CN102968346A - Method for realizing external communication of virtual machine under virtual environment - Google Patents
Method for realizing external communication of virtual machine under virtual environment Download PDFInfo
- Publication number
- CN102968346A CN102968346A CN2012104179384A CN201210417938A CN102968346A CN 102968346 A CN102968346 A CN 102968346A CN 2012104179384 A CN2012104179384 A CN 2012104179384A CN 201210417938 A CN201210417938 A CN 201210417938A CN 102968346 A CN102968346 A CN 102968346A
- Authority
- CN
- China
- Prior art keywords
- packet
- virtual machine
- bag
- server
- icp
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Images
Landscapes
- Data Exchanges In Wide-Area Networks (AREA)
Abstract
The invention provides a method for realizing the external communication of a virtual machine under a virtual environment, and the method is based on a server; the server is provided with a transmission control protocol/internet protocol (TCP/IP) stack; the method comprises the following steps that (1) a hook function is registered in the TCP/IP stack; (2) when a data packet enters the TCP/IP stack, the hook function transfers the data packet which enters the TCP/IP stack; and (3) whether the data packet is a chaff package or not is judged, and the chaff package is filtered. According to the method for realizing the external communication of the virtual machine under the virtual environment, relevant codes are implanted into a linux kernel, and the virtual machine on TC3600 can communicate with the outside environment through an exchange module by filtering the chaff data packet on a link layer.
Description
Technical field
The invention belongs to the communications field, be specifically related to realize under a kind of virtualized environment the method for virtual machine PERCOM peripheral communication.
Background technology
Dawn TC3600 blade server is with high-performance calculation, web foundation framework, information service and virtually turn to main application target, having incorporated many advanced persons' design concept and technical characteristic, is the blade server product that leading latest generation meets open standard.The TC3600 blade server has been realized high-performance, high density, scalable, as required configuration, flexibly product design of scheme, can satisfy the application demand of the various and dynamic change of user.Simultaneously, the TC3600 blade server has the RAS characteristic of enterprise-level product, can satisfy the key users' such as government, telecommunications, finance, education, internet needs.
The assembly of TC3600 comprises administration module, power module, I/O expansion blade, gigabit ethernet switching module etc.Administration module provides condition monitoring and the system management of blade system modules, and the user can be undertaken operating based on the long-range KVM of IPMI by administration module simultaneously.Optional two the gigabit ethernet switch modules of TC3600, fast realize between the blade, blade and external network interconnected, reduce to the full extent number of cables.
In virtualized environment, the upper establishment of TC3600 virtual machine uses Switching Module to set up the network interface card of virtual machine, externally can not communicate by letter through the test virtual machine.Through technology exploration, the inner management module of TC3600 has the interfering data packet generation in the network service process, affected the correspondence with foreign country of virtual machine by Switching Module.
Summary of the invention
For overcoming defects, the invention provides the method that realizes the virtual machine PERCOM peripheral communication under a kind of virtualized environment, implant correlative code in the linux kernel, by filtering the interfering data bag at link layer, the upper virtual machine of realization TC3600 is communicated by letter with extraneous by Switching Module.
For achieving the above object, the invention provides the method that realizes the virtual machine PERCOM peripheral communication under a kind of virtualized environment, based on server, described Servers installed has the ICP/IP protocol stack; Its improvements are that described method comprises the steps:
(1). in the ICP/IP protocol stack, register Hook Function;
(2). when packet enters the ICP/IP protocol stack, Hook Function accesses the packet that enters the ICP/IP protocol stack;
(3). judge whether packet is to disturb bag, and to disturbing bag to filter.
In the optimal technical scheme provided by the invention, disturb bag for adding the packet of vlan head.
In the second optimal technical scheme provided by the invention, filter to disturb the process of bag to comprise: to wrap then packet discard and return the hook point if disturb; Otherwise directly return the hook point, and continue handle packet.
In the 3rd optimal technical scheme provided by the invention, described server is blade server.
In the 4th optimal technical scheme provided by the invention, the model of described blade server is TC3600.
Compared with the prior art, realize the method for virtual machine PERCOM peripheral communication under a kind of virtualized environment provided by the invention, in the linux kernel, implant correlative code, by filtering the interfering data bag at link layer, realize that the upper virtual machine of TC3600 communicate by letter with extraneous by Switching Module, and be the amended broadcast packet that the administration module of blade server sends to all blades to the packet of main frame generation interference.For dropping to minimum to the impact of original environment, the packet filtering function of code only comes into force to specific this broadcast packet.
Description of drawings
Fig. 1 is the method that realizes the virtual machine PERCOM peripheral communication under the virtualized environment.
Embodiment
By following examples the method that realizes the virtual machine PERCOM peripheral communication under the virtualized environment is described further.
Embodiment 1:
The execution flow process of the method for realization virtual machine PERCOM peripheral communication is as follows under the virtualized environment:
1. in the ICP/IP protocol stack, register Hook Function.
2. work as packet and push on, access the packet that pushes on.
3. determine whether the specific bag that disturbs.
4. the eligible then packet discard of judged result returns the hook point; If not then normally returning the hook point, the function after packet is transferred to continues to process.
5. this processing finishes.
Embodiment 2:
Realize the method for virtual machine PERCOM peripheral communication under a kind of virtualized environment, based on server, described Servers installed has the ICP/IP protocol stack; Described method comprises the steps:
(1). in the ICP/IP protocol stack, register Hook Function;
(2). when packet enters the ICP/IP protocol stack, Hook Function accesses the packet that enters the ICP/IP protocol stack;
(3). judge whether packet is to disturb bag, and to disturbing bag to filter.
Disturb bag for adding the packet of vlan head.
Filter to disturb the process of bag to comprise: to wrap then packet discard and return the hook point if disturb; Otherwise directly return the hook point, and continue handle packet.
Described server is blade server.
The model of described blade server is TC3600.
What need statement is that content of the present invention and embodiment are intended to prove the practical application of technical scheme provided by the present invention, should not be construed as the restriction to protection domain of the present invention.Those skilled in the art can do various modifications, be equal to and replace or improve inspired by the spirit and principles of the present invention.But these changes or modification are all in the protection domain that application is awaited the reply.
Claims (5)
1. realize the method for virtual machine PERCOM peripheral communication under the virtualized environment, based on server, described Servers installed has the ICP/IP protocol stack; It is characterized in that described method comprises the steps:
(1). in the ICP/IP protocol stack, register Hook Function;
(2). when packet enters the ICP/IP protocol stack, Hook Function accesses the packet that enters the ICP/IP protocol stack;
(3). judge whether packet is to disturb bag, and to disturbing bag to filter.
2. method according to claim 1 is characterized in that, disturbs bag for adding the packet of vlan head.
3. method according to claim 1 is characterized in that, filter to disturb the process of bag to comprise: wrap then packet discard and return the hook point if disturb; Otherwise directly return the hook point, and continue handle packet.
4. method according to claim 1 is characterized in that, described server is blade server.
5. method according to claim 4 is characterized in that, the model of described blade server is TC3600.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN2012104179384A CN102968346A (en) | 2012-10-26 | 2012-10-26 | Method for realizing external communication of virtual machine under virtual environment |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN2012104179384A CN102968346A (en) | 2012-10-26 | 2012-10-26 | Method for realizing external communication of virtual machine under virtual environment |
Publications (1)
Publication Number | Publication Date |
---|---|
CN102968346A true CN102968346A (en) | 2013-03-13 |
Family
ID=47798500
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN2012104179384A Pending CN102968346A (en) | 2012-10-26 | 2012-10-26 | Method for realizing external communication of virtual machine under virtual environment |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN102968346A (en) |
Cited By (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN104753928A (en) * | 2015-03-16 | 2015-07-01 | 苏州科达科技股份有限公司 | Code stream forwarding method and system |
Citations (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20020118644A1 (en) * | 2000-09-01 | 2002-08-29 | Ian Moir | Method and system to implement policy-based network traffic management |
US7424710B1 (en) * | 2002-12-18 | 2008-09-09 | Vmware, Inc. | TCP/IP offloading for virtual machines |
CN101977195A (en) * | 2010-10-29 | 2011-02-16 | 西安交通大学 | Method for realizing virtual machine inter-domain communication protocol based on shared memory mechanism |
CN102255903A (en) * | 2011-07-07 | 2011-11-23 | 广州杰赛科技股份有限公司 | Safety isolation method for virtual network and physical network of cloud computing |
CN102347949A (en) * | 2011-09-28 | 2012-02-08 | 上海西默通信技术有限公司 | Application protocol analysis method based on DPI (Distributed Protocol Interface) |
CN102457439A (en) * | 2011-12-07 | 2012-05-16 | 中标软件有限公司 | Virtual switching system and method of cloud computing system |
-
2012
- 2012-10-26 CN CN2012104179384A patent/CN102968346A/en active Pending
Patent Citations (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20020118644A1 (en) * | 2000-09-01 | 2002-08-29 | Ian Moir | Method and system to implement policy-based network traffic management |
US7424710B1 (en) * | 2002-12-18 | 2008-09-09 | Vmware, Inc. | TCP/IP offloading for virtual machines |
CN101977195A (en) * | 2010-10-29 | 2011-02-16 | 西安交通大学 | Method for realizing virtual machine inter-domain communication protocol based on shared memory mechanism |
CN102255903A (en) * | 2011-07-07 | 2011-11-23 | 广州杰赛科技股份有限公司 | Safety isolation method for virtual network and physical network of cloud computing |
CN102347949A (en) * | 2011-09-28 | 2012-02-08 | 上海西默通信技术有限公司 | Application protocol analysis method based on DPI (Distributed Protocol Interface) |
CN102457439A (en) * | 2011-12-07 | 2012-05-16 | 中标软件有限公司 | Virtual switching system and method of cloud computing system |
Non-Patent Citations (3)
Title |
---|
DINGDING LI等: "A High-Performance Inter-Domain Data Transferring System for Virtual Machines", 《JOURNAL OF SOFTWARE》 * |
时翠霞等: "网络数据报文捕获技术分析和研究", 《网络与通信》 * |
温抿雄等: "虚拟机迁移系统网络连接重定向技术", 《计算机应用研究》 * |
Cited By (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN104753928A (en) * | 2015-03-16 | 2015-07-01 | 苏州科达科技股份有限公司 | Code stream forwarding method and system |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN104054316B (en) | Systems and methods for conducting load balancing on SMS center and building virtual private network | |
Lv | Security of internet of things edge devices | |
CA2732885C (en) | Centralized control plane appliance for virtual infrastructure | |
CN102402487B (en) | Zero copy message reception method and system | |
CN102763368B (en) | For the method and system of cross-site forged protection | |
CN103477611A (en) | Systems and methods for N tier cache redirection | |
CN104683165B (en) | The monitoring method of virtual machine network data under a kind of Xen virtualized environments | |
CN103416025A (en) | Systems and methods for VLAN tagging via cloud bridge | |
CN102714657A (en) | Systems and methods for client IP address insertion via TCP options | |
CN102246489A (en) | Systems and methods for connection management for asynchronous messaging over http | |
CN102763393A (en) | Systems and methods for managing ports for rtsp across cores in a multi-core system | |
CN102783090A (en) | Systems and methods for object rate limiting in a multi-core system | |
CN103392314A (en) | Systems and methods for scalable n-core statistics aggregation | |
CN102907055A (en) | Systems and methods for link load balancing on multi-core device | |
CN103155496A (en) | Systems and methods for server initiated connection management in a multi-core system | |
CN102904730A (en) | Intelligent acceleration network card capable of filtering and picking traffic according to protocol, port and IP address | |
CN102771086A (en) | Systems and methods for listening policies for virtual servers of an appliance | |
CN116458120A (en) | Protecting network resources from known threats | |
KR20150000420A (en) | Method and apparatus for network functions virtualization | |
CN103368872A (en) | Data packet forwarding system and method | |
CN102984202B (en) | A kind of cross-over NAT equipment realizes the System and method for of Telnet webmaster | |
CN103491200A (en) | Method, device and system for transmitting IP address through virtual terminal server | |
CN102968346A (en) | Method for realizing external communication of virtual machine under virtual environment | |
Morishima et al. | Network transparent fog-based IoT platform for industrial IoT | |
Doenhoff et al. | Data collection method for security digital twin on cyber physical systems |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
C06 | Publication | ||
PB01 | Publication | ||
C10 | Entry into substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
RJ01 | Rejection of invention patent application after publication | ||
RJ01 | Rejection of invention patent application after publication |
Application publication date: 20130313 |