,该NVE实体包括:As shown in FIG. 8, the NVE entity includes:
收发器81,用于接收源虚拟机发送的报文;向与所述未知报文相关的第二NVE实体发送控制面信令,以指示第二NVE实体查询所述未知报文的目标虚拟机的信息,所述控制面信令中包括用于指示所述第二NVE实体启动数据面查询的指示信息;以及接收所述第二NVE实体返回的响应信令;The transceiver 81 is configured to receive a packet sent by the source virtual machine, and send control plane signaling to the second NVE entity related to the unknown packet, to instruct the second NVE entity to query the target virtual machine of the unknown packet. And the control plane signaling includes: indication information for instructing the second NVE entity to initiate a data plane query; and receiving response signaling returned by the second NVE entity;
处理器82,用于在确定收发器81接收到的报文为目标虚拟机位置未知的未知报文后,触发收发器81发送所述控制面信令;以及根据收发器81接收到的响应信令,确定所述未知报文的目标虚拟机的信息。 The processor 82 is configured to: after determining that the packet received by the transceiver 81 is an unknown message whose location of the target virtual machine is unknown, triggering the transceiver 81 to send the control plane signaling; and receiving the response message according to the transceiver 81. Let, determine the information of the target virtual machine of the unknown message.
其中,收发器81与处理器82之间通过总线连接。The transceiver 81 and the processor 82 are connected by a bus.
较佳地,收发器81发送的控制面信令中还包括以下信息中的至少一种信息:目标虚拟机的地址信息(如IP地址或MAC地址)、源虚拟机的地址信息(如IP地址或MAC地址)、源虚拟机所属的租户的信息。Preferably, the control plane signaling sent by the transceiver 81 further includes at least one of the following information: address information of the target virtual machine (such as an IP address or a MAC address), and address information of the source virtual machine (such as an IP address). Or MAC address), information about the tenant to which the source virtual machine belongs.
较佳地,所需查询的目标虚拟机的信息包括以下信息中的至少一种信息:Preferably, the information of the target virtual machine to be queried includes at least one of the following information:
该目标虚拟机的地址信息(如MAC地址或IP地址)、该目标虚拟机所属的NVE实体的信息(如标识信息等)、该目标虚拟机所属的租户的信息。Address information (such as a MAC address or an IP address) of the target virtual machine, information of the NVE entity to which the target virtual machine belongs (such as identification information, and the like), and information of the tenant to which the target virtual machine belongs.
其中,若目标虚拟机的IP地址已知,则所需查询的目标虚拟机的地址信息为MAC地址;若目标虚拟机的MAC地址已知,则所需查询的目标虚拟机的地址信息为IP地址。If the IP address of the target virtual machine is known, the address information of the target virtual machine to be queried is the MAC address; if the MAC address of the target virtual machine is known, the address information of the target virtual machine to be queried is IP. address.
较佳地,处理器82具体用于:Preferably, the processor 82 is specifically configured to:
确定出与该未知报文相关的第二NVE实体,并触发收发器81向每个第二NVE实体发送控制面信令;或者Determining a second NVE entity associated with the unknown message and triggering the transceiver 81 to send control plane signaling to each of the second NVE entities; or
触发收发器81向控制节点发送控制面信令,以使控制节点将该控制面信令发送给由该控制节点确定出的与该未知报文相关的第二NVE实体。The trigger transceiver 81 sends control plane signaling to the control node, so that the control node sends the control plane signaling to the second NVE entity determined by the control node and related to the unknown packet.
较佳地,处理器82确定出与未知报文相关的第二NVE实体,包括:Preferably, the processor 82 determines a second NVE entity associated with the unknown message, including:
确定发送未知报文的源虚拟机所属的租户的信息(如该租户的标识信息等);以及根据该租户的信息,确定出该租户使用的其他虚拟机所在的NVE实体,将确定出的NVE实体作为与该未知报文相关的第二NVE实体。Determining the information of the tenant to which the source virtual machine that sends the unknown packet belongs (such as the identifier information of the tenant); and determining the NVE entity of the other virtual machine used by the tenant based on the information of the tenant, and determining the NVE. The entity acts as a second NVE entity associated with the unknown message.
下面结合优选的硬件结构,对本发明实施例提供的另一NVE实体的结构、处理方式进行说明。The structure and processing manner of another NVE entity provided by the embodiment of the present invention will be described below with reference to a preferred hardware structure.
如图9所示,该NVE实体包括:As shown in FIG. 9, the NVE entity includes:
收发器91,用于接收第一NVE实体发送的控制面信令,所述控制面信令是所述第一NVE实体在接收到源虚拟机发送的目标虚拟机位置未知的未知报文后发送的,用于指示所述第二NVE实体查询所述未知报文的目标虚拟机的信息,所述控制面信令中包括用于指示所述第二NVE实体启动数据面查询的指示信息;以及向所述第一NVE实体返回响应信令,所述响应信令中携带所述目标虚拟机的信息;The transceiver 91 is configured to receive control plane signaling sent by the first NVE entity, where the control plane signaling is sent by the first NVE entity after receiving an unknown message whose location of the target virtual machine sent by the source virtual machine is unknown. And the information that is used by the second NVE entity to query the target virtual machine of the unknown message, where the control plane signaling includes indication information for instructing the second NVE entity to start a data plane query; Returning response signaling to the first NVE entity, where the response signaling carries information of the target virtual machine;
处理器92,用于在本地存储的虚拟机信息中未包含所述目标虚拟机的信息时,向自身所属的NVE实体所管理的虚拟机发送数据面报文,以查询所述目标虚拟机是否归属于自身,并在确定出所述目标虚拟机归属于自身时,触发收发器91发送所述响应信令,所述响应信令中携带所述目标虚拟机的信息。 The processor 92 is configured to send, when the information of the target virtual machine is not included in the locally stored virtual machine information, a data plane message to the virtual machine managed by the NVE entity to which the user belongs to query whether the target virtual machine is When the target virtual machine is determined to be in itself, the triggering transceiver 91 sends the response signaling, and the response signaling carries the information of the target virtual machine.
其中,收发器91与处理器92之间通过总线连接。The transceiver 91 and the processor 92 are connected by a bus.
较佳地,第一NVE实体发送的控制面信令中还包括以下信息中的至少一种信息:目标虚拟机的地址信息(如IP地址或MAC地址)、源虚拟机的地址信息(如IP地址或MAC地址)、源虚拟机所属的租户的信息。Preferably, the control plane signaling sent by the first NVE entity further includes at least one of the following information: address information of the target virtual machine (such as an IP address or a MAC address), and address information of the source virtual machine (such as IP). Address or MAC address), information about the tenant to which the source virtual machine belongs.
较佳地,所需查询的目标虚拟机的信息包括但不限于以下信息中的至少一种信息:该目标虚拟机的地址信息(MAC地址或IP地址)、该目标虚拟机所属的NVE实体的信息(如标识信息等)、该目标虚拟机所属的租户的信息。Preferably, the information of the target virtual machine to be queried includes, but is not limited to, at least one of the following information: address information (MAC address or IP address) of the target virtual machine, and an NVE entity to which the target virtual machine belongs. Information (such as identification information, etc.), information about the tenant to which the target virtual machine belongs.
其中,若目标虚拟机的IP地址已知,则所需查询的目标虚拟机的地址信息为MAC地址;若目标虚拟机的MAC地址已知,则所需查询的目标虚拟机的地址信息为IP地址。If the IP address of the target virtual machine is known, the address information of the target virtual machine to be queried is the MAC address; if the MAC address of the target virtual machine is known, the address information of the target virtual machine to be queried is IP. address.
较佳地,收发器91具体用于:直接接收所述第一NVE实体发送的所述控制面信令;或者,接收控制节点发送的所述控制面信令,其中,所述控制节点在接收到所述第一NVE实体发送的所述控制面信令后,将所述控制面信令发送给自身确定出的与所述未知报文相关的第二NVE实体。Preferably, the transceiver 91 is specifically configured to: directly receive the control plane signaling sent by the first NVE entity; or receive the control plane signaling sent by the control node, where the control node is receiving After the control plane signaling sent by the first NVE entity, the control plane signaling is sent to the second NVE entity that is determined by the first NVE entity and is related to the unknown packet.
较佳地,收发器91具体用于:直接向所述第一NVE实体返回响应信令;或者,通过控制节点向所述第一NVE实体返回响应信令。Preferably, the transceiver 91 is specifically configured to: directly return response signaling to the first NVE entity; or return a response signaling to the first NVE entity by using a control node.
较佳地,处理器92具体用于:Preferably, the processor 92 is specifically configured to:
从所述控制面信令中,获取发送所述未知报文的源虚拟机所属的租户的信息,并触发收发器91向自身所管理的同一租户(即该源虚拟机所属的租户)内的虚拟机发送所述数据面报文;或者Obtaining, from the control plane signaling, the information of the tenant to which the source virtual machine that sends the unknown packet belongs, and triggering the transceiver 91 to the same tenant (that is, the tenant to which the source virtual machine belongs) managed by itself The virtual machine sends the data plane message; or
触发收发器91向自身所管理的所有虚拟机发送所述数据面报文。The trigger transceiver 91 sends the data plane message to all virtual machines managed by itself.
较佳地,处理器92确定目标虚拟机归属于自身所属的NVE实体,包括:Preferably, the processor 92 determines that the target virtual machine belongs to the NVE entity to which the virtual machine belongs, including:
在收发器91接收到虚拟机发送的响应报文后,确定发送所述响应报文的虚拟机与所述源虚拟机是否属于同一租户;以及在确定发送所述响应报文的虚拟机与所述源虚拟机属于同一租户后,确定所述目标虚拟机归属于自身所属的NVE实体。After receiving the response message sent by the virtual machine, the transceiver 91 determines whether the virtual machine that sends the response message and the source virtual machine belong to the same tenant; and determines the virtual machine and the server that sends the response message. After the source virtual machine belongs to the same tenant, it is determined that the target virtual machine belongs to the NVE entity to which it belongs.
在实施中,根据不同的应用场景,接收未知报文并发送控制面信令的NVE实体,也可能成为接收控制面信令并返回响应信令的NVE实体;相应的,接收控制面信令并返回响应信令的NVE实体也可能成为接收未知报文并发送控制面信令的NVE实体,所以较佳地,图8所示的NVE实体中的收发器的功能和图9所示的NVE实体中的收发器的功能可以合在一个收发器中,并根据需要选择对应的模块工作;图8所示的NVE实体中的处理器的功能和图9所示的NVE实体中的处理器的功能可以合在一个处理器中,并根据需要 选择对应的模块工作。In an implementation, according to different application scenarios, an NVE entity that receives an unknown packet and sends control plane signaling may also be an NVE entity that receives control plane signaling and returns response signaling; correspondingly, receives control plane signaling and The NVE entity that returns the response signaling may also be an NVE entity that receives the unknown message and sends the control plane signaling, so preferably, the function of the transceiver in the NVE entity shown in FIG. 8 and the NVE entity shown in FIG. The function of the transceiver in the transceiver can be combined in one transceiver, and the corresponding module works according to the need; the function of the processor in the NVE entity shown in FIG. 8 and the function of the processor in the NVE entity shown in FIG. Can be combined in one processor and as needed Select the corresponding module to work.
下面结合优选的硬件结构,对本发明实施例提供的控制节点的结构、处理方式进行说明。The structure and processing manner of the control node provided by the embodiment of the present invention are described below in conjunction with the preferred hardware structure.
如图10所示,该控制节点包括:As shown in FIG. 10, the control node includes:
收发器101,用于接收第一NVE实体发送的控制面信令,所述控制面信令是所述第一NVE实体在接收到源虚拟机发送的目标虚拟机位置未知的未知报文后发送的,用于指示与所述未知报文相关的第二NVE实体查询所述未知报文的目标虚拟机的信息,所述控制面信令中包括用于指示所述第二NVE实体启动数据面查询的指示信息;The transceiver 101 is configured to receive control plane signaling sent by the first NVE entity, where the control plane signaling is sent by the first NVE entity after receiving an unknown message whose location of the target virtual machine sent by the source virtual machine is unknown. And the second NVE entity that is related to the unknown packet is used to query the information of the target virtual machine of the unknown packet, where the control plane signaling includes, to indicate that the second NVE entity starts the data plane. Indication information of the query;
处理器102,用于确定出与所述未知报文相关的第二NVE实体,并触发收发器101将所述控制面信令发送给所述第二NVE实体。The processor 102 is configured to determine a second NVE entity related to the unknown packet, and trigger the transceiver 101 to send the control plane signaling to the second NVE entity.
其中,收发器101与处理器102之间通过总线连接。The transceiver 101 and the processor 102 are connected by a bus.
较佳地,本发明实施例中的控制节点可以为NVA实体。Preferably, the control node in the embodiment of the present invention may be an NVA entity.
较佳地,第一NVE实体发送的控制面信令中还包括以下信息中的至少一种信息:目标虚拟机的地址信息(如IP地址或MAC地址)、源虚拟机的地址信息(如IP地址或MAC地址)、源虚拟机所属的租户的信息。Preferably, the control plane signaling sent by the first NVE entity further includes at least one of the following information: address information of the target virtual machine (such as an IP address or a MAC address), and address information of the source virtual machine (such as IP). Address or MAC address), information about the tenant to which the source virtual machine belongs.
较佳地,所需查询的目标虚拟机的信息包括以下信息中的至少一种信息:该目标虚拟机的地址信息(如MAC地址或IP地址)、该目标虚拟机所属的NVE实体的信息(如标识信息等)、该目标虚拟机所属的租户的信息。Preferably, the information of the target virtual machine to be queried includes at least one of the following information: address information of the target virtual machine (such as a MAC address or an IP address), and information of the NVE entity to which the target virtual machine belongs ( Such as identification information, etc.), information about the tenant to which the target virtual machine belongs.
其中,若目标虚拟机的IP地址已知,则所需查询的目标虚拟机的地址信息为MAC地址;若目标虚拟机的MAC地址已知,则所需查询的目标虚拟机的地址信息为IP地址。If the IP address of the target virtual machine is known, the address information of the target virtual machine to be queried is the MAC address; if the MAC address of the target virtual machine is known, the address information of the target virtual machine to be queried is IP. address.
较佳地,处理器102确定出与所述未知报文相关的第二NVE实体,包括:Preferably, the processor 102 determines a second NVE entity related to the unknown packet, including:
从所述控制面信令中,获取发送所述未知报文的源虚拟机所属的租户的信息,根据所述租户的信息,确定出所述租户使用的其他虚拟机所在的NVE实体,并将确定出的NVE实体作为与所述未知报文相关的第二NVE实体;或者Obtaining, from the control plane signaling, information about a tenant to which the source virtual machine that sends the unknown packet belongs, and determining, according to the information of the tenant, an NVE entity where another virtual machine used by the tenant is located, and Determining the NVE entity as a second NVE entity associated with the unknown message; or
从所述控制面信令中,获取发送所述未知报文的源虚拟机所属的租户的信息,根据已配置的所述租户的子网归属信息,确定出所述控制面信令所包含的目标虚拟机的地址信息所归属的NVE实体,并将确定出的NVE实体作为与所述未知报文相关的第二NVE实体。Obtaining, by the control plane signaling, information about a tenant to which the source virtual machine that sends the unknown packet belongs, and determining, according to the configured subnet attribution information of the tenant, the control plane signaling The NVE entity to which the address information of the target virtual machine belongs, and the determined NVE entity is used as the second NVE entity related to the unknown packet.
较佳地,控制节点本地保存有已配置的各租户的子网归属信息。Preferably, the control node locally stores the subnet attribution information of each configured tenant.
基于上述任一实施例,收发器101还用于:接收第二NVE实体返回的响应信令,并 将该响应信令发送给第一NVE实体。Based on any of the foregoing embodiments, the transceiver 101 is further configured to: receive response signaling returned by the second NVE entity, and The response signaling is sent to the first NVE entity.
本领域内的技术人员应明白,本发明的实施例可提供为方法、***、或计算机程序产品。因此,本发明可采用完全硬件实施例、完全软件实施例、或结合软件和硬件方面的实施例的形式。而且,本发明可采用在一个或多个其中包含有计算机可用程序代码的计算机可用存储介质(包括但不限于磁盘存储器、CD-ROM、光学存储器等)上实施的计算机程序产品的形式。Those skilled in the art will appreciate that embodiments of the present invention can be provided as a method, system, or computer program product. Accordingly, the present invention may take the form of an entirely hardware embodiment, an entirely software embodiment, or a combination of software and hardware. Moreover, the invention can take the form of a computer program product embodied on one or more computer-usable storage media (including but not limited to disk storage, CD-ROM, optical storage, etc.) including computer usable program code.
本发明是参照根据本发明实施例的方法、设备(***)、和计算机程序产品的流程图和/或方框图来描述的。应理解可由计算机程序指令实现流程图和/或方框图中的每一流程和/或方框、以及流程图和/或方框图中的流程和/或方框的结合。可提供这些计算机程序指令到通用计算机、专用计算机、嵌入式处理机或其他可编程数据处理设备的处理器以产生一个机器,使得通过计算机或其他可编程数据处理设备的处理器执行的指令产生用于实现在流程图一个流程或多个流程和/或方框图一个方框或多个方框中指定的功能的装置。The present invention has been described with reference to flowchart illustrations and/or block diagrams of methods, apparatus (system), and computer program products according to embodiments of the invention. It will be understood that each flow and/or block of the flowchart illustrations and/or FIG. These computer program instructions can be provided to a processor of a general purpose computer, special purpose computer, embedded processor, or other programmable data processing device to produce a machine for the execution of instructions for execution by a processor of a computer or other programmable data processing device. Means for implementing the functions specified in one or more of the flow or in a block or blocks of the flow chart.
这些计算机程序指令也可存储在能引导计算机或其他可编程数据处理设备以特定方式工作的计算机可读存储器中,使得存储在该计算机可读存储器中的指令产生包括指令装置的制造品,该指令装置实现在流程图一个流程或多个流程和/或方框图一个方框或多个方框中指定的功能。The computer program instructions can also be stored in a computer readable memory that can direct a computer or other programmable data processing device to operate in a particular manner, such that the instructions stored in the computer readable memory produce an article of manufacture comprising the instruction device. The apparatus implements the functions specified in one or more blocks of a flow or a flow and/or block diagram of the flowchart.
这些计算机程序指令也可装载到计算机或其他可编程数据处理设备上,使得在计算机或其他可编程设备上执行一系列操作步骤以产生计算机实现的处理,从而在计算机或其他可编程设备上执行的指令提供用于实现在流程图一个流程或多个流程和/或方框图一个方框或多个方框中指定的功能的步骤。These computer program instructions can also be loaded onto a computer or other programmable data processing device such that a series of operational steps are performed on a computer or other programmable device to produce computer-implemented processing for execution on a computer or other programmable device. The instructions provide steps for implementing the functions specified in one or more of the flow or in a block or blocks of a flow diagram.
显然,本领域的技术人员可以对本发明进行各种改动和变型而不脱离本发明和范围。这样,倘若本发明的这些修改和变型属于本发明权利要求及其等同技术的范围之内,则本发明也意图包含这些改动和变型在内。 It will be apparent that those skilled in the art can make various modifications and variations to the present invention without departing from the scope of the invention. Thus, it is intended that the present invention cover the modifications and modifications of the invention

Claims (13)

  1. 一种报文处理方法,其特征在于,该方法包括:A message processing method, characterized in that the method comprises:
    第二NVE实体接收第一NVE实体发送的控制面信令,所述控制面信令是所述第一NVE实体在接收到源虚拟机发送的目标虚拟机位置未知的未知报文后发送的,用于指示所述第二NVE实体查询所述未知报文的目标虚拟机的信息,所述控制面信令中包括用于指示所述第二NVE实体启动数据面查询的指示信息;The second NVE entity receives the control plane signaling sent by the first NVE entity, where the control plane signaling is sent by the first NVE entity after receiving an unknown message whose location of the target virtual machine sent by the source virtual machine is unknown. And the information indicating that the second NVE entity queries the target virtual machine of the unknown packet, where the control plane signaling includes indication information for instructing the second NVE entity to start a data plane query;
    若本地存储的虚拟机信息中未包含所述目标虚拟机的信息,所述第二NVE实体向自身所管理的虚拟机发送数据面报文,以查询所述目标虚拟机是否归属于自身,并在确定出所述目标虚拟机归属于自身时,向所述第一NVE实体返回响应信令,所述响应信令中携带所述目标虚拟机的信息。If the information of the target virtual machine is not included in the locally stored virtual machine information, the second NVE entity sends a data plane message to the virtual machine managed by the second NVE entity to query whether the target virtual machine belongs to itself, and When it is determined that the target virtual machine belongs to itself, the response signal is returned to the first NVE entity, where the response signaling carries the information of the target virtual machine.
  2. 如权利要求1所述的方法,其特征在于,所述第二NVE实体接收所述第一NVE实体发送的控制面信令,包括:The method according to claim 1, wherein the second NVE entity receives the control plane signaling sent by the first NVE entity, including:
    所述第二NVE实体直接接收所述第一NVE实体发送的所述控制面信令;或者,所述第二NVE实体接收控制节点发送的所述控制面信令,其中,所述控制节点在接收到所述第一NVE实体发送的所述控制面信令后,将所述控制面信令发送给自身确定出的与所述未知报文相关的第二NVE实体;The second NVE entity directly receives the control plane signaling sent by the first NVE entity; or the second NVE entity receives the control plane signaling sent by a control node, where the control node is After receiving the control plane signaling sent by the first NVE entity, sending the control plane signaling to the second NVE entity that is determined by the first NVE entity and related to the unknown packet;
    所述第二NVE实体向所述第一NVE实体返回响应信令,包括:Returning the response signaling to the first NVE entity by the second NVE entity, including:
    所述第二NVE实体直接向所述第一NVE实体返回响应信令;或者,所述第二NVE实体通过控制节点向所述第一NVE实体返回响应信令。The second NVE entity directly returns response signaling to the first NVE entity; or the second NVE entity returns response signaling to the first NVE entity by using a control node.
  3. 如权利要求1所述的方法,其特征在于,所述第二NVE实体向自身所管理的虚拟机发送数据面报文,包括:The method of claim 1, wherein the second NVE entity sends a data plane message to the virtual machine managed by the second NVE entity, including:
    所述第二NVE实体从所述控制面信令中,获取发送所述未知报文的源虚拟机所属的租户的信息,并向自身所管理的同一租户内的虚拟机发送所述数据面报文;或者The second NVE entity obtains, from the control plane signaling, information about a tenant to which the source virtual machine that sends the unknown packet belongs, and sends the data report to a virtual machine in the same tenant managed by itself. Text; or
    所述第二NVE实体向自身所管理的所有虚拟机发送所述数据面报文。The second NVE entity sends the data plane message to all virtual machines managed by itself.
  4. 如权利要求1~3任一项所述的方法,其特征在于,所述第二NVE实体确定所述目标虚拟机归属于自身,包括:The method according to any one of claims 1 to 3, wherein the second NVE entity determines that the target virtual machine belongs to itself, and includes:
    在接收到虚拟机发送的响应报文后,所述第二NVE实体确定发送所述响应报文的虚拟机与所述源虚拟机是否属于同一租户;After receiving the response message sent by the virtual machine, the second NVE entity determines whether the virtual machine that sends the response message and the source virtual machine belong to the same tenant;
    在确定发送所述响应报文的虚拟机与所述源虚拟机属于同一租户后,所述第二NVE实体确定所述目标虚拟机归属于自身。 After determining that the virtual machine that sends the response message belongs to the same tenant as the source virtual machine, the second NVE entity determines that the target virtual machine belongs to itself.
  5. 如权利要求1~3任一项所述的方法,其特征在于,所述目标虚拟机的信息包括以下信息中的至少一种信息:The method according to any one of claims 1 to 3, wherein the information of the target virtual machine comprises at least one of the following information:
    所述目标虚拟机的地址信息、所述目标虚拟机所属的NVE实体的信息、所述目标虚拟机所属的租户的信息。The address information of the target virtual machine, the information of the NVE entity to which the target virtual machine belongs, and the information of the tenant to which the target virtual machine belongs.
  6. 一种网络虚拟边缘NVE实体,其特征在于,该NVE实体包括:A network virtual edge NVE entity, wherein the NVE entity includes:
    第一确定模块,用于在确定接收到的源虚拟机发送的报文为目标虚拟机位置未知的未知报文后,向与所述未知报文相关的第二NVE实体发送控制面信令,以指示第二NVE实体查询所述未知报文的目标虚拟机的信息,所述控制面信令中包括用于指示所述第二NVE实体启动数据面查询的指示信息;a first determining module, configured to: after determining that the received packet sent by the source virtual machine is an unknown packet whose location is unknown to the target virtual machine, send control plane signaling to the second NVE entity related to the unknown packet, Instructing the second NVE entity to query the information of the target virtual machine of the unknown message, where the control plane signaling includes indication information for instructing the second NVE entity to start a data plane query;
    第二确定模块,用于接收所述第二NVE实体返回的响应信令,并根据所述响应信令,确定所述未知报文的目标虚拟机的信息。And a second determining module, configured to receive response signaling returned by the second NVE entity, and determine information of the target virtual machine of the unknown packet according to the response signaling.
  7. 如权利要求6所述的NVE实体,其特征在于,所述第一确定模块具体用于:The NVE entity according to claim 6, wherein the first determining module is specifically configured to:
    确定出与所述未知报文相关的第二NVE实体,并向每个所述第二NVE实体发送控制面信令;或者Determining a second NVE entity associated with the unknown message and transmitting control plane signaling to each of the second NVE entities; or
    向控制节点发送控制面信令,以使所述控制节点将所述控制面信令发送给由所述控制节点确定出的与所述未知报文相关的第二NVE实体。And transmitting control plane signaling to the control node, so that the control node sends the control plane signaling to the second NVE entity that is determined by the control node and is related to the unknown packet.
  8. 一种网络虚拟边缘NVE实体,其特征在于,该NVE实体包括:A network virtual edge NVE entity, wherein the NVE entity includes:
    第一处理模块,用于接收第一NVE实体发送的控制面信令,所述控制面信令是所述第一NVE实体在接收到源虚拟机发送的目标虚拟机位置未知的未知报文后发送的,用于指示所述第二NVE实体查询所述未知报文的目标虚拟机的信息,所述控制面信令中包括用于指示所述第二NVE实体启动数据面查询的指示信息;a first processing module, configured to receive control plane signaling sent by the first NVE entity, where the control plane signaling is that the first NVE entity receives an unknown message that is unknown to the target virtual machine sent by the source virtual machine. The information that is sent to the second NVE entity to query the target virtual machine of the unknown packet, where the control plane signaling includes indication information for instructing the second NVE entity to start a data plane query;
    第二处理模块,用于在本地存储的虚拟机信息中未包含所述目标虚拟机的信息时,向自身所属的NVE实体所管理的虚拟机发送数据面报文,以查询所述目标虚拟机是否归属于自身,并在确定出所述目标虚拟机归属于自身时,向所述第一NVE实体返回响应信令,所述响应信令中携带所述目标虚拟机的信息。a second processing module, configured to send a data plane message to the virtual machine managed by the NVE entity to which the virtual machine information is stored, to query the target virtual machine, when the information of the target virtual machine is not included in the locally stored virtual machine information. If it is determined by itself, and when it is determined that the target virtual machine belongs to itself, the response signal is returned to the first NVE entity, and the response signaling carries the information of the target virtual machine.
  9. 如权利要求8所述的NVE实体,其特征在于,所述第一处理模块具体用于:直接接收所述第一NVE实体发送的所述控制面信令;或者,接收控制节点发送的所述控制面信令,其中,所述控制节点在接收到所述第一NVE实体发送的所述控制面信令后,将所述控制面信令发送给自身确定出的与所述未知报文相关的第二NVE实体;The NVE entity according to claim 8, wherein the first processing module is specifically configured to: directly receive the control plane signaling sent by the first NVE entity; or receive the The control plane signaling, after the control node receives the control plane signaling sent by the first NVE entity, sends the control plane signaling to the identifier that is determined by itself and is related to the unknown packet. Second NVE entity;
    所述第二处理模块具体用于:直接向所述第一NVE实体返回响应信令;或者,通过 控制节点向所述第一NVE实体返回响应信令。The second processing module is specifically configured to: directly return response signaling to the first NVE entity; or, pass The control node returns response signaling to the first NVE entity.
  10. 如权利要求8所述的NVE实体,其特征在于,所述第二处理模块向自身所管理的虚拟机发送数据面报文,包括:The NVE entity of claim 8, wherein the second processing module sends a data plane message to the virtual machine managed by the second processing module, including:
    从所述控制面信令中,获取发送所述未知报文的源虚拟机所属的租户的信息,并向自身所管理的同一租户内的虚拟机发送所述数据面报文;或者Obtaining, from the control plane signaling, information about a tenant to which the source virtual machine that sends the unknown packet belongs, and sending the data plane packet to a virtual machine in the same tenant managed by the host; or
    向自身所管理的所有虚拟机发送所述数据面报文。The data plane message is sent to all virtual machines managed by itself.
  11. 如权利要求8~10任一项所述的NVE实体,其特征在于,所述第二处理模块确定所述目标虚拟机归属于自身所属的NVE实体,包括:The NVE entity according to any one of claims 8 to 10, wherein the second processing module determines that the target virtual machine belongs to an NVE entity to which the target virtual machine belongs, including:
    在接收到虚拟机发送的响应报文后,确定发送所述响应报文的虚拟机与所述源虚拟机是否属于同一租户;以及在确定发送所述响应报文的虚拟机与所述源虚拟机属于同一租户后,确定所述目标虚拟机归属于自身所属的NVE实体。After receiving the response message sent by the virtual machine, determining whether the virtual machine that sends the response message belongs to the same tenant as the source virtual machine; and determining that the virtual machine that sends the response message and the source virtual After the machine belongs to the same tenant, it is determined that the target virtual machine belongs to the NVE entity to which it belongs.
  12. 一种控制节点,其特征在于,该控制节点包括:A control node is characterized in that the control node comprises:
    收发模块,用于接收第一NVE实体发送的控制面信令,所述控制面信令是所述第一NVE实体在接收到源虚拟机发送的目标虚拟机位置未知的未知报文后发送的,用于指示与所述未知报文相关的第二NVE实体查询所述未知报文的目标虚拟机的信息,所述控制面信令中包括用于指示所述第二NVE实体启动数据面查询的指示信息;a transceiver module, configured to receive control plane signaling sent by the first NVE entity, where the control plane signaling is sent by the first NVE entity after receiving an unknown packet whose location of the target virtual machine sent by the source virtual machine is unknown And the second NVE entity that is related to the unknown packet is used to query the information of the target virtual machine of the unknown packet, where the control plane signaling includes indicating that the second NVE entity starts the data plane query. Instructions;
    确定模块,用于确定出与所述未知报文相关的第二NVE实体,并将所述控制面信令发送给所述第二NVE实体。And a determining module, configured to determine a second NVE entity related to the unknown packet, and send the control plane signaling to the second NVE entity.
  13. 如权利要求12所述的控制节点,其特征在于,所述确定模块确定出与所述未知报文相关的第二NVE实体,包括:The control node according to claim 12, wherein the determining module determines a second NVE entity related to the unknown packet, including:
    从所述控制面信令中,获取发送所述未知报文的源虚拟机所属的租户的信息,根据所述租户的信息,确定出所述租户使用的其他虚拟机所在的NVE实体,并将确定出的NVE实体作为与所述未知报文相关的第二NVE实体;或者Obtaining, from the control plane signaling, information about a tenant to which the source virtual machine that sends the unknown packet belongs, and determining, according to the information of the tenant, an NVE entity where another virtual machine used by the tenant is located, and Determining the NVE entity as a second NVE entity associated with the unknown message; or
    从所述控制面信令中,获取发送所述未知报文的源虚拟机所属的租户的信息,根据已配置的所述租户的子网归属信息,确定出所述控制面信令所包含的目标虚拟机的地址信息所归属的NVE实体,并将确定出的NVE实体作为与所述未知报文相关的第二NVE实体。 Obtaining, by the control plane signaling, information about a tenant to which the source virtual machine that sends the unknown packet belongs, and determining, according to the configured subnet attribution information of the tenant, the control plane signaling The NVE entity to which the address information of the target virtual machine belongs, and the determined NVE entity is used as the second NVE entity related to the unknown packet.
PCT/CN2015/076784 2014-05-28 2015-04-16 Packet processing method and device WO2015180539A1 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
CN201410232568.6A CN105450526B (en) 2014-05-28 2014-05-28 A kind of message processing method and equipment
CN201410232568.6 2014-05-28

Publications (1)

Publication Number Publication Date
WO2015180539A1 true WO2015180539A1 (en) 2015-12-03

Family

ID=54698051

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2015/076784 WO2015180539A1 (en) 2014-05-28 2015-04-16 Packet processing method and device

Country Status (2)

Country Link
CN (1) CN105450526B (en)
WO (1) WO2015180539A1 (en)

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN113228812A (en) * 2019-01-03 2021-08-06 上海诺基亚贝尔股份有限公司 Method and apparatus for sharing control plane capacity
CN113612782A (en) * 2021-08-06 2021-11-05 中国联合网络通信集团有限公司 Virtual machine migration verification method and device

Families Citing this family (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN112565045B (en) * 2019-09-26 2024-05-07 中兴通讯股份有限公司 Method, device, equipment and storage medium for forwarding message in EVPN

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20140006585A1 (en) * 2012-06-29 2014-01-02 Futurewei Technologies, Inc. Providing Mobility in Overlay Networks
CN103580980A (en) * 2012-07-24 2014-02-12 中兴通讯股份有限公司 Automatic searching and automatic configuration method and device of VN
CN103685026A (en) * 2012-08-31 2014-03-26 中兴通讯股份有限公司 Virtual network access method and system

Family Cites Families (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103428038B (en) * 2012-05-18 2018-06-12 中兴通讯股份有限公司 The detection method and device of tenant identification of virtual machine
CN103647853B (en) * 2013-12-04 2018-07-03 华为技术有限公司 One kind sends ARP file transmitting methods, VTEP and VxLAN controllers in VxLAN

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20140006585A1 (en) * 2012-06-29 2014-01-02 Futurewei Technologies, Inc. Providing Mobility in Overlay Networks
CN103580980A (en) * 2012-07-24 2014-02-12 中兴通讯股份有限公司 Automatic searching and automatic configuration method and device of VN
CN103685026A (en) * 2012-08-31 2014-03-26 中兴通讯股份有限公司 Virtual network access method and system

Cited By (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN113228812A (en) * 2019-01-03 2021-08-06 上海诺基亚贝尔股份有限公司 Method and apparatus for sharing control plane capacity
CN113228812B (en) * 2019-01-03 2024-02-06 上海诺基亚贝尔股份有限公司 Method and apparatus for sharing control plane capacity
CN113612782A (en) * 2021-08-06 2021-11-05 中国联合网络通信集团有限公司 Virtual machine migration verification method and device
CN113612782B (en) * 2021-08-06 2023-02-17 中国联合网络通信集团有限公司 Virtual machine migration verification method and device

Also Published As

Publication number Publication date
CN105450526B (en) 2018-09-21
CN105450526A (en) 2016-03-30

Similar Documents

Publication Publication Date Title
EP3913480B1 (en) Method and apparatus for determining virtual machine migration
CN107070691B (en) Cross-host communication method and system of Docker container
US9825900B2 (en) Overlay tunnel information exchange protocol
TWI744359B (en) Method for data transmission and network equipment
US9634991B2 (en) Method, apparatus, host, and network system for processing packet
CN108347493B (en) Hybrid cloud management method and device and computing equipment
JP6574304B2 (en) Virtual network management
EP3214816B1 (en) Method, gateway and system for synchronizing virtual machine location information between data center gateways
CN107547349A (en) A kind of method and device of virtual machine (vm) migration
JP5980725B2 (en) Network device, relay management method, relay management program, and communication system
EP3125504B1 (en) Resource allocation method, packet communication method and device
EP3493477B1 (en) Message monitoring
WO2014089799A1 (en) Method and apparatus for determining virtual machine drifting
TWI474681B (en) Connecting method for virtual machine in cloud system
CN102821023A (en) Method and device for dynamically migrating VLAN (virtual local area network) configuration
WO2016090900A1 (en) Flow table update method and device
WO2018171722A1 (en) Mac address synchronization
WO2015180539A1 (en) Packet processing method and device
CN111294268B (en) Method and device for avoiding IP address conflict
WO2014101145A1 (en) Method and apparatus for transmitting network information
US20170302743A1 (en) Migration
CN111800340B (en) Data packet forwarding method and device

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 15800185

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 15800185

Country of ref document: EP

Kind code of ref document: A1