CN106656718B - VxLAN gateway and method for accessing host to internet based on VxLAN gateway - Google Patents
VxLAN gateway and method for accessing host to internet based on VxLAN gateway Download PDFInfo
- Publication number
- CN106656718B CN106656718B CN201510737292.1A CN201510737292A CN106656718B CN 106656718 B CN106656718 B CN 106656718B CN 201510737292 A CN201510737292 A CN 201510737292A CN 106656718 B CN106656718 B CN 106656718B
- Authority
- CN
- China
- Prior art keywords
- traffic
- vxlan
- gateway
- internet
- area network
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Images
Classifications
-
- Y—GENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
- Y02—TECHNOLOGIES OR APPLICATIONS FOR MITIGATION OR ADAPTATION AGAINST CLIMATE CHANGE
- Y02D—CLIMATE CHANGE MITIGATION TECHNOLOGIES IN INFORMATION AND COMMUNICATION TECHNOLOGIES [ICT], I.E. INFORMATION AND COMMUNICATION TECHNOLOGIES AIMING AT THE REDUCTION OF THEIR OWN ENERGY USE
- Y02D30/00—Reducing energy consumption in communication networks
- Y02D30/50—Reducing energy consumption in communication networks in wire-line communication networks, e.g. low power modes or reduced link rate
Landscapes
- Small-Scale Networks (AREA)
- Data Exchanges In Wide-Area Networks (AREA)
Abstract
The invention discloses a VxLAN gateway and a method for accessing a host to the Internet based on the VxLAN gateway. The method comprises the following steps: the VxLAN gateway responds to an ARP query for querying a default gateway MAC address broadcasted by the host in the local area network, replies with the MAC address of the LAN port of the VxLAN gateway, and guides the host in the local area network to send the internet traffic to the LAN port of the VxLAN gateway; the VxLAN gateway receives the internet traffic sent by the host in the local area network through the LAN port, converts the network address of the internet traffic and sends the converted internet traffic to the Internet from the WAN port. The MAC address of the VxLAN gateway LAN port is used for replying the ARP query of the host in the LAN, and the host in the LAN is guided to send the internet traffic to the LAN port of the VxLAN gateway, so that the internet traffic in the LAN can be directly sent to the Internet through the VxLAN gateway without detouring through other VxLAN gateways, network resources are saved, and network performance and user experience are improved.
Description
Technical Field
The invention relates to the field of computer networks, in particular to a VxLAN gateway, a method for accessing a host to the Internet based on the VxLAN (virtual extensible Local Area Network) gateway and the VxLAN gateway.
Background
In a traditional mode, a government-enterprise user adopts a VxLAN technology to realize the communication of two layers, and allocates addresses to a Host through a unified Dynamic Host Configuration Protocol (DHCP) server.
The DHCP server cannot distinguish between hosts from different local area networks (i.e., enterprise branches) within the same two-layer interworking domain, and can only assign addresses within the same network segment and the same default gateway to all hosts. This requires that hosts within the entire VxLAN two-layer interworking domain access the internet through the same egress. As shown in fig. 1, the internet exit 12 of each lan is located in the first lan 14, and the internet traffic of the second lan 16 cannot directly access the internet 18, and must bypass the first lan 14 and be sent to the internet exit 12. Enterprises actually pay redundant traffic overhead for surfing the internet.
Disclosure of Invention
The embodiment of the invention aims to solve the technical problem that: in a network for realizing two-layer intercommunication based on VxLAN technology, how to avoid the situation that the internet traffic from a local area network enters the internet after being circuitous by other local area networks is avoided.
According to a first aspect of the embodiment of the invention, a method for accessing a host to the internet based on a VxLAN gateway of a virtual extensible local area network is provided, which comprises the following steps: the VxLAN gateway responds to an ARP (Address Resolution Protocol) query for querying a default gateway MAC (Media Access Control) Address broadcasted by a host in the Local Area Network, replies with an MAC Address of a Local Area Network (LAN) port of the VxLAN gateway, and guides the host in the Local Area Network to send the internet traffic to the LAN port of the VxLAN gateway; the VxLAN gateway receives the internet traffic sent by the host in the local Area Network from the LAN port, performs NAT (Network address translation) conversion on the internet traffic, and then sends the converted internet traffic to the internet from a WAN (Wide Area Network) port.
In one embodiment, the step of receiving, by the VxLAN gateway through the LAN port, the internet traffic sent by the host in the local area network includes: the VxLAN gateway receives the flow sent by the host in the local area network through the LAN port, and identifies whether the flow is internet traffic or not through the target MAC address of the flow, if the target MAC address of the flow is the MAC address of the LAN port of the VxLAN gateway, the flow is internet traffic, and if the target MAC address of the flow is not the MAC address of the LAN port of the VxLAN gateway, the flow is two-layer intercommunication flow.
In one embodiment, the method further comprises: the VxLAN gateway receives the two-layer intercommunication traffic sent by the host in the local area network through the LAN port, performs VxLAN encapsulation on the two-layer intercommunication traffic from the LAN port, and sends the two-layer intercommunication traffic to other VxLAN gateways through the WAN port.
In one embodiment, the method further comprises: the VxLAN gateway receives the internet traffic through the WAN port, performs Network Address Translation (NAT) conversion on the internet traffic, and then sends the internet traffic to the host in the local area network from the LAN port.
In one embodiment, VxLAN gateway receiving internet traffic through a WAN port comprises: the VxLAN gateway receives the traffic through a WAN port, and identifies whether the traffic is internet traffic or not through the message type of the traffic, if the traffic is not VxLAN encapsulated traffic, the traffic is internet traffic, and if the traffic is VxLAN encapsulated traffic, the traffic is two-layer intercommunication traffic.
In one embodiment, the method further comprises: the VxLAN gateway receives the two-layer intercommunication traffic sent by other VxLAN gateways through the WAN port, de-encapsulates the two-layer intercommunication traffic from the WAN port, and sends the two-layer intercommunication traffic to a host in the local area network through the LAN port.
According to a second aspect of an embodiment of the present invention, there is provided a VxLAN gateway, including: the ARP response module is used for responding to ARP inquiry of an inquiry default gateway Media Access Control (MAC) address broadcasted by the host machine in the local area network, replying the MAC address of the Local Area Network (LAN) port of the VxLAN gateway, and guiding the host machine in the local area network to send the internet traffic to the LAN port of the VxLAN gateway; the traffic receiving module is used for receiving the internet traffic sent by the host in the local area network from the LAN port; the NAT module is used for carrying out NAT conversion on the internet traffic; and the traffic sending module is used for sending the converted internet traffic to the internet from a WAN (wide area network) port of the wide area network.
In one embodiment, the traffic receiving module further includes a MAC identifying unit configured to identify whether the traffic is internet traffic by a destination MAC address of the traffic, where the traffic is internet traffic if the destination MAC address of the traffic is a MAC address of a LAN port of the VxLAN gateway, and the traffic is two-layer interworking traffic if the destination MAC address of the traffic is not the MAC address of the LAN port of the VxLAN gateway.
In one embodiment, the traffic receiving module is further configured to receive, through the LAN port, a layer two interworking traffic sent by the host in the local area network; the VxLAN gateway also comprises a VxLAN encapsulation module which is used for carrying out VxLAN encapsulation on the two-layer intercommunication flow from the LAN port; and the traffic sending module is also used for sending the encapsulated traffic to other VxLAN gateways through the WAN port.
In one embodiment, the traffic receiving module is configured to receive internet traffic through the WAN port, and the traffic sending module is configured to send the internet traffic from the LAN port to the host in the local area network after the NAT module performs NAT translation on the internet traffic.
In one embodiment, the traffic receiving module further includes a message identification unit, configured to identify whether the traffic is internet traffic or not through a message type of the traffic, where if the traffic is not VxLAN encapsulated traffic, the traffic is internet traffic, and if the traffic is VxLAN encapsulated traffic, the traffic is two-layer interworking traffic.
In one embodiment, the traffic receiving module is used for receiving two-layer interworking traffic sent by other VxLAN gateways through a WAN port; the VxLAN gateway also comprises a VxLAN decapsulation module for performing VxLAN decapsulation on the two-layer intercommunication traffic from the WAN port; and the flow sending module is used for sending the de-encapsulated flow to the host in the local area network through the LAN port.
According to the method and the device, the ARP query of the host in the local area network is replied by using the MAC address of the VxLAN gateway LAN port, and the host in the local area network is guided to send the internet traffic to the LAN port of the VxLAN gateway, so that the internet traffic in the local area network can be directly sent to the internet through the VxLAN gateway without going around through other VxLAN gateways, network resources are saved, and network performance and user experience are improved.
In addition, the VxLAN gateway identifies different flows according to the target MAC address of the message received by the LAN port, and realizes the multiplexing of the VxLAN gateway LAN port; different flows are identified according to the types of the messages received by the WAN port, and multiplexing of the VxLAN gateway WAN port is achieved.
Other features of the present invention and advantages thereof will become apparent from the following detailed description of exemplary embodiments thereof, which proceeds with reference to the accompanying drawings.
Drawings
In order to more clearly illustrate the embodiments of the present invention or the technical solutions in the prior art, the drawings used in the description of the embodiments or the prior art will be briefly described below, it is obvious that the drawings in the following description are only some embodiments of the present invention, and for those skilled in the art, other drawings can be obtained according to the drawings without creative efforts.
Fig. 1 illustrates a scene diagram of a local area network accessing the internet in the prior art, which implements two-layer interworking based on the VxLAN technology.
Fig. 2 is a schematic diagram showing a scenario of a method for accessing a host to the internet based on a VxLAN gateway.
Fig. 3 shows a flowchart of one embodiment of the method for accessing the internet by a host based on a VxLAN gateway implementation of the present invention.
Fig. 4 shows a flow diagram of one embodiment of the present invention's method of identifying traffic received at a LAN port of a VxLAN gateway.
Fig. 5 shows a flow diagram of one embodiment of the present invention's method of identifying traffic received at the WAN port of a VxLAN gateway.
Fig. 6 shows a block diagram of one embodiment of the VxLAN gateway of the present invention.
Detailed Description
The technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the drawings in the embodiments of the present invention, and it is obvious that the described embodiments are only a part of the embodiments of the present invention, and not all of the embodiments. The following description of at least one exemplary embodiment is merely illustrative in nature and is in no way intended to limit the invention, its application, or uses. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention.
Fig. 2 is a scene schematic diagram of a method for accessing a host to the internet based on a VxLAN gateway. Taking the example of two local area networks in the VxLAN interworking domain, first local area network 14 has VxLAN gateway 24 and second local area network 16 has VxLAN gateway 26, as shown in FIG. 2. Each local area network realizes the transmission or reception of internet traffic through a respective VxLAN gateway without detour through other VxLAN gateways.
A method for a host to access the internet based on a VxLAN gateway implementation of one embodiment of the invention is described below with reference to fig. 3. Fig. 3 is a flowchart of an embodiment of the method for accessing the internet by a host based on a VxLAN gateway. As shown in fig. 3, the method of this embodiment includes:
step S302, the host in the local area network where the VxLAN gateway is located broadcasts an ARP inquiry for inquiring the MAC address of the default gateway.
The default gateway is a unified gateway distributed by the DHCP server for the hosts of all VxLAN in the VxLAN interworking domain.
Step S304, the VxLAN gateway responds to the ARP inquiry and replies the MAC address of the LAN port of the VxLAN gateway instead of replying the MAC address of a default gateway (or a unified gateway), so that the host in the local area network is guided to send the internet traffic to the LAN port of the VxLAN gateway. And after receiving the ARP response, the host sends the internet traffic to the LAN port of the VxLAN gateway.
Specifically, firstly, the VxLAN gateway checks a target IP (Internet Protocol) address of an ARP query message, and ensures that the ARP message querying the MAC address of the default gateway is not forwarded to other local area networks in the same interworking domain; secondly, if the VxLAN gateway finds that the default gateway is in the local area network, the VxLAN gateway does not need to perform more operations any more, and the default gateway responds to the ARP query; if the default gateway is not in the local LAN, the VxLAN gateway responds to the ARP query message with the MAC address of the VxLAN gateway LAN port.
The internet traffic is a message for accessing the internet.
And step S306, the VxLAN gateway receives the internet traffic sent by the host in the local area network through the LAN port, performs NAT (network address translation) on the internet traffic and then sends the internet traffic to the Internet from the WAN port.
Where NAT translates to network address translation. The VxLAN gateway has an effective external IP address, and the NAT function of the VxLAN gateway can convert the local address of the host computer in the local area network into a global IP address, so that the host computer can normally communicate with the Internet.
The MAC address of the VxLAN gateway LAN port is used for replying the ARP query of the host in the LAN, and the host in the LAN is guided to send the internet traffic to the LAN port of the VxLAN gateway, so that the internet traffic in the LAN can be directly sent to the Internet through the VxLAN gateway without detouring through other VxLAN gateways, network resources are saved, and network performance and user experience are improved.
In addition to internet traffic to the internet, two-layer interworking traffic to other local area networks within the VxLAN interworking domain is also sent out from the VxLAN. The invention also provides a method for identifying the two flows according to the target MAC address of the message received by the LAN port. A method of identifying traffic received at a LAN port of a VxLAN gateway according to one embodiment of the invention is described below with reference to fig. 4.
Fig. 4 is a flow chart of one embodiment of the present invention's method of identifying traffic received at a LAN port of a VxLAN gateway. As shown in fig. 4, the method of this embodiment includes:
step S402, the VxLAN gateway receives the flow sent by the host in the local area network through the LAN port.
Step S404, the VxLAN gateway judges whether the destination MAC address of the flow is equal to the MAC address of the LAN port of the VxLAN gateway.
Step S406, if the destination MAC address of the traffic is a VxLAN gateway, that is, a LAN port MAC address of the VxLAN gateway, the traffic is internet traffic. Then, NAT conversion is performed on the internet traffic, the local address of the host is converted into a global IP address, and then step S410 is performed.
Step S408, if the destination MAC address of the traffic is not a VxLAN gateway, the traffic is a two-layer interworking traffic. The VxLAN gateway then performs VxLAN encapsulation on the two-layer interworking traffic from the LAN port, and then performs step S412.
The VxLAN encapsulation is a technology for encapsulating a two-layer message by using a three-layer protocol, and can expand a two-layer network in a three-layer range, so that a virtual machine can migrate in a mutually communicated three-layer network range without changing an IP address and an MAC address, and the continuity of services is ensured.
And step S410, the VxLAN gateway sends the internet traffic to the Internet through the WAN port.
Step S412, VxLAN gateway sends the two-layer interworking traffic to other VxLAN gateways through the WAN port.
According to the scheme, the VxLAN gateway identifies different flows according to the target MAC address of the message received by the LAN port, and distinguishes the internet flow from the two-layer intercommunication flow, so that the VxLAN gateway LAN port multiplexing is realized.
In correspondence with the above-described process of sending internet traffic, the VxLAN gateway may also receive internet traffic through a WAN port of the VxLAN gateway, and for example, the following method may be adopted: firstly, the VxLAN gateway receives internet traffic through a WAN port; then, the VxLAN gateway performs NAT (network address translation) on the internet traffic, and converts a global IP (Internet protocol) address representing a traffic destination address into a local address; finally, the VxLAN gateway sends the traffic from the LAN port to the host in the local area network.
By adopting the method, the VxLAN gateway can directly receive the traffic of the Internet and the traffic to the local area network without detouring through a uniform inlet in the VxLAN intercommunication domain, so that network resources are saved, and the efficiency is improved.
In addition to receiving internet traffic, the VxLAN gateway's WAN port is also capable of receiving two-layer interworking traffic. A method of identifying traffic received at the WAN port of a VxLAN gateway, according to one embodiment of the invention, is described below with reference to fig. 5.
Fig. 5 is a flow chart of one embodiment of the present invention's method of identifying traffic received at the WAN port of a VxLAN gateway. As shown in fig. 5, the method of this embodiment includes:
step S502, the VxLAN gateway receives the traffic through the WAN port.
And step S504, the VxLAN gateway checks the message type of the flow.
In step S506, if the traffic is not VxLAN encapsulated traffic, the traffic is internet traffic. The VxLAN gateway performs NAT translation of internet traffic, translates the global IP address representing the destination address of the traffic to a local host address, and then step S510.
Step S508, if the traffic is VxLAN encapsulated traffic, the traffic is a two-layer interworking traffic. The VxLAN gateway de-encapsulates the VxLAN from the two-layer interworking traffic of the WAN port, and then step S510.
Step S510, VxLAN gateway sends the traffic from the LAN port to the host in the LAN.
Because the VxLAN encapsulation is carried out on the two-layer intercommunication traffic before the two-layer intercommunication traffic is sent, the received traffic can be distinguished through the message type of the traffic. Therefore, different flows are identified according to the types of the messages received by the WAN port, and multiplexing of the VxLAN gateway WAN port is achieved.
By adopting the internet access method of each embodiment, the process of receiving and sending the internet traffic and the two-layer intercommunication traffic through the VxLAN gateway can be realized, so that each local area network can be respectively and directly accessed to the internet under the condition of realizing mutual communication, the traffic is saved, and the use experience of a user is improved.
A VxLAN gateway for one embodiment of the invention is described below with reference to fig. 6.
Fig. 6 is a block diagram of one embodiment of a VxLAN gateway of the present invention. As shown in fig. 6, the VxLAN gateway of this embodiment includes: an ARP response module 622, configured to respond to an ARP query for querying a default gateway media access control MAC address broadcasted by a host in the local area network, and reply to an MAC address of a local area network LAN port of the VxLAN gateway, so as to direct the host in the local area network to send an internet traffic to the LAN port of the VxLAN gateway; a traffic receiving module 624, configured to receive, through the LAN port, the internet traffic sent by the host in the local area network; the NAT module 626 is configured to perform NAT conversion on the internet traffic; and a traffic sending module 628, configured to send the converted internet traffic to the internet from a WAN port of the wide area network.
The traffic receiving module 624 may further include an MAC identifying unit, configured to identify whether the traffic is internet traffic by using a destination MAC address of the traffic, where if the destination MAC address of the traffic is an MAC address of a LAN port of the VxLAN gateway, the traffic is internet traffic, and if the destination MAC address of the traffic is not an MAC address of a LAN port of the VxLAN gateway, the traffic is two-layer interworking traffic.
The traffic receiving module 624 may also be configured to receive, through the LAN port, a layer two interworking traffic sent by the host in the local area network; at this time, the VxLAN gateway may further include a VxLAN encapsulation module for performing VxLAN encapsulation on the two-layer interworking traffic from the LAN port; traffic sending module 628 may also be used to send the encapsulated traffic to other VxLAN gateways through the WAN port.
The traffic receiving module 624 may further be configured to receive internet traffic through the WAN port, and the traffic sending module 628 is configured to send the internet traffic from the LAN port to the host in the local area network after the NAT module 626 performs NAT conversion on the internet traffic.
The traffic receiving module 624 may further include a message identification unit, configured to identify whether the traffic is internet traffic according to a message type of the traffic, where if the traffic is not VxLAN encapsulated traffic, the traffic is internet traffic, and if the traffic is VxLAN encapsulated traffic, the traffic is two-layer interworking traffic.
The traffic receiving module 624 may be configured to receive, through the WAN port, a two-layer interworking traffic sent by another VxLAN gateway; the gateway also comprises a VxLAN decapsulation module for performing VxLAN decapsulation on the two-layer intercommunication traffic from the WAN port; the traffic sending module 628 is configured to send the decapsulated traffic to the host in the local area network through the LAN port.
The VxLAN gateway uses the MAC address of the LAN port to reply the ARP query of the host in the local area network, and guides the host in the local area network to send the internet traffic to the LAN port of the VxLAN gateway, so that the internet traffic in the local area network can be directly sent to the internet through the VxLAN gateway without going around through other VxLAN gateways, network resources are saved, and network performance and user experience are improved.
In addition, the VxLAN gateway identifies different flows according to the target MAC address of the message received by the LAN port, and realizes the multiplexing of the VxLAN gateway LAN port; different flows are identified according to the types of the messages received by the WAN port, and multiplexing of the VxLAN gateway WAN port is achieved.
Furthermore, the method according to the invention may also be implemented as a computer program product comprising a computer readable medium having stored thereon a computer program for performing the above-mentioned functions defined in the method of the invention. Those of skill would further appreciate that the various illustrative logical blocks, modules, circuits, and algorithm steps described in connection with the disclosure herein may be implemented as electronic hardware, computer software, or combinations of both.
The above description is only for the purpose of illustrating the preferred embodiments of the present invention and is not to be construed as limiting the invention, and any modifications, equivalents, improvements and the like that fall within the spirit and principle of the present invention are intended to be included therein.
Claims (12)
1. A method for accessing a host to the Internet based on a VxLAN gateway of a virtual extensible local area network comprises the following steps:
under the condition that the default gateway is not in the local LAN, the VxLAN gateway of the local LAN responds to an ARP query which is broadcasted by a host machine in the local LAN and queries the Media Access Control (MAC) address of the default gateway, replies with the MAC address of the LAN port of the VxLAN gateway, and thus guides the host machine in the local LAN to send the internet traffic to the LAN port of the VxLAN gateway;
after receiving the internet traffic sent by the host in the local area network from the LAN port, the VxLAN gateway performs Network Address Translation (NAT) on the internet traffic and sends the internet traffic to the Internet from the WAN port of the wide area network;
under the condition that the default gateway is positioned in the local area network, the default gateway responds to ARP inquiry for inquiring the MAC address of the default gateway broadcasted by a host in the local area network;
the default gateway is a unified gateway distributed by a DHCP server for hosts of all VxLAN in a VxLAN interworking domain.
2. The method of claim 1, wherein receiving, by the VxLAN gateway through the LAN port, the internet traffic sent by the host in the local area network comprises:
the VxLAN gateway receives flow sent by a host in the local area network from the LAN port, identifies whether the flow is internet flow or not through a target MAC address of the flow, if the target MAC address of the flow is the MAC address of the LAN port of the VxLAN gateway, the flow is internet flow, and if the target MAC address of the flow is not the MAC address of the LAN port of the VxLAN gateway, the flow is two-layer intercommunication flow.
3. The method according to claim 1 or 2, characterized in that the method further comprises:
the VxLAN gateway receives the two-layer intercommunication traffic sent by the host in the local area network through the LAN port, performs VxLAN encapsulation on the two-layer intercommunication traffic from the LAN port, and sends the two-layer intercommunication traffic to other VxLAN gateways through the WAN port.
4. The method of claim 1, further comprising:
the VxLAN gateway receives the internet traffic through the WAN port, performs Network Address Translation (NAT) conversion on the internet traffic, and then sends the internet traffic to the host in the local area network from the LAN port.
5. The method of claim 4, wherein receiving internet traffic by the VxLAN gateway through a WAN port comprises:
the VxLAN gateway receives the flow through a WAN port, and identifies whether the flow is internet flow or not through the message type of the flow, if the flow is not VxLAN encapsulation flow, the flow is internet flow, and if the flow is VxLAN encapsulation flow, the flow is two-layer intercommunication flow.
6. The method according to claim 4 or 5, characterized in that the method further comprises:
the VxLAN gateway receives the two-layer intercommunication traffic sent by other VxLAN gateways through the WAN port, de-encapsulates the two-layer intercommunication traffic from the WAN port, and sends the two-layer intercommunication traffic to a host in the local area network through the LAN port.
7. A VxLAN gateway, comprising:
the ARP response module is used for responding to an ARP inquiry of an Address Resolution Protocol (ARP) for inquiring a Media Access Control (MAC) address of the default gateway broadcasted by a host in the local area network under the condition that the default gateway is not in the local area network, replying the MAC address of the Local Area Network (LAN) port of the VxLAN gateway, and guiding the host in the local area network to send the internet traffic to the LAN port of the VxLAN gateway; the default gateway is a unified gateway distributed by a DHCP server for each VxLAN host in a VxLAN interworking domain, and responds to ARP inquiry for inquiring the MAC address of the default gateway broadcasted by the host in the local area network under the condition that the default gateway is positioned in the local area network;
the traffic receiving module is used for receiving the internet traffic sent by the host in the local area network from the LAN port;
the NAT module is used for carrying out NAT conversion on the internet traffic;
and the traffic sending module is used for sending the converted internet traffic to the internet from a WAN (wide area network) port of the wide area network.
8. The VxLAN gateway of claim 7, wherein the traffic receiving module further comprises a MAC identification unit configured to identify whether traffic is Internet traffic by its destination MAC address, wherein if the destination MAC address of traffic is the MAC address of the LAN port of the VxLAN gateway, the traffic is Internet traffic, and if the destination MAC address of traffic is not the MAC address of the LAN port of the VxLAN gateway, the traffic is two-layer interworking traffic.
9. The VxLAN gateway according to claim 7 or 8, wherein the traffic receiving module is further configured to receive, through a LAN port, a layer two interworking traffic sent by a host in the local area network;
the VxLAN gateway also comprises a VxLAN encapsulation module which is used for carrying out VxLAN encapsulation on the two-layer intercommunication flow from the LAN port;
and the traffic sending module is also used for sending the encapsulated traffic to other VxLAN gateways through the WAN port.
10. The VxLAN gateway of claim 7, wherein the traffic receiving module is configured to receive internet traffic through a WAN port, and the traffic sending module is configured to send the internet traffic from the LAN port to the host in the local area network after the NAT module performs NAT translation on the internet traffic.
11. The VxLAN gateway of claim 10, wherein the traffic receiving module further comprises a message identification unit, configured to identify whether the traffic is internet traffic by a message type of the traffic, and if the traffic is not VxLAN encapsulated traffic, the traffic is internet traffic, and if the traffic is VxLAN encapsulated traffic, the traffic is two-layer interworking traffic.
12. The VxLAN gateway of claim 10 or claim 11, wherein the traffic receiving module is configured to receive layer two interworking traffic sent by other VxLAN gateways through a WAN port;
the VxLAN gateway further comprises a VxLAN decapsulation module for performing VxLAN decapsulation on the two-layer intercommunication traffic from the WAN port;
and the flow sending module is used for sending the decapsulated flow to the host in the local area network through the LAN port.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201510737292.1A CN106656718B (en) | 2015-11-04 | 2015-11-04 | VxLAN gateway and method for accessing host to internet based on VxLAN gateway |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201510737292.1A CN106656718B (en) | 2015-11-04 | 2015-11-04 | VxLAN gateway and method for accessing host to internet based on VxLAN gateway |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN106656718A CN106656718A (en) | 2017-05-10 |
| CN106656718B true CN106656718B (en) | 2020-01-24 |
Family
ID=58810063
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201510737292.1A Active CN106656718B (en) | 2015-11-04 | 2015-11-04 | VxLAN gateway and method for accessing host to internet based on VxLAN gateway |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN106656718B (en) |
Families Citing this family (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN111371666B (en) * | 2018-12-26 | 2021-12-31 | 华为技术有限公司 | Method, device and system for processing message |
Family Cites Families (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101052022B (en) * | 2006-04-05 | 2010-10-13 | 华为技术有限公司 | System and method for virtual special net user to access public net |
| CN102209124B (en) * | 2011-06-08 | 2014-03-12 | 杭州华三通信技术有限公司 | Method for communication between private network and public network and network address translation equipment |
| CN103546374B (en) * | 2012-07-10 | 2016-08-03 | 杭州华三通信技术有限公司 | A kind of method and apparatus E-Packeted in edge double layer network |
| US8982707B2 (en) * | 2013-03-14 | 2015-03-17 | Cisco Technology, Inc. | Interoperability of data plane based overlays and control plane based overlays in a network environment |
| CN104702476B (en) * | 2013-12-05 | 2018-07-31 | 华为技术有限公司 | Message processing method based on distributed network gate and network virtualization marginal point |
-
2015
- 2015-11-04 CN CN201510737292.1A patent/CN106656718B/en active Active
Also Published As
| Publication number | Publication date |
|---|---|
| CN106656718A (en) | 2017-05-10 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| JP5335886B2 (en) | Method and apparatus for communicating data packets between local networks | |
| US9923732B2 (en) | Virtual gateways and implicit routing in distributed overlay virtual environments | |
| US10652047B2 (en) | Connectivity to internet via shared services in enterprise fabric based network with LISP control plane | |
| KR101785760B1 (en) | Method and network element for enhancing ds-lite with private ipv4 reachability | |
| US8509244B2 (en) | Method and apparatus for providing host node awareness for multiple NAT64 environments | |
| US10432578B2 (en) | Client address based forwarding of dynamic host configuration protocol response packets | |
| CN107770026B (en) | Tenant network data transmission method, tenant network system and related equipment | |
| WO2015165311A1 (en) | Method for transmitting data packet and provider edge device | |
| CN107094110B (en) | DHCP message forwarding method and device | |
| US8472420B2 (en) | Gateway device | |
| CN110213148B (en) | Data transmission method, system and device | |
| CN106209616B (en) | Flooding inhibition method and device | |
| JP2019515555A (en) | Anonymous Identification Information and Protocol of Identification Information Oriented Network | |
| US20120177049A1 (en) | Method and system for implementing network intercommunication | |
| CN110691150A (en) | SDN-based IPv4 and IPv6 interconnection method and system | |
| US20190007368A1 (en) | DHCP in Layer-3 Overlay with Anycast Address Support and Network Address Transparency | |
| CN108023971B (en) | DHCP message forwarding method and device | |
| US8705471B2 (en) | Method and system for implementing ID/locator mapping | |
| US20080310319A1 (en) | Server, network system, and network connection method used for the same | |
| JP2024504466A (en) | Packet forwarding methods, packet processing methods, and devices | |
| JP2023510707A (en) | Method for sending reply packet, method for sending route advertisement message, network device and computer program | |
| CN106656718B (en) | VxLAN gateway and method for accessing host to internet based on VxLAN gateway | |
| CN107547691B (en) | Address resolution protocol message proxy method and device | |
| JP5992115B2 (en) | Method for controlling simultaneous access to data generated by a device coupled to a mobile system coupled to a CPE | |
| KR20110088441A (en) | Identifier and locator structure and communication method based on the structure |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |