CN116996368B - Method, system, equipment and storage medium for cloud internal and external communication - Google Patents
Method, system, equipment and storage medium for cloud internal and external communication Download PDFInfo
- Publication number
- CN116996368B CN116996368B CN202311246762.5A CN202311246762A CN116996368B CN 116996368 B CN116996368 B CN 116996368B CN 202311246762 A CN202311246762 A CN 202311246762A CN 116996368 B CN116996368 B CN 116996368B
- Authority
- CN
- China
- Prior art keywords
- network node
- data packet
- node
- cloud
- computing node
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
- 238000000034 method Methods 0.000 title claims abstract description 93
- 238000004891 communication Methods 0.000 title claims abstract description 89
- 230000005540 biological transmission Effects 0.000 claims abstract description 21
- 230000032683 aging Effects 0.000 claims description 32
- 230000008569 process Effects 0.000 claims description 11
- 238000004590 computer program Methods 0.000 claims description 10
- 238000001514 detection method Methods 0.000 claims description 10
- 230000002457 bidirectional effect Effects 0.000 claims description 8
- 238000012545 processing Methods 0.000 claims description 8
- 230000001960 triggered effect Effects 0.000 claims description 3
- 230000009467 reduction Effects 0.000 claims description 2
- 238000010586 diagram Methods 0.000 description 14
- 230000006870 function Effects 0.000 description 10
- 238000012546 transfer Methods 0.000 description 6
- 230000002159 abnormal effect Effects 0.000 description 3
- 230000009471 action Effects 0.000 description 3
- 230000007246 mechanism Effects 0.000 description 3
- 230000007423 decrease Effects 0.000 description 2
- 206010010356 Congenital anomaly Diseases 0.000 description 1
- 230000003044 adaptive effect Effects 0.000 description 1
- 230000008901 benefit Effects 0.000 description 1
- 230000003247 decreasing effect Effects 0.000 description 1
- 238000013461 design Methods 0.000 description 1
- 238000005516 engineering process Methods 0.000 description 1
- 230000003993 interaction Effects 0.000 description 1
- 238000002955 isolation Methods 0.000 description 1
- 238000013519 translation Methods 0.000 description 1
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L41/00—Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
- H04L41/06—Management of faults, events, alarms or notifications
- H04L41/0654—Management of faults, events, alarms or notifications using network fault recovery
- H04L41/0663—Performing the actions predefined by failover planning, e.g. switching to standby network elements
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/02—Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/40—Network security protocols
Abstract
The invention discloses a method, a system, equipment and a storage medium for communication inside and outside a cloud, which are applied to the technical field of communication and solve the problem of failure of communication inside and outside the cloud in the traditional scheme, and comprise the following steps: receiving a first data packet sent by a first standby network node when a link between a computing node and a main network node fails; recording a tunnel address of a node sending the first data packet; based on a destination address pointing to the outside of the cloud in the first data packet, performing outward transmission of the first data packet; upon receiving the first reply packet to the first data packet, the first reply packet is sent by the first standby network node to the computing node based on the recorded tunnel address. By applying the scheme of the invention, on the premise of realizing the link fault between the computing node and the main network node under the cooperation of the main network node and the standby network node, the communication inside and outside the cloud required by the computing node is still effectively completed, so that the reliability of the communication inside and outside the cloud is effectively improved.
Description
Technical Field
The present invention relates to the field of communications technologies, and in particular, to a method, a system, an apparatus, and a storage medium for intra-cloud and inter-cloud communications.
Background
Currently, the cloud computing and cloud service are hot times, and company business and personal business are both pushing cloud service. For example, openStack is an open-source cloud computing management platform project, and provides a good virtualization scheme. The cloud service can provide virtual machine service, business operation can not leave network forwarding, and fast forwarding of data lays a foundation for cloud service performance.
Currently, when a virtual machine inside a cloud service needs to access outside the cloud, based on Yun Na and an isolation mechanism which cannot be directly communicated with the outside of the cloud, the outside of the cloud needs to be accessed through a specific network node, and similarly, the outside of the cloud needs to be accessed through the network node.
In order to prevent irrecoverable influence on services after network node downtime, when cloud services in a cloud platform are normally deployed, a plurality of network nodes are usually deployed to perform high-availability configuration. A router gateway providing access to an extracloud service binds a plurality of network nodes and prioritizes each network node when bound for the first time. When all the nodes are in normal states, all the computing nodes related to the router need to access traffic outside the cloud, the traffic is sent to the network node with the highest priority, and the network node performs route forwarding, NAT (Network Address Translation ) and other processing. When the network node with the highest priority is down, the network node with the highest priority, which is not down, is effective, and at the moment, the traffic is sent to the standby network node, and the standby network node provides an external cloud access function.
However, in practical applications, there often occurs a case where traffic transmission that the computing node needs to transmit to the outside of the cloud fails.
In summary, how to effectively improve the reliability of the communication between the cloud and the outside is a technical problem that needs to be solved by those skilled in the art.
Disclosure of Invention
The invention aims to provide a method, a system, equipment and a storage medium for communication inside and outside a cloud, so as to effectively improve the reliability of communication inside and outside the cloud.
In order to solve the technical problems, the invention provides the following technical scheme:
a cloud internal and external communication method is applied to a main network node of a cloud platform and comprises the following steps:
receiving a first data packet sent by a first standby network node;
recording the tunnel address of the node sending the first data packet;
based on a destination address pointing to the outside of the cloud in the first data packet, performing outward transmission of the first data packet;
when a first return packet for the first data packet is received, sending the first return packet to the first standby network node based on the recorded tunnel address of the node sending the first data packet, so that the first return packet is sent to a computing node by the first standby network node;
The first data packet is a data packet which is sent to the first standby network node by the computing node after the computing node determines that the link between the computing node and the main network node fails, and then is sent to the main network node by the first standby network node;
the first standby network node is the standby network node with the highest priority selected by the computing node from the current standby network nodes.
In one embodiment, the method further comprises:
receiving a second data packet sent by the computing node;
recording the tunnel address of the node sending the second data packet;
based on a destination address pointing to the outside of the cloud in the second data packet, performing outbound transmission of the second data packet;
upon receiving a second reply packet to the second data packet, transmitting the second reply packet to the computing node based on the recorded tunnel address of the node transmitting the second data packet;
and the second data packet is a data packet sent to the main network node by the computing node when the computing node determines that the link between the computing node and the main network node is fault-free.
In one embodiment, the method further comprises:
after receiving a second data packet sent by the computing node, judging whether the recorded tunnel address of the node sending the second data packet is matched with a source address in the second data packet;
if yes, updating the aging time countdown of the first flow table corresponding to the computing node;
wherein, every time the aging time countdown of the first flow table is updated, the aging time countdown of the first flow table is gradually reduced from the set value a until the first flow table is deleted when the reduction is 0; a is a set value greater than 0.
In one embodiment, the method further comprises:
a priority value is configured for the first flow table of the computing node, and the configured priority value is a highest priority threshold set such that when the first flow table is present, the primary network node processes data about the computing node based on the first flow table.
In one embodiment, the method further comprises:
and when judging that the recorded tunnel address of the node for sending the second data packet belongs to the computing node and the source address in the second data packet does not belong to the computing node, determining that the recorded tunnel address of the node for sending the second data packet is not matched with the source address in the second data packet, and discarding the second data packet.
In one embodiment, the method further comprises:
and sending preset prompt information to the computing node and the source address in the second data packet.
In one embodiment, the method further comprises:
when the primary network node detects that the link between itself and the computing node has failed in the case that the link between itself and the computing node has no failure, the primary flow table corresponding to the computing node is immediately deleted.
In one embodiment, the first data packet is a data packet that is sent by the computing node to the first standby network node and then sent by the first standby network node to the main network node after determining that the link between the computing node and the main network node fails when the computing node detects the link failure state between the computing node and the main network node through a preset protocol for bidirectional forwarding detection.
In one embodiment, the method further comprises:
updating an aging time countdown of a second flow table corresponding to the first standby network node after receiving a first data packet sent by the first standby network node;
Wherein, every time the ageing time countdown of the second flow table is updated, the ageing time countdown of the second flow table is gradually reduced from the set value b until the ageing time countdown is reduced to 0, and the second flow table is deleted; b is a set value greater than 0.
In one embodiment, the method further comprises:
configuring a priority value for the second flow table of the first standby network node, wherein the configured priority value is the sum of a set basic value and a set increment value;
the increment value is a value which is preset for the first standby network node and is larger than 0, and the increment values of the standby network nodes in the cloud platform are different from each other;
the priority values of all the flow tables translated by the main network node through the port binding table are equal to the basic value, and the aging time countdown does not exist in all the flow tables translated by the main network node through the port binding table.
A cloud internal and external communication method is applied to a computing node of a cloud platform and comprises the following steps:
judging whether a link between the computing node and a main network node fails or not;
if so, sending a first data packet to a first standby network node, so that the first standby network node sends the first data packet to the main network node, and after receiving the first data packet, the main network node sends the first data packet to the outside and records the tunnel address of the node sending the first data packet;
Receiving a first return packet aiming at the first data packet by the main network node, and receiving the first return packet sent by the first standby network node after the first return packet is sent to the first standby network node based on the recorded tunnel address of the node which sends the first data packet;
the first standby network node is the standby network node with the highest priority selected by the computing node from the current standby network nodes.
In one embodiment, the method further comprises:
after judging that the link between the computing node and the main network node fails, deleting the flow table of the computing node pointing to the main network node, and generating the flow table pointing to the first standby network node.
In one embodiment, the method further comprises:
and deleting the generated flow table pointing to the first standby network node and generating the flow table pointing to the main network node when the computing node detects that the link between the computing node and the main network node is recovered to be normal.
In one embodiment, the method further comprises:
and recording the link fault condition between the computing node and the main network node in the first time period, and outputting a recording result.
In one embodiment, the method further comprises:
and automatically analyzing the recorded result, and outputting a fault analysis result comprising the occurrence frequency of faults, the distribution of fault occurrence time periods and the distribution of single fault duration.
A cloud internal and external communication method is applied to a first standby network node of a cloud platform and comprises the following steps:
after a computing node determines that a link between the computing node and a main network node fails, receiving a first data packet sent by the computing node;
transmitting the first data packet to the main network node, so that the main network node performs outward transmission of the first data packet after receiving the first data packet, and the main network node records a tunnel address of a node transmitting the first data packet;
receiving a first packet sent by the main network node after the main network node receives the first packet for the first data packet and sends the first packet based on the recorded tunnel address of the node sending the first data packet;
transmitting the received first return packet to the computing node;
the first standby network node is the standby network node with the highest priority selected by the computing node from the current standby network nodes.
In one embodiment, the method further comprises:
when determining that the current main network node is down, the first standby network node switches itself to a new main network node, and selects a new first standby network node from the rest standby network nodes.
In one embodiment, the method further comprises:
judging whether to start the forwarding service of the active/standby network node;
if not, discarding the first data packet after receiving the first data packet;
and if so, executing the operation of sending the first data packet to the main network node.
A system for communication between inside and outside a cloud, applied to a main network node of a cloud platform, comprising:
the first data packet receiving module is used for receiving a first data packet sent by the first standby network node;
the tunnel address recording module is used for recording the tunnel address of the node which sends the first data packet;
the external sending module is used for sending the first data packet outwards based on a destination address pointing to the outside of the cloud in the first data packet;
a first packet-returning processing module, configured to, when receiving a first packet-returning for the first data packet, send the first packet-returning to the first standby network node based on the recorded tunnel address of the node that sends the first data packet, so that the first standby network node sends the first packet-returning to a computing node;
The first data packet is a data packet which is sent to the first standby network node by the computing node after the computing node determines that the link between the computing node and the main network node fails, and then is sent to the main network node by the first standby network node;
the first standby network node is the standby network node with the highest priority selected by the computing node from the current standby network nodes.
A system for communication between inside and outside a cloud, applied to a computing node of a cloud platform, comprising:
the link fault judging module is used for judging whether a link between the computing node and the main network node is faulty or not, and if so, the first data packet forwarding module is triggered;
the forwarding module is used for: transmitting a first data packet to a first standby network node, so that the first standby network node transmits the first data packet to the main network node, and after receiving the first data packet, the main network node performs outward transmission of the first data packet and records a tunnel address of a node transmitting the first data packet;
a first packet-returning receiving module, configured to receive, at the primary network node, a first packet returned for the first data packet, and receive, after the first packet returned is sent to the first standby network node based on the recorded tunnel address of the node that sends the first data packet, the first packet returned sent by the first standby network node;
The first standby network node is the standby network node with the highest priority selected by the computing node from the current standby network nodes.
A system for communication between inside and outside a cloud, which is applied to a first standby network node of a cloud platform, comprising:
the first data packet receiving module is used for receiving a first data packet sent by the computing node after the computing node determines that the link between the computing node and the main network node fails;
the first data packet forwarding module is configured to send the first data packet to the primary network node, so that the primary network node performs outbound sending of the first data packet after receiving the first data packet, and the primary network node records a tunnel address of a node sending the first data packet;
a first packet forwarding module, configured to receive a first packet sent by the primary network node after the primary network node receives the first packet for the first data packet, and sends the first packet based on the recorded tunnel address of the node sending the first data packet;
transmitting the received first return packet to the computing node;
The first standby network node is the standby network node with the highest priority selected by the computing node from the current standby network nodes.
An apparatus for cloud-to-cloud communication, comprising:
a memory for storing a computer program;
a processor for executing the computer program to implement the steps of the method of cloud-to-cloud communication as described above.
A computer readable storage medium having stored thereon a computer program which when executed by a processor performs the steps of a method of intra-cloud and inter-cloud communication as described above.
By applying the technical scheme provided by the embodiment of the invention, the applicant considers that the situation that the traffic transmission failure of the computing node to be transmitted to the outside of the cloud occurs is mainly caused by the fact that the main network node determined by the computing node is inconsistent with the main network node promoted by each network node. Specifically, although the problem of downtime of the main network node can be solved through the configuration of the main network node and the standby network node, in practical application, the current main network node is not downtime, but due to physical links, safety rule limitation and other reasons, the condition that links between 1 or more computing nodes and the main network node are not feasible is caused. I.e. 4 of e.g. 5 computing nodes may normally communicate with the current master network node, whereby intra-cloud and inter-cloud communication is achieved, i.e. the master network node at this time is operating normally. However, when there is a link failure between 1 of the 5 computing nodes and the primary network node, in the conventional scheme, the computing node considers that the primary network node is down, and then selects a new primary network node from the remaining standby network nodes and sends a data packet to be transmitted to outside the cloud, and the communication between the network nodes is normal, that is, the new primary network node determined by the computing node is actually a standby network node, and after the standby network node receives the data packet sent by the computing node, the router gateway is currently bound in the primary network node, that is, the standby network node cannot provide the function of outside-cloud access, so that the standby network node directly discards the received data packet.
In contrast, in the scheme of the application, aiming at the situation, the computing node can still be ensured to successfully realize communication between the cloud and the outside. Specifically, after determining that the link between the computing node and the primary network node fails, the computing node cannot directly send data to the primary network node, so that the computing node may send a data packet to the first standby network node, and the first standby network node may not directly discard the data packet, but may send the data packet to the primary network node, so that the primary network node receives the first data packet sent by the first standby network node. The first standby network node is the standby network node with the highest priority selected by the computing node from the current standby network nodes. After receiving the first data packet, the main network node can send the first data packet outwards based on the destination address pointing to the outside of the cloud in the first data packet, and in order to realize the subsequent efficient packet returning, the main network node records the tunnel address of the node sending the first data packet after receiving the first data packet, namely records the direct source of the first data packet, namely the first standby network node at the moment, so that when receiving the first packet returning to the first data packet, the main network node can send the first packet returning to the first standby network node based on the recorded tunnel address of the first data packet, and then the first standby network node sends the first packet returning to the computing node, thereby realizing the internal and external communication of the cloud required by the computing node on the premise of realizing the link failure between the computing node and the main network node under the cooperation of the main network node.
Drawings
In order to more clearly illustrate the embodiments of the invention or the technical solutions in the prior art, the drawings that are required in the embodiments or the description of the prior art will be briefly described, it being obvious that the drawings in the following description are only some embodiments of the invention, and that other drawings may be obtained according to these drawings without inventive effort for a person skilled in the art.
Fig. 1 is a flow chart of an implementation of a method for communication between inside and outside a cloud, which is applied to a main network node of a cloud platform;
FIG. 2 is a schematic diagram illustrating a transmission process of a data packet sent by a computing node in a specific case of the present invention;
FIG. 3 is a schematic diagram illustrating a transmission process of a data packet sent by a computing node in another embodiment of the present invention;
FIG. 4 is a flowchart of a method for communication between inside and outside of a cloud, which is applied to a computing node of a cloud platform;
fig. 5 is a flowchart of an implementation of a method for communication between inside and outside a cloud, which is applied to a first standby network node of a cloud platform;
fig. 6 is a schematic structural diagram of a system for communication between the inside and the outside of a cloud, which is applied to a main network node of a cloud platform;
Fig. 7 is a schematic structural diagram of a system for communication between the inside and the outside of a cloud, which is applied to a computing node of a cloud platform;
fig. 8 is a schematic structural diagram of a system for communication between the inside and the outside of a cloud, which is applied to a first standby network node of a cloud platform;
fig. 9 is a schematic structural diagram of a device for communication between inside and outside of a cloud in the present invention;
fig. 10 is a schematic diagram of a computer readable storage medium according to the present invention.
Detailed Description
The core of the invention is to provide a method, a system, equipment and a storage medium for cloud internal and external communication, which can still effectively complete the cloud internal and external communication required by a computing node on the premise of realizing the link fault between the computing node and a main network node under the cooperation of main and standby network nodes, so that the reliability of the cloud internal and external communication is effectively improved by the scheme of the invention.
In order to better understand the aspects of the present invention, the present invention will be described in further detail with reference to the accompanying drawings and detailed description. It will be apparent that the described embodiments are only some, but not all, embodiments of the invention. All other embodiments, which can be made by those skilled in the art based on the embodiments of the invention without making any inventive effort, are intended to be within the scope of the invention.
Referring to fig. 1, fig. 1 is an implementation flowchart of a method for communication inside and outside a cloud in the present invention, which is applied to a main network node of a cloud platform, and the method for communication inside and outside the cloud can be applied to the main network node of the cloud platform, and includes the following steps:
step S101: a first data packet sent by a first standby network node is received.
Specifically, OVN (Open Virtual Network ) is a common architecture of a cloud platform, and the scheme of the present application may also adopt OVN architecture, that is, the scheme of the present application may not need to perform adjustment on the cloud platform architecture, and may directly implement, on the basis of OVN architecture, intra-cloud and inter-cloud communication required by the computing node when a link between the computing node and the main network node fails.
When OVN architecture is adopted, a more common scheme is to plan the flow table of the OVS (Open Virtual Switch ) again based on the OVN controller, and the two-layer forwarding and the three-layer forwarding of the scheme are completed in the OVS through the flow table, so that data interaction between processes is reduced, forwarding efficiency is improved, consumption of system resources is reduced, the OVN has the advantage of congenital distribution, the three-layer forwarding is completed locally, and the cost of three-layer forwarding by a network node is reduced.
In the scheme of the application, if the main network node is not down, but a link between the main network node and a certain computing node is failed, for the computing node, whether only the communication link is failed or the main network node is indeed down cannot be distinguished, and the computing node can send the first data packet to the first standby network node. Because the primary network node is not actually down, the first standby network node may send the first data packet to the primary network node, that is, the primary network node may work normally at this time, and the primary network node may communicate with the first standby network node normally.
It can be seen that, the first data packet described in the present application is a data packet that is sent by the computing node to the first standby network node after determining that the link between the computing node and the primary network node fails, and then sent by the first standby network node to the primary network node.
Since there may be multiple standby network nodes and the order of priority is set, the first standby network node refers to the standby network node with the highest priority selected by the computing node from the current standby network nodes.
Referring to fig. 2, a schematic diagram of a transmission process of a data packet sent by a computing node in a specific case of the present invention is shown, where a virtual machine 192.168.1.10 is deployed on a certain computing node, and in the case of fig. 2, the computing node is referred to as computing node 1, and a tunnel address of the computing node 1 is 7.7.7.20. 1 or more virtual machines may be deployed in the computing node 1, for example, in the scenario of fig. 2, the virtual machine 192.168.1.10 in the computing node 1 has a need to access the external cloud address 100.2.168.1, that is, the computing node 1 needs to send the first data packet to the external cloud address 100.2.168.1.
As described above, the intra-cloud and the extra-cloud cannot directly communicate with each other, so when the computing node 1 needs to send the first data packet to the extra-cloud address 100.2.168.1, the first data packet needs to be forwarded through the router gateway 100.2.168.10, that is, all the computing nodes related to the router gateway need to access the traffic outside the cloud, and all the traffic is sent to the network node with the highest priority, that is, to the network node deployed by the gateway 100.2.168.10, where the gateway 100.2.168.10 is specifically deployed in the main network node of fig. 2, because the main network node is not down.
Since the computing node 1 in fig. 2 detects a link failure between itself and the primary network node, in the scheme of the present application, the computing node 1 selects a standby network node with the highest priority from the current standby network nodes, as a first standby network node, and in fig. 2, the tunnel address of the determined first standby network node is 7.7.7.11.
In the OVN architecture, communication is typically implemented using an Overlay network. When the Overlay network is used, devices can be interconnected through logic links according to requirements to form an Overlay topology. When a tunnel is established between the interconnected Overlay devices and a data packet is ready to be transmitted, the devices may add a new tunnel header to the data packet and shield the IP header of the inner layer, that is, the data packet may be transmitted according to the newly added tunnel header. When the data packet is transmitted to the receiving equipment, the external tunnel head is discarded to obtain the original data packet, and the Overlay network can have various network protocols and standards and can be selected according to actual needs.
In the example of fig. 2, since the tunnel address of the computing node 1 is 7.7.7.20 and the tunnel address of the first standby network node is 7.7.7.11, when the computing node 1 transmits the first packet to the first standby network node, the tunnel address of the sender is 7.7.7.20 and the tunnel address of the receiver is 7.7.7.11 in the encapsulated tunnel header, so that the first packet may be transmitted to the first standby network node.
After the first standby network node receives the first data packet, if the first data packet is confirmed to be a valid packet, the first data packet can be forwarded, that is, sent to the main network node, and the specific implementation manner of the first standby network node for confirming whether the received first data packet is a valid packet can be various, for example, through checking check bits, through judging the validity of a corresponding address in the data packet, and the like, the first standby network node can be set and adjusted according to actual needs.
Step S102: the tunnel address of the node that sent the first packet is recorded.
After receiving the first data packet sent by the first standby network node, the primary network node does not directly discard the tunnel header, but records the tunnel address of the node sending the first data packet. For example, in the example of fig. 2, since the tunnel address of the first standby network node is 7.7.7.11 and the tunnel address of the primary network node is 7.7.7.10, when the first standby network node transmits the first packet to the primary network node, the tunnel address of the sender is 7.7.7.11 in the encapsulated tunnel header, and the tunnel address of the receiver is 7.7.7.10. Such that after the primary network node receives the first data packet sent by the first standby network node, the tunnel address of the node sending the first data packet is recorded as 7.7.7.11, i.e. the tunnel address of the first standby network node is recorded. In other words, in step S102, the primary network node determines the direct source of the first data packet by recording the tunnel address of the node that sent the first data packet, where the direct source of the first data packet is the current first standby network node.
In addition, it should be noted that the conventional master network node does not have the function of directly source the recording data packet in step S102, and therefore, in practical application, the master network node needs to perform a function configuration in advance in order to enable the master network node to perform the function. In addition, it can be understood that, because each network node may be a master network node, each network node may be configured in advance, so as to effectively fulfill the requirements of the scheme of the present application. For example, in a specific case, the function configuration is implemented by a preset program, for example, the data sent to the logical routing port (logical router port) of the north-oriented database OVN may be added with an attribute information, so that when the background process OVN translates the routing gateway information into the south-oriented flow table, the logical flow table may be additionally added, so that the master network node determines from which node the data packet is sent to the local network node, and records, that is, records the tunnel address of the node sending the first data packet in step S102.
Step S103: and performing outward transmission of the first data packet based on the destination address pointing to the outside of the cloud in the first data packet.
After receiving the first data packet, the main network node can send the first data packet outwards based on the destination address which is carried in the first data packet and points to the outside of the cloud. For example, in the example of fig. 2 above, the destination address that points to the outside of the cloud and is carried in the first packet is the outside-cloud address 100.2.168.1.
Step S104: upon receiving a first reply packet to the first data packet, the first reply packet is sent to the first standby network node based on the recorded tunnel address of the node sending the first data packet, so that the first reply packet is sent to the computing node by the first standby network node.
Normally, after the primary network node performs the outbound sending of the first data packet, the primary network node may receive the first packet of the first data packet, that is, the first packet should be fed back to the source address of the first data packet, for example, in the case of fig. 2, the sending of the data packet is performed by the virtual machine 192.168.1.10 in the computing node 1, so the primary network node needs to feed back the first packet to the virtual machine 192.168.1.10. However, due to the link failure between the primary network node and the computing node 1, and the primary network node has previously recorded a direct source of the first data packet, i.e. the first standby network node, the primary network node may send the first echo packet to the first standby network node based on the previously recorded tunnel address of the node sending the first data packet, and the first echo packet is then sent to the computing node by the first standby network node.
As can be seen from the above flow, in the scheme of the present application, under the cooperation of the primary network node and the first standby network node, even if the link between the computing node and the primary network node fails, the intra-cloud and inter-cloud communication required by the computing node is still effectively completed.
In one embodiment of the present invention, the method may further comprise the steps of:
step one: receiving a second data packet sent by the computing node;
step two: recording the tunnel address of the node sending the second data packet;
step three: based on the destination address pointing out of the cloud in the second data packet, performing outward sending of the second data packet;
step four: when a second packet for the second data packet is received, sending the second packet to the computing node based on the recorded tunnel address of the node sending the second data packet;
the second data packet is a data packet sent to the main network node by the computing node when the computing node determines that the link between the computing node and the main network node has no fault.
In the above, the process of implementing the intra-and-inter-cloud communication required by a computing node in case of a link failure between the computing node and a primary network node is described. In the embodiment of the application, the cloud internal and external communication required by the computing node can be realized under the normal condition that all the nodes are communicated, namely, after the scheme of the application is started, the method and the device can not only cope with the fault condition described above, but also can be implemented under the normal condition.
In particular, in this embodiment, when the link between the computing node and the primary network node is not faulty, the data packet sent by the computing node to the primary network node is referred to as a second data packet. For easy understanding, referring to fig. 3, a schematic diagram of a transmission process of a data packet sent by a computing node in another specific scenario of the present invention may be seen, where the architecture of fig. 3 is the same as that of fig. 2, and the difference is that in the scenario of fig. 3, the link between the computing node 1 and the primary network node is fault-free.
In the scenario of fig. 3, the virtual machine 192.168.1.10 in the computing node 1 has a need to access the out-of-cloud address 100.2.168.1, i.e. the computing node 1 needs to send the second data packet to the out-of-cloud address 100.2.168.1. Since the intra-cloud and the extra-cloud cannot be directly communicated, when the computing node 1 needs to send the first data packet to the extra-cloud address 100.2.168.1, the first data packet needs to be forwarded through the router gateway 100.2.168.10, and at this time, the gateway 100.2.168.10 is deployed in the main network node in fig. 3.
Since in fig. 3 the link between the computing node 1 and the primary network node is free from failures, the computing node 1 may send the second data packet directly to the primary network node. Since the tunnel address of the computing node 1 is 7.7.7.20 and the tunnel address of the primary network node is 7.7.7.10, when the computing node 1 sends the second data packet to the primary network node, in the encapsulated tunnel header, the tunnel address of the sender is 7.7.7.20 and the tunnel address of the receiver is 7.7.7.10, so that the second data packet can be sent to the first standby network node.
After receiving the second data packet sent by the computing node 1 in the master network node, the tunnel address of the node sending the second data packet may be recorded. In the example of fig. 3, since the computing node 1 directly transmits the second data packet to the master network node, the recorded tunnel address of the node transmitting the second data packet is the tunnel address 7.7.7.20 of the computing node 1.
Thereafter, the primary network node may make an outbound transmission of the second data packet based on the outbound destination address 100.2.168.1 in the second data packet, and upon receiving a second reply packet for the second data packet, send the second reply packet to the virtual machine 192.168.1.10 of computing node 1 based on the recorded tunnel address 7.7.7.20 of the node sending the second data packet.
It should be noted that in some cases, the computing node may send the data packet in a broadcast manner, that is, in this embodiment, the computing node 1 may send the second data packet to the primary network node, and also send the second data packet to each of the standby network nodes, where the forwarding mechanism of the standby network node of the present application forwards the received second data packet to the primary network node. In this case, after the application of the scheme of the application, the main network node may obtain a plurality of second data packets, and in practical application, a simpler processing manner is that the main network node does not distinguish the second data packets, and all the second data packets are sent to the outside, and of course, in some cases, the main network node may also perform deduplication on the second data packets through program setting. Since broadcast packets are transmitted with smaller data size, i.e. with lower data size and lower frequency of occurrence, the former implementation is usually adopted, i.e. no special deduplication processing is needed.
In one embodiment of the present invention, the method may further include:
after receiving the second data packet sent by the computing node, judging whether the recorded tunnel address of the node sending the second data packet is matched with the source address in the second data packet;
if yes, updating the aging time countdown of the first flow table corresponding to the computing node;
wherein, every time the ageing time countdown of the first flow table is updated, the ageing time countdown of the first flow table is gradually reduced from the set value a until the ageing time countdown is reduced to 0, and the first flow table is deleted; a is a set value greater than 0.
In this embodiment, in consideration of the need to implement data transfer based on the flow table in the OVN architecture, in order to ensure the data transfer manner described in the foregoing embodiment, it is considered that creation of the flow table may be performed and may generally be set to a higher priority, so as to avoid that the data transfer manner described in the foregoing embodiment is affected by the related flow table established in the default mode, that is, the default mode described herein is not adopted by the method of intra-cloud and inter-cloud communication of the present application, but is adopted by the original default mode.
Specifically, in this embodiment, after receiving the second data packet sent by the computing node, the master network node may determine whether the recorded tunnel address of the node sending the second data packet matches the source address in the second data packet. For example, in the example of fig. 3, the tunnel address of the node sending the second data packet recorded by the master network node is specifically 7.7.7.20, that is, the second data packet is sent from the computing node 1 through the tunnel address. The second data packet also records an active address, for example, in the example of fig. 3, where the source address recorded in the second data packet is the virtual machine 192.168.1.10, and the source address 192.168.1.10, which is determined by looking up the relevant configuration information, is the virtual machine in the computing node 1, that is, the tunnel address 7.7.7.20 indicating the recorded node sending the second data packet is matched with the source address 192.168.1.10 in the second data packet, so that the aging time countdown of the first flow table corresponding to the computing node can be updated.
The master network node may be communicatively coupled to a plurality of computing nodes, and for each computing node, the master network node may maintain an aging flow table corresponding to that computing node, i.e., the first flow table described in this embodiment. The first flow table may age, i.e., indicate that the first flow table is not permanently present, e.g., in one instance, the age countdown a is set to 180 seconds, i.e., the age countdown of the first flow table is refreshed to 180 seconds each time the age countdown of the first flow table is updated, then begins to decrease gradually, and in 180, if no update is triggered, the value decreases to 0, at which point the first flow table is deleted.
It may be understood that, the trigger condition for updating the first flow table is that the primary network node receives the data packet sent by the computing node or receives the packet directed to the computing node, and the aging time countdown of the first flow table may be updated immediately, that is, the aging time countdown of the first flow table is refreshed to 180 seconds. It will also be appreciated that if the primary network node does not currently have a first flow table stored therein that corresponds to a particular computing node, then if a data packet sent by that computing node is received, the first flow table corresponding to that computing node may be generated and the aging time countdown set to 180 seconds.
In one embodiment of the present invention, the method may further include:
a priority value is configured for a first flow table of the compute node, and the configured priority value is a highest priority threshold set such that when the first flow table exists, the master network node processes data about the compute node based on the first flow table.
As described above, in order to guarantee the data transfer manner described in the above embodiment, the creation of the corresponding flow table may be performed and may generally be set to a higher priority, which embodiment further considers that, when the communication link between the computing node and the primary network node is normal, i.e. for the above, the primary network node directly receives the second data packet sent by the computing node, and the recorded tunnel address of the node sending the second data packet matches the source address in the second data packet, so as to update the embodiment of the first flow table corresponding to the computing node, due to the normal communication, the first flow table of the computing node may be configured with the highest priority value, i.e. the configured priority value is the set highest priority threshold, e.g. the set highest priority threshold is 1000, so that when the first flow table exists, the primary network node may process the data about the computing node based on the first flow table without being interfered by other flow tables.
Further, in a specific embodiment of the present invention, the method may further include:
when the recorded tunnel address of the node sending the second data packet is judged to belong to the computing node and the source address in the second data packet is not judged to belong to the computing node, the recorded tunnel address of the node sending the second data packet is determined to be not matched with the source address in the second data packet, and the second data packet is discarded.
In this embodiment, the primary network node directly discards the second data packet to avoid continuous transmission of error data, that is, this embodiment may terminate transmission of error data in time, if the recorded tunnel address belongs to a certain computing node, but the source address in the second data packet does not belong to the computing node, or the data transmission process is wrong, or the flow table of the relevant computing node itself is wrong, which is caused by reasons such as error.
Further, the method may further include: and sending preset prompt information to the computing node and the source address in the second data packet.
In this embodiment, in consideration of the foregoing mismatch, for the computing node to which the tunnel address belongs and the computing node to which the source address in the second data packet belongs, preset prompt information may be sent to prompt for an abnormal condition. Of course, in some cases, if the recorded tunnel address of the node sending the second data packet is an invalid address, or if the source address in the second data packet is an invalid address, then it may not be necessary to send the hint information to the invalid address.
In one embodiment of the present invention, the method may further include:
when the main network node detects that the link between itself and the computing node has failed under the condition that the link between itself and the computing node has no failure, the first flow table corresponding to the computing node is immediately deleted.
This embodiment allows for the first flow table to be created without failure of the link between the primary network node and the computing node, and if at some point the primary network node detects that the link between itself and the computing node has failed, although the first flow table will age, this is time consuming, in which case the first flow table corresponding to the computing node may be deleted immediately, which ensures that the first flow table will switch immediately after the link is broken, rather than waiting for a long time for no data packets to be received, and will fail after the first flow table has aged naturally, i.e. this embodiment may avoid situations where traffic cannot be restored for a long time.
In one embodiment of the present invention, the method further comprises:
after receiving a first data packet sent by a first standby network node, updating an aging time countdown of a second flow table corresponding to the first standby network node;
wherein, every time the ageing time countdown of the second flow table is updated, the ageing time countdown of the second flow table is gradually reduced from the set value b until the ageing time countdown is reduced to 0, and the second flow table is deleted; b is a set value greater than 0.
In the foregoing embodiment, it was described that in the case where a computing node communicates normally with a primary network node, a first flow table corresponding to the computing node is provided in the primary network node, and the highest priority is configured so that in the normal case, all data packets concerning the computing node can be processed based on the first flow table. As described above, the case where the primary network node is not down, but the link between the computing node and the primary network node fails, is a case where the first standby network node sends the first data packet to the primary network node, and in this embodiment, in order to ensure data transfer in this case, the primary network node may update the aging time countdown of the second flow table corresponding to the first standby network node after receiving the first data packet sent by the first standby network node. The ageing time count down of the second flow chart is gradually decreased from the set value b, for example b may likewise be set to 180 seconds.
In one embodiment of the present invention, the method may further include:
configuring a priority value for a second flow table of the first standby network node, wherein the configured priority value is the sum of a set basic value and a set increment value;
the increment value is a value which is preset for the first standby network node and is larger than 0, and the increment values of the standby network nodes in the cloud platform are different from each other;
the priority values of all the flow tables translated by the main network node through the port binding table are equal to the basic value, and the aging time countdown does not exist in all the flow tables translated by the main network node through the port binding table.
Such an embodiment contemplates that if the first flow table exists, indicating that the computing node is communicating with the primary network node normally, the other flow tables should not affect the first flow table, and therefore the first flow table is configured with the highest priority 1000 hereinabove, i.e., in such an embodiment, the priority value configured for the second flow table should not be higher than the highest priority threshold 1000 hereinabove. However, as in the above, the second flow table established in this embodiment should not be affected by the related flow table established in the default mode, so as to ensure that, when the first flow table does not exist, the above-mentioned data transfer process under the condition of the link failure between the computing node and the primary network node can be implemented based on the second flow table.
In this embodiment, a priority value is configured for the second flow table of the first standby network node, and is the sum of the set base value and the set increment value. For example, the set basic value is 100, that is, the priority values of the related flow tables established in the default mode are all fixed to be 100, in practical application, the priority values of the related flow tables established in the default mode, that is, the priority values of the flow tables translated by the main network node through the port binding table are all equal to the basic value, which is usually the flow tables translated by the port binding table. For distinguishing between different standby network nodes, the increment values of the respective standby network nodes may be different from each other, for example, the higher the priority of the standby network node, the larger the increment value may be, for example, in one case, the increment value of each standby network node is sequentially 1 to 10, and the priority value of the second flow table of the current first standby network node is 100+10=110.
In a specific embodiment of the present invention, the first data packet is a data packet that is sent by the computing node to the first standby network node after determining that the link between the computing node and the main network node fails when the computing node detects the link failure state between itself and the main network node through a preset protocol for bidirectional forwarding detection.
That is, in this embodiment, the computing node detects a link failure state between itself and the primary network node through a preset protocol for performing bidirectional forwarding detection.
In the scheme of the application, the computing node can detect the link fault state between itself and the main network node through the preset protocol for performing bidirectional forwarding detection, namely when the implementation mode is adopted, the BFD (Bidirectional Forwarding Detection ) protocol can be adopted, and based on the mechanism of bidirectional forwarding detection, the computing node can detect whether the link between itself and the main network node is faulty or not, and the main network node can also detect whether the link between itself and the computing node is faulty or not, so that the functional requirements in each implementation mode of the application can be effectively met. In practical application, the preset protocol for bidirectional forwarding detection can generally provide millisecond detection, so as to realize rapid fault detection of the link.
Referring to fig. 4, a flowchart of an implementation of the method for communication between inside and outside of a cloud in a computing node of a cloud platform according to the present invention includes the following steps:
step S401: judging whether a link between the computing node and the main network node fails or not;
If yes, step S402 is performed: the method comprises the steps that a first data packet is sent to a first standby network node, the first standby network node sends the first data packet to a main network node, and after the main network node receives the first data packet, the main network node sends the first data packet outwards and records the tunnel address of the node sending the first data packet;
step S403: receiving a first packet for the first data packet at the main network node, and receiving the first packet sent by the first standby network node after the first packet is sent to the first standby network node based on the recorded tunnel address of the node sending the first data packet;
the first standby network node is the standby network node with the highest priority selected by the computing node from the current standby network nodes.
In this embodiment, when the computing node determines that a link between itself and the primary network node fails, the computing node may send the first data packet to the primary network node through the first standby network node, and receive the first return packet through the first standby network node, so as to implement communication between the cloud and the cloud, where relevant parts may refer to the description above and may refer to the description above correspondingly to each other, and no repeated explanation is provided herein.
Further, in a specific embodiment of the present invention, the method may further include:
after judging that the link between the computing node and the main network node fails, deleting the flow table of the computing node pointing to the main network node, and generating the flow table pointing to the first standby network node.
In this embodiment, after determining that the link between the computing node and the primary network node fails, the computing node may delete the flow table originally pointed to the primary network node in the computing node and generate the flow table pointed to the primary network node, because the computing node needs to send the first data packet to the first standby network node and send the first data packet to the new primary network node considered by the computing node itself. For example, in the example above, computing node 1 may delete the flow table directed to primary network node 7.7.7.10 and generate the flow table directed to first standby network node 7.7.7.11.
Further, in a specific embodiment of the present invention, the method may further include:
when the computing node detects that the link between itself and the main network node is recovered to normal, deleting the generated flow table pointing to the first standby network node, and generating the flow table pointing to the main network node.
In this embodiment, if the computing node detects that the link between itself and the primary network node is restored to be normal, the flow table generated before and directed to the primary network node may be deleted, i.e. a higher priority network node appears to the computing node, so that the flow table directed to the primary network node needs to be generated and the flow table directed to the higher priority primary network node needs to be generated, so that when the data packet is transmitted subsequently, the data packet does not need to be forwarded through the primary network node any more, but can be directly sent to the primary network node.
In one embodiment of the present invention, the method may further include:
and recording the link fault condition between the computing node and the main network node in the first time period, and outputting a recording result.
According to the embodiment, the situation that the main network node is not down, but the abnormal situation that the link between the computing node and the main network node is in fault is considered, the situation can be counted in the first time, for example, the first time can be set to be one month, three months and the like, so that the follow-up staff can be assisted in checking the abnormal situation based on the recorded result, and the reliability of the cloud platform is improved.
In one embodiment of the present invention, the method may further include:
and automatically analyzing the recorded result, and outputting a fault analysis result comprising the fault occurrence frequency, the distribution of fault occurrence time periods and the distribution of single fault duration.
In the embodiment, in order to facilitate the analysis of the staff, the recorded result can be automatically analyzed, the output fault analysis result should include three items of data which can effectively reflect the fault characteristics, namely the fault occurrence frequency, the distribution of the fault occurrence time period and the distribution of the single fault duration time, for example, in one occasion, the fault occurrence time period is found to be concentrated in the occasion with larger flow, and the staff can perform adaptive processing based on the information so as to reduce the occurrence probability of the link fault condition of the computing node and the main network node.
Referring to fig. 5, a flowchart of an implementation of the method for communication between inside and outside of a cloud in the present invention, applied to a first standby network node of a cloud platform, includes the following steps:
step S501: after the computing node determines that a link between the computing node and the main network node fails, receiving a first data packet sent by the computing node;
Step S502: the method comprises the steps that a first data packet is sent to a main network node, so that the main network node sends the first data packet outwards after receiving the first data packet, and the main network node records the tunnel address of the node sending the first data packet;
step S503: after the primary network node receives a first packet for the first data packet, and sends the first packet based on the recorded tunnel address of the node sending the first data packet, the primary network node receives the first packet sent by the primary network node;
step S504: transmitting the received first return packet to the computing node;
the first standby network node is the standby network node with the highest priority selected by the computing node from the current standby network nodes.
In this embodiment, when a link between the computing node and the primary network node fails, the first data packet sent by the computing node may be received by the first standby network node and sent to the primary network node. And, the first standby network node may receive the first packet sent by the main network node, and further send the first packet to the computing node, so as to implement communication between the cloud and the cloud, where relevant parts may refer to the description above and may refer to the description above correspondingly, and the description will not be repeated here.
In one embodiment of the present invention, the method may further include:
when determining that the current main network node is down, the first standby network node switches itself to a new main network node, and selects a new first standby network node from the rest standby network nodes.
In this embodiment, the situation that the main network node may be down is considered, at this time, the first standby network node may switch itself to a new main network node to replace the original function of the main network node, and a new first standby network node may be selected from the remaining standby network nodes, where, of course, if only 2 network nodes are provided in some occasions, one is used as the main network node, and the other is used as the first standby network node, then the new first standby network node cannot be selected at this time.
In one embodiment of the present invention, the method may further include:
judging whether to start the forwarding service of the active/standby network node;
if not, discarding the first data packet after receiving the first data packet;
if so, the operation of step S502 is performed.
In this embodiment, whether to start the forwarding service of the active/standby network node can be determined, and typically, the determination can be performed based on the configuration file. If it is determined that the forwarding service of the primary and secondary network nodes needs to be started, that is, the user selects the function of using the scheme, therefore, after receiving the first data packet, the first data packet may be sent to the primary network node to implement the subsequent flow, and if the user does not select the function of using the scheme, the primary processing manner may be adopted, that is, since the first data packet is received at this time, the primary network node is the primary network node instead of the primary network node, and the first data packet may be directly discarded by the primary network node after the first data packet is received.
By applying the technical scheme provided by the embodiment of the invention, the applicant considers that the situation that the traffic transmission failure of the computing node to be transmitted to the outside of the cloud occurs is mainly caused by the fact that the main network node determined by the computing node is inconsistent with the main network node promoted by each network node. Specifically, although the problem of downtime of the main network node can be solved through the configuration of the main network node and the standby network node, in practical application, the current main network node is not downtime, but due to physical links, safety rule limitation and other reasons, the condition that links between 1 or more computing nodes and the main network node are not feasible is caused. I.e. 4 of e.g. 5 computing nodes may normally communicate with the current master network node, whereby intra-cloud and inter-cloud communication is achieved, i.e. the master network node at this time is operating normally. However, when there is a link failure between 1 of the 5 computing nodes and the primary network node, in the conventional scheme, the computing node considers that the primary network node is down, and then selects a new primary network node from the remaining standby network nodes and sends a data packet to be transmitted to outside the cloud, and the communication between the network nodes is normal, that is, the new primary network node determined by the computing node is actually a standby network node, and after the standby network node receives the data packet sent by the computing node, the router gateway is currently bound in the primary network node, that is, the standby network node cannot provide the function of outside-cloud access, so that the standby network node directly discards the received data packet.
In contrast, in the scheme of the application, aiming at the situation, the computing node can still be ensured to successfully realize communication between the cloud and the outside. Specifically, after determining that the link between the computing node and the primary network node fails, the computing node cannot directly send data to the primary network node, so that the computing node may send a data packet to the first standby network node, and the first standby network node may not directly discard the data packet, but may send the data packet to the primary network node, so that the primary network node receives the first data packet sent by the first standby network node. The first standby network node is the standby network node with the highest priority selected by the computing node from the current standby network nodes. After receiving the first data packet, the main network node can send the first data packet outwards based on the destination address pointing to the outside of the cloud in the first data packet, and in order to realize the subsequent efficient packet returning, the main network node records the tunnel address of the node sending the first data packet after receiving the first data packet, namely records the direct source of the first data packet, namely the first standby network node at the moment, so that when receiving the first packet returning to the first data packet, the main network node can send the first packet returning to the first standby network node based on the recorded tunnel address of the first data packet, and then the first standby network node sends the first packet returning to the computing node, thereby realizing the internal and external communication of the cloud required by the computing node on the premise of realizing the link failure between the computing node and the main network node under the cooperation of the main network node.
Corresponding to the above method embodiment, the embodiment of the invention also provides a system for communication inside and outside the cloud, which can be correspondingly referred to above.
Referring to fig. 6, a schematic structural diagram of a system for communication between the inside and the outside of a cloud in the present invention, which is applied to a main network node of a cloud platform, includes:
a receiving module 601, configured to receive a first data packet sent by a first standby network node;
a tunnel address recording module 602, configured to record a tunnel address of a node that sends the first data packet;
an outbound sending module 603, configured to send the first data packet to the outside based on the destination address pointing to the outside of the cloud in the first data packet;
a processing module 604, configured to, when receiving a first packet for the first data packet, send the first packet to the first standby network node based on the recorded tunnel address of the node sending the first data packet, so that the first standby network node sends the first packet to the computing node;
the first data packet is a data packet which is sent to the first standby network node by the computing node after determining that the link between the computing node and the main network node fails, and then is sent to the main network node by the first standby network node;
The first standby network node is the standby network node with the highest priority selected by the computing node from the current standby network nodes.
Referring to fig. 7, a schematic structural diagram of a system for communication between the inside and the outside of a cloud in the present invention, which is applied to a computing node of a cloud platform, includes:
a link failure determining module 701, configured to determine whether a link between the computing node itself and the primary network node fails, and if so, trigger a first sending module 702;
the first sending module 702 is configured to: the method comprises the steps that a first data packet is sent to a first standby network node, the first standby network node sends the first data packet to a main network node, and after the main network node receives the first data packet, the main network node sends the first data packet outwards and records the tunnel address of the node sending the first data packet;
a first packet-returning receiving module 703, configured to receive, at the primary network node, a first packet for the first data packet, and receive, after the first packet is sent to the first standby network node by the primary network node based on the recorded tunnel address of the node sending the first data packet;
the first standby network node is the standby network node with the highest priority selected by the computing node from the current standby network nodes.
Referring to fig. 8, a schematic structural diagram of a system for communication between the inside and the outside of a cloud in the present invention, which is applied to a first standby network node of a cloud platform, includes:
a first data packet receiving module 801, configured to receive a first data packet sent by a computing node after the computing node determines that a link between the computing node itself and a primary network node fails;
the first data packet forwarding module 802 is configured to send a first data packet to a primary network node, so that the primary network node performs external sending of the first data packet after receiving the first data packet, and the primary network node records a tunnel address of a node sending the first data packet;
a first packet forwarding module 803, configured to, after the primary network node receives a first packet for the first data packet and sends the first packet based on the recorded tunnel address of the node sending the first data packet, receive the first packet sent by the primary network node, and send the received first packet to the computing node;
the first standby network node is the standby network node with the highest priority selected by the computing node from the current standby network nodes.
Corresponding to the above method and system embodiments, the embodiments of the present invention further provide a device for communication between inside and outside of the cloud, and a computer readable storage medium, which can be referred to above in a mutually corresponding manner.
Referring to fig. 9, a schematic structural diagram of a device for communication inside and outside a cloud in the present invention may include:
a memory 901 for storing a computer program;
a processor 902 for executing a computer program to implement the steps of the method of cloud-to-cloud communication as in any of the embodiments described above.
Referring to fig. 10, a schematic structural diagram of a computer readable storage medium according to the present invention, where the computer readable storage medium 10 stores a computer program 11, and the computer program 11 implements the steps of the method for cloud internal and external communication in any of the embodiments described above when executed by a processor. The computer readable storage medium 10 as described herein includes Random Access Memory (RAM), memory, read Only Memory (ROM), electrically programmable ROM, electrically erasable programmable ROM, registers, hard disk, a removable disk, a CD-ROM, or any other form of storage medium known in the art.
It is further noted that relational terms such as first and second, and the like are used solely to distinguish one entity or action from another entity or action without necessarily requiring or implying any actual such relationship or order between such entities or actions. Moreover, the terms "comprises," "comprising," or any other variation thereof, are intended to cover a non-exclusive inclusion, such that a process, method, article, or apparatus that comprises a list of elements does not include only those elements but may include other elements not expressly listed or inherent to such process, method, article, or apparatus. Without further limitation, an element defined by the phrase "comprising one … …" does not exclude the presence of other like elements in a process, method, article, or apparatus that comprises the element. Those of skill would further appreciate that the various illustrative elements and algorithm steps described in connection with the embodiments disclosed herein may be implemented as electronic hardware, computer software, or combinations of both, and that the various illustrative elements and steps are described above generally in terms of functionality in order to clearly illustrate the interchangeability of hardware and software. Whether such functionality is implemented as hardware or software depends upon the particular application and design constraints imposed on the solution. Skilled artisans may implement the described functionality in varying ways for each particular application, but such implementation decisions should not be interpreted as causing a departure from the scope of the present invention.
The principles and embodiments of the present invention have been described herein with reference to specific examples, but the description of the examples above is only for aiding in understanding the technical solution of the present invention and its core ideas. It should be noted that it will be apparent to those skilled in the art that the present invention may be modified and practiced without departing from the spirit of the present invention.
Claims (23)
1. The method for communication inside and outside the cloud is characterized by being applied to a main network node of a cloud platform and comprising the following steps:
receiving a first data packet sent by a first standby network node;
recording the tunnel address of the node sending the first data packet;
based on a destination address pointing to the outside of the cloud in the first data packet, performing outward transmission of the first data packet;
when a first return packet for the first data packet is received, sending the first return packet to the first standby network node based on the recorded tunnel address of the node sending the first data packet, so that the first return packet is sent to a computing node by the first standby network node;
the first data packet is a data packet which is sent to the first standby network node by the computing node after the computing node determines that the link between the computing node and the main network node fails, and then is sent to the main network node by the first standby network node;
The first standby network node is the standby network node with the highest priority selected by the computing node from the current standby network nodes.
2. The method of cloud internal and external communication according to claim 1, further comprising:
receiving a second data packet sent by the computing node;
recording the tunnel address of the node sending the second data packet;
based on a destination address pointing to the outside of the cloud in the second data packet, performing outbound transmission of the second data packet;
upon receiving a second reply packet to the second data packet, transmitting the second reply packet to the computing node based on the recorded tunnel address of the node transmitting the second data packet;
and the second data packet is a data packet sent to the main network node by the computing node when the computing node determines that the link between the computing node and the main network node is fault-free.
3. The method of cloud internal and external communication according to claim 2, further comprising:
after receiving a second data packet sent by the computing node, judging whether the recorded tunnel address of the node sending the second data packet is matched with a source address in the second data packet;
If yes, updating the aging time countdown of the first flow table corresponding to the computing node;
wherein, every time the aging time countdown of the first flow table is updated, the aging time countdown of the first flow table is gradually reduced from the set value a until the first flow table is deleted when the reduction is 0; a is a set value greater than 0.
4. A method of cloud internal and external communication as claimed in claim 3, further comprising:
a priority value is configured for the first flow table of the computing node, and the configured priority value is a highest priority threshold set such that when the first flow table is present, the primary network node processes data about the computing node based on the first flow table.
5. A method of cloud internal and external communication as claimed in claim 3, further comprising:
and when judging that the recorded tunnel address of the node for sending the second data packet belongs to the computing node and the source address in the second data packet does not belong to the computing node, determining that the recorded tunnel address of the node for sending the second data packet is not matched with the source address in the second data packet, and discarding the second data packet.
6. The method of cloud internal and external communication of claim 5, further comprising:
and sending preset prompt information to the computing node and the source address in the second data packet.
7. A method of cloud internal and external communication as claimed in claim 3, further comprising:
when the primary network node detects that the link between itself and the computing node has failed in the case that the link between itself and the computing node has no failure, the primary flow table corresponding to the computing node is immediately deleted.
8. The method according to claim 1, wherein the first data packet is a data packet that is sent by the computing node to the first standby network node and then sent by the first standby network node to the main network node after determining that the link between the computing node and the main network node fails when the computing node detects the link failure state between itself and the main network node through a preset protocol for bidirectional forwarding detection.
9. The method of cloud internal and external communication according to any of claims 1 to 8, further comprising:
Updating an aging time countdown of a second flow table corresponding to the first standby network node after receiving a first data packet sent by the first standby network node;
wherein, every time the ageing time countdown of the second flow table is updated, the ageing time countdown of the second flow table is gradually reduced from the set value b until the ageing time countdown is reduced to 0, and the second flow table is deleted; b is a set value greater than 0.
10. The method of cloud internal and external communication of claim 9, further comprising:
configuring a priority value for the second flow table of the first standby network node, wherein the configured priority value is the sum of a set basic value and a set increment value;
the increment value is a value which is preset for the first standby network node and is larger than 0, and the increment values of the standby network nodes in the cloud platform are different from each other;
the priority values of all the flow tables translated by the main network node through the port binding table are equal to the basic value, and the aging time countdown does not exist in all the flow tables translated by the main network node through the port binding table.
11. The method for communication inside and outside the cloud is characterized by being applied to a computing node of a cloud platform and comprising the following steps of:
Judging whether a link between the computing node and a main network node fails or not;
if so, sending a first data packet to a first standby network node, so that the first standby network node sends the first data packet to the main network node, and after receiving the first data packet, the main network node sends the first data packet to the outside and records the tunnel address of the node sending the first data packet;
receiving a first return packet aiming at the first data packet by the main network node, and receiving the first return packet sent by the first standby network node after the first return packet is sent to the first standby network node based on the recorded tunnel address of the node which sends the first data packet;
the first standby network node is the standby network node with the highest priority selected by the computing node from the current standby network nodes.
12. The method of cloud internal and external communication of claim 11, further comprising:
after judging that the link between the computing node and the main network node fails, deleting the flow table of the computing node pointing to the main network node, and generating the flow table pointing to the first standby network node.
13. The method of cloud internal and external communication of claim 12, further comprising:
and deleting the generated flow table pointing to the first standby network node and generating the flow table pointing to the main network node when the computing node detects that the link between the computing node and the main network node is recovered to be normal.
14. The method of cloud internal and external communication according to any of claims 11 to 13, further comprising:
and recording the link fault condition between the computing node and the main network node in the first time period, and outputting a recording result.
15. The method of cloud internal and external communication of claim 14, further comprising:
and automatically analyzing the recorded result, and outputting a fault analysis result comprising the occurrence frequency of faults, the distribution of fault occurrence time periods and the distribution of single fault duration.
16. The method for communication inside and outside the cloud is characterized by being applied to a first standby network node of a cloud platform and comprising the following steps:
after a computing node determines that a link between the computing node and a main network node fails, receiving a first data packet sent by the computing node;
Transmitting the first data packet to the main network node, so that the main network node performs outward transmission of the first data packet after receiving the first data packet, and the main network node records a tunnel address of a node transmitting the first data packet;
receiving a first packet sent by the main network node after the main network node receives the first packet for the first data packet and sends the first packet based on the recorded tunnel address of the node sending the first data packet;
transmitting the received first return packet to the computing node;
the first standby network node is the standby network node with the highest priority selected by the computing node from the current standby network nodes.
17. The method of cloud internal and external communication of claim 16, further comprising:
when determining that the current main network node is down, the first standby network node switches itself to a new main network node, and selects a new first standby network node from the rest standby network nodes.
18. The method of cloud internal and external communication according to claim 16 or 17, further comprising:
Judging whether to start the forwarding service of the active/standby network node;
if not, discarding the first data packet after receiving the first data packet;
and if so, executing the operation of sending the first data packet to the main network node.
19. A system for cloud internal and external communication, which is applied to a main network node of a cloud platform, comprising:
the receiving module is used for receiving a first data packet sent by the first standby network node;
the tunnel address recording module is used for recording the tunnel address of the node which sends the first data packet;
the external sending module is used for sending the first data packet outwards based on a destination address pointing to the outside of the cloud in the first data packet;
a processing module, configured to, when receiving a first packet for the first data packet, send the first packet to the first standby network node based on the recorded tunnel address of the node that sends the first data packet, so that the first standby network node sends the first packet to a computing node;
the first data packet is a data packet which is sent to the first standby network node by the computing node after the computing node determines that the link between the computing node and the main network node fails, and then is sent to the main network node by the first standby network node;
The first standby network node is the standby network node with the highest priority selected by the computing node from the current standby network nodes.
20. A system for cloud-to-cloud communication, applied to a computing node of a cloud platform, comprising:
the link fault judging module is used for judging whether a link between the computing node and the main network node is faulty or not, and if so, the first sending module is triggered;
the first sending module is used for: transmitting a first data packet to a first standby network node, so that the first standby network node transmits the first data packet to the main network node, and after receiving the first data packet, the main network node performs outward transmission of the first data packet and records a tunnel address of a node transmitting the first data packet;
a first packet-returning receiving module, configured to receive, at the primary network node, a first packet returned for the first data packet, and receive, after the first packet returned is sent to the first standby network node based on the recorded tunnel address of the node that sends the first data packet, the first packet returned sent by the first standby network node;
The first standby network node is the standby network node with the highest priority selected by the computing node from the current standby network nodes.
21. The system for communication between the inside and outside of the cloud is characterized by being applied to a first standby network node of a cloud platform and comprising the following components:
the first data packet receiving module is used for receiving a first data packet sent by the computing node after the computing node determines that the link between the computing node and the main network node fails;
the first data packet forwarding module is configured to send the first data packet to the primary network node, so that the primary network node performs outbound sending of the first data packet after receiving the first data packet, and the primary network node records a tunnel address of a node sending the first data packet;
a first packet forwarding module, configured to receive, after the primary network node receives a first packet for the first data packet and sends the first packet based on the recorded tunnel address of the node sending the first data packet, receive the first packet sent by the primary network node, and send the received first packet to the computing node;
The first standby network node is the standby network node with the highest priority selected by the computing node from the current standby network nodes.
22. A device for cloud-to-cloud communication, comprising:
a memory for storing a computer program;
a processor for executing the computer program to implement the steps of the method of intra-and-inter-cloud communication of any of claims 1 to 10, or to implement the steps of the method of intra-and-inter-cloud communication of any of claims 11 to 15, or to implement the steps of the method of intra-and-inter-cloud communication of any of claims 16 to 18.
23. A computer readable storage medium, characterized in that the computer readable storage medium has stored thereon a computer program which, when executed by a processor, implements the steps of the method of intra-and inter-cloud communication according to any of claims 1 to 10, or the steps of the method of intra-and inter-cloud communication according to any of claims 11 to 15, or the steps of the method of intra-and inter-cloud communication according to any of claims 16 to 18.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202311246762.5A CN116996368B (en) | 2023-09-26 | 2023-09-26 | Method, system, equipment and storage medium for cloud internal and external communication |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202311246762.5A CN116996368B (en) | 2023-09-26 | 2023-09-26 | Method, system, equipment and storage medium for cloud internal and external communication |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN116996368A CN116996368A (en) | 2023-11-03 |
| CN116996368B true CN116996368B (en) | 2024-01-19 |
Family
ID=88534099
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202311246762.5A Active CN116996368B (en) | 2023-09-26 | 2023-09-26 | Method, system, equipment and storage medium for cloud internal and external communication |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN116996368B (en) |
Citations (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1659835A (en) * | 2002-06-12 | 2005-08-24 | 思科技术公司 | Distinguishing between link and node failure to facilitate fast reroute |
| CN116389191A (en) * | 2023-03-31 | 2023-07-04 | 阿里巴巴(中国)有限公司 | Data transmission system, method, device and storage medium thereof |
-
2023
- 2023-09-26 CN CN202311246762.5A patent/CN116996368B/en active Active
Patent Citations (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1659835A (en) * | 2002-06-12 | 2005-08-24 | 思科技术公司 | Distinguishing between link and node failure to facilitate fast reroute |
| CN116389191A (en) * | 2023-03-31 | 2023-07-04 | 阿里巴巴(中国)有限公司 | Data transmission system, method, device and storage medium thereof |
Also Published As
| Publication number | Publication date |
|---|---|
| CN116996368A (en) | 2023-11-03 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US10547538B2 (en) | Packet forwarding method and apparatus | |
| US10686749B2 (en) | Packet sending method and network device | |
| EP3373547B1 (en) | Method for realizing disaster tolerance backup | |
| EP2245792B1 (en) | System, method and program for determining failed routers in a network | |
| US20110126041A1 (en) | Transport control server, network system and trasnport control method | |
| CN109861867B (en) | MEC service processing method and device | |
| CN102970160B (en) | The method and apparatus of a kind of auxiliary monitor terminal and standby server high-speed traffic | |
| US9270558B2 (en) | Method, local gateway, and system for local voice survivability | |
| CN112787960B (en) | Stack splitting processing method, device and equipment and storage medium | |
| WO2022062662A1 (en) | Data transmission method and system, network device, and storage medium | |
| JP7124206B2 (en) | Packet processing methods and gateway devices | |
| CN113746733A (en) | Table item synchronization method, gateway equipment, networking system and storage medium | |
| WO2022083563A1 (en) | Link detection method, link detection apparatus, terminal device and storage medium | |
| US11323310B2 (en) | Method, device, and system for providing hot reservation for in-line deployed network functions with multiple network interfaces | |
| US10680930B2 (en) | Method and apparatus for communication in virtual network | |
| CN110022236B (en) | Message forwarding method and device | |
| CN116996368B (en) | Method, system, equipment and storage medium for cloud internal and external communication | |
| US11063859B2 (en) | Packet processing method and network device | |
| CN111684428B (en) | Super-scale clouding N-route protection | |
| CN105634955B (en) | Flow table updating method and device | |
| CN109428814B (en) | Multicast traffic transmission method, related equipment and computer readable storage medium | |
| US10833981B1 (en) | Method, device, and system for providing hot reservation for in-line deployed network functions with multiple network interfaces | |
| EP3355530A1 (en) | Method, apparatus and device for processing service failure | |
| CN112003748A (en) | Fault processing method, system, device and storage medium suitable for virtual gateway | |
| Zhang et al. | A service protection mechanism impelemented on P4 by packet replication |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |