CN103200069B - A kind of method and apparatus of Message processing - Google Patents

A kind of method and apparatus of Message processing Download PDF

Info

Publication number
CN103200069B
CN103200069B CN201310107847.5A CN201310107847A CN103200069B CN 103200069 B CN103200069 B CN 103200069B CN 201310107847 A CN201310107847 A CN 201310107847A CN 103200069 B CN103200069 B CN 103200069B
Authority
CN
China
Prior art keywords
described
message
gateway
package identification
network
Prior art date
Application number
CN201310107847.5A
Other languages
Chinese (zh)
Other versions
CN103200069A (en
Inventor
郝卫国
Original Assignee
华为技术有限公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 华为技术有限公司 filed Critical 华为技术有限公司
Priority to CN201310107847.5A priority Critical patent/CN103200069B/en
Publication of CN103200069A publication Critical patent/CN103200069A/en
Application granted granted Critical
Publication of CN103200069B publication Critical patent/CN103200069B/en

Links

Abstract

Provide a kind of method and apparatus of Message processing, relate to communication technical field.In NVO3 network, gateway proxy is set, gateway in NVO3 network is connected with gateway proxy, use this gateway proxy to the encapsulation technology of the encapsulation technology and NVO3 that provide traditional two layer message, to realize, when not changing the hardware configuration of original gateway, realizing NVO3 technology.

Description

A kind of method and apparatus of Message processing

Technical field

The present invention relates to communication technical field, particularly relate to a kind of method and apparatus of Message processing.

Background technology

In the data in the heart, the virtualization applications of server is more and more extensive, and after server virtualization, each physical server can support multiple VM (VirtualMachine, virtual machine), operating system, middleware and the application program of each VM independent operating oneself.In order to improve the reliability of data center's hardware resource service efficiency and business, need allow VM in the data interior portion carry out free migration.

Utilize the Intel Virtualization Technology of server, same typical data center can provide the business such as trust server for different tenant.Tenant is the user of data center resource, the management entity of a corresponding virtual network or multiple virtual network.Different tenant can belong to different companies or different department, and in order to ensure the data security of tenant, need between different tenant to carry out flow isolation by virtual network, this just requires that data center's internal physical network can be divided into different virtual networks.

In order to realize VM in the data interior portion carry out the division of different virtual network in free migration and data center's internal physical network, NVO3 (NetworkVirtualizationoverLayer3 is provided in prior art, three-layer network is virtual) technology, by the tunnel encapsulation of MacInIP, make VM realization across the migration of IP network, after migration, IP address does not change.For example, Mac (MediaAccessControl, medium education) InIP (InternetProtocol, Internet protocol) be specifically as follows MacInUDP (UserDatagramProtocol, User Datagram Protoco (UDP)), or MacInGRE (GenericRoutingEncapsulation, generic route encapsulation), or MacInTCP (TransmissionControlProtocol, transmission control protocol).Comprise tenant identification in the message encapsulation of NVO3, tenant ID is designated 24bit (position), therefore can support at most the tenant of 16M, can meet the demand of cloud computing epoch many tenants number.The operation principle of this technology comprises: the message sent from VM, searches MAC transmit by the first jumping network equipment.If arrive object VM to need to cross over IP network, then need to jump the network equipment by described first and carry out NVO3 encapsulation.Object IP address in header after encapsulation is the object IP address in NVO3 far-end tunnel.Message is jumped after the network equipment sends from described first, and rest network equipment carries out forwarded hop-by-hop according to outer object IP address, is indifferent to the load of inner carrying.After arriving object equipment, carry out decapsulation, then mail to object VM.The first jumping network equipment can be the VS (VirtualSwitch, virtual switch) in traditional switch, router or server.Tenant is identified additionally by increasing VNID (VirtualNetworkIdentifier, virtual process identifications) between three layers of IP head and original two layer message.The corresponding L 2 broadcast territory of each VNID.The flow in different L 2 broadcast territory is mutually isolated.

Virtual network can use VXLAN (VirtualExtensibleLocalAreaNetwork, virtual expansion local area network (LAN)), NVGRE (NetworkVirtualizationusingGenericRoutingEncapsulation, use the network virtualization of generic route encapsulation), any one technology in STT (StatelessTransportTunneling, stateless transmission tunnel) builds.NVO3 encapsulation can encapsulate for VXLAN, NVGRE encapsulate, STT encapsulate in any one, be described for VXLAN below.The message sent for VM encapsulates, and uses VXLAN technology when carrying out decapsulation to the message after encapsulation, and this VXLAN technology is different from the vlan technology used in two layers of general bridge coil, is also different from the ethernet technology that three-layer network uses.And gateway of the prior art only supported vlans technology and ethernet technology, cannot realize VXLAN technology, that is, the hardware configuration of more new gateway must could realize NVO3 technology, cost is high.

Summary of the invention

Embodiments of the invention provide a kind of method of Message processing, gateway proxy and NVE, and the hardware configuration for solving more new gateway in prior art could realize the problem of NVO3 technology, thus reduces costs.

For achieving the above object, embodiments of the invention are according to following technical scheme:

First aspect, present embodiments provide a kind of method of data message process, be applied in the virtual NVO3 network of three-layer network, gateway is provided with in described NVO3 network, described NVO3 network is by described gateway and external network intercommunication, also be provided with gateway proxy in described NVO3 network, described gateway proxy is connected with described gateway, and described method comprises:

Described gateway proxy receives the first message that described gateway sends, and wherein said first message is the message according to the first package identification encapsulation;

If described first message is data message, described gateway proxy carries out decapsulation to described first message, obtains the second message and described first package identification;

Described gateway proxy, according to described first package identification, obtains the second package identification corresponding to described first package identification by searching virtual process identifications VNID with the mapping relations of VLAN ID VLANID; Wherein when described first package identification is VNID, described second package identification is VLANID, and when described first package identification is VLANID, described second package identification is VNID;

Encapsulate to form the 3rd message to described second message according to described second package identification;

Described 3rd message is sent to described gateway.

In conjunction with first aspect, in the implementation that the first is possible, if described first message is ARP (AddressResolutionProtocol, address resolution protocol) request message, it is the first message described in mode process identical during data message that described gateway proxy adopts with described first message.

In conjunction with first aspect, in the implementation that the second is possible, if described first message is ARP request message, described second message is ARP request message, and described method also comprises:

Described gateway proxy obtains the MAC address of described second message request by searching ARP table, wherein, described gateway proxy stores described ARP table;

Described gateway proxy, according to described MAC Address, generates the first arp reply message;

Described gateway proxy, according to described first package identification, encapsulates to form the 4th message to described first arp reply message;

Described 4th message, according to the MAC forwarding information corresponding with described first package identification, is sent to described gateway by described gateway proxy.

In conjunction with the implementation that the second of first aspect is possible, in the implementation that the third is possible, described gateway proxy by search described ARP table obtain described second message request MAC Address before, also comprise: described gateway proxy judges whether described gateway is primary gateway;

Perform when described gateway proxy is by searching described ARP table and obtaining operating in and determining that described gateway is primary gateway of the MAC Address of described second message request.

Any one in possible implementation is planted in conjunction with first three of first aspect or first aspect, in the 4th kind of possible implementation, described NVO3 network also comprises server, described server comprises network virtualization edge NVE, described NVE is for managing the virtual machine in described server, and described method also comprises:

The 5th message that described NVE sink virtual machine sends;

When described 5th message is ARP request message, the ARP table stored by searching described NVE obtains the MAC Address of described 5th message request;

If find the MAC Address of described 5th message request, the MAC Address found is carried in the second arp reply message and sends to described virtual machine by described NVE;

If do not find the MAC Address of described 5th message request, then corresponding according to described virtual machine VNID, encapsulate to obtain the 6th message to described 5th message, and described 6th message is sent to described gateway.

Second aspect, the present embodiment additionally provides a kind of gateway proxy, and be applied in the virtual NVO3 network of three-layer network, described gateway proxy is connected with gateway, and described NVO3 network is by described gateway and external network intercommunication, and described gateway proxy comprises:

Receiving element, for receiving the first message that described gateway sends, wherein said first message is the message according to the first package identification encapsulation;

Decapsulation unit, when described first message is data message, carries out decapsulation for described first message received described receiving element, obtains the second message and described first package identification;

Search unit, for searching the mapping relations of VNID and VLANID according to described first package identification to obtain the second corresponding package identification; Wherein when described first package identification is VNID, described second package identification is VLANID, and when described first package identification is VLANID, described second package identification is VNID;

Encapsulation unit, described second package identification found for searching unit described in basis encapsulates to form the 3rd message to described second message;

Transmitting element, for sending to described gateway by described 3rd message.

In conjunction with second aspect, in the implementation that the first is possible, if described first message is ARP request message, described decapsulation unit, described in search that unit, described encapsulation unit and described transmitting element adopt with described first message be the first message described in mode process identical during data message.

In conjunction with second aspect, in the implementation that the second is possible, if described first message is ARP request message, then described second message is ARP request message, and described gateway proxy also comprises: memory cell, for storing ARP table;

Describedly search unit, also for when described second message is ARP request message, from the ARP table of described cell stores, search the MAC Address of described second message request;

Described gateway proxy also comprises generation unit, for searching the MAC Address that unit finds described in basis, generates the first arp reply message;

Described encapsulation unit, also for according to described first package identification, encapsulates to form the 4th message to the described first arp reply message that described generation unit generates;

Described transmitting element, also for according to the MAC forwarding information corresponding with described first package identification, sends to described gateway by described 4th message.

In conjunction with the implementation that the second of second aspect is possible, in the implementation that the third is possible, this gateway proxy also comprises judging unit, for judging whether described gateway is primary gateway;

Describedly search unit, specifically for when described judging unit determines that described gateway is primary gateway, from the ARP table of described cell stores, search the MAC Address of described second message request.

The third aspect, the present embodiment additionally provides a kind of NVE, described NVE is applied in the virtual NVO3 network of three-layer network, server and gateway is provided with in described NVO3 network, described NVO3 network is by described gateway and external network intercommunication, and described gateway connects gateway proxy, and described NVE is arranged in described server, described NVE is for managing the virtual machine in described server, and described NVE comprises:

Memory cell, for preserving ARP table;

Receiving element, for the 5th message that sink virtual machine sends;

Searching unit, when described 5th message for receiving at described receiving element is ARP request message, from the described ARP table of described cell stores, searching the MAC Address of described 5th message request;

Transmitting element, for described search unit find the MAC Address of described 5th message request time, the MAC Address found is carried in arp reply message and sends to described virtual machine; Also for described search unit do not find the MAC Address of described 5th message request time, the VNID corresponding according to described virtual machine encapsulates to obtain the 6th message to described 5th message, and described 6th message is sent to gateway.

Embodiments provide a kind of method of Message processing, gateway proxy and network virtualization edge, h.323-configured gateway agency in NOV3 network, gateway proxy is connected with gateway.The message using this gateway proxy gateway to be sent to the network equipment of NOV3 network internal carries out NVO3 encapsulation, the message network equipment of NOV3 network internal being sent to gateway carries out NOV3 decapsulation, make gateway when not supporting NVO3 to encapsulate reconciliation encapsulation technology, still can process the message of NOV3 network and external network intercommunication, thus make, when not changing the hardware configuration of gateway in existing network, to realize NVO3 technology.

Accompanying drawing explanation

In order to be illustrated more clearly in the embodiment of the present invention or technical scheme of the prior art, be briefly described to the accompanying drawing used required in embodiment or description of the prior art below, apparently, accompanying drawing in the following describes is only some embodiments of the present invention, for those of ordinary skill in the art, under the prerequisite not paying creative work, other accompanying drawing can also be obtained according to these accompanying drawings.

Fig. 1 is the composition frame chart of a kind of NVO3 network in the embodiment of the present invention;

Fig. 2 is the method flow diagram of a kind of Message processing in the embodiment of the present invention;

Fig. 3 is the method flow diagram of the another kind of Message processing in the embodiment of the present invention;

Fig. 4 is the method flow diagram of the another kind of Message processing in the embodiment of the present invention;

Fig. 5 is the method flow diagram of the another kind of Message processing in the embodiment of the present invention;

Fig. 6 is the method flow diagram of the another kind of Message processing in the embodiment of the present invention;

Fig. 7 is the method flow diagram of the another kind of Message processing in the embodiment of the present invention;

Fig. 8 is the composition frame chart of a kind of gateway proxy in the embodiment of the present invention;

Fig. 9 is the composition frame chart of the another kind of gateway proxy in the embodiment of the present invention;

Figure 10 is the composition frame chart of the another kind of gateway proxy in the embodiment of the present invention;

Figure 11 is the composition frame chart of a kind of NVE in the embodiment of the present invention;

The composition frame chart of the another kind of gateway proxy that Figure 12 provides for the embodiment of the present invention;

The composition frame chart of the another kind of NVE that Figure 13 provides for the embodiment of the present invention.

Embodiment

Below in conjunction with the accompanying drawing in the embodiment of the present invention, be clearly and completely described the technical scheme in the embodiment of the present invention, obviously, described embodiment is only the present invention's part embodiment, instead of whole embodiments.Based on the embodiment in the present invention, those of ordinary skill in the art, not making the every other embodiment obtained under creative work prerequisite, belong to the scope of protection of the invention.

The technical scheme that the embodiment of the present invention provides can be applicable to NVO3 network, and this NVO3 network can comprise server and gateway.Alternatively, server can comprise NVE (networkvirtualizationedge, network virtualization edge).NVE, as the edge logic entity realized based on the network virtualization of overlay technology, can hide the true address (such as MAC and/or IP address) of tenant, can carry out encapsulation and the decapsulation of NVO3 message.For example, server is connected to gateway by the NVO3 network be made up of access switch and core switch, and run one or more virtual machine in server, the virtual machine in same server is by the NVE unified management in this server.Described gateway can not support NVO3 encapsulation technology, and described NVO3 network is by described gateway and external network intercommunication.In this NVO3 network, gateway is connected with gateway proxy.For example, gateway can directly be connected with gateway proxy.Alternatively, gateway can be connected by double layer network with gateway proxy.The mapping relations this gateway proxy configuring VNID and VLANID represent, this gateway proxy can realize ether encapsulation and encapsulate and NOV3 decapsulation with ether decapsulation and NOV3.

NVO3 encapsulation can encapsulate for VXLAN, NVGRE encapsulate, STT encapsulate in any one, be described for VXLAN below.Shown in Fig. 1, this network architecture includes a gateway, and this gateway is connected with gateway proxy.This gateway is connected to external network and two core switch.NVO3 network comprises two core switch and four access switch.Each access switch is connected with a server, is respectively server 1-server 4, and running in each server has two virtual machines, and wherein virtual machine VM1, VM3, VM5, VM7 belongs to vxlan1, and virtual machine VM2, VM4, VM6, VM8 belong to vxlan2.

Based on above-mentioned network as shown in Figure 1, embodiments provide a kind of method of Message processing, as shown in Figure 2, the method comprises following operation.

201, gateway proxy receives the first message that gateway sends.

Wherein, described first message is the message according to the first package identification encapsulation.Alternatively, described first message can be data message, or ARP request message, or other request messages.Described first package identification can be VNID or VLANID.

Wherein, a VNID corresponds to a L 2 broadcast territory, isolates the flow of different tenant.The different virtual machine belonging to same virtual network example (virtualnetworkinstance, VNI) can have identical VNID.

The first message that described gateway is sent to gateway proxy can be the message that gateway is initiatively initiated, and also can be the message that other network equipments send to gateway proxy via gateway.

202, gateway proxy carries out decapsulation to described first message, obtains the second message and the first package identification.

Wherein, if the first message is through the message of ether encapsulation, gateway proxy uses ether decapsulation to obtain the second message and VLANID.If the first message is through the message of NVO3 encapsulation, gateway proxy uses VXLAN decapsulation to obtain the second message and VNID.

VXLAN encapsulation technology is the one in NVO3 encapsulation technology, and its encapsulation format is as shown in table 1 below.

Table 1

Wherein, the IP address of the source IP address in tunnel: NVE.

The object IP address in tunnel: for clean culture is the IP address of opposite end NVE; For multicast, it is multicast group address.VXLANID and multicast group address one_to_one corresponding.

Outer target MAC (Media Access Control) address: use outer layer tunnel carries out next-hop mac address when IP forwards, message is when NVO3 network repeating, and outer target MAC (Media Access Control) address hop-by-hop changes.

Outer source MAC: use outer layer tunnel carries out source MAC when IP forwards, message is when NVO3 network repeating, and outer source MAC hop-by-hop changes.

VXLANID: be exactly VNID.

203, gateway proxy searches the mapping relations of VNID and VLANID to obtain the second package identification corresponding to described first package identification according to described first package identification.

Wherein, when described first package identification is VNID, described second package identification is VLANID, and when described first package identification is VLANID, described second package identification is VNID.

Wherein, described VNID and VLANID mapping relations can be pre-configured in gateway proxy, for representing the corresponding relation between VXLAN and VLAN.

204, encapsulate to obtain the 3rd message to described second message according to described second package identification, and described 3rd message is sent to described gateway.

For example, when gateway receives the NOV3 message that the server in vxlan network sends, gateway sends to the first message of gateway proxy to be NOV3 message.Gateway proxy sends described first message and carries out vxlan decapsulation.Alternatively, when gateway receives the message from the equipment outside vxlan network, described first message is sent gateway proxy by gateway, and gateway proxy carries out ether decapsulation and vxlan encapsulation to described first message.Therefore, the equipment outside vxlan network can with the devices communicating in vxlan network.

Embodiments provide a kind of method of Message processing, arrange gateway proxy in NOV3 network, gateway proxy is connected with gateway.This gateway proxy carries out NVO3 encapsulation to the message that gateway is sent to the network equipment in NOV3 network, the message network equipment in NOV3 network being sent to gateway carries out the decapsulation of NOV3 network, make gateway when not supporting NVO3 encapsulation technology, still can process from NOV3 network or the message mailing to NOV3 network, thus make, when not changing the hardware configuration of gateway in existing network, to realize NVO3 technology.

In above-mentioned technical scheme as shown in Figure 2, when gateway receives the ARP request message from server, this ARP request message is sent to gateway proxy by gateway.Now, above-mentioned first message is this ARP request message, and gateway proxy carries out NOV3 decapsulation to this ARP request message, then issues gateway.Gateway generates ARPreply (response) message, and ARPreply message is sent it back described server through described gateway proxy.In this case, the embodiment of the present invention additionally provides a kind of method of Message processing, and gateway proxy provides ARPproxy (agency), and can alleviate the pressure of gateway response ARP request, as shown in Figure 3, the method, comprising:

301, when described second message is ARP request message, described gateway proxy obtains the MAC Address of described second message request by the ARP table of searching the storage of described gateway proxy.

Wherein, described gateway proxy determines that whether described second message is that the method for ARP request message can with reference to the determination methods of gateway, such as, is judged by the MAC Address of gateway interface corresponding to described second message.

Wherein, described ARP table can pre-set on gateway proxy.Or gateway proxy learns to obtain described ARP table by intercepting the ARP message forwarded through described gateway proxy.

302, described gateway proxy is according to the MAC Address obtained, and generates the first arp reply message.

303, described gateway proxy is according to described first package identification, encapsulates to form the 4th message to described first arp reply message.

304, described gateway proxy is according to the MAC forwarding information corresponding with described first package identification, and described 4th message is sent to described gateway.

For example, in the present embodiment, the ARP request message that described gateway proxy carries out replying can be the request message for asking gateway MAC address that virtual machine in server sends, and also can be the request message of the network equipment MAC Address in the request vxlan that sends of gateway.

Alternatively, when gateway proxy cannot be replied, still need the technical scheme described in integrating step 203 to 204, described in gateway proxy process, ARP request message, then issues gateway, carries out arp reply by gateway.

In the present embodiment, gateway proxy preserves ARP table, realize the function of the ARP request message that response gateway is sent, thus when gateway proxy can carry out arp response, replace gateway to send arp reply message, thus the pressure of gateway response ARP request message can be alleviated, simultaneously, also can reduce the message interaction between gateway and gateway proxy, the bandwidth between gateway and gateway proxy can be saved.

For example, in order to ensure the service reliability of NVO3 network, can be provided with two gateways, one is primary gateway, and one is standby gateway, and the gateway proxy be connected with primary gateway provides the function of ARPproxy.Method shown in Fig. 4 comprises 401-405.

401, described gateway proxy judges whether described gateway is primary gateway.If determine, described gateway is primary gateway, then perform described 402.If determine, described gateway is standby gateway, then do not respond.The operation of 402-405 with embodiment illustrated in fig. 3 in 301-304 identical, repeat no more herein.

Wherein, describedly judge whether described gateway is that primary gateway is by intercepting VRRP (VirtualRouterRedundancyProtocol, Virtual Router Redundancy Protocol) message, and determine which gateway is primary gateway from the gateway operating state of described VRRP message instruction.

Alternatively, the embodiment of the present invention additionally provides a kind of method of Message processing, and to alleviate the burden of gateway proxy or gateway response ARP request message, the method shown in Fig. 5, can be realized by the NVE in server, comprise:

502, the 5th message that the NVE sink virtual machine in server sends.

504, when described 5th message is ARP request message, the ARP table stored by searching described NVE obtains the MAC Address of described 5th message request.If find the MAC Address of described 5th message request, then perform 506.If do not find the MAC Address of described 5th message request, then perform 508.

Wherein, the described NVE method of setting up ARP table and the method for searching identical with the correlation technique of gateway proxy.Repeat no more herein.

The MAC Address found is carried in the second arp reply message and sends to described virtual machine by the NVE 506, in described server.

508, the VNID that the NVE in described server is corresponding according to described virtual machine, encapsulates to obtain the 6th message to described 5th message, and described 6th message is sent to gateway.

In the present embodiment, the NVE of server can reply ARP request message.When NVE cannot reply, ARP request message is sent to gateway.ARP request can be sent to gateway proxy by gateway, answers so that gateway proxy carries out generation; Or be forwarded to gateway by after gateway proxy process, replied by gateway, this scheme can reduce the burden of gateway and gateway proxy response ARP request further, also can reduce the quantity of ARP message in network.

In conjunction with the network architecture as shown in Figure 1, the embodiment of the present invention is sent to the forwarding process that the forwarding process of message of external network and the equipment of external network are sent to the message of VM1 for VM1, illustrate the technical scheme that the embodiment of the present invention provides.

Adopt VXLAN technology for NOV3 network, Fig. 6 shows the forwarding process that VM1 is sent to the message of external network, comprising:

601, VM1 sends ARP request message to the NVE1 of server 1, carries VLANID in described ARP request message;

602, NVE1 determines corresponding VNID according to described VLANID, carries out VXLAN encapsulation to ARP request message.

Wherein, use the VNID of VXLAN1 when carrying out VXLAN encapsulation, and outer object IP address is the multicast ip address that described VNID is corresponding, source IP address is the IP address of server 1.

603, the ARP request message after encapsulation is sent to gateway by NVE1.

604, gateway is according to described outer object IP address search multicast forwarding list item, multicast message is sent to the gateway proxy that described gateway connects.

605, gateway proxy carries out VXLAN decapsulation, obtains ARP request message and VNID.

606, gateway proxy searches the mapping relations of VNID and VLANID to obtain corresponding VLANID according to VNID.

607, gateway proxy carries out ether encapsulation according to the VLANID of correspondence to ARP request message.

608, the ARP request message encapsulated through ether is sent to gateway by gateway proxy.

609, gateway carries out ether decapsulation to the ARP request message that ether encapsulates, and determines that the message received is ARP request message.

610, gateway generates arp reply message, and carries out ether encapsulation.The object IP address of described arp reply message is the IP address of VM1.

611, the arp reply message of encapsulation is sent to gateway proxy by gateway.

612, gateway proxy carries out ether decapsulation to the arp reply message received, and obtains arp reply message and VLANID.

613, gateway proxy searches corresponding VNID according to VLANID.

614, gateway proxy is searched MAC according to the MAC Address of VNID and VM1 and is transmitted, and carries out VXLAN encapsulation to arp reply message.The object IP address of the arp reply message of described encapsulation is the IP address of NVE1.

615, gateway proxy sends to NVE1 by three-layer network.

The arp reply message of described NVE1 to described encapsulation carries out VXLAN decapsulation, then by the arp reply message repeating after decapsulation to VM1.

After this, the unicast traffic from VM1 just can be sent to gateway.Other VM also can use identical flow process to send message.

Equipment outside vxlan network is as shown in Figure 7 sent to the message repeating flow process of the VM1 in vxlan network, comprising:

701, gateway receives the message that the equipment outside vxlan network is sent, and gateway carries out ether encapsulation according to ARP table to this message and obtains the first message.

702, described first message is sent to gateway proxy by gateway.

703, gateway proxy carries out ether decapsulation to the first message received, and obtains the second message and VLANID.

704, gateway proxy searches the mapping relations of VLANID and VLANID to obtain corresponding VNID according to VLANID.

705, gateway proxy is transmitted according to the MAC in virtual network corresponding to VNID and VNID, carries out VXLAN encapsulation to obtain the 3rd message to described second message.

706, described 3rd message is sent to gateway by gateway proxy; Gateway forwards described 3rd message to NVE1 by three-layer network.

707, NVE1 judges that the object IP of described 3rd message is as self, and UDP port number is special port numbers, carries out VXLAN decapsulation to obtain the 4th message to described 3rd message.

708, the MAC that NVE1 searches virtual network corresponding to VNID according to the target MAC (Media Access Control) address of described 4th message transmits, and described 4th message is sent to VM1.

The embodiment of the present invention additionally provides a kind of gateway proxy, and be applied in NVO3 network, described gateway proxy is connected with gateway, and described NVO3 network is by described gateway and external network intercommunication.As shown in Figure 8, described gateway proxy 800 comprises:

Receiving element 801, for receiving the first message that described gateway sends, wherein said first message is the message according to the first package identification encapsulation.

Decapsulation unit 802, when described first message is data message, carries out decapsulation for described first message received described receiving element 801, obtains the second message and described first package identification.

Search unit 803, for searching the mapping relations of VNID and VLANID according to described first package identification to obtain the second package identification corresponding to described first package identification; Wherein when described first package identification is VNID, described second package identification is VLANID, and when described first package identification is VLANID, described second package identification is VNID.

Encapsulation unit 804, the second package identification found for searching unit 803 described in basis encapsulates to obtain the 3rd message to described second message.

Transmitting element 806, for sending to described gateway by described 3rd message.

Alternatively, if described first message is ARP request message, described decapsulation unit 802, described in search that unit 803, described encapsulation unit 804 and described transmitting element 806 adopt with described first message be the first message described in mode process identical during data message.

Alternatively, if described first message is ARP request message, then described second message is ARP request message.Gateway proxy 900 shown in Fig. 9 also comprises: memory cell 908: for preserving ARP table.For example, described memory cell 908 can also be used for the mapping relations of preserving VNID and VLANID.

Describedly search unit 803, also for when described second message is ARP request message, from the described ARP table that described memory cell 908 stores, search the MAC Address of described second message request.

Described gateway proxy also comprises: generation unit 905, for searching the MAC Address that unit 803 finds described in basis, generates the first arp reply message.

Described encapsulation unit 804, also for according to described first package identification, encapsulates to form the 4th message to the first arp reply message that described generation unit 905 generates.

Described transmitting element 806, also for according to the MAC forwarding information corresponding with described first package identification, sends to described gateway by described 4th message.

Alternatively, the gateway proxy 1000 shown in Figure 10, also comprises:

Judging unit 1007, for judging whether described gateway is primary gateway.

Describedly search unit 803, specifically for when described judging unit 1007 determines that described gateway is primary gateway, from the ARP table that described memory cell 908 stores, search the MAC Address of described ARP request message request.

The embodiment of the present invention additionally provides a kind of NVE, is applied in NVO3 network, is provided with server and gateway in described NVO3 network.Described NVO3 network is by described gateway and external network intercommunication.Described gateway is connected with gateway proxy.Described NVE is arranged in described server.Described NVE is for managing the virtual machine in described server, and as shown in figure 11, NVE1l00 comprises:

Memory cell 1104, for preserving ARP table.

Receiving element 1101, for the 5th message that sink virtual machine sends.

Searching unit 1102, when the 5th message for receiving at described receiving element 1101 is ARP request message, from the described ARP table that described memory cell 1104 stores, searching the MAC Address of described 5th message request.

Transmitting element 1103, for described search unit 1102 find the MAC Address of described 5th message request time, then the MAC Address found is carried in arp reply message and sends to described virtual machine; Also for described search unit 1102 do not find the MAC Address of described 5th message request time, then corresponding according to described virtual machine VNID encapsulates to obtain the 6th message to described 5th message, and described 6th message is sent to gateway.

The embodiment of the present invention additionally provides a kind of server, comprises the NVE1100 shown in Figure 11.

Embodiments provide a kind of gateway proxy and NVE.Gateway in NOV3 network is connected with gateway proxy, and use this gateway proxy to carry out NVO3 encapsulation to the message that gateway is sent to the network equipment in NOV3 network, message equipment in NOV3 network being sent to gateway carries out NOV3 decapsulation, make gateway when not supporting NVO3 encapsulation technology, still can process the message of NOV3 network and external network intercommunication, thus make, when not changing the hardware configuration of gateway in existing network, to realize NVO3 technology.

Embodiments provide a kind of gateway proxy, be applied in the virtual NVO3 network of three-layer network, in described NVO3 network, be provided with gateway.NVO3 network is by described gateway and external network intercommunication.Described gateway is connected with gateway proxy.Gateway proxy 1200 shown in Figure 12 comprises imput output circuit 1201, processor 1202 and memory 1203.Described memory 1203 is configured storage code, and is configured the mapping relations storing VNID and VLANID.The method flow that described processor 1202 is realized by gateway proxy in embodiment to implement the above described method for reading described code.Described imput output circuit 1201, described processor 1202 are communicated by bus with described memory 1203.

Described imput output circuit 1201, for receiving the first message that gateway sends, wherein said first message is carry out according to the first package identification the message that encapsulates.

Described processor 1202, when described first message is data message, for carrying out decapsulation to described first message, obtains the second message and the first package identification; The mapping relations of VNID and VLANID are searched to obtain the second package identification corresponding to described first package identification according to described first package identification; Wherein when described first package identification is VNID, described second package identification is VLANID, and when described first package identification is VLANID, described second package identification is VNID; Encapsulate to obtain the 3rd message to described second message according to described second package identification.Described imput output circuit is also for sending to gateway by described 3rd message.

Alternatively, described processor 1202, also for when described second message is ARP request message, searches the MAC Address of described second message request from the ARP table that described memory 1203 stores; According to the MAC Address found, generate the first arp reply message; According to described first package identification, encapsulate to obtain the 4th message to described first arp reply message; According to the MAC forwarding information corresponding with described first package identification, described 4th message is sent to described gateway.

Described memory 1203, also for storing ARP table and MAC forwarding information.

Alternatively, described processor 1201, also for before searching the MAC Address of described ARP request message request in the ARP table that stores at described memory 1203, judges whether described gateway is primary gateway; If determine, described gateway is primary gateway, then perform described operation of searching the MAC Address of described second message request from the ARP table that described memory 1203 stores.

Embodiments provide a kind of NVE, be applied in NVO3 network, in described NVO3 network, be provided with server and gateway.Described NVO3 network is by described gateway and external network intercommunication.Described gateway is connected with gateway proxy.Described NVE is arranged in described server, and described NVE is for managing the virtual machine in described server.NVE1300 shown in Figure 13 comprises processor 1301, memory 1302 and transmitter 1303, and described memory 1302 is configured storage code, the method flow that described processor 1301 is realized by NVE in embodiment to implement the above described method for reading described code.For example, described processor 1301, memory 1302 are communicated by bus with transmitter-receiver 1303.

Described transmitter-receiver 1303, for the 5th message that sink virtual machine sends;

Described processor 1301, for when described 5th message is ARP request message, searches the MAC Address of described 5th message request from the ARP table that memory 1302 stores; If find the MAC Address of described 5th message request, then control described transmitter-receiver 1303 and the MAC Address found is carried in arp reply message sends to described virtual machine; If do not find the MAC Address of described 5th message request, then corresponding according to described virtual machine VNID, encapsulate to obtain the 6th message to described 5th message.

Described transmitter-receiver 1303 is also for being sent to gateway by described 6th message.

Described memory 1302, also for storing described ARP table.

Embodiments provide a kind of gateway proxy and NVE, described gateway proxy is connected with gateway.This gateway proxy carries out NVO3 encapsulation to the message that gateway is sent to the network equipment in NOV3 network, the message network equipment in NOV3 network being sent to gateway carries out NOV3 decapsulation, make gateway when not supporting NVO3 encapsulation technology, still can process the message of NOV3 network and external network intercommunication, thus make, when not changing the hardware configuration of gateway in existing network, to realize NVO3 technology.

Through the above description of the embodiments, those skilled in the art can be well understood to the mode that the present invention can add required hardware by software and realize, and can certainly be realized by hardware.Based on such understanding, can embodying with the form of software product in whole or in part of technical scheme of the present invention, this computer software product is stored in the storage medium that can read, as the floppy disk of computer, hard disk or CD etc., comprise some instructions and perform method described in each embodiment of the present invention in order to make a computer equipment (can be personal computer, server, or the network equipment etc.).

The above; be only the specific embodiment of the present invention, but protection scope of the present invention is not limited thereto, is anyly familiar with those skilled in the art in the technical scope that the present invention discloses; change can be expected easily or replace, all should be encompassed within protection scope of the present invention.Therefore, protection scope of the present invention should be as the criterion with the protection range of described claim.

Claims (10)

1. the method for a Message processing, be applied in the virtual NVO3 network of three-layer network, gateway is provided with in described NVO3 network, described NVO3 network is by described gateway and external network intercommunication, it is characterized in that, also be provided with gateway proxy in described NVO3 network, described gateway proxy is connected with described gateway, and described method comprises:
Described gateway proxy receives the first message that described gateway sends, and wherein said first message is the message according to the first package identification encapsulation;
If described first message is data message, described gateway proxy carries out decapsulation to described first message, obtains the second message and described first package identification;
Described gateway proxy, according to described first package identification, obtains the second package identification corresponding to described first package identification by searching virtual process identifications VNID with the mapping relations of VLAN ID VLANID; Wherein when described first package identification is VNID, described second package identification is VLANID, and when described first package identification is VLANID, described second package identification is VNID;
Encapsulate to form the 3rd message to described second message according to described second package identification;
Described 3rd message is sent to described gateway.
2. method according to claim 1, is characterized in that, if described first message is ARP request message, it is the first message described in mode process identical during data message that described gateway proxy adopts with described first message.
3. method according to claim 1, is characterized in that, if described first message is ARP request message, described second message is ARP request message, and described method also comprises:
Described gateway proxy obtains the MAC address of described second message request by searching ARP table, wherein, described gateway proxy stores described ARP table;
Described gateway proxy, according to described MAC Address, generates the first arp reply message;
Described gateway proxy, according to described first package identification, encapsulates to form the 4th message to described first arp reply message;
Described 4th message, according to the MAC forwarding information corresponding with described first package identification, is sent to described gateway by described gateway proxy.
4. method according to claim 3, is characterized in that, described gateway proxy by search described ARP table obtain described second message request MAC Address before, also comprise: described gateway proxy judges whether described gateway is primary gateway;
Perform when described gateway proxy is by searching described ARP table and obtaining operating in and determining that described gateway is primary gateway of the MAC Address of described second message request.
5. the method according to claim 1-4 any one, described NVO3 network also comprises server, and described server comprises network virtualization edge NVE, and described NVE, for managing the virtual machine in described server, is characterized in that, described method also comprises:
The 5th message that described NVE sink virtual machine sends;
When described 5th message is ARP request message, the ARP table stored by searching described NVE obtains the MAC Address of described 5th message request;
If find the MAC Address of described 5th message request, the MAC Address found is carried in the second arp reply message and sends to described virtual machine by described NVE;
If do not find the MAC Address of described 5th message request, then corresponding according to described virtual machine VNID, encapsulate to obtain the 6th message to described 5th message, and described 6th message is sent to described gateway.
6. a gateway proxy, be applied in the virtual NVO3 network of three-layer network, it is characterized in that, described gateway proxy is connected with gateway, and described NVO3 network is by described gateway and external network intercommunication, and described gateway proxy comprises:
Receiving element, for receiving the first message that described gateway sends, wherein said first message is the message according to the first package identification encapsulation;
Decapsulation unit, when described first message is data message, carries out decapsulation for described first message received described receiving element, obtains the second message and described first package identification;
Search unit, for searching the mapping relations of virtual process identifications VNID and VLANID according to described first package identification to obtain the second corresponding package identification; Wherein when described first package identification is VNID, described second package identification is VLANID, and when described first package identification is VLANID, described second package identification is VNID;
Encapsulation unit, described second package identification found for searching unit described in basis encapsulates to form the 3rd message to described second message;
Transmitting element, for sending to described gateway by described 3rd message.
7. gateway proxy according to claim 6, it is characterized in that, if described first message is ARP request message, described decapsulation unit, described in search that unit, described encapsulation unit and described transmitting element adopt with described first message be the first message described in mode process identical during data message.
8. gateway proxy according to claim 6, is characterized in that, if described first message is ARP request message, then described second message is ARP request message, and described gateway proxy also comprises: memory cell, for storing ARP table;
Describedly search unit, also for when described second message is ARP request message, from the ARP table of described cell stores, search the MAC Address of described second message request;
Described gateway proxy also comprises generation unit, for searching the MAC Address that unit finds described in basis, generates the first arp reply message;
Described encapsulation unit, also for according to described first package identification, encapsulates to form the 4th message to the described first arp reply message that described generation unit generates;
Described transmitting element, also for according to the MAC forwarding information corresponding with described first package identification, sends to described gateway by described 4th message.
9. gateway proxy according to claim 8, is characterized in that, also comprises judging unit, for judging whether described gateway is primary gateway;
Describedly search unit, specifically for when described judging unit determines that described gateway is primary gateway, from the ARP table of described cell stores, search the MAC Address of described second message request.
10. a network virtual edge NVE, it is characterized in that, described NVE is applied in the virtual NVO3 network of three-layer network, server and gateway is provided with in described NVO3 network, described NVO3 network is by described gateway and external network intercommunication, and described gateway connects gateway proxy, and described NVE is arranged in described server, described NVE is for managing the virtual machine in described server, and described NVE comprises:
Memory cell, for preserving ARP table;
Receiving element, for the 5th message that sink virtual machine sends;
Searching unit, when described 5th message for receiving at described receiving element is ARP request message, from the described ARP table of described cell stores, searching the MAC Address of described 5th message request;
Transmitting element, for described search unit find the MAC Address of described 5th message request time, the MAC Address found is carried in arp reply message and sends to described virtual machine; Also for described search unit do not find the MAC Address of described 5th message request time, the virtual process identifications VNID corresponding according to described virtual machine encapsulates to obtain the 6th message to described 5th message, and described 6th message is sent to gateway.
CN201310107847.5A 2013-03-29 2013-03-29 A kind of method and apparatus of Message processing CN103200069B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201310107847.5A CN103200069B (en) 2013-03-29 2013-03-29 A kind of method and apparatus of Message processing

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201310107847.5A CN103200069B (en) 2013-03-29 2013-03-29 A kind of method and apparatus of Message processing

Publications (2)

Publication Number Publication Date
CN103200069A CN103200069A (en) 2013-07-10
CN103200069B true CN103200069B (en) 2016-01-27

Family

ID=48722433

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201310107847.5A CN103200069B (en) 2013-03-29 2013-03-29 A kind of method and apparatus of Message processing

Country Status (1)

Country Link
CN (1) CN103200069B (en)

Families Citing this family (34)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN104348726B (en) * 2013-08-02 2018-12-11 新华三技术有限公司 Message forwarding method and device
CN104426680B (en) 2013-09-03 2018-03-16 华为技术有限公司 Data transmission method, device and system
CN104601427B (en) * 2013-10-31 2018-03-06 新华三技术有限公司 Message forwarding method and device in data center network
CN103647853B (en) * 2013-12-04 2018-07-03 华为技术有限公司 One kind sends ARP file transmitting methods, VTEP and VxLAN controllers in VxLAN
CN104702476B (en) * 2013-12-05 2018-07-31 华为技术有限公司 Message processing method based on distributed network gate and network virtualization marginal point
CN104702708B (en) * 2013-12-06 2018-04-27 华为技术有限公司 Obtain method, equipment, system and the network virtualization endpoint of ARP information
WO2015106461A1 (en) 2014-01-20 2015-07-23 华为技术有限公司 Address obtaining method and network virtualization edge device
CN104869042B (en) * 2014-02-20 2018-07-13 华为技术有限公司 Message forwarding method and device
WO2015180120A1 (en) * 2014-05-30 2015-12-03 华为技术有限公司 Packet forwarding method, forwarding entry delivery method, and network device
CN105227421B (en) * 2014-07-03 2018-11-09 新华三技术有限公司 Message processing method and device in a kind of stacking network
CN104301446B (en) * 2014-08-08 2019-04-09 新华三技术有限公司 A kind of message processing method, switch device and system
CN105450690B (en) 2014-08-21 2019-02-22 国际商业机器公司 The method and virtual machine management system that virtual machine management program executes
CN104158718B (en) * 2014-08-25 2017-06-13 新华三技术有限公司 A kind of message processing method and device
CN105490995B (en) * 2014-09-30 2018-04-20 国际商业机器公司 A kind of method and apparatus that NVE E-Packets in NVO3 networks
CN104518940B (en) * 2014-10-27 2017-12-29 华为技术有限公司 Realize the method and apparatus to be communicated between NVO3 networks and MPLS network
CN105634899A (en) * 2014-10-29 2016-06-01 中兴通讯股份有限公司 Method and system for providing virtual network service
CN104301232B (en) * 2014-10-29 2017-10-03 新华三技术有限公司 Message forwarding method and device in a kind of transparent interconnection of lots of links internet
CN104378300B (en) * 2014-11-27 2018-04-03 盛科网络(苏州)有限公司 A kind of processing method for realizing Vxlan two-layer retransmitting tables in the chips
CN104410560A (en) * 2014-11-27 2015-03-11 盛科网络(苏州)有限公司 Method for realizing BUM packet forwarding through NVGRE unicast
CN106209636B (en) 2015-05-04 2019-08-02 新华三技术有限公司 Multicast data packet forwarding method and apparatus from VLAN to VXLAN
CN106209554B (en) 2015-05-04 2019-12-13 新华三技术有限公司 message forwarding method and device for crossing virtual extensible local area network
CN106209638B (en) 2015-05-04 2019-07-12 新华三技术有限公司 From virtual LAN to the message forwarding method and equipment of virtual expansible local area network
CN106209637B (en) 2015-05-04 2019-07-05 新华三技术有限公司 From virtual expansible local area network to the message forwarding method and equipment of virtual LAN
CN106209689B (en) 2015-05-04 2019-06-14 新华三技术有限公司 Multicast data packet forwarding method and apparatus from VXLAN to VLAN
CN106209648B (en) * 2015-05-04 2019-06-14 新华三技术有限公司 Multicast data packet forwarding method and apparatus across virtual expansible local area network
US9916174B2 (en) 2015-05-27 2018-03-13 International Business Machines Corporation Updating networks having virtual machines with migration information
CN106341298B (en) 2015-07-06 2019-03-22 中兴通讯股份有限公司 File transmitting method and device
CN105306335B (en) * 2015-11-11 2019-10-22 杭州数梦工场科技有限公司 The retransmission method and device of message
CN106817291A (en) * 2015-11-30 2017-06-09 中兴通讯股份有限公司 VXLAN realizes device and its method of work
CN107342925B (en) * 2016-04-29 2020-03-06 新华三技术有限公司 Message transmission method and device
CN107404436A (en) * 2016-05-19 2017-11-28 华为技术有限公司 Communication means and device for virtual expansible LAN
CN106130867B (en) * 2016-08-30 2019-06-14 锐捷网络股份有限公司 Virtual machine communication method and device across data center
CN108011801A (en) * 2016-11-01 2018-05-08 阿里巴巴集团控股有限公司 Method, unit and the system of data transfer
CN106789540B (en) * 2017-01-25 2019-11-29 北京华为数字技术有限公司 A kind of gateway deployment method and apparatus

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP2252096A1 (en) * 2009-05-14 2010-11-17 Avaya Inc. Unifying local and mobility network identifiers
CN102938794A (en) * 2012-11-14 2013-02-20 华为技术有限公司 Address resolution protocol (ARP) message forwarding method, exchanger and controller
CN102970227A (en) * 2012-11-12 2013-03-13 盛科网络(苏州)有限公司 Method and device for achieving virtual extensible local area network (VXLAN) message transmitting in application specific integrated circuit (ASIC)

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP2252096A1 (en) * 2009-05-14 2010-11-17 Avaya Inc. Unifying local and mobility network identifiers
CN102970227A (en) * 2012-11-12 2013-03-13 盛科网络(苏州)有限公司 Method and device for achieving virtual extensible local area network (VXLAN) message transmitting in application specific integrated circuit (ASIC)
CN102938794A (en) * 2012-11-14 2013-02-20 华为技术有限公司 Address resolution protocol (ARP) message forwarding method, exchanger and controller

Also Published As

Publication number Publication date
CN103200069A (en) 2013-07-10

Similar Documents

Publication Publication Date Title
JP6483781B2 (en) Distributed logical L3 routing
US10050905B2 (en) Edge datapath using inter-process transport for tenant logical networks
US10439843B2 (en) Method and system for virtual and physical network integration
US9654409B2 (en) Method for scaling address lookups using synthetic addresses
CN105453523B (en) Method and apparatus for ensuring the seamless flowing of flow
US9900214B2 (en) Using virtual networking devices to manage network configuration
US9281955B2 (en) Interoperability of data plane based overlays and control plane based overlays in a network environment
Wang et al. A survey on data center networking for cloud computing
US10193750B2 (en) Managing virtual port channel switch peers from software-defined network controller
CN104823405B (en) The IP multicast services departure process networked for the virtual private cloud based on MPLS
CN104272668B (en) Layer 3 covers gateway
US9698995B2 (en) Systems and methods for providing multicast routing in an overlay network
US9736016B2 (en) Managing failure behavior for computing nodes of provided computer networks
US8972603B1 (en) Managing encoded multi-part communications
US20180241622A1 (en) Logical l3 processing for l2 hardware switches
EP3020164B1 (en) Support for virtual extensible local area network segments across multiple data center sites
US9397942B2 (en) Packet forwarding
US10116559B2 (en) Operations, administration and management (OAM) in overlay data center environments
US9253140B2 (en) System and method for optimizing within subnet communication in a network environment
US10419287B2 (en) Using virtual networking devices and routing information to associate network addresses with computing nodes
EP2829031B1 (en) Virtual router terminating an overlay tunnel in a storage area network
US9374323B2 (en) Communication between endpoints in different VXLAN networks
AU2013273254B2 (en) Routing VLAN tagged packets to far end addresses of virtual forwarding instances using separate administrations
US8923155B2 (en) L3 gateway for VXLAN
CN105519080B (en) Method and apparatus for exchanging IP grouping between 2 peer of network layer

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
C14 Grant of patent or utility model
GR01 Patent grant