WO2018001339A1 - Method and apparatus for forwarding packet in virtual extensible local area network (vxlan) - Google Patents

Method and apparatus for forwarding packet in virtual extensible local area network (vxlan) Download PDF

Info

Publication number
WO2018001339A1
WO2018001339A1 PCT/CN2017/090953 CN2017090953W WO2018001339A1 WO 2018001339 A1 WO2018001339 A1 WO 2018001339A1 CN 2017090953 W CN2017090953 W CN 2017090953W WO 2018001339 A1 WO2018001339 A1 WO 2018001339A1
Authority
WO
WIPO (PCT)
Prior art keywords
vtep
mac address
packet
correspondence
vxlan
Prior art date
Application number
PCT/CN2017/090953
Other languages
French (fr)
Chinese (zh)
Inventor
王朋
陈志伟
Original Assignee
中兴通讯股份有限公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 中兴通讯股份有限公司 filed Critical 中兴通讯股份有限公司
Publication of WO2018001339A1 publication Critical patent/WO2018001339A1/en

Links

Images

Definitions

  • the present invention relates to the field of communications, and in particular to a packet forwarding method and apparatus in a virtual scalable local area network (VXLAN).
  • VXLAN virtual scalable local area network
  • each user is assigned a different virtual machine and resources, and different tenants need to be logically isolated.
  • VLAN virtual local area network
  • IP Internet Protocol
  • VXLAN Virtual eXtensible Local Area Network
  • UDP User Data Protocol
  • VXLAN uses a 24-bit virtual scalable LAN identifier (VXLAN Network Identifier, VNID for short) to identify different logical networks, greatly expanding the number of logical networks.
  • VNID virtual scalable LAN identifier
  • FIG. 1 is a schematic diagram of a format of a VXLAN packet in the related art, where O-SIP and O-DIP respectively represent a source IP and a destination IP of an outer IP header, and I-DMAC and I-SMAC respectively represent an inner header of an Ethernet packet. Destination MAC and source MAC.
  • FIG. 2 is a schematic diagram of networking of a VXLAN network in the related art.
  • the virtual machine VM A Virtual Machine
  • VTEP1 Virtual Tunnel End Point
  • the VNID is mapped to a multicast group.
  • the VTEPs of the same VNIDs in the network are added to the same multicast group.
  • the multicast and learning mechanisms are used to implement MAC address learning and packet forwarding. The following steps are included:
  • VM A sends an I-SMAC message with A and I-DMAC as C.
  • VTEP1 first learns the address of A (that is, records the MAC address of VM A), and then searches for the address of C on VTEP1.
  • the original data packet plus the VXLAN header is encapsulated and sent to all other VTEPs that join the multicast group in a multicast manner;
  • the other VTEPs in the network receive the VXLAN packet encapsulated by the VTEP1, learn the address A of the I-SMAC in the packet, and then find the address C of the I-DMAC. If the VTEP does not find the packet, the packet is decapsulated. And then flooding the locally accessed VM;
  • VM C receives the VTEP2 flooding message.
  • the data packet sent by the VMA to the I-SMAC is A, and the I-DMAC is C.
  • VM C does not send a message that is reversed to VM A
  • VTEP2 and VTEP1 will not know the address of VM C
  • the data message sent by VM A to VM C will always be multicast.
  • the form is encapsulated, and other VTEPs and other VMs receive messages that they do not have to receive. In this case, they occupy network bandwidth and affect device performance.
  • the following solutions are proposed in the related art: adding a proxy server to the network, so that all unknown unicast packets are forwarded by the proxy server, thereby reducing multicast in the network, but this method requires additional addition.
  • High-performance proxy server devices and will also increase the complexity of networking deployment.
  • the embodiment of the invention provides a method and a device for forwarding a message in a virtual scalable local area network (VXLAN), so as to solve at least the problem that the network bandwidth affects the performance of the device that occurs when the message is forwarded between the VTEPs in the related art.
  • VXLAN virtual scalable local area network
  • a packet forwarding method in a virtual scalable local area network VXLAN including: a first virtual tunnel terminal VTEP receives a first packet from a first virtual machine VM, where the first The destination VM media access control MAC address is the MAC address of the second VM; the first VTEP is based on the MAC address of the second VM recorded in the first VTEP and connected to the second VM Corresponding relationship of the second VTEP determines the second VTEP, wherein the correspondence between the MAC address of the second VM and the second VTEP is that the second VTEP is notified to the first VTEP; A VTEP forwards the first message to the second VM through the second VTEP.
  • the method further includes: the first VTEP receiving a second packet, where the second packet The destination VM MAC address is the MAC address of the second VM; the first VTEP determines that the correspondence between the MAC address of the second VM and the second VTEP is not recorded in the first VTEP
  • the second packet is encapsulated into a multicast VXLAN packet; the first VTEP sends the multicast VXLAN packet to another VTEP that belongs to the same multicast group as the first VTEP; The first VTEP receives and records the correspondence between the MAC address of the second VM and the second VTEP that the VTEP connected to the second VM in the other VTEP responds to according to the multicast VXLAN message.
  • the method further includes: the first VTEP If the correspondence between the MAC address of the second VM and the second VTEP is not received, discarding the second packet; or the first VTEP is not receiving the second VM And the second packet is encapsulated into a multicast VXLAN packet, and the re-encapsulated multicast VXLAN packet is sent to the first VTEP, where the mapping between the MAC address and the second VTEP is performed. Other VTEPs of the same multicast group.
  • the first VTEP receives and records the MAC address of the second VM and the second VTEP that are connected to the second VM in the other VTEP according to the multicast VXLAN message.
  • the method further includes: the first VTEP receiving the third packet, where the destination VM MAC address of the third packet is the second VM a MAC address; buffering the third message; and the first VTEP receiving and recording, in the other VTEP, the VTEP connected to the second VM according to the multicast VXLAN message
  • the method further includes: the first VTEP, according to the correspondence between the MAC address of the second VM and the second VTEP, the cached The third message is forwarded to the second VM by the second VTEP.
  • the first VTEP receives and records the MAC address of the second VM and the second VTEP that are connected to the second VM in the other VTEP according to the multicast VXLAN message.
  • the method further includes: the first VTEP does not receive the first predetermined time after the correspondence between the MAC address of the second VM and the second VTEP is recorded.
  • the method further includes: the first VTEP receiving a MAC address of the one or more VMs advertised by one or more VMs connected to the first VTEP; the first VTEP record a MAC address of one or more VMs of the first VTEP connection; wherein, when the first VTEP is in a second predetermined time after recording a MAC address of one or more VMs connected to the first VTEP Deleting the MAC address of the first portion VM of the record if the MAC address of the first portion VM re-advertised by the first portion VM of the one or more VMs connected to the first VTEP is received; and/or And receiving, in the second predetermined time after the first VTEP is connected to the MAC address of the one or more VMs connected to the first VTEP, in one or more VMs connected to the first VTEP In the case where the second part VM re-advertises the MAC address of the second part VM, the MAC address of the MAC
  • a method for forwarding a message in a virtual scalable local area network comprising: a second virtual tunnel terminal VTEP receiving a multicast VXLAN message from a first VTEP, wherein the group The broadcast VXLAN packet is obtained by encapsulating the second packet from the first virtual machine VM by the first VTEP, and the source VM media access control MAC address of the second packet is the first VM a MAC address, a destination VM MAC address of the second packet is a MAC address of the second VM; the second VTEP searches for a second VM in the VM connected to the second VTEP; the second The VTEP decapsulates the multicast VXLAN packet and sends the obtained second packet to the second VM, and the second VM, when the second VM is found. Corresponding relationship between the MAC address and the second VTEP is replied to the first VTEP.
  • VXLAN virtual scalable local area network
  • the method further includes: the second VTEP records the MAC address of the first VM and the first VTEP Correspondence relationship.
  • the method further includes: the second VTEP is recording the first VM In the case where the message from the first VTEP and the source VM MAC address is the first VM is not received within the first predetermined time after the correspondence between the MAC address and the first VTEP, the record is deleted.
  • the method further includes: the second VTEP receiving a MAC address of the one or more VMs advertised by one or more VMs connected to the second VTEP; the second VTEP record a MAC address of one or more VMs connected to the second VTEP; wherein, when the second VTEP is in a second predetermined time after recording a MAC address of one or more VMs connected to the second VTEP Receiving a MAC address of the first partial VM that is advertised again by the first one of the one or more VMs connected to the second VTEP a case where the MAC address of the first portion VM of the record is deleted; and/or a second reservation after the second VTEP records the MAC address of the one or more VMs connected to the second VTEP Maintaining the MAC of the second part VM of the record if the MAC address of the second part VM re-advertised by the second part VM of the one or more VMs connected to the second VTEP is received in time address
  • a message forwarding device in a virtual scalable local area network comprising: a first receiving module, configured to receive from the first a first packet of the virtual machine VM, wherein the destination VM media access control MAC address of the first packet is a MAC address of the second VM; and the determining module is configured to be according to the record in the first VTEP Determining, by the correspondence between the MAC address of the second VM and the second VTEP connected to the second VM, the second VTEP, wherein the correspondence between the MAC address of the second VM and the second VTEP is The second VTEP is notified to the first VTEP; the forwarding module is configured to forward the first packet to the second VM through the second VTEP.
  • VXLAN virtual scalable local area network
  • a message forwarding device in a virtual scalable local area network comprising: a second receiving module, configured to receive from the first a VTEP multicast XLAN packet, wherein the multicast VXLAN packet is encapsulated by the first VTEP for the second packet from the first virtual machine VM, and the source of the second packet is The VM media access control MAC address is the MAC address of the first VM, the destination VM MAC address of the second packet is the MAC address of the second VM, and the lookup module is configured to look up the connection with the second VTEP.
  • VXLAN virtual scalable local area network
  • the sending module is configured to: when the second VM is found, decapsulate the multicast VXLAN packet and send the obtained second packet to And the second VM, and the corresponding relationship between the MAC address of the second VM and the second VTEP is replied to the first VTEP.
  • a storage medium is also provided.
  • the storage medium is arranged to store program code for performing the various steps described above.
  • a processor for running a program wherein the program is executed to perform the method of any of the above.
  • the MAC address of the other VM and the VTEP of the VM are pre-recorded in the first VTEP, the MAC address of the other VM recorded in the first VTEP and the VM may be used.
  • the VTEPs are forwarded to forward packets.
  • the packets are sent in the multicast mode. This prevents the packets from being forwarded to other non-related VTEPs.
  • the network bandwidth affects the performance of the device, the problem of avoiding excessive network bandwidth and improving device performance is achieved.
  • FIG. 1 is a schematic diagram of a format of a VXLAN message in the related art
  • FIG. 2 is a schematic diagram of networking of a VXLAN network in the related art
  • FIG. 3 is a flowchart (1) of a packet forwarding method in a VXLAN according to an embodiment of the present invention
  • FIG. 4 is a flowchart (2) of a packet forwarding method in a VXLAN according to an embodiment of the present invention
  • FIG. 5 is a flowchart of packet forwarding in a VXLAN network according to an embodiment of the present invention.
  • FIG. 6 is a schematic structural diagram of a message in a VXLAN according to an embodiment of the present invention.
  • FIG. 7 is a flow chart of packet forwarding in a VXLAN according to a specific embodiment of the present invention.
  • FIG. 8 is a flow chart of packet forwarding in a VXLAN according to a second embodiment of the present invention.
  • FIG. 9 is a flow chart of packet forwarding in a VXLAN according to a third embodiment of the present invention.
  • FIG. 10 is a structural block diagram (1) of a message forwarding device in a VXLAN according to an embodiment of the present invention
  • FIG. 11 is a structural block diagram of a message forwarding device in a VXLAN according to an embodiment of the present invention. (two);
  • FIG. 12 is a schematic structural diagram of a message forwarding apparatus in a VXLAN according to an embodiment of the present invention.
  • FIG. 3 is a flowchart (1) of a packet forwarding method in a VXLAN according to an embodiment of the present invention, as shown in FIG. Including the following steps:
  • Step S302 the first virtual tunnel terminal VTEP receives the first packet from the first virtual machine VM, where the destination VM media access control MAC address of the first packet is the MAC address of the second VM;
  • Step S304 the first VTEP determines a second VTEP according to a correspondence between a MAC address of the second VM recorded in the first VTEP and a second VTEP connected to the second VM, where the MAC address of the second VM and the second The correspondence relationship of the VTEP is notified to the first VTEP by the second VTEP;
  • Step S306 the first VTEP forwards the first packet to the second VM by using the second VTEP.
  • the first VM is connected to the first VTEP, and the source VM MAC address of the first packet is the MAC address of the first VM.
  • the MAC address of the first VM is recorded (also referred to as learning) in the first VTEP.
  • the correspondence between the MAC address of the second VM and the second VTEP may be that the second VTEP is to be sent from the first VTEP (which may be sent by the first VM connected to the first VTEP, or may be the first VTEP connection).
  • the message sent by the VM and sent to the second VM is forwarded to the second VM, it is advertised to the first VTEP.
  • the MAC address of the other VM recorded in the first VTEP and the MAC address can be connected to the VM.
  • the VTEP unicasts the packets, so that the packets are not sent in the multicast mode, and the packets are sent to other non-related VTEPs. This effectively solves the problem of forwarding packets between VTEPs.
  • the network bandwidth affects the performance of the device, and the effect of avoiding excessive network bandwidth and improving device performance is achieved.
  • the method further includes: the first VTEP receiving the second packet, where the destination VM MAC address of the second packet is the MAC address of the second VM.
  • the first VTEP encapsulates the second packet into a multicast VXLAN packet when the first VTEP does not record the correspondence between the MAC address of the second VM and the second VTEP; the first VTEP group
  • the broadcast VXLAN message is sent to other VTEPs belonging to the same multicast group as the first VTEP; the first VTEP receives and records the MAC address of the second VM that the VTEP connected to the second VM in the other VTEP responds to according to the multicast VXLAN message.
  • the other VTEPs in the same multicast group can record the MAC of the first VM.
  • Corresponding relationship between the address and the first VTEP wherein the second VTEP connected to the second VM, after finding that the second VM is connected to itself, decapsulates the multicast VXLAN message and obtains the second obtained after decapsulation The message is sent to the second VM, and the second VTEP notifies the first VTEP of the correspondence between the MAC address of the second VM and the second VTEP.
  • the remaining VTEP (that is, the VTEP other than the first VTEP in the other VTEPs of the same multicast group) does not find the second VM in the VM connected to it, and discards the received multicast VXLAN packet. And, if the remaining VTEP has not been received after a period of time In the case of a packet from the first VTEP and the source VM MAC address is the MAC address of the first VM, the remaining VTEP aging deletes the correspondence between the recorded MAC address of the first VM and the first VTEP.
  • the O-DIP of the outer IP header of the multicast VXLAN packet is the multicast IP address corresponding to the VNID (that is, the IP address of the multicast group), and the O-SIP is the IP of the source VTEP (that is, the first VTEP). address.
  • the method further includes: the first VTEP is not received. If the correspondence between the MAC address of the second VM and the second VTEP is performed, the second packet is discarded; or the first VTEP does not receive the correspondence between the MAC address of the second VM and the second VTEP.
  • the second packet is encapsulated into a multicast VXLAN packet, and the re-encapsulated multicast VXLAN packet is sent to other VTEPs that belong to the same multicast group as the first VTEP.
  • the second packet can be discarded.
  • the first VTEP does not receive (may not be received within a predetermined time) to the correspondence between the MAC address of the second VM and the second VTEP, in addition to performing the discard operation described above, The second packet can be re-encapsulated and the encapsulated multicast VXLAN packet is sent again.
  • the pre-condition for performing the re-encapsulation of the second packet may also be that the first VTEP is not received (may be in one The correspondence between the MAC address of the second VM and the second VTEP is not received within a predetermined time, and the first VTEP continues to receive the message to be sent to the second VM.
  • the first VTEP receives and records the correspondence between the MAC address of the second VM and the second VTEP that the VTEP connected to the second VM in the other VTEP responds to according to the multicast VXLAN message.
  • the foregoing method further includes: the first VTEP receives the third packet, where the destination VM MAC address of the third packet is the MAC address of the second VM; the third packet is buffered; and the first VTEP is receiving And after the mapping between the MAC address of the second VM and the second VTEP that the VTEP connected to the second VM in the other VTEP is configured according to the multicast VXLAN message, the method further includes: the first VTEP according to the second Corresponding relationship between the MAC address of the VM and the second VTEP forwards the buffered third packet to the second VM through the second VTEP.
  • the message to be sent to the second VM that is waiting to be acquired within the waiting time of the correspondence between the MAC address of the second VM and the second VTEP connected to the second VM may be temporarily obtained.
  • the unicast packet is temporarily unicast, thereby reducing the number of times the multicast packet is sent. Reduce the occupation of network bandwidth.
  • the first VTEP receives and records the correspondence between the MAC address of the second VM and the second VTEP that the VTEP connected to the second VM in the other VTEP responds to according to the multicast VXLAN message. Thereafter, the method further includes: the first VTEP does not receive the correspondence of the VTEP re-answer with the second VM connection within the first predetermined time after the correspondence between the MAC address of the second VM and the second VTEP is recorded.
  • the first predetermined time after the first VTEP records the correspondence between the MAC address of the second VM and the second VTEP.
  • the correspondence between the MAC address of the second VM and the second VTEP that the VTEP that is connected to the second VM is again received is received, the correspondence between the recorded MAC address of the second VM and the second VTEP is maintained.
  • the corresponding relationship recorded in the first VTEP has a certain aging time. When the corresponding relationship is not received again after the aging time is reached, in order to avoid unnecessary space occupation, the corresponding relationship needs to be deleted. (After the deletion, if the above correspondence is received again, the recording can be performed again), and when the corresponding relationship is received again before the aging time arrives, the aging time of the correspondence can be re-timed according to the time of re-reception.
  • the method further includes: the first VTEP receiving a MAC address of one or more VMs advertised by the one or more VMs connected to the first VTEP; the first VTEP record being connected to the first VTEP a MAC address of one or more VMs; wherein, when the first VTEP does not receive a connection with the first VTEP within a second predetermined time after recording the MAC address of the one or more VMs connected to the first VTEP Delete the record if the MAC of the first part of the VM is advertised again by the first part of the VMs The MAC address of the first portion of the VM; and/or, when the first VTEP receives the first VTEP connection or the second predetermined time after recording the MAC address of the one or more VMs connected to the first VTEP In the case where the second part VM of the plurality of VMs advertises the MAC address of the second part VM again, the MAC address of the second part VM of the record is maintained.
  • each VM needs to report its own MAC address when accessing the corresponding VTEP, and each VM needs to periodically advertise its own state (that is, report its own MAC address) to the corresponding VTEP.
  • the corresponding VTEP maintains the MAC address information of the locally active VM. After the aging time is reached, if the status information of the VM is not updated, the recorded MAC information of the VM whose status information is not updated is deleted.
  • FIG. 4 is a flowchart (2) of a packet forwarding method in a VXLAN according to an embodiment of the present invention. The process includes the following steps:
  • Step S402 the second virtual tunnel terminal VTEP receives the multicast VXLAN packet from the first VTEP, where the multicast VXLAN packet is encapsulated by the first VTEP to encapsulate the second packet from the first virtual machine VM.
  • the source VM media access control MAC address of the second packet is the MAC address of the first VM
  • the destination VM MAC address of the second packet is the MAC address of the second VM.
  • Step S404 the second VTEP searches for a second VM in the VM connected to the second VTEP;
  • Step S406 the second VTEP decapsulates the multicast VXLAN message and sends the obtained second packet to the second VM, and sends the MAC address of the second VM to the second VM.
  • the correspondence of the second VTEP is replied to the first VTEP.
  • the second VTEP may respond to the first VTEP by the correspondence between the MAC address of the second VM and the second VTEP, so that the first VTEP is unicast according to the recorded correspondence.
  • the packets are forwarded, so that the packets are not sent in the multicast mode. This prevents the packets from being sent to other non-related VTEPs. This effectively solves the problem that network bandwidth can occur when packets are forwarded between VTEPs.
  • Equipment The performance problem has achieved the effect of avoiding excessive network bandwidth consumption and improving device performance.
  • the method further includes: the second VTEP records the correspondence between the MAC address of the first VM and the first VTEP. Therefore, after receiving the packet to be sent to the first VM, the second VTEP can perform unicast transmission on the packet according to the corresponding relationship recorded in the second VTEP, without multicast transmission.
  • the second VTEP can learn the I-SMAC of the packet, and look up the I-DMAC in the local MAC address information table, decapsulate the VXLAN packet, and send the corresponding packet to the corresponding packet. Local VM.
  • the unicast VXLAN packet is a unicast IP address of the O-SIP and the O-DIP of the VXLAN packet, and corresponds to the IP of a certain VTEP (for example, the second VTEP) in the networking.
  • the first VM sends a packet whose I-DMAC is known
  • the first VTEP searches for the IP address of the VTEP corresponding to the I-DMAC in the first VTEP, and encapsulates the data packet into a unicast VXLAN packet and sends the packet to the destination VTEP. (ie, the second VTEP).
  • the method further includes: the second VTEP records the MAC address of the first VM and the first In the case where the message from the first VTEP and the source VM MAC address is the first VM is not received within the first predetermined time after the correspondence of the VTEP, the MAC address of the recorded first VM and the first VTEP are deleted.
  • the second VTEP receives the source VM MAC address from the first VTEP and the first VM within a first predetermined time after recording the correspondence between the MAC address of the first VM and the first VTEP In the case of the message, the correspondence between the MAC address of the first VM and the first VTEP is maintained.
  • the corresponding relationship recorded in the second VTEP is a certain aging time. When the corresponding relationship recorded in the second VTEP is not received again after the aging time is reached, in order to avoid unnecessary space occupation, it is required.
  • the corresponding relationship is deleted (after the deletion, if the corresponding relationship is received again, the recording can be performed again), and when the corresponding relationship is received again before the aging time arrives, the corresponding relationship can be re-timed according to the time of receiving again. Aging time.
  • the method further includes: receiving, by the second VTEP, the second The MAC address of one or more VMs advertised by one or more VMs connected by the VTEP; the second VTEP records the MAC address of one or more VMs connected to the second VTEP; wherein, when the second VTEP is recorded In the case where the MAC address of the first partial VM re-advertised by the first partial VM of the one or more VMs connected to the second VTEP is not received within the second predetermined time after the MAC address of the one or more VMs of the two VTEP connections Deleting the MAC address of the first portion of the VM of the record; and/or, when the second VTEP receives the second VTEP connection within a second predetermined time after recording the MAC address of the one or more VMs connected to the second VTEP In the case where the second part of the one or more VMs advertises the MAC address of the second part VM again, the MAC address of the second
  • each VM needs to report its own MAC address when accessing the corresponding VTEP, and each VM needs to periodically advertise its own state (that is, report its own MAC address) to the corresponding VTEP.
  • the corresponding VTEP maintains the MAC address information of the locally active VM. After the aging time is reached, if the status information of the VM is not updated, the recorded MAC information of the VM whose status information is not updated is deleted.
  • FIG. 5 is a flow chart of message forwarding according to an embodiment of the present invention.
  • FIG. 6 is a first embodiment of the present invention, in which VM A (corresponding to the first VM described above) sends a message to VM C (corresponding to the second VM) The flow chart of the main message.
  • VM A corresponding to the first VM described above
  • VM C corresponding to the second VM
  • the flow chart of the main message The flow chart of the main message.
  • the specific implementation steps of the present invention mainly include:
  • Step S502 When there is a VM (for example, VM A) access on the local access side, the VM periodically advertises its own state to the VTEP (for example, VTEP1), and the VTEP learns and maintains the MAC address information of the locally active VM. After the aging time is reached, if the status information of the VM is not updated, the MAC information corresponding to the VM is deleted.
  • VM for example, VM A
  • the link layer discovery protocol (LLDP) can be used when the VM advertises and keeps its own state to the VTEP.
  • LLDP link layer discovery protocol
  • the method of notification and keep-alive is not limited to this method, for example, it can also be advertised by means of a proprietary agreement.
  • the MAC address information table of the local VM can be saved in the format shown in Table 1. Take the MAC saved on VTEP1 as an example:
  • Step S504 When the local VM sends an I-DMAC unknown data packet, the source VTEP (for example, VTEP1) encapsulates the data packet into a multicast VXLAN packet and sends it to other VTEPs in the same multicast group; The I-DMAC message is temporarily buffered, and is sent after waiting for the VTEP information corresponding to the I-DMAC.
  • the source VTEP for example, VTEP1
  • the I-DMAC message is temporarily buffered, and is sent after waiting for the VTEP information corresponding to the I-DMAC.
  • the multicast VXLAN packet is that the destination IP field O-DIP of the outer IP header of the VXLAN packet is the multicast IP address corresponding to the VNID, and the source IP field O-SIP is the IP address of the VTEP.
  • step S504 if the packet sent by the local VM is a multicast or broadcast packet, the packet is not buffered and processed, and is directly encapsulated into a multicast VXLAN packet and then sent to other VTEPs.
  • the form of the multicast message encapsulated by the VM A and encapsulated by the VTEP1 is shown in the message 2 of FIG. 6, wherein the O-SIP is the IP-1 of the VTEP1.
  • the O-DIP is the multicast IP address IP-M of the multicast group mapped by the VNID to which the VMA belongs.
  • Step S506 When the VTEP (for example, VTEP2) receives the multicast VXLAN message, learn the I-SMAC; and look up the I-DMAC in the local MAC address information table, and if found, the I-DMAC and the VTEP ( For example, the correspondence of VTEP2) is replied to the source VTEP (eg, VTEP1) with the address O-SIP; and the message is decapsulated and then sent to the local VM (eg, VM C) corresponding to the I-DMAC.
  • the source VTEP eg, VTEP1
  • the message is decapsulated and then sent to the local VM (eg, VM C) corresponding to the I-DMAC.
  • the correspondence between the I-DMAC and the VTEP is sent to the source VTEP (for example, VTEP1) with the address O-SIP, and the VXLAN packet is sent to the source by encapsulating a reverse unicast null data.
  • the form of VTEP is implemented.
  • the reverse unicast null data VXLAN message is that the PAYLOAD segment of the inner layer message is set to an invalid value, and the I-SMAC and I-DMAC of the inner layer data message are respectively set to the received multicast VXLAN message.
  • the I-DMAC and I-SMAC of the inner data packet, the O-SIP of the outer IP header is set to the IP of the VTEP, and the O-DIP of the outer IP header is set to the IP header of the received multicast VXLAN packet. O-SIP.
  • the reverse unicast null data message sent by VTEP2 to VTEP1 is shown in message 4 in FIG. 6, where O-SIP is set to IP-2 of VTEP2, and O-DIP is set to IP- 1, that is, the value of the O-SIP field of the received multicast VXLAN message; I-DMAC is set to A, and I-SMAC is set to C, corresponding to the I-SMAC field of the received multicast VXLAN message and The value of the I-DMAC field; the PAYLOAD' field is set to an invalid value.
  • This type of response does not require additional protocol support, and the source VTEP does not require special handling of response messages.
  • the manner of responding to the source VTEP is not limited to this manner.
  • Step S508 When the VTEP (for example, VTEP2) receives the unicast VXLAN message, learn the I-SMAC, and look up the I-DMAC in the local MAC address information table, and then decapsulate the VXLAN message to the I-DMAC.
  • Corresponding local VM for example, VM C).
  • the MAC address information table of the remote VM can be saved in the format shown in Table 2, taking the remote MAC saved on VTEP2 as an example:
  • the I-DMAC unknown message sent by the VM (for example, VM A) is sent to the I-DMAC packet after being sent out by the VTEP (for example, VTEP1) encapsulation. If the response is not received within the predetermined time, the other VTEPs do not have the VM corresponding to the I-DMAC and discard the packets.
  • the VTEP for example, VTEP1
  • the multicast packet is re-encapsulated and sent after a certain time. , request the VTEP information corresponding to the I-DMAC again.
  • step S506 after the VTEP (for example, VTEP1) learns the I-SMAC information corresponding to the remote VM (for example, VM C), after a period of time, if the I-SMAC is not received again. If the packet is received, the I-SMAC can be deleted.
  • the VTEP for example, VTEP1
  • learns the I-SMAC information corresponding to the remote VM for example, VM C
  • Step S510 When the data message I-DMAC sent by the VM (for example, VMA) is known, look up the IP of the destination VTEP corresponding to the I-DMAC on the VTEP (for example, VTEP1), and encapsulate the data packet into a unicast.
  • the VXLAN message is sent to the destination VTEP (for example, VTEP2).
  • the message does not need to go through
  • the encapsulation is directly forwarded to the destination VM according to the interface information corresponding to the saved I-DMAC.
  • flooding can be reduced in the present VTEP (for example, VTEP1), and multicast can be reduced between VTEPs.
  • each VTEP establishes a link as shown in FIG. 2, and each VTEP accesses the VM as shown in FIG. 2. All VTEPs belong to the same multicast group, and all VMs belong to the same VNID16000. Assuming that the VM A is to communicate with the VM C, the packet forwarding step of the VXLAN according to the present invention is as shown in FIG. 7 , and specifically includes:
  • Step S702 The VMs under each VTEP actively advertise their own status to the VTEP, and each VTEP learns and maintains the MAC address information corresponding to the local VM.
  • Step S704 The VM A sends the packet destined for the MAC C, and searches for the record of the MAC C on the VTEP1. If the packet is not found, the packet is encapsulated into a multicast VXLAN packet and sent to other VTEPs.
  • Step S706 VTEP2 receives the multicast VXLAN packet, learns the source MAC address of the inner layer packet, searches for the destination MAC C of the inner layer packet, and finds and encapsulates a reverse unicast null data VXLAN message to VTEP1. At the same time, the received packet is decapsulated and sent to VM C.
  • VTEP3 and VTEP4 receive the multicast VXLAN packet, learn the source MAC address of the inner layer packet, and find the destination MAC C of the inner layer packet. Continue processing.
  • Step S708 The VTEP1 receives the unicast VXLAN packet sent by the VTEP2, learns the source MAC address of the inner layer packet, searches for the destination MAC A of the inner layer packet, searches for the packet, and decapsulates the packet to the VMA.
  • Step S710 The VM A continues to send the data packet destined for the MAC C, and searches for the record of the MAC C on the VTEP1.
  • the packet can be encapsulated into a unicast VXLAN packet and sent to the VTEP2.
  • Step S712 VTEP2 receives the unicast VXLAN packet, and learns the source MAC address of the inner layer packet. If the saved MAC A information has not been aged, it does not need to be saved repeatedly. The destination MAC C of the inner layer packet is searched. , the packet is decapsulated and sent to VM C.
  • Step S714 The VM C sends a data packet destined for the MAC A, and searches for the record of the MAC A on the VTEP2.
  • the packet can be encapsulated into a unicast VXLAN packet and sent to the VTEP1.
  • Step S716 After a period of time, the VTEP3 and the VTEP4 do not receive the data packet of the MAC A, which is sent by the VTEP1, and deletes the record of the MAC A.
  • VTEP1 uses multicast only when it is first sent, and then uses unicast to reduce multicast.
  • VTEP2 sends a packet to the local VM, it directly finds the local MAC information table to get the outgoing interface, and then sends the interface. For the corresponding VM, there is no flooding.
  • Step S802 The VMs in each VTEP actively advertise their own status to the VTEP, and each VTEP learns and maintains the MAC address information corresponding to the local VM.
  • Step S804 VM A sends a data packet destined for MAC B, and searches for the record of MAC B on VTEP1, which can be found and is locally, and the packet is directly sent from the corresponding port Gei-2. issue.
  • Step S806 The VM B sends a data packet destined for the MAC A, and searches for the record of the MAC A on the VTEP1, and can find and locally send the packet directly from the corresponding port Gei-1.
  • the interworking between VM A and VM B is completed. Compared with the traditional method, before VM B sends reverse traffic, the packet is directly sent to VM B, which reduces the transmission of multicast to other VTEPs. Flooding within this VTEP.
  • the VM A sends a data packet destined for the MAC N, where the MAC N does not exist in the VXLAN network.
  • the VXLAN packet forwarding according to the present invention is performed.
  • the process of the steps is shown in Figure 9, which mainly includes:
  • Step S902 The VMs under each VTEP actively advertise their own status to the VTEP, and each VTEP learns and maintains the MAC address information corresponding to the local VM.
  • Step S904 The VM A sends a data packet destined for the MAC N, searches for the record of the MAC N on the VTEP1, and does not find the packet, and encapsulates the packet into a multicast form and sends the packet to other VTEPs.
  • Step S906 VTEP2, VTEP3, and VTEP4 receive the VXLAN packet encapsulated in the multicast, learn the source MAC address of the inner layer packet, and find the destination MAC address of the inner layer packet.
  • Step S908 VTEP1 does not receive any message that returns a reply, and discards the message.
  • the embodiment of the present invention can also enable the periodic retransmission mechanism in step S908. If no message is returned in a certain period of time, the message will be discarded. After the retransmission time is reached, a multicast packet will be sent out again. Request purpose information. Specifically, as described in step S910.
  • Step S910 After the timing retransmission time, the MAC N record is searched again on the VTEP1, and the packet is encapsulated into a multicast form and sent to other VTEPs.
  • VTEP Through the above steps, between VTEP, the number of multicasts is reduced, only at the arrival timing. After the retransmission time, a multicast encapsulated packet is sent out. In VTEP1, after the MAC N is not found, the local MAC address does not exist and the flood is not flooded under the VTEP.
  • the method according to the above embodiment can be implemented by means of software plus a necessary general hardware platform, and of course, by hardware, but in many cases, the former is A better implementation.
  • the technical solution of the present invention which is essential or contributes to the prior art, may be embodied in the form of a software product stored in a storage medium (such as ROM/RAM, disk,
  • the optical disc includes a number of instructions for causing a terminal device (which may be a cell phone, a computer, a server, or a network device, etc.) to perform the methods described in various embodiments of the present invention.
  • a message forwarding device is also provided, which is used to implement the foregoing embodiments and preferred embodiments, and has not been described again.
  • the term "module” may implement a combination of software and/or hardware of a predetermined function.
  • the apparatus described in the following embodiments is preferably implemented in software, hardware, or a combination of software and hardware, is also possible and contemplated.
  • FIG. 10 is a structural block diagram (1) of a message forwarding device in a VXLAN according to an embodiment of the present invention.
  • the device may be applied to a first virtual tunnel terminal VTEP.
  • the device includes a first receiving module 102.
  • the module 104 and the forwarding module 106 are determined, and the device is described below:
  • the first receiving module 102 is configured to receive the first packet from the first virtual machine VM, where the destination VM media access control MAC address of the first packet is the MAC address of the second VM, and the determining module 104 is connected.
  • the first receiving module 102 is configured to determine a second VTEP according to a correspondence between a MAC address of the second VM recorded in the first VTEP and a second VTEP connected to the second VM, where the MAC address of the second VM is The correspondence between the second VTEP and the second VTEP is sent to the first VTEP; the forwarding module 106 is connected to the determining module 104, and is configured to forward the first packet to the second VM through the second VTEP.
  • the apparatus further includes a first processing module, configured to receive the second packet before the first VTEP receives the first packet from the first VM, where the second packet is The destination VM MAC address is the MAC address of the second VM. If the correspondence between the MAC address of the second VM and the second VTEP is not recorded in the first VTEP, the second packet is encapsulated into a multicast VXLAN packet. Sending the multicast VXLAN message to other VTEPs belonging to the same multicast group as the first VTEP; receiving and recording the MAC address of the second VM that the VTEP connected to the second VM in the other VTEP responds to according to the multicast VXLAN message Correspondence with the second VTEP.
  • a first processing module configured to receive the second packet before the first VTEP receives the first packet from the first VM, where the second packet is The destination VM MAC address is the MAC address of the second VM. If the correspondence between the MAC address of the second VM and the second VT
  • the foregoing apparatus further includes a second processing module, configured to: after transmitting the multicast VXLAN message to another VTEP that belongs to the same multicast group as the first VTEP, does not receive the second If the correspondence between the MAC address of the VM and the second VTEP is the same, the second packet is discarded; or the second packet is re-received if the correspondence between the MAC address of the second VM and the second VTEP is not received.
  • the packet is encapsulated into a multicast VXLAN packet, and the re-encapsulated multicast VXLAN packet is sent to other VTEPs that belong to the same multicast group as the first VTEP.
  • the apparatus further includes a third processing module configured to receive and record a MAC address of the second VM that is replied to by the VTEP connected to the second VM in the other VTEP according to the multicast VXLAN message.
  • a third processing module configured to receive and record a MAC address of the second VM that is replied to by the VTEP connected to the second VM in the other VTEP according to the multicast VXLAN message.
  • the apparatus further includes a fourth processing module configured to receive and record a MAC address of the second VM that is replied to by the VTEP connected to the second VM in the other VTEP according to the multicast VXLAN message.
  • a fourth processing module configured to receive and record a MAC address of the second VM that is replied to by the VTEP connected to the second VM in the other VTEP according to the multicast VXLAN message.
  • the apparatus further includes a fifth processing module configured to receive a MAC address of the one or more VMs advertised by the one or more VMs connected to the first VTEP; and record the connection with the first VTEP a MAC address of one or more VMs; wherein, when the first VTEP does not receive one of the first VTEP connections or after a second predetermined time after recording the MAC addresses of the one or more VMs connected to the first VTEP Deleting the MAC address of the first partial VM of the record in the case where the first partial VM of the plurality of VMs re-advertises the MAC address of the first partial VM; and/or when the first VTEP is recording one or the connection with the first VTEP In the case where the MAC address of the second partial VM re-advertised by the second partial VM of the one or more VMs connected to the first VTEP is received within the second predetermined time after the MAC addresses of the plurality of VMs
  • FIG. 11 is a structural block diagram (2) of a message forwarding device in a VXLAN according to an embodiment of the present invention.
  • the device may be applied to a second virtual tunnel terminal VTEP.
  • the device includes a second receiving module 112.
  • the search module 114 and the sending module 116 are described below:
  • the second receiving module 112 is configured to receive the multicast VXLAN packet from the first VTEP, where the multicast VXLAN packet is encapsulated by the first VTEP to encapsulate the second packet from the first virtual machine VM.
  • the source VM media access control MAC address of the second packet is the MAC address of the first VM
  • the destination VM MAC address of the second packet is the MAC address of the second VM.
  • the searching module 114 is connected to the second receiving module 112.
  • the sending module 116 is connected to the foregoing searching module 114, and configured to decapsulate the multicast VXLAN packet when the second VM is found And sending the obtained second packet to the second VM, and responding to the first VTEP by the correspondence between the MAC address of the second VM and the second VTEP.
  • the apparatus further includes a sixth processing module, configured to record a correspondence between a MAC address of the first VM and the first VTEP after receiving the multicast VXLAN message from the first VTEP.
  • the apparatus further includes a seventh processing module, configured to record the MAC address of the first VM and the first VTEP after recording the correspondence between the MAC address of the first VM and the first VTEP.
  • a seventh processing module configured to record the MAC address of the first VM and the first VTEP after recording the correspondence between the MAC address of the first VM and the first VTEP.
  • the second VTEP receives the source VM MAC address from the first VTEP and the source VM address is the first VM within a first predetermined time after the mapping of the MAC address of the first VM and the first VTEP is recorded In the case of a message, the correspondence between the MAC address of the recorded first VM and the first VTEP is maintained.
  • the apparatus further includes an eighth processing module configured to receive a MAC address of the one or more VMs advertised by the one or more VMs connected to the second VTEP; the second VTEP record and the second a MAC address of one or more VMs connected by the VTEP; wherein the second VTEP does not receive the connection with the second VTEP within a second predetermined time after the MAC address of the one or more VMs connected to the second VTEP is recorded
  • the first part of the one or more VMs advertises the MAC address of the first part of the VM again, the MAC address of the first part of the VM is deleted; and/or when the second VTEP is recorded with the second VTEP Maintaining the MAC address of the second partial VM re-advertised by the second partial VM of the one or more VMs connected to the second VTEP in the second predetermined time after the MAC address of the one or more VMs is maintained Record the MAC address of the second part of
  • FIG. 12 is a schematic structural diagram of a message forwarding device in a VXLAN according to an embodiment of the present invention.
  • the device may be located on a VTEP, and includes:
  • the message receiving module 122 (corresponding to the first receiving module 102 and the second receiving module 112) is configured to receive the packet, including the original data packet received by the local access side port and the VXLAN received by the network side port.
  • the MAC information learning module 124 (corresponding to the fifth processing module and the eighth processing module) is configured to learn the MAC information of the packet, record the relationship between the MAC address and the corresponding forwarding interface, and save the information in the MAC information table.
  • the MAC information learning module may further include a local MAC information table maintenance sub-module 1241 and a remote MAC information table maintenance sub-module 1242, where:
  • the local MAC information table maintenance sub-module 1241 is configured to maintain a local MAC information table, and add a corresponding MAC entry when learning a new local MAC entry, and delete the MAC entry that needs to be aged after the aging time expires;
  • the remote MAC address table maintenance sub-module 1242 is configured to maintain a remote MAC address table, and add a corresponding MAC entry when the new remote MAC address entry is learned. After the aging time expires, the MAC entry that needs to be aged is deleted.
  • the local MAC information response module 126 (corresponding to the above-mentioned search module 114 and the sending module 116) is configured to: when receiving the multicast VXLAN message, query whether the I-DMAC of the inner layer message is local, if local, I - The correspondence between the DMAC and the VTEP is answered to the source VTEP with the address O-SIP.
  • the packet forwarding module 128 (corresponding to the forwarding module 106 and the sending module 116) is configured to encapsulate the received data packet and send it to other VTEPs, and decapsulate the received VXLAN encapsulated packet and send the packet to the local device. VM.
  • the message forwarding module 128 may further include a package sending submodule 1281 and a decapsulation sending submodule 1282, where:
  • the encapsulating and transmitting sub-module 1281 is configured to encapsulate the data packet into a VXLAN packet, and when the destination MAC address is known, the encapsulation is a unicast packet, and the packet is encapsulated into a multicast packet if the destination MAC address is unknown.
  • the decapsulation and sending submodule 1282 is configured to decapsulate the VXLAN message into an original message and then send it to the local corresponding VM.
  • each of the above modules may be implemented by software or hardware.
  • the foregoing may be implemented by, but not limited to, the foregoing modules are all located in the same processor; or, the above modules are in any combination.
  • the forms are located in different processors.
  • Embodiments of the present invention also provide a storage medium.
  • the storage medium may be configured to store program code for performing the steps in the foregoing method embodiments.
  • the foregoing storage medium may include, but is not limited to, a USB flash drive, a Read-Only Memory (ROM), and a Random Access Memory (RAM).
  • ROM Read-Only Memory
  • RAM Random Access Memory
  • the processor performs the above steps according to the stored program code in the storage medium.
  • Embodiments of the present invention also provide a processor for running a program, wherein the program is executed to perform the steps of any of the above methods.
  • the device in the embodiment of the present invention is located on the VTEP, and does not need to additionally add a centralized controller or a proxy server in the networking, which can reduce the networking cost.
  • the VM adopts an active advertisement mechanism, and the VTEP maintains the address information of the local active VM, and the remote to local VXLAN packet, if the destination address of the inner layer data packet is not found on the VTEP, directly discards and reduces Flooding under VTEP.
  • the VTEP information corresponding to the destination MAC in the embodiment of the present invention adopts an "on-demand request" manner, and the local VM sends a packet whose destination MAC address is unknown, and first sends the packet to the other VTEP through the multicast encapsulation, and the VTEP of the destination MAC receives the multicast.
  • the relationship between the destination MAC address and the VTEP is sent to the source VTEP, which is equivalent to the source VTEP "requesting" the MAC information of the destination.
  • the source VTEP only learns the MAC required for traffic forwarding, and does not maintain unnecessary. Remote MAC information.
  • the VMs that do not have the MAC address in the other VTEPs are discarded, and the packet is discarded, and the multicast forwarding between the VTEPs is reduced.
  • the data packet is sent to the destination VTEP in a unicast manner, which reduces multicast forwarding between VTEPs.
  • modules or steps of the present invention described above can be implemented by a general-purpose computing device that can be centralized on a single computing device or distributed across a network of multiple computing devices. Alternatively, they may be implemented by program code executable by the computing device such that they may be stored in the storage device by the computing device and, in some cases, may be different from the order herein.
  • the steps shown or described are performed, or they are separately fabricated into individual integrated circuit modules, or a plurality of modules or steps thereof are fabricated as a single integrated circuit module.
  • the invention is not limited to any specific combination of hardware and software.
  • the packet forwarding method and apparatus in the virtual scalable local area network VXLAN provided by the embodiment of the present invention have the following beneficial effects: the network bandwidth occupied by the packet forwarding between VTEPs in the related art is solved.
  • the problem that affects the performance of the device achieves the effect of avoiding excessive use of network bandwidth and improving device performance.

Landscapes

  • Small-Scale Networks (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)

Abstract

Provided are a method and apparatus for forwarding a packet in a virtual extensible local area network (VXLAN). The method comprises: a first virtual tunnel end point (VTEP) receiving a first packet from a first virtual machine (VM), wherein a destination VM media access control (MAC) address of the first packet is a MAC address of a second VM; the first VTEP determining a second VTEP according to a correlation, recorded in the first VTEP, between the MAC address of the second VM and the second VTEP connected to the second VM, wherein the correlation between the MAC address of the second VM and the second VTEP is notified by the second VTEP to the first VTEP; and the first VTEP forwarding the first packet to the second VM via the second VTEP. By means of the embodiments of the present invention, the problem existing in the related art that a network bandwidth is occupied such that the performance of a device is affected when a packet is forwarded between VTEPs is solved.

Description

虚拟可扩展局域网VXLAN中报文转发方法及装置Message forwarding method and device in virtual scalable local area network VXLAN 技术领域Technical field
本发明涉及通信领域,具体而言,涉及一种虚拟可扩展局域网VXLAN中报文转发方法及装置。The present invention relates to the field of communications, and in particular to a packet forwarding method and apparatus in a virtual scalable local area network (VXLAN).
背景技术Background technique
在数据中心云计算多租户环境中,每个用户分配有不同的虚拟机和资源,不同的租户之间需要进行逻辑隔离。传统上采用虚拟局域网(Virtual Local Area Network,简称为VLAN)进行隔离,但是12位的VLAN标识的隔离能力只能达到4096,在日益发展的大规模数据中心的环境中,采用VLAN隔离的方式已经不能满足需求。同时,在数据中心进行迁移和备份时,基于互联网协议(Internet Protocol,简称为IP)子网划分的方式也限制了二层的连通性。In a data center cloud computing multi-tenant environment, each user is assigned a different virtual machine and resources, and different tenants need to be logically isolated. Traditionally, a virtual local area network (VLAN) is used for isolation. However, the isolation capability of a 12-bit VLAN ID can only reach 4096. In an environment of an increasingly large-scale data center, VLAN isolation has been adopted. Can not meet the demand. At the same time, when the data center is used for migration and backup, the Internet Protocol (IP) subnetting method also limits Layer 2 connectivity.
虚拟可扩展局域网(Virtual eXtensible Local Area Network,简称为VXLAN)技术主要用于解决上述问题。它将原始报文封装在用户数据协议(User Date Protocol,简称为UDP)报文里,通过VXLAN封装后的2层以太网帧可以跨3层网络边界,让组网以及应用部署变得更加灵活。VXLAN使用24位的虚拟可扩展局域网网络标识(VXLAN Network Identifier,简称为VNID)来标识不同的逻辑网络,极大地扩展了逻辑网络的数目。The Virtual eXtensible Local Area Network (VXLAN) technology is mainly used to solve the above problems. The original packet is encapsulated in a User Data Protocol (UDP) packet. The Layer 2 Ethernet frame encapsulated by the VXLAN can span the Layer 3 network boundary to make the networking and application deployment more flexible. . VXLAN uses a 24-bit virtual scalable LAN identifier (VXLAN Network Identifier, VNID for short) to identify different logical networks, greatly expanding the number of logical networks.
图1是相关技术中的VXLAN报文格式示意图,其中O-SIP和O-DIP分别代表外层IP头的源IP和目的IP,I-DMAC和I-SMAC分别代表内层报文以太头部目的MAC和源MAC。1 is a schematic diagram of a format of a VXLAN packet in the related art, where O-SIP and O-DIP respectively represent a source IP and a destination IP of an outer IP header, and I-DMAC and I-SMAC respectively represent an inner header of an Ethernet packet. Destination MAC and source MAC.
图2是相关技术中的VXLAN网络的组网示意图。假设虚拟隧道终端VTEP1(Virtual Tunnel End Point)下的虚拟机VM A(Virtual Machine)要与VTEP2下的VM C实现通信,一般情况下通过组播进行。通过指定 VNID映射到一个组播组,网络中相同VNID所属的VTEP加入同一个组播组,利用组播和学习机制完成MAC地址学习和报文转发,具体包括以下步骤:FIG. 2 is a schematic diagram of networking of a VXLAN network in the related art. Assume that the virtual machine VM A (Virtual Machine) under the VTEP1 (Virtual Tunnel End Point) needs to communicate with the VM C under VTEP2, and is generally multicast. By specifying The VNID is mapped to a multicast group. The VTEPs of the same VNIDs in the network are added to the same multicast group. The multicast and learning mechanisms are used to implement MAC address learning and packet forwarding. The following steps are included:
1、VM A发送I-SMAC为A、I-DMAC为C的报文,VTEP1首先学习A的地址(即,记录VM A的MAC地址),然后在VTEP1上查找C的地址,若查找不到则将原始数据报文加上VXLAN头以组播的形式封装发送给所有加入该组播组的其他VTEP;1. VM A sends an I-SMAC message with A and I-DMAC as C. VTEP1 first learns the address of A (that is, records the MAC address of VM A), and then searches for the address of C on VTEP1. The original data packet plus the VXLAN header is encapsulated and sent to all other VTEPs that join the multicast group in a multicast manner;
2、网络中的其他VTEP收到VTEP1发送过来的组播封装的VXLAN报文,学习报文中I-SMAC的地址A,然后查找I-DMAC的地址C,查找不到则将报文解封装,然后在本地接入的VM中泛洪;2. The other VTEPs in the network receive the VXLAN packet encapsulated by the VTEP1, learn the address A of the I-SMAC in the packet, and then find the address C of the I-DMAC. If the VTEP does not find the packet, the packet is decapsulated. And then flooding the locally accessed VM;
3、VM C接收到VTEP2泛洪的报文,至此VMA发送的I-SMAC为A、I-DMAC为C的数据报文顺利到达VM C。3. VM C receives the VTEP2 flooding message. The data packet sent by the VMA to the I-SMAC is A, and the I-DMAC is C.
这个时候问题就出现了,如果VM C不发送反向到VM A的报文的话,VTEP2以及VTEP1则不会知道VM C的地址,VM A发送的到VM C的数据报文会一直以组播的形式封装出去,其他VTEP以及其他VM会收到本不必收到的报文,这种情况下会占据网络带宽并且影响设备性能。针对此类情况,相关技术中提出了如下解决方案:在网络中加入代理服务器,使所有的未知单播报文都经代理服务器转发,以此来减少网络中的组播,但是此方法需要额外添加高性能代理服务器设备,并且也会增加组网部署的复杂度。At this time, the problem arises. If VM C does not send a message that is reversed to VM A, VTEP2 and VTEP1 will not know the address of VM C, and the data message sent by VM A to VM C will always be multicast. The form is encapsulated, and other VTEPs and other VMs receive messages that they do not have to receive. In this case, they occupy network bandwidth and affect device performance. In response to such a situation, the following solutions are proposed in the related art: adding a proxy server to the network, so that all unknown unicast packets are forwarded by the proxy server, thereby reducing multicast in the network, but this method requires additional addition. High-performance proxy server devices, and will also increase the complexity of networking deployment.
针对相关技术中存在的在VTEP之间进行报文转发时会出现的占据网络带宽影响设备性能的问题,相关技术中并未提出有效的解决方案。An effective solution has not been proposed in the related art for the problem that the network bandwidth affects the performance of the device that occurs when the message is forwarded between the VTEPs in the related art.
发明内容Summary of the invention
本发明实施例提供了一种虚拟可扩展局域网VXLAN中报文转发方法及装置,以至少解决相关技术中存在的在VTEP之间进行报文转发时会出现的占据网络带宽影响设备性能的问题。 The embodiment of the invention provides a method and a device for forwarding a message in a virtual scalable local area network (VXLAN), so as to solve at least the problem that the network bandwidth affects the performance of the device that occurs when the message is forwarded between the VTEPs in the related art.
根据本发明的一个实施例,提供了一种虚拟可扩展局域网VXLAN中报文转发方法,包括:第一虚拟隧道终端VTEP接收来自第一虚拟机VM的第一报文,其中,所述第一报文的目的VM媒体接入控制MAC地址为第二VM的MAC地址;所述第一VTEP根据所述第一VTEP中记录的所述第二VM的MAC地址和与所述第二VM连接的第二VTEP的对应关系确定所述第二VTEP,其中,所述第二VM的MAC地址和所述第二VTEP的对应关系为所述第二VTEP告知给所述第一VTEP的;所述第一VTEP将所述第一报文通过所述第二VTEP转发给所述第二VM。According to an embodiment of the present invention, a packet forwarding method in a virtual scalable local area network VXLAN is provided, including: a first virtual tunnel terminal VTEP receives a first packet from a first virtual machine VM, where the first The destination VM media access control MAC address is the MAC address of the second VM; the first VTEP is based on the MAC address of the second VM recorded in the first VTEP and connected to the second VM Corresponding relationship of the second VTEP determines the second VTEP, wherein the correspondence between the MAC address of the second VM and the second VTEP is that the second VTEP is notified to the first VTEP; A VTEP forwards the first message to the second VM through the second VTEP.
可选地,在所述第一VTEP接收来自所述第一VM的所述第一报文之前,所述方法还包括:所述第一VTEP接收第二报文,其中,所述第二报文的目的VM MAC地址为所述第二VM的MAC地址;所述第一VTEP在确定所述第一VTEP中未记录有所述第二VM的MAC地址和所述第二VTEP的对应关系的情况下,将所述第二报文封装为组播VXLAN报文;所述第一VTEP将所述组播VXLAN报文发送给与所述第一VTEP属于同一个组播组的其他VTEP;所述第一VTEP接收并记录所述其他VTEP中与所述第二VM连接的VTEP根据所述组播VXLAN报文应答的所述第二VM的MAC地址和所述第二VTEP的对应关系。Optionally, before the first VTEP receives the first packet from the first VM, the method further includes: the first VTEP receiving a second packet, where the second packet The destination VM MAC address is the MAC address of the second VM; the first VTEP determines that the correspondence between the MAC address of the second VM and the second VTEP is not recorded in the first VTEP In the case, the second packet is encapsulated into a multicast VXLAN packet; the first VTEP sends the multicast VXLAN packet to another VTEP that belongs to the same multicast group as the first VTEP; The first VTEP receives and records the correspondence between the MAC address of the second VM and the second VTEP that the VTEP connected to the second VM in the other VTEP responds to according to the multicast VXLAN message.
可选地,所述第一VTEP在将所述组播VXLAN报文发送给与所述第一VTEP属于同一个组播组的所述其他VTEP之后,所述方法还包括:所述第一VTEP在未接收到所述第二VM的MAC地址和所述第二VTEP的对应关系的情况下,丢弃所述第二报文;或者,所述第一VTEP在未接收到所述第二VM的MAC地址和所述第二VTEP的对应关系的情况下,重新将所述第二报文封装成组播VXLAN报文;将重新封装成的组播VXLAN报文发送给与所述第一VTEP属于同一个组播组的其他VTEP。Optionally, after the first VTEP sends the multicast VXLAN message to the other VTEP that belongs to the same multicast group as the first VTEP, the method further includes: the first VTEP If the correspondence between the MAC address of the second VM and the second VTEP is not received, discarding the second packet; or the first VTEP is not receiving the second VM And the second packet is encapsulated into a multicast VXLAN packet, and the re-encapsulated multicast VXLAN packet is sent to the first VTEP, where the mapping between the MAC address and the second VTEP is performed. Other VTEPs of the same multicast group.
可选地,所述第一VTEP在接收并记录所述其他VTEP中与所述第二VM连接的VTEP根据所述组播VXLAN报文应答的所述第二VM的MAC地址和所述第二VTEP的对应关系之前,所述方法还包括:所述第一VTEP接收第三报文,其中,所述第三报文的目的VM MAC地址为所述第二VM 的MAC地址;缓存所述第三报文;以及,所述第一VTEP在接收并记录所述其他VTEP中与所述第二VM连接的VTEP根据所述组播VXLAN报文应答的所述第二VM的MAC地址和所述第二VTEP的对应关系之后,所述方法还包括:所述第一VTEP根据所述第二VM的MAC地址和所述第二VTEP的对应关系将缓存的所述第三报文通过所述第二VTEP转发给所述第二VM。Optionally, the first VTEP receives and records the MAC address of the second VM and the second VTEP that are connected to the second VM in the other VTEP according to the multicast VXLAN message. Before the mapping of the VTEP, the method further includes: the first VTEP receiving the third packet, where the destination VM MAC address of the third packet is the second VM a MAC address; buffering the third message; and the first VTEP receiving and recording, in the other VTEP, the VTEP connected to the second VM according to the multicast VXLAN message After the correspondence between the MAC address of the second VM and the second VTEP, the method further includes: the first VTEP, according to the correspondence between the MAC address of the second VM and the second VTEP, the cached The third message is forwarded to the second VM by the second VTEP.
可选地,所述第一VTEP在接收并记录所述其他VTEP中与所述第二VM连接的VTEP根据所述组播VXLAN报文应答的所述第二VM的MAC地址和所述第二VTEP的对应关系之后,所述方法还包括:所述第一VTEP在记录了所述第二VM的MAC地址和所述第二VTEP的对应关系之后的第一预定时间之内未接收到与所述第二VM连接的VTEP再次应答的所述对应关系的情况下,删除记录的所述第二VM的MAC地址和所述第二VTEP的对应关系;和/或,所述第一VTEP在记录了所述第二VM的MAC地址和所述第二VTEP的对应关系之后的第一预定时间之内接收到与所述第二VM连接的VTEP再次应答的所述第二VM的MAC地址和所述第二VTEP的对应关系的情况下,维持记录的所述第二VM的MAC地址和所述第二VTEP的对应关系。Optionally, the first VTEP receives and records the MAC address of the second VM and the second VTEP that are connected to the second VM in the other VTEP according to the multicast VXLAN message. After the correspondence between the VTEPs, the method further includes: the first VTEP does not receive the first predetermined time after the correspondence between the MAC address of the second VM and the second VTEP is recorded. Deleting the recorded correspondence between the MAC address of the second VM and the second VTEP in the case where the correspondence relationship of the VTEP of the second VM connection is answered again; and/or the first VTEP is recording Receiving the MAC address and location of the second VM that is replied to by the VTEP connected to the second VM within the first predetermined time after the correspondence between the MAC address of the second VM and the second VTEP In the case of the correspondence relationship of the second VTEP, the correspondence between the recorded MAC address of the second VM and the second VTEP is maintained.
可选地,所述方法还包括:所述第一VTEP接收与所述第一VTEP连接的一个或多个VM通告的所述一个或多个VM的MAC地址;所述第一VTEP记录与所述第一VTEP连接的一个或多个VM的MAC地址;其中,当所述第一VTEP在记录了与所述第一VTEP连接的一个或多个VM的MAC地址之后的第二预定时间内未接收到与所述第一VTEP连接的一个或多个VM中的第一部分VM再次通告的所述第一部分VM的MAC地址的情况下,删除记录的所述第一部分VM的MAC地址;和/或,当所述第一VTEP在记录了与所述第一VTEP连接的一个或多个VM的MAC地址之后的第二预定时间内接收到了与所述第一VTEP连接的一个或多个VM中的第二部分VM再次通告的所述第二部分VM的MAC地址的情况下,维持记录的所述第二部分VM的MAC地址。 Optionally, the method further includes: the first VTEP receiving a MAC address of the one or more VMs advertised by one or more VMs connected to the first VTEP; the first VTEP record a MAC address of one or more VMs of the first VTEP connection; wherein, when the first VTEP is in a second predetermined time after recording a MAC address of one or more VMs connected to the first VTEP Deleting the MAC address of the first portion VM of the record if the MAC address of the first portion VM re-advertised by the first portion VM of the one or more VMs connected to the first VTEP is received; and/or And receiving, in the second predetermined time after the first VTEP is connected to the MAC address of the one or more VMs connected to the first VTEP, in one or more VMs connected to the first VTEP In the case where the second part VM re-advertises the MAC address of the second part VM, the MAC address of the second part VM of the record is maintained.
根据本发明的另一个实施例,还提供了一种虚拟可扩展局域网VXLAN中报文转发方法,包括:第二虚拟隧道终端VTEP接收来自第一VTEP的组播VXLAN报文,其中,所述组播VXLAN报文是由所述第一VTEP对来自第一虚拟机VM的第二报文进行封装得到的,所述第二报文的源VM媒体接入控制MAC地址为所述第一VM的MAC地址,所述第二报文的目的VM MAC地址为第二VM的MAC地址;所述第二VTEP查找与所述第二VTEP连接的VM中是否存在所述第二VM;所述第二VTEP在查找到所述第二VM的情况下,对所述组播VXLAN报文进行解封装并将得到的所述第二报文发送给所述第二VM,以及,将所述第二VM的MAC地址和所述第二VTEP的对应关系应答给所述第一VTEP。According to another embodiment of the present invention, a method for forwarding a message in a virtual scalable local area network (VXLAN) is provided, comprising: a second virtual tunnel terminal VTEP receiving a multicast VXLAN message from a first VTEP, wherein the group The broadcast VXLAN packet is obtained by encapsulating the second packet from the first virtual machine VM by the first VTEP, and the source VM media access control MAC address of the second packet is the first VM a MAC address, a destination VM MAC address of the second packet is a MAC address of the second VM; the second VTEP searches for a second VM in the VM connected to the second VTEP; the second The VTEP decapsulates the multicast VXLAN packet and sends the obtained second packet to the second VM, and the second VM, when the second VM is found. Corresponding relationship between the MAC address and the second VTEP is replied to the first VTEP.
可选地,所述第二VTEP在接收来自第一VTEP的组播VXLAN报文之后,所述方法还包括:所述第二VTEP记录所述第一VM的MAC地址和所述第一VTEP的对应关系。Optionally, after the second VTEP receives the multicast VXLAN message from the first VTEP, the method further includes: the second VTEP records the MAC address of the first VM and the first VTEP Correspondence relationship.
可选地,所述第二VTEP在记录所述第一VM的MAC地址和所述第一VTEP的对应关系之后,所述方法还包括:所述第二VTEP在记录了所述第一VM的MAC地址和所述第一VTEP的对应关系之后的第一预定时间之内未接收到来自所述第一VTEP的且源VM MAC地址为所述第一VM的报文的情况下,删除记录的所述第一VM的MAC地址和所述第一VTEP的对应关系;和/或,所述第二VTEP在记录了所述第一VM的MAC地址和所述第一VTEP的对应关系之后的第一预定时间之内接收到来自所述第一VTEP的且源VM MAC地址为所述第一VM的报文的情况下,维持记录的所述第一VM的MAC地址和所述第一VTEP的对应关系。Optionally, after the second VTEP records the correspondence between the MAC address of the first VM and the first VTEP, the method further includes: the second VTEP is recording the first VM In the case where the message from the first VTEP and the source VM MAC address is the first VM is not received within the first predetermined time after the correspondence between the MAC address and the first VTEP, the record is deleted. Corresponding relationship between the MAC address of the first VM and the first VTEP; and/or the second VTEP after recording the correspondence between the MAC address of the first VM and the first VTEP Maintaining the recorded MAC address of the first VM and the first VTEP in a case where a message from the first VTEP and the source VM MAC address is the first VM is received within a predetermined time Correspondence relationship.
可选地,所述方法还包括:所述第二VTEP接收与所述第二VTEP连接的一个或多个VM通告的所述一个或多个VM的MAC地址;所述第二VTEP记录与所述第二VTEP连接的一个或多个VM的MAC地址;其中,当所述第二VTEP在记录了与所述第二VTEP连接的一个或多个VM的MAC地址之后的第二预定时间内未接收到与所述第二VTEP连接的一个或多个VM中的第一部分VM再次通告的所述第一部分VM的MAC地址 的情况下,删除记录的所述第一部分VM的MAC地址;和/或,当所述第二VTEP在记录了与所述第二VTEP连接的一个或多个VM的MAC地址之后的第二预定时间内接收到了与所述第二VTEP连接的一个或多个VM中的第二部分VM再次通告的所述第二部分VM的MAC地址的情况下,维持记录的所述第二部分VM的MAC地址。Optionally, the method further includes: the second VTEP receiving a MAC address of the one or more VMs advertised by one or more VMs connected to the second VTEP; the second VTEP record a MAC address of one or more VMs connected to the second VTEP; wherein, when the second VTEP is in a second predetermined time after recording a MAC address of one or more VMs connected to the second VTEP Receiving a MAC address of the first partial VM that is advertised again by the first one of the one or more VMs connected to the second VTEP a case where the MAC address of the first portion VM of the record is deleted; and/or a second reservation after the second VTEP records the MAC address of the one or more VMs connected to the second VTEP Maintaining the MAC of the second part VM of the record if the MAC address of the second part VM re-advertised by the second part VM of the one or more VMs connected to the second VTEP is received in time address.
根据本发明的另一个实施例,还提供了一种虚拟可扩展局域网VXLAN中报文转发装置,所述装置应用于第一虚拟隧道终端VTEP中,包括:第一接收模块,设置为接收来自第一虚拟机VM的第一报文,其中,所述第一报文的目的VM媒体接入控制MAC地址为第二VM的MAC地址;确定模块,设置为根据所述第一VTEP中记录的所述第二VM的MAC地址和与所述第二VM连接的第二VTEP的对应关系确定所述第二VTEP,其中,所述第二VM的MAC地址和所述第二VTEP的对应关系为所述第二VTEP告知给所述第一VTEP的;转发模块,设置为将所述第一报文通过所述第二VTEP转发给所述第二VM。According to another embodiment of the present invention, there is also provided a message forwarding device in a virtual scalable local area network (VXLAN), the device being applied to the first virtual tunnel terminal VTEP, comprising: a first receiving module, configured to receive from the first a first packet of the virtual machine VM, wherein the destination VM media access control MAC address of the first packet is a MAC address of the second VM; and the determining module is configured to be according to the record in the first VTEP Determining, by the correspondence between the MAC address of the second VM and the second VTEP connected to the second VM, the second VTEP, wherein the correspondence between the MAC address of the second VM and the second VTEP is The second VTEP is notified to the first VTEP; the forwarding module is configured to forward the first packet to the second VM through the second VTEP.
根据本发明的另一个实施例,还提供了一种虚拟可扩展局域网VXLAN中报文转发装置,所述装置应用于第二虚拟隧道终端VTEP中,包括:第二接收模块,设置为接收来自第一VTEP的组播XLAN报文,其中,所述组播VXLAN报文是由所述第一VTEP对来自第一虚拟机VM的第二报文进行封装得到的,所述第二报文的源VM媒体接入控制MAC地址为所述第一VM的MAC地址,所述第二报文的目的VM MAC地址为第二VM的MAC地址;查找模块,设置为查找与所述第二VTEP连接的VM中是否存在所述第二VM;发送模块,设置为在查找到所述第二VM的情况下,对所述组播VXLAN报文进行解封装并将得到的所述第二报文发送给所述第二VM,以及,将所述第二VM的MAC地址和所述第二VTEP的对应关系应答给所述第一VTEP。According to another embodiment of the present invention, there is also provided a message forwarding device in a virtual scalable local area network (VXLAN), the device being applied to the second virtual tunnel terminal VTEP, comprising: a second receiving module, configured to receive from the first a VTEP multicast XLAN packet, wherein the multicast VXLAN packet is encapsulated by the first VTEP for the second packet from the first virtual machine VM, and the source of the second packet is The VM media access control MAC address is the MAC address of the first VM, the destination VM MAC address of the second packet is the MAC address of the second VM, and the lookup module is configured to look up the connection with the second VTEP. Whether the second VM exists in the VM; the sending module is configured to: when the second VM is found, decapsulate the multicast VXLAN packet and send the obtained second packet to And the second VM, and the corresponding relationship between the MAC address of the second VM and the second VTEP is replied to the first VTEP.
根据本发明的又一个实施例,还提供了一种存储介质。该存储介质设置为存储用于执行上述各步骤的程序代码。 According to still another embodiment of the present invention, a storage medium is also provided. The storage medium is arranged to store program code for performing the various steps described above.
根据本发明的又一个实施例,还提供了一种处理器,所述处理器用于运行程序,其中,所述程序运行时执行上述任一项所述的方法。According to still another embodiment of the present invention, there is also provided a processor for running a program, wherein the program is executed to perform the method of any of the above.
通过本发明实施例,由于第一VTEP中可以预先记录有其他VM的MAC地址和与该VM连接的VTEP的对应关系,因此,可以根据第一VTEP中记录的其他VM的MAC地址和与该VM连接的VTEP的对应关系定向转发报文,从而无需一直以组播的方式发送报文,有效避免向其他非相关VTEP发送报文,有效解决了相关技术中存在的在VTEP之间进行报文转发时会出现占据网络带宽影响设备性能的问题,达到了避免过多占用网络带宽,提高设备性能的效果。According to the embodiment of the present invention, since the MAC address of the other VM and the VTEP of the VM are pre-recorded in the first VTEP, the MAC address of the other VM recorded in the first VTEP and the VM may be used. The VTEPs are forwarded to forward packets. The packets are sent in the multicast mode. This prevents the packets from being forwarded to other non-related VTEPs. When the network bandwidth affects the performance of the device, the problem of avoiding excessive network bandwidth and improving device performance is achieved.
附图说明DRAWINGS
此处所说明的附图用来提供对本发明的进一步理解,构成本申请的一部分,本发明的示意性实施例及其说明用于解释本发明,并不构成对本发明的不当限定。在附图中:The drawings described herein are intended to provide a further understanding of the invention, and are intended to be a part of the invention. In the drawing:
图1是相关技术中的VXLAN报文格式示意图;1 is a schematic diagram of a format of a VXLAN message in the related art;
图2是相关技术中的VXLAN网络的组网示意图;2 is a schematic diagram of networking of a VXLAN network in the related art;
图3是根据本发明实施例的VXLAN中报文转发方法的流程图(一);3 is a flowchart (1) of a packet forwarding method in a VXLAN according to an embodiment of the present invention;
图4是根据本发明实施例的VXLAN中报文转发方法的流程图(二);4 is a flowchart (2) of a packet forwarding method in a VXLAN according to an embodiment of the present invention;
图5是根据本发明实施例的VXLAN网络中报文转发的流程图;FIG. 5 is a flowchart of packet forwarding in a VXLAN network according to an embodiment of the present invention; FIG.
图6是根据本发明实施例的VXLAN中报文结构示意图;6 is a schematic structural diagram of a message in a VXLAN according to an embodiment of the present invention;
图7是根据本发明具体实施例一的VXLAN中报文转发流程图;7 is a flow chart of packet forwarding in a VXLAN according to a specific embodiment of the present invention;
图8是根据本发明具体实施例二的VXLAN中报文转发流程图;8 is a flow chart of packet forwarding in a VXLAN according to a second embodiment of the present invention;
图9是根据本发明具体实施例三的VXLAN中报文转发流程图;9 is a flow chart of packet forwarding in a VXLAN according to a third embodiment of the present invention;
图10是根据本发明实施例的VXLAN中报文转发装置的结构框图(一);10 is a structural block diagram (1) of a message forwarding device in a VXLAN according to an embodiment of the present invention;
图11是根据本发明实施例的VXLAN中报文转发装置的结构框图 (二);11 is a structural block diagram of a message forwarding device in a VXLAN according to an embodiment of the present invention. (two);
图12是根据本发明实施例的VXLAN中报文转发装置结构示意图。FIG. 12 is a schematic structural diagram of a message forwarding apparatus in a VXLAN according to an embodiment of the present invention.
具体实施方式detailed description
下文中将参考附图并结合实施例来详细说明本发明。需要说明的是,在不冲突的情况下,本申请中的实施例及实施例中的特征可以相互组合。The invention will be described in detail below with reference to the drawings in conjunction with the embodiments. It should be noted that the embodiments in the present application and the features in the embodiments may be combined with each other without conflict.
需要说明的是,本发明的说明书和权利要求书及上述附图中的术语“第一”、“第二”等是用于区别类似的对象,而不必用于描述特定的顺序或先后次序。It is to be understood that the terms "first", "second" and the like in the specification and claims of the present invention are used to distinguish similar objects, and are not necessarily used to describe a particular order or order.
在本实施例中提供了一种虚拟可扩展局域网VXLAN中报文转发方法,图3是根据本发明实施例的VXLAN中报文转发方法的流程图(一),如图3所示,该流程包括如下步骤:In this embodiment, a packet forwarding method in a virtual scalable local area network VXLAN is provided. FIG. 3 is a flowchart (1) of a packet forwarding method in a VXLAN according to an embodiment of the present invention, as shown in FIG. Including the following steps:
步骤S302,第一虚拟隧道终端VTEP接收来自第一虚拟机VM的第一报文,其中,该第一报文的目的VM媒体接入控制MAC地址为第二VM的MAC地址;Step S302, the first virtual tunnel terminal VTEP receives the first packet from the first virtual machine VM, where the destination VM media access control MAC address of the first packet is the MAC address of the second VM;
步骤S304,上述第一VTEP根据第一VTEP中记录的第二VM的MAC地址和与第二VM连接的第二VTEP的对应关系确定第二VTEP,其中,该第二VM的MAC地址和第二VTEP的对应关系为第二VTEP告知给第一VTEP的;Step S304, the first VTEP determines a second VTEP according to a correspondence between a MAC address of the second VM recorded in the first VTEP and a second VTEP connected to the second VM, where the MAC address of the second VM and the second The correspondence relationship of the VTEP is notified to the first VTEP by the second VTEP;
步骤S306,上述第一VTEP将第一报文通过上述第二VTEP转发给第二VM。Step S306, the first VTEP forwards the first packet to the second VM by using the second VTEP.
其中,上述第一VM是与第一VTEP连接的,上述第一报文的源VM MAC地址即该第一VM的MAC地址。在上述实施例中,当第一VM向第一VTEP发送报文(例如,上述的第一报文)之后,第一VTEP中会记录(也可称为学习)第一VM的MAC地址。上述的第二VM的MAC地址和第二VTEP的对应关系可以是第二VTEP在将来自第一VTEP(可以是第一VTEP连接的第一VM发送的,也可以是第一VTEP连接的其他 VM发送的)且待发送到第二VM的报文转发给第二VM之后,向第一VTEP反向通告的。The first VM is connected to the first VTEP, and the source VM MAC address of the first packet is the MAC address of the first VM. In the above embodiment, after the first VM sends a message (for example, the first message described above) to the first VTEP, the MAC address of the first VM is recorded (also referred to as learning) in the first VTEP. The correspondence between the MAC address of the second VM and the second VTEP may be that the second VTEP is to be sent from the first VTEP (which may be sent by the first VM connected to the first VTEP, or may be the first VTEP connection). After the message sent by the VM and sent to the second VM is forwarded to the second VM, it is advertised to the first VTEP.
通过上述步骤,由于第一VTEP中可以预先记录有其他VM的MAC地址和与该VM连接的VTEP的对应关系,因此,可以根据第一VTEP中记录的其他VM的MAC地址和与该VM连接的VTEP的对应关系单播转发报文,从而无需一直以组播的方式发送报文,有效避免向其他非相关VTEP发送报文,有效解决了相关技术中存在的在VTEP之间进行报文转发时会出现占据网络带宽影响设备性能的问题,达到了避免过多占用网络带宽,提高设备性能的效果。Through the above steps, since the correspondence between the MAC address of the other VM and the VTEP connected to the VM can be pre-recorded in the first VTEP, the MAC address of the other VM recorded in the first VTEP and the MAC address can be connected to the VM. The VTEP unicasts the packets, so that the packets are not sent in the multicast mode, and the packets are sent to other non-related VTEPs. This effectively solves the problem of forwarding packets between VTEPs. There is a problem that the network bandwidth affects the performance of the device, and the effect of avoiding excessive network bandwidth and improving device performance is achieved.
由上述实施例可知,在第一VTEP中可以记录有第二VM的MAC地址和第二VTEP的对应关系,下面对如何记录上述第二VM的MAC地址和第二VTEP的对应关系进行说明:在上述第一VTEP接收来自第一VM的第一报文之前,上述方法还包括:第一VTEP接收第二报文,其中,该第二报文的目的VM MAC地址为第二VM的MAC地址;上述第一VTEP在确定第一VTEP中未记录有第二VM的MAC地址和第二VTEP的对应关系的情况下,将第二报文封装为组播VXLAN报文;上述第一VTEP将组播VXLAN报文发送给与第一VTEP属于同一个组播组的其他VTEP;第一VTEP接收并记录其他VTEP中与第二VM连接的VTEP根据组播VXLAN报文应答的第二VM的MAC地址和第二VTEP的对应关系。在本实施例中,第一VTEP在将组播VXLAN报文发送给与第一VTEP属于同一个组播组的其他VTEP后,该同一个组播组中的其他VTEP可以记录第一VM的MAC地址和第一VTEP的对应关系,其中,与第二VM连接的第二VTEP在查找到自身连接有第二VM之后,会对上述组播VXLAN报文解封装并将解封装后得到的第二报文发送给第二VM,并且第二VTEP会向第一VTEP通告第二VM的MAC地址和第二VTEP的对应关系。余下的VTEP(即,同一个组播组的其他VTEP中除第一VTEP之外的VTEP)在自身连接的VM中未查找到第二VM,则会将接收到的组播VXLAN报文丢弃。并且,余下的VTEP上经过一段时间之后若未再接收 到来自第一VTEP且源VM MAC地址是第一VM的MAC地址的报文的情况下,余下的VTEP会将记录的第一VM的MAC地址和第一VTEP的对应关系老化删除。上述的组播VXLAN报文的外层IP头的O-DIP为VNID对应的组播IP地址(即,组播组的IP地址),O-SIP为源VTEP(即,第一VTEP)的IP地址。It can be seen from the above embodiment that the correspondence between the MAC address of the second VM and the second VTEP can be recorded in the first VTEP. The following describes how to record the correspondence between the MAC address of the second VM and the second VTEP: Before the first VTEP receives the first packet from the first VM, the method further includes: the first VTEP receiving the second packet, where the destination VM MAC address of the second packet is the MAC address of the second VM The first VTEP encapsulates the second packet into a multicast VXLAN packet when the first VTEP does not record the correspondence between the MAC address of the second VM and the second VTEP; the first VTEP group The broadcast VXLAN message is sent to other VTEPs belonging to the same multicast group as the first VTEP; the first VTEP receives and records the MAC address of the second VM that the VTEP connected to the second VM in the other VTEP responds to according to the multicast VXLAN message. Correspondence with the second VTEP. In this embodiment, after the first VTEP sends the multicast VXLAN message to other VTEPs that belong to the same multicast group as the first VTEP, the other VTEPs in the same multicast group can record the MAC of the first VM. Corresponding relationship between the address and the first VTEP, wherein the second VTEP connected to the second VM, after finding that the second VM is connected to itself, decapsulates the multicast VXLAN message and obtains the second obtained after decapsulation The message is sent to the second VM, and the second VTEP notifies the first VTEP of the correspondence between the MAC address of the second VM and the second VTEP. The remaining VTEP (that is, the VTEP other than the first VTEP in the other VTEPs of the same multicast group) does not find the second VM in the VM connected to it, and discards the received multicast VXLAN packet. And, if the remaining VTEP has not been received after a period of time In the case of a packet from the first VTEP and the source VM MAC address is the MAC address of the first VM, the remaining VTEP aging deletes the correspondence between the recorded MAC address of the first VM and the first VTEP. The O-DIP of the outer IP header of the multicast VXLAN packet is the multicast IP address corresponding to the VNID (that is, the IP address of the multicast group), and the O-SIP is the IP of the source VTEP (that is, the first VTEP). address.
在一个可选的实施例中,上述第一VTEP在将组播VXLAN报文发送给与第一VTEP属于同一个组播组的其他VTEP之后,上述方法还包括:第一VTEP在未接收到第二VM的MAC地址和第二VTEP的对应关系的情况下,丢弃上述第二报文;或者,第一VTEP在未接收到第二VM的MAC地址和第二VTEP的对应关系的情况下,重新将上述第二报文封装成组播VXLAN报文;将重新封装成的组播VXLAN报文发送给与第一VTEP属于同一个组播组的其他VTEP。在本实施例中,当第一VTEP没有接收(可以是在一个预定的时间内没有接收)到第二VM的MAC地址和第二VTEP的对应关系时,说明其他VTEP可能没有连接第二VM,为了避免资源占用,可以丢弃第二报文。在本实施例中,当第一VTEP没有接收(可以是在一个预定的时间内没有接收)到第二VM的MAC地址和第二VTEP的对应关系时,除了执行上述的丢弃操作之外,也可以重新组播封装第二报文,并再次发送封装后的组播VXLAN报文,需要说明的是,执行重新封装第二报文的前提条件也可以是第一VTEP没有接收(可以是在一个预定的时间内没有接收)到第二VM的MAC地址和第二VTEP的对应关系,并且,第一VTEP持续收到待发送到第二VM的报文。In an optional embodiment, after the first VTEP sends the multicast VXLAN message to another VTEP that belongs to the same multicast group as the first VTEP, the method further includes: the first VTEP is not received. If the correspondence between the MAC address of the second VM and the second VTEP is performed, the second packet is discarded; or the first VTEP does not receive the correspondence between the MAC address of the second VM and the second VTEP. The second packet is encapsulated into a multicast VXLAN packet, and the re-encapsulated multicast VXLAN packet is sent to other VTEPs that belong to the same multicast group as the first VTEP. In this embodiment, when the first VTEP does not receive (may not be received within a predetermined time) to the correspondence between the MAC address of the second VM and the second VTEP, it indicates that the other VTEP may not be connected to the second VM. To avoid resource occupation, the second packet can be discarded. In this embodiment, when the first VTEP does not receive (may not be received within a predetermined time) to the correspondence between the MAC address of the second VM and the second VTEP, in addition to performing the discard operation described above, The second packet can be re-encapsulated and the encapsulated multicast VXLAN packet is sent again. It should be noted that the pre-condition for performing the re-encapsulation of the second packet may also be that the first VTEP is not received (may be in one The correspondence between the MAC address of the second VM and the second VTEP is not received within a predetermined time, and the first VTEP continues to receive the message to be sent to the second VM.
在一个可选的实施例中,上述第一VTEP在接收并记录其他VTEP中与第二VM连接的VTEP根据组播VXLAN报文应答的第二VM的MAC地址和所述第二VTEP的对应关系之前,上述方法还包括:第一VTEP接收第三报文,其中,该第三报文的目的VM MAC地址为第二VM的MAC地址;缓存该第三报文;以及,第一VTEP在接收并记录其他VTEP中与第二VM连接的VTEP根据组播VXLAN报文应答的第二VM的MAC地址和第二VTEP的对应关系之后,上述方法还包括:第一VTEP根据第二 VM的MAC地址和第二VTEP的对应关系将缓存的第三报文通过第二VTEP转发给第二VM。在本实施例中,可以将等待获取第二VM的MAC地址和与所述第二VM连接的所述第二VTEP的对应关系的等待时间内接收到的待发送到第二VM的报文暂时缓存起来,等获取到上述第二VM的MAC地址和与第二VM连接的第二VTEP的对应关系之后,再单播发送暂时缓存的报文,从而可以减少组播发送报文的次数,有效降低网络带宽的占用。In an optional embodiment, the first VTEP receives and records the correspondence between the MAC address of the second VM and the second VTEP that the VTEP connected to the second VM in the other VTEP responds to according to the multicast VXLAN message. The foregoing method further includes: the first VTEP receives the third packet, where the destination VM MAC address of the third packet is the MAC address of the second VM; the third packet is buffered; and the first VTEP is receiving And after the mapping between the MAC address of the second VM and the second VTEP that the VTEP connected to the second VM in the other VTEP is configured according to the multicast VXLAN message, the method further includes: the first VTEP according to the second Corresponding relationship between the MAC address of the VM and the second VTEP forwards the buffered third packet to the second VM through the second VTEP. In this embodiment, the message to be sent to the second VM that is waiting to be acquired within the waiting time of the correspondence between the MAC address of the second VM and the second VTEP connected to the second VM may be temporarily obtained. After being cached, after obtaining the correspondence between the MAC address of the second VM and the second VTEP connected to the second VM, the unicast packet is temporarily unicast, thereby reducing the number of times the multicast packet is sent. Reduce the occupation of network bandwidth.
在一个可选的实施例中,上述第一VTEP在接收并记录其他VTEP中与第二VM连接的VTEP根据所述组播VXLAN报文应答的第二VM的MAC地址和第二VTEP的对应关系之后,上述方法还包括:第一VTEP在记录了第二VM的MAC地址和第二VTEP的对应关系之后的第一预定时间之内未接收到与第二VM连接的VTEP再次应答的对应关系的情况下,删除记录的上述第二VM的MAC地址和第二VTEP的对应关系;和/或,第一VTEP在记录了第二VM的MAC地址和第二VTEP的对应关系之后的第一预定时间之内接收到与第二VM连接的VTEP再次应答的第二VM的MAC地址和第二VTEP的对应关系的情况下,维持记录的上述第二VM的MAC地址和第二VTEP的对应关系。在本实施例中,第一VTEP中记录的对应关系是有一定的老化时间的,当到达老化时间之后没有再次收到上述对应关系时,为了避免不必要的空间占用,需要将上述对应关系删除(删除之后,若再次收到上述对应关系,可以再次进行记录),以及,在老化时间到达之前,再次接收到了上述对应关系时,可以根据再次接收的时间重新计时对应关系的老化时间。In an optional embodiment, the first VTEP receives and records the correspondence between the MAC address of the second VM and the second VTEP that the VTEP connected to the second VM in the other VTEP responds to according to the multicast VXLAN message. Thereafter, the method further includes: the first VTEP does not receive the correspondence of the VTEP re-answer with the second VM connection within the first predetermined time after the correspondence between the MAC address of the second VM and the second VTEP is recorded. In the case of deleting the recorded correspondence between the MAC address of the second VM and the second VTEP; and/or, the first predetermined time after the first VTEP records the correspondence between the MAC address of the second VM and the second VTEP In the case where the correspondence between the MAC address of the second VM and the second VTEP that the VTEP that is connected to the second VM is again received is received, the correspondence between the recorded MAC address of the second VM and the second VTEP is maintained. In this embodiment, the corresponding relationship recorded in the first VTEP has a certain aging time. When the corresponding relationship is not received again after the aging time is reached, in order to avoid unnecessary space occupation, the corresponding relationship needs to be deleted. (After the deletion, if the above correspondence is received again, the recording can be performed again), and when the corresponding relationship is received again before the aging time arrives, the aging time of the correspondence can be re-timed according to the time of re-reception.
在一个可选的实施例中,上述方法还包括:第一VTEP接收与第一VTEP连接的一个或多个VM通告的一个或多个VM的MAC地址;第一VTEP记录与第一VTEP连接的一个或多个VM的MAC地址;其中,当该第一VTEP在记录了与第一VTEP连接的一个或多个VM的MAC地址之后的第二预定时间内未接收到与第一VTEP连接的一个或多个VM中的第一部分VM再次通告的第一部分VM的MAC地址的情况下,删除记录 的第一部分VM的MAC地址;和/或,当第一VTEP在记录了与第一VTEP连接的一个或多个VM的MAC地址之后的第二预定时间内接收到了与第一VTEP连接的一个或多个VM中的第二部分VM再次通告的第二部分VM的MAC地址的情况下,维持记录的第二部分VM的MAC地址。在本实施例中,各VM在接入对应的VTEP时,需要上报自身的MAC地址,并且,各VM需要周期性地向对应的VTEP通告自身的状态(即,上报自身的MAC地址),以便对应的VTEP维护本地活跃的VM的MAC地址信息,达到老化时间后,若VM的状态信息没有更新,则将记录的状态信息没有更新的VM的MAC地址删除。In an optional embodiment, the method further includes: the first VTEP receiving a MAC address of one or more VMs advertised by the one or more VMs connected to the first VTEP; the first VTEP record being connected to the first VTEP a MAC address of one or more VMs; wherein, when the first VTEP does not receive a connection with the first VTEP within a second predetermined time after recording the MAC address of the one or more VMs connected to the first VTEP Delete the record if the MAC of the first part of the VM is advertised again by the first part of the VMs The MAC address of the first portion of the VM; and/or, when the first VTEP receives the first VTEP connection or the second predetermined time after recording the MAC address of the one or more VMs connected to the first VTEP In the case where the second part VM of the plurality of VMs advertises the MAC address of the second part VM again, the MAC address of the second part VM of the record is maintained. In this embodiment, each VM needs to report its own MAC address when accessing the corresponding VTEP, and each VM needs to periodically advertise its own state (that is, report its own MAC address) to the corresponding VTEP. The corresponding VTEP maintains the MAC address information of the locally active VM. After the aging time is reached, if the status information of the VM is not updated, the recorded MAC information of the VM whose status information is not updated is deleted.
在本实施例中还提供了一种虚拟可扩展局域网VXLAN中报文转发方法,图4是根据本发明实施例的VXLAN中报文转发方法的流程图(二),如图4所示,该流程包括如下步骤:In this embodiment, a packet forwarding method in a virtual scalable local area network (VXLAN) is provided. FIG. 4 is a flowchart (2) of a packet forwarding method in a VXLAN according to an embodiment of the present invention. The process includes the following steps:
步骤S402,第二虚拟隧道终端VTEP接收来自第一VTEP的组播VXLAN报文,其中,该组播VXLAN报文是由第一VTEP对来自第一虚拟机VM的第二报文进行封装得到的,第二报文的源VM媒体接入控制MAC地址为所述第一VM的MAC地址,第二报文的目的VM MAC地址为第二VM的MAC地址;Step S402, the second virtual tunnel terminal VTEP receives the multicast VXLAN packet from the first VTEP, where the multicast VXLAN packet is encapsulated by the first VTEP to encapsulate the second packet from the first virtual machine VM. The source VM media access control MAC address of the second packet is the MAC address of the first VM, and the destination VM MAC address of the second packet is the MAC address of the second VM.
步骤S404,上述第二VTEP查找与第二VTEP连接的VM中是否存在第二VM;Step S404, the second VTEP searches for a second VM in the VM connected to the second VTEP;
步骤S406,上述第二VTEP在查找到第二VM的情况下,对组播VXLAN报文进行解封装并将得到的第二报文发送给第二VM,以及,将第二VM的MAC地址和第二VTEP的对应关系应答给第一VTEP。Step S406, the second VTEP decapsulates the multicast VXLAN message and sends the obtained second packet to the second VM, and sends the MAC address of the second VM to the second VM. The correspondence of the second VTEP is replied to the first VTEP.
通过上述步骤,第二VTEP在确定自身连接有第二VM时,可以将第二VM的MAC地址和第二VTEP的对应关系应答给第一VTEP,从而使得第一VTEP根据记录的对应关系单播转发报文,从而无需一直以组播的方式发送报文,有效避免向其他非相关VTEP发送报文,有效解决了相关技术中存在的在VTEP之间进行报文转发时会出现占据网络带宽影响设备 性能的问题,达到了避免过多占用网络带宽,提高设备性能的效果。Through the above steps, when determining that the second VM is connected to the second VTEP, the second VTEP may respond to the first VTEP by the correspondence between the MAC address of the second VM and the second VTEP, so that the first VTEP is unicast according to the recorded correspondence. The packets are forwarded, so that the packets are not sent in the multicast mode. This prevents the packets from being sent to other non-related VTEPs. This effectively solves the problem that network bandwidth can occur when packets are forwarded between VTEPs. Equipment The performance problem has achieved the effect of avoiding excessive network bandwidth consumption and improving device performance.
在一个可选的实施例中,上述第二VTEP在接收来自第一VTEP的组播VXLAN报文之后,上述方法还包括:第二VTEP记录第一VM的MAC地址和第一VTEP的对应关系。从而使得第二VTEP在接收到待发送到第一VM的报文后可以根据第二VTEP中记录的对应关系对报文进行单播发送,无需组播发送。可选地,第二VTEP在接收到单播VXLAN报文时,可以学习报文的I-SMAC,并在本地MAC地址信息表中查找I-DMAC,将该VXLAN报文解封装然后发给对应的本地VM。该单播VXLAN报文是指,VXLAN报文的O-SIP与O-DIP均为单播IP地址,对应组网中某一VTEP(例如该第二VTEP)的IP。当第一VM发送I-DMAC已知的报文时,第一VTEP会在第一VTEP中查找I-DMAC对应的VTEP的IP地址,将数据报文封装为单播VXLAN报文发送给目的VTEP(即,第二VTEP)。In an optional embodiment, after the receiving, by the second VTEP, the multicast VXLAN packet from the first VTEP, the method further includes: the second VTEP records the correspondence between the MAC address of the first VM and the first VTEP. Therefore, after receiving the packet to be sent to the first VM, the second VTEP can perform unicast transmission on the packet according to the corresponding relationship recorded in the second VTEP, without multicast transmission. Optionally, when receiving the unicast VXLAN packet, the second VTEP can learn the I-SMAC of the packet, and look up the I-DMAC in the local MAC address information table, decapsulate the VXLAN packet, and send the corresponding packet to the corresponding packet. Local VM. The unicast VXLAN packet is a unicast IP address of the O-SIP and the O-DIP of the VXLAN packet, and corresponds to the IP of a certain VTEP (for example, the second VTEP) in the networking. When the first VM sends a packet whose I-DMAC is known, the first VTEP searches for the IP address of the VTEP corresponding to the I-DMAC in the first VTEP, and encapsulates the data packet into a unicast VXLAN packet and sends the packet to the destination VTEP. (ie, the second VTEP).
在一个可选的实施例中,上述第二VTEP在记录第一VM的MAC地址和第一VTEP的对应关系之后,上述方法还包括:第二VTEP在记录了第一VM的MAC地址和第一VTEP的对应关系之后的第一预定时间之内未接收到来自第一VTEP的且源VM MAC地址为第一VM的报文的情况下,删除记录的第一VM的MAC地址和第一VTEP的对应关系;和/或,第二VTEP在记录了第一VM的MAC地址和第一VTEP的对应关系之后的第一预定时间之内接收到来自第一VTEP的且源VM MAC地址为第一VM的报文的情况下,维持记录的上述第一VM的MAC地址和第一VTEP的对应关系。在本实施例中,第二VTEP中记录的对应关系是有一定的老化时间的,当到达老化时间之后没有再次收到第二VTEP中记录的对应关系时,为了避免不必要的空间占用,需要将该对应关系删除(删除之后,若再次收到上述对应关系,可以再次进行记录),以及,在老化时间到达之前,再次接收到了该对应关系时,可以根据再次接收的时间重新计时对应关系的老化时间。In an optional embodiment, after the foregoing second VTEP records the correspondence between the MAC address of the first VM and the first VTEP, the method further includes: the second VTEP records the MAC address of the first VM and the first In the case where the message from the first VTEP and the source VM MAC address is the first VM is not received within the first predetermined time after the correspondence of the VTEP, the MAC address of the recorded first VM and the first VTEP are deleted. Corresponding relationship; and/or, the second VTEP receives the source VM MAC address from the first VTEP and the first VM within a first predetermined time after recording the correspondence between the MAC address of the first VM and the first VTEP In the case of the message, the correspondence between the MAC address of the first VM and the first VTEP is maintained. In this embodiment, the corresponding relationship recorded in the second VTEP is a certain aging time. When the corresponding relationship recorded in the second VTEP is not received again after the aging time is reached, in order to avoid unnecessary space occupation, it is required. The corresponding relationship is deleted (after the deletion, if the corresponding relationship is received again, the recording can be performed again), and when the corresponding relationship is received again before the aging time arrives, the corresponding relationship can be re-timed according to the time of receiving again. Aging time.
在一个可选的实施例中,上述方法还包括:第二VTEP接收与第二 VTEP连接的一个或多个VM通告的一个或多个VM的MAC地址;第二VTEP记录与第二VTEP连接的一个或多个VM的MAC地址;其中,当该第二VTEP在记录了与第二VTEP连接的一个或多个VM的MAC地址之后的第二预定时间内未接收到与第二VTEP连接的一个或多个VM中的第一部分VM再次通告的第一部分VM的MAC地址的情况下,删除记录的第一部分VM的MAC地址;和/或,当第二VTEP在记录了与第二VTEP连接的一个或多个VM的MAC地址之后的第二预定时间内接收到了与第二VTEP连接的一个或多个VM中的第二部分VM再次通告的第二部分VM的MAC地址的情况下,维持记录的上述第二部分VM的MAC地址。在本实施例中,各VM在接入对应的VTEP时,需要上报自身的MAC地址,并且,各VM需要周期性地向对应的VTEP通告自身的状态(即,上报自身的MAC地址),以便对应的VTEP维护本地活跃的VM的MAC地址信息,达到老化时间后,若VM的状态信息没有更新,则将记录的状态信息没有更新的VM的MAC地址删除。In an optional embodiment, the method further includes: receiving, by the second VTEP, the second The MAC address of one or more VMs advertised by one or more VMs connected by the VTEP; the second VTEP records the MAC address of one or more VMs connected to the second VTEP; wherein, when the second VTEP is recorded In the case where the MAC address of the first partial VM re-advertised by the first partial VM of the one or more VMs connected to the second VTEP is not received within the second predetermined time after the MAC address of the one or more VMs of the two VTEP connections Deleting the MAC address of the first portion of the VM of the record; and/or, when the second VTEP receives the second VTEP connection within a second predetermined time after recording the MAC address of the one or more VMs connected to the second VTEP In the case where the second part of the one or more VMs advertises the MAC address of the second part VM again, the MAC address of the second part VM of the above record is maintained. In this embodiment, each VM needs to report its own MAC address when accessing the corresponding VTEP, and each VM needs to periodically advertise its own state (that is, report its own MAC address) to the corresponding VTEP. The corresponding VTEP maintains the MAC address information of the locally active VM. After the aging time is reached, if the status information of the VM is not updated, the recorded MAC information of the VM whose status information is not updated is deleted.
下面结合图2对本发明进行具体说明:The present invention will be specifically described below with reference to FIG. 2:
图5是根据本发明具体实施例的报文转发的流程图,图6为本发明中VM A(对应于上述的第一VM)首次向VM C(对应于上述的第二VM)发送报文时主要报文的流程示意图。结合图5与图6,本发明的具体实施步骤主要包括:5 is a flow chart of message forwarding according to an embodiment of the present invention. FIG. 6 is a first embodiment of the present invention, in which VM A (corresponding to the first VM described above) sends a message to VM C (corresponding to the second VM) The flow chart of the main message. With reference to FIG. 5 and FIG. 6, the specific implementation steps of the present invention mainly include:
步骤S502:当本地接入侧有VM(例如,VM A)接入时,VM周期性地向VTEP(例如,VTEP1)通告自身状态,VTEP学习并维护本地活跃VM的MAC地址信息。达到老化时间后,若VM的状态信息没有更新,则删除该VM对应的MAC信息。Step S502: When there is a VM (for example, VM A) access on the local access side, the VM periodically advertises its own state to the VTEP (for example, VTEP1), and the VTEP learns and maintains the MAC address information of the locally active VM. After the aging time is reached, if the status information of the VM is not updated, the MAC information corresponding to the VM is deleted.
优选的,VM向VTEP通告并保活自身状态时可以采用链路层发现协议(Link Layer Discovery Protocol,简称为LLDP)。当然,通告及保活方式并不限于此种方法,例如,还可以通过私有协议的方式通告。Preferably, the link layer discovery protocol (LLDP) can be used when the VM advertises and keeps its own state to the VTEP. Of course, the method of notification and keep-alive is not limited to this method, for example, it can also be advertised by means of a proprietary agreement.
优选的,本地VM的MAC地址信息表可以按表1所示的格式保存, 以VTEP1上保存的MAC为例:Preferably, the MAC address information table of the local VM can be saved in the format shown in Table 1. Take the MAC saved on VTEP1 as an example:
表1Table 1
MACMAC VNIDVNID INTERFACEINTERFACE
MAC AMAC A 1600016000 Gei-1Gei-1
MAC BMAC B 1600016000 Gei-2Gei-2
步骤S504:当本地VM发送I-DMAC未知的数据报文时,源VTEP(例如,VTEP1)将数据报文封装为组播VXLAN报文,发送给同一组播组的其他VTEP;同时将后续到该I-DMAC的报文暂时缓存起来,等待获取该I-DMAC对应的VTEP信息后再发送。Step S504: When the local VM sends an I-DMAC unknown data packet, the source VTEP (for example, VTEP1) encapsulates the data packet into a multicast VXLAN packet and sends it to other VTEPs in the same multicast group; The I-DMAC message is temporarily buffered, and is sent after waiting for the VTEP information corresponding to the I-DMAC.
上述组播VXLAN报文是指,VXLAN报文的外层IP头的目的IP字段O-DIP为VNID对应的组播IP地址,源IP字段O-SIP为本VTEP的IP地址。The multicast VXLAN packet is that the destination IP field O-DIP of the outer IP header of the VXLAN packet is the multicast IP address corresponding to the VNID, and the source IP field O-SIP is the IP address of the VTEP.
优选的,在步骤S504的基础上,若本地VM发送的报文是组播或者广播报文时,不对其做缓存等待处理,直接将其封装为组播VXLAN报文之后发送给其他VTEP。Preferably, on the basis of step S504, if the packet sent by the local VM is a multicast or broadcast packet, the packet is not buffered and processed, and is directly encapsulated into a multicast VXLAN packet and then sent to other VTEPs.
如附图6所示,VM A发送的到VM C的报文经VTEP1封装后的组播报文的形式如附图6中报文2所示,其中O-SIP为VTEP1的IP-1,O-DIP为VMA所属VNID映射的组播组的组播IP地址IP-M。As shown in FIG. 6, the form of the multicast message encapsulated by the VM A and encapsulated by the VTEP1 is shown in the message 2 of FIG. 6, wherein the O-SIP is the IP-1 of the VTEP1. The O-DIP is the multicast IP address IP-M of the multicast group mapped by the VNID to which the VMA belongs.
步骤S506:当VTEP(例如,VTEP2)接收到组播VXLAN报文时,学习I-SMAC;并在本地MAC地址信息表中查找I-DMAC,若查找到,则将I-DMAC与本VTEP(例如,VTEP2)的对应关系应答给地址为O-SIP的源VTEP(例如,VTEP1);并将报文解封装然后发送给I-DMAC对应的本地VM(例如,VM C)。Step S506: When the VTEP (for example, VTEP2) receives the multicast VXLAN message, learn the I-SMAC; and look up the I-DMAC in the local MAC address information table, and if found, the I-DMAC and the VTEP ( For example, the correspondence of VTEP2) is replied to the source VTEP (eg, VTEP1) with the address O-SIP; and the message is decapsulated and then sent to the local VM (eg, VM C) corresponding to the I-DMAC.
优选的,将I-DMAC与本VTEP(例如,VTEP2)的对应关系应答给地址为O-SIP的源VTEP(例如,VTEP1)可以采用封装一份反向单播空数据VXLAN报文发送给源VTEP的形式来实施。 Preferably, the correspondence between the I-DMAC and the VTEP (for example, VTEP2) is sent to the source VTEP (for example, VTEP1) with the address O-SIP, and the VXLAN packet is sent to the source by encapsulating a reverse unicast null data. The form of VTEP is implemented.
上述反向单播空数据VXLAN报文是指,内层报文的PAYLOAD段置为无效值,内层数据报文的I-SMAC和I-DMAC分别置为收到的组播VXLAN报文的内层数据报文的I-DMAC和I-SMAC,外层IP头的O-SIP置为本VTEP的IP,外层IP头的O-DIP置为收到的组播VXLAN报文IP头中的O-SIP。The reverse unicast null data VXLAN message is that the PAYLOAD segment of the inner layer message is set to an invalid value, and the I-SMAC and I-DMAC of the inner layer data message are respectively set to the received multicast VXLAN message. The I-DMAC and I-SMAC of the inner data packet, the O-SIP of the outer IP header is set to the IP of the VTEP, and the O-DIP of the outer IP header is set to the IP header of the received multicast VXLAN packet. O-SIP.
如附图6所示,VTEP2发送给VTEP1的反向单播空数据报文如附图6中报文4所示,其中O-SIP置为VTEP2的IP-2,O-DIP置为IP-1,也就是收到的组播VXLAN报文的O-SIP字段的值;I-DMAC置为A,I-SMAC置为C,对应于收到的组播VXLAN报文的I-SMAC字段和I-DMAC字段的值;PAYLOAD’字段置为无效值。这种应答方式不需要额外的协议支持,源VTEP也不需要对应答报文做特殊处理。当然,向源VTEP应答的方式并不限于此种方式。As shown in FIG. 6, the reverse unicast null data message sent by VTEP2 to VTEP1 is shown in message 4 in FIG. 6, where O-SIP is set to IP-2 of VTEP2, and O-DIP is set to IP- 1, that is, the value of the O-SIP field of the received multicast VXLAN message; I-DMAC is set to A, and I-SMAC is set to C, corresponding to the I-SMAC field of the received multicast VXLAN message and The value of the I-DMAC field; the PAYLOAD' field is set to an invalid value. This type of response does not require additional protocol support, and the source VTEP does not require special handling of response messages. Of course, the manner of responding to the source VTEP is not limited to this manner.
步骤S508:当VTEP(例如,VTEP2)收到单播VXLAN报文时,学习I-SMAC,并在本地MAC地址信息表中查找I-DMAC,然后将该VXLAN报文解封装发给I-DMAC对应的本地VM(例如,VM C)。Step S508: When the VTEP (for example, VTEP2) receives the unicast VXLAN message, learn the I-SMAC, and look up the I-DMAC in the local MAC address information table, and then decapsulate the VXLAN message to the I-DMAC. Corresponding local VM (for example, VM C).
优选的,远端VM的MAC地址信息表可以按表2所示的格式保存,以VTEP2上保存的远端MAC为例:Preferably, the MAC address information table of the remote VM can be saved in the format shown in Table 2, taking the remote MAC saved on VTEP2 as an example:
表2Table 2
MACMAC VNIDVNID VTEP IPVTEP IP
MAC AMAC A 1600016000 IP1IP1
优选的,在步骤S504的基础上,VM(例如,VM A)发送的I-DMAC未知的报文经VTEP(例如,VTEP1)封装发送一份出去后,暂时将到该I-DMAC的报文缓存起来,若预定时间内未收到回复,说明其他VTEP下也没有该I-DMAC对应的VM,丢弃该类报文。Preferably, on the basis of step S504, the I-DMAC unknown message sent by the VM (for example, VM A) is sent to the I-DMAC packet after being sent out by the VTEP (for example, VTEP1) encapsulation. If the response is not received within the predetermined time, the other VTEPs do not have the VM corresponding to the I-DMAC and discard the packets.
优选的,在上述步骤S504的基础上,若VTEP(例如,VTEP1)持续收到本地VM发送到该I-DMAC的报文,除了执行丢弃操作外,一定时间之后重新组播封装发送该报文,再次请求该I-DMAC对应的VTEP信息。 Preferably, on the basis of the foregoing step S504, if the VTEP (for example, VTEP1) continues to receive the packet sent by the local VM to the I-DMAC, in addition to performing the discarding operation, the multicast packet is re-encapsulated and sent after a certain time. , request the VTEP information corresponding to the I-DMAC again.
优选的,在步骤S506的基础上,VTEP(例如,VTEP1)学习到远端VM(例如,VM C)对应的I-SMAC信息之后,经过一段时间之后,若再未收到该I-SMAC的报文,则可以老化删除该I-SMAC。Preferably, on the basis of step S506, after the VTEP (for example, VTEP1) learns the I-SMAC information corresponding to the remote VM (for example, VM C), after a period of time, if the I-SMAC is not received again. If the packet is received, the I-SMAC can be deleted.
步骤S510:当VM(例如,VMA)发送的数据报文I-DMAC已知时,在本VTEP(例如,VTEP1)上查找I-DMAC对应的目的VTEP的IP,将数据报文封装为单播VXLAN报文发送给目的VTEP(例如,VTEP2)。Step S510: When the data message I-DMAC sent by the VM (for example, VMA) is known, look up the IP of the destination VTEP corresponding to the I-DMAC on the VTEP (for example, VTEP1), and encapsulate the data packet into a unicast. The VXLAN message is sent to the destination VTEP (for example, VTEP2).
优选的,当VM(例如,VM A)发送的数据报文的I-DMAC已知,并且是本VTEP(例如,VTEP1)下其他VM(例如,VM B)的地址时,报文不需经过封装,根据保存的I-DMAC对应的接口信息直接转发给目的VM即可。Preferably, when the I-DMAC of the data message sent by the VM (eg, VM A) is known and is the address of another VM (eg, VM B) under the VTEP (eg, VTEP1), the message does not need to go through The encapsulation is directly forwarded to the destination VM according to the interface information corresponding to the saved I-DMAC.
综上,通过本发明实施例中的方法,可以在本VTEP(例如,VTEP1)内减少泛洪,在VTEP之间减少组播。In summary, by the method in the embodiment of the present invention, flooding can be reduced in the present VTEP (for example, VTEP1), and multicast can be reduced between VTEPs.
下面结合具体实施例对本发明进行说明:The present invention will be described below in conjunction with specific embodiments:
具体实施例一: Embodiment 1
参见图2,各VTEP按图2所示建立链路,各VTEP按图2所示接入VM。所有的VTEP属于同一个组播组,所有的VM都同属于一个VNID16000。假设VM A要与VM C之间互相通信,依据本发明的VXLAN的报文转发步骤如图7所示,具体包括:Referring to FIG. 2, each VTEP establishes a link as shown in FIG. 2, and each VTEP accesses the VM as shown in FIG. 2. All VTEPs belong to the same multicast group, and all VMs belong to the same VNID16000. Assuming that the VM A is to communicate with the VM C, the packet forwarding step of the VXLAN according to the present invention is as shown in FIG. 7 , and specifically includes:
步骤S702:各VTEP下的VM主动向VTEP通告自身状态,各VTEP学习并维护本地VM对应的MAC地址信息。Step S702: The VMs under each VTEP actively advertise their own status to the VTEP, and each VTEP learns and maintains the MAC address information corresponding to the local VM.
步骤S704:VM A发送目的为MAC C的报文,在VTEP1上查找MAC C的记录,没有查找到,将报文封装成组播VXLAN报文发送给其他VTEP。Step S704: The VM A sends the packet destined for the MAC C, and searches for the record of the MAC C on the VTEP1. If the packet is not found, the packet is encapsulated into a multicast VXLAN packet and sent to other VTEPs.
步骤S706:VTEP2收到组播VXLAN报文,学习内层报文的源MAC A,查找内层报文的目的MAC C,查找得到,封装一份反向单播空数据VXLAN报文给VTEP1,同时将收到的报文解封装发送给VM C;VTEP3、VTEP4收到组播VXLAN报文,学习内层报文的源MAC A,查找内层报文的目的MAC C,没查找到,不再继续处理。 Step S706: VTEP2 receives the multicast VXLAN packet, learns the source MAC address of the inner layer packet, searches for the destination MAC C of the inner layer packet, and finds and encapsulates a reverse unicast null data VXLAN message to VTEP1. At the same time, the received packet is decapsulated and sent to VM C. VTEP3 and VTEP4 receive the multicast VXLAN packet, learn the source MAC address of the inner layer packet, and find the destination MAC C of the inner layer packet. Continue processing.
步骤S708:VTEP1收到VTEP2发来的单播VXLAN报文,学习内层报文的源MAC C,查找内层报文的目的MAC A,查找得到,将报文解封装发送给VMA。Step S708: The VTEP1 receives the unicast VXLAN packet sent by the VTEP2, learns the source MAC address of the inner layer packet, searches for the destination MAC A of the inner layer packet, searches for the packet, and decapsulates the packet to the VMA.
步骤S710:VM A继续发送目的为MAC C的数据报文,在VTEP1上查找MAC C的记录,能够查到,将报文封装成单播VXLAN报文发送给VTEP2。Step S710: The VM A continues to send the data packet destined for the MAC C, and searches for the record of the MAC C on the VTEP1. The packet can be encapsulated into a unicast VXLAN packet and sent to the VTEP2.
步骤S712:VTEP2收到单播VXLAN报文,学习内层报文的源MAC A,若保存的MAC A的信息还未老化,则不必重复保存;查找内层报文的目的MAC C,查找得到,将报文解封装发送给VM C。Step S712: VTEP2 receives the unicast VXLAN packet, and learns the source MAC address of the inner layer packet. If the saved MAC A information has not been aged, it does not need to be saved repeatedly. The destination MAC C of the inner layer packet is searched. , the packet is decapsulated and sent to VM C.
步骤S714:VM C发送目的为MAC A的数据报文,在VTEP2上查找MAC A的记录,能够查到,将报文封装成单播VXLAN报文发送给VTEP1。Step S714: The VM C sends a data packet destined for the MAC A, and searches for the record of the MAC A on the VTEP2. The packet can be encapsulated into a unicast VXLAN packet and sent to the VTEP1.
步骤S716:VTEP3、VTEP4上经过一段时间之后再未收到VTEP1发送来的源为MAC A的数据报文,将MAC A的记录老化删除。Step S716: After a period of time, the VTEP3 and the VTEP4 do not receive the data packet of the MAC A, which is sent by the VTEP1, and deletes the record of the MAC A.
通过上面的步骤,完成了VM A与VM C之间的互通,网络状态趋于稳定之后,VTEP1上面保存了远端的MAC C,VTEP2上面保存了远端的MAC A,VTEP3和VTEP4无新增MAC,所有的VTEP都没有保存无用的MAC信息。转发的过程中,VTEP1只在首次发包的时候使用了组播,后续使用单播的形式,减少了组播;VTEP2发送报文给本地VM时,直接查找本地MAC信息表得到出接口,然后发送给对应的VM,没有泛洪。Through the above steps, the interworking between VM A and VM C is completed. After the network status is stabilized, the remote MAC C is saved on VTEP1, and the remote MAC A is saved on VTEP2, and VTEP3 and VTEP4 are not added. MAC, all VTEPs do not store useless MAC information. During the forwarding process, VTEP1 uses multicast only when it is first sent, and then uses unicast to reduce multicast. When VTEP2 sends a packet to the local VM, it directly finds the local MAC information table to get the outgoing interface, and then sends the interface. For the corresponding VM, there is no flooding.
具体实施例二:Specific embodiment 2:
在具体实施例1所示的组网环境下,假设VM A要与VM B之间互相通信,依据本发明实施例中的VXLAN的报文转发的步骤流程如图8所示,主要包括:In the networking environment shown in the specific embodiment 1, it is assumed that the VM A is to communicate with the VM B. The flow of the packet forwarding process of the VXLAN according to the embodiment of the present invention is as shown in FIG.
步骤S802:各VTEP下的VM主动向VTEP通告自身状态,各VTEP学习并维护本地VM对应的MAC地址信息。Step S802: The VMs in each VTEP actively advertise their own status to the VTEP, and each VTEP learns and maintains the MAC address information corresponding to the local VM.
步骤S804:VM A发送目的为MAC B的数据报文,在VTEP1上查找MAC B的记录,能够查到并且是在本地,直接将报文从对应端口Gei-2 发出。Step S804: VM A sends a data packet destined for MAC B, and searches for the record of MAC B on VTEP1, which can be found and is locally, and the packet is directly sent from the corresponding port Gei-2. issue.
步骤S806:VM B发送目的为MAC A的数据报文,在VTEP1上查找MAC A的记录,能够查到并且是在本地,直接将报文从对应端口Gei-1发出。Step S806: The VM B sends a data packet destined for the MAC A, and searches for the record of the MAC A on the VTEP1, and can find and locally send the packet directly from the corresponding port Gei-1.
通过上面的步骤,完成了VM A与VM B的互通,相比于传统的方式,在VM B发送反向流量之前,报文是直接发送给VM B的,减少了往其他VTEP发送组播以及在本VTEP内的泛洪。Through the above steps, the interworking between VM A and VM B is completed. Compared with the traditional method, before VM B sends reverse traffic, the packet is directly sent to VM B, which reduces the transmission of multicast to other VTEPs. Flooding within this VTEP.
具体实施例三:Specific embodiment 3:
在具体实施例1所示的组网环境下,假设VM A发送目的为MAC N的数据报文,其中MAC N不存在该VXLAN网络中,这种情况下依据本发明的VXLAN的报文转发的步骤流程如图9所示,主要包括:In the networking environment shown in the specific embodiment 1, it is assumed that the VM A sends a data packet destined for the MAC N, where the MAC N does not exist in the VXLAN network. In this case, the VXLAN packet forwarding according to the present invention is performed. The process of the steps is shown in Figure 9, which mainly includes:
步骤S902:各VTEP下的VM主动向VTEP通告自身状态,各VTEP学习并维护本地VM对应的MAC地址信息。Step S902: The VMs under each VTEP actively advertise their own status to the VTEP, and each VTEP learns and maintains the MAC address information corresponding to the local VM.
步骤S904:VM A发送目的为MAC N的数据报文,在VTEP1上查找MAC N的记录,没有查找到,将报文封装成组播的形式发送给其他VTEP。Step S904: The VM A sends a data packet destined for the MAC N, searches for the record of the MAC N on the VTEP1, and does not find the packet, and encapsulates the packet into a multicast form and sends the packet to other VTEPs.
步骤S906:VTEP2、VTEP3、VTEP4收到组播封装的VXLAN报文,学习内层报文的源MAC A,查找内层报文的目的MAC N,没查找到,不再继续处理。Step S906: VTEP2, VTEP3, and VTEP4 receive the VXLAN packet encapsulated in the multicast, learn the source MAC address of the inner layer packet, and find the destination MAC address of the inner layer packet.
步骤S908:VTEP1没有收到任何返回答复的报文,将报文丢弃处理。Step S908: VTEP1 does not receive any message that returns a reply, and discards the message.
优选的,本发明实施例在步骤S908中还可以启用定时重传机制,在一定时间内无目的报文反馈,会被丢弃,到达重传时间之后,会再次往外发送一份组播报文,请求目的信息。具体如步骤S910所述。Preferably, the embodiment of the present invention can also enable the periodic retransmission mechanism in step S908. If no message is returned in a certain period of time, the message will be discarded. After the retransmission time is reached, a multicast packet will be sent out again. Request purpose information. Specifically, as described in step S910.
步骤S910:定时重传时间之后,在VTEP1上再次查找MAC N的记录,没有查找到,再次将报文封装成组播的形式发送给其他VTEP。Step S910: After the timing retransmission time, the MAC N record is searched again on the VTEP1, and the packet is encapsulated into a multicast form and sent to other VTEPs.
通过上面的步骤,在VTEP之间,减少了组播的次数,只在到达定时 重传时间之后才会发送一份组播封装的报文出去;在VTEP1内,查找不到MAC N之后,说明本地不存在MAC N,也不会在本VTEP下泛洪。Through the above steps, between VTEP, the number of multicasts is reduced, only at the arrival timing. After the retransmission time, a multicast encapsulated packet is sent out. In VTEP1, after the MAC N is not found, the local MAC address does not exist and the flood is not flooded under the VTEP.
通过以上的实施方式的描述,本领域的技术人员可以清楚地了解到根据上述实施例的方法可借助软件加必需的通用硬件平台的方式来实现,当然也可以通过硬件,但很多情况下前者是更佳的实施方式。基于这样的理解,本发明的技术方案本质上或者说对现有技术做出贡献的部分可以以软件产品的形式体现出来,该计算机软件产品存储在一个存储介质(如ROM/RAM、磁碟、光盘)中,包括若干指令用以使得一台终端设备(可以是手机,计算机,服务器,或者网络设备等)执行本发明各个实施例所述的方法。Through the description of the above embodiments, those skilled in the art can clearly understand that the method according to the above embodiment can be implemented by means of software plus a necessary general hardware platform, and of course, by hardware, but in many cases, the former is A better implementation. Based on such understanding, the technical solution of the present invention, which is essential or contributes to the prior art, may be embodied in the form of a software product stored in a storage medium (such as ROM/RAM, disk, The optical disc includes a number of instructions for causing a terminal device (which may be a cell phone, a computer, a server, or a network device, etc.) to perform the methods described in various embodiments of the present invention.
在本实施例中还提供了一种报文转发装置,该装置用于实现上述实施例及优选实施方式,已经进行过说明的不再赘述。如以下所使用的,术语“模块”可以实现预定功能的软件和/或硬件的组合。尽管以下实施例所描述的装置较佳地以软件来实现,但是硬件,或者软件和硬件的组合的实现也是可能并被构想的。In this embodiment, a message forwarding device is also provided, which is used to implement the foregoing embodiments and preferred embodiments, and has not been described again. As used below, the term "module" may implement a combination of software and/or hardware of a predetermined function. Although the apparatus described in the following embodiments is preferably implemented in software, hardware, or a combination of software and hardware, is also possible and contemplated.
图10是根据本发明实施例的VXLAN中报文转发装置的结构框图(一),该装置可以应用于第一虚拟隧道终端VTEP中,如图10所示,该装置包括第一接收模块102、确定模块104和转发模块106,下面对该装置进行说明:FIG. 10 is a structural block diagram (1) of a message forwarding device in a VXLAN according to an embodiment of the present invention. The device may be applied to a first virtual tunnel terminal VTEP. As shown in FIG. 10, the device includes a first receiving module 102. The module 104 and the forwarding module 106 are determined, and the device is described below:
第一接收模块102,设置为接收来自第一虚拟机VM的第一报文,其中,该第一报文的目的VM媒体接入控制MAC地址为第二VM的MAC地址;确定模块104,连接至上述第一接收模块102,设置为根据第一VTEP中记录的第二VM的MAC地址和与第二VM连接的第二VTEP的对应关系确定第二VTEP,其中,该第二VM的MAC地址和第二VTEP的对应关系为第二VTEP告知给第一VTEP的;转发模块106,连接至上述确定模块104,设置为将第一报文通过第二VTEP转发给第二VM。 The first receiving module 102 is configured to receive the first packet from the first virtual machine VM, where the destination VM media access control MAC address of the first packet is the MAC address of the second VM, and the determining module 104 is connected. The first receiving module 102 is configured to determine a second VTEP according to a correspondence between a MAC address of the second VM recorded in the first VTEP and a second VTEP connected to the second VM, where the MAC address of the second VM is The correspondence between the second VTEP and the second VTEP is sent to the first VTEP; the forwarding module 106 is connected to the determining module 104, and is configured to forward the first packet to the second VM through the second VTEP.
在一个可选的实施例中,上述装置还包括第一处理模块,设置为在第一VTEP接收来自第一VM的第一报文之前,接收第二报文,其中,该第二报文的目的VM MAC地址为第二VM的MAC地址;在确定第一VTEP中未记录有第二VM的MAC地址和第二VTEP的对应关系的情况下,将第二报文封装为组播VXLAN报文;将组播VXLAN报文发送给与第一VTEP属于同一个组播组的其他VTEP;接收并记录其他VTEP中与第二VM连接的VTEP根据组播VXLAN报文应答的第二VM的MAC地址和第二VTEP的对应关系。In an optional embodiment, the apparatus further includes a first processing module, configured to receive the second packet before the first VTEP receives the first packet from the first VM, where the second packet is The destination VM MAC address is the MAC address of the second VM. If the correspondence between the MAC address of the second VM and the second VTEP is not recorded in the first VTEP, the second packet is encapsulated into a multicast VXLAN packet. Sending the multicast VXLAN message to other VTEPs belonging to the same multicast group as the first VTEP; receiving and recording the MAC address of the second VM that the VTEP connected to the second VM in the other VTEP responds to according to the multicast VXLAN message Correspondence with the second VTEP.
在一个可选的实施例中,上述装置还包括第二处理模块,设置为在将组播VXLAN报文发送给与第一VTEP属于同一个组播组的其他VTEP之后,在未接收到第二VM的MAC地址和第二VTEP的对应关系的情况下,丢弃第二报文;或者,在未接收到第二VM的MAC地址和第二VTEP的对应关系的情况下,重新将第二报文封装成组播VXLAN报文;将重新封装成的组播VXLAN报文发送给与第一VTEP属于同一个组播组的其他VTEP。In an optional embodiment, the foregoing apparatus further includes a second processing module, configured to: after transmitting the multicast VXLAN message to another VTEP that belongs to the same multicast group as the first VTEP, does not receive the second If the correspondence between the MAC address of the VM and the second VTEP is the same, the second packet is discarded; or the second packet is re-received if the correspondence between the MAC address of the second VM and the second VTEP is not received. The packet is encapsulated into a multicast VXLAN packet, and the re-encapsulated multicast VXLAN packet is sent to other VTEPs that belong to the same multicast group as the first VTEP.
在一个可选的实施例中,上述装置还包括第三处理模块,设置为在接收并记录其他VTEP中与第二VM连接的VTEP根据组播VXLAN报文应答的第二VM的MAC地址和第二VTEP的对应关系之前,接收第三报文,其中,该第三报文的目的VM MAC地址为第二VM的MAC地址;缓存第三报文;以及,在接收并记录所述其他VTEP中与第二VM连接的VTEP根据组播VXLAN报文应答的第二VM的MAC地址和第二VTEP的对应关系之后,根据第二VM的MAC地址和第二VTEP的对应关系将缓存的第三报文通过第二VTEP转发给第二VM。In an optional embodiment, the apparatus further includes a third processing module configured to receive and record a MAC address of the second VM that is replied to by the VTEP connected to the second VM in the other VTEP according to the multicast VXLAN message. Before the correspondence between the two VTEPs, receiving the third packet, where the destination VM MAC address of the third packet is the MAC address of the second VM; buffering the third packet; and, in receiving and recording the other VTEP After the VTEP connected to the second VM responds to the correspondence between the MAC address of the second VM and the second VTEP that is replied to by the multicast VXLAN message, the third report that is cached according to the correspondence between the MAC address of the second VM and the second VTEP The text is forwarded to the second VM through the second VTEP.
在一个可选的实施例中,上述装置还包括第四处理模块,设置为在接收并记录其他VTEP中与第二VM连接的VTEP根据组播VXLAN报文应答的第二VM的MAC地址和第二VTEP的对应关系之后,在记录了第二VM的MAC地址和第二VTEP的对应关系之后的第一预定时间之内未接收到与第二VM连接的VTEP再次应答的对应关系的情况下,删除记录的 第二VM的MAC地址和第二VTEP的对应关系;和/或,在记录了第二VM的MAC地址和第二VTEP的对应关系之后的第一预定时间之内接收到与第二VM连接的VTEP再次应答的第二VM的MAC地址和第二VTEP的对应关系的情况下,维持记录的第二VM的MAC地址和第二VTEP的对应关系。In an optional embodiment, the apparatus further includes a fourth processing module configured to receive and record a MAC address of the second VM that is replied to by the VTEP connected to the second VM in the other VTEP according to the multicast VXLAN message. After the correspondence between the two VTEPs, in the case where the correspondence relationship with the VTEP re-answer of the second VM connection is not received within the first predetermined time after the correspondence between the MAC address of the second VM and the second VTEP is recorded, Delete record Corresponding relationship between the MAC address of the second VM and the second VTEP; and/or receiving the connection with the second VM within a first predetermined time after the correspondence between the MAC address of the second VM and the second VTEP is recorded In the case where the VTEP responds again to the correspondence between the MAC address of the second VM and the second VTEP, the correspondence between the recorded MAC address of the second VM and the second VTEP is maintained.
在一个可选的实施例中,上述装置还包括第五处理模块,设置为接收与第一VTEP连接的一个或多个VM通告的一个或多个VM的MAC地址;记录与第一VTEP连接的一个或多个VM的MAC地址;其中,当第一VTEP在记录了与第一VTEP连接的一个或多个VM的MAC地址之后的第二预定时间内未接收到与第一VTEP连接的一个或多个VM中的第一部分VM再次通告的第一部分VM的MAC地址的情况下,删除记录的第一部分VM的MAC地址;和/或,当第一VTEP在记录了与第一VTEP连接的一个或多个VM的MAC地址之后的第二预定时间内接收到了与第一VTEP连接的一个或多个VM中的第二部分VM再次通告的第二部分VM的MAC地址的情况下,维持记录的第二部分VM的MAC地址。In an optional embodiment, the apparatus further includes a fifth processing module configured to receive a MAC address of the one or more VMs advertised by the one or more VMs connected to the first VTEP; and record the connection with the first VTEP a MAC address of one or more VMs; wherein, when the first VTEP does not receive one of the first VTEP connections or after a second predetermined time after recording the MAC addresses of the one or more VMs connected to the first VTEP Deleting the MAC address of the first partial VM of the record in the case where the first partial VM of the plurality of VMs re-advertises the MAC address of the first partial VM; and/or when the first VTEP is recording one or the connection with the first VTEP In the case where the MAC address of the second partial VM re-advertised by the second partial VM of the one or more VMs connected to the first VTEP is received within the second predetermined time after the MAC addresses of the plurality of VMs, the record is maintained The MAC address of the two parts of the VM.
图11是根据本发明实施例的VXLAN中报文转发装置的结构框图(二),该装置可以应用于第二虚拟隧道终端VTEP中,如图11所示,该装置包括第二接收模块112、查找模块114和发送模块116,下面对该装置进行说明:11 is a structural block diagram (2) of a message forwarding device in a VXLAN according to an embodiment of the present invention. The device may be applied to a second virtual tunnel terminal VTEP. As shown in FIG. 11, the device includes a second receiving module 112. The search module 114 and the sending module 116 are described below:
第二接收模块112,设置为接收来自第一VTEP的组播VXLAN报文,其中,该组播VXLAN报文是由第一VTEP对来自第一虚拟机VM的第二报文进行封装得到的,第二报文的源VM媒体接入控制MAC地址为第一VM的MAC地址,第二报文的目的VM MAC地址为第二VM的MAC地址;查找模块114,连接至上述第二接收模块112,设置为查找与第二VTEP连接的VM中是否存在第二VM;发送模块116,连接至上述查找模块114,设置为在查找到第二VM的情况下,对组播VXLAN报文进行解封装并将得到的第二报文发送给第二VM,以及,将第二VM的MAC地址和第二VTEP的对应关系应答给第一VTEP。 The second receiving module 112 is configured to receive the multicast VXLAN packet from the first VTEP, where the multicast VXLAN packet is encapsulated by the first VTEP to encapsulate the second packet from the first virtual machine VM. The source VM media access control MAC address of the second packet is the MAC address of the first VM, and the destination VM MAC address of the second packet is the MAC address of the second VM. The searching module 114 is connected to the second receiving module 112. Is configured to find whether there is a second VM in the VM connected to the second VTEP; the sending module 116 is connected to the foregoing searching module 114, and configured to decapsulate the multicast VXLAN packet when the second VM is found And sending the obtained second packet to the second VM, and responding to the first VTEP by the correspondence between the MAC address of the second VM and the second VTEP.
在一个可选的实施例中,上述装置还包括第六处理模块,设置为在接收来自第一VTEP的组播VXLAN报文之后,记录第一VM的MAC地址和第一VTEP的对应关系。In an optional embodiment, the apparatus further includes a sixth processing module, configured to record a correspondence between a MAC address of the first VM and the first VTEP after receiving the multicast VXLAN message from the first VTEP.
在一个可选的实施例中,上述装置还包括第七处理模块,设置为在记录第一VM的MAC地址和第一VTEP的对应关系之后,在记录了第一VM的MAC地址和第一VTEP的对应关系之后的第一预定时间之内未接收到来自第一VTEP的且源VM MAC地址为第一VM的报文的情况下,删除记录的第一VM的MAC地址和第一VTEP的对应关系;和/或,第二VTEP在记录了第一VM的MAC地址和第一VTEP的对应关系之后的第一预定时间之内接收到来自第一VTEP的且源VM MAC地址为第一VM的报文的情况下,维持记录的第一VM的MAC地址和第一VTEP的对应关系。In an optional embodiment, the apparatus further includes a seventh processing module, configured to record the MAC address of the first VM and the first VTEP after recording the correspondence between the MAC address of the first VM and the first VTEP. In the case where the message from the first VTEP and the source VM MAC address is the first VM is not received within the first predetermined time after the correspondence, the correspondence between the MAC address of the recorded first VM and the first VTEP is deleted. And/or, the second VTEP receives the source VM MAC address from the first VTEP and the source VM address is the first VM within a first predetermined time after the mapping of the MAC address of the first VM and the first VTEP is recorded In the case of a message, the correspondence between the MAC address of the recorded first VM and the first VTEP is maintained.
在一个可选的实施例中,上述装置还包括第八处理模块,设置为接收与第二VTEP连接的一个或多个VM通告的一个或多个VM的MAC地址;第二VTEP记录与第二VTEP连接的一个或多个VM的MAC地址;其中,当第二VTEP在记录了与第二VTEP连接的一个或多个VM的MAC地址之后的第二预定时间内未接收到与第二VTEP连接的一个或多个VM中的第一部分VM再次通告的第一部分VM的MAC地址的情况下,删除记录的第一部分VM的MAC地址;和/或,当第二VTEP在记录了与第二VTEP连接的一个或多个VM的MAC地址之后的第二预定时间内接收到了与第二VTEP连接的一个或多个VM中的第二部分VM再次通告的第二部分VM的MAC地址的情况下,维持记录的第二部分VM的MAC地址。In an optional embodiment, the apparatus further includes an eighth processing module configured to receive a MAC address of the one or more VMs advertised by the one or more VMs connected to the second VTEP; the second VTEP record and the second a MAC address of one or more VMs connected by the VTEP; wherein the second VTEP does not receive the connection with the second VTEP within a second predetermined time after the MAC address of the one or more VMs connected to the second VTEP is recorded In the case where the first part of the one or more VMs advertises the MAC address of the first part of the VM again, the MAC address of the first part of the VM is deleted; and/or when the second VTEP is recorded with the second VTEP Maintaining the MAC address of the second partial VM re-advertised by the second partial VM of the one or more VMs connected to the second VTEP in the second predetermined time after the MAC address of the one or more VMs is maintained Record the MAC address of the second part of the VM.
图12是根据本发明实施例的VXLAN中报文转发装置结构示意图,该装置可以位于VTEP上,包括:FIG. 12 is a schematic structural diagram of a message forwarding device in a VXLAN according to an embodiment of the present invention. The device may be located on a VTEP, and includes:
报文接收模块122(对应于上述的第一接收模块102和第二接收模块112):设置为接收报文,包括本地接入侧端口收到的原始数据报文和网络侧端口收到的VXLAN报文; The message receiving module 122 (corresponding to the first receiving module 102 and the second receiving module 112) is configured to receive the packet, including the original data packet received by the local access side port and the VXLAN received by the network side port. Message
MAC信息学习模块124(对应于上述的第五处理模块和第八处理模块):设置为学习报文的MAC信息,记录MAC地址与对应的转发出接口的关系,保存到MAC信息表中。The MAC information learning module 124 (corresponding to the fifth processing module and the eighth processing module) is configured to learn the MAC information of the packet, record the relationship between the MAC address and the corresponding forwarding interface, and save the information in the MAC information table.
优选的,MAC信息学习模块可以进一步包含本地MAC信息表维护子模块1241和远端MAC信息表维护子模块1242,其中:Preferably, the MAC information learning module may further include a local MAC information table maintenance sub-module 1241 and a remote MAC information table maintenance sub-module 1242, where:
本地MAC信息表维护子模块1241:设置为维护本地MAC信息表,学习到新的本地MAC条目时添加对应的MAC条目,老化时间过后删除需要老化的MAC条目;The local MAC information table maintenance sub-module 1241 is configured to maintain a local MAC information table, and add a corresponding MAC entry when learning a new local MAC entry, and delete the MAC entry that needs to be aged after the aging time expires;
远端MAC信息表维护子模块1242:设置为维护远端MAC信息表,学习到新的远端MAC条目时添加对应的MAC条目,老化时间过后删除需要老化的MAC条目;The remote MAC address table maintenance sub-module 1242 is configured to maintain a remote MAC address table, and add a corresponding MAC entry when the new remote MAC address entry is learned. After the aging time expires, the MAC entry that needs to be aged is deleted.
本地MAC信息应答模块126(对应于上述的查找模块114和发送模块116):设置为收到组播VXLAN报文时,查询内层报文的I-DMAC是否在本地,如果在本地则将I-DMAC与本VTEP的对应关系应答给地址为O-SIP的源VTEP。The local MAC information response module 126 (corresponding to the above-mentioned search module 114 and the sending module 116) is configured to: when receiving the multicast VXLAN message, query whether the I-DMAC of the inner layer message is local, if local, I - The correspondence between the DMAC and the VTEP is answered to the source VTEP with the address O-SIP.
报文转发模块128(对应于上述转发模块106和发送模块116):设置为将收到的数据报文封装之后发送给其他VTEP,以及将收到的VXLAN封装的报文解封装之后发送给本地的VM。The packet forwarding module 128 (corresponding to the forwarding module 106 and the sending module 116) is configured to encapsulate the received data packet and send it to other VTEPs, and decapsulate the received VXLAN encapsulated packet and send the packet to the local device. VM.
优选的,报文转发模块128可以进一步包括封装发送子模块1281和解封装发送子模块1282,其中:Preferably, the message forwarding module 128 may further include a package sending submodule 1281 and a decapsulation sending submodule 1282, where:
封装发送子模块1281:设置为将数据报文封装为VXLAN报文发送出去,目的MAC已知的情况下,封装为单播报文,目的MAC未知的情况下,封装为组播报文;The encapsulating and transmitting sub-module 1281 is configured to encapsulate the data packet into a VXLAN packet, and when the destination MAC address is known, the encapsulation is a unicast packet, and the packet is encapsulated into a multicast packet if the destination MAC address is unknown.
解封装发送子模块1282:设置为将VXLAN报文解封装为原始报文,然后发送给本地对应的VM。 The decapsulation and sending submodule 1282 is configured to decapsulate the VXLAN message into an original message and then send it to the local corresponding VM.
需要说明的是,上述各个模块是可以通过软件或硬件来实现的,对于后者,可以通过以下方式实现,但不限于此:上述模块均位于同一处理器中;或者,上述各个模块以任意组合的形式分别位于不同的处理器中。It should be noted that each of the above modules may be implemented by software or hardware. For the latter, the foregoing may be implemented by, but not limited to, the foregoing modules are all located in the same processor; or, the above modules are in any combination. The forms are located in different processors.
本发明的实施例还提供了一种存储介质。可选地,在本实施例中,上述存储介质可以被设置为存储用于执行上述各方法实施例中的步骤的程序代码。Embodiments of the present invention also provide a storage medium. Optionally, in the embodiment, the storage medium may be configured to store program code for performing the steps in the foregoing method embodiments.
可选地,在本实施例中,上述存储介质可以包括但不限于:U盘、只读存储器(Read-Only Memory,简称为ROM)、随机存取存储器(Random Access Memory,简称为RAM)、移动硬盘、磁碟或者光盘等各种可以存储程序代码的介质。Optionally, in the embodiment, the foregoing storage medium may include, but is not limited to, a USB flash drive, a Read-Only Memory (ROM), and a Random Access Memory (RAM). A variety of media that can store program code, such as a hard disk, a disk, or an optical disk.
可选地,在本实施例中,处理器根据存储介质中已存储的程序代码执行上述各步骤。Optionally, in the embodiment, the processor performs the above steps according to the stored program code in the storage medium.
可选地,本实施例中的具体示例可以参考上述实施例及可选实施方式中所描述的示例,本实施例在此不再赘述。For example, the specific examples in this embodiment may refer to the examples described in the foregoing embodiments and the optional embodiments, and details are not described herein again.
本发明的实施例还提供了一种处理器,该处理器用于运行程序,其中,该程序运行时执行上述任一项方法中的步骤。Embodiments of the present invention also provide a processor for running a program, wherein the program is executed to perform the steps of any of the above methods.
本发明实施例中的装置位于VTEP上,不需要在组网中额外添加集中控制器或者代理服务器,能够减少组网成本。The device in the embodiment of the present invention is located on the VTEP, and does not need to additionally add a centralized controller or a proxy server in the networking, which can reduce the networking cost.
本发明实施例中VM采用主动通告机制,VTEP维护本地活跃VM的地址信息,远端到本地的VXLAN报文,若在VTEP上查不到内层数据报文的目的地址,则直接丢弃,减少了VTEP下的泛洪。In the embodiment of the present invention, the VM adopts an active advertisement mechanism, and the VTEP maintains the address information of the local active VM, and the remote to local VXLAN packet, if the destination address of the inner layer data packet is not found on the VTEP, directly discards and reduces Flooding under VTEP.
本发明实施例中的目的MAC对应的VTEP信息采用“按需请求”的方式,本地VM发送目的MAC未知的报文,先通过组播封装发送给其他VTEP,该目的MAC所在VTEP收到组播VXLAN报文之后,将该目的MAC与本VTEP的关系应答给源VTEP,相当于源VTEP“请求”了该目的MAC的信息,源VTEP只会学习流量转发所需的MAC,不会维护不必要的远端MAC信息。 The VTEP information corresponding to the destination MAC in the embodiment of the present invention adopts an "on-demand request" manner, and the local VM sends a packet whose destination MAC address is unknown, and first sends the packet to the other VTEP through the multicast encapsulation, and the VTEP of the destination MAC receives the multicast. After the VXLAN packet is sent, the relationship between the destination MAC address and the VTEP is sent to the source VTEP, which is equivalent to the source VTEP "requesting" the MAC information of the destination. The source VTEP only learns the MAC required for traffic forwarding, and does not maintain unnecessary. Remote MAC information.
本发明实施例中未知MAC对应的VTEP信息请求不到的情况下,说明其他VTEP下没有对应该MAC地址的VM,丢弃该报文,减少VTEP之间的组播转发。In the embodiment of the present invention, when the VTEP information corresponding to the unknown MAC address is not available, the VMs that do not have the MAC address in the other VTEPs are discarded, and the packet is discarded, and the multicast forwarding between the VTEPs is reduced.
本发明中远端MAC对应的VTEP信息请求得到的情况下,数据报文会通过单播的形式发送给目的VTEP,减少了VTEP之间的组播转发。In the case that the VTEP information corresponding to the remote MAC address is obtained in the present invention, the data packet is sent to the destination VTEP in a unicast manner, which reduces multicast forwarding between VTEPs.
显然,本领域的技术人员应该明白,上述的本发明的各模块或各步骤可以用通用的计算装置来实现,它们可以集中在单个的计算装置上,或者分布在多个计算装置所组成的网络上,可选地,它们可以用计算装置可执行的程序代码来实现,从而,可以将它们存储在存储装置中由计算装置来执行,并且在某些情况下,可以以不同于此处的顺序执行所示出或描述的步骤,或者将它们分别制作成各个集成电路模块,或者将它们中的多个模块或步骤制作成单个集成电路模块来实现。这样,本发明不限制于任何特定的硬件和软件结合。It will be apparent to those skilled in the art that the various modules or steps of the present invention described above can be implemented by a general-purpose computing device that can be centralized on a single computing device or distributed across a network of multiple computing devices. Alternatively, they may be implemented by program code executable by the computing device such that they may be stored in the storage device by the computing device and, in some cases, may be different from the order herein. The steps shown or described are performed, or they are separately fabricated into individual integrated circuit modules, or a plurality of modules or steps thereof are fabricated as a single integrated circuit module. Thus, the invention is not limited to any specific combination of hardware and software.
以上所述仅为本发明的优选实施例而已,并不用于限制本发明,对于本领域的技术人员来说,本发明可以有各种更改和变化。凡在本发明的精神和原则之内,所作的任何修改、等同替换、改进等,均应包含在本发明的保护范围之内。The above description is only the preferred embodiment of the present invention, and is not intended to limit the present invention, and various modifications and changes can be made to the present invention. Any modifications, equivalent substitutions, improvements, etc. made within the spirit and scope of the present invention are intended to be included within the scope of the present invention.
工业实用性Industrial applicability
如上所述,本发明实施例提供的一种虚拟可扩展局域网VXLAN中报文转发方法及装置具有以下有益效果:解决了相关技术中存在的在VTEP之间进行报文转发时会出现占据网络带宽影响设备性能的问题,达到了避免过多占用网络带宽,提高设备性能的效果。 As described above, the packet forwarding method and apparatus in the virtual scalable local area network VXLAN provided by the embodiment of the present invention have the following beneficial effects: the network bandwidth occupied by the packet forwarding between VTEPs in the related art is solved. The problem that affects the performance of the device achieves the effect of avoiding excessive use of network bandwidth and improving device performance.

Claims (13)

  1. 一种虚拟可扩展局域网VXLAN中报文转发方法,包括:A packet forwarding method in a virtual scalable LAN VXLAN, comprising:
    第一虚拟隧道终端VTEP接收来自第一虚拟机VM的第一报文,其中,所述第一报文的目的VM媒体接入控制MAC地址为第二VM的MAC地址;The first virtual tunnel terminal VTEP receives the first packet from the first virtual machine VM, where the destination VM media access control MAC address of the first packet is the MAC address of the second VM;
    所述第一VTEP根据所述第一VTEP中记录的所述第二VM的MAC地址和与所述第二VM连接的第二VTEP的对应关系确定所述第二VTEP,其中,所述第二VM的MAC地址和所述第二VTEP的对应关系为所述第二VTEP告知给所述第一VTEP的;Determining, by the first VTEP, the second VTEP according to a correspondence between a MAC address of the second VM recorded in the first VTEP and a second VTEP connected to the second VM, where the second VTEP Corresponding relationship between the MAC address of the VM and the second VTEP is notified to the first VTEP by the second VTEP;
    所述第一VTEP将所述第一报文通过所述第二VTEP转发给所述第二VM。The first VTEP forwards the first packet to the second VM through the second VTEP.
  2. 根据权利要求1所述的方法,其中,在所述第一VTEP接收来自所述第一VM的所述第一报文之前,所述方法还包括:The method of claim 1, wherein before the first VTEP receives the first message from the first VM, the method further comprises:
    所述第一VTEP接收第二报文,其中,所述第二报文的目的VM MAC地址为所述第二VM的MAC地址;The first VTEP receives the second packet, where the destination VM MAC address of the second packet is the MAC address of the second VM;
    所述第一VTEP在确定所述第一VTEP中未记录有所述第二VM的MAC地址和所述第二VTEP的对应关系的情况下,将所述第二报文封装为组播VXLAN报文;The first VTEP encapsulates the second packet into a multicast VXLAN report if the correspondence between the MAC address of the second VM and the second VTEP is not recorded in the first VTEP. Text
    所述第一VTEP将所述组播VXLAN报文发送给与所述第一VTEP属于同一个组播组的其他VTEP;Sending, by the first VTEP, the multicast VXLAN packet to another VTEP that belongs to the same multicast group as the first VTEP;
    所述第一VTEP接收并记录所述其他VTEP中与所述第二VM连接的VTEP根据所述组播VXLAN报文应答的所述第二VM的MAC地址和所述第二VTEP的对应关系。The first VTEP receives and records the correspondence between the MAC address of the second VM and the second VTEP that the VTEP connected to the second VM in the other VTEP responds to according to the multicast VXLAN message.
  3. 根据权利要求2所述的方法,其中,所述第一VTEP在将所述组播VXLAN报文发送给与所述第一VTEP属于同一个组播组的所述其他VTEP之后,所述方法还包括: The method according to claim 2, wherein said first VTEP after said multicast VXLAN message is sent to said other VTEP belonging to the same multicast group as said first VTEP, said method further Includes:
    所述第一VTEP在未接收到所述第二VM的MAC地址和所述第二VTEP的对应关系的情况下,丢弃所述第二报文;或者,The first VTEP discards the second packet if the correspondence between the MAC address of the second VM and the second VTEP is not received; or
    所述第一VTEP在未接收到所述第二VM的MAC地址和所述第二VTEP的对应关系的情况下,重新将所述第二报文封装成组播VXLAN报文;将重新封装成的组播VXLAN报文发送给与所述第一VTEP属于同一个组播组的其他VTEP。If the first VTEP does not receive the correspondence between the MAC address of the second VM and the second VTEP, the second packet is re-encapsulated into a multicast VXLAN packet; The multicast VXLAN message is sent to other VTEPs belonging to the same multicast group as the first VTEP.
  4. 根据权利要求2所述的方法,其中,The method of claim 2, wherein
    所述第一VTEP在接收并记录所述其他VTEP中与所述第二VM连接的VTEP根据所述组播VXLAN报文应答的所述第二VM的MAC地址和所述第二VTEP的对应关系之前,所述方法还包括:所述第一VTEP接收第三报文,其中,所述第三报文的目的VM MAC地址为所述第二VM的MAC地址;缓存所述第三报文;以及,The first VTEP receives and records the correspondence between the MAC address of the second VM and the second VTEP that the VTEP connected to the second VM in the other VTEP responds to according to the multicast VXLAN message. The method further includes: the first VTEP receiving the third packet, wherein the destination VM MAC address of the third packet is a MAC address of the second VM; and the third packet is buffered; as well as,
    所述第一VTEP在接收并记录所述其他VTEP中与所述第二VM连接的VTEP根据所述组播VXLAN报文应答的所述第二VM的MAC地址和所述第二VTEP的对应关系之后,所述方法还包括:所述第一VTEP根据所述第二VM的MAC地址和所述第二VTEP的对应关系将缓存的所述第三报文通过所述第二VTEP转发给所述第二VM。The first VTEP receives and records the correspondence between the MAC address of the second VM and the second VTEP that the VTEP connected to the second VM in the other VTEP responds to according to the multicast VXLAN message. The method further includes: the first VTEP forwarding, by the second VTEP, the cached third packet according to the correspondence between the MAC address of the second VM and the second VTEP to the Second VM.
  5. 根据权利要求2所述的方法,其中,所述第一VTEP在接收并记录所述其他VTEP中与所述第二VM连接的VTEP根据所述组播VXLAN报文应答的所述第二VM的MAC地址和所述第二VTEP的对应关系之后,所述方法还包括:The method of claim 2, wherein the first VTEP receives and records in the other VTEP that the VTEP connected to the second VM is responsive to the second VM responsive to the multicast VXLAN message After the correspondence between the MAC address and the second VTEP, the method further includes:
    所述第一VTEP在记录了所述第二VM的MAC地址和所述第二VTEP的对应关系之后的第一预定时间之内未接收到与所述第二VM连接的VTEP再次应答的所述对应关系的情况下,删除记录的所述第二VM的MAC地址和所述第二VTEP的对应关系;和/或, The first VTEP does not receive the VTEP re-answer that is connected to the second VM within a first predetermined time after the mapping of the MAC address of the second VM and the second VTEP is recorded Corresponding relationship, deleting the correspondence between the recorded MAC address of the second VM and the second VTEP; and/or,
    所述第一VTEP在记录了所述第二VM的MAC地址和所述第二VTEP的对应关系之后的第一预定时间之内接收到与所述第二VM连接的VTEP再次应答的所述第二VM的MAC地址和所述第二VTEP的对应关系的情况下,维持记录的所述第二VM的MAC地址和所述第二VTEP的对应关系。Receiving, by the first VTEP, the VTEP re-answered with the second VM connected within a first predetermined time after the mapping of the MAC address of the second VM and the second VTEP is recorded In the case of the correspondence between the MAC address of the second VM and the second VTEP, the correspondence between the recorded MAC address of the second VM and the second VTEP is maintained.
  6. 根据权利要求1至5中任一项所述的方法,其中,所述方法还包括:The method of any of claims 1 to 5, wherein the method further comprises:
    所述第一VTEP接收与所述第一VTEP连接的一个或多个VM通告的所述一个或多个VM的MAC地址;The first VTEP receives a MAC address of the one or more VMs advertised by one or more VMs connected to the first VTEP;
    所述第一VTEP记录与所述第一VTEP连接的一个或多个VM的MAC地址;The first VTEP records a MAC address of one or more VMs connected to the first VTEP;
    其中,当所述第一VTEP在记录了与所述第一VTEP连接的一个或多个VM的MAC地址之后的第二预定时间内未接收到与所述第一VTEP连接的一个或多个VM中的第一部分VM再次通告的所述第一部分VM的MAC地址的情况下,删除记录的所述第一部分VM的MAC地址;和/或,当所述第一VTEP在记录了与所述第一VTEP连接的一个或多个VM的MAC地址之后的第二预定时间内接收到了与所述第一VTEP连接的一个或多个VM中的第二部分VM再次通告的所述第二部分VM的MAC地址的情况下,维持记录的所述第二部分VM的MAC地址。Wherein the first VTEP does not receive one or more VMs connected to the first VTEP within a second predetermined time after recording the MAC address of the one or more VMs connected to the first VTEP In the case where the first part of the VM re-advertises the MAC address of the first part VM, the MAC address of the first part VM of the record is deleted; and/or when the first VTEP is recorded with the first The MAC of the second partial VM that is re-announced by the second partial VM of the one or more VMs connected to the first VTEP is received within a second predetermined time after the MAC address of the one or more VMs of the VTEP connection In the case of an address, the MAC address of the second part VM of the record is maintained.
  7. 一种虚拟可扩展局域网VXLAN中报文转发方法,包括:A packet forwarding method in a virtual scalable LAN VXLAN, comprising:
    第二虚拟隧道终端VTEP接收来自第一VTEP的组播VXLAN报文,其中,所述组播VXLAN报文是由所述第一VTEP对来自第一虚拟机VM的第二报文进行封装得到的,所述第二报文的源VM媒体接入控制MAC地址为所述第一VM的MAC地址,所述第二报文的目的VM MAC地址为第二VM的MAC地址; The second virtual tunnel terminal VTEP receives the multicast VXLAN packet from the first VTEP, where the multicast VXLAN packet is encapsulated by the first VTEP to encapsulate the second packet from the first virtual machine VM. The source VM media access control MAC address of the second packet is the MAC address of the first VM, and the destination VM MAC address of the second packet is the MAC address of the second VM.
    所述第二VTEP查找与所述第二VTEP连接的VM中是否存在所述第二VM;Determining, by the second VTEP, whether the second VM exists in a VM connected to the second VTEP;
    所述第二VTEP在查找到所述第二VM的情况下,对所述组播VXLAN报文进行解封装并将得到的所述第二报文发送给所述第二VM,以及,将所述第二VM的MAC地址和所述第二VTEP的对应关系应答给所述第一VTEP。The second VTEP decapsulates the multicast VXLAN message and sends the obtained second packet to the second VM, and The correspondence between the MAC address of the second VM and the second VTEP is replied to the first VTEP.
  8. 根据权利要求7所述的方法,其中,所述第二VTEP在接收来自第一VTEP的组播VXLAN报文之后,所述方法还包括:The method of claim 7, wherein after the receiving, by the second VTEP, the multicast VXLAN message from the first VTEP, the method further comprises:
    所述第二VTEP记录所述第一VM的MAC地址和所述第一VTEP的对应关系。The second VTEP records a correspondence between a MAC address of the first VM and the first VTEP.
  9. 根据权利要求8所述的方法,其中,所述第二VTEP在记录所述第一VM的MAC地址和所述第一VTEP的对应关系之后,所述方法还包括:The method of claim 8, wherein after the recording, by the second VTEP, the correspondence between the MAC address of the first VM and the first VTEP, the method further comprises:
    所述第二VTEP在记录了所述第一VM的MAC地址和所述第一VTEP的对应关系之后的第一预定时间之内未接收到来自所述第一VTEP的且源VM MAC地址为所述第一VM的报文的情况下,删除记录的所述第一VM的MAC地址和所述第一VTEP的对应关系;和/或,The second VTEP does not receive the source VM MAC address from the first VTEP within a first predetermined time after the mapping of the MAC address of the first VM and the first VTEP is recorded. In the case of the message of the first VM, deleting the correspondence between the MAC address of the first VM and the first VTEP; and/or,
    所述第二VTEP在记录了所述第一VM的MAC地址和所述第一VTEP的对应关系之后的第一预定时间之内接收到来自所述第一VTEP的且源VM MAC地址为所述第一VM的报文的情况下,维持记录的所述第一VM的MAC地址和所述第一VTEP的对应关系。Receiving, by the second VTEP, the source VM MAC address from the first VTEP and the first predetermined time after recording the correspondence between the MAC address of the first VM and the first VTEP In the case of the message of the first VM, the correspondence between the MAC address of the first VM and the first VTEP is maintained.
  10. 根据权利要求7所述的方法,其中,所述方法还包括:The method of claim 7 wherein the method further comprises:
    所述第二VTEP接收与所述第二VTEP连接的一个或多个VM通告的所述一个或多个VM的MAC地址; The second VTEP receives a MAC address of the one or more VMs advertised by one or more VMs connected to the second VTEP;
    所述第二VTEP记录与所述第二VTEP连接的一个或多个VM的MAC地址;The second VTEP records a MAC address of one or more VMs connected to the second VTEP;
    其中,当所述第二VTEP在记录了与所述第二VTEP连接的一个或多个VM的MAC地址之后的第二预定时间内未接收到与所述第二VTEP连接的一个或多个VM中的第一部分VM再次通告的所述第一部分VM的MAC地址的情况下,删除记录的所述第一部分VM的MAC地址;和/或,当所述第二VTEP在记录了与所述第二VTEP连接的一个或多个VM的MAC地址之后的第二预定时间内接收到了与所述第二VTEP连接的一个或多个VM中的第二部分VM再次通告的所述第二部分VM的MAC地址的情况下,维持记录的所述第二部分VM的MAC地址。Wherein the second VTEP does not receive one or more VMs connected to the second VTEP within a second predetermined time after the MAC address of the one or more VMs connected to the second VTEP is recorded In the case where the first part of the VM re-advertises the MAC address of the first part VM, the MAC address of the first part VM of the record is deleted; and/or when the second VTEP is recorded with the second Receiving the MAC of the second partial VM re-announced by the second partial VM of the one or more VMs connected to the second VTEP within a second predetermined time after the MAC address of the one or more VMs of the VTEP connection In the case of an address, the MAC address of the second part VM of the record is maintained.
  11. 一种虚拟可扩展局域网VXLAN中报文转发装置,应用于第一虚拟隧道终端VTEP中,包括:A packet forwarding device in a virtual scalable LAN VXLAN is applied to a first virtual tunnel terminal VTEP, including:
    第一接收模块,设置为接收来自第一虚拟机VM的第一报文,其中,所述第一报文的目的VM媒体接入控制MAC地址为第二VM的MAC地址;The first receiving module is configured to receive the first packet from the first virtual machine VM, where the destination VM media access control MAC address of the first packet is a MAC address of the second VM;
    确定模块,设置为根据所述第一VTEP中记录的所述第二VM的MAC地址和与所述第二VM连接的第二VTEP的对应关系确定所述第二VTEP,其中,所述第二VM的MAC地址和所述第二VTEP的对应关系为所述第二VTEP告知给所述第一VTEP的;a determining module, configured to determine the second VTEP according to a correspondence between a MAC address of the second VM recorded in the first VTEP and a second VTEP connected to the second VM, where the second Corresponding relationship between the MAC address of the VM and the second VTEP is notified to the first VTEP by the second VTEP;
    转发模块,设置为将所述第一报文通过所述第二VTEP转发给所述第二VM。And a forwarding module, configured to forward the first packet to the second VM by using the second VTEP.
  12. 一种虚拟可扩展局域网VXLAN中报文转发装置,应用于第二虚拟隧道终端VTEP中,包括:A packet forwarding device in a virtual scalable LAN VXLAN is applied to a second virtual tunnel terminal VTEP, including:
    第二接收模块,设置为接收来自第一VTEP的组播VXLAN报文,其中,所述组播VXLAN报文是由所述第一VTEP对来自第一虚拟机 VM的第二报文进行封装得到的,所述第二报文的源VM媒体接入控制MAC地址为所述第一VM的MAC地址,所述第二报文的目的VM MAC地址为第二VM的MAC地址;a second receiving module, configured to receive a multicast VXLAN message from the first VTEP, where the multicast VXLAN message is from the first virtual machine by the first VTEP pair The second packet of the VM is encapsulated, and the source VM media access control MAC address of the second packet is the MAC address of the first VM, and the destination VM MAC address of the second packet is the second packet. VM's MAC address;
    查找模块,设置为查找与所述第二VTEP连接的VM中是否存在所述第二VM;a finding module, configured to find whether the second VM exists in a VM connected to the second VTEP;
    发送模块,设置为在查找到所述第二VM的情况下,对所述组播VXLAN报文进行解封装并将得到的所述第二报文发送给所述第二VM,以及,将所述第二VM的MAC地址和所述第二VTEP的对应关系应答给所述第一VTEP。a sending module, configured to: when the second VM is found, decapsulate the multicast VXLAN packet, and send the obtained second packet to the second VM, and The correspondence between the MAC address of the second VM and the second VTEP is replied to the first VTEP.
  13. 一种存储介质,其特征在于,所述存储介质包括存储的程序,其中,所述程序运行时执行权利要求1至10中任一项所述的方法。 A storage medium, characterized in that the storage medium comprises a stored program, wherein the program is executed to perform the method of any one of claims 1 to 10.
PCT/CN2017/090953 2016-06-30 2017-06-29 Method and apparatus for forwarding packet in virtual extensible local area network (vxlan) WO2018001339A1 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
CN201610506713.4A CN107566262A (en) 2016-06-30 2016-06-30 Message forwarding method and device in virtual expansible LAN VXLAN
CN201610506713.4 2016-06-30

Publications (1)

Publication Number Publication Date
WO2018001339A1 true WO2018001339A1 (en) 2018-01-04

Family

ID=60785255

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2017/090953 WO2018001339A1 (en) 2016-06-30 2017-06-29 Method and apparatus for forwarding packet in virtual extensible local area network (vxlan)

Country Status (2)

Country Link
CN (1) CN107566262A (en)
WO (1) WO2018001339A1 (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN110048946A (en) * 2018-01-15 2019-07-23 厦门靠谱云股份有限公司 A kind of unicast VXLAN management system based on Linux bridge and SDN controller

Families Citing this family (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN110401726B (en) * 2018-04-24 2022-04-15 中兴通讯股份有限公司 Method, device and equipment for processing address resolution protocol message and storage medium
CN112134776B (en) * 2019-06-25 2022-08-26 华为技术有限公司 Method for generating multicast forwarding table item and access gateway
CN115225573A (en) * 2022-07-18 2022-10-21 中国联合网络通信集团有限公司 Table entry aging processing method, traffic forwarding method, device, VTEP and VXLAN

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103841028A (en) * 2014-03-24 2014-06-04 杭州华三通信技术有限公司 Method and device for forwarding messages
CN103888386A (en) * 2012-12-24 2014-06-25 华为技术有限公司 Extensible virtual local area network message transmission method, device and system
CN104243269A (en) * 2014-09-24 2014-12-24 杭州华三通信技术有限公司 Processing method and device of messages in VxLAN (virtual extensible local area network)
CN104954218A (en) * 2014-03-24 2015-09-30 杭州华三通信技术有限公司 Distributed virtual switching device and forwarding method
US20150381386A1 (en) * 2014-06-30 2015-12-31 Arista Networks, Inc. Method and system for vxlan encapsulation offload

Family Cites Families (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US9036639B2 (en) * 2012-11-29 2015-05-19 Futurewei Technologies, Inc. System and method for VXLAN inter-domain communications
WO2015100656A1 (en) * 2013-12-31 2015-07-09 华为技术有限公司 Method and device for implementing virtual machine communication
CN104601463B (en) * 2015-02-28 2018-03-06 新华三技术有限公司 Message forwarding method and device in a kind of VXLAN networks

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103888386A (en) * 2012-12-24 2014-06-25 华为技术有限公司 Extensible virtual local area network message transmission method, device and system
CN103841028A (en) * 2014-03-24 2014-06-04 杭州华三通信技术有限公司 Method and device for forwarding messages
CN104954218A (en) * 2014-03-24 2015-09-30 杭州华三通信技术有限公司 Distributed virtual switching device and forwarding method
US20150381386A1 (en) * 2014-06-30 2015-12-31 Arista Networks, Inc. Method and system for vxlan encapsulation offload
CN104243269A (en) * 2014-09-24 2014-12-24 杭州华三通信技术有限公司 Processing method and device of messages in VxLAN (virtual extensible local area network)

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN110048946A (en) * 2018-01-15 2019-07-23 厦门靠谱云股份有限公司 A kind of unicast VXLAN management system based on Linux bridge and SDN controller
CN110048946B (en) * 2018-01-15 2020-08-28 厦门靠谱云股份有限公司 Linux bridge and SDN controller-based unicast VXLAN management method

Also Published As

Publication number Publication date
CN107566262A (en) 2018-01-09

Similar Documents

Publication Publication Date Title
US9621373B2 (en) Proxy address resolution protocol on a controller device
EP2897347B1 (en) Method for transmitting addresses correspondence relationship in second-layer protocol using link status routing
WO2018001339A1 (en) Method and apparatus for forwarding packet in virtual extensible local area network (vxlan)
WO2016101646A1 (en) Access method and apparatus for ethernet virtual network
WO2014067280A1 (en) Processing method, apparatus and system for multicast
US10652142B2 (en) SDN-based ARP implementation method and apparatus
JP6722816B2 (en) Packet transfer
WO2017124886A1 (en) Method and gateway for acquiring route as required
WO2013049989A1 (en) Layer two interconnection between data centers
JP2020520612A (en) Packet transmission method, edge device, and machine-readable storage medium
CN107094110B (en) DHCP message forwarding method and device
CN107707476B (en) Efficient wireless forwarding device and method based on FPGA
US9118608B2 (en) Communication apparatus, control method therefor, and computer-readable storage medium
CN113872845A (en) Method for establishing VXLAN tunnel and related equipment
CN114885443B (en) Multi-mode network control system and method supporting mobile access of terminal
CN104168140A (en) VTEP abnormal condition processing method and device
EP2728795A1 (en) Processing method, device and system for controlling packet broadcast
CN109391534B (en) Access mode updating method and device
CN107547691B (en) Address resolution protocol message proxy method and device
WO2023273957A1 (en) Computing power release method and apparatus, and computing power update method and apparatus
WO2013023465A1 (en) Interconnection and intercommunication method for identity location separated network and traditional network, ilr and asr
US11962673B2 (en) Packet tunneling and decapsulation with split-horizon attributes
WO2016050096A1 (en) Method for forwarding message in trill network and route bridge
CN113497767A (en) Method and device for transmitting data, computing equipment and storage medium
WO2022001666A1 (en) Method for creating vxlan tunnel and related devices

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 17819336

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 17819336

Country of ref document: EP

Kind code of ref document: A1