CN108768692B

CN108768692B - Network creation method, related equipment and system

Info

Publication number: CN108768692B
Application number: CN201810349094.1A
Authority: CN
Inventors: 那澎涛; 贾伟光; 王凯
Original assignee: Huawei Technologies Co Ltd
Current assignee: Huawei Technologies Co Ltd
Priority date: 2018-04-18
Filing date: 2018-04-18
Publication date: 2020-07-28
Anticipated expiration: 2038-04-18
Also published as: CN108768692A

Abstract

The method comprises the steps that a control node obtains the type of a virtual network to be created, a network segment corresponding to the network to be created, at least one first equipment identifier and at least one second equipment identifier, allocates a virtual network identifier to the virtual network to be created according to the type of the virtual network to be created, allocates AN IP address to first equipment corresponding to each first equipment identifier according to the network segment corresponding to the network to be created, allocates a V L AN identifier to each first equipment, respectively sends virtual network configuration information to each first equipment, sends the virtual network identifier and the V L AN identifier of each first equipment to a switch port connected with each first equipment, and sends the virtual network identifier to a switch port connected with each second equipment.

Description

Network creation method, related equipment and system

Technical Field

The present application relates to the field of communications technologies, and in particular, to a network creation method, a related device, and a system.

Background

In the prior art, a network (such as a network required by a mirror image environment test) is usually built by a manual building method, that is, a tester connects various devices in the network to be built to a switching device, and sets configuration information for ports on the switching device connected with the various devices in the network to be built, so that the various devices in the network to be built can communicate with each other.

However, the efficiency of manually building a network is low, the time consumed is long, the time required for building the network is usually calculated by the day, and for a more complex network, the time required for building the network is calculated by the week. Moreover, with the integration of Information Technology (IT) and Communication Technology (CT), more and more CT devices are involved in the network, such as an indoor baseband unit (BBU), a Base Station Controller (BSC), a User Equipment (UE), and a smart meter, which increase the scale and complexity of the network and further increase the time required for manually building the network.

Therefore, how to improve the efficiency of building the network and reduce the time required for building the network is an urgent problem to be solved.

Disclosure of Invention

The application provides a network establishing method, related equipment and a system, which aim to solve the problem of low network establishing efficiency in the prior art.

The method comprises the steps that a control node acquires the type of a virtual network to be created, a network segment corresponding to the network to be created, at least one first equipment identifier and at least one second equipment identifier, allocates the virtual network identifiers to the virtual network to be created according to the type of the virtual network to be created, allocates AN Internet Protocol (IP) address to first equipment corresponding to each first equipment identifier according to the network segment corresponding to the network to be created, allocates a virtual local area network (V L AN) identifier to each first equipment, and respectively sends virtual network configuration information to each first equipment, and sends the virtual network identifiers and the V L AN identifier of each first equipment to a network controller;

after obtaining the virtual network identifier and the V L AN identifier of each first-class device, the network controller determines a first switch port to which each first-class device is connected, sends first configuration information including the virtual network identifier and the V L AN identifier of the corresponding first-class device to each first switch port, so that a switch receiving the first configuration information maps the V L AN identifier of each first-class device in data sent by each first-class device through the corresponding first switch port to the virtual network identifier, determines a second switch port to which each second-class device is connected, sends second configuration information including the virtual network identifier to each second switch port, so that a switch receiving the second configuration information configures the virtual network identifier with data sent by each second-class device through the corresponding second switch port;

a first device identifier corresponds to a first type device in the virtual network to be created, a first device identifier corresponds to a second type device in the virtual network to be created, the first type device includes a server or a virtual device on the server, the second type device is a device other than the first type device, the virtual network configuration information is used to configure a respective V L AN identifier for each first type device, and the V L AN identifier of the first type device is used to identify data sent by the first type device.

By the method, each first-class device and each second-class device included in the virtual network to be created can access the virtual network to be created through the control node and the network controller, and mixed scheduling of IT devices and non-IT devices (second-class devices) such as a server and the virtual devices (first-class devices) on the server can be achieved. And when the control node and the network controller establish the virtual network, related network configuration does not need to be carried out manually, and the establishment of the virtual network can be completed quickly and automatically, so that the time required for establishing the virtual network can be saved, and the network establishment efficiency is improved.

In a possible implementation manner, the virtual network configuration information includes a V L AN identifier of a corresponding first-class device and a flow table corresponding to the first-class device, and after each first-class device receives the corresponding virtual network configuration information, the V L AN identifier in the virtual network configuration information is configured for data sent by each first-class device according to the flow table in the virtual network configuration information.

In a possible embodiment, when determining that the type of the virtual network to be created is a three-layer network, the control node notifies the network controller to create a virtual router in a gateway device; after receiving the notification of the control node, the network controller creates a virtual router on the gateway device, sends gateway configuration information to the gateway device, and establishes communication connection between the switch connected with each first-class device and each second-class device and the gateway device; wherein the gateway configuration information includes an identifier of a switch to which each of the first-class devices and each of the second-class devices are connected.

In one possible embodiment, the virtual network is a V L AN or a virtual extended local area network VX L AN.

In a possible implementation manner, the type of the virtual network to be created, the network segment corresponding to the network to be created, the at least one first device identifier, and the at least one second device identifier are obtained from a network creation request by the network orchestration service device and are sent to the control node.

In a possible implementation manner, if each of the first-class devices and each of the second-class devices are connected to at least two switches, the network controller sends third configuration information to the at least two switches, respectively, and establishes a communication connection between the at least two switches, so that the first-class devices and/or the second-class devices connected to different switches in the network to be created can communicate through the switches connected to each other; wherein the third configuration information includes the virtual network identifier and identifiers of the at least two switches except for the switch receiving the third configuration information.

In a possible embodiment, before the network controller sends the second configuration information to the switch port corresponding to the identifier of each second switch port, the network controller further obtains the V L AN identifier of each second type device, where the V L AN identifier of the second type device is used to identify data sent by the second type device, and the second configuration information further includes the V L AN identifier of the corresponding second type device.

In one possible embodiment, the network controller may determine the first switch port of each first-type device connection and the second switch port of each second-type device connection in the virtual network to be created by the following two ways:

in a first mode, the network controller receives the identifier of each first switch port and the identifier of each second switch port sent by the network orchestration service device, determines each first switch port according to the identifier of each first switch port, and determines each second switch port according to the identifier of each second switch port.

The network orchestration service device prestores a connection relationship between a first class device and a switch and a connection relationship between a second class device and a switch, and after acquiring the network creation request, the network orchestration service device 107 may further determine each first switch port according to the connection relationship between the first class device and the switch, determine each second switch port according to the connection relationship between the second class device and the switch, and send an identifier of each first switch port and an identifier of each second switch port to the network controller.

And secondly, the network controller receives the identifier of each first class device and the identifier of each second class device sent by the network orchestration service device, determines each first switch port according to the connection relationship between the first class devices and the switch, and determines each second switch port according to the connection relationship between the second class devices and the switch.

In a second aspect, the present application provides a control node having a function of implementing the behavior of the control node in the above-described method example of the first aspect. The functions can be realized by hardware, and the functions can also be realized by executing corresponding software by hardware. The hardware or software includes one or more modules corresponding to the above-described functions.

In a possible implementation manner, the structure of the control node includes a processing unit and a sending unit, and these units may execute corresponding functions in the method example of the first aspect, for specific reference, detailed description in the method example is given, and details are not repeated here.

In a possible implementation manner, the structure of the control node includes a communication interface, a memory, and a processor, and the processor is configured to support the control node to execute corresponding functions in the method provided by the first aspect. The memory is coupled to the processor and holds the necessary program instructions and data for the control node.

In a third aspect, the present application provides a network controller having functionality to implement the network controller behavior in the above-described method example of the first aspect. The functions can be realized by hardware, and the functions can also be realized by executing corresponding software by hardware. The hardware or software includes one or more modules corresponding to the above-described functions.

In a possible implementation manner, the structure of the network controller includes a processing unit, a sending unit, and a receiving unit, which may execute corresponding functions in the method example of the first aspect, for which specific reference is made to detailed description in the method example, and details are not repeated here.

In a possible implementation manner, the network controller has a structure including a communication interface, a memory, and a processor, and the processor is configured to support the network controller to execute corresponding functions in the method provided by the first aspect. The memory is coupled to the processor and retains program instructions and data necessary for the network controller.

In a fourth aspect, the present application further provides a system for creating a network, where the system includes the control node and the network controller described in the first aspect.

In a possible implementation manner, the system further includes the network orchestration service device according to the first aspect.

In a fifth aspect, the present application further provides a computer storage medium having stored thereon a software program that, when read and executed by one or more processors, implements the method provided by any of the designs of any of the aspects.

In a sixth aspect, the present application also provides a computer program product comprising instructions which, when run on a computer, cause the computer to perform any of the methods of any of the above aspects.

Drawings

Fig. 1 is a schematic structural diagram of a system for creating a network according to an embodiment of the present application;

fig. 2 is a schematic flowchart of a network creation method according to an embodiment of the present application;

fig. 3 is a schematic diagram of a topology structure of a three-layer network to be created in the embodiment of the present application;

fig. 4 is a schematic diagram of a traffic forwarding process of a three-layer network created in the embodiment of the present application;

fig. 5 is a schematic structural diagram of a control node according to an embodiment of the present application;

fig. 6 is a schematic structural diagram of a network controller according to an embodiment of the present application;

fig. 7 is a schematic structural diagram of a control node according to an embodiment of the present application;

fig. 8 is a schematic structural diagram of a network controller according to an embodiment of the present application.

Detailed Description

In order to solve the problem of low network building efficiency in the prior art, the application provides a network creating method, related equipment and a system. The method and the device are based on the same inventive concept, and because the principles of solving the problems of the method and the device are similar, the implementation of the device and the method can be mutually referred, and repeated parts are not repeated.

In the embodiment of the application, a control node acquires a type of a virtual network to be created, a network segment corresponding to the network to be created, at least one first device identifier and at least one second device identifier, allocates a virtual network identifier to the virtual network to be created according to the type of the virtual network to be created, allocates AN Internet Protocol (IP) address to a first device corresponding to each first device identifier according to a network segment corresponding to the network to be created, the IP address of each first device is in the network segment corresponding to the network to be created, allocates a virtual local area network (V L AN) identifier to each first device, and sends virtual network configuration information to each first device, the control node sends the virtual network identifier and a V L AN identifier of each first device to a network controller, the network controller determines a first port connected to each first device after acquiring the virtual network identifier and the V L AN identifier of each first device, and sends a first virtual network identifier including the virtual network identifier and a V L AN identifier corresponding to each first device, and the first switch receives the virtual network configuration information corresponding to the first switch, and the virtual network identifier is configured to each first switch receiving the first virtual network configuration information of the first switch corresponding to the second switch, and the virtual switch receives the virtual network configuration information corresponding to the first switch 4656, wherein the first switch receiving virtual network identifier, the virtual switch receives the virtual network configuration information, the virtual switch corresponding to the virtual switch receiving information, the first switch receiving information, the virtual switch receives the virtual switch corresponding to the virtual switch, the virtual switch receiving the virtual switch, the virtual switch receiving information, the virtual switch receiving the first switch receiving information, the virtual switch receiving the first switch receiving the virtual switch.

Some terms referred to in the embodiments of the present application are explained below to facilitate understanding by those skilled in the art.

1) A control node, which refers to a control node in a server cluster system (e.g., cloud computing), can manage and control at least one node.

2) V L AN is a local area network logically divided according to usage, workgroup, application, etc. on a physical network, is a broadcast domain, has no relation with physical location of users, wherein, V L AN identification (V L AN identifier, VID) with 12 bits in V L AN header in V L AN message can support 2 bits¹²And (4) VID.

3) Virtual extended local area network (VX L AN), a network virtualization technology, i.e. a two-layer overlay network is virtually created on a traditional three-layer IP network, which is essentially a two-layer virtual network technology, AN outer-layer tunnel encapsulated in a User Datagram Protocol (UDP) format is introduced as a link layer of data, and the original data message content is transmitted as a tunnel payload, so that payload data can be easily transmitted in a two-layer three-layer network²⁴VX L AN may support more virtual local area networks relative to V L AN.

4) The virtual device virtualizes a single device into multiple logical devices through a virtualization technology, so that multiple user processes can simultaneously use the logical devices, for example, a Virtual Machine (VM), a container (docker), and the like.

5) Bare metal, refers to a server that is not virtualized.

6) The rule can comprise a source Media Access Control (MAC) address, a destination MAC address, a V L AN identification, a source Internet Protocol (IP) address, a destination IP address and the like of the data, and the action corresponding to the rule can comprise discarding, forwarding, queuing and the like.

7) And/or, describing the association relationship of the associated objects, indicating that three relationships may exist. For example, a and/or B, may represent: a exists alone, A and B exist simultaneously, and B exists alone. The character "/" generally indicates that the former and latter associated objects are in an "or" relationship.

In addition, it is to be understood that the terms first, second, etc. used in the description of the present application are used for distinguishing between descriptions and not necessarily for describing a sequential or chronological order.

An application scenario and a system architecture of the embodiment of the present application are described below with reference to the drawings.

Fig. 1 illustrates a system architecture for creating a network according to an embodiment of the present application, where the system includes: a control node 101 and a network controller 102. The network controller 102 manages at least one switch 103, one switch 103 is connected to at least one first-type device 104 and/or at least one second-type device 105, the first-type device includes a server or a virtual device on the server, such as bare metal, a virtual machine or a container, and the like, and the second-type device is a device other than the first-type device, such as a mobile phone, a tablet computer, an industrial personal computer, and the like.

The control node 101 is mainly configured to allocate a virtual network identifier and manage the at least one first-class device 105, and specifically, the control node 101 is configured to acquire a type of a virtual network to be created, a network segment corresponding to the network to be created, at least one first device identifier and at least one second device identifier, allocate a virtual network identifier to the virtual network to be created according to the type of the virtual network to be created, allocate AN IP address to a first-class device corresponding to each first device identifier according to the network segment corresponding to the network to be created, where the IP address of each first-class device is in the network segment corresponding to the network to be created, allocate a V L AN identifier to each first-class device, and send virtual network configuration information to each first-class device, and send the virtual network identifier and the V L AN identifier of each first-class device to the network controller 102.

Wherein, a first device identifier corresponds to a first type device in the virtual network to be created, a first device identifier corresponds to a second type device in the virtual network to be created, the virtual network configuration information is used to configure a respective V L AN identifier for each first type device, and the V L AN identifier of the first type device is used to identify data sent by the first type device.

The network controller 103 is mainly configured to manage and control the switch 104 and the gateway device 106, so that the first class device 104 and the second class device 105 access a corresponding virtual network to complete creation of the virtual network, and specifically, the network controller 102 is configured to obtain a virtual network identifier corresponding to the virtual network to be created through the control node 101, determine a first switch port connected to each first class device 104 in the virtual network to be created and a second switch port connected to each second class device 105 in the virtual network to be created, respectively send first configuration information to each first switch port, where the first configuration information includes the virtual network identifier and a V L AN identifier of the corresponding first class device, and respectively send second configuration information to each second switch port, where the second configuration information includes the virtual network identifier.

In a specific embodiment, the network controller may be a software-defined network (SDN) controller.

The switch 103 is mainly configured to receive configuration information sent by the network controller 103, and process data sent by the first class device 104 and the second class device 105 according to the received configuration information, specifically, the switch 103 is configured to receive corresponding first configuration information through each first switch port, map, according to the first configuration information, a V L AN identifier of each first class device in data sent by each first class device through the corresponding first switch port as the virtual network identifier, receive corresponding second configuration information through each second switch port, and configure, according to the second configuration information, the virtual network identifier for data sent by each second class device through the corresponding second switch port.

In a possible implementation, the system further includes a network orchestration service device 107, configured to obtain a network creation request, where the network creation request includes at least: the type of the network to be created, a network segment corresponding to the network to be created, at least one first equipment identifier and at least one second equipment identifier; and sending the type of the network to be created, the network segment corresponding to the network to be created, at least one first device identifier, and at least one second device identifier to the control node 101.

Optionally, the network creation request may further include a V L AN identifier of each second-class device in the virtual network to be created, AN IP address of each first-class device in the virtual network to be created, and/or AN IP address of each second-class device in the virtual network to be created.

Optionally, the network orchestration service device 107 may store the connection relationships between the switch 103 and the first type device 104 and the second type device 105 in advance, and after acquiring the network creation request, may further be configured to: according to the connection relationship, a first switch port to which each first device is connected and a second switch port to which each second device is connected in the network creation request are determined, and an identifier of each first switch port and an identifier of each second switch port are sent to the network controller 102.

Optionally, after acquiring the network creation request, the network orchestration service device 107 is further configured to, before sending the type of the network to be created, the network segment corresponding to the network to be created, the at least one first device identifier, and the at least one second device identifier to the control node 101: and verifying the network creation request, and determining that the network creation request passes the verification.

For example, the network orchestration service device 107 verifies whether the format of the network creation request meets a set requirement, and if so, determines that the network creation request passes verification, otherwise, does not pass verification; and/or verifying whether the first-class device and the second-class device in the network creation request exist or not according to the connection relationship between the switch 103, the first-class device 104 and the second-class device 105 stored in the switch, and if yes, determining that the network creation request passes verification, otherwise, determining that the network creation request does not pass verification.

Based on the system for creating a network shown in fig. 1, an embodiment of the present application provides a method for creating a network, which is shown in fig. 2 and specifically includes the following steps:

s201: the control node 101 obtains the type of the virtual network to be created, a network segment corresponding to the network to be created, at least one first device identifier, and at least one second device identifier.

The type of the virtual network to be created can be a two-layer network or a three-layer network.

In a specific embodiment, the control node 101 may obtain, through the network orchestration service device 107, a type of the virtual network to be created, a network segment corresponding to the network to be created, at least one first device identifier, and at least one second device identifier, where the type of the virtual network to be created, the network segment corresponding to the network to be created, the at least one first device identifier, and the at least one second device identifier are carried in a network creation request obtained by the network orchestration service device 106, and the network service orchestration device 106 may interface with the control node 101 through a northbound interface account.

S202: and the control node 101 allocates a virtual network identifier to the virtual network to be created according to the type of the virtual network to be created.

In a possible embodiment, the virtual network identifier corresponding to the virtual network to be created may be a V L AN identifier or a VX L AN identifier, when the virtual network identifier is a VX L AN identifier, more virtual networks may be created simultaneously by the control node 101 and the network controller 102, so as to meet the network creation requirement of more users.

S203: the control node 101 allocates an IP address to the first type device 104 corresponding to each first device identifier. And the IP address of each first-class device is in the network segment corresponding to the network to be created.

In a possible implementation manner, the control node 101 may further allocate an IP address to each second device identifier corresponding to the second type device 105. And the IP address of each second type device is in the network segment corresponding to the network to be created.

In a specific embodiment, when the network creation request obtained by the network orchestration service device 107 further includes an IP address of each first-class device, the control node 101 may further receive the IP address of each first-class device, and allocate an IP address to each first-class device 104 according to the obtained IP address of each first-class device, where the IP address of each first-class device in the network creation request is in a network segment corresponding to the network to be created.

S204, the control node 101 allocates a V L AN identifier to each first-class device, and respectively sends virtual network configuration information to each first-class device.

The virtual network configuration information is used for configuring, for each first-class device, a respective V L AN for identifying the V L AN of the first-class device, and identifying data sent by the first-class device.

Specifically, when the first type device is a server that is not virtualized, the control node 101 sends virtual network configuration information to each first type device; when the first type of device is a virtual device (e.g., a VM or a container) on a server, the control node 101 sends virtual network configuration information to the server where each first type of device is located.

In implementation, the control node 101 configures a virtual local area network V L AN identifier for each first-type device, so that traffic isolation of different first-type devices can be achieved.

Specifically, the virtual network configuration information includes a V L AN identifier of a corresponding first-class device and a flow table corresponding to the first-class device, and after each first-class device receives the corresponding virtual network configuration information, the V L AN identifier in the virtual network configuration information is configured for data sent by each first-class device according to the flow table in the virtual network configuration information.

It should be noted that, in the embodiment of the present application, the sequence of the step S203 and the step S204 is not limited, and the control node 101 may first execute the step S203 and then execute the step S204, may also first execute the step S204 and then execute the step S203, and may also execute the step S203 and the step S204 at the same time.

S205, the control node 101 sends the virtual network identifier and the V L AN identifier of each first type device to the network controller 102.

Correspondingly, the network controller 102 obtains a virtual network identifier corresponding to the virtual network to be created and a virtual local area network V L AN identifier of each first-class device in the virtual network to be created.

In a possible embodiment, if the control node 101 determines that the type of the virtual network to be created is a three-hop network, the network controller 102 is further notified to create a virtual router (vrouter) on a gateway device.

Correspondingly, after receiving the notification from the control node 101, the network controller 102 instructs the gateway device to create a virtual router, sends gateway configuration information to the gateway device, and establishes communication connection between the switch connected to each first-type device and each second-type device and the gateway device; wherein the gateway configuration information includes an identifier of a switch to which each of the first-class devices and each of the second-class devices are connected.

S206: the network controller 102 determines a first switch port to which each first-type device is connected and a second switch port to which each second-type device in the virtual network to be created is connected.

Accordingly, the switch 103 corresponding to each first switch port receives the first configuration message.

In one possible embodiment, the network controller 102 may determine the first switch port of each first-type device connection and the second switch port of each second-type device connection in the virtual network to be created by, but not limited to, the following two methods:

in a first method, the network controller 102 receives the identifier of each first switch port and the identifier of each second switch port sent by the network orchestration service device 107, determines each first switch port according to the identifier of each first switch port, and determines each second switch port according to the identifier of each second switch port.

The network orchestration service device 107 pre-stores a connection relationship between a first type device and a switch and a connection relationship between a second type device and a switch, and after acquiring the network creation request, the network orchestration service device 107 may further determine each first switch port according to the connection relationship between the first type device and the switch, determine each second switch port according to the connection relationship between the second type device and the switch, and send an identifier of each first switch port and an identifier of each second switch port to the network controller 102.

In the second method, the network controller 102 receives the identifier of each first-class device and the identifier of each second-class device sent by the network orchestration service device 107, determines each first switch port according to the connection relationship between the first-class device and the switch, and determines each second switch port according to the connection relationship between the second-class device and the switch.

And S207, the network controller 102 sends first configuration information to each first switch port respectively, wherein the first configuration information comprises the virtual network identifier and the V L AN identifier of the corresponding first-class device.

S208: the network controller 102 sends second configuration information to each second switch port, respectively. Wherein the second configuration information comprises the virtual network identification.

Accordingly, the switch 103 corresponding to each second switch port receives the second configuration message.

It should be noted that, in the embodiment of the present application, the sequence of the step S207 and the step S208 is not limited, and the network controller 102 may first execute the step S207 and then execute the step S208, may first execute the step S208 and then execute the step S207, and may also execute the step S207 and the step S208 at the same time.

S209, the switch 103 corresponding to each first switch port maps the V L AN identifier of each first type device in the data sent by each first type device through the corresponding first switch port to the virtual network identifier according to the first configuration information.

S210: the switch 103 corresponding to each second switch port configures the virtual network identifier for the data sent by each second type device through the corresponding second switch port according to the second configuration information.

In a possible embodiment, if each first-type device 104 and each second-type device 105 are connected to at least two switches 103, the network controller 102 sends third configuration information to the at least two switches 103, respectively, to establish a communication connection between the at least two switches, where the third configuration information includes the virtual network identifier and identifiers of switches of the at least two switches except for the switch receiving the third configuration information, where when the identifier of the virtual network is a VX L AN identifier, the network controller 102 establishes a communication connection between the at least two switches as a VX L AN tunnel.

In a possible embodiment, the network controller 102 further obtains a V L AN identifier of each second-class device, and the V L AN identifier of each second-class device is used to identify data sent by the second-class device, at this time, the second configuration information sent by the network controller 102 to each second switch port further includes a V L AN identifier of the corresponding second-class device, and is used to map the V L AN identifier of each second-class device in the data sent by each second-class device through the corresponding second switch port to the virtual network identifier.

The network controller 102 may obtain, through the network orchestration service device 106, the V L AN identifier of each second type device, where the V L AN identifier of each second type device is carried in the network creation request obtained by the network orchestration service device 107, and the network service orchestration device 106 may interface with the network controller 102 through a northbound interface account.

In a possible implementation manner, if each second-class device is accessed in AN untag manner, the data sent by each second-class device to the switch connected to each second-class device does not have a corresponding V L AN identifier, and the switch connected to each second-class device adds the virtual network identifier to the data on the switch connected to each second-class device according to the second configuration information.

In a possible implementation manner, if the type of the network to be created in the network creation request acquired by the network service orchestration device 106 is a layer of network, the network service orchestration device 106 directly issues an instruction to the optical circuit switch according to the acquired network creation request, so as to implement creation of the layer of network.

It should be noted that the control node 101 and the network controller 102 may simultaneously create two or more virtual networks, and the virtual network creating method is as described in steps S201 to S210 above for any one of the two or more virtual networks.

By the network creation method, each first-class device and each second-class device included in the virtual network to be created can access the virtual network to be created through the control node 101 and the network controller 102, that is, mixed scheduling of IT devices and non-IT devices (second-class devices) such as servers and virtual devices (first-class devices) on the servers can be realized, and the control node 101 configures the V L AN identifier for the first-class devices, so that flow isolation of different first-class devices can be realized.

The network creation method provided by the embodiment of the present application is described in detail below with a specific embodiment, where the network controller is an SDN controller, and the virtual network to be created is a three-layer network, and a topology structure of the three-layer network is shown in fig. 3. The three-layer network creation mainly comprises the following steps:

1. the network orchestration service device obtains a network creation request, where the network creation request includes the type of the virtual network to be created (networks _ l3), a network segment (192.168.0.0/24) corresponding to the virtual network to be created, AN identifier of a VM (first type device) included in the virtual network to be created, AN IP address of the VM (192.168.0.2), AN identifier of a physical device included in the virtual network to be created (second type device), a V L AN identifier (1000) of the physical device, and AN IP address of the physical device (192.168.0.3).

Wherein the network creation request may be described in a javascript object notation (JSON) format as shown below:

2. the network orchestration service analyzes the network creation request, sends the type of the virtual network to be created, the network segment corresponding to the virtual network to be created, the identifier of the VM, and the IP address of the VM to a control node, sends the identifier of the physical device and the V L AN identifier of the physical device to AN SDN controller, and notifies the SDN controller to create a virtual router on a gateway device.

3. The control node allocates a VIN20000 to the virtual network to be created according to the type of the virtual network to be created, and sends the VIN20000 to the SDN controller.

4. And the control node allocates the IP address for the VM according to the network segment corresponding to the virtual network to be created and the IP address of the VM.

5. And the control node sends OVS configuration information to a server where the VM is located, configures a V L AN identifier X for the WM, and sends the V L AN identifier X of the VM to AN SDN controller, wherein the OVS configuration information comprises the flow table of the WM and the V L AN identifier X of the VM.

6. The SDN controller determines a port of the ToR switch 1 to which the VM is connected, and issues first configuration information to the port of the ToR switch 1, where the first configuration information includes a V L AN identifier (X) and a VIN20000 of the VM.

7. The SDN controller determines a port of the ToR switch 2 to which the physical device is connected, and issues second configuration information to the port of the ToR switch 2, where the second configuration information includes a V L AN identifier (1000) and a VIN20000 of the physical device.

8. And the SDN controller respectively sends third configuration information to the TOR switch 1 connected with the VM and the TOR switch 2 connected with the physical device, and a VX L AN tunnel is established between the TOR switch 1 and the TOR switch 2.

The third configuration information of the VX L AN tunnel end point (VTEP) 1 sent by the SDN controller to the ToR switch 1 includes the identities of the VNI 2000 and the ToR switch 2, and the third configuration information of the VTEP2 sent to the ToR switch 2 includes the identities of the VNI 2000 and the ToR switch 1.

9. After receiving the notification of the network orchestration service device, the SDN controller instructs the gateway device to create a virtual router, and sends gateway configuration information to the gateway device, where a VX L AN tunnel is established for VNI 20000 between the gateway device and the ToR switch 1 and the ToR switch 2, where the gateway configuration information includes AN identifier of the ToR switch 1 and AN identifier of the ToR switch 2.

The process of forwarding traffic from the VM to the physical device in the three-layer virtual network established through the above steps 1 to 9 is shown in fig. 4, and mainly includes the following steps:

1. the VM sends data to be sent to a ToR switch 1 through a message 1, where the message 1 carries data (payload) sent by the VM to the physical device, a Source Media Access Control (SMAC) address (i.e., a MAC address (VM MAC) of the VM), a Destination Media Access Control (DMAC) address (i.e., a MAC address (DEV MAC) of the physical device), a V L AN identifier (X) of the VM, a Source IP (SIP) address (i.e., AN IP address 192.168.0.2 of the VM), and a destination IP (destination IP, DIP) address (i.e., AN IP address 192.168.0.3 of the physical device).

2. The ToR switch 1 maps the V L AN identifier (1000) of the VM in the message 1 to a VX L AN identifier (20000), adds the MAC address of the VTPE1 of the ToR switch 1 to the message 1 as the SMAC address of the next hop, adds the IP address of the VTPE1 of the ToR switch 1 as the SIP address of the next hop and adds the IP address of the VTPE2 of the ToR switch 2 as the DIP address of the next hop to obtain a message 2, and forwards the message 2 to the ToR switch 2.

3. The ToR switch 2 parses the message 2, and sends a message 3 to the physical device, where the message 3 carries the data (payload) sent by the VM to the physical device, the SMAC address (i.e. the MAC address (vmac) of the VM), the DMAC address (i.e. the MAC address (DEV MAC) of the physical device), the V L AN identifier (1000) of the physical device, the SIP address (i.e. the IP address 192.168.0.2 of the VM), and the DIP address (i.e. the IP address 192.168.0.3 of the physical device) in the message 1.

Based on the above embodiments, an embodiment of the present application provides a control node, where the control node is configured to implement the network creation method shown in fig. 2, and referring to fig. 5, the control node 500 includes: a processing unit 501 and a transmitting unit 502.

The processing unit 501 is configured to obtain a type of a virtual network to be created, a network segment corresponding to the network to be created, at least one first device identifier, and at least one second device identifier, where one first device identifier corresponds to one first device in the virtual network to be created, and one first device identifier corresponds to one second device in the virtual network to be created, where the first device includes a server or a virtual device on the server, and the second device is a device other than the first device;

the sending unit 502 is configured to send, under the control of the processing unit 501, virtual network configuration information to each first-class device, where the virtual network configuration information is used to configure a respective V L AN identifier for data sent by each first-class device, send, through a network controller, the virtual network identifier and the V L AN identifier of each first-class device to a switch port connected to each first-class device, and send, through the network controller, the virtual network identifier to a switch port connected to each second-class device.

In a possible implementation, the processing unit 501 is further configured to: when determining that the type of the virtual network to be created is a three-layer network, the sending unit 502 is controlled to notify the network controller to create a virtual router in a gateway device.

In a possible implementation manner, the control node 500 further includes a receiving unit 503, configured to receive the type of the virtual network to be created, a network segment corresponding to the network to be created, the at least one first device identifier, and the at least one second device identifier, which are obtained and sent by the network orchestration service device from the network creation request.

Based on the foregoing embodiments, an embodiment of the present application provides a network controller, where the network controller is configured to implement the network creation method shown in fig. 2, and referring to fig. 6, the network controller 600 includes: a processing unit 601 and a transmitting unit 602.

The processing unit 601 is configured to obtain a virtual network identifier corresponding to a to-be-created virtual network and a virtual local area network V L AN identifier of each first-class device in the to-be-created virtual network, where the virtual network identifier is allocated by a control node according to a type of the to-be-created network, the V L AN identifier of each first-class device is allocated by the control node to each first-class device, the first-class device is a server or a virtual device on the server, and the V L AN identifier of the first-class device is used to identify data sent by the first-class device;

the sending unit 602 is configured to send first configuration information to each first switch port respectively under the control of the processing unit 601, where the first configuration information includes the virtual network identifier and a V L AN identifier of a corresponding first-class device, and is used to map, in data sent by each first-class device through a corresponding first switch port, the V L AN identifier of each first-class device into the virtual network identifier, and send second configuration information respectively to each second switch port under the control of the processing unit 601, where the second configuration information includes the virtual network identifier, and is used to configure the virtual network identifier for the data sent by each second-class device through a corresponding second switch port.

In a possible implementation manner, if each first-type device and each second-type device are connected to at least two switches, the sending unit 602 is further configured to: respectively sending third configuration information to the at least two switches under the control of the processing unit 601, and establishing communication connection between the at least two switches;

wherein the third configuration information includes the virtual network identifier and identifiers of the at least two switches except for the switch receiving the third configuration information.

In a possible implementation manner, the network controller further includes a receiving unit 603, configured to receive, when the type of the virtual network to be created is a three-layer network, a notification sent by a control node and used for instructing the network controller to create a virtual router on a gateway device;

the processing unit 601 is further configured to: controlling the sending unit 602 to send gateway configuration information to the gateway device, and establishing communication connection between the switch connected to each first-class device and each second-class device and the gateway device; wherein the gateway configuration information includes an identifier of a switch to which each of the first-class devices and each of the second-class devices are connected.

In a possible implementation manner, before the sending unit 602 sends the second configuration information to the switch port corresponding to the identifier of each second switch port, the processing unit 601 is further configured to obtain a V L AN identifier of each second type device, where the V L AN identifier of the second type device is used to identify data sent by the second type device, and the second configuration information further includes a V L AN identifier of the corresponding second type device.

In a possible implementation, the receiving unit 603 is further configured to: receiving the identifier of each first switch port and the identifier of each second switch port sent by the network orchestration service device;

when determining the first switch port connected to each first class device and the second switch port connected to each second class device in the virtual network to be created, the processing unit 601 is specifically configured to: determining each first switch port according to the identifier of each first switch port, and determining each second switch port according to the identifier of each second switch port; alternatively, the first and second electrodes may be,

the receiving unit 603 is further configured to: receiving the identification of each first class device and the identification of each second class device sent by the network orchestration service device;

when determining the first switch port connected to each first class device and the second switch port connected to each second class device in the virtual network to be created, the processing unit 601 is specifically configured to: and determining each first switch port according to the connection relationship between the first type of equipment and the switch, and determining each second switch port according to the connection relationship between the second type of equipment and the switch.

It should be noted that the division of the unit in the embodiment of the present application is schematic, and is only a logic function division, and there may be another division manner in actual implementation. The functional modules in the embodiments of the present application may be integrated into one processing unit, or each unit may exist alone physically, or two or more units are integrated into one unit. The integrated unit can be realized in a form of hardware, and can also be realized in a form of a software functional unit.

The integrated unit, if implemented in the form of a software functional unit and sold or used as a stand-alone product, may be stored in a computer readable storage medium. Based on such understanding, the technical solution of the present application may be substantially implemented or contributed by the prior art, or all or part of the technical solution may be embodied in a software product, which is stored in a storage medium and includes instructions for causing a computer device (which may be a personal computer, a server, a network device, or the like) or a processor (processor) to execute all or part of the steps of the method according to the embodiments of the present application. And the aforementioned storage medium includes: various media capable of storing program codes, such as a usb disk, a removable hard disk, a read-only memory (ROM), a Random Access Memory (RAM), a magnetic disk, or an optical disk.

Based on the above embodiments, the embodiments of the present application further provide a control node, where the control node is used to implement the network creation method shown in fig. 2, and has the function of the control node 500 shown in fig. 5. Referring to fig. 7, the control node 700 includes: memory 701, processor 702, and communication interface 703. The processor 702 is interconnected with the memory 701 and the communication interface 703.

The memory 701 is used for storing program instructions;

the processor 702 is configured to call the program instructions stored in the memory 701, and execute:

acquiring the type of a virtual network to be created, a network segment corresponding to the network to be created, at least one first equipment identifier and at least one second equipment identifier; a first device identifier corresponds to a first type device in the virtual network to be created, a first device identifier corresponds to a second type device in the virtual network to be created, the first type device comprises a server or a virtual device on the server, and the second type device is a device other than the first type device;

distributing a virtual network identifier for the virtual network to be created according to the type of the virtual network to be created;

allocating an Internet Protocol (IP) address to first-class equipment corresponding to each first-class equipment identifier, wherein the IP address of each first-class equipment is in a network segment corresponding to the network to be established;

distributing a virtual local area network (V L AN) identifier to each first-class device, and controlling the communication interface to respectively send virtual network configuration information to each first-class device, wherein the virtual network configuration information is used for configuring a respective V L AN identifier for data sent by each first-class device, and the V L AN identifier of each first-class device is used for identifying the data sent by the first-class device;

the communication interface 703 is configured to send virtual network configuration information to each first-class device under the control of the processor, send the virtual network identifier and the V L AN identifier of each first-class device to a switch port connected to each first-class device through a network controller, and send the virtual network identifier to a switch port connected to each second-class device through the network controller.

The memory 701 may include a volatile memory (volatile memory), such as a random-access memory (RAM); the memory 701 may also include a non-volatile memory (non-volatile memory), such as a flash memory (also called flash memory), a Hard Disk Drive (HDD), or a solid-state drive (SSD); the memory 701 may also comprise a combination of memories of the kind described above.

The processor 702 may be a Central Processing Unit (CPU), a Network Processor (NP), or a combination of a CPU and an NP, the processor 702 may further include a hardware chip, which may be an application-specific integrated circuit (ASIC), a programmable logic device (P L D), or a combination thereof, the P L D may be a complex programmable logic device (CP L D), a field-programmable gate array (FPGA), a general array logic (GA L), or any combination thereof.

The processor 702, the memory 701 and the communication interface 703 may be connected to each other by a bus 704. The bus 704 may be a Peripheral Component Interconnect (PCI) bus, an Extended Industry Standard Architecture (EISA) bus, or the like. The bus may be divided into an address bus, a data bus, a control bus, etc. For ease of illustration, only one thick line is shown in FIG. 7, but this is not intended to represent only one bus or type of bus.

In a possible implementation, the processor 701 is further configured to: when the type of the virtual network to be created is determined to be a three-layer network, controlling the communication interface to inform the network controller to create a virtual router in gateway equipment;

the communication interface 703 is further configured to: notifying the network controller under control of the processor to create a virtual router in a gateway device.

Based on the above embodiments, the present application further provides a network controller, which is used for implementing the network creation method shown in fig. 2 and has the function of the control node 600 shown in fig. 6. Referring to fig. 8, the network controller 800 includes: a memory 801, a processor 802, and a communication interface 803. The processor 802 is interconnected with the memory 801 and the communication interface 803.

The memory 801 is used for storing program instructions;

the processor 802 is configured to call the program instructions stored in the memory 801 to execute:

acquiring a virtual network identifier corresponding to a virtual network to be created and a virtual local area network (V L AN) identifier of each first-class device in the virtual network to be created, wherein the virtual network identifier is allocated by a control node according to the type of the network to be created, the V L AN identifier of each first-class device is allocated by the control node to each first-class device, the first-class device is a server or a virtual device on the server, and the V L AN identifier of the first-class device is used for identifying data sent by the first-class device;

determining a first switch port connected with each first-class device and a second switch port connected with each second-class device in the virtual network to be created; wherein the second type of device is a device other than the first type of device;

the communication interface 803 is controlled to respectively send first configuration information to each first switch port, wherein the first configuration information comprises the virtual network identifier and a V L AN identifier of a corresponding first class device, and is used for mapping the V L AN identifier of each first class device in data sent by each first class device through the corresponding first switch port into the virtual network identifier;

the communication interface 803 is configured to send first configuration information to each first switch port under the control of the processor; and sending second configuration information to each second switch port respectively under the control of the processor.

Wherein the memory 801 may include volatile memory, such as RAM; the memory 801 may also include a non-volatile memory, such as a flash memory, HDD, or SSD; the memory 801 may also comprise a combination of memories of the kind described above.

The processor 802 may be a CPU, NP, or a combination of CPU and NP, the processor 802 may further include a hardware chip, which may be an ASIC, P L D, or a combination thereof, the P L D may be a CP L D, an FPGA, a GA L, or any combination thereof.

The processor 802, together with the memory 801 and the communication interface 803, may be interconnected by a bus 804. The bus 804 may be a PCI bus or an EISA bus, etc. The bus may be divided into an address bus, a data bus, a control bus, etc. For ease of illustration, only one thick line is shown in FIG. 8, but this is not intended to represent only one bus or type of bus.

In a possible implementation manner, if each first-type device and each second-type device are connected to at least two switches, the processor 802 is further configured to: controlling the communication interface to respectively send third configuration information to the at least two switches, and establishing communication connection between the at least two switches;

In a possible implementation, when the type of the virtual network to be created is a three-layer network, the communication interface is further configured to: receiving a notification sent by a control node and used for indicating the creation of a virtual router on a gateway device;

the processor is further configured to: creating a virtual router on the gateway equipment according to the notification, controlling the communication interface to send gateway configuration information to the gateway equipment, and establishing communication connection between the switch connected with each first-class equipment and each second-class equipment and the gateway equipment; wherein the gateway configuration information includes an identifier of a switch to which each of the first-class devices and each of the second-class devices are connected.

In a possible implementation manner, before controlling the communication interface 803 to respectively send the second configuration information to the switch port corresponding to the identifier of each second switch port, the processor 802 is further configured to:

and acquiring the V L AN identification of each second-class device, wherein the V L AN identification of each second-class device is used for identifying data sent by the second-class device, and the second configuration information also comprises the V L AN identification of the corresponding second-class device.

In a possible implementation, the communication interface 803 is further configured to: receiving the identifier of each first switch port and the identifier of each second switch port sent by the network orchestration service device;

when determining the first switch port connected to each first-class device and the second switch port connected to each second-class device in the virtual network to be created, the processor 802 is specifically configured to: determining each first switch port according to the identifier of each first switch port, and determining each second switch port according to the identifier of each second switch port; alternatively, the first and second electrodes may be,

the communication interface 803 is further configured to: receiving the identification of each first class device and the identification of each second class device sent by the network orchestration service device;

when determining the first switch port connected to each first-class device and the second switch port connected to each second-class device in the virtual network to be created, the processor 802 is specifically configured to: and determining each first switch port according to the connection relationship between the first type of equipment and the switch, and determining each second switch port according to the connection relationship between the second type of equipment and the switch.

In summary, the embodiments of the present application provide a network creation method, related devices, and a system, in which each first-class device and each second-class device included in a to-be-created virtual network can access the to-be-created virtual network through a control node and a network controller, that is, a hybrid scheduling of an IT device and a non-IT device (second-class device) such as a virtual device (first-class device) on a server and a server can be implemented. And when the control node and the network controller establish the virtual network, related network configuration does not need to be carried out manually, and the establishment of the virtual network can be completed quickly and automatically, so that the time required for establishing the virtual network can be saved, and the network establishment efficiency is improved.

The present application is described with reference to flowchart illustrations and/or block diagrams of methods, apparatus (systems), and computer program products according to embodiments of the application. It will be understood that each flow and/or block of the flow diagrams and/or block diagrams, and combinations of flows and/or blocks in the flow diagrams and/or block diagrams, can be implemented by computer program instructions. These computer program instructions may be provided to a processor of a general purpose computer, special purpose computer, embedded processor, or other programmable data processing apparatus to produce a machine, such that the instructions, which execute via the processor of the computer or other programmable data processing apparatus, create means for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.

These computer program instructions may also be stored in a computer-readable memory that can direct a computer or other programmable data processing apparatus to function in a particular manner, such that the instructions stored in the computer-readable memory produce an article of manufacture including instruction means which implement the function specified in the flowchart flow or flows and/or block diagram block or blocks.

These computer program instructions may also be loaded onto a computer or other programmable data processing apparatus to cause a series of operational steps to be performed on the computer or other programmable apparatus to produce a computer implemented process such that the instructions which execute on the computer or other programmable apparatus provide steps for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.

It will be apparent to those skilled in the art that various changes and modifications may be made in the embodiments of the present application without departing from the spirit and scope of the embodiments of the present application. Thus, if such modifications and variations of the embodiments of the present application fall within the scope of the claims of the present application and their equivalents, the present application is also intended to encompass such modifications and variations.

Claims

1. A network creation method, comprising:

the method comprises the steps that a control node obtains the type of a virtual network to be created, a network segment corresponding to the network to be created, at least one first equipment identifier and at least one second equipment identifier; a first device identifier corresponds to a first type device in the virtual network to be created, a second device identifier corresponds to a second type device in the virtual network to be created, the first type device comprises a server or a virtual device on the server, and the second type device is a device other than the first type device;

the control node allocates a virtual network identifier for the virtual network to be created according to the type of the virtual network to be created;

the control node allocates an Internet Protocol (IP) address to the first type equipment corresponding to each first equipment identifier, and the IP address of each first type equipment is in the network segment corresponding to the network to be established;

the control node allocates a virtual local area network (V L AN) identifier to each first-class device and respectively sends virtual network configuration information to each first-class device, wherein the virtual network configuration information is used for configuring respective V L AN identifiers for data sent by each first-class device, and the V L AN identifiers of the first-class devices are used for identifying the data sent by the first-class devices;

the control node sends the virtual network identification and the V L AN identification of each first-class device to a switch port connected with each first-class device through a network controller;

and the control node sends the virtual network identifier to the switch port connected with each second type device through the network controller.

2. The method of claim 1, further comprising:

and when the control node determines that the type of the virtual network to be created is a three-layer network, the control node informs the network controller to create a virtual router in the gateway equipment.

3. The method of claim 1 or 2, wherein the virtual network is a V L AN or a virtual extended local area network VX L AN.

4. The method according to claim 1 or 2, wherein the type of the virtual network to be created, the network segment corresponding to the network to be created, the at least one first device identifier, and the at least one second device identifier are obtained from a network creation request by a network orchestration service device and sent to the control node.

5. A network creation method, comprising:

the method comprises the steps that a network controller obtains a virtual network identifier corresponding to a virtual network to be created and a virtual local area network (V L AN) identifier of each first type device in the virtual network to be created, wherein the virtual network identifier is distributed by a control node according to the type of the network to be created, the V L AN identifier of each first type device is distributed by the control node for each first type device, the first type device is a server or a virtual device on the server, and the V L AN identifier of the first type device is used for identifying data sent by the first type device;

the network controller determines a first switch port connected with each first-class device and a second switch port connected with each second-class device in the virtual network to be created; wherein the second type of device is a device other than the first type of device;

the first configuration information comprises the virtual network identification and a V L AN identification of corresponding first-class equipment, and is used for mapping the V L AN identification of each first-class equipment in data sent by each first-class equipment through the corresponding first switch port into the virtual network identification;

and the network controller respectively sends second configuration information to each second switch port, wherein the second configuration information comprises the virtual network identifier and is used for configuring the virtual network identifier for the data sent by each second type device through the corresponding second switch port.

6. The method of claim 5, wherein if each first class device and each second class device connects at least two switches, the method further comprises:

the network controller respectively sends third configuration information to the at least two switches, and communication connection is established between the at least two switches;

7. The method of claim 5 or 6, further comprising:

when the type of the virtual network to be created is a three-layer network, the network controller receives a notification of a control node and then creates a virtual router on gateway equipment;

the network controller sends gateway configuration information to the gateway equipment, and communication connection is established between the switch connected with each first-class equipment and each second-class equipment and the gateway equipment;

wherein the gateway configuration information includes an identifier of a switch to which each of the first-class devices and each of the second-class devices are connected.

8. The method according to claim 5 or 6, wherein before the network controller sends the second configuration information to the switch port corresponding to the identifier of each second switch port, the method further comprises:

the network controller acquires the V L AN identification of each second type device, wherein the V L AN identification of each second type device is used for identifying data sent by the second type device;

the second configuration information further includes a V L AN identification of the corresponding second type device.

9. The method of claim 5 or 6, wherein the network controller determining a first switch port of each first-type device connection and a second switch port of each second-type device connection in the virtual network to be created, comprises:

the network controller receives the identifier of each first switch port and the identifier of each second switch port sent by the network orchestration service device, determines each first switch port according to the identifier of each first switch port, and determines each second switch port according to the identifier of each second switch port; alternatively, the first and second electrodes may be,

and the network controller receives the identifier of each first class device and the identifier of each second class device sent by the network orchestration service device, determines each first switch port according to the connection relationship between the first class device and the switch, and determines each second switch port according to the connection relationship between the second class device and the switch.

10. A system for creating a network, comprising: a control node and a network controller;

the control node is configured to receive the type of a virtual network to be created and a network segment, at least one first device identifier, and at least one second device identifier of the virtual network to be created, where one first device identifier corresponds to one first device in the virtual network to be created, one second device identifier corresponds to one second device in the virtual network to be created, the first device is a server or a virtual device on the server, and the second device is a device other than the first device; and the number of the first and second groups,

allocating a virtual network identifier to the virtual network to be created according to the type of the virtual network to be created, allocating AN Internet Protocol (IP) address to a first type device corresponding to each first device identifier, wherein the IP address of each first type device is in a network segment corresponding to the network to be created, respectively sending virtual network configuration information to each first type device, and allocating a virtual local area network (V L AN) identifier to each first type device, wherein the virtual network configuration information comprises a V L AN identifier of the corresponding first type device and a flow table corresponding to the first type device, and a V L AN identifier of the first type device is used for identifying data sent by the first type device,

sending the virtual network identification and the V L AN identification of each first-class device to a switch port connected with each first-class device through a network controller;

the network controller is configured to obtain the virtual network identifier and a virtual local area network V L AN identifier of each first-class device through the control node, determine a first switch port connected to each first-class device and a second switch port connected to each second-class device in the virtual network to be created, send first configuration information to each first switch port, respectively, where the first configuration information includes the virtual network identifier and a V L AN identifier of a corresponding first-class device, and send second configuration information to each second switch port, where the second configuration information includes the virtual network identifier.

11. The system of claim 10, wherein the virtual network is a V L AN or a virtual extended local area network VX L AN.

12. The system of claim 10 or 11, wherein the control node is further configured to:

when the type of the virtual network to be created is determined to be a three-layer network, the network controller is informed to create a virtual router in gateway equipment;

the network controller is further configured to: after receiving the notification of the control node, creating a virtual router on the gateway equipment;

13. The system of claim 10 or 11, wherein if each first type device and each second type device is connected to at least two switches, the network controller is further configured to:

respectively sending third configuration information to the at least two switches, and establishing communication connection between the at least two switches; wherein the third configuration information includes the virtual network identifier and identifiers of the at least two switches except for the switch receiving the third configuration information.

14. The system of claim 10 or 11, further comprising:

the network arrangement service equipment is used for acquiring a network creation request, wherein the network creation request comprises the type of the created virtual network, a network segment corresponding to the network to be created, the at least one first equipment identifier and the at least one second equipment identifier; and sending the type of the created virtual network, the network segment corresponding to the network to be created, the at least one first device identifier and the at least one second device identifier to the control node.

15. The system of claim 14, wherein the network orchestration service device is further to: determining each first switch port according to the connection relationship between the first type of equipment and the switch, and determining each second switch port according to the connection relationship between the second type of equipment and the switch; sending the identity of each first switch port and the identity of each second switch port to the network controller;

when determining the first switch port to which each first-type device is connected and the second switch port to which each second-type device is connected in the virtual network to be created, the network controller is specifically configured to: receiving the identifier of each first switch port and the identifier of each second switch port sent by the network orchestration service device, determining each first switch port according to the identifier of each first switch port, and determining each second switch port according to the identifier of each second switch port.

16. A control node, comprising: a memory, a processor, and a communication interface;

the memory to store program instructions;

the processor is used for calling the program instructions stored in the memory and executing:

acquiring the type of a virtual network to be created, a network segment corresponding to the network to be created, at least one first equipment identifier and at least one second equipment identifier; a first device identifier corresponds to a first type device in the virtual network to be created, a second device identifier corresponds to a second type device in the virtual network to be created, the first type device comprises a server or a virtual device on the server, and the second type device is a device other than the first type device;

the communication interface is used for respectively sending virtual network configuration information to each first-class device under the control of the processor, sending the virtual network identifier and the V L AN identifier of each first-class device to a switch port connected with each first-class device through a network controller, and sending the virtual network identifier to a switch port connected with each second-class device through the network controller.

17. The control node of claim 16, wherein the processor is further configured to: when the type of the virtual network to be created is determined to be a three-layer network, controlling the communication interface to inform the network controller to create a virtual router in gateway equipment;

the communication interface is further configured to: notifying the network controller under control of the processor to create a virtual router in a gateway device.

18. The control node of claim 16 or 17, wherein the virtual network is a V L AN or a virtual extended local area network VX L AN.

19. The control node according to claim 16 or 17, wherein the type of the virtual network to be created, the network segment corresponding to the network to be created, the at least one first device identifier, and the at least one second device identifier are obtained from a network creation request by a network orchestration service device and sent to the control node.

20. A network controller, comprising: a memory, a processor, and a communication interface;

the memory to store program instructions;

the communication interface is controlled to respectively send first configuration information to each first switch port, wherein the first configuration information comprises the virtual network identification and the V L AN identification of the corresponding first class equipment, and is used for mapping the V L AN identification of each first class equipment in data sent by each first class equipment through the corresponding first switch port into the virtual network identification;

the communication interface is used for respectively sending first configuration information to each first switch port under the control of the processor; and sending second configuration information to each second switch port respectively under the control of the processor.

21. The network controller of claim 20, wherein if each first class device and each second class device connects to at least two switches, the processor is further configured to:

controlling the communication interface to respectively send third configuration information to the at least two switches, and establishing communication connection between the at least two switches;

22. The network controller of claim 20 or 21, wherein when the type of virtual network to be created is a three-tier network, the communication interface is further to: receiving a notification sent by a control node and used for indicating the creation of a virtual router on a gateway device;

the processor is further configured to: creating a virtual router on the gateway equipment according to the notification, controlling the communication interface to send gateway configuration information to the gateway equipment, and establishing communication connection between the switch connected with each first-class equipment and each second-class equipment and the gateway equipment;

23. The network controller according to claim 20 or 21, wherein the processor, before controlling the communication interface to send the second configuration information to the switch port corresponding to the identifier of each second switch port, is further configured to:

acquiring a V L AN identifier of each second-class device, wherein the V L AN identifier of the second-class device is used for identifying data sent by the second-class device;

24. The network controller of claim 20 or 21, wherein the communication interface is further to: receiving the identifier of each first switch port and the identifier of each second switch port sent by the network orchestration service device;

when determining the first switch port to which each first-class device is connected and the second switch port to which each second-class device is connected in the virtual network to be created, the processor is specifically configured to: determining each first switch port according to the identifier of each first switch port, and determining each second switch port according to the identifier of each second switch port; alternatively, the first and second electrodes may be,

the communication interface is further configured to: receiving the identification of each first class device and the identification of each second class device sent by the network orchestration service device;

when determining the first switch port to which each first-class device is connected and the second switch port to which each second-class device is connected in the virtual network to be created, the processor is specifically configured to: and determining each first switch port according to the connection relationship between the first type of equipment and the switch, and determining each second switch port according to the connection relationship between the second type of equipment and the switch.