CN104219149B - A kind of message transmitting method and equipment based on virtual connections - Google Patents
A kind of message transmitting method and equipment based on virtual connections Download PDFInfo
- Publication number
- CN104219149B CN104219149B CN201410425612.5A CN201410425612A CN104219149B CN 104219149 B CN104219149 B CN 104219149B CN 201410425612 A CN201410425612 A CN 201410425612A CN 104219149 B CN104219149 B CN 104219149B
- Authority
- CN
- China
- Prior art keywords
- network equipment
- message
- flow table
- network
- encapsulation
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Landscapes
- Data Exchanges In Wide-Area Networks (AREA)
Abstract
The invention discloses a kind of message transmitting method and equipment based on virtual connections, this method include:Controller, which determines, to be needed to establish virtual connections between first network equipment and second network equipment;The controller is that first network equipment generates the first flow table, and first flow table is handed down to the first network equipment, in first flow table record have the corresponding first user side access link of the virtual connections, exit port and second network equipment MAC Address;The controller is that second network equipment generates the second flow table, and second flow table is handed down to second network equipment, and record has the corresponding second user side access link of the virtual connections in second flow table.In the embodiment of the present invention, controller need not learn the target MAC (Media Access Control) address carried in message when generating flow table, be also not needed upon target MAC (Media Access Control) address and generate flow table.
Description
Technical field
The present invention relates to the communications field, especially a kind of message transmitting method and equipment based on virtual connections.
Background technology
SDN (Software Defined Network, software defined network) is a kind of new network of Emulex network innovation framework, core
Thought is want to detach the control plane of the network equipment with forwarding plane, is core network to realize the flexible control to flow
And the innovation of application provides good platform.In SDN network, including the network equipment (such as interchanger) and controller.Wherein,
The controller is used to generate flow table (Flow Table) according to the configuration of user or the agreement of dynamic operation, and flow table is sent
To the network equipment.The network equipment matches and handles message according to flow table for receiving the flow table from controller.
In message repeating process, the network equipment will corresponding purpose MAC (Media Access Control, medium access
Control) the first message of address is sent to controller, and controller utilizes the target MAC (Media Access Control) address carried in message to generate flow table, and
The flow table issuance of the target MAC (Media Access Control) address will be matched to the network equipment.The network equipment is received again by the report of the corresponding target MAC (Media Access Control) address
Wen Shi is E-Packeted by inquiring flow table.
Controller needs the target MAC (Media Access Control) address for learning to carry into message, and based on purpose MAC when generating flow table
Location generates flow table.Currently, SDN network supports multiple business, such as two layer services, IP operation, MPLS (Multi-Protocol
Label Switching, multiprotocol label switching) business etc..For IP operation, target MAC (Media Access Control) address can be carried in message, because
This, controller can be based on target MAC (Media Access Control) address and generate flow table.But for non-IP operation (such as two layer services, MPLS business),
Target MAC (Media Access Control) address may not be carried in message, in the multicast message and two-layer protocol message in non-IP operation, do not carried
Target MAC (Media Access Control) address, therefore, controller cannot then be based on purpose MAC without the target MAC (Media Access Control) address carried in calligraphy learning to message
Address generates flow table, also cannot be by flow table issuance to the network equipment.
Invention content
The embodiment of the present invention provides a kind of message transmitting method based on virtual connections, this method is applied to include controller with
In the software defined network SDN of multiple network equipments, the method includes:
The controller, which determines, to be needed to establish virtual connections between first network equipment and second network equipment;
The controller is that first network equipment generates the first flow table, and first flow table is handed down to first net
Network equipment, record has the corresponding first user side access link of the virtual connections, exit port and the second net in first flow table
The medium access control MAC Address of network equipment;First flow table is used to indicate the first network equipment and is receiving from institute
When stating the message of the first user side access link, virtual connections tunnel encapsulation, the head of message after packaging are carried out for the message
The MAC Address of second network equipment is carried in portion, and the message after encapsulation is sent by the exit port;
The controller is that second network equipment generates the second flow table, and second flow table is handed down to second net
Network equipment, record has the corresponding second user side access link of the virtual connections in second flow table;Second flow table is used
In indicating second network equipment when receiving the message after encapsulating, if the MAC carried in the head of the message after encapsulation
Address is the MAC Address of second network equipment, then decapsulates the message after the encapsulation, obtains the message, and by described
Second user side access link sends the message.
The method further includes:Virtual connections pair between the first network equipment and second network equipment
Multiple user side access link clock synchronizations, the controller determination are answered to be uniquely corresponding to the first user side access link and second
The tunnel label of user side access link;
For the controller when generating first flow table, also record has the tunnel label in first flow table, and
The tunnel label is also carried in the head of message after encapsulation;
For the controller when generating second flow table, also record has the tunnel label in second flow table, and
For second network equipment before sending message, the tunnel label carried in the head by the message after encapsulation inquires second
Table, to obtain corresponding second user side access link.
Before the controller establishes virtual connections between first network equipment and second network equipment, the method is into one
Step includes:
The controller determines the network topology between the multiple network equipment in the SDN, and utilizes the net
Network topology determines each network equipment to the topological shortest path of other network equipments;
For each network equipment, the controller utilizes the network equipment to the topological shortest path of other network equipments
Diameter is that the network equipment generates third flow table, and gives the third flow table issuance to the network equipment, the third flow table
Middle record has the MAC Address of other network equipments, the topology on the network equipment to other network equipments most short
The exit port in path;The third flow table is used to indicate the network equipment and is sent to the second network receiving first network equipment
When message after the encapsulation of equipment, if the MAC Address carried in the head of message after encapsulation is to remember in the third flow table
The MAC Address of other network equipments of record then passes through the message after the forwarding encapsulation of corresponding exit port.
The embodiment of the present invention provides a kind of message transmitting method based on virtual connections, this method is applied to include controller with
In the software defined network SDN of multiple network equipments, the method includes:
When controller, which determines, to be needed to establish virtual connections between first network equipment and second network equipment,
The network equipment receives the flow table that controller is issued to the network equipment;Wherein, when the network equipment is as
When one network equipment, the flow table is the first flow table, and being recorded in first flow table has corresponding first user of the virtual connections
The medium access control MAC Address of side access link, exit port and second network equipment;When the network equipment is as the second net
When network equipment, the flow table is the second flow table, and being recorded in second flow table has the corresponding second user side of the virtual connections to connect
Incoming link;
The network equipment passes through first user when receiving the message from the first user side access link
Side access link inquires first flow table, and using the information recorded in first flow table, is virtually connected for the message
Tunnel encapsulation is connect, the MAC Address of second network equipment is carried in the head of message after packaging, and passes through the outlet
Mouth sends the message after encapsulation;
The network equipment is in the message after receiving encapsulation, the MAC that carries in the head of the message after being encapsulated
Location;If the MAC Address is the MAC Address of present networks equipment, the message after the encapsulation is decapsulated, and pass through described the
The second user side access link recorded in two flow tables sends the message after decapsulation.
When the corresponding multiple user sides of the virtual connections between the first network equipment and second network equipment access chains
Road clock synchronization, the method further include:
When the network equipment is as first network equipment, also record has tunnel label in first flow table, described
Tunnel label is the tunnel label for being uniquely corresponding to the first user side access link and second user side access link;
Described in the network equipment is also carried when carrying out virtual connections tunnel encapsulation for the message, in the head of message after packaging
Tunnel label;Alternatively,
When the network equipment is as second network equipment, also record has tunnel label in second flow table, described
Tunnel label is the tunnel label for being uniquely corresponding to the first user side access link and second user side access link;
The second user side access link that the network equipment records in by second flow table sends the message after decapsulation
When, the tunnel label that the network equipment carries in the head by the message after encapsulation inquires second flow table, to obtain
Corresponding second user side access link, and the message after decapsulation is sent by second user side access link.
Before the needs establish virtual connections between first network equipment and second network equipment, the method is further
Including:
The network equipment receives the third flow table that the controller is issued to the network equipment, and the third flow table is
The controller using the network equipment to other network equipments topological shortest path be the network equipment generation and under
Hair, record has the MAC Address of other network equipments, arrives other nets on the network equipment in the third flow table
The exit port of the topological shortest path of network equipment;
The network equipment in the message after receiving first network equipment and being sent to the encapsulation of second network equipment, if
The MAC Address carried in the head of message after encapsulation is the MAC Address of the other network equipments recorded in the third flow table,
Then pass through the message after the forwarding encapsulation of corresponding exit port.
The method further includes:
The network equipment determines the corresponding source MAC of message after encapsulation in MAC in the message after receiving encapsulation
Corresponding exit port in table;If the exit port and the receiving port phase for receiving the message after encapsulating on the network equipment
Together, then the message after the network equipment allows forwarding to encapsulate;It is described if the exit port is different from the receiving port
The network equipment directly abandons the message after encapsulation.
The embodiment of the present invention provides a kind of controller, is applied to include that the software of the controller and multiple network equipments is determined
In adopted network SDN, the controller specifically includes:
Determining module needs to establish virtual connections between first network equipment and second network equipment for determining;
Generation module for generating the first flow table for the first network equipment, and generates for second network equipment
Second flow table;Wherein, in first flow table record have the corresponding first user side access link of the virtual connections, exit port and
The medium access control MAC Address of second network equipment;Record has the virtual connections corresponding second to use in second flow table
Family side access link;
Sending module, for first flow table to be handed down to the first network equipment, first flow table is for referring to
Show the first network equipment when receiving the message from the first user side access link, is virtually connected for the message
Tunnel encapsulation is connect, the MAC Address of second network equipment is carried in the head of message after packaging, and passes through the outlet
Mouth sends the message after encapsulation;
And second flow table is handed down to second network equipment, second flow table is used to indicate described
Two network equipments are in the message after receiving encapsulation, if the MAC Address that carries is the second net in the head of message after encapsulation
The MAC Address of network equipment then decapsulates the message after the encapsulation, obtains the message, and connect by the second user side
Incoming link sends the message.
The determining module is additionally operable to when the virtual connections pair between the first network equipment and second network equipment
Multiple user side access link clock synchronizations are answered, determines and is uniquely corresponding to the first user side access link and the access of second user side
The tunnel label of link;
For the generation module when generating first flow table, also record has the tunnel label in first flow table,
And also carry the tunnel label in the head of the message after encapsulating;
For the generation module when generating second flow table, also record has the tunnel label in second flow table,
And second the network equipment before sending message, the tunnel label that is carried in the head by the message after encapsulation inquiry second
Table, to obtain corresponding second user side access link.
The generation module is additionally operable to determine the network topology between the multiple network equipment in the SDN, and profit
With the network topology determine each network equipment to other network equipments topological shortest path;For each network equipment,
Topological shortest path using the network equipment to other network equipments is that the network equipment generates third flow table;Described
In three flow tables record have the MAC Address of other network equipments, opening up to other network equipments on the network equipment
Flutter the exit port of shortest path;
The sending module is additionally operable to the third flow table issuance to the network equipment, and the third flow table is used for
The network equipment is indicated in the message after receiving first network equipment and being sent to the encapsulation of second network equipment, if encapsulation
The MAC Address carried in the head of message afterwards is the MAC Address of the other network equipments recorded in the third flow table, then leads to
Cross the message after corresponding exit port forwarding encapsulation.
The embodiment of the present invention provides a kind of network equipment, applied to the software definition for including controller and multiple network equipments
In network SDN, the network equipment specifically includes:
Receiving module needs to establish between first network equipment and second network equipment to virtually connect for working as controller determination
When connecing, the flow table that controller is issued to the network equipment is received;Wherein, when the network equipment is as first network equipment
When, the flow table is the first flow table, in first flow table record have the corresponding first user side access link of the virtual connections,
The medium access control MAC Address of exit port and second network equipment;When the network equipment is as second network equipment, institute
It is the second flow table to state flow table, and being recorded in second flow table has the corresponding second user side access link of the virtual connections;
Processing module, for when receiving the message from the first user side access link, being used by described first
Family side access link inquires first flow table, and using the information recorded in first flow table, is carried out for the message empty
Tunnel encapsulation is connected, the MAC Address of second network equipment is carried in the head of message after packaging, and go out described in
Port sends the message after encapsulation;
In the message after receiving encapsulation, the MAC Address that carries in the head of the message after being encapsulated;If described
MAC Address is the MAC Address of present networks equipment, then decapsulates the message after the encapsulation, and by remembering in second flow table
The second user side access link of record sends the message after decapsulation.
When the corresponding multiple user sides of the virtual connections between the first network equipment and second network equipment access chains
Road clock synchronization,
When the network equipment is as first network equipment, also record has in the first flow table that the receiving module receives
Tunnel label, the tunnel label are to be uniquely corresponding to the first user side access link and second user side access chain
The tunnel label on road;The processing module for the message when carrying out virtual connections tunnel encapsulation, the head of message after packaging
The tunnel label is also carried in portion;Alternatively,
When the network equipment is as second network equipment, also record has in the second flow table that the receiving module receives
Tunnel label, the tunnel label are to be uniquely corresponding to the first user side access link and second user side access chain
The tunnel label on road;The second user side access link that the processing module records in by second flow table sends deblocking
When message after dress, the tunnel label carried in the head by the message after encapsulation inquires second flow table, to obtain
Corresponding second user side access link, and the message after decapsulation is sent by second user side access link.
The receiving module is additionally operable to receive the third flow table that the controller is issued to the network equipment, the third stream
Table is that the controller is generated using the topological shortest path of the network equipment to other network equipments for the network equipment
And issue, in the third flow table record have the MAC Address of other network equipments, on the network equipment to it is described its
The exit port of the topological shortest path of its network equipment;
The processing module, the message being additionally operable to after receiving first network equipment and being sent to the encapsulation of second network equipment
When, if the MAC Address that carries is the MAC of the other network equipments recorded in third flow table in the head of message after encapsulation
Location then passes through the message after the forwarding encapsulation of corresponding exit port.
The processing module is further used for, in the message after receiving encapsulation, determining the corresponding source of message after encapsulation
MAC Address corresponding exit port in the mac table;If receiving the message after encapsulation on the exit port and the network equipment
Receiving port is identical, then the message after allowing forwarding to encapsulate;If the exit port is different from the receiving port, directly lose
Abandon the message after encapsulation.
Based on the above-mentioned technical proposal, in the embodiment of the present invention, by the network equipment in SDN network and the network equipment it
Between establish the virtual connections of point-to-point, and the flow table of corresponding virtual connections is issued on network devices, so that controller is generating
When flow table, the target MAC (Media Access Control) address carried into message need not be learnt, target MAC (Media Access Control) address is also not needed upon and generates flow table, exempt from
The learning tasks of a large amount of hosts are gone.
Description of the drawings
Fig. 1 is the application scenarios schematic diagram that the embodiment of the present invention proposes;
Fig. 2 is a kind of message transmitting method flow chart based on virtual connections that the embodiment of the present invention proposes;
Fig. 3 is a kind of structural schematic diagram for controller that the embodiment of the present invention proposes;
Fig. 4 is a kind of structural schematic diagram for network equipment that the embodiment of the present invention proposes.
Specific implementation mode
For problems of the prior art, the embodiment of the present invention provides a kind of message transmissions side based on virtual connections
Method, this method be applied to include controller and multiple network equipments SDN network in, using Fig. 1 as the application of the embodiment of the present invention
Schematic diagram of a scenario is illustrated so that SDN network includes 4 network equipments as an example.Wherein, the LAN1 that the network equipment 1 connects
There is terminal device 1 under (Local Area Network, LAN), has terminal device 2, net under the LAN2 that the network equipment 1 connects
There is terminal device 3 under the LAN1 that network equipment 3 connects, has terminal device 4 under the LAN2 that the network equipment 3 connects.
In order to support the tunnel of virtual connections in SDN network, in the embodiment of the present invention, controller needs for SDN nets
Each network equipment in network generates the network equipment to the flow table of other network equipments, in order to subsequently distinguish conveniently, by network
The flow table of equipment to other network equipments is known as third flow table, and can issue third flow table on each network equipment, the third
Flow table utilizes the third stream for making the network equipment in the intermediary network device of the network equipment as virtual connections tunnel both ends
Table carries out message forwarding.
In order to generate third flow table, controller determines the network topology between multiple network equipments in SDN, and utilizes net
Network topology determines each network equipment to the topological shortest path of other network equipments.For example, controller is being determined shown in Fig. 1
Network topology after (method of determination of network topology is identical as existing way, and details are not described herein), for the network equipment 1, net
The topological shortest path of network equipment 1 to the network equipment 4 is the network equipment 1- network equipments 4, the network equipment 1 to the network equipment 3
Topological shortest path is the network equipment 1- network equipment 4- network equipments 3, and the network equipment 1 arrives the topological shortest path of the network equipment 2
Diameter is the network equipment 1- network equipments 2.The topological shortest path of other network equipments is no longer repeated in detail.
Further, after determining topological shortest path of each network equipment to other network equipments, for every
A network equipment, controller are network equipment generation the using the topological shortest path of the network equipment to other network equipments
Three flow tables, and give the third flow table issuance to the network equipment.
Wherein, the MAC Address for there are other network equipments is recorded in third flow table, the MAC Address of other network equipments can
Think this unique mark of the bridge MAC Address of other network equipments.
Wherein, the outlet for having the topological shortest path in present networks equipment to other network equipments is recorded in third flow table
Mouthful, i.e., the exit port specified in third flow table is present networks equipment to the forwarding port of the other network equipments of purpose.Further,
Since each network equipment is the exit port independently calculated, and since topology is unified maintenance, each network equipment
Exit port be all shortest path port.
In order to enable the controller to generate third flow table for each network equipment in SDN network, controller needs to obtain
The MAC Address of each network equipment in SDN network.In order to realize the process, in the embodiment of the present invention, each network equipment needs
The MAC Address of present networks equipment is sent to controller.Further, each network equipment (can be retouched by Description
State) MAC Address of present networks equipment is sent to controller by message, it is generated using the MAC Address of each network equipment by controller
Third flow table.
Further, controller is when generating third flow table, and the exit port recorded in third flow table is controller according to SDN
What the network topology of network was calculated, details are not described herein for the calculating process.
Under application scenarios shown in Fig. 1, for the network equipment 1, controller is that the generation network equipment 1 of the network equipment 1 arrives
The third flow table 1 of the network equipment 2, and generate the network equipment 1 and arrive the third flow table 2 of the network equipment 3, and generate the network equipment 1 and arrive
The third flow table 3 of the network equipment 4.Later, third flow table 1, third flow table 2 and third flow table 3 are handed down to net by controller respectively
Network equipment 1.Wherein, the topology of MAC Address, the network equipment 1 to the network equipment 2 that the network equipment 2 is had recorded in third flow table 1 is most
The exit port (port that the network equipment 2 is connected i.e. on the network equipment 1) of short path;The network equipment 3 is had recorded in third flow table 2
The exit port that MAC Address, the network equipment 1 arrive the topological shortest path of the network equipment 3 (connects the network equipment 4 i.e. on the network equipment 1
Port);The MAC Address of the network equipment 4, the topological shortest path of the network equipment 1 to the network equipment 4 are had recorded in third flow table 3
The exit port (port that the network equipment 4 is connected i.e. on the network equipment 1) of diameter.The network equipment 2, the network equipment 3 and network are set
Standby 4 the case where, controller is the process of network equipment generation third flow table and controller is that the network equipment 1 generates third flow table
Process is similar, no longer repeats in detail herein.
Based on above-mentioned processing, as shown in Fig. 2, the message transmitting method based on virtual connections includes the following steps:
Step 201, controller, which determines, needs to establish virtual connections between first network equipment and second network equipment.This hair
In bright embodiment, with user side access link to being associated with, each user side access link virtually connects virtual connections to that can only correspond to one
It connects, but a virtual connections can correspond to multiple user side access link pair.
Under application scenarios shown in Fig. 1, for the virtual connections 1 between the network equipment 1 and the network equipment 3, the virtual connections 1
Corresponding user side access link is to may include:AC10 (Access Circuit, access link)-AC30, AC10-AC31,
AC11-AC30, AC11-AC31, above-mentioned user side access link is to only corresponding to unique virtual connections 1.For the network equipment 3 with
Virtual connections 2 between the network equipment 1, the 2 corresponding user side access link of virtual connections is to may include:AC30-AC10,
AC30-AC11, AC31-AC10, AC31-AC11, above-mentioned user side access link is to only corresponding to unique virtual connections 2.
In the embodiment of the present invention, when needing to transmit flow between user side access link pair, then controller, which determines, needs
Virtual connections are established between first network equipment and second network equipment.For the convenience of description, with user side access link pair
To be illustrated for AC10-AC30, then when current needs transmit flow between AC10 and AC30, controller, which determines, to be needed to exist
Virtual connections are established between first network equipment (i.e. the network equipment 1) and second network equipment (i.e. the network equipment 3), i.e. user side connects
Incoming link is respectively the network equipment 1 and the network equipment to the first network equipment at corresponding virtual connections both ends and second network equipment
3, and the user side access link AC10 that the corresponding first user side access link of the virtual connections is the network equipment 1, the virtual connections
Corresponding second user side access link is the user side access link AC30 of the network equipment 3.Wherein, user side access link can
By port and VLAN (Virtual Local Area Network, virtual LAN) unique mark, for example, AC10 can lead to
Port 1 and LAN1 unique marks are crossed, AC11 can pass through port 3 and LAN1 by port 2 and LAN2 unique marks, AC30
Unique mark, AC31 can pass through port 4 and LAN2 unique marks.
Step 202, controller is that first network equipment generates the first flow table, and the first flow table is handed down to first network and is set
It is standby, the second flow table is generated for second network equipment, the second flow table is handed down to second network equipment.
In the embodiment of the present invention, record has the corresponding first user side access link of virtual connections, exit port in the first flow table
The MAC Address of (i.e. the exit port of the topological shortest path of first network equipment to second network equipment) and second network equipment.
Record has the corresponding second user side access link of virtual connections in second flow table.For example, with user side access link to for AC10-
For AC30, then being handed down to record in the first flow table of the network equipment 1 has the MAC of user side access link AC10, the network equipment 3
The exit port that the topological shortest path of the network equipment 3 is arrived in address, the network equipment 1 (connects the network equipment 4 i.e. on the network equipment 1
Port), being handed down to record in the second flow table of the network equipment 3 has user side access link AC30.
In the embodiment of the present invention, when the corresponding user side of virtual connections between first network equipment and second network equipment
Access link clock synchronization, then record has the corresponding first user side access link of virtual connections, exit port and the second net in the first flow table
The MAC Address of network equipment, record has the corresponding second user side access link of virtual connections in the second flow table.Alternatively, when the first net
The corresponding multiple user side access link clock synchronizations of virtual connections between network equipment and second network equipment, controller also need to determine only
One corresponds to the tunnel label of the first user side access link and second user side access link.Further, controller is in life
When at the first flow table, also record has tunnel label in first flow table, i.e., record has virtual connections corresponding the in first flow table
The MAC Address of one user side access link, tunnel label, exit port and second network equipment;Controller is generating the second flow table
When, also record has tunnel label in second flow table, i.e., record has the corresponding second user side of virtual connections to connect in second flow table
Incoming link and tunnel label.
Wherein, the user side access link pair in tunnel label unique mark virtual connections.For in same virtual connections
Different user side access link pair, each user side access link is to needing to correspond to unique tunnel label.It is virtually connected for difference
The user side access link pair connected can use identical tunnel label.
For example, the corresponding user side access link of virtual connections 1 between the network equipment 1 and the network equipment 3 is to including:
AC10-AC30, AC10-AC31, AC11-AC30, AC11-AC31, therefore, for AC10-AC30, AC10-AC31, AC11-
AC30, AC11-AC31 will use different tunnel labels.As AC10-AC30 uses tunnel label 1, AC10-AC31 to use tunnel
Label 2, AC11-AC30 use tunnel label 3, AC11-AC31 to use tunnel label 4.Based on this, with user side access link pair
For AC10-AC30, record has the corresponding first user side access link AC10 of virtual connections, tunnel label 1, network in the first flow table
The MAC of the exit port port of the network equipment 4 (i.e. on the network equipment 1 connect) of corresponding network equipment 3 in equipment 1, the network equipment 3
Address;The corresponding second user side access link AC30 of virtual connections and tunnel label 1 are recorded in second flow table.
Step 203, first network equipment carries out empty when receiving the message from the first user side access link for message
Tunnel encapsulation is connected, and the exit port by being recorded in the first flow table sends the message after encapsulation.
In the embodiment of the present invention, since record has the corresponding first user side access link of virtual connections, goes out in the first flow table
The MAC Address of port and second network equipment.Therefore, first network equipment is receiving first for corresponding to and being recorded in the first flow table
When the message of user side access link, the first user side access link recorded in the first flow table of first network equipment utilization corresponds to
The MAC Address of second network equipment be that message carries out virtual connections tunnel encapsulation, the is carried in the tunnel head of the message after encapsulation
The MAC Address of two network equipments, i.e. target MAC (Media Access Control) address are the MAC Address of second network equipment, and later, first network equipment is logical
It crosses the corresponding exit port of the first user side access link recorded in the first flow table and sends the message after encapsulation.
Step 204, the network equipment (intermediary network device i.e. between first network equipment and second network equipment) is being received
When the message being sent to first network equipment after the encapsulation of second network equipment, if encapsulation after message head in carry
MAC Address (i.e. target MAC (Media Access Control) address) be the MAC Address of other network equipments recorded in third flow table, then by corresponding
Message after exit port forwarding encapsulation.
In the embodiment of the present invention, since record has the MAC Address of other network equipments and present networks to set in third flow table
The standby exit port to other network equipments (to the exit port of the topological shortest path of other network equipments i.e. in present networks equipment).
Therefore, the network equipment passes through encapsulation after the message after receiving first network equipment and being sent to the encapsulation of second network equipment
MAC Address (target MAC (Media Access Control) address that carries in the head of the message after encapsulating) inquiry carried in the head of message afterwards the
Three flow tables.It is set if the target MAC (Media Access Control) address carried in the head of the message after encapsulation is the other networks recorded in third flow table
Standby MAC Address (i.e. the MAC Address of second network equipment), then the network equipment pass through the other network equipment (i.e. second networks
Equipment) MAC Address in third flow table corresponding exit port (the i.e. topological shortest path of present networks equipment to other network equipments
The forwarding port of diameter) forward the message after encapsulation.
Step 205, second network equipment receive encapsulation after message when, if encapsulation after message head in carry
MAC Address (target MAC (Media Access Control) address that carries in the head of the message after encapsulating) be this second network equipment MAC Address,
The then message after second network equipment decapsulation encapsulation with the message after decapsulate, and passes through second user side access chain
Road sends the message after decapsulation.
In the embodiment of the present invention, since record has the corresponding second user side access link of virtual connections in the second flow table, because
This, second network equipment is after the message after receiving encapsulation, if the purpose MAC that carries in the head of message after encapsulation
Location is the MAC Address of this second network equipment, then the message after second network equipment decapsulation encapsulation, after being decapsulated
Message, and the second user side access link by being recorded in the second flow table sends the message after decapsulation.
In the embodiment of the present invention, when the corresponding multiple user sides of the virtual connections between first network equipment and second network equipment
Access link clock synchronization, in the first flow table record have the corresponding first user side access link of virtual connections, tunnel label, exit port and
The MAC Address of second network equipment, record has the corresponding second user side access link of virtual connections and tunnel mark in the second flow table
Label.Based on this, first network equipment is also taken when carrying out virtual connections tunnel encapsulation for message in the tunnel head of the message after encapsulation
Band tunnel label;Second network equipment also passes through the report after encapsulation before sending message by second user side access link
The tunnel label carried in the head of text inquires the second flow table, to obtain corresponding second user side access link.
In step 203, the first user side that first network equipment records in receiving corresponding to the first flow table accesses chain
When the message on road, the MAC Address and tunnel label of second network equipment recorded in the first flow table of first network equipment utilization are
Message carries out virtual connections tunnel encapsulation, that is, the MAC Address and tunnel of second network equipment are carried in the tunnel head of the message after encapsulating
Road label, first network equipment send the message after encapsulation by the exit port recorded in the first flow table.
In step 204, the intermediary network device between first network equipment and second network equipment is after receiving encapsulation
Message after, the target MAC (Media Access Control) address that is carried in the head by the message after encapsulation inquiry third flow table.If after encapsulation
The target MAC (Media Access Control) address carried in the head of message is MAC Address (i.e. the second net of the other network equipments recorded in third flow table
The MAC Address of network equipment), then the network equipment by the MAC Address of other network equipments (i.e. second network equipment) in third
Message in flow table after corresponding exit port (the forwarding port of the network equipment to other network equipments) forwarding encapsulation.
In step 205, second network equipment is after the message after receiving encapsulation, if it is determined that message after encapsulation
The target MAC (Media Access Control) address carried in head is the MAC Address of this second network equipment, then after second network equipment decapsulation encapsulation
Message, with the message after being decapsulated, and the tunnel label by being carried in the head of the message after encapsulation inquires second
Table, to obtain corresponding second user side access link, and the second user side access link hair by being recorded in the second flow table
Send the message after decapsulation.
Under application scenarios shown in Fig. 1, with the terminal device 1 hung under the user side access link AC10 in SDN network,
It accesses and is illustrated for hanging terminal device 3 under user side access link AC30.Under this application scenarios, it is assumed that terminal device 1
Mutually ARP (Address Resolution Protocol, address resolution protocol) information has been arrived in study with terminal device 3, and
IP is directly executed to access.
In step 203, the network equipment 1 receives the message that terminal device 1 is sent out, and according to the inbound port and VLAN of message
Identify that the message is the corresponding messages of user side access link AC10.The network equipment 1 is looked into using user side access link AC10
The first flow table is ask, the MAC Address for obtaining corresponding second network equipments of user side access link AC10 is the MAC of the network equipment 3
Address, the corresponding tunnel labels of user side access link AC10 are tunnel label 1.The network equipment 1 in the first flow table using recording
Second network equipment MAC Address and tunnel label be message carry out virtual connections tunnel encapsulation, that is, encapsulate after message head
The target MAC (Media Access Control) address carried in portion is the MAC Address of the network equipment 3, the tunnel label carried in the head of the message after encapsulation
For tunnel label 1.The network equipment 1 passes through corresponding exit port (the i.e. nets of user side access link AC10 that are recorded in the first flow table
The exit port being connect with the network equipment 4 in network equipment 1) send the message after encapsulation, it is assumed that and the message after encapsulation is sent to net
Network equipment 4.
In step 204, the network equipment 4 passes through the head of the message after encapsulation after the message after receiving encapsulation
The target MAC (Media Access Control) address of middle carrying inquires third flow table, and finds that the target MAC (Media Access Control) address carried in the head of the message after encapsulation is
The MAC Address of the network equipment 3, thus the network equipment 4 by the MAC Address of the network equipment 3 the corresponding outlet in third flow table
Mouthful (i.e. the network equipment 4 arrives the forwarding port of the network equipment 3) forwarding encapsulate after message, i.e. the network equipment 4 is by the report after encapsulation
Text is sent to the network equipment 3.
In step 205, the network equipment 3 is after the message after receiving encapsulation, due in the head of the message after encapsulation
The target MAC (Media Access Control) address of carrying is the MAC Address of the network equipment 3, therefore, the message after the decapsulation encapsulation of the network equipment 3, to obtain
Message after decapsulation, and the tunnel label 1 by being carried in the head of the message after encapsulation inquires the second flow table, to identify
Corresponding second user side access link is AC30, and therefore, the network equipment 3 is connect by the second user side recorded in the second flow table
Incoming link AC30 sends the message after decapsulation, and the message after decapsulation is forwarded to terminal device 3 by AC30.
Later, terminal device 3 generates response message, and after which reaches the network equipment 3, the network equipment 3 is to network
The process that equipment 1 sends response message is similar to the transmission of the network equipment 3 process of message with the network equipment 1, and details are not described herein.
After the network equipment 1 receives response message, response message is gone to terminal device 1 by AC10, to complete terminal device 1 with
Message interaction between terminal device 3.
In the embodiment of the present invention, when network topology changes, controller also needs to determine updated network topology,
And third flow table is generated for each network equipment again using updated network topology, and again using updated network topology
The first flow table is generated for first network equipment, and is that second network equipment generates second again using updated network topology
Table.Wherein, the generating process of the first flow table, the second flow table and third flow table is similar with aforesaid way, and it is no longer repeated herein.
In the embodiment of the present invention, the flow table query process on each network equipment includes source MAC address filtering and purpose MAC
It searches location.Source MAC address filtering refers to that the source MAC of docking receiving text is searched, if message inbound port is not in MAC table
Port, then abandon the message.If message inbound port is the port in MAC table, target MAC (Media Access Control) address lookup is executed, if searching
When to target MAC (Media Access Control) address, then the message is forwarded, if do not find target MAC (Media Access Control) address, directly abandons the message.
Based on this, in the message after receiving encapsulation, the network equipment also needs to determine the report after the encapsulation network equipment
The corresponding source MAC corresponding exit port in MAC table (i.e. third flow table) of text;If the exit port is received on the network equipment
The receiving port of message after to encapsulation is identical, then the message after the network equipment allows forwarding to encapsulate;If the exit port with connect
Receiving end mouth is different, then the network equipment directly abandons the message after encapsulation.
In conclusion in the embodiment of the present invention, by being established a little between the network equipment and the network equipment in SDN network
To the virtual connections of point, and the flow table of corresponding virtual connections is issued on network devices, so that controller is when generating flow table, no
The target MAC (Media Access Control) address for learning to carry into message is needed, target MAC (Media Access Control) address is also not needed upon and generates flow table, is eliminated a large amount of
The learning tasks of host.Further, by establishing virtual connections between any two network equipment in SDN network, and lead to
It crosses the virtual connections and carries all service messages (can be Ethernet message and non-Ethernet message) so that SDN network does not perceive message
Type, it is only necessary to identify the virtual connections belonging to message.Further, it is realized in SDN network and virtually connects connection function, virtual connections are by controlling
Device processed is according to Topology g eneration, without relying on VPN (Virtual Private Network, Virtual Private Network) function, and can be with
Anti- loops realize the transparent transmission of message.
Based on inventive concept same as the above method, a kind of controller is additionally provided in the embodiment of the present invention, is applied to
In software defined network SDN including the controller and multiple network equipments, as shown in figure 3, the controller specifically includes:
Determining module 11 needs to establish virtual connections between first network equipment and second network equipment for determining;
Generation module 12 for generating the first flow table for the first network equipment, and is given birth to for second network equipment
At the second flow table;Wherein, record has the corresponding first user side access link of the virtual connections, exit port in first flow table
With the medium access control MAC Address of second network equipment;Record has the virtual connections corresponding second in second flow table
User side access link;
Sending module 13, for first flow table to be handed down to the first network equipment, first flow table is used for
The first network equipment is indicated when receiving the message from the first user side access link, is carried out for the message empty
Tunnel encapsulation is connected, the MAC Address of second network equipment is carried in the head of message after packaging, and go out described in
Port sends the message after encapsulation;
And second flow table is handed down to second network equipment, second flow table is used to indicate described
Two network equipments are in the message after receiving encapsulation, if the MAC Address that carries is the second net in the head of message after encapsulation
The MAC Address of network equipment then decapsulates the message after the encapsulation, obtains the message, and connect by the second user side
Incoming link sends the message.
The determining module 11 is additionally operable to when the virtual connections between the first network equipment and second network equipment
The multiple user side access link clock synchronizations of correspondence, determination is uniquely corresponding to the first user side access link and second user side connects
The tunnel label of incoming link;
For the generation module 12 when generating first flow table, also record has the tunnel mark in first flow table
Label, and also carry the tunnel label in the head of the message after encapsulation;
For the generation module 12 when generating second flow table, also record has the tunnel mark in second flow table
Label, and second network equipment is before sending message, the tunnel label carried in the head by the message after encapsulation inquire the
Two flow tables, to obtain corresponding second user side access link.
The generation module 12 is additionally operable to determine the network topology between the multiple network equipment in the SDN, and
Using the network topology determine each network equipment to other network equipments topological shortest path;It is set for each network
Standby, the topological shortest path using the network equipment to other network equipments is that the network equipment generates third flow table;The
In three flow tables record have the MAC Address of other network equipments, opening up to other network equipments on the network equipment
Flutter the exit port of shortest path;
The sending module 13 is additionally operable to the third flow table issuance to the network equipment, and the third flow table is used
When indicating the network equipment in the message after receiving first network equipment and being sent to the encapsulation of second network equipment, if envelope
The MAC Address carried in the head of message after dress is the MAC Address of the other network equipments recorded in the third flow table, is led to
Cross the message after corresponding exit port forwarding encapsulation.
Wherein, the modules of apparatus of the present invention can be integrated in one, and can also be deployed separately.Above-mentioned module can close
And be a module, multiple submodule can also be further split into.
Based on inventive concept same as the above method, a kind of network equipment is additionally provided in the embodiment of the present invention, is applied
In the software defined network SDN including controller and multiple network equipments, as shown in figure 4, the network equipment specifically includes:
Receiving module 21, for needing the foundation between first network equipment and second network equipment empty when controller determines
When connection, the flow table that controller is issued to the network equipment is received;Wherein, when the network equipment is as first network equipment
When, the flow table is the first flow table, in first flow table record have the corresponding first user side access link of the virtual connections,
The medium access control MAC Address of exit port and second network equipment;When the network equipment is as second network equipment, institute
It is the second flow table to state flow table, and being recorded in second flow table has the corresponding second user side access link of the virtual connections;
Processing module 22, for when receiving the message from the first user side access link, passing through described first
User side access link inquires first flow table, and using the information recorded in first flow table, is carried out for the message
Virtual connections tunnel encapsulation carries the MAC Address of second network equipment in the head of message after packaging, and by described
Exit port sends the message after encapsulation;
In the message after receiving encapsulation, the MAC Address that carries in the head of the message after being encapsulated;If described
MAC Address is the MAC Address of present networks equipment, then decapsulates the message after the encapsulation, and by remembering in second flow table
The second user side access link of record sends the message after decapsulation.
In the embodiment of the present invention, when the virtual connections between the first network equipment and second network equipment are corresponding more
A user side access link clock synchronization,
When the network equipment is as first network equipment, also recorded in the first flow table that the receiving module 21 receives
It is to be uniquely corresponding to the first user side access link and second user side access to have tunnel label, the tunnel label
The tunnel label of link;The processing module 22 for the message when carrying out virtual connections tunnel encapsulation, message after packaging
Head in also carry the tunnel label;Alternatively,
When the network equipment is as second network equipment, also recorded in the second flow table that the receiving module 21 receives
It is to be uniquely corresponding to the first user side access link and second user side access to have tunnel label, the tunnel label
The tunnel label of link;The second user side access link that the processing module 22 records in by second flow table is sent
When message after decapsulation, the tunnel label carried in the head by the message after encapsulation inquires second flow table, with
Corresponding second user side access link is obtained, and the report after decapsulation is sent by second user side access link
Text.
The receiving module 21 is additionally operable to receive the third flow table that the controller is issued to the network equipment, the third
Flow table is that the controller is given birth to using the topological shortest path of the network equipment to other network equipments for the network equipment
At and issue, in third flow table record have the MAC Address of other network equipments, on the network equipment to described other
The exit port of the topological shortest path of the network equipment;
The processing module 22, the report being additionally operable to after receiving first network equipment and being sent to the encapsulation of second network equipment
Wen Shi, if the MAC Address that carries is the MAC of the other network equipments recorded in third flow table in the head of message after encapsulation
Address then passes through the message after the forwarding encapsulation of corresponding exit port.
The processing module 22 is further used for, in the message after receiving encapsulation, determining that the message after encapsulation is corresponding
Source MAC corresponding exit port in the mac table;If receiving the message after encapsulation on the exit port and the network equipment
Receiving port it is identical, then allow forwarding encapsulate after message;If the exit port is different from the receiving port, directly
Abandon the message after encapsulation.
Wherein, the modules of apparatus of the present invention can be integrated in one, and can also be deployed separately.Above-mentioned module can close
And be a module, multiple submodule can also be further split into.
Through the above description of the embodiments, those skilled in the art can be understood that the present invention can be by
Software adds the mode of required general hardware platform to realize, naturally it is also possible to which by hardware, but the former is more in many cases
Good embodiment.Based on this understanding, technical scheme of the present invention substantially in other words contributes to the prior art
Part can be expressed in the form of software products, which is stored in a storage medium, if including
Dry instruction is used so that a computer equipment (can be personal computer, server or the network equipment etc.) executes this hair
Method described in bright each embodiment.It will be appreciated by those skilled in the art that attached drawing is the schematic diagram of a preferred embodiment,
Module or flow in attached drawing are not necessarily implemented necessary to the present invention.It will be appreciated by those skilled in the art that in embodiment
Device in module can according to embodiment describe be distributed in the device of embodiment, respective change position can also be carried out
In one or more devices different from the present embodiment.The module of above-described embodiment can be merged into a module, can also
It is further split into multiple submodule.The embodiments of the present invention are for illustration only, can not represent the quality of embodiment.With
Several specific embodiments of the upper disclosed only present invention, still, the present invention is not limited to this, any those skilled in the art
Member can think of variation should all fall into protection scope of the present invention.
Claims (14)
1. a kind of message transmitting method based on virtual connections, which is characterized in that this method is applied to include controller and multiple nets
In the software defined network SDN of network equipment, the method includes:
The controller, which determines, to be needed to establish virtual connections between first network equipment and second network equipment;
The controller is that first network equipment generates the first flow table, and first flow table is handed down to the first network and is set
Standby, record has the corresponding first user side access link of the virtual connections, exit port and the second network to set in first flow table
Standby medium access control MAC Address;First flow table is used to indicate the first network equipment and is receiving from described the
When the message of one user side access link, virtual connections tunnel encapsulation is carried out for the message, in the head of message after packaging
The MAC Address of second network equipment is carried, and the message after encapsulation is sent by the exit port;
The controller is that second network equipment generates the second flow table, and second flow table is handed down to second network and is set
Standby, record has the corresponding second user side access link of the virtual connections in second flow table;Second flow table is for referring to
Show second network equipment in the message after receiving encapsulation, if the MAC Address carried in the head of the message after encapsulation
For the MAC Address of second network equipment, then the message after the encapsulation is decapsulated, obtains the message, and pass through described second
User side access link sends the message.
2. the method as described in claim 1, which is characterized in that the method further includes:
When the corresponding multiple user side access link pair of the virtual connections between the first network equipment and second network equipment
When, the controller determines the tunnel mark for being uniquely corresponding to the first user side access link and second user side access link
Label;
For the controller when generating first flow table, also record has the tunnel label in first flow table, and encapsulates
The tunnel label is also carried in the head of message afterwards;
For the controller when generating second flow table, also record has the tunnel label, and second in second flow table
For the network equipment before sending message, the tunnel label carried in the head by the message after encapsulation inquires the second flow table, with
Obtain corresponding second user side access link.
3. the method as described in claim 1, which is characterized in that the controller is in first network equipment and second network equipment
Between establish before virtual connections, the method further includes:
The controller determines the network topology between the multiple network equipment in the SDN, and is opened up using the network
Flutter the topological shortest path for determining each network equipment to other network equipments;
For each network equipment, the controller is using the topological shortest path of the network equipment to other network equipments
The network equipment generates third flow table, and gives the third flow table issuance to the network equipment, remembers in the third flow table
The topological shortest path that record has the MAC Address of other network equipments, arrives other network equipments on the network equipment
Exit port;The third flow table is used to indicate the network equipment and is sent to second network equipment receiving first network equipment
Encapsulation after message when, if recorded in the MAC Address third flow table that carries in the head of message after encapsulation
The MAC Address of other network equipments then passes through the message after the forwarding encapsulation of corresponding exit port.
4. a kind of message transmitting method based on virtual connections, which is characterized in that this method is applied to include controller and multiple nets
In the software defined network SDN of network equipment, the method includes:
When controller, which determines, to be needed to establish virtual connections between first network equipment and second network equipment,
The network equipment receives the flow table that controller is issued to the network equipment;Wherein, when the network equipment is as the first net
When network equipment, the flow table is the first flow table, and being recorded in first flow table has corresponding first user side of the virtual connections to connect
The medium access control MAC Address of incoming link, exit port and second network equipment;When the network equipment is set as the second network
When standby, the flow table is the second flow table, and being recorded in second flow table has the corresponding second user side access chain of the virtual connections
Road;
The network equipment is connect when receiving the message from the first user side access link by first user side
Incoming link inquires first flow table, and using the information recorded in first flow table, and virtual connections tunnel is carried out for the message
Road encapsulates, and carries the MAC Address of second network equipment in the head of message after packaging, and send out by the exit port
Send the message after encapsulation;
The network equipment is in the message after receiving encapsulation, the MAC Address that carries in the head of the message after being encapsulated;Such as
MAC Address described in fruit is the MAC Address of present networks equipment, then decapsulates the message after the encapsulation, and pass through the second
The second user side access link recorded in table sends the message after decapsulation.
5. method as claimed in claim 4, which is characterized in that when the first network equipment and second network equipment it
Between virtual connections correspond to multiple user side access link clock synchronizations, the method further includes:
When the network equipment is as first network equipment, also record has tunnel label, the tunnel in first flow table
Label is the tunnel label for being uniquely corresponding to the first user side access link and second user side access link;It is described
The network equipment also carries the tunnel when carrying out virtual connections tunnel encapsulation for the message in the head of message after packaging
Label;Alternatively,
When the network equipment is as second network equipment, also record has tunnel label, the tunnel in second flow table
Label is the tunnel label for being uniquely corresponding to the first user side access link and second user side access link;It is described
The network equipment is when the second user side access link recorded in by second flow table sends the message after decapsulation, institute
It states the tunnel label carried in head of the network equipment by the message after encapsulation and inquires second flow table, it is corresponding to obtain
Second user side access link, and the message after decapsulation is sent by second user side access link.
6. method as claimed in claim 4, which is characterized in that it is described need first network equipment and second network equipment it
Between establish before virtual connections, the method further includes:
The network equipment receives the third flow table that the controller is issued to the network equipment, and the third flow table is described
Controller is generated and is issued using the topological shortest path network equipment of the network equipment to other network equipments,
Record has the MAC Address of other network equipments, is set to other networks on the network equipment in the third flow table
The exit port of standby topological shortest path;
The network equipment is in the message after receiving first network equipment and being sent to the encapsulation of second network equipment, if encapsulation
The MAC Address carried in the head of message afterwards is the MAC Address of the other network equipments recorded in the third flow table, then leads to
Cross the message after corresponding exit port forwarding encapsulation.
7. method as claimed in claim 6, which is characterized in that the method further includes:
The network equipment determines the corresponding source MAC of message after encapsulation in the mac table in the message after receiving encapsulation
Corresponding exit port;If the exit port is identical as the receiving port of message after encapsulating is received on the network equipment,
The network equipment allows the message after forwarding encapsulation;If the exit port is different from the receiving port, the network
Equipment directly abandons the message after encapsulation.
8. a kind of controller, which is characterized in that applied to the software defined network for including the controller and multiple network equipments
In SDN, the controller specifically includes:
Determining module needs to establish virtual connections between first network equipment and second network equipment for determining;
Generation module for generating the first flow table for the first network equipment, and generates second for second network equipment
Flow table;Wherein, record has the corresponding first user side access link of the virtual connections, exit port and second in first flow table
The medium access control MAC Address of the network equipment;Record has the corresponding second user side of the virtual connections in second flow table
Access link;
Sending module, for first flow table to be handed down to the first network equipment, first flow table is used to indicate institute
First network equipment is stated when receiving the message from the first user side access link, virtual connections tunnel is carried out for the message
Road encapsulates, and carries the MAC Address of second network equipment in the head of message after packaging, and send out by the exit port
Send the message after encapsulation;
And second flow table is handed down to second network equipment, second flow table is used to indicate second net
Network equipment is in the message after receiving encapsulation, if the MAC Address that carries is that the second network is set in the head of message after encapsulation
Standby MAC Address then decapsulates the message after the encapsulation, obtains the message, and access chain by the second user side
Road sends the message.
9. controller as claimed in claim 8, which is characterized in that
The determining module is additionally operable to when the virtual connections between the first network equipment and second network equipment are corresponding more
A user side access link clock synchronization, determination are uniquely corresponding to the first user side access link and second user side access link
Tunnel label;
For the generation module when generating first flow table, also record has the tunnel label in first flow table, and seals
The tunnel label is also carried in the head of message after dress;
The generation module is also recorded when generating second flow table, in second flow table the tunnel label, and the
For two network equipments before sending message, the tunnel label carried in the head by the message after encapsulation inquires the second flow table,
To obtain corresponding second user side access link.
10. controller as claimed in claim 8, which is characterized in that
The generation module is additionally operable to determine the network topology between the multiple network equipment in the SDN, and utilizes institute
State network topology determine each network equipment to other network equipments topological shortest path;For each network equipment, utilize
The topological shortest path of the network equipment to other network equipments is that the network equipment generates third flow table;The third stream
In table record have the MAC Address of other network equipments, on the network equipment to the topology of other network equipments most
The exit port of short path;
The sending module is additionally operable to the third flow table issuance to the network equipment, and the third flow table is used to indicate
The network equipment is in the message after receiving first network equipment and being sent to the encapsulation of second network equipment, if after encapsulation
The MAC Address carried in the head of message is the MAC Address of the other network equipments recorded in the third flow table, then by right
Message after the exit port forwarding encapsulation answered.
11. a kind of network equipment, which is characterized in that applied to the software defined network for including controller and multiple network equipments
In SDN, the network equipment specifically includes:
Receiving module determines that needs establish virtual connections between first network equipment and second network equipment for working as controller
When, receive the flow table that controller is issued to the network equipment;Wherein, when the network equipment is as first network equipment,
The flow table is the first flow table, and being recorded in first flow table has the corresponding first user side access link of the virtual connections, goes out
The medium access control MAC Address of port and second network equipment;It is described when the network equipment is as second network equipment
Flow table is the second flow table, and being recorded in second flow table has the corresponding second user side access link of the virtual connections;
Processing module, for when receiving the message from the first user side access link, passing through first user side
Access link inquires first flow table, and using the information recorded in first flow table, and virtual connections are carried out for the message
Tunnel encapsulation carries the MAC Address of second network equipment in the head of message after packaging, and passes through the exit port
Send the message after encapsulation;
In the message after receiving encapsulation, the MAC Address that carries in the head of the message after being encapsulated;If the MAC
Location is the MAC Address of present networks equipment, then decapsulates the message after the encapsulation, and the by being recorded in second flow table
Two user side access link send the message after decapsulation.
12. the network equipment as claimed in claim 11, which is characterized in that when the first network equipment and second network
Virtual connections between equipment correspond to multiple user side access link clock synchronizations,
When the network equipment is as first network equipment, also record has tunnel in the first flow table that the receiving module receives
Label, the tunnel label are to be uniquely corresponding to the first user side access link and second user side access link
Tunnel label;The processing module for the message when carrying out virtual connections tunnel encapsulation, in the head of message after packaging
Also carry the tunnel label;Alternatively,
When the network equipment is as second network equipment, also record has tunnel in the second flow table that the receiving module receives
Label, the tunnel label are to be uniquely corresponding to the first user side access link and second user side access link
Tunnel label;The second user side access link that the processing module records in by second flow table sends decapsulation
When rear message, the tunnel label carried in the head by the message after encapsulation inquires second flow table, to be corresponded to
Second user side access link, and pass through second user side access link send decapsulation after message.
13. the network equipment as claimed in claim 11, which is characterized in that
The receiving module is additionally operable to receive the third flow table that the controller is issued to the network equipment, and the third flow table is
The controller using the network equipment to other network equipments topological shortest path be the network equipment generation and under
Hair, record has the MAC Address of other network equipments, arrives other nets on the network equipment in the third flow table
The exit port of the topological shortest path of network equipment;
The processing module is additionally operable in the message after receiving first network equipment and being sent to the encapsulation of second network equipment,
If the MAC Address carried in the head of the message after encapsulation is the MAC Address of the other network equipments recorded in third flow table,
Then pass through the message after the forwarding encapsulation of corresponding exit port.
14. the network equipment as claimed in claim 13, which is characterized in that
The processing module is further used in the message after receiving encapsulation, with determining the corresponding source MAC of message after encapsulation
Location corresponding exit port in the mac table;If receiving the reception of the message after encapsulation on the exit port and the network equipment
Port is identical, then the message after allowing forwarding to encapsulate;If the exit port is different from the receiving port, envelope is directly abandoned
Message after dress.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201410425612.5A CN104219149B (en) | 2014-08-26 | 2014-08-26 | A kind of message transmitting method and equipment based on virtual connections |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201410425612.5A CN104219149B (en) | 2014-08-26 | 2014-08-26 | A kind of message transmitting method and equipment based on virtual connections |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN104219149A CN104219149A (en) | 2014-12-17 |
| CN104219149B true CN104219149B (en) | 2018-07-13 |
Family
ID=52100298
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201410425612.5A Active CN104219149B (en) | 2014-08-26 | 2014-08-26 | A kind of message transmitting method and equipment based on virtual connections |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN104219149B (en) |
Families Citing this family (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN104618194B (en) * | 2015-02-15 | 2018-03-20 | 新华三技术有限公司 | Software defined network monitoring messages method and SDN controllers, switching equipment |
| CN104702479B (en) * | 2015-03-10 | 2018-08-24 | 新华三技术有限公司 | The method and apparatus that tunnel is established in SDN network |
| CN105763465B (en) * | 2016-01-29 | 2019-01-22 | 新华三技术有限公司 | A kind of distributed group interflow amount control method and device |
| CN108429652A (en) * | 2017-02-14 | 2018-08-21 | 中兴通讯股份有限公司 | Distal end traffic mirroring control method, implementation method and relevant device based on SDN |
| CN107241254B (en) * | 2017-05-19 | 2020-06-05 | 北京知道创宇信息技术股份有限公司 | Network connection device, network system and networking method |
Family Cites Families (10)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| EP2693708B1 (en) * | 2011-03-29 | 2019-09-04 | Nec Corporation | Network system and method for acquiring vlan tag information |
| US8762501B2 (en) * | 2011-08-29 | 2014-06-24 | Telefonaktiebolaget L M Ericsson (Publ) | Implementing a 3G packet core in a cloud computer with openflow data and control planes |
| JP2013105308A (en) * | 2011-11-14 | 2013-05-30 | Nippon Telegr & Teleph Corp <Ntt> | Load distribution system, load distribution device, load distribution method and load distribution program |
| US9210615B2 (en) * | 2012-09-17 | 2015-12-08 | Brocade Communications Systems, Inc. | Method and system for elastic and resilient 3G/4G mobile packet networking for subscriber data flow using virtualized switching and forwarding |
| US8711855B1 (en) * | 2012-12-18 | 2014-04-29 | Juniper Networks, Inc. | Topology discovery, control channel establishment, and datapath provisioning within an aggregation network with centralized control |
| CN103888386B (en) * | 2012-12-24 | 2017-10-17 | 华为技术有限公司 | The transmission method and device, system of expansible virtual local area network packet |
| CN103346981B (en) * | 2013-06-28 | 2016-08-10 | 华为技术有限公司 | Virtual switch method, relevant apparatus and computer system |
| CN103607347B (en) * | 2013-11-15 | 2017-07-28 | 华为技术有限公司 | Set up the method and controller of transmission channel |
| CN103746925B (en) * | 2013-12-13 | 2017-06-30 | 北京邮电大学 | A kind of FiWi UNEs and the communication means based on FiWi UNEs |
| CN103747502B (en) * | 2014-02-18 | 2017-06-23 | 中国联合网络通信集团有限公司 | The processing method and system of a kind of GTP tunnel |
-
2014
- 2014-08-26 CN CN201410425612.5A patent/CN104219149B/en active Active
Also Published As
| Publication number | Publication date |
|---|---|
| CN104219149A (en) | 2014-12-17 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN107911258B (en) | SDN network-based security resource pool implementation method and system | |
| CN102804693B (en) | For realizing the method and apparatus of L2 VPN on ip networks | |
| EP3211839B1 (en) | Split-horizon packet forwarding in a mh-pbb-evpn network | |
| CN106936777B (en) | Cloud computing distributed network implementation method and system based on OpenFlow | |
| CN104243270B (en) | A kind of method and apparatus for establishing tunnel | |
| US10666459B1 (en) | System and method to facilitate interoperability between virtual private LAN service (VPLS) and ethernet virtual private network (EVPN) with all-active multi-homing | |
| EP2600573B1 (en) | Method for transmitting addresses correspondence relationship in second-layer protocol using link status routing | |
| US7787480B1 (en) | Routing frames in a trill network using service VLAN identifiers | |
| US8509248B2 (en) | Routing frames in a computer network using bridge identifiers | |
| WO2016045637A1 (en) | Forwarding data packets in software defined network | |
| CN109995654B (en) | Method and device for transmitting data based on tunnel | |
| CN104219149B (en) | A kind of message transmitting method and equipment based on virtual connections | |
| CN102368727B (en) | Crossed IP network TRILL network communication method, system thereof and devices | |
| US7613188B1 (en) | Ethernet VLL spoke termination at an IP interface | |
| EP2849397A1 (en) | Communication system, control device, communication method, and program | |
| CN105379228B (en) | Realize method, switching equipment and the control equipment of ARP | |
| CN103139075B (en) | A kind of message transmitting method and equipment | |
| CN103973825B (en) | Method, node device and the sending method of MAC Address accessibility are noticed in stacking network | |
| CN101286922A (en) | Signalling control method, system and apparatus | |
| CN103326918A (en) | Message forwarding method and message forwarding equipment | |
| CN104065582A (en) | Message transmission method and gateway device | |
| CN108390821A (en) | A kind of openflow interchangers realize the method and system of dual-active | |
| CN104079466B (en) | A kind of message processing method and equipment | |
| EP2822238B1 (en) | Method and device for establishing a pseudo wire | |
| CN105453513A (en) | Packet forwarding method, forwarding entry delivery method, and network device |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| EXSB | Decision made by sipo to initiate substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| CB02 | Change of applicant information |
Address after: 310052 Binjiang District Changhe Road, Zhejiang, China, No. 466, No. Applicant after: Xinhua three Technology Co., Ltd. Address before: 310052 Binjiang District Changhe Road, Zhejiang, China, No. 466, No. Applicant before: Huasan Communication Technology Co., Ltd. |
|
| GR01 | Patent grant | ||
| GR01 | Patent grant |