CN106850387A - A kind of system and method for the virtual network networking for realizing multiple data centers - Google Patents
A kind of system and method for the virtual network networking for realizing multiple data centers Download PDFInfo
- Publication number
- CN106850387A CN106850387A CN201710093085.6A CN201710093085A CN106850387A CN 106850387 A CN106850387 A CN 106850387A CN 201710093085 A CN201710093085 A CN 201710093085A CN 106850387 A CN106850387 A CN 106850387A
- Authority
- CN
- China
- Prior art keywords
- virtual
- data center
- data
- virtual router
- point
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L12/00—Data switching networks
- H04L12/28—Data switching networks characterised by path configuration, e.g. LAN [Local Area Networks] or WAN [Wide Area Networks]
- H04L12/46—Interconnection of networks
- H04L12/4641—Virtual LANs, VLANs, e.g. virtual private networks [VPN]
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L12/00—Data switching networks
- H04L12/28—Data switching networks characterised by path configuration, e.g. LAN [Local Area Networks] or WAN [Wide Area Networks]
- H04L12/46—Interconnection of networks
- H04L12/4641—Virtual LANs, VLANs, e.g. virtual private networks [VPN]
- H04L12/4675—Dynamic sharing of VLAN information amongst network nodes
Abstract
The invention provides a kind of implementation method of multiple data centers networking and the system based on the implementation method, the implementation method includes:Point-to-point and only connection Liang Ge data centers special line is set up between the multiple data centers in physical separation form, virtual router and virtual Intranet are created in each data center, Intranet virtual gateway access of virtual router, virtual router accesses the private line network being made up of special line;Directly Intranet virtual gateway and gre tunneling equipment are added in the Bridge equipment of virtual router;The gre tunneling of point-to-point is set up by the virtual router of each data center, point-to-point forwarding is carried out between each data center with based on GRE routed encapsulations and to message data.By the present invention, realize carries out efficient and reliable communication in multiple data centers in a LAN, the transparency of data, realizes virtual network networking effect of double layer network when across data center when improve user's application deployment and accessing across calculate node.
Description
Technical field
The present invention relates to field of cloud computer technology, more particularly to a kind of virtual network networking for realizing multiple data centers is
System and its method.
Background technology
Data center (Data Center) is the particular device network of global collaboration, in the net of Internet network
Accelerate information transmission in network infrastructure, the main purpose of data center is the tissue for running application to process business and running
Data.The application refers to can perform in physical machine, virtual machine, computer cluster and/or respond various requests
Software, resource and the various various applications being computer-executed.
With the development of cloud computing technology, the portfolio of user gradually increases, and reliability to business and performance will
Ask growing day by day.When user is in place in the data center of diverse geographic location by application deployment, to improve the high availability of application.
But, there is dependence in the application positioned at the data center of diverse geographic location, it is therefore desirable to institute in application running
The data for producing or sending are synchronized.In order to ensure the security of application, generally it is not intended to by Internet network, but
Excessive demand has the bandwidth of Network Communication in similar again, to carry out real-time synchronization and the renewal of data.In traditional data center, lead to
Image feature is realized frequently with three-layer network.
Although traditional data center can form the virtual networks such as virtual machine (VM), virtual memory by Intel Virtualization Technology
Equipment, but cannot between the data center of diverse geographic location virtual network networking effect so that user deployment should
With cannot be managed as a whole between the data center of diverse geographic location.The Chinese invention of Publication No. CN101764752A
Patent application discloses " method and system of remote centralized mirror image management ", although it realizes mirror image traffic traverses three-layer network
It is transmitted, realizes technique effect of the centralized management center to the centralized management of multiple distributive data centers, but this is existing
Having technology still cannot substantially complete to form each data center of distributive data center by Intel Virtualization Technology
Virtual network device carry out the effect of virtual network networking, and based on applying in running institute between distributive data center
The data of generation have to rely on wide area network and gre tunneling is broadcasted or unicast, therefore cause security and stability not very
It is preferable.
Additionally, traditional data center is mainly being divided according to function, such as WEB, APP, DB, Office Area, business
Area, inline area, outreach area etc..Mutually exchanged visits by safety means such as virtual gateway, virtual firewalls between different zones
Ask, to ensure the reliability and security of different zones.But, because different zones have different functions, it is therefore desirable to phase
As long as can be communicated between terminal when mutually accessing data being capable of achieving, therefore not necessarily require the both sides being in communication with each other and all locate
In same VALAN or double layer network.Therefore, there is the defect in mechanism in current data center.
In view of this, it is necessary to which virtual network network-building method and its system to multiple data centers of the prior art give
Improve, to solve the above problems.
The content of the invention
Implementation method and its application it is an object of the invention to disclose a kind of virtual network networking of multiple data centers should
The system of a kind of virtual network networking for realizing multiple data centers of implementation method, for realizing user across data center deployment
Using when carry out virtual network networking so that the virtual network device of multiple data centers is carried out efficiently in a LAN
And reliable communication, improve user's application deployment and access the transparency of data, realize double layer network when across data center
Virtual network networking.
To realize above-mentioned first goal of the invention, the invention provides a kind of virtual network networking for realizing multiple data centers
System, the system is based on GRE routed encapsulations and carries out point-to-point form between each data center to message data and turn
Hair operation,
The system includes:
The private line network being made up of the special line of multiple point-to-point connection Liang Ge data centers,
Multiple is in the data center of physical separation form, and the virtual router of each data center accesses private line network and simultaneously passes through
Virtual router sets up the gre tunneling of multiple point-to-points, and the GRE tunnels of interconnection are formed on the virtual router of each data center
Road equipment and Bridge equipment,
Virtual Intranet, by the virtual network device of virtual Intranet carry to data center,
The Intranet virtual gateway between virtual Intranet and virtual router is arranged on, the virtual network device is by virtual
Router is mutually accessed through special line,
Being created in the virtual router of each data center has the gre tunneling equipment and Bridge equipment of interconnection, and by Intranet
Virtual gateway and gre tunneling equipment are added in Bridge equipment, and message data carries out point-to-point forwarding in gre tunneling, and
Adjacent data center is reached by special line.
As a further improvement on the present invention, the virtual network device is configured to virtual machine, load equalizer, virtually deposits
Storage equipment or Microsoft Loopback Adapter.
As a further improvement on the present invention, multiple data centers configure to form open loop topological structure by gre tunneling.
As a further improvement on the present invention, multiple data centers configure to form closed loop topological structure by gre tunneling.
As a further improvement on the present invention, created in data center of at least one of the multiple data center in having
Heart virtual router, Bridge equipment in the center virtual router bridges at least two gre tunneling equipment, and by center
Intranet virtual gateway that virtual router is connected and the two GRE tunnels set up with the virtual router at adjacent data center
Road is added separately in the Bridge equipment of center virtual router, to set up double layer network connection.
As a further improvement on the present invention, the Bridge equipment of the virtual router of multiple data centers carries STP moulds
Block, and by opening the STP modules by multiple data center's networkings, configure to be formed with the gre tunneling by multiple point-to-points
Closed loop topological structure.
As a further improvement on the present invention, center virtual flow-line has been created in each data center of closed loop topological structure
Device.
Meanwhile, the invention also discloses a kind of implementation method of the virtual network networking of multiple data centers, including following step
Suddenly:Point-to-point and only connection Liang Ge data centers special line is set up between the multiple data centers in physical separation form,
Each data center creates virtual router and virtual Intranet, and by Intranet virtual gateway access of virtual router, virtual router connects
Enter the private line network being made up of special line;Intranet virtual gateway and gre tunneling equipment are directly added to virtual router
In Bridge equipment;The gre tunneling of point-to-point is set up by the virtual router of each data center, each data center passes through GRE
Tunnel to forward message data seal up dress with decapsulation operation, with based on GRE routed encapsulations and to message data in each number
Operated according to the forwarding that point-to-point form is carried out between center.
As a further improvement on the present invention, a data center in multiple data centers is at least selected, and in the quilt
Center virtual router is created in the virtual router of selected data center, the Bridge in the center virtual router sets
At least two gre tunneling equipment of standby bridge joint.
As a further improvement on the present invention, the Intranet network segment of multiple data centers is identical;Multiple data centers pass through GRE
Tunnel configuration forms open loop topological structure or closed loop topological structure.
Compared with prior art, the beneficial effects of the invention are as follows:By the present invention, realize in multiple data centers one
Efficient and reliable communication is carried out in individual LAN, data is transparent when improve user's application deployment and accessing across calculate node
Property, realize virtual network networking effect of double layer network when across data center.
Brief description of the drawings
Fig. 1 is the signal that physical equipment is located at three diverse geographic locations and the virtual network networking interconnected by special line
Figure;
Fig. 2 is showing for the virtual network networking that physical equipment does not constitute closed loop topological structure positioned at three diverse geographic locations
It is intended to;
Fig. 3 is the signal that physical equipment is located at two diverse geographic locations and the virtual network networking interconnected by special line
Figure;
Fig. 4 is that physical equipment shown shown in Fig. 2 is located at three diverse geographic locations and carries out void by special line interconnection
Intend detailed maps during network organizing;
Fig. 5 is a kind of network-building method of the virtual network device across data center based on GRE routed encapsulations of the present invention
Logical flow chart;
Fig. 6 is the exemplary plot that five data are centrally formed closed loop topological structure;
Fig. 7 is seven data centers and forms two exemplary plots of intersecting closed loop topological structure.
Specific embodiment
The present invention is described in detail for shown each implementation method below in conjunction with the accompanying drawings, but it should explanation, these
Implementation method not limitation of the present invention, those of ordinary skill in the art according to these implementation method institutes works energy, method,
Or equivalent transformation or replacement in structure, belong within protection scope of the present invention.
Term " GRE ", Generic Routing Encapsulation, Generic Routing Encapsulation.
Term " special line ", Private Line, special circuit.
Ginseng Fig. 1 shown in, Fig. 1 show Beijing data center 10 in physical separation form, Shanghai Data center 30 and
The schematic diagram that Shenzhen data center 20 is interconnected by private line network 50.At least have in Beijing data center 10 computer 101,
Virtual router 13 and fire wall 103;It is similarly shown, also at least have computer 301, virtual router in Shanghai Data center 30
33 and fire wall 303, also at least have computer 201, virtual router 23 and fire wall 203 in Shenzhen data center 20.Three
Computer 101, computer 201 or computer 301 in data center can be configured as physical computer, virtual machine etc. and pass through
The virtual network resource that Intel Virtualization Technology is formed.Virtual router 13, virtual router 23, virtual router 33 are preferably base
In the VPP high-performance virtual routers of DPDK.
Carried out by one or more of special lines (Private Line-1~Private Line-3) in private line network 50
Virtual network networking, to realize carrying out virtual network networking between data center.Special line is the communication line of physics, and is propped up
Hold private line service.So as to the Secure Communication between realize virtual network between data center so that different pieces of information center
Cloud main frame or other can load various resources of application or response user's request, and can be in same two layers of net
In network, the efficient data communication between data center is realized, fundamentally changed during traditional three-layer network rules data
The present situation of heart network.
Shown in ginseng Fig. 2 and Fig. 4, virtual network networking can be respectively carried out between multiple data centers, so that in multiple data
The heart configures 100 and gre tunneling 200 formation open loop topological structure or closed loop topological structure by gre tunneling.
So-called private line service refers to, by dedicated channel between 2 points or multiple spot, for transmitting the meeting of heavy traffic
The service messages such as words, data, audio, video.When private line service message is forwarded between Liang Ge data centers, can use
The mode of OptionA, OptionB or OptionC;When wherein, from OptionA modes, in the edge router of transmitting terminal
(PE) after being converted to Ethernet message to the decapsulation of private line service message one by one, then it is encapsulated into by the edge router (PE) of receiving terminal
Enter MPLS VPN, realize that private line service is transmitted in network domains.
Multiple special lines in private line network 50 are used to get through the physical layer of each data center.Each data center provides independent
Change virtualization services.So-called independent virtualization services include network service, calculate service, storage service, and each data center
Between without dependence, and can independent operating, and the user being logged to other data centers is in long-range/local (data center)
Carry out data access.
Special line is to set up the physical circuit between each data center, realizing between the data center under not walking public network
Communication, it is to avoid the behavior such as substantial amounts of network attack, data theft in public network, be effectively improved the security of data transfer with
Reliability.
Embodiment one:
Many data are realized present embodiment illustrates the one kind for realizing carrying out virtual network networking between Liang Ge data centers
The specific embodiment of the system of the virtual network networking at center.Virtual network group can be respectively carried out between the grade data center
Net, (i.e. gre tunneling configuration 100 and gre tunneling 200) is configured with by point-to-point gre tunneling and forms open loop topological structure.
This realizes the system of the virtual network networking of multiple data centers, and the system is based on GRE routed encapsulations and to message
Data carry out the forwarding operation of point-to-point form between Beijing data center 10 and Shenzhen data center 20 to message data, and
It is capable of achieving the mutual access of Beijing data center 10 and 20 virtual network devices of carry of Shenzhen data center.
Specifically, the system includes:It is special with Shenzhen data center 20 by multiple point-to-point connection Beijing data centers 10
The private line network that line (Private Line-2) is constituted.A special line (Private Line- is only contained in the special line networking
2) Beijing data center 10 and Shenzhen data center 20 are connected, and only.
Shown in ginseng Fig. 3, the virtual network device 25 in Shenzhen data center 20 is entered it illustrates Beijing data center 10
The example that row is accessed.
Multiple is in data center (Beijing data center 10 and Shenzhen data i.e. shown in Fig. 3 of physical separation form
Center 20), Beijing data center 10 is configured with virtual router 13, and Shenzhen data center 20 is configured with virtual router 23, respectively
The virtual router of data center accesses private line network and virtual Intranet, so as to pass through virtual router between each data center
13 and virtual router 23 set up the gre tunneling 100 of point-to-point.Virtual Intranet, with virtual Intranet in Beijing data center 10
(internal address network segment 192.168.1.0/24) is connected with virtual network device 15, connects with virtual Intranet in Shenzhen data center 20
It is connected to virtual network device 25 (internal address network segment 192.168.1.0/24).
Virtual network device 15, virtual network device 25 and virtual network device 35 can be configured as virtual machine, load
Balanced device, virtual memory facilities or Microsoft Loopback Adapter.
One gre tunneling of point-to-point 100 is set up by the special line network interface card in virtual router 13 and virtual router 23,
And created in virtual router 13 and have the gre tunneling equipment 11 and Bridge equipment 12 of interconnection, and for by virtual flow-line
The Intranet virtual gateway 24 of the access of virtual Intranet of device 23.Intranet virtual gateway 14 and gre tunneling equipment 11 set added to Bridge
In standby 12.Gre tunneling 100 is by gre tunneling equipment 11, Bridge equipment 12 and gre tunneling equipment 21, the institute of Bridge equipment 22
Constitute, and gre tunneling 100 is set up based on special line 1 and carries out point-to-point forwarding operation.Gre tunneling equipment 11, gre tunneling
Equipment 21 is two ports of gre tunneling 100.
It is similarly described, the gre tunneling equipment 21 and Bridge equipment 22 for having interconnection are created in virtual router 23.The Shenzhen
Being created in 20 in data has for by the Intranet virtual gateway 24 of the access of virtual Intranet of virtual router 23 and virtual by Intranet
Gateway 24 is by the access of virtual Intranet of virtual router 23.Intranet virtual gateway 24 and gre tunneling equipment 21 are added to Bridge
In equipment 22.It is achieved thereby that as Beijing data center 10 to the number produced by the virtual network device 25 of Shenzhen data center 20
Point-to-point forwarding is carried out in gre tunneling 100 according to message, and adjacent Shenzhen data center 20 is reached by special line 2, to build
Vertical double layer network connection.
Virtual Intranet is supplied to virtual network device 15 or virtual network device 25 to use, and virtual Intranet is accessed to
Virtual router, is that the virtual network networking between multiple data centers is prepared.By virtual router 13 and virtual router 23
Access private line network 50 so that the message data between virtual router 13 and virtual router 23 can be carried out by special line 2
The forwarding operation of point-to-point form.The virtual flow-line that virtual network device 15 is accessed by it respectively with virtual network device 25
Device is mutually accessed by special line 2.
Shown in ginseng Fig. 3, the system is made up of Beijing data center 10 with Shenzhen data center 20, and composition one is paired
Structure, and two layers of gre tunneling 100, and the gre tunneling 100 are set up by virtual router 13 and virtual router 23
Data forwarding operation is carried out by special line 2.In Layer 2 data communication, by the virtual router of respective data center, will
Bridge equipment 12 is interconnected with Bridge equipment 22 by gre tunneling 100, so that from Beijing data center 10 and Shenzhen number
Forwarded by gre tunneling 100 according to the data mutually sent between center 20.So that two data are centrally through GRE
The message data of 100 pairs, tunnel forwarding seals up dress and decapsulation operation, with based on GRE routed encapsulations to message data in Beijing
Point-to-point forwarding operation is carried out between data center 10 and Shenzhen data center 20.
Embodiment two:
Join the system of Fig. 2, Fig. 4 virtual network networking for realizing multiple data centers a kind of with the present invention illustrated in fig. 5
Second specific embodiment.Virtual network networking can be respectively carried out between these data centers, to form open loop topological structure.
The present embodiment differs primarily in that with embodiment one, using as the virtual router of Shenzhen data center 20 for accessing tie point
Virtual router centered on configuration.
Shown in ginseng Fig. 4, it illustrates Beijing data center 10 is by Shenzhen data center 20 and finally realizes to Shanghai number
According to the example that the virtual network device 35 in center 30 conducts interviews.
Wherein, Beijing data center 10 and Shenzhen data center 20 carry out virtual network networking, Shenzhen data center 20 with
Virtual network networking is carried out between Shanghai Data center 30.Pass through GRE between Beijing data center 10 and Shenzhen data center 20
The message data of 100 pairs, tunnel forwarding seals up dress and decapsulation operation, with based on GRE routed encapsulations to message data in Beijing
Point-to-point forwarding operation is carried out between data center 10 and Shenzhen data center 20.
Added by the message data of 200 pairs of forwardings of gre tunneling between Shenzhen data center 20 and Shanghai Data center 30
Encapsulation is operated with decapsulation, with based on GRE routed encapsulations to message data at Shenzhen data center 20 and Shanghai Data center 30
Between carry out it is point-to-point forwarding operation, but do not perform virtual net between Beijing data center 10 and Shanghai Data center 30
Network networking.Shanghai Data center 30 passes through Intranet virtual gateway 34 by the access of virtual Intranet of virtual router 33.
, by virtual Intranet carry to Beijing data center 10, virtual network device 25 is by virtual for virtual network device 15
Intranet carry to Shenzhen data center 20, virtual network device 35 by virtual Intranet carry to Shanghai data center 30, and on
Extra large data center 30 is identical with the internal address network segment of Beijing data center 10 and Shenzhen data center 20 and keeps the same network segment
(internal address network segment 192.168.1.0/24).
In this example, the internal address of Beijing data center 10, Shenzhen data center 20 and Shanghai Data center 30
Network segment all same (192.168.1.0/24), consequently facilitating realizing that double layer network is interconnected.
In the present embodiment, Beijing data center 10, Shenzhen data center 20, the Shanghai number of virtual network networking can be realized
Intranet virtual gateway 14, Intranet virtual gateway 24 and the Intranet connected respectively according to (center) virtual router at center 30 are virtual
The IP requirements of gateway 34 can not be identical, it is to avoid IP address conflict occurs.
In the present embodiment, Beijing data center 10, Shenzhen data center 20, requirement (center) void at Shanghai Data center 30
Intend router and walk special line 2 and special line 3, it is necessary to (center) virtual router accesses special line network segment 172.16.1.0/24.Beijing data
Center 10, Shenzhen data center 20, the Bridge equipment 12, Bridge of (center) virtual router at Shanghai Data center 30 set
Standby 22, Bridge equipment 32 needs to open its built-in STP module, so as to prevent occurring in gre tunneling 100 and gre tunneling 200
Redundancy cyclization and network storm.
In the present embodiment, as connection Beijing data center 10 and Shenzhen of the connecting node at Shanghai Data center 30
Being created in data center 20 has center virtual router 23.The bridge joint of Bridge equipment 22 GRE in the center virtual router 23
Tunnel device 21a and gre tunneling equipment 21b.
Intranet virtual gateway 24 and Beijing adjacent with Shenzhen data center 20 that center virtual router 23 is connected
Gre tunneling 100 and GRE that the virtual router 13 of data center 10 and the virtual router 33 at Shanghai Data center 30 are set up
Tunnel 200 is added separately in the Bridge equipment 22 of center virtual router 23, so as to by Beijing data center 10 and Shenzhen
Data center 20 carries out virtual network networking by gre tunneling 100, and Shenzhen data center 20 is led to Shanghai Data center 30
Crossing gre tunneling 200 carries out virtual network networking, is connected with setting up double layer network between these three data centers, and formation is in
The open loop topological structure of chain.
Gre tunneling equipment (i.e. gre tunneling equipment 11 in Fig. 4 in two virtual routers of adjacent data center
With gre tunneling equipment 31) with center virtual router 23 in gre tunneling equipment 21a and gre tunneling equipment 21b by each other
Bridge equipment set up double layer network connection.
Embodiment three:
Compared with embodiment two, its difference is the present embodiment, in the present embodiment, three Bridge of data center
Equipment carries STP modules.By opening the STP modules by multiple data center's networkings, to form one in closed loop topology knot
Or structure and across three virtual networks of more data center.STP (Spanning Tree Protocol, spanning tree
Agreement) it is one defined in the IEEE802.1D standard for Ethernet switch.The standard is defined for Ethernet switch
One group of rule is for finding out link layer topology, and link layer forwarding behavior to interchanger is controlled.STP modules are built in
In Bridge equipment, after the virtual network networking of two or three or more data center, closed due to existing
Ring topological structure, then block on ring-type link in the ring-type data link that STP modules can be formed in topological structure annular in shape
Port, to prevent port from carrying out the forwarding of data message or receive ethernet frame.Therefore, by opening all of data center
Virtual router (or center virtual router) in Bridge equipment in STP modules (i.e. stp=on), with realize close
The virtual network networking of ring topological structure.
The virtual network that one has closed loop topological structure is trimmed to a loop free by STP modules by blocking redundant link
Tree topology.So as to realize that message data or data frame at a time can send from a source, it is ensured that reach
The path of any one target in virtual network is unique, and other forward-paths (can not all be turned in inactive state
Hair operation).If certain is currently in use in virtual network link breaks down, by the STP modules by inactive shape
The block ports of state are opened, the link that recovery once disconnected, it is ensured that the connectedness and reliability of virtual network, so as to be used to offset
There is broadcast storm in the point-to-point gre tunneling formed between closed loop topological structure Zhong Ge data centers.
Example IV:
Shown in ginseng Fig. 6, the present embodiment is compared with any of the above-described embodiment, and its main distinction is as follows.In the present embodiment,
This realizes Beijing data center 10, Shenzhen data center 20, Shanghai number in the system of the virtual network networking of multiple data centers
Set up point-to-point according to center 30, Xi'an data center 50 and Wuhan data center 40 in closed loop topological structure and respectively by special line
Connection and form multiple gre tunnelings respectively, it is respectively by Intranet virtual gateway access of virtual in five data centers
Net, and by center virtual router 43, center virtual router 23, center virtual router 53, center virtual router 83
Or center virtual router 73 accesses gre tunneling.Gre tunneling is based on special line and sets up, and is forwarded between each data center
Message data carries out point-to-point forwarding operation in gre tunneling, and reaches adjacent data center by special line, then passes through
Adjacent data center carries out the forwarding operation of message data to data center separately and its to specifying data center to be hung
The virtual network device of load conducts interviews, so as to form double layer network connection.
Please join described in embodiment one to embodiment three with the same section in embodiment one to embodiment three in the present embodiment,
Will not be repeated here.
Embodiment five:
Shown in ginseng Fig. 7, the present embodiment is differred primarily in that with example IV, and many data are realized shown by the present embodiment
Multiple data centers in the system of the virtual network networking at center form two closed loop topological structures, and by the data of Shenzhen
The heart 20 is used as two nodes of closed loop topological structure.Wherein, Guizhou data center 70 and Xining data center 60 and Shenzhen data
Center 20 forms first subsystem of virtual network networking;Beijing data center 10, Shenzhen data center 20, Shanghai Data
Center 30, Xi'an data center 50 and Wuhan data center 400 form second subsystem of virtual network networking.First son
Be each equipped with center virtual router in all data centers in system and the second subsystem, and by first subsystem with
The system that second subsystem has collectively constituted the bigger virtual network networking for realizing multiple data centers of networking scope.
When Tu7Zhong Beijing data center 10 accesses the virtual network device that Wuhan data center 40 is configured, there is a plurality of right
The path that virtual network device conducts interviews.Wherein, path 1 can be by carrying out transfer and reaching Wuhan in Shanghai Data center 30
Data center 40;Path 2 then sequentially passes through Shenzhen data center 20, Xi'an data center 50 and eventually arrives at Wuhan data center
40;Path 3 then sequentially passes through Shenzhen data center 20, Xining data center 60, Guizhou data center 70, Shenzhen data center
20th, Xi'an data center 50 and Wuhan data center 40 is eventually arrived at.By the virtual router for opening all of data center
STP modules (i.e. stp=on) in Bridge equipment in (or center virtual router), these can be selected after STP modules
Optimal path in path, the virtual network device that Wuhan data center 40 is configured is accessed so as to obtain Beijing data center 10
Best link.
Please join embodiment one to described in example IV with the same section in embodiment one to example IV in the present embodiment,
Will not be repeated here.
Embodiment six:
Present embodiment discloses a kind of implementation method of the virtual network networking of multiple data centers, comprise the following steps:
In special line that is point-to-point and being just connected to Liang Ge data centers is set up between multiple data centers of physical separation form, in each number
Virtual router and virtual Intranet, Intranet virtual gateway access of virtual router, virtual router or center are created according to center
Virtual router accesses private line network.Directly by Intranet virtual gateway and gre tunneling equipment added to virtual router or in
In the Bridge equipment of heart virtual router, set up a little by the virtual router or center virtual router of each data center
To the gre tunneling of point, each data center seals up the message data for forwarding dress and is operated with decapsulation by gre tunneling, with base
The forwarding operation of point-to-point form is carried out between each data center in GRE routed encapsulations and to message data.
Meanwhile, in the present embodiment, a data center in multiple data centers is at least selected, and described chosen
Center virtual router is created in the virtual router of data center, the Bridge equipment bridge joint in the center virtual router
At least two gre tunneling equipment.The Intranet network segment of multiple data centers is identical;Multiple data centers configure shape by gre tunneling
Into open loop topological structure or closed loop topological structure.
The implementation method is further specifically shown in ginseng Fig. 5.
The implementation method is included with sub-step:
Sub-step p01:Create private line network.Multiple special lines are configured in the private line network, each special line is just connected to two
Between data center.
Sub-step p02:Create virtual Intranet.Intranet virtual gateway is by virtual Intranet and virtual network device phase intercommunication
Letter, is configured with one or more virtual network device in virtual Intranet.The virtual network device includes virtual machine, load balancing
Device, virtual memory facilities or Microsoft Loopback Adapter.
Sub-step p03:Create virtual router.In the virtual router create have interconnection gre tunneling equipment and
Bridge equipment.
Sub-step p04:Private line network is added into virtual router.
Sub-step p05:Virtual Intranet is added into virtual router.
Sub-step p06:Set up L2GRE tunnels (gre tunneling of Layer 2 Tunneling Protocol).
Sub-step p07:Judge the data center of interconnection whether more than or equal to 3;If so, then further performing sub-step
p08;If it is not, then redirecting execution sub-step p11:Connection Intranet virtual gateway and gre tunneling equipment, so as to by Intranet virtual gateway
It is added in Bridge equipment with gre tunneling equipment.
Cloud platform management system (being managed collectively for all data centers in cloud platform) is determined whether
Whether multiple data centers interconnection, corresponding (center) virtual router in individual data center are center virtual router and realization
Topological structure whether into closed loop topological structure still in open loop topological structure etc..
Sub-step p08:Virtual router centered on judging whether;If so, further performing sub-step p09;If it is not, then jumping
Turn to perform sub-step p11:Connection Intranet virtual gateway and gre tunneling equipment, and terminate whole flow process.Can be formed by the method
The system that any one realizes the virtual network networking of multiple data centers in above-described embodiment one to example IV.
Sub-step p09:Judge whether formed topological structure (judges to be located in topological structure into closed loop topological structure
Multiple data centers form open loop topological structure or closed loop topological structure);If so, then further performing sub-step p10;If
It is no, then redirect execution sub-step p11:Connection Intranet virtual gateway and gre tunneling equipment, and terminate whole flow process.
Sub-step p10:For the center router into closed loop topological structure, the STP modules (stp of Bridge equipment is opened
=on), the problems such as path optimizing is selected and solves network storm.
In the present embodiment, in order to allow the message data across data center to be transmitted by gre tunneling and forward operation,
Need in special line addition virtual router.Multiple virtual network devices are mounted with virtual Intranet (such as:Virtual machine).Message number
Intranet virtual gateway can be all reached according in transmission, by Intranet virtual gateway and gre tunneling by the void in respective data center
After intending the Bridge connections of router (or center virtual router), message data can just reach gre tunneling, also just can be with
In another data center of arrival gre tunneling connection.Each data center is sealed up the message data for forwarding by gre tunneling
Dress is operated with decapsulation, and point-to-point form is carried out between each data center with based on GRE routed encapsulations and to message data
Forwarding operation, so that message data performs forwarding and broadcasts between Liang Ge data centers.
When Double Data center carries out virtual network networking, directly virtual Intranet virtual gateway and a gre tunneling can be connected
Connect;When multiple data centers carry out virtual network networking, center virtual router is needed Intranet virtual gateway and multiple GRE tunnels
Road is coupled together, and so can just get through all of link.After the completion of configuration, from all links virtual network device mutually it
Between can communicate, as in a bigger LAN, do not limited by physics region.
Not most technical scheme please join described in embodiment one to embodiment five in the present embodiment, will not be repeated here.
Those listed above is a series of to be described in detail only for feasibility implementation method of the invention specifically
Bright, they simultaneously are not used to limit the scope of the invention, all equivalent implementations made without departing from skill spirit of the present invention
Or change should be included within the scope of the present invention.
It is obvious to a person skilled in the art that the invention is not restricted to the details of above-mentioned one exemplary embodiment, Er Qie
In the case of without departing substantially from spirit or essential attributes of the invention, the present invention can be in other specific forms realized.Therefore, no matter
From the point of view of which point, embodiment all should be regarded as exemplary, and be nonrestrictive, the scope of the present invention is by appended power
Profit requires to be limited rather than described above, it is intended that all in the implication and scope of the equivalency of claim by falling
Change is included in the present invention.Any reference in claim should not be considered as the claim involved by limitation.
Moreover, it will be appreciated that although the present specification is described in terms of embodiments, not each implementation method is only wrapped
Containing an independent technical scheme, this narrating mode of specification is only that for clarity, those skilled in the art should
Specification an as entirety, the technical scheme in each embodiment can also be formed into those skilled in the art through appropriately combined
May be appreciated other embodiment.
Claims (10)
1. a kind of system of the virtual network networking for realizing multiple data centers, it is characterised in that the system is based on GRE and route envelope
The forwarding for filling and carrying out point-to-point form between each data center to message data is operated,
The system includes:
The private line network being made up of the special line of multiple point-to-point connection Liang Ge data centers,
Multiple is in the data center of physical separation form, and the virtual router of each data center accesses private line network simultaneously by virtual
Router sets up the gre tunneling of multiple point-to-points, and the gre tunneling of interconnection is formed on the virtual router of each data center sets
It is standby with Bridge equipment,
Virtual Intranet, by the virtual network device of virtual Intranet carry to data center,
The Intranet virtual gateway between virtual Intranet and virtual router is arranged on, the virtual network device passes through virtual flow-line
Device is mutually accessed through special line,
The gre tunneling equipment and Bridge equipment for having interconnection are created in the virtual router of each data center, and Intranet is virtual
Gateway and gre tunneling equipment are added in Bridge equipment, and message data carries out point-to-point forwarding in gre tunneling, and passes through
Special line reaches adjacent data center.
2. system according to claim 1, it is characterised in that it is equal that the virtual network device is configured to virtual machine, load
Weighing apparatus, virtual memory facilities or Microsoft Loopback Adapter.
3. system according to claim 1, it is characterised in that multiple data centers configure to form open loop by gre tunneling
Topological structure.
4. system according to claim 1, it is characterised in that multiple data centers configure to form closed loop by gre tunneling
Topological structure.
5. system according to claim 3, it is characterised in that data center of at least one of the multiple data center
Middle establishment has center virtual router, and the Bridge equipment in the center virtual router bridges at least two gre tunnelings and sets
It is standby, and Intranet virtual gateway that center virtual router is connected and set up with the virtual router at adjacent data center
Two gre tunnelings be added separately in the Bridge equipment of center virtual router, with set up double layer network connection.
6. system according to claim 4, it is characterised in that the Bridge equipment of the virtual router of multiple data centers
STP modules are carried, and by opening the STP modules by multiple data center's networkings, with by the gre tunneling of multiple point-to-points
Configuration forms closed loop topological structure.
7. system according to claim 6, it is characterised in that in having been created in each data center of closed loop topological structure
Heart virtual router.
8. the implementation method of the virtual network networking of a kind of multiple data centers, it is characterised in that comprise the following steps:In physics
Point-to-point and only connection Liang Ge data centers special line is set up between multiple data centers of separation configuration, in each data center wound
Virtual router and virtual Intranet are built, by Intranet virtual gateway access of virtual router, virtual router is accessed by special line institute group
Into private line network;Directly Intranet virtual gateway and gre tunneling equipment are added in the Bridge equipment of virtual router;It is logical
The virtual router of Guo Ge data centers sets up the gre tunneling of point-to-point, and each data center passes through message of the gre tunneling to forwarding
Data are sealed up dress and are operated with decapsulation, are carried out a little between each data center with based on GRE routed encapsulations and to message data
Forwarding operation to a form.
9. implementation method according to claim 8, it is characterised in that at least selecting a data in multiple data centers
The heart, and center virtual router, the center virtual flow-line are created in the virtual router of the chosen data center
Bridge equipment in device bridges at least two gre tunneling equipment.
10. implementation method according to claim 8 or claim 9, it is characterised in that the Intranet network segment of multiple data centers is identical;
Multiple data centers configure to form open loop topological structure or closed loop topological structure by gre tunneling.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201710093085.6A CN106850387A (en) | 2017-02-21 | 2017-02-21 | A kind of system and method for the virtual network networking for realizing multiple data centers |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201710093085.6A CN106850387A (en) | 2017-02-21 | 2017-02-21 | A kind of system and method for the virtual network networking for realizing multiple data centers |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN106850387A true CN106850387A (en) | 2017-06-13 |
Family
ID=59133317
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201710093085.6A Pending CN106850387A (en) | 2017-02-21 | 2017-02-21 | A kind of system and method for the virtual network networking for realizing multiple data centers |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN106850387A (en) |
Cited By (17)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN107508730A (en) * | 2017-09-29 | 2017-12-22 | 刘昱 | A kind of data center's interconnected method and device based on SDN |
| CN107612827A (en) * | 2017-10-11 | 2018-01-19 | 郑州云海信息技术有限公司 | A kind of method and apparatus for improving strange land data center vxlan network qualities |
| CN107948041A (en) * | 2017-11-22 | 2018-04-20 | 锐捷网络股份有限公司 | The method and apparatus for building the more gateways living of VXLAN centralizations |
| CN108632351A (en) * | 2018-03-23 | 2018-10-09 | 山东昭元信息科技有限公司 | A kind of Information Exchange System |
| CN109347715A (en) * | 2018-07-17 | 2019-02-15 | 中国银联股份有限公司 | A kind of the private line network cut-in method and its system of external tenant |
| CN109728988A (en) * | 2017-10-27 | 2019-05-07 | 贵州白山云科技股份有限公司 | Across the Intranet communication means of one kind and device |
| CN110187684A (en) * | 2019-05-24 | 2019-08-30 | 北京卫星环境工程研究所 | The network function plot structure at the center spacecraft AIT |
| CN110213147A (en) * | 2019-02-22 | 2019-09-06 | 企商在线(北京)网络股份有限公司 | A kind of cloud network interoperability methods, device, storage medium and terminal device |
| CN110311861A (en) * | 2019-05-31 | 2019-10-08 | 厦门网宿有限公司 | A kind of method and apparatus guiding data traffic |
| CN110417665A (en) * | 2019-08-05 | 2019-11-05 | 浪潮云信息技术有限公司 | A kind of the EVPN group network system and method for the more Fabric scenes of data center |
| CN110868474A (en) * | 2019-11-20 | 2020-03-06 | 无锡华云数据技术服务有限公司 | Interconnection network element, network intercommunication method, system, equipment and computer medium |
| CN111726253A (en) * | 2020-06-18 | 2020-09-29 | 北京天润融通科技股份有限公司 | Cloud computing core network system |
| CN112019595A (en) * | 2020-07-17 | 2020-12-01 | 苏州浪潮智能科技有限公司 | Method and system for interconnecting multiple data centers in virtual environment |
| CN112398728A (en) * | 2019-08-14 | 2021-02-23 | 南京中兴新软件有限责任公司 | Smooth evolution method of virtual gateway, gateway equipment and storage medium |
| CN112565048A (en) * | 2020-11-20 | 2021-03-26 | 华云数据控股集团有限公司 | Three-layer VPN (virtual private network) network creation method, three-layer VPN network data transmission method, three-layer VPN network creation device, three-layer VPN network data transmission device and electronic equipment |
| CN113595848A (en) * | 2021-07-28 | 2021-11-02 | 中移(杭州)信息技术有限公司 | Communication tunnel establishment method, device, equipment and storage medium |
| CN115118506A (en) * | 2022-06-28 | 2022-09-27 | 平安银行股份有限公司 | Data interaction system between cloud networks |
Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1949767A (en) * | 2005-10-11 | 2007-04-18 | 华为技术有限公司 | Method for switching master-slave back-up route apparatus based on virtual router redundant protocol |
| CN103975563A (en) * | 2011-12-06 | 2014-08-06 | 博科通迅系统有限公司 | Lossless connection failover for single devices |
| CN105763439A (en) * | 2016-01-14 | 2016-07-13 | 杭州华三通信技术有限公司 | Data center interconnection (DCI) method and device in transparent interconnection of lots of links (TRILL) network |
| US9461969B2 (en) * | 2013-10-01 | 2016-10-04 | Racemi, Inc. | Migration of complex applications within a hybrid cloud environment |
-
2017
- 2017-02-21 CN CN201710093085.6A patent/CN106850387A/en active Pending
Patent Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1949767A (en) * | 2005-10-11 | 2007-04-18 | 华为技术有限公司 | Method for switching master-slave back-up route apparatus based on virtual router redundant protocol |
| CN103975563A (en) * | 2011-12-06 | 2014-08-06 | 博科通迅系统有限公司 | Lossless connection failover for single devices |
| US9461969B2 (en) * | 2013-10-01 | 2016-10-04 | Racemi, Inc. | Migration of complex applications within a hybrid cloud environment |
| CN105763439A (en) * | 2016-01-14 | 2016-07-13 | 杭州华三通信技术有限公司 | Data center interconnection (DCI) method and device in transparent interconnection of lots of links (TRILL) network |
Non-Patent Citations (1)
| Title |
|---|
| 唐良荣,等: "《计算机导论——计算思维和应用技术》", 30 June 2015 * |
Cited By (29)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN107508730A (en) * | 2017-09-29 | 2017-12-22 | 刘昱 | A kind of data center's interconnected method and device based on SDN |
| CN107612827A (en) * | 2017-10-11 | 2018-01-19 | 郑州云海信息技术有限公司 | A kind of method and apparatus for improving strange land data center vxlan network qualities |
| CN109728988B (en) * | 2017-10-27 | 2020-05-12 | 贵州白山云科技股份有限公司 | Inter-intranet communication method and device |
| CN109728988A (en) * | 2017-10-27 | 2019-05-07 | 贵州白山云科技股份有限公司 | Across the Intranet communication means of one kind and device |
| CN107948041A (en) * | 2017-11-22 | 2018-04-20 | 锐捷网络股份有限公司 | The method and apparatus for building the more gateways living of VXLAN centralizations |
| CN107948041B (en) * | 2017-11-22 | 2020-12-18 | 锐捷网络股份有限公司 | Method and equipment for constructing VXLAN centralized multi-active gateway |
| CN108632351A (en) * | 2018-03-23 | 2018-10-09 | 山东昭元信息科技有限公司 | A kind of Information Exchange System |
| CN108632351B (en) * | 2018-03-23 | 2021-04-23 | 山东昭元信息科技有限公司 | Information exchange system |
| CN109347715A (en) * | 2018-07-17 | 2019-02-15 | 中国银联股份有限公司 | A kind of the private line network cut-in method and its system of external tenant |
| CN109347715B (en) * | 2018-07-17 | 2021-03-30 | 中国银联股份有限公司 | Private network access method and system for external tenant |
| CN110213147A (en) * | 2019-02-22 | 2019-09-06 | 企商在线(北京)网络股份有限公司 | A kind of cloud network interoperability methods, device, storage medium and terminal device |
| CN110213147B (en) * | 2019-02-22 | 2021-09-03 | 企商在线(北京)网络股份有限公司 | Cloud network intercommunication method and device, storage medium and terminal equipment |
| CN110187684A (en) * | 2019-05-24 | 2019-08-30 | 北京卫星环境工程研究所 | The network function plot structure at the center spacecraft AIT |
| CN110311861A (en) * | 2019-05-31 | 2019-10-08 | 厦门网宿有限公司 | A kind of method and apparatus guiding data traffic |
| CN110311861B (en) * | 2019-05-31 | 2021-10-22 | 厦门网宿有限公司 | Method and device for guiding data flow |
| CN110417665A (en) * | 2019-08-05 | 2019-11-05 | 浪潮云信息技术有限公司 | A kind of the EVPN group network system and method for the more Fabric scenes of data center |
| CN110417665B (en) * | 2019-08-05 | 2021-06-11 | 浪潮云信息技术股份公司 | EVPN networking system and method for multiple Fabric scenes of data center |
| CN112398728A (en) * | 2019-08-14 | 2021-02-23 | 南京中兴新软件有限责任公司 | Smooth evolution method of virtual gateway, gateway equipment and storage medium |
| CN112398728B (en) * | 2019-08-14 | 2024-03-08 | 中兴通讯股份有限公司 | Virtual gateway smooth evolution method, gateway equipment and storage medium |
| CN110868474A (en) * | 2019-11-20 | 2020-03-06 | 无锡华云数据技术服务有限公司 | Interconnection network element, network intercommunication method, system, equipment and computer medium |
| CN111726253A (en) * | 2020-06-18 | 2020-09-29 | 北京天润融通科技股份有限公司 | Cloud computing core network system |
| CN111726253B (en) * | 2020-06-18 | 2023-10-17 | 北京天润融通科技股份有限公司 | Cloud computing core network system |
| CN112019595A (en) * | 2020-07-17 | 2020-12-01 | 苏州浪潮智能科技有限公司 | Method and system for interconnecting multiple data centers in virtual environment |
| CN112019595B (en) * | 2020-07-17 | 2022-06-21 | 苏州浪潮智能科技有限公司 | Method and system for interconnecting multiple data centers in virtual environment |
| CN112565048A (en) * | 2020-11-20 | 2021-03-26 | 华云数据控股集团有限公司 | Three-layer VPN (virtual private network) network creation method, three-layer VPN network data transmission method, three-layer VPN network creation device, three-layer VPN network data transmission device and electronic equipment |
| CN113595848A (en) * | 2021-07-28 | 2021-11-02 | 中移(杭州)信息技术有限公司 | Communication tunnel establishment method, device, equipment and storage medium |
| CN113595848B (en) * | 2021-07-28 | 2022-06-28 | 中移(杭州)信息技术有限公司 | Communication tunnel establishing method, device, equipment and storage medium |
| CN115118506A (en) * | 2022-06-28 | 2022-09-27 | 平安银行股份有限公司 | Data interaction system between cloud networks |
| CN115118506B (en) * | 2022-06-28 | 2023-10-13 | 平安银行股份有限公司 | Data interaction system between cloud networks |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN106850387A (en) | A kind of system and method for the virtual network networking for realizing multiple data centers | |
| CN106664252B (en) | Realize method, equipment and the system of service chaining | |
| CN105376154B (en) | Gradual MAC address learning | |
| CN107948041B (en) | Method and equipment for constructing VXLAN centralized multi-active gateway | |
| CN106850381A (en) | Virtual Cluster is exchanged | |
| US9847914B2 (en) | Method and system for site interconnection over a transport network | |
| CN109660441A (en) | The method and device of multicast replication in Overlay network | |
| CN103095569B (en) | A kind of thermal capacitance calamity wide area network architecture of highly redundant low cost and its implementation | |
| CN106330697A (en) | Hybrid network spanning tree establishing method, backup method and control system thereof | |
| WO2021098727A1 (en) | Network deployment method and system | |
| WO2020093994A1 (en) | Bearer side network system, fixed-mobile coexistence and convergence system, and deployment method therefor | |
| CN107566196A (en) | Network-building method and network device, customer edge and readable storage medium storing program for executing | |
| CN105490937B (en) | Ether virtual network gateway switching method and service provider's edge node devices | |
| CN105763439B (en) | The interconnected method and device of data center in a kind of multilink transparent internet | |
| CN107181691A (en) | The method, apparatus and system of message routing are realized in a kind of network | |
| CN107040441A (en) | Data transmission method, apparatus and system across data center | |
| CN102891903A (en) | NAT (Network Address Translation) converting method and equipment | |
| CN102724097B (en) | A kind of ESADI processing method and system | |
| CN106656554A (en) | Method and device for implementing LACP in MLAG environment | |
| CN102857415B (en) | Routing bridge and device and method for controlling media access control address study | |
| CN112566183A (en) | SDN controller capable of automatically turning on 5G transmission circuit | |
| CN109327377B (en) | Wide area industrial network interconnection method based on software definition | |
| CN207039909U (en) | Network system based on IPRAN networkings | |
| CN110995623B (en) | Method for controlling flooding between data centers and first switch | |
| CN104135434A (en) | Method and device for path switching in Ethernet virtualized interconnect (EVI) network |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| RJ01 | Rejection of invention patent application after publication |
Application publication date: 20170613 |
|
| RJ01 | Rejection of invention patent application after publication |