CN103905283A

CN103905283A - Communication method and apparatus based on expandable virtual local area network

Info

Publication number: CN103905283A
Application number: CN201210570461.3A
Authority: CN
Inventors: 冯江平; 朱旭琪
Original assignee: Huawei Technologies Co Ltd
Current assignee: Huawei Cloud Computing Technologies Co Ltd
Priority date: 2012-12-25
Filing date: 2012-12-25
Publication date: 2014-07-02
Anticipated expiration: 2032-12-25
Also published as: CN103905283B

Abstract

The invention relates to a communication method and apparatus based on an expandable virtual local area network. The method comprises: receiving a first message sent by a source node; extracting a destination IP address in the first message; according to the destination IP address in the first message, determining a virtual local area network which a destination node belongs to; broadcasting the first message to the destination node in a system; receiving a response message of the first message sent by the destination node, the response message of the first message carrying a destination addressing address; and sending the response message of the first message to the source node to enable the source node to obtain the destination addressing address carried in the response message of the first message. The communication method and apparatus provided by the invention eliminate the problem of adding an additional network device or modifying a conventional network device in a network.

Description

Based on communication means and the device that can expand VLAN

Technical field

The present invention relates to computer network communication technology field, relate in particular to a kind of communication means and device based on expanding VLAN VXLAN.

Background technology

VLAN (Virtual Local Area Network, VLAN), be a kind of by lan device from being divided in logic the network segment one by one, thereby realize the Data Interchange Technology of virtual workgroup.VLAN allows the computer in different physical locations logically to form a local area network (LAN) (Local AreaNetwork, LAN), and a VLAN is a broadcast domain.Keeper, according to practical application request, is logically divided into different broadcast domains the different user in Same Physical local area network (LAN), and each VLAN comprises one group of computer workstation that has same requirements, has identical attribute with the local area network (LAN) physically forming.The broadcast of a VLAN inside and unicast traffic can not be forwarded in other VLAN, thereby contribute to control flow, minimizing equipment investment, simplified network management, the fail safe that improves network.

Basic ideas and the VLAN that can expand VLAN (Virtual eXtensible Local Area Network, VXLAN) are similar, but with better function.VXLAN is a kind of technology that two layer message is encapsulated with three layer protocols, can expand three layers of scope double layer network.It is applied to data center inside, virtual machine can be moved within the scope of the three-layer network interconnecting, and do not need to change IP(Internet Protocol, Internet protocol) address and MAC(Medium Access Control, medium access control) address, the continuity of assurance business.VXLAN VNI(VXLAN NetworkIdentifier, VXLAN network sequence number) identify each broadcast domain (VXLAN subnet), VNI has 24, and a nearly 16M broadcast domain can be provided at most, compares VLAN 4K broadcast domain can only be provided.

VXLAN is a kind of emerging important network virtualization technology, also in the starting stage.Therefore, to the virtual machine in VXLAN (Virtual Machine, VM), a problem of having to face be how with the existing inside of not disposing VXLAN or other outside PM(Physical Machine, physical machine)/VM carries out intercommunication.Existing solution is on the equipment such as switch, to adopt software or hardware to dispose VXLAN Gateway(gateway), between VXLAN and VLAN, carry out the forwarding of packet by VXLAN Gateway.

Fig. 1 is the system block diagram that existing a kind of VXLAN Gateway disposes, and as shown in Figure 1, comprises VXLAN server, gateway Gateway and VLAN server, and VXLAN server communicates by Gateway and VLAN server.Particularly, when from VXLAN interface input data frame, Gateway can peel off VXLAN head and carry out decapsulation, and inner Ethernet frame is forwarded to corresponding physical port according to inner object MAC.If there is inner VLAN ID in the frame after decapsulation, unless on corresponding output interface, do clearly configuration, otherwise should abandon this VLAN ID.When from VLAN interface input data frame, the Gateway VLAN ID based in frame is mapped to specific VXLAN network.

The mode of existing this employing VXLAN Gateway, need to increase the extra network equipment or modify in conventional network equipment (switch), has increased deployment and the maintenance cost of network.And, VXLAN Gateway need to safeguard numerous information such as the IP of VNI, virtual machine VM and the corresponding relation of VXLAN and VLAN of all VXLAN of jurisdiction, easily cause VXLAN Gateway realization and safeguard more complicated, cost is higher, likely become the performance bottleneck in intercommunication, applicable network environment is limited; Also make the variation response underaction of VXLAN Gateway to network topology or configuration, limited scalability.

Summary of the invention

In view of this, the embodiment of the present invention provides a kind of communication means and device based on expanding VLAN VXLAN, has removed the problem that increases additional networks equipment or revise conventional network equipment in network from.

For achieving the above object, first aspect present invention provides a kind of communication means based on expanding VLAN, described method is applied to dummy machine system, described system comprises multiple physical servers, on each physical server, comprise multiple virtual machines, described multiple virtual machine forms multiple VLANs, and described VLAN comprises that at least one can expand VLAN VXLAN, comprising:

The first message that the first port reception sources node that the one VXLAN is corresponding sends, wherein, described the first message carries the Internet protocol IP address of making a start, make a start addressing address and object IP address, what described the first message carried make a start, and IP address is the IP address of described source node, the addressing address of making a start is the addressing address of described source node, the IP address that object IP address is destination node;

Described the first port extracts the object IP address in described the first message;

Described the first port, according to the object IP address in described the first message, is determined the VLAN that described destination node belongs to;

If the VLAN that described destination node belongs to and a described VXLAN belong to different VLANs, described the first port is broadcasted described the first message in described system, makes described destination node receive described the first message and gets make a start IP address and the addressing address of making a start in described the first message;

Described the first port receives the response message of described first message of described destination node transmission, the response message of described the first message carries object addressing address, the addressing address of the second port that the addressing address that the object addressing address that the response message of described the first message carries is described destination node or the VLAN belonging to for described destination node are corresponding;

The response message of described the first message is sent to described source node by described the first port, the object addressing address that described source node is got carry in the response message of described the first message.

In conjunction with first aspect, in the possible execution mode of the first of first aspect, described method also comprises:

Building database, described database is stored the IP address of the virtual machine in described system and the corresponding relation of VLAN;

Described the first port, according to the object IP address in described the first message, determines that the VLAN that described destination node belongs to comprises:

Inquire about the IP address of the virtual machine of storing in described database and the corresponding relation of VLAN, determine the VLAN that described destination node belongs to.

In conjunction with first aspect, in the possible execution mode of the second of first aspect, described the first port also comprised broadcast described the first message in described system before:

Described the first port is replaced with the addressing address of making a start in described the first message the addressing address of described the first port by the addressing address of described source node.

In conjunction with the possible execution mode of the second of first aspect or first aspect, in the third possible execution mode of first aspect, when the VLAN belonging to when described destination node is the 2nd VXLAN, described the first port is broadcasted described the first message in described system, make described destination node receive described the first message and obtain make a start IP address and the addressing address of making a start in described the first message, comprising:

Described the first port is broadcasted described the first message in described system;

The second port corresponding to described the 2nd VXLAN receives described the first message, according to the object IP address of carrying in described the first message, described the first message is sent to described destination node, described destination node receives after described the first message, records make a start IP address and the addressing address of making a start that described the first message carries.

In conjunction with the third possible execution mode of first aspect, in the 4th kind of possible execution mode of first aspect, described the first port also comprises before receiving the response message of described the first message of described destination node transmission:

Described destination node is according to make a start IP address and the addressing address of making a start in described first message of record, send the response message of the first message, described the second port receives after the response message of described the first message, and the response message of described the first message is sent to described the first port.

In conjunction with the 4th kind of possible execution mode of first aspect, in the 5th kind of possible execution mode of first aspect, described the second port also comprises before the response message of described the first message is sent to described the first port:

Described the second port is replaced with the object addressing address in the response message of described the first message the addressing address of described the second port by the addressing address of described destination node;

To get the object addressing address of carrying in the response message of described the first message be the addressing address of described the second port to described source node.

In conjunction with first aspect, in the 6th kind of possible execution mode of first aspect, when the VLAN belonging to when described destination node is the 2nd VLAN, described the first port is broadcasted described the first message in described system, the IP address and the addressing address that make described destination node receive described the first message and obtain described source node, comprising:

Described destination node receives described the first message, and described destination node receives after described the first message, records make a start IP address and the addressing address of making a start that described the first message carries.

In conjunction with first aspect, in the 7th kind of possible execution mode of first aspect, also comprise:

Described the first port receives the second message that described source node sends according to the described object addressing address obtaining, wherein, described the second message carries source IP address, addressing address, source, object IP address and object addressing address, the IP address that the source IP address that described the second message carries is described source node, the addressing address that addressing address, source is described source node, object IP address is the IP address of destination node, and object addressing address is the object addressing address getting;

Described the first port is according to the object addressing address in described the second message, sends the second port corresponding to VLAN that described the second message belongs to described destination node or described destination node.

In conjunction with the 7th kind of possible execution mode of first aspect, in the 8th kind of possible execution mode of first aspect, described the first port, before sending described the second message, also comprises:

Described the first port is replaced with the addressing address, source in described the second message the addressing address of described the first port by the addressing address of described source node.

In conjunction with the 7th kind of possible execution mode or the 8th kind of possible execution mode of first aspect, in the 9th kind of possible execution mode of first aspect, described the first message is ARP message, and described the second message is unicast message.

Second aspect, the present invention also provides a kind of communicator based on expanding VLAN, described application of installation is in dummy machine system, described system comprises multiple physical servers, on each physical server, comprise multiple virtual machines, described multiple virtual machine forms multiple VLANs, and described VLAN comprises that at least one can expand VLAN VXLAN, comprising: receiving element, resolution unit, determining unit and transmitting element;

Receiving element, the first message sending for reception sources node, wherein, described the first message carries the Internet protocol IP address of making a start, make a start addressing address and object IP address, what described the first message carried make a start, and IP address is the IP address of described source node, the addressing address of making a start is the addressing address of described source node, the IP address that object IP address is destination node;

Resolution unit, for extracting the object IP address of described the first message that described receiving element receives;

Determining unit, for the object IP address in described the first message extracting according to described resolution unit, determines the VLAN that described destination node belongs to;

Transmitting element, while belonging to different VLAN for the VLAN that belongs to when the definite described destination node of described determining unit and a described VXLAN, in described system, broadcast described the first message, make described destination node receive described the first message and get make a start IP address and the addressing address of making a start in described the first message;

Described receiving element is also for receiving the response message of described the first message that described destination node sends, the response message of described the first message carries object addressing address, the addressing address of the communicator that the addressing address that the object addressing address that the response message of described the first message carries is described destination node or the VLAN belonging to for described destination node are corresponding;

Described transmitting element is also for sending to described source node by the response message of described first message of described receiving element reception, described source node is got the object addressing address of carrying in the response message of described the first message.

In conjunction with second aspect, in the possible execution mode of the first of second aspect, described device also comprises:

Memory cell, for building database, described database is stored the IP address of the virtual machine in described system and the corresponding relation of VLAN;

Described determining unit, specifically for inquiring about the IP address of the virtual machine of storing in the database of described memory cell foundation and the corresponding relation of VLAN, is determined the VLAN that described destination node belongs to.

In conjunction with second aspect, in the possible execution mode of the second of second aspect, described device also comprises:

Replacement unit, is replaced with the addressing address of current communicator by the addressing address of described source node for the addressing address of making a start of described the first message that described receiving element is received.

In conjunction with second aspect, in the third possible execution mode of second aspect, the second message that described receiving element also sends according to the described object addressing address obtaining for receiving described source node, wherein, described the second message carries source IP address, addressing address, source, object IP address and object addressing address, the IP address that the source IP address that described the second message carries is described source node, the addressing address that addressing address, source is described source node, object IP address is the IP address of destination node, and object addressing address is the object addressing address getting;

Described transmitting element is also for according to the object addressing address of described the second message, sends the second port corresponding to VLAN that described the second message belongs to described destination node or described destination node.

In conjunction with the third possible execution mode of second aspect, in the 4th kind of possible execution mode of second aspect, described device also comprises:

Replacement unit, is replaced with the addressing address of current communicator by the addressing address of described source node for the addressing address, source of described the second message that described receiving element is received.

In conjunction with the third possible execution mode or the 4th kind of possible execution mode of second aspect, in the 5th kind of possible execution mode of second aspect, described the first message is ARP message, and described the second message is unicast message.

Communication means and device based on expanding VLAN VXLAN provided by the invention, the function of VTEP on each server of disposing by strengthening VXLAN, utilize the maintenance information that increases database D B or memory table, the message data of transmission is analyzed to judgement and simple message modification, can realize the intercommunication between VXLAN and VLAN and between different VXLAN, there is distributed implementation mode, simple, be not subject to network topology, the restrictions such as scale, use flexibly, and without increasing the extra network equipment, remove the problem that increases additional networks equipment or revise conventional network equipment in network from, save the cost of network design and maintenance.

Accompanying drawing explanation

Fig. 1 is the system block diagram that existing a kind of VXLAN Gateway disposes;

Fig. 2 is the schematic diagram that can expand VLAN VXLAN message format;

Fig. 3 is the system architecture diagram of a kind of virtual data center VDC;

Fig. 4 is the embodiment of the present invention based on VDC networking and scene schematic diagram;

A kind of ARP of utilization data message that Fig. 5 provides for the embodiment of the present invention carries out the method flow diagram of ARP address learning;

The flow chart of a kind of communication means that Fig. 6 provides for the embodiment of the present invention;

Fig. 7 provide for the embodiment of the present invention another utilize ARP data message to carry out the method flow diagram of ARP address learning;

The flow chart of another communication means that Fig. 8 provides for the embodiment of the present invention;

The high-level schematic functional block diagram of the VXLAN endpoint of a tunnel VTEP that Fig. 9 provides for the embodiment of the present invention;

Between the VXLAN that Figure 10 provides for the embodiment of the present invention and VLAN, carry out the sequential chart of ARP address learning;

The sequential chart of communicating by letter between the VXLAN that Figure 11 provides for the embodiment of the present invention and VLAN;

Between the different VXLAN that Figure 12 provides for the embodiment of the present invention, carry out the sequential chart of ARP address learning;

The sequential chart of communicating by letter between the different VXLAN that Figure 13 provides for the embodiment of the present invention;

The communicator schematic diagram based on VXLAN that Figure 14 provides for the embodiment of the present invention;

The structure composition schematic diagram of the communicator based on VXLAN that Figure 15 provides for the embodiment of the present invention.

Embodiment

Below by drawings and Examples, technical scheme of the present invention is described in further detail.

That can expand VLAN VXLAN employing is MAC-in-UDP(User DatagramProtocol, User Datagram Protoco (UDP)) encapsulation mechanism, VXLAN head (VXLAN header), UDP head (UDP header), IP head (IP header) and Ethernet head (Ethernet header) on mac frame basis, are encapsulated respectively from inside to outside, just as built a tunnel, mac frame is as the actual transmissions content in tunnel, the mark that outer enclosure part is transmitted in tunnel as data, guarantees that data correctly arrive destination.Fig. 2 is a kind of schematic diagram of expanding VLAN VXLAN message format, and as shown in Figure 2, VXLAN message is in original Ethernet frame (Original Ethernet Frame), increases VXLAN packed part (VXLAN Encapsulation).In VXLAN, the end points in tunnel is called to VTEP(VXLAN Tunnel End Point, VXLAN endpoint of a tunnel).The major function of VTEP be receive local VM send Ethernet Ethernet frame time add encapsulation header and send for it; Receive that long-range VTEP sends with encapsulation header message time, remove encapsulation header and be also transmitted to corresponding VM.

Communication means and device based on expanding VLAN VXLAN provided by the invention, can be applied to and dispose in dummy machine system, virtual data center (the Virtual Data Center of for example VXLAN, VDC) in, to build computing resource sharing pond crucial in cloud computing, wherein resource comprises network, server, storage, application software and service etc.Intel Virtualization Technology mainly comprises: server virtualization, Storage Virtualization and network virtualization.The core technology of VDC is server virtualization, is mainly the physical resource of a physical machine is invented to multiple virtual machines (Virtual Machine, VM), makes each VM can realize the function of physical machine (Physical Machine, PM).

Fig. 3 is the system architecture diagram of a virtual data center VDC, as shown in Figure 3, VDC generally adopts layer architecture, the bottom is each physical server Server, in each Server, create multiple VM, and by virtual switch vSwitch, these VM are formed to small-sized Virtual Local Area Network in server inside.Each Server is also the end points in VXLAN tunnel, therefore relate to the VXLAN endpoint of a tunnel VTEP(VXLAN Tunnel End Point of embodiment of the present invention application) be exactly that to be deployed in each Server upper, and the VTEP gateway of communicating by letter with other PM/VM of Server outside as Server inside VM.VTEP can be the stand-alone assembly in Server, also can combine deployment with vSwitch.The network of Server outside carries out layering networking according to the scale of VDC.First Server is connected to access switch, is generally ToR, and access switch ToR is connected into convergence switch Switch again, then links core switch L3Switch.Certainly, convergence-level and core layer also can merge, and conventionally adopt three layers of (L3) switch.Finally, VDC is connected with outer net Internet network by router.

According to the residing network site of opposite end PM/VM of the required communication of VM in Server, complete the process of intercommunication between VXLAN and VLAN or different VXLAN, may pass through ToR, L3Switch or Router.Because VXLAN does not exert an influence to these outside network devices, these equipment are all worked in a conventional manner, therefore can by outside network device all abstract represent, to give prominence to the key technology of the embodiment of the present invention.

Fig. 4 be the embodiment of the present invention based on VDC networking and scene schematic diagram, as shown in Figure 4, this VDC networking comprises server S erver-1201, server S erver-2202, server S erver-3203 and the network switch 204.In server S erver-1201, create virtual machine VM-12011, server S erver-1201 has disposed VXLAN, and therefore the virtual machine VM-12011 on it and other virtual machines all will be by VTEP-12012 and external network communication.Virtual machine VM-12011 has added the subnet of VXLAN100, and the VNI of the VXLAN that namely virtual machine VM-12011 is corresponding is 100.In the time that VM-12011 communicates by letter with the VM in same VXLAN, VTEP-12012 is the packet encapsulation VXLAN head that VM-12011 sends; In the time that VM-12011 communicates from the VM in VLAN or different VXLAN, VTEP-12012 modifies the packet that VM-12011 is sent, then by amended Packet Generation to the network switch 204, for example send on the network equipment such as ToR or Switch, arrive VTEP or the VM of opposite end server by the forwarding of L2/L3 network.The present invention is not construed as limiting the L2/L3 network equipment of concrete employing.

The scene that the present invention communicates from the VM in VLAN or different VXLAN mainly for VM-12011.That is, the one, VM-12011 communicates by letter with VM-32031's in VLAN300, and the 2nd, VM-12011 communicates by letter with VM-22021's in VXLAN200, corresponds to respectively the scene of intercommunication between VXLAN of the present invention and VLAN intercommunication and different VXLAN.Server S erver-3203 in VLAN does not dispose VTEP, while not considering other virtual steps, can think that the packet that is transmitted to server directly issues corresponding VM-32031.It is upper that VM-22021 is created in Server-2201, belongs to VXLAN200, and namely the VNI of VM-22021 is 200.Forward the packets need of coming from the network equipment through processing such as VTEP-22022 modify, then be transmitted to VM-22021.Same VM-12011, the packet that VM-22021 sends also needs the processing through VTEP-22022, then mails to the network switch 204.

When communication starts between VM between VXLAN and VLAN or between different VXLAN, first utilize address resolution protocol (Address Resolution Protocol, ARP) data message to carry out the ARP address learning between described source node and destination node.

Fig. 5 is that the present invention utilizes ARP data message to carry out the method flow diagram of the study of the addressing address of ARP destination node, first it should be noted that, utilize ARP data message to carry out the study of the addressing address of ARP destination node, obtain the process of destination node addressing address, because source node is not known the addressing address of destination node, prior art adopts the mode of Gateway to realize the communication between source node and destination node, and the embodiment of the present invention is for fear of increase Gateway in networking, need first to obtain the addressing address of destination node, the embodiment of the present invention has adopted the addressing address that utilizes the broadcast transmission of ARP data message to obtain destination node, in the process of transmitting of ARP data message, may learn the addressing address of destination node, in general addressing address is used for the position of define grid equipment, comprise MAC (Media Access Control) address, or be called MAC address, hardware address.

As shown in Figure 5, the address learning process of this ARP destination node comprises: step S101, the first port that the VTEP(source node that source node is corresponding is corresponding) reception sources node send ARP request message.

In described ARP request message, carry the source MAC of Ethernet Ethernet head, the MAC Address of making a start of ARP message, make a start IP address and object IP address, wherein, originating address in described ARP request message is IP or the MAC Address of described source node, and the object IP address in described ARP request message is the IP address of destination node.

Step S102, the VTEP that source node is corresponding extract the object IP address in described ARP request message, utilize database D B to inquire about the second virtual network that obtains place, described object IP address, i.e. the 2nd VLAN or the 2nd VXLAN.

Particularly, the VTEP that source node is corresponding resolves the ARP request message receiving, and first obtains the MAC Address of source node, IP address and the object IP address of source node.

Before the study of addressing address of carrying out ARP destination node, also comprise: the step of building database DB, database D B stores the IP address of the virtual machine in described system and the corresponding relation of VLAN.Database D B comprises the VNI of IP, affiliated VXLAN that pre-configured local VM is corresponding and the IP address range of multicast address, port information and the VM that all VXLAN is corresponding, also has MAC Address, the communication MAC Address of VM and the IP address of place VTEP of the local VM of dynamic learning.In the time that VTEP corresponding to source node is resolved to the MAC Address of source node and IP address, VTEP can be recorded in database D B, and to database, DB dynamically updates.Certainly, the embodiment of the present invention is not limited to adopt database D B to store those configuration informations and address learning information, for example, can also adopt the mode of the memory tables such as Hash table to store.

Step S103, the VTEP that source node is corresponding arrive described ARP request message broadcast transmission the destination node of place, described object IP address the 2nd VLAN, or broadcast transmission ARP request message is to the second port corresponding to described the 2nd VXLAN, to be transmitted to described destination node.

The VTEP that source node is corresponding directly sends to object IP address place VLAN or VXLAN by ARP request message via Web broadcast.If object IP address belongs to VLAN, can think and directly be transmitted to destination node.

If object IP address belongs to different VXLAN, send the VTEP of ARP request message to opposite end, i.e. VTEP corresponding to destination node.VTEP corresponding to destination node receives ARP request message, analyzes the request message into ARP, is broadcast to destination node.

While belonging to the identical VXLAN of source node place VXLAN for object IP address, identical with the processing mode of existing VXLAN agreement, after being added to VXLAN encapsulation, original message sends object IP place VTEP, and its message format is as shown in Figure 2.

Step S104, the VTEP that source node is corresponding receive the arp reply message that the opposite end VTEP of described destination node or destination node place VXLAN returns.

Destination node receives after ARP request message, judge that object IP is for self, learn and record make a start IP and the MAC Address of making a start in ARP message, record the IP address of described source node and the MAC Address of source node, destination node also generates arp reply message, the MAC Address that in this arp reply message, the target MAC (Media Access Control) address of ARP message is this destination node, object IP address is the IP address of this destination node, the IP address of making a start is the IP address of source node, the MAC Address of making a start is the MAC Address of source node, destination node sends described arp reply message to VTEP corresponding to source node.

If destination node is in different VXLAN, destination node, generating after arp reply message, first sends to VTEP corresponding to destination node, and arp reply message is returned to the VTEP that described source node is corresponding by the VTEP corresponding by this destination node.

Step S105, the VTEP that source node is corresponding extract the IP address of making a start in described arp reply message.

VTEP corresponding to step S106, source node is according to the IP address of making a start in described arp reply message, judge that whether described arp reply message sends to the described source node of the machine, if so, enters step S107, otherwise enter step S108, abandon this arp reply message.

VTEP corresponding to step S107, source node to described source node, in described arp reply message carries object addressing address, i.e. the addressing address of described destination node so that described source node obtains and records by described arp reply message repeating.

VTEP corresponding to source node extracts the IP address of making a start in arp reply message, Query Database DB, judge that the IP address of making a start is the IP address corresponding to source node of the machine, by arp reply message repeating to source node, source node obtains target MAC (Media Access Control) address in arp reply message, completes the learning process of the MAC Address to destination node.

After the addressing address of destination node is arrived in study, between two virtual machines, can start the normal unicast communication message of intercommunication, as shown in Figure 6, between these two virtual machines, the communication process of intercommunication unicast message specifically comprises:

The first unicast message that step S201, the VTEP reception sources node that source node is corresponding send.

The first unicast message is unicast communication message, carries source IP address, addressing address, source, object IP address and object addressing address.Wherein, the IP address that source IP address is source node, the addressing address that addressing address, source is source node, the IP address that object IP address is destination node, object addressing address is the object addressing address that step S107 gets.

Step S202, the VTEP that source node is corresponding extract the object IP address in described the first unicast message, and utilize database D B to inquire about the second virtual network that obtains place, described object IP address, i.e. the 2nd VLAN or the 2nd VXLAN.

Step S203, the VTEP that source node is corresponding are forwarded to described the first unicast message the destination node of place, described object IP address the 2nd VLAN, or forward unicast message to the second port corresponding to described the 2nd VXLAN, to be transmitted to described destination node.

VTEP corresponding to source node directly by the first unicast message via forwarded to object IP address place VLAN or VXLAN.If object IP address belongs to VLAN, can think and directly be transmitted to destination node.

If object IP address belongs to different VXLAN, send the first unicast message to VTEP corresponding to destination node, VTEP corresponding to destination node receives the first unicast message, analyze as unicast communication message, extract object IP address, inquire about the database D B in VTEP corresponding to destination node, determine the node that this object IP belongs to the machine, be forwarded to destination node.Destination node can obtain the data that source node is sent.

Destination node is receiving after the unicast message of source node transmission, and destination node also can send unicast message to source node and communicate.Specific as follows:

Step S204, the VTEP that source node is corresponding receive described destination node and are receiving the second unicast message sending after described the first unicast message.

The second unicast message is specially unicast communication message, carries source IP address, addressing address, source, object IP address and object addressing address.Now, the second unicast message is sent by destination node, the IP address that source IP address in the second unicast message is destination node, the addressing address that addressing address, source is destination node, object IP address is the IP address of source node, the addressing address that object addressing address is source node.

Step S205, the VTEP that source node is corresponding extract the object IP address in described the second unicast message.

Step S206, the VTEP that source node is corresponding judge whether described the second unicast message sends to the described source node of the machine, if so, enters step S207, otherwise, enter step S208, abandon this second unicast message.

Described the second unicast message is transmitted to described source node by step S207, the VTEP that source node is corresponding.

The VTEP that source node is corresponding resolves the second unicast message receiving, and obtains the MAC Address of source node, IP address and object IP address and the target MAC (Media Access Control) address of source node.According to object IP address, Query Database DB, judges whether object IP address belongs to the node of the machine, is if it is transmitted to described source node, so that described source node obtains the data that described destination node is sent.

Like this, the present invention is without adopting VXLAN Gateway, can realize the intercommunication of VXLAN and VLAN and different VXLAN.In above-described embodiment, VTEP does not modify to the message information of transmitting-receiving, and the MAC of VM is exposed on the L2 network equipment.If the MAC Address of VM is exposed on the L2 network equipment, the scene that creates a large amount of VM for server exists needs the MAC safeguarding to transmit the problem that serious offense is complicated on ToR or switch, thereby the method is applicable to the mininet that VM scale is less.

And for large-scale VLAN, preferably, the present invention modifies at the message information of VTEP transmitting-receiving corresponding to source node, replaced the MAC Address of the VM of its jurisdiction to carry out intercommunication from VLAN and different VXLAN by the MAC Address of VTEP, the MAC of each VM is not exposed on the L2 network equipment, reduces the difficulty that the network equipment is disposed.

Particularly, Fig. 7 the invention provides the method flow diagram that utilizes ARP data message to carry out the study of the addressing address of ARP destination node, similarly, the present embodiment has adopted the addressing address that utilizes the broadcast transmission of ARP data message to obtain destination node, may learn the addressing address of destination node in the process of transmitting of ARP data message.

As shown in Figure 7, the address learning process of this ARP destination node comprises:

Step S301, the first port that the VTEP(source node that source node is corresponding is corresponding) reception sources node send ARP request message.

Step S302, the VTEP that source node is corresponding extract the object IP address in described ARP request message, utilize database D B to inquire about the second virtual network that obtains place, described object IP address, i.e. the 2nd VLAN or the 2nd VXLAN.

Particularly, the VTEP that source node is corresponding resolves the ARP request message receiving, and first obtains the MAC Address of source node, IP address and the object IP address of source node, and records the MAC Address of source node and IP address in described database D B.

Step S303, the VTEP that source node is corresponding judge whether the object IP address of ARP request message request belongs to VLAN or VXLAN, if VLAN, enter step S304, if from source node at different VXLAN, enter step S306, if with source node at identical VXLAN, enter step S309, identical with the processing mode of existing VXLAN agreement, after packaging V XLAN, send object IP place VTEP.

Step S304, the VTEP that source node is corresponding are replaced with the addressing address of making a start of the addressing address, source of Ethernet Ethernet head in ARP request message and ARP message the addressing address of the VTEP that source node is corresponding by the addressing address of source node.

That is to say, utilize VTEP MAC Address substitute internal virtual machine VM(source node) MAC Address and external network communicate.From external network, the network switch and other VLANs only can obtain the MAC Address of the VTEP of the VXLAN at this source node place.Can make like this MAC Address of VM not be exposed on the network equipment, be conducive to the maintenance of the network information.

Step S305, the VTEP that source node is corresponding send to the destination node in the place VLAN of object IP address by the ARP request message after replacing via Web broadcast, and the destination node in VLAN receives ARP request message.

Receive ARP request message in destination node, judge that object IP is for self, learn and record make a start IP and the MAC Address of making a start in ARP message, record the IP address of described source node and the MAC Address of source node, destination node also generates arp reply message, the MAC Address that in this arp reply message, the target MAC (Media Access Control) address of ARP message is this destination node, object IP address is the IP address of this destination node, the IP address of making a start is the IP address of source node, the MAC Address of making a start is the MAC Address of source node, destination node sends the VTEP of described arp reply message to source node place VXLAN, enter step S310.

Step S306, the VTEP that source node is corresponding are replaced with the addressing address of making a start of the addressing address, source of Ethernet Ethernet head in ARP request message and ARP message the addressing address of the VTEP that source node is corresponding by the addressing address of source node.

Step S307, the VTEP that source node is corresponding send to VTEP(corresponding to destination node the second port by the ARP request message after replacing via Web broadcast).

Step S308, VTEP corresponding to destination node send to destination node according to ARP request message.

VTEP corresponding to destination node receives ARP request message, analyzes the request message into ARP, is broadcast to destination node.

Destination node receives after ARP request message, judge that object IP is for self, learn and record make a start IP and the MAC Address of making a start in ARP message, record the IP address of described source node and the MAC Address of source node, destination node also generates arp reply message, the MAC Address that in this arp reply message, the target MAC (Media Access Control) address of ARP message is this destination node, object IP address is the IP address of this destination node, the IP address of making a start is the IP address of source node, the MAC Address of making a start is the MAC Address of source node, destination node sends described arp reply message to VTEP corresponding to destination node.

VTEP corresponding to destination node is before sending to by arp reply message the VTEP that source node is corresponding, also target MAC (Media Access Control) address in source MAC in Ethernet head in arp reply message and ARP message can be replaced with to the MAC Address of described opposite end VTEP, then again the arp reply message after replacing is sent to the VTEP that source node is corresponding, enter step S310.

Step S310, the VTEP that source node is corresponding receive described destination node and are receiving the arp reply message sending after described ARP request message.

Step S311, the VTEP that source node is corresponding extract the IP address of making a start in described arp reply message.

VTEP corresponding to step S312, source node, according to the IP address of making a start in described arp reply message, judges whether arp reply message sends to the source node of the machine, if so, enters step S313, otherwise enters step S315, abandons this arp reply message.

Step S313, the VTEP that source node is corresponding are replaced with the addressing address of making a start of the object addressing address of Ethernet head in arp reply message and ARP message the addressing address of source node by the addressing address of VTEP corresponding to source node.

Described arp reply message repeating is arrived described source node by step S314, the VTEP that source node is corresponding.

The VTEP that source node is corresponding extracts the IP address of making a start from the arp reply message receiving, Query Database DB, judge that the IP address of making a start is the IP address corresponding to source node of the machine, by arp reply message repeating to source node, source node obtains target MAC (Media Access Control) address in arp reply message, completes the learning process of the MAC Address to destination node.

Similarly, after the addressing address of destination node is arrived in study, can start the normal unicast communication message of intercommunication between two virtual machines, as shown in Figure 8, between these two virtual machines, the communication process of intercommunication unicast message specifically comprises:

The first unicast message that step S401, the VTEP reception sources node that source node is corresponding send.

The first unicast message is unicast communication message, carries source IP address, source MAC, object IP address and target MAC (Media Access Control) address.Wherein, the IP address that source IP address is source node, the addressing address that addressing address, source is source node, the IP address that object IP address is destination node, object addressing address is the object addressing address that step S314 gets.

Step S402, the VTEP that source node is corresponding extract the object I P address in described the first unicast message, and utilize database D B to inquire about the second virtual network that obtains place, described object IP address, i.e. the 2nd VLAN or the 2nd VXLAN.

The VTEP that source node is corresponding resolves the first unicast message receiving, and obtains the MAC Address of source node, IP address and object IP address and the target MAC (Media Access Control) address of source node.

Step S403, the VTEP that source node is corresponding judge whether the object IP address of the first unicast message request belongs to VLAN or VXLAN, if VLAN, enter step S404, if from source node at different VXLAN, enter step S406, if with source node at identical VXLAN, enter step S409, identical with the processing mode of existing VXLAN agreement, will after the first unicast message packaging V XLAN, send to object IP place VTEP.

Step S404, the VTEP that source node is corresponding are replaced with the addressing address, source of Ethernet head in the first unicast message the addressing address of the VTEP that source node is corresponding by the addressing address of source node.

VTEP corresponding to step S405, source node by the first unicast message after replacing via forwarded to the destination node in the place VLAN of object IP address, the destination node in VLAN receives the first unicast message, obtains the data that source node sends.

Step S406, the VTEP that source node is corresponding are replaced with the addressing address, source of Ethernet head in the first unicast message the addressing address of the VTEP that source node is corresponding by the addressing address of source node.

Step S407, the VTEP that source node is corresponding arrive VTEP corresponding to destination node by the first unicast message after replacing via forwarded.

VTEP corresponding to step S408, destination node is according to the object IP address in the first unicast message, and inquiry obtains the addressing address of described destination node, and the first unicast message is sent to destination node.

VTEP corresponding to destination node receives the first unicast message, extract object IP, inquire about the DB in VTEP corresponding to destination node, obtain the MAC Address of destination node, the target MAC (Media Access Control) address of Ethernet head in the first unicast message is replaced with to the MAC Address of destination node by the MAC Address of VTEP corresponding to destination node, and the first unicast message after again replacing is sent to destination node.Destination node obtains the data of sending from source node.

After the data of sending at destination node acquisition source node, destination node also can send unicast message to source node and communicate, and enters step S410.

If destination node is in the VXLAN different from source node, the second unicast message that destination node is returned first sends to VTEP corresponding to destination node, and the second unicast message is returned to the VTEP that described source node is corresponding by the VTEP corresponding by this destination node.Similarly, VTEP corresponding to destination node is before returning to by the second unicast message the VTEP that described source node is corresponding, also the source MAC of Ethernet head in the second message of described destination node can be replaced with to the MAC Address of VTEP corresponding to described destination node, then again the second unicast message is sent to the VTEP that source node is corresponding, enter step S410.

Step S410, the VTEP that source node is corresponding receive described destination node and are receiving the second unicast message sending after described the first unicast message.

Step S411, the VTEP that source node is corresponding extract the object IP address in described the second unicast message.

Step S412, the VTEP that source node is corresponding judge whether the second unicast message sends to the source node of the machine, if so, enter step S413, otherwise enter step S415, abandon this second unicast message.

Step S413, the VTEP that source node is corresponding replace with the target MAC (Media Access Control) address of Ethernet head in the second unicast message the MAC Address of source node.

Described the second unicast message is forwarded to described source node by step S414, the VTEP that source node is corresponding.

The VTEP that source node is corresponding resolves the second unicast message receiving, and obtains the MAC Address of source node, IP address and object IP address and the target MAC (Media Access Control) address of source node.According to object IP address, Query Database DB, judge whether object IP address belongs to the node of the machine, if, the target MAC (Media Access Control) address of Ethernet head in the second message is replaced with to the MAC Address of source node, be transmitted to described source node, so that described source node obtains the data that described destination node is sent.

The present invention is by carrying out increased functionality to the VTEP being deployed in VXLAN on each server, reach realizing the object of intercommunication between VXLAN and VLAN and different VXLAN.Fig. 9 is the high-level schematic functional block diagram of VXLAN endpoint of a tunnel VTEP provided by the invention, as shown in Figure 9, this VTEP30 comprises: bag is analyzed (PacketAnalysis, PA) module 301, database (DataBase, DB) module 302 and bag are processed (PacketProcess, PP) module 303.

Packet analysis module PA301 is used for receiving packet, comprises the packet of receiving from physical network card and VM both direction.PA301 analyzes the heading information of receiving, according to different agreement type, extracts source/destination IP information from heading or message load.PA301 inquires about to DB302 as key assignments using this source/destination IP, judges whether mailing to local VM or whether mailing to VM or the different VXLAN in VLAN of current message.PA301 issues PP303 by message and judged result and processes.When PP303 processes after message completes, PA301 or PP303 can forward the packet to corresponding port, forward as example and describe in the present invention take PA301.

Database module DB302 is for store configuration information and address learning information, specifically comprise the VNI of IP, affiliated VXLAN that pre-configured local VM is corresponding and the IP address range of multicast address, port information and the VM that all VXLAN is corresponding, also have the IP and the MAC Address of MAC, the VM that communicates by letter and the IP address of place VTEP thereof of the local VM of dynamic learning.The present invention is not construed as limiting the file layout of configuration information and address learning information, also can adopt the modes such as Hash table.

Packet handing module PP303, for message is processed, according to the message transmitting from PA312 and judged result, obtains and revises required information from DB311, and heading or load are carried out to the modification of corresponding field.

In the time that the VM-32031 in VM-12011 and VLAN300 in VXLAN100 carries out intercommunication, due to the existence of not perception of VM VXLAN, therefore it sends message according to proper communication flow process.In the time that VM-3 and VM-1 belong to same IP network section, VM-1 need to, by sending the MAC Address of ARP broadcast request study VM-3, then could send unicast message and carry out intercommunication.

When VM-3 and VM-1 be not during at the same network segment, VM-1 will mail to data message the gateway of L3, forwards by Routing Protocol.This process can be decomposed into ARP study, the ARP study of gateway MAC to VM-3, the VM-1 of VM-1 to gateway MAC and send out unicast message to gateway and gateway forwards unicast message to this Four processes of VM-3.Regard gateway as PM in VLAN, this Four processes is the equal of the intercommunication of VXLAN and VLAN intercommunication (VM-1 and gateway) and one group of VLAN intercommunication (gateway and VM-3), the method using is consistent with the intercommunication of same network segment, does not therefore analyze separately the situation of the different segment intercommunication that adds function Access Gateway here.Similarly, in different VXLAN, VM is in the time of different segment, and for example VM-2 and VM-1 be not at the same network segment, and its processing procedure is similar therewith, does not also analyze separately the situation of different segment intercommunication in this.

Figure 10 is the sequential chart of ARP address learning between VM-1 and VM-3, as shown in figure 10, comprises the following steps:

S51, VM-1 send ARP request message, and concrete ARP request message form is as shown in table 1:

Table 1

S52, ARP message arrive VTEP-1, analyze message by PA-1, extract the object IP in ARP request message, access DB-1 inquiry, and the object IP that judges its request is the node belonging in VLAN.DB-1 records IP and the MAC of VM-1 simultaneously.

S53, PA-1 by ARP message and judge conclusion issue PP-1 process, PP-1 carries out message modification.

Particularly, the source MAC in the Ethernet head of ARP request is replaced with to the MAC of current VTEP; The MAC that makes a start in ARP request message is replaced with to the MAC of current VTEP.Amended ARP request message is as shown in table 2:

Table 2

S54, PA-1 send to amended ARP request message the server that is forwarded to VM-3 place on network L2 equipment.

S55, VM-3 receive ARP request message, judge that object IP is for self, and the MAC that study is VTEP-1 to MAC Address corresponding to VM-1IP, thinks that the MAC of VTEP-1 is exactly the MAC of VM-1.The object MAC of VM-3 using the MAC Address of self as ARP message, generates arp reply message.

The arp reply message that VM-3 sends is as shown in table 3:

Table 3

S56, arp reply message are forwarded to VTEP-1 through the L2 network equipment.

The PA-1 of S57, VTEP-1 receives and analyzes arp reply message, extracts the IP that makes a start, and inquiry DB-1, judges that the IP that makes a start is the IP of the VM-1 of the machine.

S58, PA-1 give PP-1 by the arp reply message of reception and judged result and process.PP-1 obtains the MAC of VM-1 according to the IP that makes a start from DB-1, and revises message.

Particularly, the object MAC in the Ethernet head of arp reply message is replaced with to the MAC of the VM mating with the IP that makes a start; The MAC that makes a start in arp reply message is replaced with to the MAC of the VM mating with the IP that makes a start.Amended arp reply message is as shown in table 4:

Table 4

S59, PA-1 to VM-1, complete the MAC address learning of VM-1 to VM-3 by amended arp reply message repeating.

After VM-1 learns the MAC Address of VM-3, just can start the normal unicast communication message of intercommunication.

Figure 11 is the sequential chart that carries out unicast communication between VM-1 and VM-3, as shown in figure 11, comprises the following steps:

S61, VM-1 send unicast message to VTEP-1 to VM-3, and the form of concrete unicast message is as shown in table 5:

Table 5

The PA-1 of S62, VTEP-1 receives after unicast message, analyzes and obtains object IP, and inquiry DB-1, judges that object VM is in VLAN.

Unicast message and judged result are issued PP-1 by S63, PA-1, and PP-1 modifies.

Particularly, the source MAC in Ethernet head is replaced with to the MAC of current VTEP.Amended unicast message is as shown in table 6:

Table 6

S64, PA-1 send to amended unicast message on network L2 equipment and are forwarded to VM-3.VM-3 receives amended unicast message, receives the data of sending from VM-1.

S65, VM-3 send unicast message to VM-1, and the unicast message form of transmission is as shown in table 7:

Table 7

S66, through network L2 device forwards, VTEP-1 receives message, PA-1 analyzes message, obtains object IP, inquiry DB-1, judge that message is the VM-1 that sends to the machine.

Message and judged result are sent to PP-1 by S67, PA-1, and PP-1 modifies to message.

Particularly, the object MAC in Ethernet head is replaced with to the MAC of the VM that object IP is corresponding.Amended unicast message is as shown in table 8:

Table 8

Amended unicast message is transmitted to VM-1 by S68, PA-1, and VM-1 receives the data that VM-3 sends.Like this,, realized the intercommunication between VXLAN and VLAN.

In the time that the VM-22021 in VM-12011 and VXLAN200 in VXLAN100 carries out intercommunication, similar with VXLAN and VLAN intercommunication, the present invention describes while only belonging to same IP network section with VM-1 and VM-2.Similarly, first VM-1 needs the MAC Address by sending ARP request study VM-2.

Figure 12 is the sequential chart of ARP address learning between VM-1 and VM-2, as shown in figure 12, comprises the following steps:

S71, VM-1 send ARP request message, and concrete ARP request message is as shown in table 9:

Table 9

S72, ARP request message arrive VTEP-1, analyze message by PA-1, extract the object IP in ARP message, access DB-1 inquiry, and the object IP that judges its request is the node in the VXLAN that belongs to different.DB-1 records IP and the MAC of VM-1 simultaneously.

S73, PA-1 by ARP message and judge conclusion issue PP-1 process, PP-1 modifies to message, amended ARP request message is as shown in table 10:

Table 10

S74, PA-1 send to amended ARP request message the VTEP-2 that is forwarded to the server at VM-2 place on network L2 equipment.

S75, VTEP-2 receive amended ARP request message, and it is ARP request message that PA-2 analyzes message, is broadcast to VM-2.

S76, VM-2 receive ARP request message, judge that object IP is for self, and the MAC that study is VTEP-1 to MAC Address corresponding to VM-1IP, thinks that the MAC of VTEP-1 is exactly the MAC of VM-1.

It is as shown in table 11 that VM-2 sends arp reply message:

Table 11

S77, VTEP-2 receive the arp reply message that VM-2 sends, and PA-2 analyzes message, obtain make a start IP and object IP, and inquiry DB-2, judges that this response message is the VM that replies to different VXLAN.DB-2 records IP and the MAC of VM-2 simultaneously.

Arp reply message and judged result are issued PP-2 by S78, PA-2, and PP-2 modifies to arp reply message.

Particularly, the source MAC in the Ethernet head in arp reply is replaced with to the MAC of current VTEP; Object MAC in arp reply message is replaced with to the MAC of current VTEP.Amended arp reply message is as shown in table 12:

Table 12

Amended arp reply message is sent to network L2 equipment by S79, PA-2, is forwarded to VTEP-1.

Arp reply message after PA-1 reception the analysis modify of S710, VTEP-1, extracts the IP that makes a start, and inquiry DB-1, judges that the IP that makes a start is the IP of the VM-1 of the machine.

S711, PA-1 give PP-1 by amended arp reply message and judged result and process.PP-1 obtains the MAC of VM-1 from DB-1 according to the IP that makes a start, again revise message, and amended arp reply message is as shown in table 13 again:

Table 13

S712, PA-1 incite somebody to action again amended arp reply message repeating to VM-1.VM-1 learns the actual MAC for VTEP-2 of MAC of VM-2.Complete the MAC address learning of VM-1 to VM-2.

After VM-1 learns the MAC Address of VM-2, just can start the normal unicast communication message of intercommunication.

Figure 13 is the sequential chart that carries out unicast communication between VM-1 and VM-3, as shown in figure 13, comprises the following steps:

S81, VM-1 send unicast message to VTEP-1 to VM-2, and the form of concrete unicast message is as shown in table 14:

Table 14

The PA-1 of S82, VTEP-1 receives after message, analyzes and obtains object IP, and inquiry DB-1, judges that object VM is in different VXLAN.

Message and judged result are issued PP-1 by S83, PA-1, and PP-1 modifies to message, and amended unicast message is as shown in Table 15:

Table 15

S84, PA-1 send to amended unicast message on network L2 equipment and are forwarded to VTEP-2.

S85, PA-2 receive amended unicast message, extract object IP, and inquiry DB-2, judges that object IP belongs to the VM-2 of the machine.

Message and judged result are issued PP-2 by S86, PA-2, and PP-2, according to object IP inquiry DB-2, obtains the MAC of VM-2, again revises message, and amended unicast message is shown in table 16 again:

Table 16

S87, PA-2 again amended unicast message are transmitted to VM-2, and VM-2 receives the data that VM-1 sends.

The method that is sent unicast message by VM-2 to VM-1 is consistent with the method that VM-1 sends to VM-2, repeats no more in this.Like this, the present invention has realized the intercommunication between different VXLAN.

It should be noted that, on the VTEP of the present invention server that also not necessarily complete independently module form is disposed, it may be combined with the software such as virtual switch vSwitch exploitation, enjoy DB together, the present invention does not limit the form that realizes of VTEP.

Be more than the detailed description that the communication means based on VXLAN provided by the present invention is carried out, below the communicator based on VXLAN provided by the invention be described in detail.

Figure 14 is the communicator schematic diagram based on VXLAN that the present embodiment provides, and as shown in figure 21, communicator of the present invention comprises: receiving element 401, resolution unit 402, memory cell 403, determining unit 404, transmitting element 405 and replacement unit 406.

In the time that communication starts, communicator of the present invention need to be set up the action of communication, utilizes ARP data message to carry out ARP address learning, in this process, is specially:

The ARP request message that receiving element 401 sends for receiving described source node.

Resolution unit 402 is for the object IP address of the described ARP request message that extracts receiving element 401 and receive.

Particularly, the ARP request message that resolution unit 402 receives receiving element 401 is resolved, and first obtains the MAC Address of source node, IP address and the object IP address of source node.

The object IP address of determining unit 403 for extracting according to resolution unit 402, determines the VLAN that described destination node belongs to.

Memory cell 404 is for building database DB, and described database D B stores the IP address of the virtual machine in described system and the corresponding relation of VLAN.

Database D B comprises the VNI of IP, affiliated VXLAN that pre-configured local VM is corresponding and the IP address range of multicast address, port information and the VM that all VXLAN is corresponding, also has MAC Address, the communication MAC Address of VM and the IP address of place VTEP of the local VM of dynamic learning.In the time that resolution unit 402 is resolved to the MAC Address of source node and IP address, memory cell 404 can be recorded in database D B, and to database, DB dynamically updates.

The described database D B that determining unit 403 utilizes memory cell 404 to set up, inquiry obtains VLAN or the VXLAN at place, described object IP address.

When transmitting element 405 belongs to different VLAN for the VLAN that belongs to when the definite destination node of determining unit 403 and a described VXLAN, destination node by described ARP request message broadcast transmission to place, described object IP address the 2nd VLAN, or broadcast transmission ARP request message is to the second port corresponding to described the 2nd VXLAN, to be transmitted to described destination node.

If determining unit 403 judges the object IP address of ARP request message request and belongs to VLAN, trigger transmitting element 405 by described ARP request message via Web broadcast to the destination node in the place VLAN of described object IP address.

If resolution unit 402 judges the object IP address of ARP request message request and belongs to the VXLAN different from described source node place VXLAN, trigger transmitting element 405 described ARP request message is arrived to VTEP corresponding to described destination node via Web broadcast.

If destination node is in different VXLAN, destination node, generating after arp reply message, first sends to VTEP corresponding to destination node, and arp reply message is returned to described source node by the VTEP corresponding by this destination node.

In the time that destination node is sent arp reply message, receiving element 401 receives arp reply message.Resolution unit 402 is extracted the IP address of making a start in described arp reply message, determining unit 403 is according to the IP address of making a start in described arp reply message, judge whether described arp reply message sends to the described source node of the machine, if, trigger transmitting element 405 described arp reply message repeating is arrived to described source node, so that obtaining and record, described source node in described arp reply message, carries object addressing address, i.e. the addressing address of described destination node.

Preferably, communicator of the present invention also comprises replacement unit 406, for ARP request message is modified, concrete, replacement unit 406 is replaced with the MAC Address of making a start of the source MAC of Ethernet Ethernet head in ARP request message and ARP message the MAC Address of the VTEP that source node is corresponding by the MAC Address of described source node; ARP request message after transmitting element 405 is replaced replacement unit 406 is forwarded to described object IP address place VLAN or port corresponding to VXLAN.

Correspondingly, replacement unit 406 is in the time that receiving element 401 receives arp reply message, also can modify to arp reply message, concrete, replacement unit 406 is replaced with the MAC Address of making a start of the target MAC (Media Access Control) address of Ethernet head in described arp reply message and ARP message by the MAC Address of VTEP corresponding to described source node described in, make a start MAC Address corresponding to IP address, the i.e. MAC Address of described source node; Arp reply message repeating after transmitting element 405 is replaced replacement unit 406 is to described source node.

Setting up after communication, communicator of the present invention is for the treatment of the unicast message transmission between source node and destination node.

Particularly, the first unicast message that receiving element 401 sends for reception sources node.

Described the first unicast message comprises: the source IP address of source node, addressing address, source, destination node object IP address, object addressing address, and the data of transmission.Wherein, the IP address that source IP address is source node, the addressing address that addressing address, source is source node, the IP address that object IP address is destination node, object addressing address is the object addressing address that step S107 gets.

Resolution unit 402 is for extracting the object Internet protocol IP address of described the first unicast message.

The first unicast message that resolution unit 402 receives receiving element 401 is resolved, and obtains the MAC Address of source node, IP address and object IP address and the target MAC (Media Access Control) address of source node.

Determining unit 403 utilizes the database D B that memory cell 404 is set up to inquire about the VLAN or the VXLAN that obtain place, described object IP address.

Determining unit 403 is according to object IP address, and the data in Query Database DB, obtain VLAN or the VXLAN at place, object IP address, and result is sent to transmitting element 405.

Transmitting element 405, for described the first unicast message being forwarded to described object IP address place VLAN or port corresponding to VXLAN, to be transmitted to described destination node, makes destination node obtain the data of source node.

In the time that the object IP address that determining unit 403 determines described the first unicast message request belongs to VLAN, trigger transmitting element 405 by described the first unicast message via forwarded to the destination node in the place VLAN of described object IP address.The object IP address that determines described the first unicast message request when determining unit 403 belongs to the VXLAN different from described source node place VXLAN, and triggering transmitting element 405 arrives described the first unicast message the opposite end VTEP of described object IP address place VXLAN via forwarded.

Preferably, the first unicast message that replacement unit 406 can also send the source node receiving is modified, concrete, replacement unit 406 replaces with the source medium access control MAC Address of Ethernet Ethernet head in the first unicast message the MAC Address of the VTEP that source node is corresponding.Amended replacement unit 406 the first unicast message is forwarded to described object IP address place VLAN or port corresponding to VXLAN by transmitting element 405.

Accordingly, replacement unit 406 is in the time that receiving element 401 receives destination node and sends the second unicast message, also can modify to the second unicast message, particularly, replacement unit 406 replaces with the target MAC (Media Access Control) address of Ethernet head in the second unicast message the MAC Address of node corresponding to object IP address in described the second unicast message, the i.e. MAC Address of described source node.Amended replacement unit 406 the second unicast message is transmitted to described source node by transmitting element 405, makes source node obtain the data that destination node is sent.

Figure 15 is that the structure of the communicator based on expanding VLAN of the embodiment of the present invention forms schematic diagram.The communicator based on expanding VLAN of the embodiment of the present invention is deployed in dummy machine system, the multiple physical servers of described dummy machine system, on each physical server, comprise multiple virtual machines, described multiple virtual machine forms multiple VLANs, and described VLAN comprises that at least one can expand VLAN VXLAN;

Should can comprise by the communicator based on expanding VLAN:

Processor 501, memory 502, system bus 503 and communication interface 504.Between processor 501, memory 502 and communication interface 504, connect by system bus 503 and complete mutual communication.

Processor 501 may be monokaryon or multinuclear CPU (Central Processing Unit, CPU), or be specific integrated circuit (Application Specific Integrated Circuit, ASIC), or for being configured to implement one or more integrated circuits of the embodiment of the present invention.

Memory 502 can be high-speed RAM memory, can be also nonvolatile memory (non-volatile memory), for example at least one magnetic disc store.

Memory 502 is for depositing program 505.Concrete, in program 505, can comprise program code, described program code comprises computer executed instructions.

When communicator when operation based on expanding VLAN, processor 501 working procedures 505, give an order carrying out:

Particularly, the communicator based on expanding VLAN is also carried out above-mentioned Fig. 5-8 according to described instruction, and the communication means shown in 10-13, does not specifically repeat them here.

Communication means and device based on VXLAN provided by the invention, without using VXLAN Gateway, the function of VTEP on each server of disposing by strengthening VXLAN, utilize the maintenance information that increases database D B, the message data of transmission is analyzed to judgement and simple message modification, can realize the intercommunication between VXLAN and VLAN and between different VXLAN, there is distributed implementation mode, simple, be not subject to network topology, the restrictions such as scale, use flexibly, and without increasing the extra network equipment, remove the problem that increases additional networks equipment or revise conventional network equipment in network from, save the cost of network design and maintenance.

Professional should further recognize, unit and the algorithm steps of each example of describing in conjunction with embodiment disclosed herein, can realize with electronic hardware, computer software or the combination of the two, for the interchangeability of hardware and software is clearly described, composition and the step of each example described according to function in the above description in general manner.These functions are carried out with hardware or software mode actually, depend on application-specific and the design constraint of technical scheme.Professional and technical personnel can realize described function with distinct methods to each specifically should being used for, but this realization should not thought and exceeds scope of the present invention.

The software module that the method for describing in conjunction with embodiment disclosed herein or the step of algorithm can use hardware, processor to carry out, or the combination of the two is implemented.Software module can be placed in the storage medium of any other form known in random asccess memory (RAM), internal memory, read-only memory (ROM), electrically programmable ROM, electrically erasable ROM, register, hard disk, moveable magnetic disc, CD-ROM or technical field.

Above-described embodiment; object of the present invention, technical scheme and beneficial effect are further described; institute is understood that; the foregoing is only the specific embodiment of the present invention; the protection range being not intended to limit the present invention; within the spirit and principles in the present invention all, any modification of making, be equal to replacement, improvement etc., within all should being included in protection scope of the present invention.

Claims

1. the communication means based on expanding VLAN, it is characterized in that, described method is applied to dummy machine system, described system comprises multiple physical servers, on each physical server, comprise multiple virtual machines, described multiple virtual machine forms multiple VLANs, and described VLAN comprises that at least one can expand VLAN VXLAN, comprising:

2. communication means according to claim 1, is characterized in that, described method also comprises:

3. communication means according to claim 1, is characterized in that, described the first port also comprised broadcast described the first message in described system before:

4. according to the communication means described in claim 1 or 3, it is characterized in that, when the VLAN belonging to when described destination node is the 2nd VXLAN, described the first port is broadcasted described the first message in described system, make described destination node receive described the first message and obtain make a start IP address and the addressing address of making a start in described the first message, comprising:

5. communication means according to claim 4, is characterized in that, described the first port also comprises before receiving the response message of described the first message of described destination node transmission:

6. communication means according to claim 5, is characterized in that, described the second port also comprises before the response message of described the first message is sent to described the first port:

7. communication means according to claim 1, it is characterized in that, when the VLAN belonging to when described destination node is the 2nd VLAN, described the first port is broadcasted described the first message in described system, the IP address and the addressing address that make described destination node receive described the first message and obtain described source node, comprising:

8. communication means according to claim 1, is characterized in that, also comprises:

9. communication means according to claim 8, is characterized in that, described the first port, before sending described the second message, also comprises:

10. communication means according to claim 8 or claim 9, is characterized in that, described the first message is ARP message, and described the second message is unicast message.

11. 1 kinds of communicators based on expanding VLAN, it is characterized in that, described application of installation is in dummy machine system, described system comprises multiple physical servers, on each physical server, comprise multiple virtual machines, described multiple virtual machine forms multiple VLANs, and described VLAN comprises that at least one can expand VLAN VXLAN, comprising:

12. communicators according to claim 11, is characterized in that, described device also comprises:

13. communicators according to claim 11, is characterized in that, described device also comprises:

14. communicators according to claim 11, it is characterized in that, the second message that described receiving element also sends according to the described object addressing address obtaining for receiving described source node, wherein, described the second message carries source IP address, addressing address, source, object IP address and object addressing address, the IP address that the source IP address that described the second message carries is described source node, the addressing address that addressing address, source is described source node, object IP address is the IP address of destination node, and object addressing address is the object addressing address getting;

15. communicators according to claim 14, is characterized in that, described device also comprises:

16. according to the communicator described in claims 14 or 15, it is characterized in that, described the first message is ARP message, and described the second message is unicast message.