CN104468775A - Distributed router obtaining method suitable for cloud computing - Google Patents

Distributed router obtaining method suitable for cloud computing Download PDF

Info

Publication number
CN104468775A
CN104468775A CN201410737360.XA CN201410737360A CN104468775A CN 104468775 A CN104468775 A CN 104468775A CN 201410737360 A CN201410737360 A CN 201410737360A CN 104468775 A CN104468775 A CN 104468775A
Authority
CN
China
Prior art keywords
network
bridge
gateway
cloud computing
node
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN201410737360.XA
Other languages
Chinese (zh)
Other versions
CN104468775B (en
Inventor
张瑜科
杨松
莫展鹏
季统凯
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
G Cloud Technology Co Ltd
Original Assignee
G Cloud Technology Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by G Cloud Technology Co Ltd filed Critical G Cloud Technology Co Ltd
Priority to CN201410737360.XA priority Critical patent/CN104468775B/en
Publication of CN104468775A publication Critical patent/CN104468775A/en
Application granted granted Critical
Publication of CN104468775B publication Critical patent/CN104468775B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L12/00Data switching networks
    • H04L12/28Data switching networks characterised by path configuration, e.g. LAN [Local Area Networks] or WAN [Wide Area Networks]
    • H04L12/46Interconnection of networks
    • H04L12/4641Virtual LANs, VLANs, e.g. virtual private networks [VPN]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L61/00Network arrangements, protocols or services for addressing or naming
    • H04L61/09Mapping addresses
    • H04L61/10Mapping addresses of different types
    • H04L61/103Mapping addresses of different types across network layers, e.g. resolution of network layer into physical layer addresses or address resolution protocol [ARP]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L61/00Network arrangements, protocols or services for addressing or naming
    • H04L61/50Address allocation
    • H04L61/5007Internet protocol [IP] addresses
    • H04L61/5014Internet protocol [IP] addresses using dynamic host configuration protocol [DHCP] or bootstrap protocol [BOOTP]

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Security & Cryptography (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)

Abstract

The invention relates to the technical field of cloud computing, in particular to a distributed router obtaining method suitable for cloud computing. The method includes the following steps that firstly, three network bridges are established for each computational node; secondly, an isolated virtual network space is established for each network by the corresponding computational nodes, a network interface is added to each network and connected to the internal network bridge, and the dhcp service is started in each virtual network space; thirdly, each computational node establishes a new network space for multiple networks of the same tenant with the communication requirement, each new network space is named as a router network space, a network port is added to each network and connected to the corresponding router network space and serves as a gateway, and the same mac and ip are set for the gateway of the same network; fourthly, when virtual machines are established, arp tables of the router network spaces are correspondingly updated, and the virtual machines are connected to the internal network bridges; fifthly, a flow rule is set between the internal network bridges. According to the method, the problems of virtual machine network single-point faults and large loads are solved and the method can be used for obtaining distributed routers for cloud computing.

Description

A kind of distribution router implementation method being applicable to cloud computing
Technical field
The present invention relates to field of cloud computer technology, refer to a kind of distribution router implementation method being applicable to cloud computing especially.
Background technology
Under cloud platform, each user wishes that oneself arbitrarily can create network, and user wishes the communication that can control heterogeneous networks.
The common solution of industry is, a high performance computer installation is become network control node.Then network control node has following function: 1) network control node arranges the ip of virtual machine by dhcp; 2) gateway of each network is arranged on network control node; 3) each network does NAT mapping at network control node.
The common solution of industry there is following drawback:
1, Single Point of Faliure can affect the communication of all virtual machines, how network node generation hardware fault, and so virtual machine can lose ip, whole virtual machine network paralysis.
2, heterogeneous networks virtual machine communication bandwidth is normally very large, and a high performance computer is unable to cope with large-scale application scenarios, and the service quality of heterogeneous networks communication cannot ensure.
Summary of the invention
The technical problem that the present invention solves is to provide a kind of distribution router implementation method being applicable to cloud computing, solves the Single Point of Faliure of virtual computer network and the problem of heavy load of cloud platform.
The technical scheme that the present invention solves the problems of the technologies described above is:
Described method comprises the following steps:
Step one: each computing node creates three bridges, is respectively inner bridge, interior network bridge and outer network bridge;
Step 2: computing node is the virtual network of each network creation one isolation, called after dhcp cyberspace, and dhcp cyberspace is added a network interface and is connected to inner bridge, and start dhcp service at virtual network;
Step 3: each computing node is the cyberspace needing multiple network creations one of the same tenant of communication new, called after route network space; And add a network port to route network space for each network, as the gateway of each network; The gateway that there is same network of each computing node is arranged to identical mac and ip;
Step 4: when creating virtual machine, the arp table in corresponding renewal each computing node route network space, and virtual machine is connected on inner bridge;
Step 5: flow rule is set at inner bridge and interior network bridge.
Described flow rule is:
1) VLAN that network creates is converted to inner VLAN; 2) virtual machine on computing node all abandons for the arp request data package of gateway, is not sent to beyond node; 3) destination address sent on computing node is that the packet of gateway MAC address all abandons, and is not sent to beyond node; 4) on computing node, virtual machine outwards sends packet, source address be gateway MAC be revised as the MAC Address distributing to node; 5) source MAC of the data sent from other Node-unique MAC address received is revised as the MAC Address of gateway.
Virtual machine is connected to inner bridge, and inner bridge is connected by veth pair with interior network bridge; Interior network bridge adds internal physical network card; Outer net network interface card adds external network interface card.
Flow rule is arranged between port that inner bridge is connected with interior network bridge, and inside bridge and the interior network bridge of each network are isolated by vlan.
The beneficial effect of the present invention program is as follows:
1, method of the present invention solves the bottleneck of Single Point of Faliure, and one of them computing node occurs that communication failure can not affect the communication between other virtual machines.
2, method of the present invention effectively can reduce the traffic load between network, and the packet of the virtual machine under same computing node is all limited in the inside of computing node, does not need the process through external switch.
Accompanying drawing explanation
Below in conjunction with accompanying drawing, the present invention is further described:
Fig. 1 is flow chart of the present invention;
Embodiment
As shown in Figure 1, specific implementation process of the present invention is as follows:
(1) computing node creates 3 bridges
#ovs-vsctl add-br br-int
#ovs-vsctl add-br br-ex
#ovs-vsctl add-br br-phy
#ovs-vsctl add-port br-phy eth1;ovs-vsctl add-port br-ex ext2
(2) be network creation dhcp cyberspace
#ip netns add dhcp-net1
#ovs-vsctl add-port br-int tap9tag platform 9--set interface tap9type platform internal
#ip netns exec dhcp-net1ip addr add 192.168.12.1/24dev tap9
#ip netns exec dhcp-net1ifconfig tap9promisc up
And then dhcp-net1 starts dhcp service
For each user creates a route network space, and gateway is set
#ip netns add qr-123456
#ovs-vsctl add-port br-int gw_tag9tag platform 9--set interface gw_tag9type platform internal
#ip netns exec qr-123456ip addr add 192.168.12.254dev gw_tag9
#ip netns exec qr-123456ifconfig gw_tag9hw ether e0:0e:aa:bb:cc:dd
#ip netns exec qr-123456ifconfig gw_tag9promisc up
#ovs-vsctl add-port br-int gw_tag8tag platform 8--set interface gw_tag8type platform internal
#ip link set gw_tag8netns qr-123456
#ip netns exec qr-123456ip addr add 192.10.10.254dev gw_tag8
#ip netns exec qr-123456ifconfig gw_tag8hw ether f0:0f:aa:bb:cc:dd
#ip netns exec qr-123456ifconfig gw_tag8promisc up
(3) virtual machine corresponding renewal arp table is created
#ip netns exec qr-123456arp-s 192.168.12.123e0:0e:a1:b1:c1:d1
#ip netns exec qr-123456arp-s 192.10.10.123f0:0f:a2:b2:c2:d2
(4) flow rule is set at inner bridge and interior network bridge

Claims (5)

1. be applicable to a distribution router implementation method for cloud computing, it is characterized in that: described method comprises the following steps:
Step one: each computing node creates three bridges, is respectively inner bridge, interior network bridge and outer network bridge;
Step 2: computing node is the virtual network of each network creation one isolation, called after dhcp cyberspace, and dhcp cyberspace is added a network interface and is connected to inner bridge, and start dhcp service at virtual network;
Step 3: each computing node is the cyberspace needing multiple network creations one of the same tenant of communication new, called after route network space; And add a network port to route network space for each network, as the gateway of each network; The gateway that there is same network of each computing node is arranged to identical mac and ip;
Step 4: when creating virtual machine, the arp table in corresponding renewal each computing node route network space, and virtual machine is connected on inner bridge;
Step 5: flow rule is set at inner bridge and interior network bridge.
2. the distribution router implementation method being applicable to cloud computing according to claim 1, is characterized in that: described flow rule is:
1) VLAN that network creates is converted to inner VLAN; 2) virtual machine on computing node all abandons for the arp request data package of gateway, is not sent to beyond node; 3) destination address sent on computing node is that the packet of gateway MAC address all abandons, and is not sent to beyond node; 4) on computing node, virtual machine outwards sends packet, source address be gateway MAC be revised as the MAC Address distributing to node; 5) source MAC of the data sent from other Node-unique MAC address received is revised as the MAC Address of gateway.
3. the distribution router implementation method being applicable to cloud computing according to claim 1, it is characterized in that: virtual machine is connected to inner bridge, inner bridge is connected by veth pair with interior network bridge; Interior network bridge adds internal physical network card; Outer net network interface card adds external network interface card.
4. the distribution router implementation method being applicable to cloud computing according to claim 2, it is characterized in that: virtual machine is connected to inner bridge, inner bridge is connected by veth pair with interior network bridge; Interior network bridge adds internal physical network card; Outer net network interface card adds external network interface card.
5. the distribution router implementation method being applicable to cloud computing according to any one of Claims 1-4, it is characterized in that: flow rule is arranged between port that inner bridge is connected with interior network bridge, and inside bridge and the interior network bridge of each network are isolated by vlan.
CN201410737360.XA 2014-12-05 2014-12-05 A kind of distribution router implementation method suitable for cloud computing Active CN104468775B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201410737360.XA CN104468775B (en) 2014-12-05 2014-12-05 A kind of distribution router implementation method suitable for cloud computing

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201410737360.XA CN104468775B (en) 2014-12-05 2014-12-05 A kind of distribution router implementation method suitable for cloud computing

Publications (2)

Publication Number Publication Date
CN104468775A true CN104468775A (en) 2015-03-25
CN104468775B CN104468775B (en) 2017-10-10

Family

ID=52914127

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201410737360.XA Active CN104468775B (en) 2014-12-05 2014-12-05 A kind of distribution router implementation method suitable for cloud computing

Country Status (1)

Country Link
CN (1) CN104468775B (en)

Cited By (15)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN105871740A (en) * 2016-06-27 2016-08-17 联想(北京)有限公司 Communication method, communication system and control node for distributed networks
WO2017032300A1 (en) * 2015-08-25 2017-03-02 华为技术有限公司 Data transmission method, virtual network management apparatus, and data transmission system
CN106487695A (en) * 2015-08-25 2017-03-08 华为技术有限公司 A kind of data transmission method, virtual network managing device and data transmission system
CN106850354A (en) * 2017-02-22 2017-06-13 郑州云海信息技术有限公司 A kind of processing method and processing device of Single Point of Faliure
CN106936943A (en) * 2017-03-21 2017-07-07 深信服科技股份有限公司 The distribution method and system of virtual machine address
CN106953943A (en) * 2017-04-25 2017-07-14 中国联合网络通信集团有限公司 Suitable for the method and device of switch communication
CN107172120A (en) * 2017-03-27 2017-09-15 联想(北京)有限公司 Information processing method, processing node and network node
CN107547439A (en) * 2017-09-08 2018-01-05 中国银联股份有限公司 A kind of method for controlling network flow and calculate node
CN107615716A (en) * 2015-05-22 2018-01-19 国际商业机器公司 Multi-tenant for cloud networking perceives DHCP(DHCP)Mechanism
CN108471383A (en) * 2018-02-08 2018-08-31 华为技术有限公司 Message forwarding method, device and system
CN109710423A (en) * 2018-12-11 2019-05-03 上海云轴信息科技有限公司 A kind of method and apparatus for inter-virtual machine communication
WO2020135219A1 (en) * 2018-12-28 2020-07-02 Alibaba Group Holding Limited Method, apparatus, and computer-readable storage medium for network control
CN112243045A (en) * 2019-07-16 2021-01-19 北京东土科技股份有限公司 Service data processing method and device, node structure and electronic equipment
WO2021027408A1 (en) * 2019-08-14 2021-02-18 南京中兴新软件有限责任公司 Smooth evolution method for virtual gateway, and gateway device and storage medium
CN113839876A (en) * 2021-10-28 2021-12-24 上海云轴信息科技有限公司 Transmission path optimization method and equipment for internal network

Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102255903A (en) * 2011-07-07 2011-11-23 广州杰赛科技股份有限公司 Safety isolation method for virtual network and physical network of cloud computing
CN103746997A (en) * 2014-01-10 2014-04-23 浪潮电子信息产业股份有限公司 Network security solution for cloud computing center

Patent Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102255903A (en) * 2011-07-07 2011-11-23 广州杰赛科技股份有限公司 Safety isolation method for virtual network and physical network of cloud computing
CN103746997A (en) * 2014-01-10 2014-04-23 浪潮电子信息产业股份有限公司 Network security solution for cloud computing center

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
常立伟: ""Quantum中多租户隔离与网络服务扩展研究"", 《《中国优秀硕士学位论文全文数据库》》 *

Cited By (23)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US11956207B2 (en) 2015-05-22 2024-04-09 Kyndryl, Inc. Multi-tenant aware dynamic host configuration protocol (DHCP) mechanism for cloud networking
US11546293B2 (en) 2015-05-22 2023-01-03 Kyndryl, Inc. Multi-tenant aware dynamic host configuration protocol (DHCP) mechanism for cloud networking
CN107615716A (en) * 2015-05-22 2018-01-19 国际商业机器公司 Multi-tenant for cloud networking perceives DHCP(DHCP)Mechanism
CN107615716B (en) * 2015-05-22 2020-07-03 国际商业机器公司 Multi-tenant aware Dynamic Host Configuration Protocol (DHCP) mechanism for cloud networking
US10904206B2 (en) 2015-05-22 2021-01-26 International Business Machines Corporation Multi-tenant aware dynamic host configuration protocol (DHCP) mechanism for cloud networking
CN106487695B (en) * 2015-08-25 2019-10-01 华为技术有限公司 A kind of data transmission method, virtual network managing device and data transmission system
CN106487695A (en) * 2015-08-25 2017-03-08 华为技术有限公司 A kind of data transmission method, virtual network managing device and data transmission system
WO2017032300A1 (en) * 2015-08-25 2017-03-02 华为技术有限公司 Data transmission method, virtual network management apparatus, and data transmission system
CN105871740A (en) * 2016-06-27 2016-08-17 联想(北京)有限公司 Communication method, communication system and control node for distributed networks
CN106850354A (en) * 2017-02-22 2017-06-13 郑州云海信息技术有限公司 A kind of processing method and processing device of Single Point of Faliure
CN106936943A (en) * 2017-03-21 2017-07-07 深信服科技股份有限公司 The distribution method and system of virtual machine address
CN107172120A (en) * 2017-03-27 2017-09-15 联想(北京)有限公司 Information processing method, processing node and network node
CN106953943A (en) * 2017-04-25 2017-07-14 中国联合网络通信集团有限公司 Suitable for the method and device of switch communication
CN107547439A (en) * 2017-09-08 2018-01-05 中国银联股份有限公司 A kind of method for controlling network flow and calculate node
CN108471383A (en) * 2018-02-08 2018-08-31 华为技术有限公司 Message forwarding method, device and system
CN108471383B (en) * 2018-02-08 2021-02-12 华为技术有限公司 Message forwarding method, device and system
CN109710423A (en) * 2018-12-11 2019-05-03 上海云轴信息科技有限公司 A kind of method and apparatus for inter-virtual machine communication
CN109710423B (en) * 2018-12-11 2020-11-03 上海云轴信息科技有限公司 Method and equipment for communication between virtual machines
US11240160B2 (en) 2018-12-28 2022-02-01 Alibaba Group Holding Limited Method, apparatus, and computer-readable storage medium for network control
WO2020135219A1 (en) * 2018-12-28 2020-07-02 Alibaba Group Holding Limited Method, apparatus, and computer-readable storage medium for network control
CN112243045A (en) * 2019-07-16 2021-01-19 北京东土科技股份有限公司 Service data processing method and device, node structure and electronic equipment
WO2021027408A1 (en) * 2019-08-14 2021-02-18 南京中兴新软件有限责任公司 Smooth evolution method for virtual gateway, and gateway device and storage medium
CN113839876A (en) * 2021-10-28 2021-12-24 上海云轴信息科技有限公司 Transmission path optimization method and equipment for internal network

Also Published As

Publication number Publication date
CN104468775B (en) 2017-10-10

Similar Documents

Publication Publication Date Title
CN104468775A (en) Distributed router obtaining method suitable for cloud computing
EP3122004B1 (en) Traffic switching method, device, and system
EP3254417B1 (en) Method and system for supporting port ranging in a software-defined networking (sdn) system
CN106953788B (en) virtual network controller and control method
US11336973B2 (en) Optical line terminal OLT device virtualization method and related device
US9338097B2 (en) Method and system for load balancing at a data network
JP6319604B2 (en) SDN controller, data center system, and routing connection method
US9473404B2 (en) Symmetric flow processing in a software-defined networking (SDN) system
US20150309818A1 (en) Method of virtual machine migration using software defined networking
CN111638957B (en) Method for realizing cluster sharing type public cloud load balance
JP2019503595A5 (en)
US9860170B2 (en) Method, device, and system for packet routing in a network
US11509581B2 (en) Flow-based local egress in a multisite datacenter
CN105519080A (en) Method and apparatus for exchanging IP packets among network layer 2 peers
CN103763310A (en) Firewall service system and method based on virtual network
CN105634770A (en) Method for disposing virtual extensible local area network (VXLAN)
CN103036788A (en) Implementation method of multi-interface gateway equipment data transmitting
WO2020108587A1 (en) Data processing method, controller and forwarding device
CN104301129A (en) Dynamic host configuration method and system in software defined network
CN105791402A (en) Network virtualization realization method of cloud computing platform and corresponding plug-in and agent
CN104980368A (en) Bandwidth guarantee method and apparatus in software defined network (SDN)
CN104601428A (en) Communication method of virtual machines
FI3782334T3 (en) System and method for creating group networks between network devices
WO2014180199A1 (en) Network establishment method and control device
CN104092684A (en) Method and device for supporting VPN based on OpenFlow protocol

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant
CP02 Change in the address of a patent holder
CP02 Change in the address of a patent holder

Address after: 523808 19th Floor, Cloud Computing Center, Chinese Academy of Sciences, No. 1 Kehui Road, Songshan Lake Hi-tech Industrial Development Zone, Dongguan City, Guangdong Province

Patentee after: G-Cloud Technology Co., Ltd.

Address before: 523808 No. 14 Building, Songke Garden, Songshan Lake Science and Technology Industrial Park, Dongguan City, Guangdong Province

Patentee before: G-Cloud Technology Co., Ltd.