CN103200069A - Message processing method and device - Google Patents

Message processing method and device Download PDF

Info

Publication number
CN103200069A
CN103200069A CN 201310107847 CN201310107847A CN103200069A CN 103200069 A CN103200069 A CN 103200069A CN 201310107847 CN201310107847 CN 201310107847 CN 201310107847 A CN201310107847 A CN 201310107847A CN 103200069 A CN103200069 A CN 103200069A
Authority
CN
Grant status
Application
Patent type
Prior art keywords
gateway
proxy
technology
message
method
Prior art date
Application number
CN 201310107847
Other languages
Chinese (zh)
Other versions
CN103200069B (en )
Inventor
郝卫国
Original Assignee
华为技术有限公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date

Links

Abstract

The invention provides a message processing method and device and relates to the technical field of communications. A gateway proxy is arranged in an NVO3 network, a gateway in the NVO3 is connected with the gateway proxy, and the gateway proxy is used for providing packaging technology of a traditional two-layer message and packaging technology of the NVO3 so as to achieve the NVO3 technology under the condition that hardware configuration of an original gateway is not changed.

Description

一种报文处理的方法和设备 A method and apparatus for processing text messages

技术领域 FIELD

[0001] 本发明涉及通信技术领域,尤其涉及一种报文处理的方法和设备。 [0001] The present invention relates to communications technologies, and in particular relates to a method and apparatus for packet processing.

背景技术 Background technique

[0002] 在数据中心中,服务器的虚拟化应用越来越广泛,在服务器虚拟化之后,每个物理服务器可以支持多个VM(Virtual Machine,虚拟机),每个VM独立运行自己的操作系统、中间件以及应用程序。 [0002] In the data center, virtualized application servers more and more widely, after server virtualization, each physical server can support multiple VM (Virtual Machine, virtual machines), each VM runs its own operating system independent , middleware and applications. 为了提高数据中心硬件资源使用效率以及业务的可靠性,需要允许VM在数据中心内部进行自由迁移。 In order to improve data center hardware resource efficiency and reliability of service, we need to be allowed to move freely inside the VM data center.

[0003] 利用服务器的虚拟化技术,同一个物理数据中心可以为不同租户提供服务器托管等业务。 [0003] The use of the server virtualization technology, a single physical data center can provide server hosting services for different tenants. 租户是数据中心资源的使用者,对应一个虚拟网络或多个虚拟网络的管理实体。 Tenants are users of data center resources, corresponds to a virtual network or virtual network management entity. 不同租户可以属于不同的公司或不同部门,为了确保租户的数据安全,不同租户之间需要通过虚拟网络进行流量隔离,这就要求数据中心内部物理网络能够划分为不同的虚拟网络。 Different tenants can belong to different companies or different departments, in order to ensure data security tenant, the tenant is required between different virtual network traffic isolation, which requires internal physical data center network can be divided into different virtual networks.

[0004] 为了实现VM在数据中心内部进行自由迁移以及数据中心内部物理网络中不同虚拟网络的划分,现有技术中提供了NV03 (Network Virtualization over Layer3,三层网络虚拟化)技术,通过Mac In IP的隧道封装,使VM实现跨IP网络的迁移,迁移之后IP地址不改变。 [0004] In order to achieve the freedom VM migration, and the data center physical network divided into different virtual networks within the data center, the prior art provides NV03 (Network Virtualization over Layer3, three virtual network) technology, by Mac In IP tunnel encapsulation, the VM migration across IP networks to achieve, after moving their IP address does not change. 举例来说,Mac (Media Access Control,媒体接入控制)In IP (Internet Protocol,互联网协议)具体可以为Mac In UDP (User Datagram Protocol,用户数据报协议),或MacIn GRE (Generic Routing Encapsulation,通用路由封装),或Mac In TCP (TransmissionControl Protocol,传输控制协议)。 For example, Mac (Media Access Control, media access control) In IP (Internet Protocol, Internet Protocol) may be specifically Mac In UDP (User Datagram Protocol, User Datagram Protocol), or MacIn GRE (Generic Routing Encapsulation, GM routing encapsulation), or Mac In TCP (TransmissionControl protocol, transmission control protocol). NV03的报文封装中包含租户标识,租户ID标识为24bit (位),因此最多能够支持16M的租户,能够满足云计算时代多租户数目的需求。 NV03 encapsulated packet identifier included in a tenant, the tenant ID as the 24bit (bits), thus can support up to 16M of tenants to meet the number of multi-tenant cloud computing needs of the age. 该技术的工作原理包括:从VM发出的报文,由第一跳网络设备查找MAC转发表。 The technology works include: packet sent from the VM, find the first hop network device MAC forwarding table. 如果到达目的VM需要跨越IP网络,则需要由所述第一跳网络设备进行NV03封装。 If the required destination VM across an IP network, it needs to be encapsulated by the first NV03 hop network device. 封装后的报文头部中的目的IP地址是NV03远端隧道的目的IP地址。 Destination IP address of the encapsulated packet header destination IP address is NV03 distal end of the tunnel. 报文从所述第一跳网络设备发出之后,剩余网络设备按照外层目的IP地址进行逐跳转发,不关心内部承载的载荷。 After the first message from hop network device sends, the remaining by-hop network device in accordance with an outer destination IP address, the load does not care about the interior of the carrier. 到达目的设备之后,进行解封装,然后发往目的VM。 After the destination apparatus, decapsulates and then sent to the destination VM. 第一跳网络设备可以为传统的交换机、路由器或服务器中的VS(Virtual Switch,虚拟交换机)。 A first hop network device may be a VS (Virtual Switch, virtual switch) conventional switch, a router or server. 另外通过在三层IP头和原始二层报文之间增加VNID (Virtual Network Identifier,虚拟网络标识)来标识租户。 In addition to identify the tenant by increasing VNID (Virtual Network Identifier, virtual network identifier) ​​between the three original IP header and Layer 2 packets. 每一个VNID对应一个二层广播域。 Each broadcast domain VNID corresponds to a second floor. 不同二层广播域的流量相互隔离。 Layer traffic of different broadcast domains isolated from each other.

[0005]虚拟网络可以使用 VXLAN(Virtual Extensible Local Area Network,虚拟的扩展局域网)、NVGRE (Network Virtualization using Generic Routing Encapsulation,使用通用路由封装的网络虚拟化)、STT(Stateless Transport Tunneling,无状态传输隧道)中的任何一种技术来构建。 [0005] Virtual networks can be used VXLAN (Virtual Extensible Local Area Network, a virtual extension of local area network), NVGRE (Network Virtualization using Generic Routing Encapsulation, using Generic Routing Encapsulation network virtualization), STT (Stateless Transport Tunneling, stateless transmission tunnels any technique to construct) was added. NV03封装可以为VXLAN封装、NVGRE封装、STT封装中的任何一种,下面以VXLAN为例进行说明。 NV03 VXLAN encapsulation package may be any one NVGRE package, the STT package, an example will be described below to VXLAN. 对于VM发出的报文进行封装,以及对封装后的报文进行解封装时使用的是VXLAN技术,该VXLAN技术不同于一般的二层桥接网络中使用的VLAN技术,也不同于三层网络使用的以太网技术。 When used for the encapsulated packet sent VM, and the packet decapsulates the encapsulated is VXLAN technology, the technology is different from the VLAN technology VXLAN in Layer 2 using a bridged network but also from the use of three networks Ethernet technology. 而现有技术中的网关仅支持VLAN技术和以太网技术,无法实现VXLAN技术,也就是说,必须要更新网关的硬件配置才能实现NV03技术,成本闻。 The prior art gateway only supports VLAN technology and Ethernet technology, VXLAN technology can not be achieved, that is to say, it is necessary to update the hardware configuration of the gateway can be achieved NV03 technology, the cost of smell. 发明内容[0006] 本发明的实施例提供一种报文处理的方法、网关代理和NVE,用于解决现有技术中更新网关的硬件配置才能实现NV03技术的问题,从而降低成本。 SUMMARY [0006] Embodiments of the invention provide a packet processing method, a gateway agent, and NVE, for solving the prior art problems to update the hardware configuration of the gateway can be achieved NV03 art, thereby reducing costs. [0007] 为达到上述目的,本发明的实施例根据如下技术方案:[0008] 第一方面,本实施例提供了一种数据报文处理的方法,应用于三层网络虚拟化NV03网络中,所述NV03网络中设置有网关,所述NV03网络通过所述网关与外部网络互通,所述NV03网络中还设置有网关代理,所述网关代理与所述网关连接,所述方法包括:[0009] 所述网关代理接收所述网关发送的第一报文,其中所述第一报文为根据第一封装标识封装的报文;[0010] 如果所述第一报文为数据报文,所述网关代理对所述第一报文进行解封装,得到第二报文和所述第一封装标识;[0011] 所述网关代理根据所述第一封装标识,通过查找虚拟网络标识VNID与虚拟局域网标识VLAN ID的映射关系获得所述第一封装标识对应的第二封装标识;其中当所述第一封装标识为VNID时,所述第二封装标识为VLAN ID,当所述第一封装标识 [0007] To achieve the above object, according to embodiments of the present invention, the following technical solutions: [0008] In a first aspect, the present embodiment provides a method of processing data packets, is applied to a three-layer network virtualization NV03 network, the network is provided with a gateway NV03, NV03 the network through the gateway interworking with an external network, the network is also provided with a NV03 gateway proxy, the gateway agent connected to the gateway, the method comprising: [0009 the first packet] the gateway receives the proxy sent by the gateway, wherein the first packet is a first packet identifier package according to the encapsulation; [0010] If the packet is a first packet of data, the the first said gateway proxy decapsulates the packet to obtain a second packet identifier and the first package; [0011] the gateway agent according to the first package identifier by searching the virtual network identifier of the virtual VNID mapping between a VLAN ID of the second package to obtain a first identifier corresponding to the package identifier; wherein when the first package is identified as VNID, the VLAN ID is identified as the second package, the first package identifier when 为VLAN ID时,所述第二封装标识为VNID ;[0012] 根据所述第二封装标识对所述第二报文进行封装以形成第三报文;[0013] 将所述第三报文发送给所述网关。 When VLAN ID, is identified as the second package VNID; [0012] the second encapsulated packet according to the second package to form a third packet identifier; [0013] the third packet sent to the gateway. [0014] 结合第一方面,在第一种可能的实现方式中,如果所述第一报文为ARP (AddressResolution Protocol,地址解析协议)请求报文,所述网关代理采用与所述第一报文为数据报文时相同的方式处理所述第一报文。 [0014] with the first aspect, in a first possible implementation, if the first packet is ARP (AddressResolution Protocol, ARP) request message, the gateway proxy using the first packet text processing in the same manner as the first packet data message. [0015] 结合第一方面,在第二种可能的实现方式中,如果所述第一报文为ARP请求报文,所述第二报文为ARP请求报文,所述方法还包括:[0016] 所述网关代理通过查找ARP表获得所述第二报文请求的媒体接入控制MAC地址,其中,所述网关代理存储所述ARP表;[0017] 所述网关代理根据所述MAC地址,生成第一ARP应答报文;[0018] 所述网关代理根据所述第一封装标识,对所述第一ARP应答报文进行封装以形成第四报文;[0019] 所述网关代理根据与所述第一封装标识对应的MAC转发信息,将所述第四报文发送给所述网关。 [0015] with the first aspect, in a second possible implementation, if the first packet is an ARP request packet, the second packet is an ARP request packet, the method further comprises: [ 0016] the gateway proxy ARP lookup table obtained by said second packet requested media access control (MAC) address, wherein the gateway agent stores said ARP table; [0017] the gateway agent according to the MAC address generate a first ARP reply packet; [0018] the gateway agent according to the first package identifier, the first ARP response packet to form a fourth encapsulated packet; [0019] the gateway agent according to and the first package identifier forwarding information corresponding to the MAC to transmit the fourth message to the gateway. [0020] 结合第一方面的第二种可能的实现方式,在第三种可能的实现方式中,在所述网关代理通过查找所述ARP表获得所述第二报文请求的MAC地址之前,还包括:所述网关代理判断所述网关是否为主用网关;[0021] 所述网关代理通过查找所述ARP表获得所述第二报文请求的MAC地址的操作在确定所述网关是主用网关时执行。 [0020] combination with the second possible implementation of the first aspect, in a third possible implementation manner, before the gateway proxy MAC address of the second request message is obtained by looking up the ARP table, further comprising: the gateway proxy determines whether the gateway with the gateway based; [0021] the proxy gateway to obtain the MAC address of the second packet by looking up the ARP request is determined that the table is a primary gateway performed with the gateway. [0022] 结合第一方面或第一方面的前三种可能的实现方式中的任意一种,在第四种可能的实现方式中,所述NV03网络还包括服务器,所述服务器包括网络虚拟化边缘NVE,所述NVE用于管理所述服务器内的虚拟机,所述方法还包括:[0023] 所述NVE接收虚拟机发送的第五报文;[0024] 当所述第五报文为ARP请求报文时,通过查找所述NVE存储的ARP表获得所述第五报文请求的MAC地址;[0025] 若查找到所述第五报文请求的MAC地址,所述NVE将查找到的MAC地址携带在第二ARP应答报文中发送给所述虚拟机;[0026] 若未查找到所述第五报文请求的MAC地址,则根据所述虚拟机对应的VNID,对所述第五报文进行封装以获得第六报文,并将所述第六报文发送至所述网关。 [0022] with the first aspect or any one of the first three possible implementations of the first aspect, in a fourth possible implementation manner, the NV03 network further comprises a server comprising a network virtualization NVE edge, the NVE for managing virtual machines in the server, the method further comprises: [0023] the fifth message sent by the recipient virtual machine NVE; [0024] when the fifth packet is when the ARP request packet, the MAC address of the fifth packet request by looking up the ARP table stored NVE; [0025] if it can find the MAC address of the fifth packet request, will find the NVE a MAC address carried in the second transmitting ARP reply packet to the virtual machine; [0026] Failure to find the MAC address of the fifth packet request, the corresponding virtual machine according to the VNID, the fifth encapsulated packet to obtain the sixth packet and the sixth packet to the gateway. [0027] 第二方面,本实施例还提供了一种网关代理,应用于三层网络虚拟化NV03网络中,所述网关代理与网关连接,所述NV03网络通过所述网关与外部网络互通,所述网关代理包括:[0028] 接收单元,用于接收所述网关发送的第一报文,其中所述第一报文为根据第一封装标识封装的报文;[0029] 解封装单元,当所述第一报文为数据报文时,用于对所述接收单元接收到的所述第一报文进行解封装,得到第二报文和所述第一封装标识;[0030] 查找单元,用于根据所述第一封装标识查找VNID与VLAN ID的映射关系以获得对应的第二封装标识;其中当所述第一封装标识为VNID时,所述第二封装标识为VLAN ID,当所述第一封装标识为VLAN ID时,所述第二封装标识为VNID ;[0031] 封装单元,用于根据所述查找单元查找到的所述第二封装标识对所述第二报文进行封装以形成第三报文;[00 [0027] a second aspect, the present embodiment further provides a gateway agent, is applied to a three-layer network virtualization NV03 network, the gateway agent connected to the gateway, the gateway NV03 network through the interworking with an external network, the gateway agent comprising: [0028] a receiving unit, configured to receive a first message sent by the gateway, wherein the first packet is a packet identifier in accordance with a first encapsulation package; [0029] decapsulating unit, when the first packet is a data packet, said receiving means for receiving a first packet decapsulates obtain a second packet identifier and the first package; [0030] Finding means for finding the mapping relation VNID VLAN ID according to the first package to obtain a second identifier corresponding to the package identifier; wherein when the first package when VNID identification, identification of the second package VLAN ID, when the package is identified as the first VLAN ID, is identified as the second package VNID; [0031] packaging unit, the searching unit according to the second package to find the second identification packet encapsulated to form a third packet; [00 32] 发送单元,用于将所述第三报文发送给所述网关。 32] transmitting means for transmitting the third packet to the gateway. [0033] 结合第二方面,在第一种可能的实现方式中,如果所述第一报文为地址解析协议ARP请求报文,所述解封装单元、所述查找单元、所述封装单元和所述发送单元采用与所述第一报文为数据报文时相同的方式处理所述第一报文。 [0033] combination with the second aspect, in a first possible implementation, if the first packet is an Address Resolution Protocol ARP request packet, the decapsulating unit, the searching unit, the packaging unit, and the transmission unit in the same manner as when the first data packet is a first packet of the packet processing. [0034] 结合第二方面,在第二种可能的实现方式中,如果所述第一报文是ARP请求报文,则所述第二报文是ARP请求报文,所述网关代理还包括:存储单元,用于存储ARP表;[0035] 所述查找单元,还用于在所述第二报文为ARP请求报文时,从所述存储单元存储的ARP表中查找所述第二报文请求的MAC地址;[0036] 所述网关代理还包括生成单元,用于根据所述查找单元查找到的MAC地址,生成第一ARP应答报文;[0037] 所述封装单元,还用于根据所述第一封装标识,对所述生成单元生成的所述第一ARP应答报文进行封装以形成第四报文;[0038] 所述发送单元,还用于根据与所述第一封装标识对应的MAC转发信息,将所述第四报文发送给所述网关。 [0034] combination with the second aspect, in a second possible implementation, if the first packet is an ARP request packet, the second packet is the ARP request packet, the gateway further comprises agent : a storage unit for storing ARP table; [0035] the search unit is further configured to the second packet is an ARP request packet, from the ARP lookup table stored in the storage unit the second MAC address request packet; [0036] the proxy gateway further includes a generating unit, the searching unit according to the searched MAC address to generate a first ARP reply packet; [0037] the encapsulating unit, further with the identifier in the first package, the first generation unit of the ARP reply packet to form a fourth encapsulated packet; [0038] the sending unit is further configured according to the first package MAC forwarding information corresponding to the identification to transmit the fourth message to the gateway. [0039] 结合第二方面的第二种可能的实现方式,在第三种可能的实现方式中,该网关代理还包括判断单元,用于判断所述网关是否为主用网关;[0040] 所述查找单元,具体用于在所述判断单元确定所述网关是主用网关时,从所述存储单元存储的ARP表中查找所述第二报文请求的MAC地址。 [0039] combination with the second possible implementation of the second aspect, in a third possible implementation, the gateway agent further comprises determining means for determining whether the gateway with the gateway based; [0040] The said searching unit when the determining unit determines that the active gateway is the gateway looks up the MAC address of the second packet request from the ARP table of the storage unit stores. [0041] 第三方面,本实施例还提供了一种NVE,所述NVE应用于三层网络虚拟化NV03网络中,所述NV03网络中设置有服务器和网关,所述NV03网络通过所述网关与外部网络互通,所述网关连接网关代理,所述NVE位于所述服务器中,所述NVE用于管理所述服务器内的虚拟机,所述NVE包括: [0041] a third aspect, the present embodiment further provides a NVE, is applied to the three network virtualization NVE NV03 network, the network is provided with a NV03 server and gateway, the network through the gateway NV03 interworking with external networks, a gateway agent connected to the gateway, said server is located in the NVE, the NVE for managing virtual machines in the server, the NVE comprising:

[0042] 存储单元,用于保存ARP表; [0042] storage means for storing ARP table;

[0043] 接收单元,用于接收虚拟机发送的第五报文; [0043] a receiving unit for receiving the fifth message sent by the virtual machine;

[0044] 查找单元,用于在所述接收单元接收的所述第五报文为ARP请求报文时,从所述存储单元存储的所述ARP表中查找所述第五报文请求的MAC地址; [0044] The searching unit configured to, when an ARP request packet, looking up in the receiving unit receives the fifth packet from the ARP table of the storage unit stores the request packet fifth MAC address;

[0045] 发送单元,用于在所述查找单元查找到所述第五报文请求的MAC地址时,将查找到的MAC地址携带在ARP应答报文中发送给所述虚拟机;还用于在所述查找单元未查找到所述第五报文请求的MAC地址时,根据所述虚拟机对应的VNID对所述第五报文进行封装以得到第六报文,并将所述第六报文发送至网关。 [0045] The transmission unit for the lookup unit searches a MAC address to the fifth packet request will find the MAC address carried in the virtual machine to send ARP reply packet; for further when the searching unit does not find the MAC address of the fifth packet request, according to the virtual machine corresponding to the fifth VNID encapsulated packet to obtain the sixth packet, and the sixth message to the gateway.

[0046] 本发明实施例提供了一种报文处理的方法、网关代理以及网络虚拟化边缘,在N0V3网络中配置网关代理,网关代理与网关连接。 Example embodiments provide a method of packet processing of [0046] the present invention, and gateway proxy network virtualization edge disposed in N0V3 network gateway proxy, the gateway agent connected to the gateway. 使用该网关代理对网关发送至N0V3网络内部的网络设备的报文进行NV03封装,对N0V3网络内部的网络设备发送到网关的报文进行N0V3解封装,使得网关在不支持NV03封装和解封装技术的情况下,仍能够处理N0V3网络与外部网络互通的报文,从而使得在不改变现有网络中网关的硬件配置的情况下,实现NV03技术。 Using the gateway agent sends to the gateway to N0V3 internal network network device packets NV03 encapsulated packets sent to the gateway is N0V3 decapsulate N0V3 within the network the network device, so that the gateway does not support NV03 encapsulation and decapsulation art case, the network is still able to handle N0V3 external packet network interworking so that in case of a hardware configuration without changing the existing network gateway, to achieve NV03 technology.

附图说明 BRIEF DESCRIPTION

[0047] 为了更清楚地说明本发明实施例或现有技术中的技术方案,下面将对实施例或现有技术描述中所需要使用的附图作简单地介绍,显而易见地,下面描述中的附图仅仅是本发明的一些实施例,对于本领域普通技术人员来讲,在不付出创造性劳动的前提下,还可以根据这些附图获得其他的附图。 [0047] In order to more clearly illustrate the technical solutions in the embodiments or the prior art embodiment of the present invention, briefly introduced hereinafter, embodiments are described below in the accompanying drawings or described in the prior art needed to be used in describing the embodiments the drawings are only some embodiments of the present invention, those of ordinary skill in the art is concerned, without creative efforts, can derive from these drawings other drawings.

[0048] 图1为本发明实施例中的一种NV03网络的组成框图; [0048] FIG 1 block diagram of one embodiment NV03 network embodiment of the invention;

[0049] 图2为本发明实施例中的一种报文处理的方法流程图; [0049] FIG 2 is a flowchart of a method of packet processing in the embodiment of the present invention;

[0050] 图3为本发明实施例中的另一种报文处理的方法流程图; [0050] FIG. 3 flowchart illustrating another embodiment of packet processing method of the present invention;

[0051] 图4为本发明实施例中的另一种报文处理的方法流程图; [0051] FIG 4 is a flowchart of another embodiment of the message processing method of the present invention;

[0052] 图5为本发明实施例中的另一种报文处理的方法流程图; [0052] FIG 5 is a flowchart of another embodiment of the message processing method of the present invention;

[0053] 图6为本发明实施例中的另一种报文处理的方法流程图; [0053] FIG. 6 is a flow diagram of another embodiment of packet processing method of the present invention;

[0054] 图7为本发明实施例中的另一种报文处理的方法流程图; [0054] FIG. 7 is a flowchart of another embodiment of the message processing method of the present invention;

[0055] 图8为本发明实施例中的一种网关代理的组成框图; [0055] FIG. 8 A gateway block diagram of the embodiment of the present invention, the agent of the embodiment;

[0056] 图9为本发明实施例中的另一种网关代理的组成框图; [0056] FIG 9 block diagram of another embodiment of the gateway proxy embodiment of the present invention;

[0057] 图10为本发明实施例中的另一种网关代理的组成框图; [0057] FIG. 10 is a block diagram of the composition of another embodiment of the present invention, gateway proxy;

[0058] 图11为本发明实施例中的一种NVE的组成框图; [0058] Figure 11 block diagram of a NVE composition according to the present embodiment of the invention;

[0059] 图12为本发明实施例提供的另一种网关代理的组成框图; [0059] Figure 12 block diagram of another embodiment provided by the gateway proxy embodiment of the invention;

[0060] 图13为本发明实施例提供的另一种NVE的组成框图。 [0060] FIG. 13 NVE block diagram of another embodiment of the invention provided.

具体实施方式 detailed description

[0061] 下面将结合本发明实施例中的附图,对本发明实施例中的技术方案进行清楚、完整地描述,显然,所描述的实施例仅仅是本发明一部分实施例,而不是全部的实施例。 [0061] below in conjunction with the present invention in the accompanying drawings, technical solutions of embodiments of the present invention are clearly and completely described, obviously, the described embodiments are merely part of embodiments of the present invention, but not all embodiments example. 基于本发明中的实施例,本领域普通技术人员在没有作出创造性劳动前提下所获得的所有其他实施例,都属于本发明保护的范围。 Based on the embodiments of the present invention, those of ordinary skill in the art to make all other embodiments without creative work obtained by, it falls within the scope of the present invention. [0062] 本发明实施例提供的技术方案可应用于NV03网络,该NV03网络可以包括服务器和网关。 Embodiment [0062] The present invention provides technical solutions may be applied NV03 network, the network may comprise NV03 servers and gateways. 可选地,服务器可以包括NVE (network virtualization edge,网络虚拟化边缘)。 Alternatively, the server may comprise NVE (network virtualization edge, edge network virtualization). NVE作为实现基于overlay技术的网络虚拟化的边缘逻辑实体,可以隐藏租户的真实地址(比如MAC和/或IP地址),能够进行NV03报文的封装和解封装。 NVE as overlay network-based virtualization technology edges logical entity can hide the real address of the tenant (for example, MAC and / or IP address) can be performed NV03 encapsulation and decapsulation of packets. 举例来说,服务器可通过由接入交换机和核心交换机组成的NV03网络连接到网关,服务器内运行一个或多个虚拟机,在同一个服务器内的虚拟机由该服务器内的NVE统一管理。 For example, the server may be connected through a network by access NV03 and core switches to the gateway component, one or more virtual machines running within the server, a server at the same virtual machine within the NVE unified management by the server. 所述网关可以不支持NV03封装技术,所述NV03网络通过所述网关与外部网络互通。 The gateway may not support NV03 packaging technology, the NV03 network through the gateway interworking with external networks. 在该NV03网络中,网关与网关代理连接。 NV03 in the network, and a gateway agent connected to the gateway. 举例来说,网关与网关代理可以直接连接。 For example, the gateway agent may be directly connected with the gateway. 可选地,网关与网关代理可以通过二层网络连接。 Alternatively, the gateway may be connected through the gateway proxy layer 2 network. 该网关代理上配置VNID和VLAN ID的映射关系来表示,该网关代理可实现以太封装与以太解封装、以及N0V3封装与N0V3解封装。 Configuring the gateway and the proxy VNID VLAN ID mapping relationship is represented, the gateway agent may implement Ethernet Ethernet encapsulation and decapsulation, and N0V3 N0V3 decapsulation and encapsulation. [0063] NV03封装可以为VXLAN封装、NVGRE封装、STT封装中的任何一种,下面以VXLAN为例进行说明。 [0063] NV03 VXLAN package may be encapsulated, any NVGRE package, the STT package, an example will be described below to VXLAN. 例如,参照图1所示,该网络架构包括有一个网关,该网关与网关代理连接。 For example, referring to FIG. 1, the network architecture includes a gateway that is connected with the gateway proxy. 该网关连接着外部网络和两个核心交换机。 The gateway is connected to an external network and two core switches. NV03网络包括两个核心交换机和四个接入交换机。 NV03 core network comprises two switches and four access switches. 每个接入交换机都连接有一个服务器,分别为服务器1-服务器4,每个服务器中运行有两个虚拟机,其中虚拟机VMl、VM3、VM5、VM7属于vx I an I,虚拟机VM2、VM4、VM6、VM8属于vxlan20[0064] 基于上述如图1所示的网络,本发明实施例提供了一种报文处理的方法,如图2所示,该方法包括下述操作。 Each access switch connected to a server, namely server 4 1- server, each server running two virtual machines, wherein the virtual machine VMl, VM3, VM5, VM7 belonging vx I an I, virtual machine VM2, VM4, VM6, VM8 belonging vxlan20 [0064] based on the network shown in FIG. 1 described above, embodiments provide a method for packet processing according to the present invention, shown in Figure 2, the method comprising the following operations. [0065] 201、网关代理接收网关发送的第一报文。 [0065] 201, the gateway agent receives a first packet sent by the gateway. [0066] 其中,所述第一报文为根据第一封装标识封装的报文。 [0066] wherein, the first packet is a first packet encapsulation package according to identification. 可选地,所述第一报文可以是数据报文,或者是ARP请求报文,或者是其他请求报文。 Alternatively, the first message may be a data packet or an ARP request packet, or other request. 所述第一封装标识可以是VNID或VLAN ID。 The first package may be VNID identification or VLAN ID. [0067] 其中,一个VNID对应于一个二层广播域,对不同租户的流量进行隔离。 [0067] wherein a Layer VNID corresponding to a broadcast domain, traffic isolation of different tenants. 属于同一个虚拟网络实例(virtual network instance, VNI)的不同虚拟机可以具有相同的VNID。 Belonging to the same instance of a virtual network (virtual network instance, VNI) different virtual machines may have the same VNID. [0068] 所述网关发送至网关代理的第一报文可以是网关主动发起的报文,也可以是其他网络设备经由网关向网关代理发送的报文。 [0068] the gateway sends to the first message gateway proxy gateway may initiate packets, packets may be transmitted to other network devices to the gateway via a proxy gateway. [0069] 202、网关代理对所述第一报文进行解封装,得到第二报文和第一封装标识。 [0069] 202, the first gateway proxy decapsulates the packet to obtain a second packet identifier and the first package. [0070] 其中,如果第一报文是经过以太封装的报文,网关代理使用以太解封装来获取第二报文以及VLAN ID。 [0070] wherein, if the first packet is encapsulated Ethernet packets passing through the gateway using Ethernet decapsulating agent to obtain a second packet, and VLAN ID. 如果第一报文是经过NV03封装的报文,网关代理使用VXLAN解封装来获取第二报文以及VNID。 If the first packet is the encapsulated packet through NV03, gateway proxy using VXLAN decapsulating the packet, and acquires a second VNID. [0071] VXLAN封装技术为NV03封装技术中的一种,其封装格式如下表I所示。 [0071] VXLAN NV03 package as a packaging technology art, which encapsulation format shown in Table I below. [0072]表 I[0073] [0072] TABLE I [0073]

Figure CN103200069AD00101

[0074] 其中,隧道的源IP地址:NVE的IP地址。 [0074] wherein, the source IP address of the tunnel: IP address of NVE.

[0075] 隧道的目的IP地址:对于单播来说,是对端NVE的IP地址;对于组播来说,是组播组地址。 [0075] The destination IP address of the tunnel: For unicast, it is the IP address of the peer NVE; for a multicast, a multicast group address. VXLAN ID和组播组地址——对应。 VXLAN ID and the multicast group address - corresponds.

[0076] 外层目的MAC地址:使用外层隧道进行IP转发时的下一跳MAC地址,报文在NV03网络中转发时,外层目的MAC地址逐跳改变。 [0076] The outer destination MAC address: outer tunnel using the next hop MAC address forwarding an IP packet forwarding network NV03 outer hop destination MAC address changes.

[0077] 外层源MAC地址:使用外层隧道进行IP转发时的源MAC地址,报文在NV03网络中转发时,外层源MAC地址逐跳改变。 [0077] MAC layer source address: the outer layer tunnel IP source MAC address when forwarding packet forwarding in the network NV03 outer source MAC address change hop by hop.

[0078] VXLANID:就是VNID。 [0078] VXLANID: it is VNID.

[0079] 203、网关代理根据所述第一封装标识查找VNID与VLAN ID的映射关系以获得所述第一封装标识对应的第二封装标识。 [0079] 203, to find the mapping relationship between the gateway proxy VNID VLAN ID according to the first package to obtain a second identifier identifying the first package corresponding to the package identifier.

[0080] 其中,当所述第一封装标识为VNID时,所述第二封装标识为VLAN ID,当所述第一封装标识为VLAN ID时,所述第二封装标识为VNID。 [0080] wherein, when the first package is identified as VNID, the second package is identified as VLAN ID, when the first package is identified as VLAN ID, it is identified as the second package VNID.

[0081] 其中,所述VNID与VLAN ID映射关系可以预先配置在网关代理中,用于表示VXLAN与VLAN之间的对应关系。 [0081] wherein, the mapping relationship VNID with VLAN ID may be preconfigured proxy gateway, representing a correspondence relationship between VXLAN and VLAN.

[0082] 204、根据所述第二封装标识对所述第二报文进行封装以得到第三报文,并将所述第三报文发送给所述网关。 [0082] 204, the second package according to the second identification encapsulated packet to obtain a third packet, and transmitting the third packet to the gateway.

[0083] 举例来说,当网关收到vxlan网络内的服务器发来的N0V3报文时,网关发送给网关代理的第一报文是N0V3报文。 [0083] For example, when the gateway receives a network server within vxlan N0V3 packets sent by the gateway to send a first message gateway proxy is N0V3 packets. 网关代理对所述第一报文发送进行vxlan解封装。 Proxy gateway transmits the first packet for vxlan decapsulation. 可选地,当网关收到来自vxlan网络外的设备的报文时,网关将所述第一报文发送网关代理,网关代理对所述第一报文进行以太解封装和vxlan封装。 Alternatively, when the gateway equipment receives packets from the outside vxlan network, the first message gateway proxy gateway, the first gateway proxy Ethernet packet decapsulation and encapsulation vxlan. 因此,vxlan网络外的设备可以与vxlan网络内的设备通信。 Thus, the external device may communicate with the network vxlan vxlan network device.

[0084] 本发明实施例提供了一种报文处理的方法,N0V3网络中设置网关代理,网关代理与网关连接。 [0084] Example embodiments provide a method for packet processing according to the present invention, N0V3 network gateway proxy settings, the gateway agent connected to the gateway. 该网关代理对网关发送至N0V3网络内的网络设备的报文进行NV03封装,对N0V3网络内的网络设备发送到网关的报文进行N0V3网络解封装,使得网关在不支持NV03封装技术的情况下,仍能够处理来自N0V3网络或者发往N0V3网络的报文,从而使得在不改变现有网络中网关的硬件配置的情况下,实现NV03技术。 A case where the gateway agent sends to the gateway to the packet network device within N0V3 network NV03 encapsulated packets sent to the gateway is N0V3 network decapsulated network devices within N0V3 network, so that the gateway does not support NV03 packaging technology still capable of processing packets sent from a network or N0V3 N0V3 network, so that in case of a hardware configuration without changing the existing network gateway, to achieve NV03 technology. [0085] 在上述如图2所示的技术方案中,当网关接收到来自服务器的ARP请求报文时,网关将该ARP请求报文发送给网关代理。 [0085] In the solution shown in FIG. 2 described above, when the gateway receives the ARP request packet from the server, the gateway ARP request packet to the gateway agent. 此时,上述第一报文为该ARP请求报文,网关代理对该ARP请求报文进行N0V3解封装,然后发给网关。 At this time, the first packet for an ARP request packet, the gateway proxy ARP request packet decapsulation N0V3, then to the gateway. 网关生成ARP r印Iy(应答)报文,将ARPreply报文经过所述网关代理发送回所述服务器。 Gateway generates ARP r printing Iy (response) packets, the packets pass through the gateway ARPreply sent back to the proxy server. 在这种情况下,本发明实施例还提供了一种报文处理的方法,网关代理提供ARP proxy (代理),可以减轻网关应答ARP请求的压力,如图3所示,该方法,包括:[0086] 301、当所述第二报文为ARP请求报文时,所述网关代理通过查找所述网关代理存储的ARP表获得所述第二报文请求的MAC地址。 In this case, embodiments of the present invention further provides a method of processing packets, the gateway agent provides ARP Proxy (agent), can reduce the pressure gateway responds to ARP requests, shown in Figure 3, the method comprising: [0086] 301, when the second packet is an ARP request packet, the MAC address of the gateway proxy of the second request message by the gateway proxy ARP table lookup stored. [0087] 其中,所述网关代理确定所述第二报文是否为ARP请求报文的方法可以参照网关的判断方法,例如,通过所述第二报文对应的网关接口的MAC地址来判断。 [0087] wherein said determining whether the second gateway proxy packet is an ARP request packet determination method can be referred to the method of the gateway, for example, be determined by the MAC address of the packet corresponding to the second gateway interfaces. [0088] 其中,所述ARP表可以是在网关代理上预先设置好的。 [0088] wherein, the ARP table may be set in advance in the gateway proxy good. 或者,网关代理通过侦听经所述网关代理转发的ARP报文来学习得到所述ARP表。 Alternatively, the gateway through the gateway by listening proxy and media proxy ARP packet to the ARP table obtained by learning. [0089] 302、所述网关代理根据获得的MAC地址,生成第一ARP应答报文。 [0089] 302, the gateway proxy MAC address obtained, to generate a first ARP response message. [0090] 303、所述网关代理根据所述第一封装标识,对所述第一ARP应答报文进行封装以形成第四报文。 [0090] 303, the gateway agent according to the first package identifier, the first ARP response packet to form a fourth encapsulated packet. [0091] 304、所述网关代理根据与所述第一封装标识对应的MAC转发信息,将所述第四报文发送给所述网关。 [0091] 304, the gateway agent according to the first package identifier forwarding information corresponding to the MAC to transmit the fourth message to the gateway. [0092] 举例来说,在本实施例中,所述网关代理进行应答的ARP请求报文可以是服务器中的虚拟机发送的用于请求网关MAC地址的请求报文,也可以是网关发送的请求vxlan内的网络设备MAC地址的请求报文。 [0092] For example, in the present embodiment, the gateway proxy ARP reply request message may be a request message server sends the virtual gateway for requesting a MAC address, it may be sent by the gateway request packet network device MAC address in the vxlan. [0093] 可选地,当网关代理无法进行应答时,仍需要结合步骤203至204所述的技术方案,网关代理处理所述ARP请求报文,然后发给网关,由网关进行ARP应答。 [0093] Alternatively, when the gateway agent can not respond, there remains a need in conjunction with step 203 to the aspect 204, gateway proxy processes the ARP request packet, and then sent to the gateway, an ARP reply from the gateway. [0094] 在本实施例中,网关代理保存ARP表,实现应答网关发来的ARP请求报文的功能,从而在网关代理能够进行ARP响应时,代替网关发送ARP应答报文,从而可以减轻网关应答ARP请求报文的压力,同时,也可以减少网关与网关代理之间的报文交互,可以节省网关与网关代理之间的带宽。 When [0094] In the present embodiment, the gateway agent keeps the ARP table, to achieve the response gateways sent ARP request packet function, thereby enabling ARP response in gateway proxy, instead of the gateway sends an ARP response packet, which can reduce the gateway responds to ARP request packets of pressure, but can also reduce the packet exchange between the gateway and gateway proxy, it can save bandwidth between the gateway and the gateway proxy. [0095] 举例来说,为了保证NV03网络的业务可靠性,可设置有两个网关,一个为主用网关,一个为备用网关,与主用网关相连的网关代理提供ARP proxy的功能。 [0095] For example, in order to ensure the reliability of NV03 service network, a gateway may be provided with two, mainly with a gateway, a standby gateway, and the gateway connected to the primary gateway proxy ARP proxy function is provided. 图4所示的方法包括401-405。 The method shown in FIG. 4 comprises 401-405. [0096] 401、所述网关代理判断所述网关是否为主用网关。 [0096] 401, the gateway determines whether the gateway proxy gateway mainly used. 若确定所述网关是主用网关,则执行所述402。 If the master determines that the gateway is a gateway, the 402 is performed. 若确定所述网关是备用网关,则不作响应。 If the standby gateway determines that the gateway is, for no response. 402-405的操作与图3所示实施例中的301-304相同,此处不再赘述。 301-304402-405 same as in the embodiment of the operation of FIG. 3, not further described herein. [0097] 其中,所述判断所述网关是否为主用网关可通过侦听VRRP(Virtual RouterRedundancy Protocol,虚拟路由器冗余协议)报文,并从所述VRRP报文指示的网关工作状态来确定哪个网关为主用网关。 [0097] wherein said determining whether the gateway with the gateway by listening based VRRP (Virtual RouterRedundancy Protocol, Virtual Router Redundancy Protocol) packets, and from the gateway to determine which operating state of the VRRP packets indicated the main gateway with a gateway. [0098] 可选地,本发明实施例还提供了一种报文处理的方法,以减轻网关代理或者网关应答ARP请求报文的负担,图5所示的方法,可由服务器中的NVE实现,包括:[0099] 502、服务器中的NVE接收虚拟机发送的第五报文。 [0098] Alternatively, embodiments of the present invention further provides a method for packet processing, to reduce the burden on the gateway or gateway proxy responds to ARP request message, the method shown in FIG. 5, the server may be implemented in NVE, comprising: a fifth packet [0099] 502, the server receives the virtual machine NVE transmitted. [0100] 504、当所述第五报文为ARP请求报文时,通过查找所述NVE存储的ARP表获得所述第五报文请求的MAC地址。 [0100] 504, when the ARP request packet is the fifth packet, the MAC address of the request packet by the fifth ARP lookup table stored in said NVE. 若查找到所述第五报文请求的MAC地址,则执行506。 If the MAC address to find the fifth packet request 506 is executed. 若未查找到所述第五报文请求的MAC地址,则执行508。 Failure to find the MAC address of the request packet fifth, 508 is performed.

[0101] 其中,所述NVE建立ARP表的方法以及查找的方法与网关代理的相关方法相同。 [0101] wherein the same correlation method NVE the ARP and a method to find the proxy gateway. 此处不再赘述。 Not repeat them here.

[0102] 506、所述服务器中的NVE将查找到的MAC地址携带在第二ARP应答报文中发送给所述虚拟机。 [0102] 506, the server will look to NVE carries the MAC address of the virtual machine to a second ARP reply packet.

[0103] 508、所述服务器中的NVE根据所述虚拟机对应的VNID,对所述第五报文进行封装以得到第六报文,并将所述第六报文发送至网关。 [0103] 508, the server according to the virtual machine NVE corresponding VNID, the fifth packet encapsulated packet to obtain the sixth, and the sixth packet to the gateway.

[0104] 在本实施例中,服务器的NVE可以对ARP请求报文进行应答。 [0104] In the present embodiment, NVE server may answer ARP request packet. NVE无法应答时,将ARP请求报文发送至网关。 When NVE can not answer the ARP request packet to the gateway. 网关可以将ARP请求发送给网关代理,以便网关代理进行代答;或者由网关代理处理后转发至网关,由网关应答,这种方案可以进一步降低网关和网关代理应答ARP请求的负担,也可以减少网络中ARP报文的数量。 Gateway may send an ARP request to the gateway agent to gateway proxy Pickup; or forwarded by the gateway to the gateway proxy processing, the response from the gateway, this embodiment can further reduce the burden on the gateway and the gateway proxy response to ARP requests can be reduced the number of ARP packets in the network.

[0105] 结合如图1所示的网络架构,本发明实施例以VMl发送到外部网络的报文的转发流程以及外部网络的设备发送到VMl的报文的转发流程为例,具体说明本发明实施例提供的技术方案。 [0105] conjunction with the network architecture shown in FIG. 1, the transmission process and the external network forwarding device messages to VMl embodiments of the invention to an external network to the packet forwarding process VMl example, the present invention is specifically described technical solution provided by the embodiment.

[0106] 以N0V3网络采用VXLAN技术为例,图6示出了VMl发送到外部网络的报文的转发流程,包括: [0106] In N0V3 VXLAN network using technology, for example, FIG. 6 shows a VMl transmitted to the external network packet forwarding process, comprising:

[0107] 601、VMl发送ARP请求报文给服务器I的NVE1,所述ARP请求报文中携带VLANID ; [0107] 601, VMl sends an ARP request packet to the server I NVE1, the ARP request packet carries the VLANID;

[0108] 602、NVEl根据所述VLAN ID确定对应的VNID,对ARP请求报文进行VXLAN封装。 [0108] 602, NVEl determined according to the VLAN ID corresponding VNID, the ARP request packet encapsulation VXLAN.

[0109] 其中,进行VXLAN封装时使用VXLANl的VNID,并且外层目的IP地址为所述VNID对应的组播IP地址,源IP地址为服务器I的IP地址。 [0109] wherein, when in use VNID VXLANl VXLAN package, and the outer layer of the destination IP address is VNID multicast IP address corresponding to the source IP address is the IP address of the server I.

[0110] 603、NVEl将封装后的ARP请求报文发送至网关。 [0110] 603, NVEl the encapsulated ARP request packets to the gateway.

[0111] 604、网关根据所述外层目的IP地址查找组播转发表项,将组播报文送往所述网关连接的网关代理。 [0111] 604, to find the gateway IP address in accordance with the purpose of the outer layer multicast forwarding table, the multicast packets sent to the gateway agent connected to the gateway.

[0112] 605、网关代理进行VXLAN解封装,得到ARP请求报文以及VNID。 [0112] 605, the gateway proxy decapsulates VXLAN give ARP request packet and VNID.

[0113] 606、网关代理根据VNID查找VNID与VLAN ID的映射关系以获得对应的VLAN ID。 [0113] 606, the gateway agent according to the mapping relation VNID VNID lookup with a VLAN ID to obtain a corresponding VLAN ID.

[0114] 607、网关代理根据对应的VLAN ID对ARP请求报文进行以太封装。 [0114] 607, the gateway agent according to a corresponding VLAN ID of the Ethernet ARP request packet encapsulation.

[0115] 608、网关代理将经过以太封装的ARP请求报文发送给网关。 [0115] 608, through the gateway proxy encapsulated Ethernet ARP request packet to the gateway.

[0116] 609、网关对以太封装的ARP请求报文进行以太解封装,确定接收到的报文为ARP请求报文。 [0116] 609, the gateway ARP request for the encapsulated Ethernet packet decapsulates the Ethernet, determines that the received packet is an ARP request message.

[0117] 610、网关生成ARP应答报文,并进行以太封装。 [0117] 610, the gateway generates an ARP response packet, and the Ethernet encapsulation. 所述ARP应答报文的目的IP地址为VMl的IP地址。 The ARP reply packet destination IP address is the IP address of the VMl.

[0118] 611、网关将封装的ARP应答报文发送给网关代理。 [0118] 611, the gateway encapsulates the ARP response packet to the gateway proxy.

[0119] 612、网关代理对接收到的ARP应答报文进行以太解封装,得到ARP应答报文和VLAN ID。 [0119] 612, ARP gateway proxy response received Ethernet packet decapsulates give ARP response and VLAN ID.

[0120] 613、网关代理根据VLAN ID查找对应的VNID。 [0120] 613, the gateway agent according VNID search for a corresponding VLAN ID.

[0121] 614、网关代理根据VNID和VMl的MAC地址查找MAC转发表,对ARP应答报文进行VXLAN封装。 [0121] 614, the gateway proxy to find the MAC address VNID and VMl MAC forwarding, the ARP reply packet VXLAN package. 所述封装的ARP应答报文的目的IP地址为NVEl的IP地址。 The package ARP response packet destination IP address is the IP address NVEl. [0122] 615、网关代理通过三层网络发送给NVEl。 [0122] 615, the gateway agent sends to a network through Layer NVEl. [0123] 所述NVEI对所述封装的ARP应答报文进行VXLAN解封装,然后将解封装后的ARP应答报文转发给VMl。 [0123] The encapsulated NVEI the ARP response packet decapsulates VXLAN then decapsulated ARP reply packet to VMl. [0124] 在此之后,来自VMl的单播流量就可以送往网关了。 [0124] Thereafter, the unicast traffic will be sent from VMl the gateway. 其他的VM也可以使用相同流程发送报文。 Other VM can also send messages using the same process. [0125] 如图7所示的vxlan网络外的设备发送到vxlan网络内的VMl的报文转发流程,包括:[0126] 701、网关接收vxlan网络外的设备发来的报文,网关根据ARP表对该报文进行以太封装得到第一报文。 [0125] vxlan devices outside the network shown in Figure 7 is sent to the network VMl within vxlan packet forwarding process, comprising: [0126] 701, the network gateway device receives vxlan sent outside the packet gateway according to the ARP table for the packet to obtain a first encapsulated Ethernet packet. [0127] 702、网关将所述第一报文发送给网关代理。 [0127] 702, the gateway transmits the first packet to the gateway proxy. [0128] 703、网关代理对接收到的第一报文进行以太解封装,得到第二报文和VLANID。 [0128] 703, a first gateway proxy received Ethernet packet decapsulates the packet to obtain a second and VLANID. [0129] 704、网关代理根据VLAN ID查找VLAN ID与VLAN ID的映射关系以获得对应的VNID0[0130] 705、网关代理根据VNID和VNID对应的虚拟网络内的MAC转发表,对所述第二报文进行VXLAN封装以得到第三报文。 [0129] 704, the gateway agent according to find the mapping relationship between the VLAN ID and VLAN ID of VLAN ID to obtain a corresponding VNID0 [0130] 705, the gateway agent according to the MAC forwarding table in VNID and VNID corresponding virtual network, the second VXLAN encapsulated packet to obtain a third packet. [0131] 706、网关代理将所述第三报文发送给网关;网关通过三层网络转发所述第三报文给NVEI。 [0131] 706, the third gateway proxy packet to the gateway; gateway forwards the message to the third network through Layer NVEI. [0132] 707、NVEl判断所述第三报文的目的IP为自身,UDP端口号为特殊的端口号,对所述第三报文进行VXLAN解封装以得到第四报文。 [0132] 707, NVEl determining whether the third destination IP packet itself, UDP port number for a particular port number, the third packet to obtain a fourth VXLAN decapsulates packets. [0133] 708,NVEI根据所述第四报文的目的MAC地址查找VNID对应的虚拟网络的MAC转发表,将所述第四报文发送至VMl。 [0133] 708, NVEI find the MAC VNID virtual network according to the destination MAC address corresponding to the fourth packet forwarding table, and sending the fourth message to the VMl. [0134] 本发明实施例还提供了一种网关代理,应用于NV03网络中,所述网关代理与网关连接,所述NV03网络通过所述网关与外部网络互通。 [0134] Embodiments of the present invention further provides a gateway agent, applied NV03 network, the gateway agent connected to the gateway, the gateway NV03 network through the interworking with an external network. 如图8所示,所述网关代理800包括:[0135] 接收单元801,用于接收所述网关发送的第一报文,其中所述第一报文为根据第一封装标识封装的报文。 As shown, the gateway 800 8 agent comprising: [0135] receiving unit 801, for receiving a first message sent by the gateway, wherein the first packet is a first packet identifier encapsulation package according . [0136] 解封装单元802,当所述第一报文为数据报文时,用于对所述接收单元801接收到的所述第一报文进行解封装,得到第二报文和所述第一封装标识。 [0136] decapsulating unit 802, when the first packet is a data packet for the receiving unit 801 of the received first packet decapsulates and said second message to obtain identifying the first package. [0137] 查找单元803,用于根据所述第一封装标识查找VNID与VLAN ID的映射关系以获得所述第一封装标识对应的第二封装标识;其中当所述第一封装标识为VNID时,所述第二封装标识为VLAN ID,当所述第一封装标识为VLAN ID时,所述第二封装标识为VNID。 Wherein when the first package is identified as VNID; [0137] search unit 803, and is used to find the mapping relationship VNID VLAN ID according to the first package to obtain a second identifier identifying the first package corresponding to the package identifier , the second package is identified as VLAN ID, when the first package is identified as VLAN ID, is identified as the second package VNID. [0138] 封装单元804,用于根据所述查找单元803查找到的第二封装标识对所述第二报文进行封装以得到第三报文。 [0138] packaging unit 804, the searching unit 803 according to the found second package identification of the second encapsulated packet to obtain a third packet. [0139] 发送单元806,用于将所述第三报文发送给所述网关。 [0139] transmitting unit 806, configured to send the third message to the gateway. [0140] 可选地,如果所述第一报文为地址解析协议ARP请求报文,所述解封装单元802、所述查找单元803、所述封装单元804和所述发送单元806采用与所述第一报文为数据报文时相同的方式处理所述第一报文。 [0140] Alternatively, if the first packet is an Address Resolution Protocol ARP request packet, the decapsulating unit 802, a searching unit 803, the encapsulating unit 804 and the transmitting unit 806 and the use of said first packet processing in the same manner as the first packet data message. [0141] 可选地,如果所述第一报文是ARP请求报文,则所述第二报文是ARP请求报文。 [0141] Alternatively, if the first packet is an ARP request packet, the second packet is the ARP request packet. 图9所示的网关代理900还包括:存储单元908:用于保存ARP表。 Gateway proxy 900 shown in FIG. 9 further comprising: a storage unit 908: for storing ARP table. 举例来说,所述存储单元908还可以用于保存VNID与VLAN ID的映射关系。 For example, the storage unit 908 may also be configured to store the mapping relationship between the VLAN ID VNID. [0142] 所述查找单元803,还用于在所述第二报文为ARP请求报文时,从所述存储单元908存储的所述ARP表中查找所述第二报文请求的MAC地址。 [0142] The search unit 803, further for the second packet is an ARP request packet, the ARP lookup table from the storage unit 908 stores the MAC address of the second request packet .

[0143] 所述网关代理还包括:生成单元905,用于根据所述查找单元803查找到的MAC地址,生成第一ARP应答报文。 [0143] The proxy gateway further comprises: a generating unit 905, the searching unit 803 according to the searched MAC address to generate a first ARP response message.

[0144] 所述封装单元804,还用于根据所述第一封装标识,对所述生成单元905生成的第一ARP应答报文进行封装以形成第四报文。 The [0144] package unit 804, in accordance with the first package for further identification, the first generation unit 905 generates the ARP response packet to form a fourth encapsulated packet.

[0145] 所述发送单元806,还用于根据与所述第一封装标识对应的MAC转发信息,将所述第四报文发送给所述网关。 The [0145] transmitting unit 806 is further configured to forward the information package according to the first identifier corresponding to the MAC, to transmit the fourth message to the gateway.

[0146] 可选地,图10所示的网关代理1000,还包括: [0146] Alternatively, the gateway agent 1000 shown in FIG. 10, further comprising:

[0147] 判断单元1007,用于判断所述网关是否为主用网关。 [0147] determination unit 1007, for determining whether the gateway with the gateway based.

[0148] 所述查找单元803,具体用于在所述判断单元1007确定所述网关是主用网关时,从所述存储单元908存储的ARP表中查找所述ARP请求报文请求的MAC地址。 [0148] The searching unit 803, specifically when the determining means determines that the gateway 1007 is the active gateway, to find the MAC address of the ARP request packet request from the storage unit 908 stored in the ARP table .

[0149] 本发明实施例还提供了一种NVE,应用于NV03网络中,所述NV03网络中设置有服务器和网关。 [0149] Embodiments of the present invention further provides a NVE, applied NV03 network, the network is provided with a NV03 servers and gateways. 所述NV03网络通过所述网关与外部网络互通。 NV03 the network through the gateway interworking with external networks. 所述网关与网关代理连接。 The gateway agent connected to the gateway. 所述NVE位于所述服务器中。 The NVE located server. 所述NVE用于管理所述服务器内的虚拟机,如图11所示,NVEl 100 包括: The NVE for managing virtual machines in the server 11, NVEl 100 comprising:

[0150] 存储单元1104,用于保存ARP表。 [0150] The storage unit 1104, configured to store ARP table.

[0151] 接收单元1101,用于接收虚拟机发送的第五报文。 [0151] The receiving unit 1101, a fifth virtual machine packet receiving transmitted.

[0152] 查找单元1102,用于在所述接收单元1101接收的第五报文为ARP请求报文时,从所述存储单元1104存储的所述ARP表中查找所述第五报文请求的MAC地址。 [0152] search unit 1102, configured to search when the reception unit 1101 receives the fifth packet is the ARP request packet from the storage unit 1104 stores in the ARP request packet the fifth MAC address.

[0153] 发送单元1103,用于在所述查找单元1102查找到所述第五报文请求的MAC地址时,则将查找到的MAC地址携带在ARP应答报文中发送给所述虚拟机;还用于在所述查找单元1102未查找到所述第五报文请求的MAC地址时,则根据所述虚拟机对应的VNID对所述第五报文进行封装以得到第六报文,并将所述第六报文发送至网关。 [0153] transmitting unit 1103, for the lookup unit 1102 to find the MAC address of the fifth packet request, will find the MAC address carried in the ARP reply is sent to the packet the virtual machine; is also used when the search unit 1102 does not find the MAC address of the fifth packet request, the encapsulated according to the virtual machine corresponding to the fifth VNID packet to obtain the sixth packet, and the sixth packet to the gateway.

[0154] 本发明实施例还提供了一种服务器,包括图11所示的NVE1100。 [0154] Embodiments of the present invention further provides a server comprising NVE1100 11 shown in FIG.

[0155] 本发明实施例提供了一种网关代理和NVE。 Embodiment [0155] The present invention provides a gateway agent and NVE. N0V3网络中的网关与网关代理连接,并使用该网关代理对网关发送至N0V3网络内的网络设备的报文进行NV03封装,对N0V3网络内的设备发送到网关的报文进行N0V3解封装,使得网关在不支持NV03封装技术的情况下,仍能够处理N0V3网络与外部网络互通的报文,从而使得在不改变现有网络中网关的硬件配置的情况下,实现NV03技术。 Gateway and a gateway agent connected N0V3 network, and transmits to the packet network device within N0V3 network NV03 encapsulation gateway using the gateway proxy transmission equipment in the N0V3 network to a packet gateway is N0V3 decapsulated, such that without the gateway support NV03 packaging technology, it is still capable of processing network packets N0V3 interworking external network, so that in case of a hardware configuration without changing the existing network gateway, to achieve NV03 technology.

[0156] 本发明实施例提供了一种网关代理,应用于三层网络虚拟化NV03网络中,所述NV03网络中设置有网关。 [0156] The present invention provides a gateway agent, is applied to a three-layer network virtualization NV03 network, the network is provided with a gateway NV03. NV03网络通过所述网关与外部网络互通。 NV03 network through the gateway interworking with external networks. 所述网关与网关代理连接。 The gateway agent connected to the gateway. 图12所示的网关代理1200包括输入输出电路1201、处理器1202和存储器1203。 Gateway agent 1200 shown in FIG 12 includes input-output circuit 1201, processor 1202 and memory 1203. 所述存储器1203被配置存储代码,并被配置存储VNID与VLAN ID的映射关系。 The memory 1203 is configured to store code, and configured to store the mapping relationship between the VLAN ID and VNID. 所述处理器1202用于读取所述代码以实现上述方法实施例中由网关代理实现的方法流程。 The processor 1202 for reading the code to implement the above-described method embodiments implemented by a gateway proxy method flow embodiments. 所述输入输出电路1201、所述处理器1202和所述存储器1203通过总线进行通信。 The input-output circuit 1201, the processor 1202 and the memory 1203 communicate via a bus.

[0157] 所述输入输出电路1201,用于接收网关发送的第一报文,其中所述第一报文为根据第一封装标识进行封装的报文。 [0157] The input-output circuit 1201, for receiving a first message sent by a gateway, wherein the first packet is a packet encapsulation package according to the first identifier.

[0158] 所述处理器1202,当所述第一报文是数据报文时,用于对所述第一报文进行解封装,得到第二报文和第一封装标识;根据所述第一封装标识查找VNID与VLAN ID的映射关系以获得所述第一封装标识对应的第二封装标识;其中当所述第一封装标识为VNID时,所述第二封装标识为VLAN ID,当所述第一封装标识为VLAN ID时,所述第二封装标识为VNID ;根据所述第二封装标识对所述第二报文进行封装以得到第三报文。 [0158] The processor 1202, when the first packet is a data packet, for the first packet decapsulated to obtain the first package and the second packet identifier; based on the first a package identification and to find the mapping relationship VNID VLAN ID to obtain a second identity of the first package corresponding to the package identifier; wherein when the first package is identified as VNID, the second package is identified as VLAN ID, when the when identified as said first encapsulating VLAN ID, it is identified as the second package VNID; second encapsulating the packet according to the second package to give a third packet identifier. 所述输入输出电路还用于将所述第三报文发送给网关。 The input-output circuit further configured to send the third message to the gateway. [0159] 可选地,所述处理器1202,还用于当所述第二报文为ARP请求报文时,从所述存储器1203存储的ARP表中查找所述第二报文请求的MAC地址;根据查找到的MAC地址,生成第一ARP应答报文;根据所述第一封装标识,对所述第一ARP应答报文进行封装以得到第四报文;根据与所述第一封装标识对应的MAC转发信息,将所述第四报文发送给所述网关。 [0159] Alternatively, the processor 1202 is further configured to, when the second packet is an ARP request packet, from the ARP lookup table stored in the memory 1203 of the second MAC packet request address; according to the found MAC address, to generate a first ARP reply packet; package according to the first identifier, the first ARP response packet to obtain a fourth encapsulated packet; according to the first package MAC forwarding information corresponding to the identification to transmit the fourth message to the gateway. [0160] 所述存储器1203,还用于存储ARP表和MAC转发信息。 The [0160] memory 1203, and further for storing MAC forwarding the ARP information. [0161] 可选地,所述处理器1201,还用于在所述存储器1203存储的ARP表中查找所述ARP请求报文请求的MAC地址之前,判断所述网关是否为主用网关;若确定所述网关是主用网关,则执行所述从所述存储器1203存储的ARP表中查找所述第二报文请求的MAC地址的操作。 [0161] Alternatively, the processor 1201 is further configured to look in the ARP table stored in the memory 1203 prior ARP request with the MAC address request, determines whether the gateway with the gateway based; if determining whether the gateway is the active gateway, the lookup operation is performed to the second MAC address from the ARP request packet table 1203 stored in the memory. [0162] 本发明实施例提供了一种NVE,应用于NV03网络中,所述NV03网络中设置有服务器和网关。 [0162] Example embodiments of the present invention, there is provided a NVE applied NV03 network, the network is provided with a NV03 servers and gateways. 所述NV03网络通过所述网关与外部网络互通。 NV03 the network through the gateway interworking with external networks. 所述网关与网关代理连接。 The gateway agent connected to the gateway. 所述NVE位于所述服务器中,所述NVE用于管理所述服务器内的虚拟机。 The NVE in said server, the NVE for managing virtual machines in the server. 图13所示的NVE1300包括处理器1301、存储器1302和发送机1303,所述存储器1302被配置存储代码,所述处理器1301用于读取所述代码以实现上述方法实施例中由NVE实现的方法流程。 Shown in FIG. NVE1300 13 includes a processor 1301, memory 1302 and a transmitter 1303, the memory 1302 is configured to store the code, the processor 1301 for reading the code to implement the above-described method embodiments implemented by embodiments NVE methods processes. 举例来说,所述处理器1301、存储器1302和发送接收器1303通过总线进行通信。 For example, the processor 1301, memory 1302 and the transmitter-receiver 1303 communicates via a bus. [0163] 所述发送接收器1303,用于接收虚拟机发送的第五报文;[0164] 所述处理器1301用于当所述第五报文为ARP请求报文时,从存储器1302存储的ARP表中查找所述第五报文请求的MAC地址;若查找到所述第五报文请求的MAC地址,则控制所述发送接收器1303将查找到的MAC地址携带在ARP应答报文中发送给所述虚拟机;若未查找到所述第五报文请求的MAC地址,则根据所述虚拟机对应的VNID,对所述第五报文进行封装以得到第六报文。 [0163] The transmitter receiver 1303 for receiving the fifth message sent by the virtual machine; [0164] When the processor 1301 for the fifth packet is an ARP request packet, stores the memory 1302 ARP table to find the MAC address of the fifth message request; if it can find the MAC address of the fifth packet request, the transmitter receiver control 1303 to find the MAC address in the ARP response packet carrying to send to the virtual machine; failure to find the MAC address of the fifth packet request, the corresponding virtual machine according to the VNID, the fifth encapsulated packet to obtain the sixth packet. [0165] 所述发送接收器1303还用于将所述第六报文发送至网关。 [0165] The transmitting and receiving unit 1303 is further configured to send the packet to the gateway sixth. [0166] 所述存储器1302,还用于存储所述ARP表。 The [0166] Memory 1302, for further storing the ARP table. [0167] 本发明实施例提供了一种网关代理和NVE,所述网关代理与网关连接。 Example embodiments provide a gateway proxy and NVE [0167] the present invention, the gateway agent connected to the gateway. 该网关代理对网关发送至N0V3网络内的网络设备的报文进行NV03封装,对N0V3网络内的网络设备发送到网关的报文进行N0V3解封装,使得网关在不支持NV03封装技术的情况下,仍能够处理N0V3网络与外部网络互通的报文,从而使得在不改变现有网络中网关的硬件配置的情况下,实现NV03技术。 The gateway agent sends to the gateway to the packet network device within N0V3 network NV03 encapsulated packets sent to the gateway is N0V3 decapsulated network devices within N0V3 network, so that the gateway does not support the case NV03 packaging technology, N0V3 still capable of processing network and external packet network interworking so that in case of a hardware configuration without changing the existing network gateway, to achieve NV03 technology. [0168] 通过以上的实施方式的描述,所属领域的技术人员可以清楚地了解到本发明可借助软件加必需的硬件的方式来实现,当然也可以通过硬件来实现。 [0168] By the above described embodiments, those skilled in the art may clearly understand that the present invention may be by means of software and necessary hardware to achieve, of course, it may be realized by hardware. 基于这样的理解,本发明的技术方案的全部或者部分可以以软件产品的形式体现出来,该计算机软件产品存储在可读取的存储介质中,如计算机的软盘,硬盘或光盘等,包括若干指令用以使得一台计算机设备(可以是个人计算机,服务器,或者网络设备等)执行本发明各个实施例所述的方法。 Based on this understanding, the technical solutions of the present invention, all or a portion may be embodied in a software product out, in the storage medium may be readable, such as a floppy disk, hard disk, or optical disk memory of the computer software product, comprising a plurality of instructions that enable a computer device (may be a personal computer, a server, or network device) to execute the methods according to embodiments of the present invention. [0169] 以上所述,仅为本发明的具体实施方式,但本发明的保护范围并不局限于此,任何熟悉本技术领域的技术人员在本发明揭露的技术范围内,可轻易想到变化或替换,都应涵盖在本发明的保护范围之内。 [0169] The above are only specific embodiments of the present invention, but the scope of the present invention is not limited thereto, any skilled in the art in the art within the technical scope of the present invention is disclosed, variations may readily occur or Alternatively, it shall fall within the protection scope of the present invention. 因此,本发明的保护范围应以所述权利要求的保护范围为准。 Accordingly, the scope of the present invention should be defined by the scope of the claims.

Claims (10)

  1. 1.一种报文处理的方法,应用于三层网络虚拟化NV03网络中,所述NV03网络中设置有网关,所述NV03网络通过所述网关与外部网络互通,其特征在于,所述NV03网络中还设置有网关代理,所述网关代理与所述网关连接,所述方法包括: 所述网关代理接收所述网关发送的第一报文,其中所述第一报文为根据第一封装标识封装的报文; 如果所述第一报文为数据报文,所述网关代理对所述第一报文进行解封装,得到第二报文和所述第一封装标识; 所述网关代理根据所述第一封装标识,通过查找虚拟网络标识VNID与虚拟局域网标识VLAN ID的映射关系获得所述第一封装标识对应的第二封装标识;其中当所述第一封装标识为VNID时,所述第二封装标识为VLAN ID,当所述第一封装标识为VLAN ID时,所述第二封装标识为VNID ; 根据所述第二封装标识对所述第二报文进行封装以形成 1. A method of processing packets, is applied to a three-layer network virtualization NV03 network, the network is provided with a gateway NV03, NV03 the network through the gateway interworking with an external network, wherein said NV03 there is also provided a network gateway proxy, the gateway agent connected to the gateway, the method comprising: a first gateway agent receives the packet sent by the gateway, wherein the first packet according to a first package encapsulated packet identifier; if the first packet is a data packet, the gateway to the first proxy decapsulates the packet to obtain a second packet identifier and the first package; and the gateway proxy the identification of the first package, second package to obtain the first package identifier corresponding to the identifier by looking up the mapping relationship between the virtual network identifier to the virtual local area network identifier VNID the VLAN ID; wherein when the first package is identified as VNID, the said second package is identified as VLAN ID, when the first package is identified as VLAN ID, is identified as the second package VNID; encapsulating the packet according to the second identifier to form a second package 三报文; 将所述第三报文发送给所述网关。 Three message; transmitting the third packet to the gateway.
  2. 2.根据权利要求1所述的方法,其特征在于,如果所述第一报文为地址解析协议ARP请求报文,所述网关代理采用与所述第一报文为数据报文时相同的方式处理所述第一报文。 2. The same method as recited in claim 1, wherein, if the first packet is an Address Resolution Protocol ARP request packet, the gateway proxy using the first packet is a data packet processing the first packet manner.
  3. 3.根据权利要求1所述的方法,其特征在于,如果所述第一报文为ARP请求报文,所述第二报文为ARP请求报文,所述方法还包括: 所述网关代理通过查找ARP表获得所述第二报文请求的媒体接入控制MAC地址,其中,所述网关代理存储所述ARP表; 所述网关代理根据所述MAC地址,生成第一ARP应答报文; 所述网关代理根据所述第一封装标识,对所述第一ARP应答报文进行封装以形成第四报文; 所述网关代理根据与所述第一封装标识对应的MAC转发信息,将所述第四报文发送给所述网关。 3. The method according to claim 1, wherein, if the first packet is an ARP request packet, the second packet is an ARP request packet, the method further comprising: the gateway agent by searching the ARP packet to obtain the second requested media access control (MAC) address, wherein the gateway agent stores said ARP table; the gateway agent according to the MAC address, to generate a first ARP reply packet; the gateway agent according to the first package identifier, the first ARP response packet to form a fourth encapsulated packet; forwarding information according to the proxy gateway to the MAC identifier corresponding to the first package, the said fourth packet to the gateway.
  4. 4.根据权利要求3所述的方法,其特征在于,在所述网关代理通过查找所述ARP表获得所述第二报文请求的MAC地址之前,还包括:所述网关代理判断所述网关是否为主用网关; 所述网关代理通过查找所述ARP表获得所述第二报文请求的MAC地址的操作在确定所述网关是主用网关时执行。 4. The method according to claim 3, wherein, prior to said gateway proxy MAC address of the second request message is obtained by looking up the ARP table, further comprising: determining the the gateway proxy gateway whether using a gateway based; obtaining the gateway proxy MAC address request to the second packet by the ARP lookup table determines that the gateway is a gateway host execution.
  5. 5.根据权利要求1-4任意一项所述的方法,所述NV03网络还包括服务器,所述服务器包括网络虚拟化边缘NVE,所述NVE用于管理所述服务器内的虚拟机,其特征在于,所述方法还包括: 所述NVE接收虚拟机发送的第五报文; 当所述第五报文为ARP请求报文时,通过查找所述NVE存储的ARP表获得所述第五报文请求的MAC地址; 若查找到所述第五报文请求的MAC地址,所述NVE将查找到的MAC地址携带在第二ARP应答报文中发送给所述虚拟机; 若未查找到所述第五报文请求的MAC地址,则根据所述虚拟机对应的VNID,对所述第五报文进行封装以获得第六报文,并将所述第六报文发送至所述网关。 5. The method according to any one of claims 1 to 4, further comprising the NV03 network server, said network server comprising a virtual edge NVE, the NVE for managing virtual machines in the server, characterized in said method further comprising: receiving the fifth packets NVE sent by the virtual machine; when the fifth packet is an ARP request packet, by searching the storage NVE said fifth obtaining an ARP packet MAC address request message; if it can find the MAC address of the fifth packet request, the NVE the found MAC address carried in the virtual machine to a second ARP reply packet; failure to find the said fifth MAC address packet request, the corresponding virtual machine according to the VNID, the fifth packet is encapsulated packet to obtain the sixth, and the sixth packet to the gateway.
  6. 6.一种网关代理,应用于三层网络虚拟化NV03网络中,其特征在于,所述网关代理与网关连接,所述NV03网络通过所述网关与外部网络互通,所述网关代理包括: 接收单元,用于接收所述网关发送的第一报文,其中所述第一报文为根据第一封装标识封装的报文; 解封装单元,当所述第一报文为数据报文时,用于对所述接收单元接收到的所述第一报文进行解封装,得到第二报文和所述第一封装标识; 查找单元,用于根据所述第一封装标识查找VNID与VLAN ID的映射关系以获得对应的第二封装标识;其中当所述第一封装标识为VNID时,所述第二封装标识为VLAN ID,当所述第一封装标识为VLAN ID时,所述第二封装标识为VNID ; 封装单元,用于根据所述查找单元查找到的所述第二封装标识对所述第二报文进行封装以形成第三报文; 发送单元,用于将所述第三报文发送给 A gateway agent, is applied to a three-layer network virtualization NV03 network, wherein the gateway agent connected to the gateway, the gateway NV03 network through the interworking with an external network, the gateway agent includes: receiving means for receiving a first message sent by the gateway, wherein the first packet according to a first packet identifier encapsulation package; decapsulating unit time when the first packet is a data packet, receiving means for receiving the first packet decapsulates obtain a second packet identifier and the first package; searching unit configured to search with VNID VLAN ID according to the first package identification to obtain a mapping between the identifier corresponding to the second package; wherein when the first package is identified as VNID, the second package is identified as VLAN ID, when the first package is identified as VLAN ID, the second package identified as VNID; encapsulation unit, the searching unit according to the second package to find the second identification packet encapsulation to form a third packet; transmitting means for the third packet to 述网关。 Said gateway.
  7. 7.根据权利要求6所述的网关代理,其特征在于,如果所述第一报文为地址解析协议ARP请求报文,所述解封装单元、所述查找单元、所述封装单元和所述发送单元采用与所述第一报文为数据报文时相同的方式处理所述第一报文。 The gateway agent according to claim 6, wherein, if the first packet is an Address Resolution Protocol ARP request packet, the decapsulating unit, the searching unit, the packaging unit and the the same manner as the first processing unit using the packet is sent to the first packet is a data packet.
  8. 8.根据权利要求6所述的网关代理,其特征在于,如果所述第一报文是ARP请求报文,则所述第二报文是ARP请求报文,所述网关代理还包括:存储单元,用于存储ARP表; 所述查找单元,还用于在所述第二报文为ARP请求报文时,从所述存储单元存储的ARP表中查找所述第二报文请求的MAC地址; 所述网关代理还包括生成单元,用于根据所述查找单元查找到的MAC地址,生成第一ARP应答报文; 所述封装单元,还用于根据所述第一封装标识,对所述生成单元生成的所述第一ARP应答报文进行封装以形成第四报文; 所述发送单元,还用于根据与所述第一封装标识对应的MAC转发信息,将所述第四报文发送给所述网关。 8. The gateway agent according to claim 6, wherein, if the first packet is the ARP request packet, the second packet is the ARP request packet, the gateway agent further comprising: a storage the MAC search unit is further configured to the second packet is an ARP request packet, from the ARP lookup table stored in the storage unit of the second request packet; means for storing the ARP address; the gateway generating agent further comprises means for deriving from said search unit to find the MAC address to generate a first ARP reply packet; the packaging unit according to the first package for further identification of the the generating unit generates said first ARP reply packet to form a fourth encapsulated packet; and the sending unit, further configured to forward the package to the first identification information corresponding to the MAC, the fourth message sending to the gateway.
  9. 9.根据权利要求8所述的网关代理,其特征在于,还包括判断单元,用于判断所述网关是否为主用网关; 所述查找单元,具体用于在所述判断单元确定所述网关是主用网关时,从所述存储单元存储的ARP表中查找所述第二报文请求的MAC地址。 9. The gateway agent according to claim 8, characterized by further comprising determining means for determining whether the gateway with the gateway based; the searching unit when the determining unit determines that the gateway when the active gateway looks up the MAC address of the second packet request from the ARP table of the storage unit stores.
  10. 10.一种网络虚拟边缘NVE,其特征在于,所述NVE应用于三层网络虚拟化NV03网络中,所述NV03网络中设置有服务器和网关,所述NV03网络通过所述网关与外部网络互通,所述网关连接网关代理,所述NVE位于所述服务器中,所述NVE用于管理所述服务器内的虚拟机,所述NVE包括: 存储单元,用于保存地址解析协议ARP表; 接收单元,用于接收虚拟机发送的第五报文; 查找单元,用于在所述接收单元接收的所述第五报文为ARP请求报文时,从所述存储单元存储的所述ARP表中查找所述第五报文请求的MAC地址; 发送单元,用于在所述查找单元查找到所述第五报文请求的MAC地址时,将查找到的MAC地址携带在ARP应答报文中发送给所述虚拟机;还用于在所述查找单元未查找到所述第五报文请求的MAC地址时,根据所述虚拟机对应的VNID对所述第五报文进行封装以得到第六报文,并 A virtual network edge NVE, wherein said NVE the gateway interworking with an external network is applied to a three-layer network virtualization NV03 network, the network is provided with a NV03 server and gateway network by the NV03 the gateway agent connected to the gateway, said server is located in the NVE, the NVE for managing virtual machines in the server, the NVE comprising: a storage unit configured to store address resolution protocol ARP table; a receiving unit , receiving a fifth message sent by the virtual machine; searching unit configured to, when the receiving unit receives the fifth packet is an ARP request packet, from the ARP table stored in the storage unit searching the MAC address of the fifth message request; transmitting means for, when said search unit to find the MAC address of the fifth packet request will find the MAC address carried in the ARP response packet sent in to the virtual machine; further configured to, when the search unit has not found the fifth MAC address request message, according to the virtual machine corresponding to the fifth VNID encapsulated packet to obtain the sixth message and 将所述第六报文发送至网关。 The sixth packet to the gateway.
CN 201310107847 2013-03-29 2013-03-29 A method and apparatus for processing text messages CN103200069B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN 201310107847 CN103200069B (en) 2013-03-29 2013-03-29 A method and apparatus for processing text messages

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN 201310107847 CN103200069B (en) 2013-03-29 2013-03-29 A method and apparatus for processing text messages

Publications (2)

Publication Number Publication Date
CN103200069A true true CN103200069A (en) 2013-07-10
CN103200069B CN103200069B (en) 2016-01-27

Family

ID=48722433

Family Applications (1)

Application Number Title Priority Date Filing Date
CN 201310107847 CN103200069B (en) 2013-03-29 2013-03-29 A method and apparatus for processing text messages

Country Status (1)

Country Link
CN (1) CN103200069B (en)

Cited By (24)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN104158718A (en) * 2014-08-25 2014-11-19 杭州华三通信技术有限公司 A message processing method and device
CN104301446A (en) * 2014-08-08 2015-01-21 杭州华三通信技术有限公司 Message processing method, switch device and system
CN104301232A (en) * 2014-10-29 2015-01-21 杭州华三通信技术有限公司 Method and device for forwarding messages in network of transparent interconnection of lots of links
CN104348726A (en) * 2013-08-02 2015-02-11 杭州华三通信技术有限公司 Message forwarding method and device
CN104378300A (en) * 2014-11-27 2015-02-25 盛科网络(苏州)有限公司 Processing method for achieving Vxlan two-layer forwarding table in chip
CN104410560A (en) * 2014-11-27 2015-03-11 盛科网络(苏州)有限公司 Method for realizing BUM packet forwarding through NVGRE unicast
CN104426680A (en) * 2013-09-03 2015-03-18 华为技术有限公司 Data transmission method, device and system
CN104518940A (en) * 2014-10-27 2015-04-15 华为技术有限公司 Communication method and device for NVO3 (network virtualization over layer 3) network and MPLS (multi-protocol label switching) network
CN104601427A (en) * 2013-10-31 2015-05-06 杭州华三通信技术有限公司 Message forwarding method and device in data center network
CN104702708A (en) * 2013-12-06 2015-06-10 华为技术有限公司 Method, equipment and system for obtaining address resolution protocol information, and network virtualization endpoint
CN104702476A (en) * 2013-12-05 2015-06-10 华为技术有限公司 Distributed gateway, message processing method and message processing device based on distributed gateway
WO2015081734A1 (en) * 2013-12-04 2015-06-11 华为技术有限公司 Sending method for sending arp packet in vxlan, vtep, and vxlan controller
CN104869042A (en) * 2014-02-20 2015-08-26 华为技术有限公司 Message forwarding method and message forwarding device
CN105122776A (en) * 2014-01-20 2015-12-02 华为技术有限公司 Address acquisition method and network edge device virtualization
WO2015180120A1 (en) * 2014-05-30 2015-12-03 华为技术有限公司 Packet forwarding method, forwarding entry delivery method, and network device
CN105227421A (en) * 2014-07-03 2016-01-06 杭州华三通信技术有限公司 Method and device for message processing in overlay network
CN105306335A (en) * 2015-11-11 2016-02-03 杭州数梦工场科技有限公司 Message forwarding method and device
WO2016065920A1 (en) * 2014-10-29 2016-05-06 中兴通讯股份有限公司 Method and system for providing virtual network service
WO2016177315A1 (en) * 2015-05-04 2016-11-10 Hangzhou H3C Technologies Co., Ltd. Multicast data packet forwarding
WO2016177322A1 (en) * 2015-05-04 2016-11-10 Hangzhou H3C Technologies Co., Ltd. Multicast data packet forwarding
WO2016177145A1 (en) * 2015-07-06 2016-11-10 中兴通讯股份有限公司 Packet transmission method and device
US9916174B2 (en) 2015-05-27 2018-03-13 International Business Machines Corporation Updating networks having virtual machines with migration information
EP3292659A4 (en) * 2015-05-04 2018-04-18 New H3C Tech Co Ltd Multicast data packet forwarding
CN105490995B (en) * 2014-09-30 2018-04-20 国际商业机器公司 Nve one kind of packet forwarding method and device networks in nvo3

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP2252096A1 (en) * 2009-05-14 2010-11-17 Avaya Inc. Unifying local and mobility network identifiers
CN102938794A (en) * 2012-11-14 2013-02-20 华为技术有限公司 Address resolution protocol (ARP) message forwarding method, exchanger and controller
CN102970227A (en) * 2012-11-12 2013-03-13 盛科网络(苏州)有限公司 Method and device for achieving virtual extensible local area network (VXLAN) message transmitting in application specific integrated circuit (ASIC)

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP2252096A1 (en) * 2009-05-14 2010-11-17 Avaya Inc. Unifying local and mobility network identifiers
CN102970227A (en) * 2012-11-12 2013-03-13 盛科网络(苏州)有限公司 Method and device for achieving virtual extensible local area network (VXLAN) message transmitting in application specific integrated circuit (ASIC)
CN102938794A (en) * 2012-11-14 2013-02-20 华为技术有限公司 Address resolution protocol (ARP) message forwarding method, exchanger and controller

Cited By (33)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN104348726A (en) * 2013-08-02 2015-02-11 杭州华三通信技术有限公司 Message forwarding method and device
CN104426680A (en) * 2013-09-03 2015-03-18 华为技术有限公司 Data transmission method, device and system
CN104426680B (en) * 2013-09-03 2018-03-16 华为技术有限公司 Data transmission method, apparatus and system for
US9838462B2 (en) 2013-09-03 2017-12-05 Huawei Technologies Co., Ltd. Method, apparatus, and system for data transmission
WO2015062529A1 (en) * 2013-10-31 2015-05-07 Hangzhou H3C Technologies Co., Ltd. Packet forwarding in data center network
CN104601427B (en) * 2013-10-31 2018-03-06 新华三技术有限公司 Method and apparatus for packet forwarding in a data center network
CN104601427A (en) * 2013-10-31 2015-05-06 杭州华三通信技术有限公司 Message forwarding method and device in data center network
WO2015081734A1 (en) * 2013-12-04 2015-06-11 华为技术有限公司 Sending method for sending arp packet in vxlan, vtep, and vxlan controller
CN104702476A (en) * 2013-12-05 2015-06-10 华为技术有限公司 Distributed gateway, message processing method and message processing device based on distributed gateway
CN104702708A (en) * 2013-12-06 2015-06-10 华为技术有限公司 Method, equipment and system for obtaining address resolution protocol information, and network virtualization endpoint
CN105122776A (en) * 2014-01-20 2015-12-02 华为技术有限公司 Address acquisition method and network edge device virtualization
WO2015123987A1 (en) * 2014-02-20 2015-08-27 华为技术有限公司 Packet forwarding method and device
CN104869042A (en) * 2014-02-20 2015-08-26 华为技术有限公司 Message forwarding method and message forwarding device
WO2015180120A1 (en) * 2014-05-30 2015-12-03 华为技术有限公司 Packet forwarding method, forwarding entry delivery method, and network device
CN105227421A (en) * 2014-07-03 2016-01-06 杭州华三通信技术有限公司 Method and device for message processing in overlay network
CN104301446A (en) * 2014-08-08 2015-01-21 杭州华三通信技术有限公司 Message processing method, switch device and system
CN104158718B (en) * 2014-08-25 2017-06-13 新华三技术有限公司 One kind of packet processing method and apparatus
CN104158718A (en) * 2014-08-25 2014-11-19 杭州华三通信技术有限公司 A message processing method and device
CN105490995B (en) * 2014-09-30 2018-04-20 国际商业机器公司 Nve one kind of packet forwarding method and device networks in nvo3
CN104518940A (en) * 2014-10-27 2015-04-15 华为技术有限公司 Communication method and device for NVO3 (network virtualization over layer 3) network and MPLS (multi-protocol label switching) network
WO2016066072A1 (en) * 2014-10-27 2016-05-06 华为技术有限公司 Method and device for realizing communication between nvo3 network and mpls network
WO2016065920A1 (en) * 2014-10-29 2016-05-06 中兴通讯股份有限公司 Method and system for providing virtual network service
CN104301232A (en) * 2014-10-29 2015-01-21 杭州华三通信技术有限公司 Method and device for forwarding messages in network of transparent interconnection of lots of links
CN104301232B (en) * 2014-10-29 2017-10-03 新华三技术有限公司 A multi-link transparent internetwork packet forwarding method and apparatus
CN104378300B (en) * 2014-11-27 2018-04-03 盛科网络(苏州)有限公司 An implementation approach Vxlan Layer 2 forwarding table in the chip
CN104410560A (en) * 2014-11-27 2015-03-11 盛科网络(苏州)有限公司 Method for realizing BUM packet forwarding through NVGRE unicast
CN104378300A (en) * 2014-11-27 2015-02-25 盛科网络(苏州)有限公司 Processing method for achieving Vxlan two-layer forwarding table in chip
WO2016177322A1 (en) * 2015-05-04 2016-11-10 Hangzhou H3C Technologies Co., Ltd. Multicast data packet forwarding
WO2016177315A1 (en) * 2015-05-04 2016-11-10 Hangzhou H3C Technologies Co., Ltd. Multicast data packet forwarding
EP3292659A4 (en) * 2015-05-04 2018-04-18 New H3C Tech Co Ltd Multicast data packet forwarding
US9916174B2 (en) 2015-05-27 2018-03-13 International Business Machines Corporation Updating networks having virtual machines with migration information
WO2016177145A1 (en) * 2015-07-06 2016-11-10 中兴通讯股份有限公司 Packet transmission method and device
CN105306335A (en) * 2015-11-11 2016-02-03 杭州数梦工场科技有限公司 Message forwarding method and device

Also Published As

Publication number Publication date Type
CN103200069B (en) 2016-01-27 grant

Similar Documents

Publication Publication Date Title
US8259571B1 (en) Handling overlapping IP addresses in multi-tenant architecture
US8396946B1 (en) Managing integration of external nodes into provided computer networks
US20090063706A1 (en) Combined Layer 2 Virtual MAC Address with Layer 3 IP Address Routing
US20110075667A1 (en) Layer 2 seamless site extension of enterprises in cloud computing
US20150009992A1 (en) Communication Between Endpoints in Different VXLAN Networks
US8683023B1 (en) Managing communications involving external nodes of provided computer networks
US20120307826A1 (en) Medium for storing packet conversion program, packet conversion apparatus and packet conversion method
US20130044629A1 (en) Virtual network overlays and methods of forming thereof
US20110075674A1 (en) Scalable architecture for enterprise extension in a cloud topology
US8644188B1 (en) Providing virtual networking functionality for managed computer networks
US8369333B2 (en) Method and apparatus for transparent cloud computing with a virtualized network infrastructure
US20130322453A1 (en) Routing vlan tagged packets to far end addresses of virtual forwarding instances using separate administrations
US20140201733A1 (en) Scalable network overlay virtualization using conventional virtual switches
US20150043581A1 (en) Intelligent Handling of Virtual Machine Mobility in Large Data Center Environments
US20070280243A1 (en) Network Virtualization
US20130058346A1 (en) Distributed Routing Domains in Multi-Tenant Datacenter Virtual Networks
US20130332602A1 (en) Physical path determination for virtual network packet flows
US20140146817A1 (en) System and Method for VXLAN Intern-Domain Communications
US20140192804A1 (en) Systems and methods for providing multicast routing in an overlay network
US20140269709A1 (en) Virtual gateways and implicit routing in distributed overlay virtual environments
US20130332577A1 (en) Multitenant server for virtual networks within datacenter
US20140092907A1 (en) Method and system for virtual and physical network integration
EP2874359A1 (en) Extended ethernet fabric switches
US8560646B1 (en) Managing communications using alternative packet addressing
US20150063353A1 (en) Implementation of virtual extensible local area network (vxlan) in top-of-rack switches in a network environment

Legal Events

Date Code Title Description
C06 Publication
C10 Entry into substantive examination
C14 Grant of patent or utility model