CN104104534A - Realization method of virtual network (VN) management and virtual network management system - Google Patents
Realization method of virtual network (VN) management and virtual network management system Download PDFInfo
- Publication number
- CN104104534A CN104104534A CN201310127986.4A CN201310127986A CN104104534A CN 104104534 A CN104104534 A CN 104104534A CN 201310127986 A CN201310127986 A CN 201310127986A CN 104104534 A CN104104534 A CN 104104534A
- Authority
- CN
- China
- Prior art keywords
- network
- configuration
- access
- virtual router
- business
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L41/00—Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
- H04L41/50—Network service management, e.g. ensuring proper service fulfilment according to agreements
- H04L41/5041—Network service management, e.g. ensuring proper service fulfilment according to agreements characterised by the time relationship between creation and deployment of a service
- H04L41/5054—Automatic deployment of services triggered by the service manager, e.g. service implementation by automatic configuration of network components
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L41/00—Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
- H04L41/08—Configuration management of networks or network elements
- H04L41/0803—Configuration setting
- H04L41/0806—Configuration setting for initial configuration or provisioning, e.g. plug-and-play
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L41/00—Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
- H04L41/08—Configuration management of networks or network elements
- H04L41/0895—Configuration of virtualised networks or elements, e.g. virtualised network function or OpenFlow elements
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L41/00—Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
- H04L41/40—Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks using virtualisation of network functions or resources, e.g. SDN or NFV entities
Landscapes
- Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Data Exchanges In Wide-Area Networks (AREA)
Abstract
A realization method of virtual network management and a virtual network management system of the present invention relate to the communication field. The method disclosed by the present invention comprises the steps of using a VN business development and management function entity to determine a VN parameter according to the VN disposition demands; using the VN business development and management function entity to obtain the available network resource information; if the available network resources satisfy the VN disposition demands, determining a mapping relationship of a VN and the physical network resource, determining a physical network device and a computer system needing to be configured; using the VN business development and management function entity to send configuration management commands to the network device and the computer system; using the network device and the computer system to execute the configuration management commands, and returning an execution result to the VN business development and management function entity. The present invention also discloses a virtual network management system. The application technical scheme can support the efficient businesses of cloud computing providers, and provides a universal VN automatic configuration scheme.
Description
Technical field
The present invention relates to the communications field, relate more specifically to a kind of implementation method and system of virtual network management.
Background technology
Along with generally carrying out of cloud computing business, the characteristic of cloud business is more and more senior.For example, early stage IaaS business, generally provides independent computer resource and storage resources etc.But what the user of a cloud computing often needed is that these calculate and storage resources forms a network, realizes user's application function or provides/carry out service.Further, these resources are general all in cloud computing service provider's data center, the user of cloud computing, also needing can be by networks such as INTERNET, realize remote access, or these clients' of data center network, can be linked in user's existing network, particularly in user's enterprise network or VPN.
Fig. 1 is that data center's virtual network business of NVO3 provides structure chart.
In prior art, for realizing the deployment of virtual network VN, the network manager who needs cloud computing provider, configure concrete server and/or the virtual machine VM in server, and the network equipment, and will be by these servers or/and virtual machine and the relevant network equipment carry out associatedly, realize concrete VN and dispose.In general, this process is more loaded down with trivial details, relates to Virtual Machine Manager platform and network management platform, needs long setup time, and is easy to make mistakes.This is concerning the public cloud calculation services provider towards a large number of users, and the development efficiency of business can be severely limited.
Summary of the invention
Technical problem to be solved by this invention is that the implementation method and the system that provide a kind of virtual network to manage, support the efficient business of cloud computing provider to provide.
In order to solve the problems of the technologies described above, the invention discloses the implementation method of a kind of virtual network (VN) management, comprising:
VN business is carried out with management function entity according to VN deployment requirements, determines VN parameter;
Described VN business is carried out with management function entity and is obtained available network resource information, if available network resource meets VN deployment requirements, determines that VN is to the mapping relations of physical network resource, determines and needs the physical network device and the computer system that configure;
Described VN business is carried out with management function entity to the described network equipment and computer system transmission configuration management order;
Described physical network device and computer system are carried out described configuration management order, and execution result information is returned to described VN business carry out and management function entity.
Preferably, in said method, described VN business is carried out with management function entity and is passed through managing computing resources system to described computer system transmission configuration management order, and wherein, described managing computing resources system is concentrated managing computing resources system.
Preferably, in said method, described VN parameter at least comprises following one or more information:
The quantity of computing node, the characteristic of computing node, computing node access bandwidth, network interconnection bandwidth, the number of access point of accessing Internet and bandwidth, bandwidth and the number of access point of user's access of VN network, the quantity of medium access control (MAC) address and IP address, the quantity of VLAN (VLAN), the quantity of fire compartment wall and performance index parameter, memory space size and access point, DynamicHost arranges agreement (DHCP) server capability demand, domain name system (DNS) server capability demand, quantity and the access parameter of the access point of VPN (virtual private network) (VPN),
Wherein, the characteristic of computing node comprise following one or more:
Central processing unit (CPU) speed, memory size.
Preferably, in said method, the described network equipment of configuration that needs comprises edge control appliance, described edge control appliance includes but not limited to: operator/provider edge (PE, Provider Edge) router, network virtualization edge (NVE) equipment, Autonomous System Boundary Router, AS Boundary Router (ASBR, AutonomousSystemBorderRouter), security gateway, data center's gateway.
Preferably, in said method, described VN parameter, also comprises the Routing Protocol that virtual router and virtual router are supported.
Preferably, said method also comprises: carry out the selection of virtual router, determine the connection of the edge control appliance of described virtual router and described VN, and the interface of described virtual router and described connection is configured;
Wherein, while carrying out the selection of virtual router, can directly select virtual router by available network resource information, or by selecting VM, carry out the preparation of virtual router software, thereby realize the selection of virtual router
Preferably, in said method, configure described edge control appliance, realize the Internet access, and/or configuration network address transition (NAT) function realizes implicit IP address and changes to public network IP address.
Preferably, in said method, configure described edge control appliance, realize the access from the Internet to VN, and can further carry out the configuration of secure tunnel end points, realize the safety access of VN.
Preferably, in said method, described configuration management order comprise following one or more:
Configuration, revises configuration, deletes configuration, the running status of display device.
The invention also discloses a kind of virtual network management system, comprising:
VN business is carried out and management function entity, according to VN deployment requirements, determine VN parameter, and obtain available network resource information, if available network resource meets VN deployment requirements, determine that VN, to the mapping relations of physical network resource, determines the network equipment and the computer system that need configuration, and send configuration management order to the described network equipment and computer system;
Computer system, carries out received configuration management order, forms execution result information, and returns to execution result and carry out and management function entity to described VN business;
The network equipment, carries out received configuration management order, and execution result information is returned to described VN business carries out and management function entity.
Preferably, in said system, described VN business is carried out with management function entity and is passed through managing computing resources system to described computer system transmission configuration management order, and wherein, described managing computing resources system is concentrated managing computing resources system.
Preferably, in said system, determined VN parameter at least comprises following one or more information:
The quantity of computing node, the characteristic of computing node, computing node access bandwidth, network interconnection bandwidth, the number of access point of accessing Internet and bandwidth, bandwidth and the number of access point of user's access of VN network, the quantity of medium access control (MAC) address and IP address, the quantity of VLAN (VLAN), the quantity of fire compartment wall and performance index parameter, memory space size and access point, DynamicHost arranges agreement (DHCP) server capability demand, the server capability demands such as domain name system (DNS), quantity and the access parameter of the access point of VPN (virtual private network) (VPN),
Wherein, the characteristic of computing node comprise following one or more:
Central processing unit (CPU) speed, memory size.
Preferably, in said system, the described network equipment comprises edge control appliance, and described edge control appliance includes but not limited to: PE, NVE, ASBR, security gateway, data center's gateway.
Preferably, in said system, described VN parameter also comprises the Routing Protocol that virtual router and virtual router are supported.
Preferably, in said system, described VN business is carried out and management function entity, also carries out the selection of virtual router, determine the connection of the edge control appliance of described virtual router and described VN, and the interface of described virtual router and described connection is configured;
Wherein, while carrying out the selection of virtual router, by available network resource information, directly select virtual router, or by selecting VM, carry out the preparation of virtual router software, thereby realize the selection of virtual router.
Preferably, in said system, described VN business is carried out and management function entity, configures described edge control appliance, realizes the Internet access and/or configuration network address transition (NAT) function and realizes implicit IP address and change to public network IP address.
Preferably, in said system, described VN business is carried out and management function entity, configures described edge control appliance, realizes the access from the Internet to VN, carries out the configuration of secure tunnel end points, realizes the safety access of VN.
Preferably, in said system, described configuration management order comprise following one or more:
Configuration, revises configuration, deletes configuration, the running status of display device.
Present techniques scheme can support the efficient business of cloud computing provider to provide, and the automatic allocation plan of a kind of general VN is provided.
Accompanying drawing explanation
Fig. 1 is that the data center's virtual network business based on NVO3 provides structure chart;
Fig. 2 realizes the individual access user of virtual network and the schematic diagram of enterprise customer's access based on NVO3;
Fig. 3 is the virtual network configuration management process schematic diagram based on NVO3;
Fig. 4 realizes the existing VPN network user's of virtual network the schematic diagram of access based on NVO3;
Fig. 5 is the configuration diagram of the embodiment of the present invention two network systems;
Fig. 6 is the network system architecture schematic diagram of the present embodiment five.
Embodiment
For making the object, technical solutions and advantages of the present invention clearer, below in connection with accompanying drawing, technical solution of the present invention is described in further detail.It should be noted that, in the situation that not conflicting, the application's embodiment and the feature in embodiment can combine arbitrarily mutually.
In the practice of prior art system and network design, can there is the multiple scheme that realizes virtual network (VN), MPLS VPN for example, VPLS, the virtual network of NVO3 realizes, etc.The present invention for this reason, provides the automatic configuration management implementation of a kind of general VN, and provides detailed scheme for the concrete technology that realizes.
Embodiment mono-
As shown in Figure 2, the present embodiment is realized individual access user and enterprise customer's access of virtual network based on NVO3.
The core technology point of the present embodiment is, first, inner in data center, according to the distribution situation of VN, select suitable NVE (Network Virtualization Edge, network virtualization edge) equipment, according to the realization mechanism of NVO3, NVE can be change planes ToR or VMM/Hypervisor (virtual machine manager) or other relevant network equipment of frame topcross, and the relevant VM of all needs is connected to relevant NVE, and the configuration that VNE is correlated with.What need to further illustrate is, the preparation of VM also needs a corresponding layoutprocedure, generally passes through in Fig. 1, and virtual machine provides with management system and carrys out Configuration, that concrete is VM of application/configuration integrate, and as required the MAC Address of VM and IP address is configured/is set.The second, optional, according to user's switch-in attribute of VN, select data center's gateway, as user's access point, therefore need to, on data center's gateway, also carry out the configuration of this VN.Optionally, if user need to carry out network safe or that isolate with other networks, be connected, need to introduce safety and connect tunnel,, on further data center gateway, need to carry out secure package, or demand is carried out security-related configuration effort.Further, VN user's access point can be the equipment except above-mentioned data center gateway, needs this access point apparatus, carries out above-mentioned similar configuration.
Concrete, the process that the present embodiment is realized virtual network management as shown in Figure 3, comprises the steps that 301 to step 310:
Step 301, VN demand and VN parameter are determined.
VN user and service provider determine real needs and the relevant parameters of VN.According to the scale of VN network, with different application scenarioss, VN parameter information, include but not limited to: the quantity of computing node, the characteristic of computing node (comprising CPU speed and/or memory size), computing node access bandwidth, network interconnection bandwidth, number of access point and the bandwidth of access INTERNET, bandwidth and the number of access point of user's access of VN network, the quantity of MAC Address and IP address and address realm, the quantity of VLAN, the quantity of fire compartment wall and performance index parameter, memory space size and access point, the server capability demands such as dhcp server functionality demand and DNS, the quantity of the access point of VPN and access parameter, for VPN, access.Optionally, also comprise relevant Routing Protocol etc.
Step 302, business is carried out with management function entity and is obtained physical resource information, concrete comprise the resource informations such as computational resource information and relevant Internet resources, storage resources, and the judgement calculating of obtaining and the Internet resources deployment requirements that whether can meet VN.In the situation that meeting deployment requirements, determine that VN is to the mapping relations of physical resource, concrete, comprise that VM is mapped to concrete physical server, and relevant network connects and to implement to the concrete network equipment, etc.In determining the process of mapping relations, need the physical resource of configuration, comprise that server/computer System and Network equipment etc. determines thereupon;
For convenience of realizing management and automation configuration, need to be numbered the physical location of server, the network equipment etc., and pass through supervising the network, or business network itself is realized basic network and is connected, business is carried out and management system, can directly have access to relevant equipment, and carry out automatic configuration and administration feature.And relevant Internet usage situation, the parameter that can carry out which business configuration and business by tracking is known the use information of Internet resources.Or further, by the network equipment being carried out to real-time query, obtain resource using information.
Step 303.1, virtual network VN/NaaS business is carried out and management function entity, by virtual machine, provides and management system/managing computing resources system, obtains corresponding VM, and distribute MAC Address and IP address information etc., thereby realize the generation of VM and the configuration of relevant parameter.
It should be noted that in this step, optional, be also included as VM and select/distribute vlan information.
Concrete, can be to provide and management system/managing computing resources system sends that VM generates order automatically and further by providing by virtual machine and management system/managing computing resources system sends to corresponding computer system by information concerning order by virtual machine, having corresponding computer system to generate required VM realizes, also may be to generate for information about VM by manual configuration, and will feed back to for information about NaaS business and carry out and management function entity.Further, also can carry out with management function entity and directly to the computer system/server of needs, send relevant order by NaaS business, generate required VM, and relevant parameters is configured.
Step 303.2, sends configuration management order to edge control appliance NVE; The mechanism realizing according to VN is different, can have different parameters and operation.Concrete, can comprise configuration integrate VRF, at least comprise V parameter N-ID information.
Wherein, NVE can be VMM (virtual machine manager)/Hypervisor, or TOR (Top of Rack, frame topcross is changed planes), or other network equipments, such as data center's gateway etc.
In addition, also need according to the MAC Address of the relevant VM in step 303.1, or IP address information, and optional vlan information, to the VRF of NVE carry out VM the configuration of interface/sub-interface.And need to be by the corresponding MAC Address in VRF, or IP address list item be mapped be connected interface/sub-interface.
Also need to configure the IP address information of the NVE of VRF, for the tunnel encapsulation of different VN.For using MP-BGP agreement to realize, or while realizing the VRF information interaction between different N VE by centralized servers, parameter that also will be to agreement and server, is configured.
After all relevant NVE in VN has been configured, between NVE, carry out route mutual, form required virtual network and whole routes thereof.
So far, NVE can forward the message coming from VM according to VRF, thereby can realize the network function of VN.
Step 304, each relevant NVE completes the execution of configuration management order, and forms execution result information;
Described execution result information, comprising: about whether running succeeded of configuration operation, and optionally comprise some parameter informations.
Step 305, each relevant NVE returns to execution result to be carried out and management function entity to NaaS business;
Step 306, NaaS business is carried out with management function entity and is formed the report of VN deployment object information;
Step 307, NaaS business is carried out and is returned to VN with management function entity and dispose execution result and report to VN user;
Step 308, (operation of this step is optional) NaaS business is carried out with management function entity and is passed through each NVE collection VN running state information, and the occupation condition information of VN, and forms state and consumption information reporting;
Wherein, state information, can include but not limited to: the running status of each virtual machine/physical machine, information flow-rate on each network connection interface, the VRF list item quantity of NVE, quantity and the duration of the machine of may delaying of VM, the processing flow of fire compartment wall, qos policy implementation status;
Step 309, (operation of this step is optional) regularly returns to VN state and resource consumption information reporting;
Step 310, (operation of this step is optional) step 403-405, can repeat a plurality of different configuration informations or configuration order.Concrete configuration, includes but not limited to, for example, adjust the bandwidth parameter of access; Or according to VN user's request, delete VRF on specific NVE etc.
Except aforesaid operations, the user outside all right supported data center, the access to VN, needs configuration data center gateway device, forms the VRF of corresponding VN, to realize the outside of VN, connects.And, can also be further according to the signing demand for security of user, configuration integrate secure tunnel, concrete can be IPsec tunnel.Thereby the secure tunnel that can realize VN user connects.
In addition, to carrying out the VN user of INTERNET access, need to select corresponding access point is generally one or more NVE, preferably can select the NVE of data center's gateway as INTERNET access point, the line correlation of going forward side by side configuration, comprises and accesses the interface configuration of INTERNET and relevant routing configuration etc.Optionally, because VN generally can be used private IP address, may also relate to startup and the configuration of relevant nat feature.
Complete the NVE configuration that relates to VM, and the configuration of relevant data center gateway NVE, INTERNET access configuration, and after the configuration of secure tunnel, the VN that can form a safety offers VN user, and complete relevant network function.
Embodiment bis-
As shown in Figure 4, the present embodiment is realized the existing VPN network user's of virtual network access based on NVO3.
The difference of the present embodiment and embodiment mono-is, needs further using the NVE of data center's gateway of the virtual network generating in data center as CE equipment, and configuration is connected to the PE equipment of existing VPN.Concrete, the sub-interface/interface between configuration CE and PE, comprises IP address choice and configuration between CE and PE, and the Routing Protocol on configuration interface, or static routing.
According to the difference of actual deployment strategy, CE equipment also can be selected other NVE of VN.Concrete configuration configures with the above-mentioned gateway NVE of data center.
Embodiment tri-
The present embodiment provides a kind of case study on implementation one and two methods that combine, and the configuration that can further be generalized to the relevant virtual network based on MPLS VPN practices scene.Concrete, comprise the configuration to the PE equipment relevant to VN, and and/or the optionally configuration of CE.The concrete configuration that comprises VRF, the interface between CE-PE and the configuration of supported protocol.
Embodiment tetra-
Under the technical system of current NVO3 etc., basic thinking is to configure to realize VN by NVE, and the VM in concrete VN is configured and is linked into NVE by measures such as VLAN.Here have a problem to be, VN is a flat network, and a VN is a subnet in other words, generally speaking, cannot further carry out safe isolation work to the subnet of the different departments in VN.Execution to the relevant security strategies such as fire compartment wall, also has certain restriction, and for example a solution is using VN as a subnet, in the outside of subnet, takes over control wall with flues.If VN is a catenet, need to provide service for different departments, preferably can do certain isolation and restriction to the access between these different departments simultaneously, relatively be difficult to realize, for example on NVE, increase the function of relevant fire compartment wall, this can have a strong impact on the impact in the realization of other network functions, particularly performance.Therefore, need to introduce further equipment, for example router, carries out the isolation of the different piece in VN.
The present embodiment, for the problems referred to above, provides a kind of feasible scheme to be, by some VM in server, the functions such as routing program is installed and forms virtual router.And carry out corresponding network connection, as shown in Figure 5.Again virtual router is realized and the connection of TOR by VLAN.Like this, virtual network management that just can implementation level.Different departments can be arranged under suitable virtual router.
Further, because virtual router is realized by VM, can also further increase the function of relevant fire compartment wall, thereby realize tighter safety measure.Certainly, according to the function distributing feature of fire compartment wall, also can be realized by VM independently.From network, connecting, is to be generally serially connected in network connecting link.
From concrete network design, need to do some preparations.Concrete, cloud computing service provider can dispose one when VN user has needs in server, or many virtual routers.Virtual machine, and virtual router, and between virtual router and TOR, by VLAN, isolate with interconnected.Specific to network configuration aspect, need to select specific interface, and select suitable virtual switch, thereby realize, connect.
From automatic configuration management angle, need further to prepare virtual router, and the VM involved virtual switch that distributes, and the configuration of the connecting interface between VM-virtual switch-virtual router-TOR and relevant VLAN configuration.
According to concrete implementation method, can be also that virtual router is supported a plurality of virtual network interfaces, VM is directly connected to virtual router by these virtual interfaces, and does not need by virtual switch, to connect again.
The angle that provides and dispose from Network, the present embodiment, has further increased the demand of relevant virtual router and the demand of the relevant configuration being connected with the introducing related network of virtual router.And by the enforcement of the present embodiment, can meet more client's application demand.
Concrete, correspond to the concrete deployment flow process of the VN of embodiment mono-, main process is consistent, increases part out, is mainly the demand according to VN, need to be to virtual router the mappings work to the virtual machine in concrete physical server.And selected virtual router is carried out to the relevant configuration efforts such as interface configuration.Other steps are identical.
Need to further illustrate, the virtual router in the present embodiment, also can be realized by other network equipments, and is not only that virtual machine is realized.
Embodiment five
In the case of case study on implementation four, hypothesis is all about virtual machine and virtual router are all in a station server of relevant user network.This can meet the user's that performance requirement is not high demand.If the demand of the VM of VN, and the performance requirement of router is higher, a station server is realized, and may not meet user's performance requirement.Therefore, require the VM of VN, or virtual router VR is deployed in different servers.As shown in Figure 6.
Suppose, the VM of VN, due to reasons such as the requirement of performance and reliability requirements, VM is deployed in respectively server 1, server 2 ..., in server N-1, and virtual router is deployed in server N.VM in every relevant server is connected to the virtual router in server N by the particular vlan of TOR.Virtual router is connected to TOR by another one VLAN again, realizes the connection of VN.Consider the saving of VLAN resource, VM is connected with VN, can use same VLAN.In configuration, need to do a little special processing.Generally for simplicity, use different VLAN relatively good.
From the angle of Configuration, the implementation case and case study on implementation 4 are slightly different.Concrete, they be different in the deployed position of VM and virtual router, thereby the starting point that relevant configuration connects is different.And other implementation method is the same.
Simply conclude, the different embodiment of this aspect, can carry out unified statement, concrete feature comprises, can consider following several factor, for example VM, the network equipment such as NVE and virtual router and different deployed position thereof, and being connected between VM and the network equipment, this is in variant embodiment, the main aspect of the configuration involving.Other are as INTERNET access, secure tunnel configuration, and the aspects such as VPN access, can similarly process.
Embodiment six
The present embodiment provides a kind of virtual network management system, can realize the scheme of the various embodiments described above.Particularly, this system at least comprises that VN business carries out and management function entity, computer systems and networks equipment.Introduce the function of each several part below.
VN business is carried out and management function entity, according to VN deployment requirements, determine VN parameter, and obtain available network resource information, if whether available network resource meets VN deployment requirements, determine that VN, to the mapping relations of physical network resource, determines the network equipment and the computer system that need configuration, and send configuration management order to the described network equipment and computer system;
Wherein, determined VN parameter at least comprises following one or more information:
The quantity of computing node, the characteristic of computing node, computing node access bandwidth, network interconnection bandwidth, quantity and the access parameter of the access point of the server capability demands such as the bandwidth of the number of access point of access INTERNET and bandwidth, user's access and number of access point, MAC Address and the quantity of IP address, the quantity of the quantity of VLAN, fire compartment wall and performance index parameter, memory space size and access point, DHCP and DNS, VPN, wherein, the characteristic of computing node comprises CPU speed and memory size.
Computer system, carries out received configuration management order, forms execution result information, and returns to execution result and carry out and management function entity to VN business;
Particularly, VN business is carried out with management function entity can send configuration management order to computer system by managing computing resources system, and wherein, managing computing resources system can be a concentrated managing computing resources system.
The network equipment, carries out received configuration management order, and execution result information is returned to VN business carries out and management function entity.
Wherein, the network equipment includes edge control appliance, and edge control appliance comprise following one or more:
PE, NVE, ASBR, security gateway, data center's gateway.
Particularly, VN business is carried out and management function entity, configures described edge control appliance, realizes the Internet access and/or configuration nat feature and realizes implicit IP address and change to public network IP address.Or VN business is carried out and management function entity, configure described edge control appliance, realize the access from the Internet to VN, carry out the configuration of secure tunnel end points, realize the safety access of VN.
And configuration management order comprise following one or more:
Configuration, revises configuration, deletes configuration, the running status of display device.
In addition, determined VN parameter also may comprise the Routing Protocol that virtual router and virtual router are supported.Now, VN business is carried out and management function entity, also carries out the selection of virtual router, determines the connection of the edge control appliance of described virtual router and described VN, and the interface of virtual router and connection is configured.Wherein, while carrying out the selection of virtual router, directly select virtual router, or by selecting VM, carry out the preparation of virtual router software, thereby realize the selection of virtual router.
One of ordinary skill in the art will appreciate that all or part of step in said method can come instruction related hardware to complete by program, described program can be stored in computer-readable recording medium, as read-only memory, disk or CD etc.Alternatively, all or part of step of above-described embodiment also can realize with one or more integrated circuits.Correspondingly, each the module/unit in above-described embodiment can adopt the form of hardware to realize, and also can adopt the form of software function module to realize.The application is not restricted to the combination of the hardware and software of any particular form.
The above, be only preferred embodiments of the present invention, is not intended to limit protection scope of the present invention.Within the spirit and principles in the present invention all, any modification of making, be equal to replacement, improvement etc., within all should being included in protection scope of the present invention.
Claims (18)
1. an implementation method for virtual network (VN) management, is characterized in that, comprising:
VN business is carried out with management function entity according to VN deployment requirements, determines VN parameter;
Described VN business is carried out with management function entity and is obtained available network resource information, if available network resource meets VN deployment requirements, determines that VN is to the mapping relations of physical network resource, determines and needs the physical network device and the computer system that configure;
Described VN business is carried out with management function entity to the described network equipment and computer system transmission configuration management order;
Described physical network device and computer system are carried out described configuration management order, and execution result information is returned to described VN business carry out and management function entity.
2. the method for claim 1, is characterized in that,
Described VN business is carried out with management function entity and is passed through managing computing resources system to described computer system transmission configuration management order, and wherein, described managing computing resources system is concentrated managing computing resources system.
3. the method for claim 1, is characterized in that, described VN parameter at least comprises following one or more information:
The quantity of computing node, the characteristic of computing node, computing node access bandwidth, network interconnection bandwidth, the number of access point of accessing Internet and bandwidth, bandwidth and the number of access point of user's access of VN network, the quantity of medium access control (MAC) address and IP address, the quantity of VLAN (VLAN), the quantity of fire compartment wall and performance index parameter, memory space size and access point, DynamicHost arranges agreement (DHCP) server capability demand, domain name system (DNS) server capability demand, quantity and the access parameter of the access point of VPN (virtual private network) (VPN),
Wherein, the characteristic of computing node comprise following one or more:
Central processing unit (CPU) speed, memory size.
4. the method as described in claims 1 to 3 any one, it is characterized in that, the described network equipment of configuration that needs comprises edge control appliance, described edge control appliance comprise following one or more: operator/provider edge (PE) router, network virtualization edge (NVE) equipment, Autonomous System Boundary Router, AS Boundary Router (ASBR), security gateway, data center's gateway.
5. the method as described in claims 1 to 3 any one, is characterized in that, described VN parameter also comprises the Routing Protocol that virtual router and virtual router are supported.
6. method as claimed in claim 5, is characterized in that, the method also comprises:
Carry out the selection of virtual router, determine the connection of the edge control appliance of described virtual router and described VN, and the interface of described virtual router and described connection is configured;
Wherein, while carrying out the selection of virtual router, by available network resource information, directly select virtual router, or by selecting VM, carry out the preparation of virtual router software, thereby realize the selection of virtual router.
7. method as claimed in claim 4, is characterized in that, configures described edge control appliance, realizes the Internet access, and/or configuration network address transition (NAT) function realizes implicit IP address and changes to public network IP address.
8. method as claimed in claim 4, is characterized in that, configures described edge control appliance, realizes the access from the Internet to VN, carries out the configuration of secure tunnel end points, realizes the safety access of VN.
9. the method as described in claims 1 to 3 any one, is characterized in that, described configuration management order comprise following one or more:
Configuration, revises configuration, deletes configuration, the running status of display device.
10. a virtual network management system, is characterized in that, comprising:
Virtual network (VN) business is carried out and management function entity, according to VN deployment requirements, determine VN parameter, and obtain available network resource information, if available network resource meets VN deployment requirements, determine that VN, to the mapping relations of physical network resource, determines the network equipment and the computer system that need configuration, and send configuration management order to the described network equipment and computer system;
Computer system, carries out received configuration management order, forms execution result information, and returns to execution result and carry out and management function entity to described VN business;
The network equipment, carries out received configuration management order, and execution result information is returned to described VN business carries out and management function entity.
11. systems as claimed in claim 10, it is characterized in that, described VN business is carried out with management function entity and is passed through managing computing resources system to described computer system transmission configuration management order, and wherein, described managing computing resources system is concentrated managing computing resources system.
12. systems as claimed in claim 10, is characterized in that, determined VN parameter at least comprises following one or more information:
The quantity of computing node, the characteristic of computing node, computing node access bandwidth, network interconnection bandwidth, the number of access point of accessing Internet and bandwidth, bandwidth and the number of access point of user's access of VN network, the quantity of medium access control (MAC) address and IP address, the quantity of VLAN (VLAN), the quantity of fire compartment wall and performance index parameter, memory space size and access point, DynamicHost arranges agreement (DHCP) server capability demand, the server capability demands such as domain name system (DNS), quantity and the access parameter of the access point of VPN (virtual private network) (VPN),
Wherein, the characteristic of computing node comprise following one or more:
Central processing unit (CPU) speed, memory size.
13. systems as described in claim 10 to 12 any one, it is characterized in that, the described network equipment comprises edge control appliance, described edge control appliance comprise following one or more: provider edge (PE) router, network virtualization edge (NVE) equipment, Autonomous System Boundary Router, AS Boundary Router (ASBR), security gateway, data center's gateway.
14. systems as claimed in claim 12, is characterized in that, described VN parameter also comprises the Routing Protocol that virtual router and virtual router are supported.
15. systems as claimed in claim 14, is characterized in that,
Described VN business is carried out and management function entity, also carries out the selection of virtual router, determines the connection of the edge control appliance of described virtual router and described VN, and the interface of described virtual router and described connection is configured;
Wherein, while carrying out the selection of virtual router, by available network resource information, directly select virtual router, or by selecting VM, carry out the preparation of virtual router software, thereby realize the selection of virtual router.
16. systems as claimed in claim 13, it is characterized in that, described VN business is carried out and management function entity, configures described edge control appliance, realizes the Internet access and/or configuration network address transition (NAT) function and realizes implicit IP address and change to public network IP address.
17. systems as claimed in claim 13, is characterized in that, described VN business is carried out and management function entity, configure described edge control appliance, realize the access from the Internet to VN, carry out the configuration of secure tunnel end points, realize the safety access of VN.
18. systems as described in claim 10 to 12 any one, is characterized in that, described configuration management order comprise following one or more:
Configuration, revises configuration, deletes configuration, the running status of display device.
Priority Applications (2)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201310127986.4A CN104104534A (en) | 2013-04-12 | 2013-04-12 | Realization method of virtual network (VN) management and virtual network management system |
| PCT/CN2013/086829 WO2014166247A1 (en) | 2013-04-12 | 2013-11-11 | Implementation method and system for virtual network management |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201310127986.4A CN104104534A (en) | 2013-04-12 | 2013-04-12 | Realization method of virtual network (VN) management and virtual network management system |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN104104534A true CN104104534A (en) | 2014-10-15 |
Family
ID=51672358
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201310127986.4A Pending CN104104534A (en) | 2013-04-12 | 2013-04-12 | Realization method of virtual network (VN) management and virtual network management system |
Country Status (2)
| Country | Link |
|---|---|
| CN (1) | CN104104534A (en) |
| WO (1) | WO2014166247A1 (en) |
Cited By (17)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN104468746A (en) * | 2014-11-23 | 2015-03-25 | 国云科技股份有限公司 | Method for realizing distributed virtual networks applicable to cloud platform |
| CN104518940A (en) * | 2014-10-27 | 2015-04-15 | 华为技术有限公司 | Communication method and device for NVO3 (network virtualization over layer 3) network and MPLS (multi-protocol label switching) network |
| WO2016065920A1 (en) * | 2014-10-29 | 2016-05-06 | 中兴通讯股份有限公司 | Method and system for providing virtual network service |
| CN105591916A (en) * | 2014-10-22 | 2016-05-18 | 华为技术有限公司 | Message transmission method and apparatus |
| CN106571992A (en) * | 2016-10-27 | 2017-04-19 | 深圳市深信服电子科技有限公司 | Virtual Private Line (VPL) establishing method and device |
| WO2017215102A1 (en) * | 2016-06-15 | 2017-12-21 | Huawei Technologies Co., Ltd. | Method of forwarding data packets, method of creating merged fib key entry and method of creating a search key |
| WO2018024121A1 (en) * | 2016-08-01 | 2018-02-08 | 华为技术有限公司 | Network function (nf) management method and nf management device |
| CN108702323A (en) * | 2016-03-02 | 2018-10-23 | 日本电气株式会社 | Network system, control device, the construction method of virtual network and program |
| CN109565467A (en) * | 2016-08-05 | 2019-04-02 | 华为技术有限公司 | The virtual network of the flow forwarding based on service is supported to be pre-configured |
| CN110086681A (en) * | 2014-11-27 | 2019-08-02 | 华为技术有限公司 | Configuration method, system and its Virtual NE and network management system of virtual network strategy |
| CN110519101A (en) * | 2019-09-06 | 2019-11-29 | 烽火通信科技股份有限公司 | A kind of method and system of the performance management function dynamic virtualization of entity OLT |
| CN110661868A (en) * | 2019-09-25 | 2020-01-07 | 浙江九州云信息科技有限公司 | Solution method for extensible visualization application deployment |
| CN111314107A (en) * | 2019-12-26 | 2020-06-19 | 贵阳朗玛信息技术股份有限公司 | Automatic networking system and automatic networking method based on Internet service |
| CN112134798A (en) * | 2015-01-30 | 2020-12-25 | 华为技术有限公司 | Apparatus, system and method for service chaining |
| CN112291079A (en) * | 2017-03-28 | 2021-01-29 | 华为技术有限公司 | Network service configuration method and network management equipment |
| CN114760183A (en) * | 2016-08-27 | 2022-07-15 | Nicira股份有限公司 | Extension of network control systems into public clouds |
| CN115987798A (en) * | 2022-12-29 | 2023-04-18 | 成都新希望金融信息有限公司 | Resource management method and resource management system |
Families Citing this family (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US10740134B2 (en) | 2018-08-20 | 2020-08-11 | Interwise Ltd. | Agentless personal network firewall in virtualized datacenters |
| CN114793201B (en) * | 2022-03-31 | 2023-12-19 | 西安交通大学 | Space-earth integrated network dynamic virtual network mapping method based on service awareness |
| CN115834293A (en) * | 2022-11-17 | 2023-03-21 | 中国联合网络通信集团有限公司 | Method for constructing building private network and building private network |
Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20100074238A1 (en) * | 2008-09-23 | 2010-03-25 | Lu Qian | Virtual network image system for wireless local area network services |
| CN102136931A (en) * | 2010-09-20 | 2011-07-27 | 华为技术有限公司 | Method for configuring virtual port network strategies, network management center and related equipment |
| CN102904794A (en) * | 2012-09-27 | 2013-01-30 | 北京邮电大学 | Method and device for mapping virtual network |
-
2013
- 2013-04-12 CN CN201310127986.4A patent/CN104104534A/en active Pending
- 2013-11-11 WO PCT/CN2013/086829 patent/WO2014166247A1/en active Application Filing
Patent Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20100074238A1 (en) * | 2008-09-23 | 2010-03-25 | Lu Qian | Virtual network image system for wireless local area network services |
| CN102136931A (en) * | 2010-09-20 | 2011-07-27 | 华为技术有限公司 | Method for configuring virtual port network strategies, network management center and related equipment |
| CN102904794A (en) * | 2012-09-27 | 2013-01-30 | 北京邮电大学 | Method and device for mapping virtual network |
Cited By (39)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US10193707B2 (en) | 2014-10-22 | 2019-01-29 | Huawei Technologies Co., Ltd. | Packet transmission method and apparatus |
| CN105591916B (en) * | 2014-10-22 | 2018-10-30 | 华为技术有限公司 | A kind of message transmitting method and device |
| CN105591916A (en) * | 2014-10-22 | 2016-05-18 | 华为技术有限公司 | Message transmission method and apparatus |
| WO2016066072A1 (en) * | 2014-10-27 | 2016-05-06 | 华为技术有限公司 | Method and device for realizing communication between nvo3 network and mpls network |
| US10484203B2 (en) | 2014-10-27 | 2019-11-19 | Huawei Technologies Co., Ltd. | Method for implementing communication between NVO3 network and MPLS network, and apparatus |
| CN104518940A (en) * | 2014-10-27 | 2015-04-15 | 华为技术有限公司 | Communication method and device for NVO3 (network virtualization over layer 3) network and MPLS (multi-protocol label switching) network |
| CN105634899A (en) * | 2014-10-29 | 2016-06-01 | 中兴通讯股份有限公司 | Method and system for providing virtual network service |
| WO2016065920A1 (en) * | 2014-10-29 | 2016-05-06 | 中兴通讯股份有限公司 | Method and system for providing virtual network service |
| CN104468746A (en) * | 2014-11-23 | 2015-03-25 | 国云科技股份有限公司 | Method for realizing distributed virtual networks applicable to cloud platform |
| CN110086681A (en) * | 2014-11-27 | 2019-08-02 | 华为技术有限公司 | Configuration method, system and its Virtual NE and network management system of virtual network strategy |
| CN112134798B (en) * | 2015-01-30 | 2021-12-03 | 华为技术有限公司 | Apparatus, system and method for service chaining |
| CN112134798A (en) * | 2015-01-30 | 2020-12-25 | 华为技术有限公司 | Apparatus, system and method for service chaining |
| CN108702323A (en) * | 2016-03-02 | 2018-10-23 | 日本电气株式会社 | Network system, control device, the construction method of virtual network and program |
| CN108702323B (en) * | 2016-03-02 | 2021-06-01 | 日本电气株式会社 | Network system, control device, virtual network construction method, and computer-readable storage medium |
| US10979394B2 (en) | 2016-03-02 | 2021-04-13 | Nec Corporation | Network system, control apparatus, method for constructing a virtual network, and program |
| WO2017215102A1 (en) * | 2016-06-15 | 2017-12-21 | Huawei Technologies Co., Ltd. | Method of forwarding data packets, method of creating merged fib key entry and method of creating a search key |
| US10193804B2 (en) | 2016-06-15 | 2019-01-29 | Huawei Technologies Co., Ltd. | Method of forwarding data packets, method of creating merged FIB key entry and method of creating a search key |
| WO2018023338A1 (en) * | 2016-08-01 | 2018-02-08 | 华为技术有限公司 | Network-function management method and network-function management device |
| CN109417492A (en) * | 2016-08-01 | 2019-03-01 | 华为技术有限公司 | A kind of network function NF management method and NF management equipment |
| US11646939B2 (en) | 2016-08-01 | 2023-05-09 | Huawei Technologies Co., Ltd. | Network function NF management method and NF management device |
| RU2719437C1 (en) * | 2016-08-01 | 2020-04-17 | Хуавэй Текнолоджиз Ко., Лтд. | Method of administering nf network function and nf administration device |
| US11070433B2 (en) | 2016-08-01 | 2021-07-20 | Huawei Technologies Co., Ltd. | Network function NF management method and NF management device |
| WO2018024121A1 (en) * | 2016-08-01 | 2018-02-08 | 华为技术有限公司 | Network function (nf) management method and nf management device |
| CN109565467B (en) * | 2016-08-05 | 2021-06-29 | 华为技术有限公司 | Method and device for configuring network |
| US11165689B2 (en) | 2016-08-05 | 2021-11-02 | Huawei Technologies Co., Ltd | Service-based traffic forwarding in virtual networks |
| CN109565467A (en) * | 2016-08-05 | 2019-04-02 | 华为技术有限公司 | The virtual network of the flow forwarding based on service is supported to be pre-configured |
| US11005750B2 (en) | 2016-08-05 | 2021-05-11 | Huawei Technologies Co., Ltd. | End point to edge node interaction in wireless communication networks |
| US10841208B2 (en) | 2016-08-05 | 2020-11-17 | Huawei Technologies Co., Ltd. | Slice/service-based routing in virtual networks |
| US11882027B2 (en) | 2016-08-05 | 2024-01-23 | Huawei Technologies Co., Ltd. | End point to edge node interaction in wireless communication networks |
| CN114760183A (en) * | 2016-08-27 | 2022-07-15 | Nicira股份有限公司 | Extension of network control systems into public clouds |
| CN106571992A (en) * | 2016-10-27 | 2017-04-19 | 深圳市深信服电子科技有限公司 | Virtual Private Line (VPL) establishing method and device |
| CN112291079A (en) * | 2017-03-28 | 2021-01-29 | 华为技术有限公司 | Network service configuration method and network management equipment |
| CN110519101B (en) * | 2019-09-06 | 2021-11-02 | 烽火通信科技股份有限公司 | Method and system for dynamic virtualization of performance management function of entity OLT (optical line terminal) |
| CN110519101A (en) * | 2019-09-06 | 2019-11-29 | 烽火通信科技股份有限公司 | A kind of method and system of the performance management function dynamic virtualization of entity OLT |
| CN110661868B (en) * | 2019-09-25 | 2022-06-21 | 浙江九州云信息科技有限公司 | Solution method for extensible visualization application deployment |
| CN110661868A (en) * | 2019-09-25 | 2020-01-07 | 浙江九州云信息科技有限公司 | Solution method for extensible visualization application deployment |
| CN111314107A (en) * | 2019-12-26 | 2020-06-19 | 贵阳朗玛信息技术股份有限公司 | Automatic networking system and automatic networking method based on Internet service |
| CN111314107B (en) * | 2019-12-26 | 2023-09-26 | 贵阳朗玛信息技术股份有限公司 | Automatic networking system and method based on internet service |
| CN115987798A (en) * | 2022-12-29 | 2023-04-18 | 成都新希望金融信息有限公司 | Resource management method and resource management system |
Also Published As
| Publication number | Publication date |
|---|---|
| WO2014166247A1 (en) | 2014-10-16 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN104104534A (en) | Realization method of virtual network (VN) management and virtual network management system | |
| US10693762B2 (en) | Data driven orchestrated network using a light weight distributed SDN controller | |
| US11973686B1 (en) | Virtual performance hub | |
| US10547463B2 (en) | Multicast helper to link virtual extensible LANs | |
| US11765057B2 (en) | Systems and methods for performing end-to-end link-layer and IP-layer health checks between a host machine and a network virtualization device | |
| US9965317B2 (en) | Location-aware virtual service provisioning in a hybrid cloud environment | |
| JP6670025B2 (en) | Multi-tenant-aware Dynamic Host Configuration Protocol (DHCP) mechanism for cloud networking | |
| US11190444B2 (en) | Configuration mechanisms in a switchless network | |
| CN104584484A (en) | System and method providing policy based data center network automation | |
| EP3392784B1 (en) | Method and system for managing resource objects | |
| US11362947B2 (en) | Interconnecting multiple separate openflow domains | |
| US10491462B1 (en) | Port verification for customer interconnection in a data center | |
| CN108462592A (en) | Resource allocation methods based on SLA and NFVO | |
| CN105721306A (en) | Configuration information transmission method and device | |
| Li et al. | Horizontal-based orchestration for multi-domain SFC in SDN/NFV-enabled satellite/terrestrial networks | |
| WO2018000890A1 (en) | Method and device for establishing virtual private network | |
| US11711317B1 (en) | Remote port for network connectivity for non-colocated customers of a cloud exchange | |
| US20190166006A1 (en) | Node discovery mechanisms in a switchless network | |
| CN107426100B (en) | VPN user access method and device based on user group | |
| CN102480403B (en) | Method for providing virtual private network service, device and system | |
| CN108768861B (en) | Method and device for sending service message | |
| US10878483B1 (en) | Method, system, and medium for asset-based permissions management for resellers of cloud exchange assets | |
| WO2022231657A1 (en) | Fallback service through a cloud exchange for network service provider connections | |
| CN106506238A (en) | A kind of network element management method and system | |
| US10855567B1 (en) | Dynamic capacity assessment of devices in a data center |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| WD01 | Invention patent application deemed withdrawn after publication | ||
| WD01 | Invention patent application deemed withdrawn after publication |
Application publication date: 20141015 |