CN103905309A - Method and system of data exchange between virtual machines - Google Patents
Method and system of data exchange between virtual machines Download PDFInfo
- Publication number
- CN103905309A CN103905309A CN201210583665.0A CN201210583665A CN103905309A CN 103905309 A CN103905309 A CN 103905309A CN 201210583665 A CN201210583665 A CN 201210583665A CN 103905309 A CN103905309 A CN 103905309A
- Authority
- CN
- China
- Prior art keywords
- address
- network card
- physical network
- virtual machine
- qos control
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Images
Landscapes
- Data Exchanges In Wide-Area Networks (AREA)
Abstract
The embodiment of the invention discloses a method and a system of data exchange between virtual machines. The method comprises the steps that after a physical network card receives a data packet sent by a virtual machine, whether a sender address and/or a receiver address is in a management scope of the physical network card is judged; if the sender address and/or the receiver address is not in the management scope of the physical network card, data packet forwarding is refused; otherwise, whether the receiver address is the address of a virtual machine in a physical server is identified; if the receiver address is the address of the virtual machine in the physical server, the data packet is directly forwarded to a virtual machine corresponding to the receiver address; and if the receiver address is not the address of the virtual machine in the physical server, the data packet is forwarded to an Ethernet switch which is directly connected with the physical network card. According to the embodiment of the invention, the technical problems that the cost of network bandwidth is large, and the switch software needs upgrading and STP modifying in the prior art can be solved, thus high-speed flow exchange between the virtual machines in the same physical server is provided.
Description
Technical field
The present invention relates to the communication technology, method for interchanging data and system between especially a kind of virtual machine.
Background technology
Virtualized server is to use virtualization software (as VMWare ESX, CitrixXEN) on a physical server, to fictionalize one or more virtual machine (VirtualMachine, VM), the virtualization software being arranged on server is called as virtual machine manager (Virtual Machine Monitor, VMM).Virtual machine operates in an isolation environment, is the logical server with complete hardware function, and each virtual machine has operating system and the application program of oneself.Operation when multiple virtual machines on one station server can be independent of each other, and multiplexing physical machine resource.Virtualization software, for virtual machine provides a set of virtual hardware environment, comprises virtual central processing unit (CPU), internal memory, memory device, I/O (I/O) equipment (as network interface card) and virtual switch etc.
In virtual running environment, VMM is Microsoft Loopback Adapter of each virtual machine creating, for the virtual switch moving in VMM (VSwitch), the Microsoft Loopback Adapter of each virtual machine corresponds on a logic port of VSwitch, the port that the physical network card of physical server is connected with external physical switch corresponding to VSwitch.Multiple virtual machines can be shared a physical network card and PERCOM peripheral communication.Flow between the different virtual machine of same main frame also forwards by external switch, even if flow between the virtual machine of same station server also mails to external physical switch and carries out forward process.Owing to all guiding all flows into external switch, therefore the traffic policing relevant to virtual machine, control strategy and management scalability problem are able to good solution.
But realizing in process of the present invention, inventor finds that above-mentioned prior art at least exists following problem:
Because flow is incorporated into external network from virtual machine, bring more network bandwidth expenses, switch software to need upgrading, revised the problems such as spanning tree (Spanning Tree Protocol, STP) agreement.
Summary of the invention
Embodiment of the present invention technical problem to be solved is: method for interchanging data and system between a kind of virtual machine are provided, solve that the network bandwidth expense existing in prior art is large, switch software needs upgrading, revise the technical problem of STP, thereby high speed flow exchange between the virtual machine in Same Physical server is provided.
Method for interchanging data between a kind of virtual machine that the embodiment of the present invention provides, comprising:
Physical network card on physical server receives the data message that the virtual machine on described physical server sends, described data message comprises sender address and recipient address, and described sender address and recipient address comprise Internet protocol IP address or source virtual LAN VLAN label;
Physical network card is inquired about the access control list ACL setting in advance, and judges that described sender address and/or recipient address are whether in the range of management of this physical network card, and described ACL comprises source/destination IP address access rule, or source/destination vlan access rule;
In response to described sender address or recipient address, not in the range of management of this physical network card, physical network card refusal forwards described data message;
In response to described sender address and recipient address in the range of management of this physical network card, physical network card is according to the address information of the virtual machine of pre-configured described physical server inside, and whether identify described recipient address is the address of the virtual machine of described physical server inside;
If described recipient address is the address of the virtual machine of described physical server inside, described physical network card is directly given virtual machine corresponding to described recipient address by described data message forwarding;
If described recipient address is not the address of the virtual machine of described physical server inside, described data message forwarding is given the direct-connected Ethernet switch of described physical network card by described physical network card.
In a specific embodiment of said method, described physical network card directly comprises described data message forwarding to physical machine corresponding to described recipient address:
Described physical network card is inquired about the service quality QoS control strategy setting in advance, obtain QoS control information corresponding to described sender address and/or recipient address, directly give physical machine corresponding to described recipient address by described data message forwarding according to described QoS control information; Described QoS control strategy comprises QoS control information corresponding to each sender address and/or recipient address, and described QoS control information comprises transmission bandwidth and propagation delay time;
Described physical network card comprises described data message forwarding to the direct-connected Ethernet switch of described physical network card:
Described physical network card is inquired about the service quality QoS control strategy setting in advance, obtain QoS control information corresponding to described sender address and/or recipient address, give the direct-connected Ethernet switch of described physical network card according to described QoS control information by described data message forwarding.
In a specific embodiment of said method, also comprise:
Network management platform is by the remote configuration interface arranging on described physical network card, to described physical network card configuration ACL and QoS control strategy.
In a specific embodiment of said method, also comprise:
Network management platform, by the remote configuration interface arranging on described physical network card, is inquired about the ACL and the QoS control strategy that on described physical network card, configure, or further the ACL configuring on described physical network card and QoS control strategy is modified.
Data exchange system between a kind of virtual machine that the embodiment of the present invention provides, comprising: be positioned at physical network card, virtual machine manager, multiple virtual machine on same physical server, and the direct-connected Ethernet switch of described physical network card;
Described physical network card, the data message sending for receiving described virtual machine, described data message comprises sender address and recipient address, described sender address and recipient address comprise Internet protocol IP address or source virtual LAN VLAN label; The access control list ACL that sets in advance of inquiry, judges that described sender address and/or recipient address are whether in the range of management of this physical network card, and described ACL comprises source/destination IP address access rule, or source/destination vlan access rule; In response to described sender address or recipient address, not in the range of management of this physical network card, refusal forwards described data message;
In response to described sender address and recipient address in the range of management of this physical network card, whether according to the address information of the virtual machine of pre-configured described physical server inside, identifying described recipient address is the address of the virtual machine of described physical server inside;
If described recipient address is the address of the virtual machine of described physical server inside, directly give virtual machine corresponding to described recipient address by described data message forwarding;
If described recipient address is not the address of the virtual machine of described physical server inside, give the direct-connected Ethernet switch of described physical network card by described data message forwarding.
In a specific embodiment of said system, when described physical network card is directly given described data message forwarding virtual machine corresponding to described recipient address, the service quality QoS control strategy that concrete inquiry sets in advance, obtain QoS control information corresponding to described sender address and/or recipient address, directly give virtual machine corresponding to described recipient address by described data message forwarding according to described QoS control information; Described QoS control strategy comprises QoS control information corresponding to each sender address and/or recipient address, and described QoS control information comprises transmission bandwidth and propagation delay time;
When described data message forwarding is given the direct-connected Ethernet switch of described physical network card by described physical network card, the service quality QoS control strategy that concrete inquiry sets in advance, obtain QoS control information corresponding to described sender address and/or recipient address, give the direct-connected Ethernet switch of described physical network card according to described QoS control information by described data message forwarding.
In a specific embodiment of said system, also comprise:
Network management platform, for by the remote configuration interface arranging on described physical network card, configures ACL and QoS control strategy to described physical network card.
In a specific embodiment of said system, described network management platform, also for by the remote configuration interface arranging on described physical network card, inquire about the ACL and the QoS control strategy that on described physical network card, configure, or further the ACL configuring on described physical network card and QoS control strategy are modified.
Method for interchanging data between the virtual machine providing based on the above embodiment of the present invention and system, the ACL that after the data message that virtual machine on physical network card reception physical server on physical server sends, inquiry sets in advance, judge that sender address and/or recipient address are whether in the range of management of this physical network card, in response to sender address or recipient address not in the range of management of this physical network card, physical network card refusal forwarding data packets; In response to sender address and recipient address, in the range of management of this physical network card, physical network card is according to the address information of the virtual machine of pre-configured physical server inside, and whether identification recipient address is the address of the virtual machine of physical server inside; If recipient address is the address of the virtual machine of physical server inside, physical network card directly by data message forwarding to virtual machine corresponding to recipient address; If recipient address is not the address of the virtual machine of physical server inside, physical network card by data message forwarding to the direct-connected Ethernet switch of physical network card.Compared with prior art, flow between the virtual machine of embodiment of the present invention physical server inside is realized forwarding between physical server inside, and do not forward by external switch, compared with prior art, do not need to revise the software and hardware of traditional ethernet switch, do not need to revise STP, do not need switch upgrades software, and the network traffics of data center are reduced, also greatly reduce the rate of discharge of server network interface card, solve the network bandwidth expense existing in prior art large, switch software needs upgrading, revise the technical problem of STP, thereby provide high speed flow exchange between the virtual machine in Same Physical server.
Below by drawings and Examples, technical scheme of the present invention is described in further detail.
Accompanying drawing explanation
The accompanying drawing that forms a part for specification has been described embodiments of the invention, and is used from explanation principle of the present invention together with describing one.
With reference to accompanying drawing, according to detailed description below, can more be expressly understood the present invention, wherein:
Fig. 1 is prior art realizes exchanges data between virtual machine system configuration schematic diagram based on VEPA technology.
Fig. 2 is the flow chart of the embodiment of method for interchanging data between virtual machine of the present invention.
Fig. 3 is the structural representation of the embodiment of data exchange system between virtual machine of the present invention.
Embodiment
Describe various exemplary embodiment of the present invention in detail now with reference to accompanying drawing.It should be noted that: unless illustrate in addition, the parts of setting forth in these embodiments and positioned opposite, numeral expression formula and the numerical value of step do not limit the scope of the invention.
, it should be understood that for convenience of description, the size of the various piece shown in accompanying drawing is not to draw according to actual proportionate relationship meanwhile.
Illustrative to the description only actually of at least one exemplary embodiment below, never as any restriction to the present invention and application or use.
May not discuss in detail for the known technology of person of ordinary skill in the relevant, method and apparatus, but in suitable situation, described technology, method and apparatus should be regarded as a part for specification.
In all examples with discussing shown here, it is exemplary that any occurrence should be construed as merely, rather than as restriction.Therefore, other example of exemplary embodiment can have different values.
It should be noted that: in similar label and letter accompanying drawing below, represent similar terms, therefore, once be defined in an a certain Xiang Yi accompanying drawing, in accompanying drawing subsequently, do not need it to be further discussed.
Fig. 1 is prior art realizes exchanges data between virtual machine system configuration schematic diagram based on VEPA technology.As shown in Figure 1, while carrying out exchanges data between the multiple virtual machines on same physical server, a kind of very important technology is to realize based on virtual ethernet trunking device (Virtual Ethernet Port Aggregator, VEPA) technology at present.Its core concept is, the network traffics that virtual machine is produced all transfer to the physical switches (that is: Ethernet switch) being connected with this physical server to process, even flow between virtual machine, also mails to external physical switch and carries out forward process on same physical server.IEEE802.1 working group realizes IEEE802.1Qbg EVB standard in VEPA technical foundation.
All load transfers that VEPA can generate virtual machine on physical server are to the outside network switch (that is: Ethernet switch).Next external network switch can provide connection for the virtual machine on same physical server and the other parts of infrastructure.The method that realizes this function is that novel one forward mode is incorporated in physical switches, the port " former road is returned " while making flow always, thus simplify the communication between virtual machine on Same Physical server." former road is returned " pattern (or title " reflection relaying ") can oppositely be sent to the single copy of packet same destination or the target virtual machine on physical server when needed.For broadcast or flux of multicast, VEPA can provide packet replication capacity to the virtual machine on physical server with local mode.Traditionally, majority of network switch is not supported this " former road is returned " Mode behavior, because it may cause loop and broadcast storm in non-virtual world.But many network vendors all start to support this behavior, object is exactly the problem that solves virtual machine exchange, and uses simple software or firmware upgrade to realize.
But because flow is incorporated into external network from virtual machine, VEPA technology has also been brought the problem of more network bandwidth expenses.For example, the message from a virtual machine to another virtual machine, the network bandwidth taking is the twice of traditional approach, and wherein a half-band width is for transmitting from the outside network switch of source virtual machine, and second half bandwidth is for transmitting from external switch to object virtual machine.
Although the method based on VEPA can be brought many benefits, realizing in process of the present invention, inventor finds, under some environment, between virtual machine, the exchange of flow had better be stayed server inside.For example, under some environment, physical server will be born the huge load of virtual machine, and communication between these virtual machines is very frequent, therefore the inner exchanging flow in order to be down to minimum level and to reduce data center postponing, the best way is that the flow between virtual machine is stayed to physical server inside.Therefore, existing VEPA technology is at least being deposited following problem:
First, although existing VEPA technology can realize flow exchange between virtual machine in Same Physical server, but, a cardinal principle having violated STP based on VEPA technical data forwarding behavior, that is: Frame can not mail to the port of receiving this frame, and current virtual access environment is one large two layers substantially, therefore, at Access Layer, can not realize this function by route, this has just caused the contradiction between mechanism and the STP of VEPA.But VEPA does not have virtual route to connect (virtual path connection, vPC), still will run STP at Access Layer, therefore just need to rewrite STP, forces to carry out in other words the behavior of reflectance data frame on second line of a couplet port, needs switch upgrades software;
The second, existing VEPA technology also must send on network the communication flows between virtual machine in Same Physical server, and one-in-and-one-out doubling of traffic like this, except increasing data center network pressure, also takies the network traffics of physical server;
The 3rd, need to the frequent communication between virtual machine in Same Physical server for some application, will increase delay.
Fig. 2 is the flow chart of the embodiment of method for interchanging data between virtual machine of the present invention.As shown in Figure 2, the method for interchanging data between this embodiment virtual machine comprises:
210, physical network card on physical server receives the data message that the virtual machine on physical server sends, this data message comprises sender address and recipient address, sender address and recipient address comprise Internet protocol (IP) address or source VLAN (Virtual LocalArea Network, VLAN) label.VLAN label is wherein for VLAN of unique identification.
220, physical network card is inquired about the Access Control List (ACL) (Access ControlList, ACL) setting in advance, and judges that sender address in data message and/or recipient address are whether in the range of management of this physical network card.ACL wherein comprises source/destination IP address access rule, or source/destination vlan access rule.
Not in the range of management of this physical network card, carry out 230 operation in response to sender address or recipient address.Otherwise, in the range of management of this physical network card, carry out 240 operation in response to sender address and recipient address.
230, physical network card refusal forwards this data message.
240, physical network card is according to the address information of the virtual machine of pre-configured physical server inside, and whether the recipient address in identification data message is the address of the virtual machine of physical server inside.
If recipient address is the address of the virtual machine of physical server inside, carry out 250 operation.Otherwise, if recipient address is not the address of the virtual machine of physical server inside, carry out 260 operation.
250, physical network card directly by this data message forwarding to virtual machine corresponding to recipient address.
260, physical network card is by this data message forwarding to the direct-connected Ethernet switch of physical network card, and follow-up forwarding is carried out in the recipient address by Ethernet switch based in data message.
The ACL that after the data message that virtual machine on physical network card reception physical server on method for interchanging data physical server between the virtual machine that the above embodiment of the present invention provides sends, inquiry sets in advance, judge that sender address and/or recipient address are whether in the range of management of this physical network card, in response to sender address or recipient address not in the range of management of this physical network card, physical network card refusal forwarding data packets; In response to sender address and recipient address, in the range of management of this physical network card, physical network card is according to the address information of the virtual machine of pre-configured physical server inside, and whether identification recipient address is the address of the virtual machine of physical server inside; If recipient address is the address of the virtual machine of physical server inside, physical network card directly by data message forwarding to virtual machine corresponding to recipient address; If recipient address is not the address of the virtual machine of physical server inside, physical network card by data message forwarding to the direct-connected Ethernet switch of physical network card.Compared with prior art, flow between the virtual machine of embodiment of the present invention physical server inside is realized forwarding between physical server inside, and do not forward by external switch, compared with prior art, do not need to revise the software and hardware of traditional ethernet switch, do not need to revise STP, do not need switch upgrades software, and the network traffics of data center are reduced, also greatly reduce the rate of discharge of server network interface card, solve the network bandwidth expense existing in prior art large, switch software needs upgrading, revise the technical problem of STP, thereby provide high speed flow exchange between the virtual machine in Same Physical server.
Another embodiment of method for interchanging data according to the present invention between virtual machine, in operation 250, physical network card directly specifically can comprise this data message forwarding to virtual machine corresponding to recipient address:
Physical network card is inquired about service quality (QoS) control strategy setting in advance, obtain QoS control information corresponding to sender address and/or recipient address in data message, according to QoS control information directly by data message forwarding to physical machine corresponding to recipient address; QoS control strategy wherein comprises QoS control information corresponding to each sender address and/or recipient address, and this QoS control information comprises transmission bandwidth and propagation delay time.
Another embodiment of method for interchanging data according to the present invention between virtual machine, in operation 260, physical network card specifically can comprise data message forwarding to the direct-connected Ethernet switch of physical network card:
Physical network card is inquired about the service quality QoS control strategy setting in advance, obtain QoS control information corresponding to sender address and/or recipient address in data message, according to QoS control information by data message forwarding to the direct-connected Ethernet switch of physical network card.
Another embodiment of method for interchanging data according to the present invention between virtual machine, can also be by network management platform by the remote configuration interface arranging on physical network card, to physical network card configuration ACL and QoS control strategy.
Further exemplarily, network management platform can also be by the remote configuration interface arranging on physical network card, the ACL and the QoS control strategy that on inquiry physical network card, configure, or further the ACL configuring on physical network card and QoS control strategy are modified.
Fig. 3 is the structural representation of the embodiment of data exchange system between virtual machine of the present invention.The data exchange system of this embodiment can be used in the present invention above-mentioned each method for interchanging data flow process.As shown in Figure 3, it comprises the physical network card, VMM, the multiple VM that are positioned on same physical server, and the direct-connected Ethernet switch of physical network card.
Wherein, physical network card, the data message sending for receiving VM, this data message comprises sender address and recipient address, sender address and recipient address comprise IP address or source vlan label; The ACL that sets in advance of inquiry, judges that sender address in data message and/or recipient address are whether in the range of management of this physical network card, and ACL wherein comprises source/destination IP address access rule, or source/destination vlan access rule.In response to this sender address or recipient address not in the range of management of this physical network card, refusal forwarding data packets.In response to this sender address and recipient address, in the range of management of this physical network card, according to the address information of the VM of pre-configured physical server inside, whether identification recipient address is the address of the VM of physical server inside.If recipient address is the address of the VM of physical server inside, directly by data message forwarding to VM corresponding to recipient address.If recipient address is not the address of the VM of physical server inside, by data message forwarding to the direct-connected Ethernet switch of physical network card.
VM has Microsoft Loopback Adapter (Virtual Network Interface Card, vNIC), has media interviews control (Media Access Control, MAC) address, can add VLAN label, does not need to revise in the embodiment of the present invention.In the embodiment of the present invention, do not need to revise VMM yet.
Ethernet switch is traditional two layers of Ethernets or three-tier switch, does not need to revise in the embodiment of the present invention, does not also need to realize the modification STP under VPEA technology.
Data exchange system between the virtual machine that the above embodiment of the present invention provides, the ACL that after the data message that virtual machine on physical network card reception physical server on physical server sends, inquiry sets in advance, judge that sender address and/or recipient address are whether in the range of management of this physical network card, in response to sender address or recipient address not in the range of management of this physical network card, physical network card refusal forwarding data packets; In response to sender address and recipient address, in the range of management of this physical network card, physical network card is according to the address information of the virtual machine of pre-configured physical server inside, and whether identification recipient address is the address of the virtual machine of physical server inside; If recipient address is the address of the virtual machine of physical server inside, physical network card directly by data message forwarding to virtual machine corresponding to recipient address; If recipient address is not the address of the virtual machine of physical server inside, physical network card by data message forwarding to the direct-connected Ethernet switch of physical network card.Compared with prior art, flow between the virtual machine of embodiment of the present invention physical server inside is realized forwarding between physical server inside, and do not forward by external switch, compared with prior art, do not need to revise the software and hardware of traditional ethernet switch, do not need to revise STP, do not need switch upgrades software, and the network traffics of data center are reduced, also greatly reduce the rate of discharge of server network interface card, solve the network bandwidth expense existing in prior art large, switch software needs upgrading, revise the technical problem of STP, thereby provide high speed flow exchange between the virtual machine in Same Physical server.
Another embodiment of data exchange system according to the present invention between virtual machine, physical network card is directly by data message forwarding during to VM corresponding to recipient address, the QoS control strategy that concrete inquiry sets in advance, obtain QoS control information corresponding to sender address and/or recipient address in data message, according to QoS control information directly by data message forwarding to VM corresponding to recipient address; QoS control strategy comprises QoS control information corresponding to each sender address and/or recipient address, and QoS control information comprises transmission bandwidth and propagation delay time.
Another embodiment of data exchange system according to the present invention between virtual machine, physical network card is by data message forwarding during to the direct-connected Ethernet switch of physical network card, the QoS control strategy that concrete inquiry sets in advance, obtain QoS control information corresponding to sender address and/or recipient address in data message, according to QoS control information by data message forwarding to the direct-connected Ethernet switch of physical network card.
Referring to Fig. 3, in another embodiment of the data exchange system between virtual machine of the present invention, also comprise network management platform again, for by the remote configuration interface arranging on physical network card, configure ACL and QoS control strategy to physical network card.Further exemplarily, this network management platform can also be used for the remote configuration interface by arranging on physical network card, the ACL and the QoS control strategy that on inquiry physical network card, configure, or further the ACL configuring on physical network card and QoS control strategy are modified.
Again referring to Fig. 3, concrete example of the data exchange system according to the present invention between virtual machine and unrestricted, specifically can be by increase a data exchange module on physical network card, realize the function of physical network card in the various embodiments described above of the present invention, high speed flow exchange between virtual machine in Same Physical server, solve the problems such as the network bandwidth expense existing in conventional art is large, switch software needs upgrading, modification STP, thereby high speed flow exchange between the virtual machine in Same Physical server is provided.
That is: in the embodiment of the present invention, data exchange module is realized above-mentioned basic three layers of function of exchange, ACL access control, QoS and is controlled function, and remote configuration interface is provided, and ACL, QoS control strategy can be inquired about or revise to network management platform.Traditional Ethernet switch does not need to revise, and does not affect STP yet.Data exchange module determines whether forward the data message between internal virtual machine according to the ACL of configuration.Between internal virtual machine, data interaction realizes at physical network card place, can not be forwarded to external network.ACL can be that the mode that adds serve port according to source, object IP address configures, and can be also to configure according to the mode of source, object VLAN.Data exchange module provides remote configuration interface, and ACL, QoS control strategy can be inquired about or revise to network management platform.
With the example that is specifically exemplified as shown in Fig. 3, the embodiment of the present invention is further elaborated.Virtual machine VM1 and VM2, in Same Physical server, and are linked into external network by identical physical network card.The ACL of data exchange module on network management platform configures physical network interface card, that is: source/destination IP address access rule, or source/destination vlan access rule.Afterwards, carry out following operation:
The VM1 data exchange module that sends datagram, data receiver is VM2, that is: recipient address is VM2 IP address or VLAN label;
Data exchange module judges that recipient address VM2 is whether in the range of management of this physical network card, that is: according to the ACL of the IP address of ACL configuration or the local storage of VLAN label inquiry, if not in the range of management of this physical network card, do not allow to forward, refuse this data message forwarding request;
If sender address and recipient address are in the range of management of this physical network card, VM1 allows to the exchanges data of VM2, and recipient address is the address of the virtual machine of physical server inside, physical network card directly arrives VM2 by data message forwarding, separately, according to QoS control strategy, control transmission bandwidth and the time delay of VM1 to VM2 data message;
The data of sending from inner VM, if recipient address is not the address of the virtual machine of physical server inside, VLAN label does not belong to internal data message repeating scope, be the inside forwarding scope that object IP address or VLAN label do not belong to physical server, physical network card arrives data message forwarding and its direct-connected external ethernet switch.
In this specification, each embodiment all adopts the mode of going forward one by one to describe, and what each embodiment stressed is and the difference of other embodiment, same or analogous part cross-references between each embodiment.For device embodiment, because it is substantially similar to embodiment of the method, so description is fairly simple, relevant part is referring to the part explanation of embodiment of the method.
May realize in many ways method and system of the present invention.For example, can realize method and system of the present invention by any combination of software, hardware, firmware or software, hardware, firmware.The said sequence that is used for the step of described method is only in order to describe, and the step of method of the present invention is not limited to above specifically described order, unless otherwise specified.In addition, in certain embodiments, can be also the program being recorded in recording medium by the invention process, these programs comprise the machine readable instructions for realizing the method according to this invention.Thereby the present invention also covers the recording medium of storing the program for carrying out the method according to this invention.
One of ordinary skill in the art will appreciate that: all or part of step that realizes said method embodiment can complete by the relevant hardware of program command, aforesaid program can be stored in a computer read/write memory medium, this program, in the time carrying out, is carried out the step that comprises said method embodiment; And aforesaid storage medium comprises: various media that can be program code stored such as ROM, RAM, magnetic disc or CDs.
The embodiment of the present invention has following useful technique effect with respect to prior art:
The embodiment of the present invention does not need to revise the software and hardware of conventional switch, does not need to revise STP, does not need switch upgrades software;
Data traffic on embodiment of the present invention Same Physical server between virtual machine forwards inner realization of server entirely, has reduced the network traffics of data center, also greatly reduces the rate of discharge of server network interface card;
Data exchange module provides remote configuration interface, and ACL, QoS control strategy can be inquired about or configure to network management platform.
The physical network card of the embodiment of the present invention is applicable to various types of physical network cards;
Any cloud main computer boxes that the physical server of the embodiment of the present invention externally provides applicable to cloud computing service provider.
Description of the invention provides for example with for the purpose of describing, and is not exhaustively or limit the invention to disclosed form.Many modifications and variations are obvious for the ordinary skill in the art.Selecting and describing embodiment is for better explanation principle of the present invention and practical application, thereby and makes those of ordinary skill in the art can understand the present invention's design to be suitable for the various embodiment with various modifications of special-purpose.
Claims (8)
1. the method for interchanging data between virtual machine, is characterized in that, comprising:
Physical network card on physical server receives the data message that the virtual machine on described physical server sends, described data message comprises sender address and recipient address, and described sender address and recipient address comprise Internet protocol IP address or source virtual LAN VLAN label;
Physical network card is inquired about the access control list ACL setting in advance, and judges that described sender address and/or recipient address are whether in the range of management of this physical network card, and described ACL comprises source/destination IP address access rule, or source/destination vlan access rule;
In response to described sender address or recipient address, not in the range of management of this physical network card, physical network card refusal forwards described data message;
In response to described sender address and recipient address in the range of management of this physical network card, physical network card is according to the address information of the virtual machine of pre-configured described physical server inside, and whether identify described recipient address is the address of the virtual machine of described physical server inside;
If described recipient address is the address of the virtual machine of described physical server inside, described physical network card is directly given virtual machine corresponding to described recipient address by described data message forwarding;
If described recipient address is not the address of the virtual machine of described physical server inside, described data message forwarding is given the direct-connected Ethernet switch of described physical network card by described physical network card.
2. method according to claim 1, is characterized in that, described physical network card directly comprises described data message forwarding to physical machine corresponding to described recipient address:
Described physical network card is inquired about the service quality QoS control strategy setting in advance, obtain QoS control information corresponding to described sender address and/or recipient address, directly give physical machine corresponding to described recipient address by described data message forwarding according to described QoS control information; Described QoS control strategy comprises QoS control information corresponding to each sender address and/or recipient address, and described QoS control information comprises transmission bandwidth and propagation delay time;
Described physical network card comprises described data message forwarding to the direct-connected Ethernet switch of described physical network card:
Described physical network card is inquired about the service quality QoS control strategy setting in advance, obtain QoS control information corresponding to described sender address and/or recipient address, give the direct-connected Ethernet switch of described physical network card according to described QoS control information by described data message forwarding.
3. method according to claim 2, is characterized in that, also comprises:
Network management platform is by the remote configuration interface arranging on described physical network card, to described physical network card configuration ACL and QoS control strategy.
4. method according to claim 3, is characterized in that, also comprises:
Network management platform, by the remote configuration interface arranging on described physical network card, is inquired about the ACL and the QoS control strategy that on described physical network card, configure, or further the ACL configuring on described physical network card and QoS control strategy is modified.
5. the data exchange system between virtual machine, is characterized in that, comprises the physical network card, virtual machine manager, the multiple virtual machine that are positioned on same physical server, and the direct-connected Ethernet switch of described physical network card;
Described physical network card, the data message sending for receiving described virtual machine, described data message comprises sender address and recipient address, described sender address and recipient address comprise Internet protocol IP address or source virtual LAN VLAN label; The access control list ACL that sets in advance of inquiry, judges that described sender address and/or recipient address are whether in the range of management of this physical network card, and described ACL comprises source/destination IP address access rule, or source/destination vlan access rule; In response to described sender address or recipient address, not in the range of management of this physical network card, refusal forwards described data message;
In response to described sender address and recipient address in the range of management of this physical network card, whether according to the address information of the virtual machine of pre-configured described physical server inside, identifying described recipient address is the address of the virtual machine of described physical server inside;
If described recipient address is the address of the virtual machine of described physical server inside, directly give virtual machine corresponding to described recipient address by described data message forwarding;
If described recipient address is not the address of the virtual machine of described physical server inside, give the direct-connected Ethernet switch of described physical network card by described data message forwarding.
6. system according to claim 5, it is characterized in that, when described physical network card is directly given described data message forwarding virtual machine corresponding to described recipient address, the service quality QoS control strategy that concrete inquiry sets in advance, obtain QoS control information corresponding to described sender address and/or recipient address, directly give virtual machine corresponding to described recipient address by described data message forwarding according to described QoS control information; Described QoS control strategy comprises QoS control information corresponding to each sender address and/or recipient address, and described QoS control information comprises transmission bandwidth and propagation delay time;
When described data message forwarding is given the direct-connected Ethernet switch of described physical network card by described physical network card, the service quality QoS control strategy that concrete inquiry sets in advance, obtain QoS control information corresponding to described sender address and/or recipient address, give the direct-connected Ethernet switch of described physical network card according to described QoS control information by described data message forwarding.
7. system according to claim 6, is characterized in that, also comprises:
Network management platform, for by the remote configuration interface arranging on described physical network card, configures ACL and QoS control strategy to described physical network card.
8. system according to claim 7, it is characterized in that, described network management platform, also for by the remote configuration interface arranging on described physical network card, inquire about the ACL and the QoS control strategy that on described physical network card, configure, or further the ACL configuring on described physical network card and QoS control strategy are modified.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201210583665.0A CN103905309A (en) | 2012-12-28 | 2012-12-28 | Method and system of data exchange between virtual machines |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201210583665.0A CN103905309A (en) | 2012-12-28 | 2012-12-28 | Method and system of data exchange between virtual machines |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN103905309A true CN103905309A (en) | 2014-07-02 |
Family
ID=50996465
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201210583665.0A Pending CN103905309A (en) | 2012-12-28 | 2012-12-28 | Method and system of data exchange between virtual machines |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN103905309A (en) |
Cited By (19)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN104486234A (en) * | 2014-11-21 | 2015-04-01 | 华为技术有限公司 | Method and server for uninstalling service exchanger to physical network card |
| CN104601428A (en) * | 2014-12-23 | 2015-05-06 | 广州亦云信息技术有限公司 | Communication method of virtual machines |
| CN104601467A (en) * | 2014-12-31 | 2015-05-06 | 华为技术有限公司 | Method and device for sending messages |
| WO2016045055A1 (en) * | 2014-09-25 | 2016-03-31 | Intel Corporation | Network communications using pooled memory in rack-scale architecture |
| CN105530112A (en) * | 2014-10-22 | 2016-04-27 | 深圳市中兴微电子技术有限公司 | Data exchange method and system |
| CN105554182A (en) * | 2016-01-27 | 2016-05-04 | 联想(北京)有限公司 | Information processing method and electronic apparatus |
| WO2016115698A1 (en) * | 2015-01-21 | 2016-07-28 | 华为技术有限公司 | Data packet forwarding method, apparatus and device |
| CN106161551A (en) * | 2015-04-16 | 2016-11-23 | 腾讯科技(深圳)有限公司 | A kind of virtual machine that controls connects the method and device of number |
| CN106411779A (en) * | 2016-06-03 | 2017-02-15 | 广东睿江云计算股份有限公司 | Cloud host network transmit-receive method and system based on QoS |
| CN107113240A (en) * | 2015-12-31 | 2017-08-29 | 华为技术有限公司 | Expansible VLAN file transmitting method, computer equipment and computer-readable recording medium |
| CN107493180A (en) * | 2016-06-13 | 2017-12-19 | 阿里巴巴集团控股有限公司 | The upgrade method and device of a kind of virtual switch |
| CN107948071A (en) * | 2016-10-12 | 2018-04-20 | 北京金山云网络技术有限公司 | Message forwarding method and device |
| CN109922001A (en) * | 2017-12-12 | 2019-06-21 | 中国移动通信集团公司 | A kind of flow processing method, unit and computer readable storage medium |
| CN110224917A (en) * | 2018-03-02 | 2019-09-10 | 杭州海康威视数字技术股份有限公司 | Data transmission method, apparatus and system, server |
| CN111399973A (en) * | 2019-01-03 | 2020-07-10 | 阿里巴巴集团控股有限公司 | FPGA remote mounting structure, network control method and device and electronic equipment |
| CN112328369A (en) * | 2020-11-24 | 2021-02-05 | 北京京投信安科技发展有限公司 | Method for processing access rule minimization among multiple virtual machines |
| CN112714073A (en) * | 2019-10-24 | 2021-04-27 | 中兴通讯股份有限公司 | Message distribution method, system and storage medium based on SR-IOV network card |
| CN114979028A (en) * | 2021-02-26 | 2022-08-30 | 中移(苏州)软件技术有限公司 | Data packet processing method and device and storage medium |
| CN115460040A (en) * | 2022-08-30 | 2022-12-09 | 海南视联通信技术有限公司 | Service processing method, device, terminal equipment and storage medium |
Citations (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101465863A (en) * | 2009-01-14 | 2009-06-24 | 北京航空航天大学 | Method for implementing high-efficiency network I/O in kernel virtual machine circumstance |
| CN102469004A (en) * | 2010-10-29 | 2012-05-23 | 中国科学院计算技术研究所 | Virtual machine network system and creation method thereof |
-
2012
- 2012-12-28 CN CN201210583665.0A patent/CN103905309A/en active Pending
Patent Citations (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101465863A (en) * | 2009-01-14 | 2009-06-24 | 北京航空航天大学 | Method for implementing high-efficiency network I/O in kernel virtual machine circumstance |
| CN102469004A (en) * | 2010-10-29 | 2012-05-23 | 中国科学院计算技术研究所 | Virtual machine network system and creation method thereof |
Cited By (37)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| WO2016045055A1 (en) * | 2014-09-25 | 2016-03-31 | Intel Corporation | Network communications using pooled memory in rack-scale architecture |
| CN106688208B (en) * | 2014-09-25 | 2020-06-30 | 英特尔公司 | Network communication using pooled storage in a rack scale architecture |
| US10621138B2 (en) | 2014-09-25 | 2020-04-14 | Intel Corporation | Network communications using pooled memory in rack-scale architecture |
| CN106688208A (en) * | 2014-09-25 | 2017-05-17 | 英特尔公司 | Network communications using pooled memory in rack-scale architecture |
| CN105530112A (en) * | 2014-10-22 | 2016-04-27 | 深圳市中兴微电子技术有限公司 | Data exchange method and system |
| WO2016061945A1 (en) * | 2014-10-22 | 2016-04-28 | 深圳市中兴微电子技术有限公司 | Data exchange method and system |
| CN104486234B (en) * | 2014-11-21 | 2018-10-30 | 华为技术有限公司 | A kind of method and server that service switch is unloaded to physical network card |
| CN104486234A (en) * | 2014-11-21 | 2015-04-01 | 华为技术有限公司 | Method and server for uninstalling service exchanger to physical network card |
| CN104601428A (en) * | 2014-12-23 | 2015-05-06 | 广州亦云信息技术有限公司 | Communication method of virtual machines |
| CN104601428B (en) * | 2014-12-23 | 2018-10-09 | 广州亦云信息技术有限公司 | Communication means between virtual machine |
| CN104601467B (en) * | 2014-12-31 | 2018-03-13 | 华为技术有限公司 | A kind of method and apparatus for sending message |
| CN104601467A (en) * | 2014-12-31 | 2015-05-06 | 华为技术有限公司 | Method and device for sending messages |
| CN106031104A (en) * | 2015-01-21 | 2016-10-12 | 华为技术有限公司 | Data packet forwarding method, apparatus and device |
| CN106031104B (en) * | 2015-01-21 | 2019-07-12 | 华为技术有限公司 | Retransmission method, device and the equipment of data message |
| WO2016115698A1 (en) * | 2015-01-21 | 2016-07-28 | 华为技术有限公司 | Data packet forwarding method, apparatus and device |
| CN106161551B (en) * | 2015-04-16 | 2019-11-15 | 腾讯科技(深圳)有限公司 | A kind of method and device controlling virtual machine connection number |
| CN106161551A (en) * | 2015-04-16 | 2016-11-23 | 腾讯科技(深圳)有限公司 | A kind of virtual machine that controls connects the method and device of number |
| CN107113240A (en) * | 2015-12-31 | 2017-08-29 | 华为技术有限公司 | Expansible VLAN file transmitting method, computer equipment and computer-readable recording medium |
| US11283650B2 (en) | 2015-12-31 | 2022-03-22 | Huawei Technologies Co., Ltd. | Method for sending virtual extensible local area network packet, computer device, and computer readable medium |
| US10771286B2 (en) | 2015-12-31 | 2020-09-08 | Huawei Technologies Co., Ltd. | Method for sending virtual extensible local area network packet, computer device, and computer readable medium |
| CN105554182A (en) * | 2016-01-27 | 2016-05-04 | 联想(北京)有限公司 | Information processing method and electronic apparatus |
| CN106411779A (en) * | 2016-06-03 | 2017-02-15 | 广东睿江云计算股份有限公司 | Cloud host network transmit-receive method and system based on QoS |
| CN107493180A (en) * | 2016-06-13 | 2017-12-19 | 阿里巴巴集团控股有限公司 | The upgrade method and device of a kind of virtual switch |
| CN107493180B (en) * | 2016-06-13 | 2021-04-30 | 阿里巴巴集团控股有限公司 | Upgrading method and device of virtual switch |
| CN107948071A (en) * | 2016-10-12 | 2018-04-20 | 北京金山云网络技术有限公司 | Message forwarding method and device |
| CN107948071B (en) * | 2016-10-12 | 2020-12-11 | 北京金山云网络技术有限公司 | Message forwarding method and device |
| CN109922001A (en) * | 2017-12-12 | 2019-06-21 | 中国移动通信集团公司 | A kind of flow processing method, unit and computer readable storage medium |
| CN110224917A (en) * | 2018-03-02 | 2019-09-10 | 杭州海康威视数字技术股份有限公司 | Data transmission method, apparatus and system, server |
| CN111399973A (en) * | 2019-01-03 | 2020-07-10 | 阿里巴巴集团控股有限公司 | FPGA remote mounting structure, network control method and device and electronic equipment |
| CN111399973B (en) * | 2019-01-03 | 2023-07-28 | 阿里巴巴集团控股有限公司 | FPGA remote mounting structure, network management and control method and device and electronic equipment |
| CN112714073A (en) * | 2019-10-24 | 2021-04-27 | 中兴通讯股份有限公司 | Message distribution method, system and storage medium based on SR-IOV network card |
| CN112714073B (en) * | 2019-10-24 | 2024-04-30 | 中兴通讯股份有限公司 | Message distribution method, system and storage medium based on SR-IOV network card |
| CN112328369A (en) * | 2020-11-24 | 2021-02-05 | 北京京投信安科技发展有限公司 | Method for processing access rule minimization among multiple virtual machines |
| CN112328369B (en) * | 2020-11-24 | 2024-03-08 | 北京京投信安科技发展有限公司 | Method for processing minimization of access rules among multiple virtual machines |
| CN114979028A (en) * | 2021-02-26 | 2022-08-30 | 中移(苏州)软件技术有限公司 | Data packet processing method and device and storage medium |
| CN114979028B (en) * | 2021-02-26 | 2024-02-23 | 中移(苏州)软件技术有限公司 | Data packet processing method, device and storage medium |
| CN115460040A (en) * | 2022-08-30 | 2022-12-09 | 海南视联通信技术有限公司 | Service processing method, device, terminal equipment and storage medium |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN103905309A (en) | Method and system of data exchange between virtual machines | |
| US10778532B2 (en) | Overlay network movement operations | |
| CN107276783B (en) | Method, device and system for realizing unified management and intercommunication of virtual machines | |
| CN103200069B (en) | A kind of method and apparatus of Message processing | |
| CN102334112B (en) | Method and system for virtual machine networking | |
| US9112801B2 (en) | Quantized congestion notification in a virtual networking system | |
| US8417800B2 (en) | Method and system for network configuration and/or provisioning based on open virtualization format (OVF) metadata | |
| CN107113219B (en) | System and method for supporting VLAN tagging in a virtual environment | |
| CN109716717A (en) | From software-defined network controller management virtual port channel switching equipment peer-to-peer | |
| EP2901630B1 (en) | Method operating in a fixed access network and user equipments | |
| CN105681191A (en) | SDN (Software Defined Network) platform based on router virtualization and implementation method | |
| CN104823405A (en) | IP multicast service leave process for MPLS-based virtual private cloud networking | |
| CN104871483A (en) | IP multicast service join process for MPLS-based virtual private cloud networking | |
| US11483398B2 (en) | Session management in a forwarding plane | |
| WO2015149253A1 (en) | Data center system and virtual network management method of data center | |
| US9590855B2 (en) | Configuration of transparent interconnection of lots of links (TRILL) protocol enabled device ports in edge virtual bridging (EVB) networks | |
| CN104348724A (en) | Multi-tenant supporting data forwarding method and device | |
| CN112398687A (en) | Configuration method of cloud computing network, cloud computing network system and storage medium | |
| CN105264837B (en) | A kind of Transmission system of data message, transmission method and equipment | |
| CN108270856B (en) | Virtual management system of logic CPE (customer premises equipment) based on Docker technology and configuration method thereof | |
| US9503278B2 (en) | Reflective relay processing on logical ports for channelized links in edge virtual bridging systems | |
| CN103067473A (en) | Remote assistance transponding method and system | |
| CN115051948A (en) | VPC distributed network element data transmission method and device and electronic equipment |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| RJ01 | Rejection of invention patent application after publication |
Application publication date: 20140702 |
|
| RJ01 | Rejection of invention patent application after publication |