CN108965000A - A kind of private clound SDN drainage implementation method - Google Patents

A kind of private clound SDN drainage implementation method Download PDF

Info

Publication number
CN108965000A
CN108965000A CN201810762149.1A CN201810762149A CN108965000A CN 108965000 A CN108965000 A CN 108965000A CN 201810762149 A CN201810762149 A CN 201810762149A CN 108965000 A CN108965000 A CN 108965000A
Authority
CN
China
Prior art keywords
ovs
sdn controller
vnf
sdn
address
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN201810762149.1A
Other languages
Chinese (zh)
Other versions
CN108965000B (en
Inventor
刘佳
范渊
吴永越
郑学新
刘韬
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Chengdu DBAPPSecurity Co Ltd
Original Assignee
Chengdu DBAPPSecurity Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Chengdu DBAPPSecurity Co Ltd filed Critical Chengdu DBAPPSecurity Co Ltd
Priority to CN201810762149.1A priority Critical patent/CN108965000B/en
Publication of CN108965000A publication Critical patent/CN108965000A/en
Application granted granted Critical
Publication of CN108965000B publication Critical patent/CN108965000B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L41/00Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
    • H04L41/08Configuration management of networks or network elements
    • H04L41/0803Configuration setting
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L12/00Data switching networks
    • H04L12/28Data switching networks characterised by path configuration, e.g. LAN [Local Area Networks] or WAN [Wide Area Networks]
    • H04L12/46Interconnection of networks
    • H04L12/4604LAN interconnection over a backbone network, e.g. Internet, Frame Relay
    • H04L12/462LAN interconnection over a bridge based backbone
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L45/00Routing or path finding of packets in data switching networks
    • H04L45/02Topology update or discovery
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L45/00Routing or path finding of packets in data switching networks
    • H04L45/74Address processing for routing
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/10Protocols in which an application is distributed across nodes in the network

Abstract

The invention discloses a kind of private clound SDN to drain implementation method, privately owned cloud system based on sequentially connected SDN controller, Bridge, physical host is realized, multiple VNF that the quantity of the physical host has multiple and each physical host to include an OVS and connect with OVS, each OVS are connect with Bridge respectively;Start SDN controller and OVS first and constructs VNF, Topology Discovery and initialization in SDN controller service routine, and perceive the network interface state and MAC Address of VNF, the routing address of cooperation user side configuration calculates and issues access rules and drainage rule, realizes the packet sending and receiving of private clound processes user data and automatic jet.The present invention completes the work for needing to coordinate between the VNF example in privately owned cloud network, requires according to user, and the present invention forms flexible service chaining, realizes that customer flow automatically passes through multiple NFV nodes according to custom rule.

Description

A kind of private clound SDN drainage implementation method
Technical field
The present invention relates to network communication technology fields, are a kind of private clound SDN drainage implementation methods specifically.
Background technique
Traditional forwarded model is mainly two layers of forwarding that interchanger is completed and three layers of forwarding that router is completed.Two The advantage of layer forwarding is that the rule of forwarding is fairly simple, and two layers of leading address MAC will not change because of the variation of position of host machine, Therefore the interchanger based on self study does not have to configure substantially, manages very convenient.Interchanger is easy to be realized with hardware chip, thus Obtain very high forwarding performance.But two layers of forwarding model also have apparent drawback, for example MAC Address cannot polymerize, and cause Scalability is very weak when host increases, and cannot configure complicated subscriber policy, and a large amount of broadcasting packet is also led in double layer network Cause is difficult to form large scale network.
Three layers of forwarding model are forwarded according to the IP address in message.IP address can polymerize, so that composition is extensive Network solves the scaling concern of Layer2 switching network.But the configuration of three layers of forwarding is more complicated, and IP address is generally also Position of the host in network topology is identified, automation is difficult to realize when position of host machine being caused to migrate and is reconfigured.
In privately owned cloud network, the Networking Solutions & provisioned that manufacturer provides at present it is most of or based on traditional two layers or Three-layer network model causes the network management of user to configure more complicated, it is difficult to realize flexible user demand.SDN is recent The novel network model occurred, is mainly used in large-scale data center at present, completes some network automatically work.The present invention It is new opplication of the SDN network model in privately owned cloud network, specially solves the drainage problem in privately owned cloud network, guarantees drainage plan Slightly under the premise of flexibility, so that the configuration of user is still relatively easy and increasingly automated.Principle is customized by user Rule match data flow modifies the address data packet Mac and is forwarded to corresponding interface.
The prior art is drained using policybased routing, introduces one or more layout router, in a network with datagram The forwarding such as " source IP, the port " of text foundation is forwarded, and the purpose IP address for being based not only on traditional routing is forwarded, but Need a large amount of policybased routing rules of human configuration on the router.
In addition there are also OpenDayLightSFC functions, and OpenDayLight is an open source controller project, provide The application scenarios of SFC drainage function are large-scale data centers, and scheme is complicated, and when network size is smaller, performance loss is larger, Be not suitable for the private clound scene of miniaturization.
Summary of the invention
The purpose of the present invention is to provide a kind of private clound SDN to drain implementation method, first starting SDN controller and OVS And construct VNF, Topology Discovery and initialization in SDN controller service routine, and perceive VNF network interface state and The routing address of MAC Address, cooperation user side configuration calculates and issues access rules and drainage rule, realizes that private clound processing is used User data transmitting-receiving and automatic jet data.
The present invention is achieved through the following technical solutions: a kind of private clound SDN drainage implementation method, based on sequentially connected The privately owned cloud system realization of SDN controller, Bridge, physical host, the quantity of the physical host have multiple and each physics Multiple VNF that host includes an OVS and connect with OVS, each OVS are connect with Bridge respectively, specifically include with Lower step:
Step F1: the SDN controller and OVS that starting is connect with Bridge;
Step F2: building and starting VNF;
Step F3: Topology Discovery and initialization in SDN controller service routine, and perceive the network interface state of VNF And MAC Address;
Step F4: user side routing configuration;
Step F5: calculating and issues access rules;
Step F6: calculating and issues drainage rule;
Step F7: private clound completes the transmitting-receiving of user data message.
Further, in order to preferably realize the present invention, the step F1 specifically includes the following steps:
Step F11: starting Bridge and each OVS;
Step F12: starting SDN controller realizes that the OVS of SDN controller and each physical host passes through Bridge Interconnection.
Further, in order to preferably realize the present invention, the step F2 specifically includes the following steps:
Step F21: multiple VNF that starting is connect with the OVS;
Step F22: the MAC Address of Network Card of VNF is set according to the unified planning of privately owned cloud platform.
Further, in order to preferably realize the present invention, the step F3 specifically includes the following steps:
Step F31: the strong correlation of the MAC Address of the MAC Address and VNF interface according to OVS interface, SDN controller are swept The interface of each OVS is retouched, and picks out Link Up interface;
Step F32:SDN controller inspection simultaneously records the MAC Address on the Link Up interface;
The MAC Address for the VNF interface that each of is connected with OVS is calculated in step F33:SDN controller, to be formed Network topological diagram is for carrying out draining regular calculating;The network topological diagram is the tree construction with root node, the tree construction In using the Bridge as trunk, the OVS be Bridge branches and leaves node, the VNF be OVS branches and leaves node.
Further, in order to preferably realize the present invention, the step F4 specifically includes the following steps:
The MAC Address and IP address for the Router interface that the perception of step F41:SDN controller is connected with Bridge;
Step F42: user carries out routing configuration, helps private clound network query function access rules.
Further, in order to preferably realize the present invention, the step F5 specifically includes the following steps:
Step F51:SDN controller issues a flow table rule A, institute to all OVS according to Openflow agreement The content for stating flow table rule A is that SDN controller is sent on the neighbor learning request message that will be received;
After step F52:OVS receives the neighbor learning request message that Router or VNF are sent, neighbor learning is requested to report SDN controller is sent on text;
After the neighbor learning request message that step F53:SDN controller receives, in conjunction with receiving neighbor learning request message The address Mac of OVS constructs neighbor learning response message;The address Mac encapsulated in neighbor learning response message is to receive neighbours Practise the address Mac of the OVS of request message;If there is multiple OVS have received the same neighbor learning request message, then SDN is controlled Device selects the address Mac of one of OVS to carry out the encapsulation of neighbor learning response message according to load balancing principle;
Step F54: according to Openflow agreement, SDN controller receives the institute of neighbor learning request message into step F52 It states OVS and issues a flow table rule B, the content of the flow table rule B is the neighbor learning response message for issuing SDN controller It is transmitted to the OVS for receiving neighbor learning request message;
Step F55:SDN controller sends out the neighbor learning response message constructed in step F53 according to Openflow agreement To the OVS for receiving neighbor learning request message in step F52;
Step F56:OVS by the neighbor learning response message that SDN controller issues be transmitted to initiate request Router or Person VNF;
Step F57: the Router or VNF for receiving the neighbor learning response message of SDN controller construction learn to step The address Mac of the OVS interface of neighbor learning request message is received in F53.
Further, in order to preferably realize the present invention, the step F6 specifically includes the following steps:
Step F61: it when calculating drainage rule, is safeguarded in the drainage rule D and step F3 of SDN controller input user configuration Network topological diagram, user data message enters private clound by Router;
Step F62:SDN controller parses the drainage rule D of user configuration, obtains wanting matched field and user datagram The text device path to be passed through;
Step F63:SDN controller is that each OVS on path calculates flow table rule C, and each OVS is in device path One flow table rule C of the middle primary corresponding generation of appearancen;The flow table rule CnIt is set including next on message matching content, path The standby MAC Address of interface and the rewriting rule of the address Mac;The reason of rewriting the address Mac is that OVS will be deacclimatized and the OVS The send and receive packets principle of the VNF and Bridge of connection;
Step F64:SDN controller is according to Openflow agreement by flow table rule CnIt is handed down to corresponding OVS on path, is referred to Quote the forwarding and rewriting of user data message;
Step F65: Router has learnt into step F52 to receive the MAC of the OVS of neighbor learning request message at this time User data message is transmitted to the OVS by address, Router;
Step F66: the OVS for the user data message that Router is sent is received according to the flow table issued corresponding in step F64 Regular CnCarry out matching, rewriting and the forwarding of user data message;
Step F67: when user changes drainage strategy, SDN controller recalculates and issues automatically all drainage rule Then;When some VNF node migrates, dynamic change can occur for network topological diagram, and SDN controller recalculates all automatically Drainage rule and issue.
Further, in order to preferably realize the present invention, the step F7 is specifically includes the following steps: private clound is completed to use After matching, rewriting and the forwarding of user data message, user data message is returned into Router.
Working principle:
1.Bridge connects more physical hosts, and every physical host corresponds one OVS of deployment, each described OVS is connect with Bridge respectively, starts Bridge and each OVS;SDN controller is connect with Bridge, starts SDN controller, Realize that the OVS of SDN controller and each physical host is interconnected by Bridge.
2. the multiple VNF of each OVS connection start VNF;The net of VNF is set according to the unified planning of privately owned cloud platform Card MAC Address.
3. the OVS and the VNF have multiple interfaces, the MAC Address of the MAC Address and VNF interface according to OVS interface Strong correlation, SDN controller scan the interface of each OVS, and pick out Link Up interface;The inspection of SDN controller is simultaneously remembered Record the MAC Address on the Link Up interface;The MAC for the VNF interface that each of is connected with OVS is calculated in SDN controller Address, to form network topological diagram for carrying out draining regular calculating.
The MAC Address and IP address for the Router interface that the perception of 4.SDN controller is connected with Bridge;User routes Configuration helps private clound network query function access rules.
5.SDN controller issues flow table rule A to all OVS, and OVS receives the neighbour that Router or VNF are sent After occupying study request message, SDN controller will be sent on neighbor learning request message, SDN controller constructs neighbor learning response Neighbor learning response message is simultaneously returned to OVS and Router by message, and Router learns the MAC Address to OVS.
The flow table rule D and network topological diagram that 6.SDN controller is inputted according to user obtain wanting matched field and user The data message device path to be passed through, SDN controller are that each OVS on path calculates corresponding flow table rule CnAnd it issues To corresponding OVS, OVS is according to the flow table rule C issuednCarry out matching, rewriting and the forwarding of user data message.
7. user data message is finally returned to Router.
Compared with prior art, the present invention have the following advantages that and the utility model has the advantages that
Co-ordination is needed between VNF example in privately owned cloud network, is required according to user, the flexible clothes of present invention composition Business chain realizes that customer flow automatically passes through multiple NFV nodes according to custom rule.
Detailed description of the invention
Fig. 1 is work flow diagram of the present invention;
Fig. 2 is data flow topology schematic diagram.
Specific embodiment
The present invention is described in further detail below with reference to embodiment, embodiments of the present invention are not limited thereto.
Embodiment 1:
The present embodiment advanced optimizes on the basis of the above embodiments, as Figure 1-Figure 2, a kind of private clound SDN Implementation method is drained, the privately owned cloud system based on sequentially connected SDN controller, Bridge, physical host is realized, the physics Multiple VNF that the quantity of host has multiple and each physical host to include an OVS and connect with OVS, each OVS points It is not connect with Bridge, specifically includes the following steps:
Step F1: the SDN controller and OVS that starting is connect with Bridge;
Step F2: building and starting VNF;
Step F3: Topology Discovery and initialization in SDN controller service routine, and perceive the network interface state of VNF And MAC Address;
Step F4: user side routing configuration;
Step F5: calculating and issues access rules;
Step F6: calculating and issues drainage rule;
Step F7: private clound completes the transmitting-receiving of user data message.
It should be noted that SDN is a kind of software defined network model by above-mentioned improvement, the SDN controller is figure Controller in 2, is the Centralized Controller in SDN network, and Controller can be the SDN such as OpenDayLight, Ryu Controller, the OpenDayLight are an open source controller projects, and this programme is run on Controller frame Logical code.The OVS is OpenvSwitch, is a kind of software switch of the support SDN network of mainstream.Controller It is connect with Bridge, the OVS has multiple and connect respectively with Bridge.Each OVS is connected with multiple VNF.
The present invention starts various components, including Bridge, SDN controller, OVS and VNF first, SDN controller according to The connection relationship initialization discovery network topological diagram of Bridge, OVS and VNF, the perception of SDN controller are connected with Bridge The MAC Address and IP address of Router interface.Of the invention focuses on SDN controller to the meter of access rules and drainage rule It calculates and issues, after private clound completes matching, rewriting and the forwarding of user data message, user data message is returned into user The transmitting-receiving of user data message is completed at end.
The other parts of the present embodiment are same as the previously described embodiments, and so it will not be repeated.
Embodiment 2:
The present embodiment advanced optimizes on the basis of the above embodiments, and as Figure 1-Figure 2, the step F1 is specific The following steps are included:
Step F11: starting Bridge and each OVS;
Step F12: starting SDN controller realizes that the OVS of SDN controller and each physical host passes through Bridge Interconnection.
It should be noted that the physical host is the chasis in Fig. 2 by above-mentioned improvement, the chasis has more Platform, the OVS being deployed on chasis are connect with Bridge.OVS connection multiple VNF, the VNF in every chasis are empty Quasi- network function example, VNF functional diversities can be calculate node, Web server, are also possible to virtual firewall.
Step F1 will need the primary clustering used to start up, and the SDN controller is the Controller in Fig. 2, It can be OpenDayLight, Ryu etc..
Every physical host, which all corresponds, disposes an OVS, the abbreviation of OVS, that is, OpenvSwitch, OpenVSwitch is the SDN virtual switch by software realization, and the main flow table for realizing that Openflow is defined is regular to be turned Hair carries out user data message with Bridge connection and exchanges.OVS is communicated with Controller by southbound interface, is come Realize the network communication of control plane.
The other parts of the present embodiment are same as the previously described embodiments, and so it will not be repeated.
Embodiment 3:
The present embodiment advanced optimizes on the basis of the above embodiments, and as Figure 1-Figure 2, the step F2 is specific The following steps are included:
Step F21: the multiple VNF of each OVS connection, start VNF;
Step F22: the MAC Address of Network Card of VNF is set according to the unified planning of privately owned cloud platform.
It should be noted that VNF refers to specific virtual network function by above-mentioned improvement, certain network clothes are provided Business, is software, and the infrastructure deployment provided using NFVI is in virtual machine, container or bare-metal physical machine.NFVI It is a kind of general virtualization layer in private clound.
The groundwork of step F2 is the VNF virtual network function example for starting user in privately owned cloud platform and needing, VNF Function greatly, can be calculate node, Web server, be also possible to virtual firewall, virtual web firewall etc..? It needs arbitrarily be configured according to privately owned cloud platform unified planning when configuring the MAC Address of Network Card of VNF.
The other parts of the present embodiment are same as the previously described embodiments, and so it will not be repeated.
Embodiment 4:
The present embodiment advanced optimizes on the basis of the above embodiments, and as Figure 1-Figure 2, the step F3 is specific The following steps are included:
Step F31: the strong correlation of the MAC Address of the MAC Address and VNF interface according to OVS interface, SDN controller are swept The interface of each OVS is retouched, and picks out Link Up interface;
Step F32:SDN controller inspection simultaneously records the MAC Address on the Link Up interface;
The MAC Address for the VNF interface that each of is connected with OVS is calculated in step F33:SDN controller, to be formed Network topological diagram is for carrying out draining regular calculating;The network topological diagram is the tree construction with root node, the tree construction In using the Bridge as trunk, the OVS be Bridge branches and leaves node, the VNF be OVS branches and leaves node.
It should be noted that by above-mentioned improvement, the step of the present embodiment, is mainly carried out in SDN controller, SDN control Device perceives the network interface state and MAC Address of VNF, network topological diagram is generated and safeguard, for carrying out the calculating of drainage rule.
The strong correlation of the MAC Address of MAC Address and VNF interface according to OVS interface, SDN controller scan each institute The interface of OVS is stated, and picks out Link Up interface, SDN controller, which plays, to be checked and record on the Link Up interface The effect of MAC Address.
The strong correlation of MAC Address according to component, is calculated the MAC Address of the LinkUp interface of each VNF, thus Complete network topological diagram is formed for carrying out the calculating of drainage rule.The network topological diagram is the tree knot with root node Structure, using the Bridge as trunk in the tree construction, the OVS is the branches and leaves node of Bridge, and the VNF is the branch of OVS Leaf node.
After forming topological diagram, topology status is safeguarded by LLDP protocol dynamic, when switching on and shutting down or migration occur for VNF, Topology can be dynamically updated, manual intervention is not necessarily to.The LLDP agreement is link layer protocol, and the type of the network equipment is increasingly various And it is respective configuration it is intricate, in order to enable the equipment of different vendor mutually to find in a network and interact respective system And configuration information, need the information intercourse platform of a standard.
The other parts of the present embodiment are same as the previously described embodiments, and so it will not be repeated.
Embodiment 5:
The present embodiment advanced optimizes on the basis of the above embodiments, and as Figure 1-Figure 2, the step F4 is specific The following steps are included:
The MAC Address and IP address for the Router interface that the perception of step F41:SDN controller is connected with Bridge;
Step F42: user carries out routing configuration, helps private clound network query function access rules.
It should be noted that Bridge is connect with Router by above-mentioned improvement, Bridge is to support two layers of forwarding of tradition Interchanger, Router be support three layers of traditional network forwarding routers.As shown in Fig. 2, the private clound include Bridge, Chasis and SDN controller connects and composes the drainage system of private clound SDN network by Bridge and Office Network and Router System.
The router of user side configuration is Router, and the access rules in the Router and privately owned cloud network calculate close Correlation, the router of user side are normally based on policybased routing and send the data to privately owned cloud network, have an impact to drainage scheme Configuration be mainly its interface IP address, the interface IP address includes MAC Address and IP address, SDN controller need to perceive with Bridge connected Router interface IP address, as shown in Fig. 2, the IP address of User is 192.168.33.1, the IP of Server Location is that the user data message of 192.168.34.1, User and Server are sent to by the policybased routing on Router Bridge after private clound has been handled, is passed back to Router.
The other parts of the present embodiment are same as the previously described embodiments, and so it will not be repeated.
Embodiment 6:
The present embodiment advanced optimizes on the basis of the above embodiments, and as Figure 1-Figure 2, the step F5 is specific The following steps are included:
Step F51:SDN controller issues a flow table rule A, institute to all OVS according to Openflow agreement The content for stating flow table rule A is that SDN controller is sent on the neighbor learning request message that will be received;
After step F52:OVS receives the neighbor learning request message that Router or VNF are sent, neighbor learning is requested to report SDN controller is sent on text;
After the neighbor learning request message that step F53:SDN controller receives, in conjunction with receiving neighbor learning request message The address Mac of OVS constructs neighbor learning response message;The address Mac encapsulated in neighbor learning response message is to receive neighbours Practise the address Mac of the OVS of request message;If there is multiple OVS have received the same neighbor learning request message, then SDN is controlled Device selects the address Mac of one of OVS to carry out the encapsulation of neighbor learning response message according to load balancing principle;
Step F54: according to Openflow agreement, SDN controller receives the institute of neighbor learning request message into step F52 It states OVS and issues a flow table rule B, the content of the flow table rule B is the neighbor learning response message for issuing SDN controller It is transmitted to the OVS for receiving neighbor learning request message;
Step F55:SDN controller sends out the neighbor learning response message constructed in step F53 according to Openflow agreement To the OVS for receiving neighbor learning request message in step F52;
Step F56:OVS by the neighbor learning response message that SDN controller issues be transmitted to initiate request Router or Person VNF;
Step F57: the Router or VNF for receiving the neighbor learning response message of SDN controller construction learn to step The address Mac of the OVS interface of neighbor learning request message is received in F53.
It should be noted that the flow table rule A, flow table rule B are that SDN controller is issued to OVS by above-mentioned improvement In drainage rule, calculated by SDN director demon.Drainage rule is briefly described below:
SDN model applies the thought that network-control face is separated with forwarding surface, and controller is control main body, and OVS is forwarding Main body.Controller passes through all OVS of Openflow agreement centralized control, and OVS is then dispersed on more physical hosts, datagram When text reaches OVS, OVS can carry out data processing and forwarding according to the flow table that controller issues.All drainages rule herein, The flow table rule that the controller all referred to generates.Flow table rule can be issued on multiple OVS, could really play guide data The effect of forwarding.Controller is usually a framework, provides the infrastructure component realized and apply logic, but apply Logic itself still wants Controller user oneself to program completion.Access rules and drainage rule herein calculate, all It is user logic, needs to program on the framework that Controller is provided and complete.
The step implementation method of the present embodiment is on SDN controller and OVS, and the request and response of neighbor learning message are Between OVS and Router/VNF.Realize that ARP proxy then realizes ND agreement generation if it is IPv6 network by flow table rule Reason.The ARP protocol, i.e. address resolution protocol are the ICP/IP protocols that physical address is obtained according to IP address;The ND Agreement is IPv6 neighbours' discovery, is one group of message and process for determining relationship between neighbor node.The effect reached is Router Or VNF is sent to the neighbor protocol message request of OVS and is above sent on SDN controller, SDN controller replys OVS the corresponding interface MAC Address, reach docking for privately owned cloud network and traditional network model instance, allow data to be sent into OVS and carry out SDN rule It then handles, realize the calculating of access rules in privately owned cloud network and issues.Detailed process are as follows:
SDN controller issues a flow table rule A, the flow table rule to all OVS according to Openflow agreement Then the content of A is that SDN controller is sent on the neighbor learning request message that will be received.OVS receives what Router or VNF was sent After neighbor learning request message, SDN controller will be sent on neighbor learning request message according to flow table rule A.SDN controller is received After the neighbor learning request message arrived, in conjunction with the address Mac for the OVS for receiving neighbor learning request message, constructs neighbor learning and answer Answer message.
The address Mac encapsulated in neighbor learning response message is the address Mac for receiving the OVS of neighbor learning request message, If there is multiple OVS have received the same neighbor learning request message, then SDN controller selects wherein according to load balancing principle The address Mac of one OVS carries out the encapsulation of neighbor learning response message.
According to Openflow agreement, SDN controller issues a flow table to the OVS for receiving neighbor learning request message Regular B, the content of the flow table rule B are to be transmitted to the neighbor learning response message that SDN controller issues to receive neighbours Practise the OVS of request message.The neighbor learning response message of construction is issued according to Openflow agreement and receives neighbours by SDN controller Learn the OVS of request message.
The neighbor learning response message that SDN controller issues is transmitted to the Router or VNF for initiating request by OVS.It receives The Router or VNF of the neighbor learning response message constructed to SDN controller have learnt to receive neighbor learning request message The address Mac of the OVS interface.
The other parts of the present embodiment are same as the previously described embodiments, and so it will not be repeated.
Embodiment 7:
The present embodiment advanced optimizes on the basis of the above embodiments, and as Figure 1-Figure 2, the step F6 is specific The following steps are included:
Step F61: it when calculating drainage rule, is safeguarded in the drainage rule D and step F3 of SDN controller input user configuration Network topological diagram, user data message enters private clound by Router;
Step F62:SDN controller parses the drainage rule D of user configuration, obtains wanting matched field and user datagram The text device path to be passed through;
Step F63:SDN controller is that each OVS on path calculates flow table rule C, and each OVS is in device path One flow table rule C of the middle primary corresponding generation of appearancen;The flow table rule CnIt is set including next on message matching content, path The standby MAC Address of interface and the rewriting rule of the address Mac;The reason of rewriting the address Mac is that OVS will be deacclimatized and the OVS The send and receive packets principle of the VNF and Bridge of connection;
Step F64:SDN controller is according to Openflow agreement by flow table rule CnIt is handed down to corresponding OVS on path, is referred to Quote the forwarding and rewriting of user data message;
Step F65: Router has learnt into step F52 to receive the MAC of the OVS of neighbor learning request message at this time User data message is transmitted to the OVS by address, Router;
Step F66: the OVS for the user data message that Router is sent is received according to the flow table issued corresponding in step F64 Regular CnCarry out matching, rewriting and the forwarding of user data message;
Step F67: when user changes drainage strategy, SDN controller recalculates and issues automatically all drainage rule Then;When some VNF node migrates, dynamic change can occur for network topological diagram, and SDN controller recalculates all automatically Drainage rule and issue;
The step F7 is specifically includes the following steps: private clound completes matching, rewriting and the forwarding of user data message Afterwards, user data message is returned into Router.
It should be noted that by above-mentioned improvement,
When calculating drainage rule, there are two inputs: first is that the network topological diagram safeguarded in step F3, second is that user configuration Drain rule D;The network topological diagram is the tree construction with root node, using the Bridge as trunk in the tree construction, The OVS is the branches and leaves node of Bridge, and the VNF is the branches and leaves node of OVS.The format of the drainage rule D of user configuration is: { matching certain message field (MFLD)s, successively give the message for meeting matching rule to certain VNF and handle }, such as: { matching destination address It is the message of 192.168.34.1, successively gives the message for meeting matching rule to VNF2, VNF1, VNF4, VNF3 processing }.Institute Meaning drainage rule calculates, and real work is the drainage rule user configuration, the flow table rule C being converted on a plurality of OVSn。SDN Controller parses the drainage rule D of user configuration, obtains wanting matched field and the device path to be passed through, for example, such as Fig. 2 institute Show, corresponding parsing result are as follows: matching purpose IP address 192.168.34.1, the device path to be passed through is successively are as follows:
OVS2- > OVS1- > VNF2- > OVS1- > VNF1- > OVS1- > OVS2- > VNF4- > OVS2- > VNF3- > OVS2, this Device path includes VNF and OVS, is obtained according to network topological diagram.
Device path is obtained according to above-mentioned parsing, is that each OVS on path calculates flow table rule Cn, each OVS setting Occurs one flow table rule C of primary corresponding generation in standby pathn, some OVS may occur repeatedly in the paths, so SDN is controlled The flow table rule C for each OVS that device processed is calculatednIt may be a plurality of.
If there is multiple user configurations drain rule D, then SDN controller will receive a plurality of different drainage rule Dn, To generate a plurality of different device path, the flow table rule for each OVS that SDN controller is calculated is also resulted in this way CnIt is a plurality of.
Flow table rule CnInclude 3 parts: first is that message matching content, such as matching purpose IP address, it can be with Match IP The combination of arbitrary content adds user data message input interface in five-tuple information;Second is that next equipment interface on path MAC Address;Third is that the address Mac rewriting rule, the reason of rewriting the address Mac is the send and receive packets that OVS will deacclimatize VNF and Bridge Principle;Such as device path are as follows:
OVS2- > OVS1- > VNF2- > OVS1- > VNF1- > OVS1- > OVS2- > VNF4- > OVS2- > VNF3- > OVS2, OVS2 Upper certain flow table rule CnContent are as follows: { message that matching is sent with VNF4 connected interface, matching content are that purpose IP is 192.168.34.1, the interface being connected with VNF3 is forwarded the packet to after successful match, the message address purpose Mac of forwarding is rewritten For the address Mac of VNF3 }.
SDN controller will generate flow table rule C according to Openflow agreementnThe corresponding OVS being handed down on device path, To guide the forwarding and rewriting of user data message.Router has learnt the Mac to the OVS that receives neighbor learning request message Location, therefore user data message can be transmitted to this OVS.After OVS receives the user data message that Router is sent, according to The flow table rule C issuednCarry out message matching, rewriting and forwarding.When user changes the strategy of drainage rule D, SDN control Device recalculates and issues automatically all drainage rules;When some VNF node migrates, dynamic can occur for network topology Variation, SDN controller recalculate all drainage rules automatically and issue.
After private clound completes the matching, rewriting and forwarding of user data message, user data message is returned to Router realizes the method that private clound automatically processes user data message.
The other parts of the present embodiment are same as the previously described embodiments, and so it will not be repeated.
The above is only presently preferred embodiments of the present invention, not does limitation in any form to the present invention, it is all according to According to technical spirit any simple modification to the above embodiments of the invention, equivalent variations, protection of the invention is each fallen within Within the scope of.

Claims (8)

1. a kind of private clound SDN drains implementation method, based on sequentially connected SDN controller, Bridge, physical host it is privately owned Cloud system realizes that the quantity of the physical host has multiple and each physical host to include an OVS and connect with OVS more A VNF, each OVS are connect with Bridge respectively, it is characterised in that: specifically includes the following steps:
Step F1: the SDN controller and OVS that starting is connect with Bridge;
Step F2: building and starting VNF;
Step F3: Topology Discovery and initialization in SDN controller service routine, and perceive the network interface state and MAC of VNF Address;
Step F4: user side routing configuration;
Step F5: calculating and issues access rules;
Step F6: calculating and issues drainage rule;
Step F7: private clound completes the transmitting-receiving of user data message.
2. a kind of private clound SDN according to claim 1 drains implementation method, it is characterised in that: the step F1 is specific The following steps are included:
Step F11: starting Bridge and each OVS;
Step F12: starting SDN controller realizes that the OVS of SDN controller and each physical host is interconnected by Bridge.
3. a kind of private clound SDN according to claim 2 drains implementation method, it is characterised in that: the step F2 is specific The following steps are included:
Step F21: multiple VNF that starting is connect with the OVS;
Step F22: the MAC Address of Network Card of VNF is set according to the unified planning of privately owned cloud platform.
4. a kind of private clound SDN according to claim 3 drains implementation method, it is characterised in that: the step F3 is specific The following steps are included:
Step F31: the strong correlation of the MAC Address of the MAC Address and VNF interface according to OVS interface, the scanning of SDN controller are every The interface of a OVS, and pick out Link Up interface;
Step F32:SDN controller inspection simultaneously records the MAC Address on the Link Up interface;
The MAC Address for the VNF interface that each of is connected with OVS is calculated in step F33:SDN controller, to form network Topological diagram is for carrying out draining regular calculating;The network topological diagram is the tree construction with root node, in the tree construction with The Bridge is trunk, and the OVS is the branches and leaves node of Bridge, and the VNF is the branches and leaves node of OVS.
5. a kind of private clound SDN according to claim 4 drains implementation method, it is characterised in that: the step F4 is specific The following steps are included:
The MAC Address and IP address for the Router interface that the perception of step F41:SDN controller is connected with Bridge;
Step F42: user carries out routing configuration, helps private clound network query function access rules.
6. a kind of private clound SDN according to claim 5 drains implementation method, it is characterised in that: the step F5 is specific The following steps are included:
Step F51:SDN controller issues a flow table rule A, the stream to all OVS according to Openflow agreement The content of table rule A is that SDN controller is sent on the neighbor learning request message that will be received;
It, will be on neighbor learning request message after step F52:OVS receives the neighbor learning request message that Router or VNF are sent It is sent to SDN controller;
After the neighbor learning request message that step F53:SDN controller receives, in conjunction with the OVS's for receiving neighbor learning request message The address Mac constructs neighbor learning response message;The address Mac encapsulated in neighbor learning response message is to receive neighbor learning to ask Ask the address Mac of the OVS of message;If there is multiple OVS have received the same neighbor learning request message, then SDN controller root The address Mac of one of OVS is selected to carry out the encapsulation of neighbor learning response message according to load balancing principle;
Step F54: according to Openflow agreement, SDN controller is received into step F52 described in neighbor learning request message OVS issues a flow table rule B, and the content of the flow table rule B is that the neighbor learning response message for issuing SDN controller turns Issue the OVS for receiving neighbor learning request message;
The neighbor learning response message constructed in step F53 is issued step according to Openflow agreement by step F55:SDN controller The OVS of neighbor learning request message is received in rapid F52;
Step F56:OVS by the neighbor learning response message that SDN controller issues be transmitted to initiate request Router or VNF;
Step F57: the Router or VNF for receiving the neighbor learning response message of SDN controller construction learn into step F53 Receive the address Mac of the OVS interface of neighbor learning request message.
7. a kind of private clound SDN according to claim 6 drains implementation method, it is characterised in that: the step F6 is specific The following steps are included:
Step F61: when calculating drainage rule, the net safeguarded in the drainage rule D and step F3 of SDN controller input user configuration Network topological diagram, user data message enter private clound by Router;
Step F62:SDN controller parses the drainage rule D of user configuration, obtains that matched field and user data message is wanted to want The device path of process;
Step F63:SDN controller is that each OVS on path calculates flow table rule C, and each OVS goes out in device path Now one flow table rule C of primary corresponding generationn;The flow table rule CnIt is connect including next equipment on message matching content, path The MAC Address of mouth and the rewriting rule of the address Mac;The reason of rewriting the address Mac is that OVS will be deacclimatized and be connect with the OVS VNF and Bridge send and receive packets principle;
Step F64:SDN controller is according to Openflow agreement by flow table rule CnIt is handed down to corresponding OVS on path, guides and uses The forwarding and rewriting of user data message;
Step F65: Router has learnt into step F52 with receiving the MAC of the OVS of neighbor learning request message at this time User data message is transmitted to the OVS by location, Router;
Step F66: the OVS for the user data message that Router is sent is received according to the flow table rule C issued corresponding in step F64n Carry out matching, rewriting and the forwarding of user data message;
Step F67: when user changes drainage strategy, SDN controller recalculates and issues automatically all drainage rules;When When some VNF node migrates, dynamic change can occur for network topological diagram, and SDN controller recalculates all draw automatically Stream rule simultaneously issues.
8. a kind of private clound SDN according to claim 7 drains implementation method, it is characterised in that: the step F7 is specific The following steps are included: user data message is returned to after matching, rewriting and the forwarding of private clound completion user data message Router。
CN201810762149.1A 2018-07-12 2018-07-12 Private cloud SDN drainage implementation method Active CN108965000B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201810762149.1A CN108965000B (en) 2018-07-12 2018-07-12 Private cloud SDN drainage implementation method

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201810762149.1A CN108965000B (en) 2018-07-12 2018-07-12 Private cloud SDN drainage implementation method

Publications (2)

Publication Number Publication Date
CN108965000A true CN108965000A (en) 2018-12-07
CN108965000B CN108965000B (en) 2021-06-01

Family

ID=64482994

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201810762149.1A Active CN108965000B (en) 2018-07-12 2018-07-12 Private cloud SDN drainage implementation method

Country Status (1)

Country Link
CN (1) CN108965000B (en)

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN111031091A (en) * 2019-10-30 2020-04-17 哈尔滨安天科技集团股份有限公司 Automatic adaptation method and device for cloud platform virtual diversion technology
CN114006707A (en) * 2020-07-13 2022-02-01 中国电信股份有限公司 East-west firewall configuration method, device and system
CN115174474A (en) * 2022-09-08 2022-10-11 浙江九州云信息科技有限公司 Private cloud SFC implementation method and device based on SRv6

Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN104601482A (en) * 2013-10-30 2015-05-06 中兴通讯股份有限公司 Traffic cleaning method and device
CN105553849A (en) * 2015-11-26 2016-05-04 北京邮电大学 Conventional IP network and SPTN network intercommunication method and system
CN105656841A (en) * 2014-11-11 2016-06-08 杭州华三通信技术有限公司 Method and device for realizing virtual firewall in software defined network
CN107896195A (en) * 2017-11-16 2018-04-10 锐捷网络股份有限公司 Service chaining method of combination, device and service chaining topological structure
CN107911258A (en) * 2017-12-29 2018-04-13 深信服科技股份有限公司 A kind of realization method and system in the secure resources pond based on SDN network
US20180123911A1 (en) * 2016-10-27 2018-05-03 Hewlett Packard Enterprise Development Lp Verify service level agreement compliance of network function chains based on a stateful forwarding graph

Patent Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN104601482A (en) * 2013-10-30 2015-05-06 中兴通讯股份有限公司 Traffic cleaning method and device
CN105656841A (en) * 2014-11-11 2016-06-08 杭州华三通信技术有限公司 Method and device for realizing virtual firewall in software defined network
CN105553849A (en) * 2015-11-26 2016-05-04 北京邮电大学 Conventional IP network and SPTN network intercommunication method and system
US20180123911A1 (en) * 2016-10-27 2018-05-03 Hewlett Packard Enterprise Development Lp Verify service level agreement compliance of network function chains based on a stateful forwarding graph
CN107896195A (en) * 2017-11-16 2018-04-10 锐捷网络股份有限公司 Service chaining method of combination, device and service chaining topological structure
CN107911258A (en) * 2017-12-29 2018-04-13 深信服科技股份有限公司 A kind of realization method and system in the secure resources pond based on SDN network

Cited By (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN111031091A (en) * 2019-10-30 2020-04-17 哈尔滨安天科技集团股份有限公司 Automatic adaptation method and device for cloud platform virtual diversion technology
CN111031091B (en) * 2019-10-30 2022-10-21 安天科技集团股份有限公司 Automatic adaptation method and device for cloud platform virtual diversion technology
CN114006707A (en) * 2020-07-13 2022-02-01 中国电信股份有限公司 East-west firewall configuration method, device and system
CN114006707B (en) * 2020-07-13 2023-11-21 中国电信股份有限公司 East-west firewall configuration method, device and system
CN115174474A (en) * 2022-09-08 2022-10-11 浙江九州云信息科技有限公司 Private cloud SFC implementation method and device based on SRv6

Also Published As

Publication number Publication date
CN108965000B (en) 2021-06-01

Similar Documents

Publication Publication Date Title
Klein et al. An OpenFlow extension for the OMNeT++ INET framework
CN108737272B (en) High-performance route forwarding method in cloud computing
CN103997414B (en) Generate method and the network control unit of configuration information
CN112311606B (en) Method for constructing virtual-real decoupling simulation network
CN108123818B (en) Simulation method for flexible and extensible fusion of virtual and actual networks
CN104618244A (en) SDN network and traditional IP network intercommunicating method and system
CN108965000A (en) A kind of private clound SDN drainage implementation method
CN109039703A (en) The method and system of business scenario network rapid build under a kind of complex network simulated environment
CN108123819B (en) Virtual-real network seamless fusion simulation method
CN105515802B (en) Network virtualization method and device
CN110035012B (en) SDN-based VPN flow scheduling method and SDN-based VPN flow scheduling system
Huang et al. Automatical end to end topology discovery and flow viewer on SDN
CN113746760A (en) Communication method, network controller, and computer-readable storage medium
CN111049747A (en) Intelligent virtual network path planning method for large-scale container cluster
Zope et al. Firewall and load balancing as an application of SDN
CN109863726A (en) Distributed clients guard station device
CN105721346A (en) Application bandwidth configuring method and controller based on software defined network
CN108512737B (en) Data center IP layer interconnection method and SDN controller
Alraawi et al. Performance evaluation of controller based sdn network over non-controller based network in data center network
Rashid et al. Performance evaluation of software-defined networking controllers in wired and wireless networks
CN115037669B (en) Cross-domain data transmission method based on federal learning
Dizdarević et al. A survey on transition from GMPLS control plane for optical multilayer networks to SDN control plane
Raza et al. SDN based emulation of an academic networking testbed
Lehocine et al. VINEMA: Towards automated management of virtual networks in SDN infrastructures
Mambretti et al. Creating a Worldwide Network For The Global Environment for Network Innovations (GENI) and Related Experimental Environments

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant