CN104243269B - A kind of processing method and processing device of virtual extended local network packet - Google Patents

A kind of processing method and processing device of virtual extended local network packet Download PDF

Info

Publication number
CN104243269B
CN104243269B CN201410495809.6A CN201410495809A CN104243269B CN 104243269 B CN104243269 B CN 104243269B CN 201410495809 A CN201410495809 A CN 201410495809A CN 104243269 B CN104243269 B CN 104243269B
Authority
CN
China
Prior art keywords
vtep
vxlan
message
unicast message
proxy server
Prior art date
Application number
CN201410495809.6A
Other languages
Chinese (zh)
Other versions
CN104243269A (en
Inventor
付志华
Original Assignee
新华三技术有限公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 新华三技术有限公司 filed Critical 新华三技术有限公司
Priority to CN201410495809.6A priority Critical patent/CN104243269B/en
Publication of CN104243269A publication Critical patent/CN104243269A/en
Application granted granted Critical
Publication of CN104243269B publication Critical patent/CN104243269B/en

Links

Abstract

The present invention provides a kind of processing method and processing device of virtual extended local network packet, and method includes: that the tunnel VxLAN is established between each VTEP;The unknown unicast message that reception source VTEP is sent, the VxLAN mark carried according to the unknown unicast message determines target VTEP all in addition to the VTEP of source in the VxLAN, and the unknown unicast message is sent to target VTEP.Above scheme is replicated and is forwarded to the unknown unicast message by increasing proxy server in virtual extended local area network, using proxy server, therefore the Internet resources of VTEP equipment room are greatly saved.

Description

A kind of processing method and processing device of virtual extended local network packet

Technical field

The present invention relates to field of communication technology, in particular to a kind of processing of virtual extended local area network unknown unicast message Method and device.

Background technique

With the extensive use of virtual technology, 4096 VLAN (Virtual Local Area Network, virtual local areas Net) far from meeting the needs of extensive cloud computation data center, therefore, VxLAN (Virtual Extensible Local Area Network, virtual extended local area network) technology is by using tunnel port technology at source virtual machine end, in physics three-layer network Building virtualization double layer network, creates a large amount of virtual extended local area network, different virtual expansions on existing network framework on network Exhibition local area network is identified using VNI (VxLAN Network Identifier, virtual extended local net network identifier), often A VNI at most may include 4094 VLAN, to extend the quantity of virtual LAN, meet user's use.

As shown in Figure 1, existing VxLAN communication network include multiple VTEP (VxLAN Tunnel End Point, VxLAN tunneling termination) (i.e. VTEP1, VTEP2, VTEP3 in Fig. 1), the core that is connected in the IP core network of multiple VTEP Equipment, wherein the corresponding multiple virtual machines of the different port number of each VTEP, as VM1, VM2, VM3 correspond to the same end of VTEP1 Slogan GE1/0/1, VM4, VM5, VM6 correspond to same port numbers GE1/0/2 of VTEP1 etc..It is every in VxLAN communication network A VTEP learns the MAC Address of corresponding each virtual machine VM in advance, when the known unicast report for receiving a certain virtual machine and sending Text searches the MAC relation table of itself preservation according to destination address entrained by the known unicast message, by the known unicast message It is sent to the VTEP that corresponding target virtual machine is connected.(unknown list is specifically included when VTEP receives unknown unicast message Casting text, broadcasting packet or multicast message) when, VxLAN communication means may include following two mode:

First way is: VTEP is copied into more parts to the message received, and same virtual according to learning to belong in advance Extend local area network other VTEP (such as VTEP2 and VTEP3) IP address to after duplication each message packaging V xLAN, UDP and IP head, and the message after encapsulation is sent to corresponding VTEP, then the virtual machine respectively connected by each VTEP to it It is broadcasted.However, being replicated on VTEP when VxLAN communication network is larger, to the performance requirement of VTEP equipment It is higher.

The second way is: the same multicast group is added in all VTEP in VxLAN network by core equipment, and utilizes three Layer multicast routing protocol establishes multicast forwarding list item.After source VTEP receives message, which is packaged, after encapsulation Purpose IP address is multicast ip address, so that the message received is sent in multicast group other VTEP in addition to the VTEP of source (VTEP2,VTEP3).If VxLAN communication network is communicated using which, need in VxLAN communication network each is set It is standby to support three layers of multicast, therefore which has certain limitation.

Summary of the invention

In view of this, the present invention provides a kind of processing method and processing device of virtual extended local network packet, with solution pair The problem of performance and mode limitation of VTEP equipment.

The present invention provides a kind of processing methods of virtual extended local network packet, which includes multiple VxLAN tunneling termination VTEP and proxy server, this method are applied to proxy server, comprising:

The tunnel VxLAN is established between the proxy server and each VTEP;

The unknown unicast message that reception source VTEP is sent identifies true according to the VxLAN that the unknown unicast message carries It is scheduled on target VTEP all in addition to the VTEP of source in the VxLAN, and the unknown unicast message is sent to target VTEP.

Preferably, the tunnel VxLAN is established between described and each VTEP, is specifically included:

Receive the logon message that each VTEP is sent, carried in the logon message VTEP IP address and at least one VxLAN mark;

Itself is configured multiple VxLAN mark set with the logon message carry described at least one The collection conjunction intersection operation of VxLAN mark;

When intersection operation is true, the tunnel VxLAN is established with each VTEP, and saving according to the matched VxLAN of intersection should The corresponding VTEP relation table of VxLAN mark.

Preferably, which is sent to target VTEP by the proxy server, is specifically included:

It is identified according to the VxLAN carried in unknown unicast message, and corresponding to the VxLAN mark pre-saved VTEP relation table determines target VTEP all in addition to the VTEP of source in the VxLAN;

According to the purpose IP address of the target VTEP, which is replicated, it will be non-after duplication The destination address of known unicast message is revised as the IP address of the target VTEP and encapsulation;

Modified unknown unicast message is sent to corresponding mesh using the tunnel VxLAN between each target VTEP Mark VTEP.

Preferably, the method also includes:

When exiting request message of VTEP transmission is being received, is determining the VxLAN mark of the VTEP, and will be in the VxLAN It deletes in the tunnel VxLAN between the VTEP.

The present invention also provides a kind of processing method of virtual extended local network packet, include in the virtual extended local area network Multiple VxLAN tunneling termination VTEP, the corresponding virtual machine of each VTEP and proxy server, this method are applied to source VTEP End, comprising:

Receive the unknown unicast message that private network side virtual machine is sent;

The unknown unicast message is sent to proxy server with mode of unicast, so that proxy server is non-known by this Unicast message is sent to target VTEP by the unicast of the tunnel VxLAN.

The present invention also provides a kind of processing unit of virtual extended local network packet, virtual extended local area network VxLAN Including multiple VxLAN tunneling termination VTEP and proxy server, which is applied to proxy server, comprising:

Unit is established, for establishing the tunnel VxLAN between each VTEP;

Transmission unit is carried for receiving the unknown unicast message of source VTEP transmission according to the unknown unicast message VxLAN mark determine target VTEP all in addition to the VTEP of source in the VxLAN, and the unknown unicast message is sent to Target VTEP.

Preferably, the unit of establishing is further used for:

Receive the logon message that each VTEP is sent, the logon message carry the VTEP IP address and at least one VxLAN mark;Itself is configured multiple VxLAN mark set with the logon message carry described at least one The collection conjunction intersection operation of VxLAN mark;

When intersection operation is true, the tunnel VxLAN is established with each VTEP, and saving according to the matched VxLAN of intersection should The corresponding VTEP relation table of VxLAN mark.

Preferably, the transmission unit is further used for,

The unknown unicast message that reception source VTEP is sent by mode of unicast;

It is identified according to the VxLAN carried in unknown unicast message, and corresponding to the VxLAN mark pre-saved VTEP relation table determines target VTEP all in addition to the VTEP of source in the VxLAN;

According to the purpose IP address of the target VTEP, which is replicated, it will be non-after duplication The destination address of known unicast message is revised as the IP address of the target VTEP and encapsulation;Using between each target VTEP Modified unknown unicast message is sent to corresponding target VTEP by the tunnel VxLAN.

Preferably, described device further include:

Delete unit, for receiving VTEP transmission when exiting request message, determine the VTEP VxLAN mark, And the tunnel VxLAN in the VxLAN between the VTEP is deleted.

The present invention also provides a kind of processing unit of virtual extended local network packet, include in the virtual extended local area network Multiple VxLAN tunneling termination VTEP, the corresponding virtual machine of each VTEP and proxy server, the device are applied to source VTEP End, comprising:

Receiving unit, for receiving the unknown unicast message of private network side virtual machine transmission;

Transmission unit, for the unknown unicast message to be sent to proxy server with mode of unicast, so that agency takes The unknown unicast message is sent to target VTEP by the unicast of the tunnel VxLAN by business device.

The embodiment of the invention provides a kind of processing method and processing devices of virtual extended local network packet, by virtually expanding It opens up and increases proxy server in local area network, when VTEP receives unknown unicast message in source, which is sent to mode of unicast Server is managed, the unknown unicast message is replicated and forwarded using proxy server, since proxy server is only modified The destination address of unknown unicast message, is not changed the source IP address of the unknown unicast message after duplication, because This, target VTEP is after receiving unknown unicast message, the source IP address of the unknown unicast message or the IP of source VTEP Address, therefore target VTEP still believes that unknown unicast message is come from source VTEP, rather than from proxy server mistake Come.It is forwarded, is greatly saved by proxy server since the unknown unicast message of VTEP equipment room is most of The Internet resources of VTEP equipment room.

Detailed description of the invention

In order to more clearly explain the embodiment of the invention or the technical proposal in the existing technology, to embodiment or will show below There is attached drawing needed in technical description to be briefly described, it should be apparent that, the accompanying drawings in the following description is this hair Bright some embodiments for those of ordinary skill in the art without creative efforts, can be with root Other attached drawings are obtained according to these attached drawings.

Fig. 1 is existing VxLAN schematic network structure;

Fig. 2 is VxLAN schematic network structure provided in an embodiment of the present invention;

Fig. 3 is the processing method flow chart of virtual extended local network packet provided in an embodiment of the present invention;

Fig. 4 be multiple VxLAN provided in an embodiment of the present invention respectively with multiple VTEP connection status diagrams;

Fig. 5 be another embodiment of the present invention provides virtual extended local network packet processing method flow chart;

Fig. 6 be another embodiment of the present invention provides virtual extended local network packet processing method flow chart;

Fig. 7 is the hardware environment architecture diagram of device operation provided in an embodiment of the present invention;

Fig. 8 is apparatus structure schematic diagram provided in an embodiment of the present invention;

Fig. 9 be another embodiment of the present invention provides device operation hardware environment architecture diagram;

Figure 10 be another embodiment of the present invention provides apparatus structure schematic diagram.

Specific embodiment

Following will be combined with the drawings in the embodiments of the present invention, and technical solution in the embodiment of the present invention carries out clear, complete Site preparation description, it is clear that the described embodiment is only a part of the embodiment of the present invention, instead of all the embodiments.Based on this Embodiment in invention, every other reality obtained by those of ordinary skill in the art without making creative efforts Example is applied, shall fall within the protection scope of the present invention.

In order that the solution provided by the embodiment of the present invention is more easily understood, illustrate this below with reference to Fig. 2, Fig. 3, Fig. 4 The processing method of invention virtual extended local network packet.Compared with prior art, the present invention is in existing virtual extended local area network Increase a proxy server in network, as shown in Fig. 2, when source VTEP will receive unknown unicast message, first by the report Text is sent to the proxy server for establishing the tunnel VxLAN therewith with mode of unicast, non-known single to this by the proxy server Casting text is replicated, and the unknown unicast message after duplication is sent to mode of unicast by the tunnel VxLAN respectively again Other targets VTEP2, VTEP3 in the virtual extended local area network in addition to the VTEP of source.And source VTEP is for known to receiving Unicast message then continues through existing mode and is forwarded.

As shown in figure 3, being a kind of processing method of virtual extended local network packet provided in an embodiment of the present invention, this is virtual Extending includes multiple VxLAN tunneling termination VTEP and at least one proxy server in local area network, and this method is applied to agency Server, comprising:

Step 301: the tunnel VxLAN that can send VxLAN message is established between proxy server and each VTEP.

In embodiments of the present invention, proxy server is increased in VxLAN network, wherein the proxy server is specific It can be the higher network equipment of performance or run the server with VTEP functional software.The present invention mainly utilizes should Proxy server is replicated and is forwarded to unknown unicast VxLAN message, thus proxy server firstly the need of with VxLAN net VTEP in network establishes the tunnel VxLAN to be communicatively coupled.Wherein, proxy server and VTEP establish the mistake in the tunnel VxLAN Journey can specifically include following two mode.

First way is: static configuration mode.I.e. proxy server determines that (each broadcast domain corresponds to multiple broadcast domains For a VxLAN network) mark, and identify corresponding all VTEP foundation with each VxLAN and can send VxLAN message The tunnel VxLAN.Wherein, the tunnel VxLAN of foundation can make VTEP be packaged the heading of unknown unicast message, and Proxy server is set to carry out decapsulation to the unknown unicast message received and encapsulate again.

As shown in figure 4, for example, proxy server determines three VxLAN mark, such as VxLAN a, VxLAN b, VxLAN c, Wherein, it may include VTEP 1, VTEP 2, VTEP3 in VxLAN a, may include VTEP 1, VTEP 3, VTEP in VxLAN b 4, VxLAN c may include VTEP1, VTEP 5.VTEP 1, VTEP 2, VTEP 3 in proxy server and these VxLAN, VTEP 4, VTEP 5 are established after the completion of the tunnel VxLAN, save corresponding VTEP relationship list item for each VxLAN, wherein In the VTEP relationship list item, corresponding IP address is identified to mark VTEP using VTEP, then includes in the VTEP relationship list item The corresponding IP address of VxLAN mark, VTEP mark.For example, VTEP relation table such as 1 institute of following table table saved in proxy server Show.

Table 1

VxLAN mark The corresponding IP address of VTEP mark VxLAN a IP1、IP2、IP3 VxLAN b IP1、IP3、IP4 VxLAN c IP1、IP5

The second way is: auto discovery mechanism.Proxy server starts listening mode as server end, and VTEP makees For client, when proxy server listens to each VTEP, the logon message that each VTEP is sent is received, wherein the logon message The IP address and at least one VxLAN mark of the VTEP are carried, multiple VxLAN mark that proxy server configures itself The collection conjunction intersection operation that set carries at least one VxLAN mark with logon message is then acted on behalf of when the intersection operation is true Server and registration VTEP establish the tunnel VxLAN.Wherein, when register VTEP belong to multiple VxLAN when, proxy server with should VTEP only establishes the tunnel VxLAN, and a tunnel VxLAN of the foundation can support multiple VxLAN.It is protected in proxy server The corresponding VTEP relation table of each VxLAN mark is deposited, which includes that VxLAN is identified, corresponding to VTEP mark IP address.

As shown in figure 4, management-side is that proxy server is configured with VxLAN mark in advance, for example, configuring for proxy server VxLAN be identified as VxLAN a, VxLAN b, VxLAN c, then show the proxy server only to VxLAN a, VxLAN b, Message in VxLAN c is broadcasted.

Wherein by taking proxy server and VTEP1 establish the tunnel VxLAN as an example, registration that VTEP 1 is sent to proxy server The IP address carried in message is that IP1 and at least one VxLAN mark may include VxLAN a, VxLAN b and VxLAN c.Therefore VxLAN mark (VxLAN a, VxLAN b, VxLAN c) with VTEP 1 corresponding VxLAN of the proxy server to itself Mark (VxLANa, VxLAN b, VxLAN c) takes intersection operation, obtains VxLAN a, VxLAN b, VxLAN c, therefore the intersection Operation is very, then the tunnel VxLAN to be established between proxy server and VTEP 1, which can support VxLAN a, VxLAN b, it uses in VxLAN c these three VxLAN.It is corresponding that 3 VTEP 1 are saved in proxy server VTEP relationship list item, i.e. VxLANa, VxLAN b, the corresponding VTEP relationship list item of VxLAN c.Wherein, proxy server with The method that the tunnel VxLAN is established between other VTEP is consistent with the method that VTEP1 establishes the tunnel VxLAN with the proxy server.

When between proxy server and one of VTEP the tunnel VxLAN establish complete when, proxy server need by The IP address of the VTEP, which is sent to, previously established other VTEP for belonging to same VxLAN completed with itself, so that other VTEP Know the VTEP member.

In embodiments of the present invention, it if wanting to exit out the VxLAN for the VTEP in some VxLAN, receives this and moves back What VTEP out was sent exits request, and proxy server exits request according to this, the corresponding VTEP of the VxLAN that itself is saved In relation table, information corresponding to the VTEP is all deleted, and deletes the tunnel VxLAN between the VTEP.If it is determined that the VTEP All VxLAN or offline are exited, then the corresponding information of the VTEP is all deleted in all VTEP relation tables saved itself It removes, and deletes the tunnel VxLAN between the VTEP.After deleting the tunnel VxLAN between the VTEP, it is also necessary to by the VTEP Exit information notice give other targets VTEP that the VTEP belongs in same VxLAN.

Step 302: receiving the unknown unicast message that source VTEP is sent, carried according to the unknown unicast message VxLAN mark determines target VTEP all in addition to the VTEP of source in the VxLAN, and the unknown unicast message is sent to mesh Mark VTEP.

As shown in Fig. 2, being VxLAN schematic network structure provided by the invention, agency's clothes are increased in the VxLAN Business device, the proxy server receive the unknown unicast message that source VTEP is sent by mode of unicast.Wherein, the unknown unicast Message is specifically as follows unknown unicast message, broadcasting packet or multicast message, and the message of these types needs in VxLAN network Broadcast transmission is carried out, in order to effectively mitigate the network burden of each VTEP equipment in VxLAN network, network bandwidth is saved, in this hair In bright, when VTEP receives the message of these types when source, the tunnel the VxLAN unicast established by step 301 is given to agency's clothes Business device.Wherein, proxy server can be the higher network equipment of performance or run the clothes with VTEP functional software Business device.

Wherein, proxy server determines what the message carried when receiving the unknown unicast message of source VTEP transmission VxLAN mark, the VTEP relation table for the VxLAN saved according to itself determine the target VTEP in addition to the VTEP of source. For example, VTEP 1 is source VTEP, it is assumed that receive VxLAN entrained by the message that VTEP1 is sent and be identified as VxLAN a, for upper The corresponding VTEP relation table a of VxLAN a is stated, determines that target VTEP is VTEP 2, VTEP 3.

After proxy server has determined the target VTEP of the unknown unicast message, according to the IP of target VTEP The unknown unicast message is replicated in location, and the destination address of the unknown unicast message after duplication is revised as target The IP address of VTEP.For example, proxy server is multiple to the unknown unicast message from source VTEP1 in network shown in Fig. 2 Two parts of system, the purpose IP address of a unknown unicast message are the IP address of VTEP 2, the mesh of a unknown unicast message IP address be VTEP 3 IP address.Then two parts of messages are packaged, and using between each target VTEP Modified unknown unicast message is sent to corresponding target VTEP (VTEP2, VTEP3) by the tunnel VxLAN.

According to above scheme, by increasing proxy server in virtual extended local area network, in source VTEP receive it is non- When knowing unicast message, the proxy server is sent to mode of unicast first, using proxy server to the unknown unicast report Text is replicated, and the IP address of target VTEP is revised as to the destination address of the unknown unicast message after duplication, due to herein The source IP address of unknown unicast message after the duplication is not changed in the process, therefore it is non-in target VTEP to receive this After knowing unicast message, target VTEP still will be considered that message is to come from source VTEP, rather than come from proxy server.This Sample, the source MAC of the unknown unicast message is also arrived by target VTEP study, and sets up the tunnel VxLAN with source VTEP.Afterwards The known unicast message that supervention is sent will be directly transmitted still by source VTEP, and without proxy server.In addition, since VTEP is set Unknown unicast message between standby is largely forwarded by proxy server, therefore the network of VTEP equipment room is greatly saved Resource.

As shown in figure 5, the present invention provides a kind of processing method of virtual extended local network packet, the virtual extended local It include multiple VxLAN tunneling termination VTEP, the corresponding virtual machine of each VTEP and proxy server, this method application in net In the source end VTEP, comprising:

Step 501: receiving the unknown unicast message that private network side virtual machine is sent.

As shown in Fig. 2, the private network side of each VTEP can connect multiple server S erver, and each server can wrap Include multiple virtual machines.For example, server can be computer, virtual machine can be multiple virtual systems in every computer.Virtually Transmitting message can be reached each other by message is sent between machine and virtual machine.In an embodiment of the present invention, it is described it is non- Know that unicast message is specially broadcasting packet, unknown unicast message or multicast message.

Step 502: the unknown unicast message being sent to proxy server with mode of unicast, so that proxy server will The message is sent to target VTEP by the unicast of the tunnel VxLAN.

As shown in Fig. 2, if VTEP1 is source VTEP, when the message that VTEP1 is received is unknown unicast message, for this The message of a little types needs to carry out broadcast transmission in VxLAN network, in order to effectively mitigate each VTEP equipment in VxLAN network Network burden saves network bandwidth, in the present invention, increases proxy server, VTEP1 passes through the unknown unicast message The tunnel VxLAN is sent to proxy server with unicast fashion, be responsible for by proxy server to the duplication of unknown unicast message and Forwarding.

Due to also may include multiple proxy servers to realize load balancing in virtual extended local area network, and manage Reason layer may be the different VxLAN marks of multiple proxy server configurations.Therefore for the efficient forward efficiency of message, source VTEP determines the corresponding VxLAN mark of the message received (i.e. message needs are broadcasted in the corresponding VxLAN), root The corresponding multiple VxLAN marks of the multiple proxy servers pre-saved according to itself, by the unknown unicast message with unicast shape Formula is sent to the proxy server including VxLAN mark.For example, including proxy server 1, agency in virtual extended local area network Server 2, wherein management level are that the VxLAN that proxy server 1 configures is identified as VxLAN a, VxLAN b, and management level are agency The VxLAN that server 2 configures is identified as VxLANc, VxLAN d.Therefore it after VTEP1 receives the unknown unicast message, determines The VxLAN that the message carries is identified as VxLAN a, therefore the unknown unicast message is sent to proxy server 1, so that generation Reason server 1 is replicated and is forwarded to the unknown unicast message.

According to above scheme, when the message that VTEP is received in source is unknown unicast message, which can not be existed Itself is replicated, but the unknown unicast message received is sent to the agency service newly increased with mode of unicast Therefore device, does not have the performance of source VTEP equipment so that proxy server is replicated and forwarded to the unknown unicast message Limitation, and three layers of multicast mode are not needed, it is forwarded since VTEP equipment room resource is most of by proxy server, The Internet resources of VTEP equipment room are greatly saved.

As shown in fig. 6, the present invention provides a kind of processing method of virtual extended local network packet, as shown in Fig. 2, the void It include multiple VxLAN tunneling termination VTEP, the corresponding virtual machine of each VTEP and agency service in quasi- extension local area network VxLAN Device, this method are executed jointly by proxy server and source VTEP, and this method may comprise steps of:

Step 601:VTEP1 receives the unknown unicast message that the virtual machine of private network side is sent, the unknown unicast message It can be broadcasting packet, unknown unicast message or multicast message.

Step 602:VTEP1 by the unknown unicast message by the tunnel VxLAN established between proxy server with Mode of unicast is sent to corresponding proxy server.

As shown in Fig. 2, each VTEP is respectively connected with multiple virtual machines, as to be connected with port numbers right for GE1/0/1 by VTEP1 VM4, VM5 and VM6 on Server2 corresponding to VM1, VM2 and the VM3 on Server1 answered, port numbers GE1/02.

VTEP1 is as source VTEP, if VTEP1 determination receives known unicast message, such as: the source of the known unicast message MAC Address is MAC1, target MAC (Media Access Control) address MAC4, then the MAC relationship list item for the private network side that VTEP1 is saved according to itself obtains MAC4 corresponds to the VM4 of Server2, then the known unicast message is sent to VM4 by VTEP1.If the purpose of the known unicast message MAC Address is MAC7, then VTEP1 determines that MAC7 is corresponded under VTEP2 according to the MAC relationship list item of the public network side itself saved VM7, and the IP address of VTEP2 is IP2, therefore, VTEP1 is packaged the known unicast message, the known unicast after encapsulation The purpose IP address of message is VTEP2, and the known unicast message is issued VTEP2, so that VTEP2 is according to the known unicast report Text, parsing its purpose MAC is MAC7, so that the known unicast message is sent to VM7.

If the message that VTEP1 is received be unknown unicast message, for these types message in VxLAN network domestic demand Broadcast transmission is carried out, in order to effectively mitigate the network burden of each VTEP equipment in VxLAN network, network bandwidth is saved, at this In invention, increase proxy server, which is sent to proxy server by the tunnel VxLAN with unicast fashion by VTEP1, by Proxy server is responsible for duplication and forwarding to message.

Step 603: proxy server receives the unknown unicast message that VTEP1 is sent, and determines the unknown unicast message The VxLAN at place is identified.

Step 604: according to the corresponding VTEP relationship list item of the VxLAN mark pre-saved, determining and removed in the VxLAN Target VTEP except VTEP1.

For example, it is assumed that determine the message in VxLAN a, therefore proxy server determine target VTEP be VTEP2, VTEP3, corresponding destination address are IP2, IP3.

Step 605: the unknown unicast message being replicated, by the destination address of the unknown unicast message after duplication It is revised as the IP address of target VTEP and encapsulation.

Step 606: utilizing modified unknown unicast message with the tunnel VxLAN between target VTEP with mode of unicast It is sent to corresponding target VTEP.

For example, except VTEP1 further includes VTEP2 and VTEP3 in VxLAN a, therefore proxy server can will receive Unknown unicast message copies as two parts, and two unknown unicast messages of duplication are sent respectively to VTEP2 and VTEP3, Portion can be replicated, a unknown unicast message after the unknown unicast message received and duplication is sent respectively to VTEP2 and VTEP3.Unknown unicast message after duplication needs to modify to destination address, is sent to the non-known of VTEP2 The destination address of unicast message is revised as IP2, is sent to the destination address modification IP3 of the unknown unicast message of VTEP3.

Step 607: target VTEP receives modified unknown unicast message, carries out decapsulation to it and is protected according to itself The modified unknown unicast message broadcasting is given each virtual machine of itself private network side by the MAC Address mapping table deposited, So that some virtual machine determines that the unknown unicast message is destined to oneself after receiving the message.

In embodiments of the present invention, since proxy server only has modified the destination address of unknown unicast message, not The source IP address of unknown unicast message after duplication is changed, therefore, target VTEP (VTEP2, VTEP3) is non-in reception After known unicast message, the source IP address or IP1 of the message, therefore target VTEP still believes that unknown unicast message is Come from source VTEP (VTEP1), rather than comes from proxy server.The MAC Address of message is also by target VTEP in this way It practises, and sets up the tunnel VxLAN with source VTEP.In the follow-up process, if source VTEP receive known unicast message will still It is directly transmitted by source VTEP, and without proxy server.In addition, the unknown unicast message due to VTEP equipment room is most of It is forwarded by proxy server, therefore the Internet resources of VTEP equipment room is greatly saved.

As shown in Figure 7, Figure 8, the embodiment of the invention provides a kind of processing unit of virtual extended local network packet, it is located at It include multiple VxLAN tunneling termination VTEP and agency service in virtual extended local area network VxLAN in virtual extended local area network Device.Installation practice can also be realized by software realization by way of hardware or software and hardware combining.From hardware layer For face, as shown in fig. 7, for a kind of hardware structure diagram of equipment where the device of that embodiment of the invention, in addition to CPU shown in Fig. 7, Except memory, network interface and nonvolatile memory, the equipment in embodiment where device may can also include other Hardware, such as it is responsible for the forwarding chip of processing message.Taking software implementation as an example, as shown in figure 8, as on a logical meaning Device, be that computer program instructions corresponding in nonvolatile memory are read by memory by the CPU of equipment where it What middle operation was formed.The processing unit 80 of virtual extended local network packet provided in this embodiment includes:

Unit 801 is established, for establishing the tunnel VxLAN between each VTEP;

Transmission unit 802 is taken for receiving the unknown unicast message of source VTEP transmission according to the unknown unicast message The VxLAN mark of band determines target VTEP all in addition to the VTEP of source in the VxLAN, and the unknown unicast message is sent Give target VTEP.

Further, the logon message that is described to establish unit, sending for receiving each VTEP, the logon message carry The IP address of the VTEP and at least one VxLAN are identified;The set and the registration for multiple VxLAN mark that itself is configured The collection conjunction intersection operation at least one VxLAN mark that message carries;When intersection operation is true, with the intersection operation value The corresponding VTEP of VxLAN mark establish the tunnel VxLAN, and save the corresponding VTEP of the matched VxLAN mark of intersection and close It is table.

Further, the transmission unit, the unknown unicast sent specifically for receiving source VTEP by mode of unicast Message, wherein the unknown unicast message is broadcasting packet, unknown unicast message or multicast message;According to unknown unicast report The VxLAN mark carried in text, and the VxLAN pre-saved identify corresponding VTEP relation table, determine in the VxLAN Interior all target VTEP in addition to the VTEP of source;According to the purpose IP address of the target VTEP, to the unknown unicast message into Row duplication, the destination address of the unknown unicast message after duplication is revised as, the IP address of the target VTEP and encapsulation;Benefit Modified unknown unicast message is sent to corresponding target VTEP with the tunnel VxLAN between each target VTEP.

Further, described device further include:

Unit 803 is deleted, for receiving when exiting request message of VTEP transmission, determines the VxLAN mark of the VTEP Know, and the tunnel VxLAN in the VxLAN between the VTEP is deleted.

As shown in Figure 9, Figure 10, the embodiment of the invention provides a kind of processing unit of virtual extended local network packet, positions It include multiple VxLAN tunneling termination VTEP, each VTEP in virtual extended local area network VxLAN in virtual extended local area network Corresponding virtual machine and proxy server.Installation practice can be by software realization, can also be by hardware or soft or hard The mode that part combines is realized.For hardware view, as shown in figure 9, one kind of equipment where the device of that embodiment of the invention is hard Part structure chart, other than CPU shown in Fig. 9, memory, network interface and nonvolatile memory, device institute in embodiment Equipment may can also include other hardware, such as be responsible for handle message forwarding chip.Taking software implementation as an example, such as Shown in Figure 10, as the device on a logical meaning, being will be corresponding in nonvolatile memory by the CPU of equipment where it Computer program instructions be read into memory operation formed.The processing of virtual extended local network packet provided in this embodiment Device 100 includes:

Receiving unit 1001, for receiving the unknown unicast message of private network side virtual machine transmission;

Transmission unit 1002, for the unknown unicast message to be sent to proxy server with mode of unicast, so that generation It manages server and the unknown unicast message is sent to target VTEP by the unicast of the tunnel VxLAN.

The foregoing is merely illustrative of the preferred embodiments of the present invention, is not intended to limit the invention, all in essence of the invention Within mind and principle, any modification, equivalent substitution, improvement and etc. done be should be included within the scope of the present invention.

Claims (10)

1. a kind of processing method of virtual extended local network packet, which is characterized in that the virtual extended local area network includes multiple VxLAN tunneling termination VTEP and proxy server, this method are applied to proxy server, comprising:
The tunnel VxLAN is established between the proxy server and each VTEP;
The unknown unicast message that reception source VTEP is sent, the VxLAN mark carried according to the unknown unicast message determine Target VTEP all in addition to the VTEP of source in the VxLAN, and the unknown unicast message is sent to target VTEP;
Wherein, it includes following two mode that the tunnel VxLAN is established between the proxy server and each VTEP: static configuration mode And auto discovery mechanism;
The static configuration mode is to determine multiple VxLAN marks, and all VTEPs corresponding with each VxLAN mark establish energy Enough send the tunnel VxLAN of VxLAN message;
The auto discovery mechanism is the logon message for receiving each VTEP and sending, and the IP of the VTEP is carried in the logon message Address and at least one VxLAN are identified, what the set of the multiple VxLAN mark configured to itself was carried with the logon message The collection conjunction intersection operation of at least one VxLAN mark establishes VxLAN tunnel with each VTEP when intersection operation is true Road.
2. also being wrapped the method according to claim 1, wherein establishing the tunnel VxLAN between described and each VTEP It includes:
Described when intersection operation is true, when establishing the tunnel VxLAN with each VTEP, saved according to the matched VxLAN of intersection The corresponding VTEP relation table of VxLAN mark.
3. the method according to claim 1, wherein the proxy server sends the unknown unicast message Target VTEP is given, is specifically included:
Corresponding VTEP is identified according to the VxLAN mark carried in unknown unicast message, and the VxLAN pre-saved Relation table determines target VTEP all in addition to the VTEP of source in the VxLAN;
According to the purpose IP address of the target VTEP, which is replicated, it will be non-known after duplication The destination address of unicast message is revised as the IP address of the target VTEP and encapsulation;
Modified unknown unicast message is sent to corresponding target using the tunnel VxLAN between each target VTEP VTEP。
4. the method according to claim 1, wherein the method also includes:
Receiving VTEP transmission when exiting request message, determine the VTEP VxLAN mark, and by the VxLAN with should It deletes in the tunnel VxLAN between VTEP.
5. a kind of processing method of virtual extended local network packet, which is characterized in that include multiple in the virtual extended local area network VxLAN tunneling termination VTEP, the corresponding virtual machine of each VTEP and proxy server, this method are applied to the end source VTEP, packet It includes:
Receive the unknown unicast message that private network side virtual machine is sent;
The unknown unicast message is sent to proxy server with mode of unicast, so that proxy server is by the unknown unicast Message is sent to target VTEP by the unicast of the tunnel VxLAN.
6. a kind of processing unit of virtual extended local network packet, which is characterized in that the virtual extended local area network VxLAN includes more A VxLAN tunneling termination VTEP and proxy server, the device are applied to proxy server, comprising:
Unit is established, for establishing the tunnel VxLAN between each VTEP;
Transmission unit is carried for receiving the unknown unicast message of source VTEP transmission according to the unknown unicast message VxLAN mark determines target VTEP all in addition to the VTEP of source in the VxLAN, and the unknown unicast message is sent to mesh Mark VTEP;
Wherein, described to establish between unit and each VTEP that establish the tunnel VxLAN include following two mode: static configuration mode and Auto discovery mechanism;
The static configuration mode is to determine multiple VxLAN marks, and all VTEPs corresponding with each VxLAN mark establish energy Enough send the tunnel VxLAN of VxLAN message;
The auto discovery mechanism is the logon message for receiving each VTEP and sending, and the IP of the VTEP is carried in the logon message Address and at least one VxLAN are identified, what the set of the multiple VxLAN mark configured to itself was carried with the logon message The collection conjunction intersection operation of at least one VxLAN mark establishes VxLAN tunnel with each VTEP when intersection operation is true Road.
7. device according to claim 6, which is characterized in that the unit of establishing is also used to:
Described when intersection operation is true, when establishing the tunnel VxLAN with each VTEP, saved according to the matched VxLAN of intersection The corresponding VTEP relation table of VxLAN mark.
8. device according to claim 6, which is characterized in that the transmission unit is further used for,
The unknown unicast message that reception source VTEP is sent by mode of unicast;
Corresponding VTEP is identified according to the VxLAN mark carried in unknown unicast message, and the VxLAN pre-saved Relation table determines target VTEP all in addition to the VTEP of source in the VxLAN;
According to the purpose IP address of the target VTEP, which is replicated, it will be non-known after duplication The destination address of unicast message is revised as the IP address of the target VTEP and encapsulation;Using between each target VTEP Modified unknown unicast message is sent to corresponding target VTEP by the tunnel VxLAN.
9. device according to claim 6, which is characterized in that described device further include:
Unit is deleted, for receiving when exiting request message of VTEP transmission, determines the VxLAN mark of the VTEP, and will It deletes in the tunnel VxLAN in the VxLAN between the VTEP.
10. a kind of processing unit of virtual extended local network packet, which is characterized in that include multiple in the virtual extended local area network VxLAN tunneling termination VTEP, the corresponding virtual machine of each VTEP and proxy server, the device are applied to the end source VTEP, packet It includes:
Receiving unit, for receiving the unknown unicast message of private network side virtual machine transmission;
Transmission unit, for the unknown unicast message to be sent to proxy server with mode of unicast, so that proxy server The unknown unicast message is sent to target VTEP by the unicast of the tunnel VxLAN.
CN201410495809.6A 2014-09-24 2014-09-24 A kind of processing method and processing device of virtual extended local network packet CN104243269B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201410495809.6A CN104243269B (en) 2014-09-24 2014-09-24 A kind of processing method and processing device of virtual extended local network packet

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201410495809.6A CN104243269B (en) 2014-09-24 2014-09-24 A kind of processing method and processing device of virtual extended local network packet

Publications (2)

Publication Number Publication Date
CN104243269A CN104243269A (en) 2014-12-24
CN104243269B true CN104243269B (en) 2019-01-22

Family

ID=52230663

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201410495809.6A CN104243269B (en) 2014-09-24 2014-09-24 A kind of processing method and processing device of virtual extended local network packet

Country Status (1)

Country Link
CN (1) CN104243269B (en)

Families Citing this family (9)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN104767666B (en) * 2015-04-15 2019-01-11 新华三技术有限公司 Virtual expansible local area network tunneling termination establishes tunnel approach and equipment
CN106936939A (en) * 2015-12-31 2017-07-07 华为技术有限公司 A kind of message processing method, relevant apparatus and NVO3 network systems
US10333725B2 (en) 2016-03-23 2019-06-25 International Business Machines Corporation Overlay network with optimized packet flooding
CN107332772A (en) 2016-04-29 2017-11-07 华为技术有限公司 Forwarding-table item method for building up and device
CN106101008B (en) * 2016-05-31 2019-08-06 新华三技术有限公司 A kind of transmission method and device of message
CN107566262A (en) * 2016-06-30 2018-01-09 中兴通讯股份有限公司 Message forwarding method and device in virtual expansible LAN VXLAN
CN106385354B (en) * 2016-08-30 2019-08-20 锐捷网络股份有限公司 Message forwarding method and device
CN107171966B (en) * 2017-07-27 2019-11-26 迈普通信技术股份有限公司 A kind of VXLAN file transmitting method, VTEP and VXLAN system
CN109728990A (en) * 2017-10-31 2019-05-07 中兴通讯股份有限公司 A kind of method for building up in tunnel, device and software defined network controller

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103647853A (en) * 2013-12-04 2014-03-19 华为技术有限公司 Method for sending ARP message in VxLAN, VTEP and VxLAN controller
CN103814554A (en) * 2013-12-11 2014-05-21 华为技术有限公司 Communication method, device and system of virtual extensible local area network
CN103841028A (en) * 2014-03-24 2014-06-04 杭州华三通信技术有限公司 Method and device for forwarding messages
JP2014143560A (en) * 2013-01-23 2014-08-07 Fujitsu Ltd Multi-tenant system, management device, management program and control method of multi-tenant system

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2014143560A (en) * 2013-01-23 2014-08-07 Fujitsu Ltd Multi-tenant system, management device, management program and control method of multi-tenant system
CN103647853A (en) * 2013-12-04 2014-03-19 华为技术有限公司 Method for sending ARP message in VxLAN, VTEP and VxLAN controller
CN103814554A (en) * 2013-12-11 2014-05-21 华为技术有限公司 Communication method, device and system of virtual extensible local area network
CN103841028A (en) * 2014-03-24 2014-06-04 杭州华三通信技术有限公司 Method and device for forwarding messages

Also Published As

Publication number Publication date
CN104243269A (en) 2014-12-24

Similar Documents

Publication Publication Date Title
Kim et al. Floodless in seattle: a scalable ethernet architecture for large enterprises
JP6483781B2 (en) Distributed logical L3 routing
JP5944870B2 (en) Providing logical networking capabilities for managed computer networks
JP6151394B2 (en) Provision of virtual security appliance architecture for virtual cloud infrastructure
US8670450B2 (en) Efficient software-based private VLAN solution for distributed virtual switches
CN104115453B (en) A kind of method and apparatus realizing virtual machine communication
US9794084B2 (en) Method and apparatus for implementing a flexible virtual local area network
US8750288B2 (en) Physical path determination for virtual network packet flows
US7796593B1 (en) Router using internal flood groups for flooding VPLS traffic
CN103270736B (en) A kind of network equipment
US9515930B2 (en) Intelligent handling of virtual machine mobility in large data center environments
US8477775B2 (en) Unifying local and mobility network identifiers
US9729578B2 (en) Method and system for implementing a network policy using a VXLAN network identifier
US8619771B2 (en) Private allocated networks over shared communications infrastructure
US9225636B2 (en) Method and apparatus for exchanging IP packets among network layer 2 peers
US9864619B2 (en) Systems and methods for a data center architecture facilitating layer 2 over layer 3 communication
US9350558B2 (en) Systems and methods for providing multicast routing in an overlay network
US20150009992A1 (en) Communication Between Endpoints in Different VXLAN Networks
JP5986692B2 (en) Network function virtualization for network devices
US9037691B1 (en) Managing use of intermediate destination computing nodes for provided computer networks
US20150229641A1 (en) Migration of a security policy of a virtual machine
CN104022960B (en) Method and apparatus based on OpenFlow protocol realizations PVLAN
US9912612B2 (en) Extended ethernet fabric switches
US9374270B2 (en) Multicast service in virtual networks
US9253140B2 (en) System and method for optimizing within subnet communication in a network environment

Legal Events

Date Code Title Description
C06 Publication
C10 Entry into substantive examination
CB02
GR01