CN104717081B - The implementation method and device of a kind of gateway function - Google Patents

The implementation method and device of a kind of gateway function Download PDF

Info

Publication number
CN104717081B
CN104717081B CN201310684671.XA CN201310684671A CN104717081B CN 104717081 B CN104717081 B CN 104717081B CN 201310684671 A CN201310684671 A CN 201310684671A CN 104717081 B CN104717081 B CN 104717081B
Authority
CN
China
Prior art keywords
server
rule
virtual machine
gateway
subnet
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN201310684671.XA
Other languages
Chinese (zh)
Other versions
CN104717081A (en
Inventor
刘军利
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Huawei Technologies Co Ltd
Original Assignee
Hangzhou Huawei Digital Technologies Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Hangzhou Huawei Digital Technologies Co Ltd filed Critical Hangzhou Huawei Digital Technologies Co Ltd
Priority to CN201310684671.XA priority Critical patent/CN104717081B/en
Publication of CN104717081A publication Critical patent/CN104717081A/en
Application granted granted Critical
Publication of CN104717081B publication Critical patent/CN104717081B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Abstract

Embodiments of the invention provide a kind of implementation method and device of gateway function, are related to communication technical field, it is possible to increase communication efficiency and communication stability between virtual machine and main frame.This method includes:Server receives the first request message that management node is sent, the first routing iinformation of the first gateway and the first detected rule of first gateway are carried in first request message, first request message is used to create first gateway on the virtual switch of request server in the server;Server obtains the first routing iinformation and the first detected rule according to the first request message;Server generates the first routing rule and the second detected rule according to the first routing iinformation and the first detected rule;Server realizes the function of the first gateway by virtual switch according to the first routing rule and the second detected rule.

Description

The implementation method and device of a kind of gateway function
Technical field
The present invention relates to the implementation method and device of communication technical field, more particularly to a kind of gateway function.
Background technology
, can be by corresponding between the virtual machine in a subnet and the main frame in another subnet in virtualization system Virtual gateway is communicated, wherein, main frame can include physical host and virtual machine.At present, virtualization system can include more Individual server, at least one virtual machine can be run on each server, wherein, each virtual machine only belongs to the virtualization system In some subnet.
In the prior art, when creating a subnet, it is also desirable to create a gateway corresponding with the subnet.Specifically can be with By creating a virtual machine on some server in virtualization system, and when adding the subnet, by the net of the subnet Pass is configured on a virtual network interface, while is connect using a separate interface of the virtual machine as the up of gateway Mouthful, and the routing iinformation of reception is generated into routing rule, and the routing rule is configured on the virtual machine, i.e., in virtual machine On realize gateway function, the virtual machine in the subnet on the Servers-all in the virtualization system all realizes gateway by this The virtual machine of function is communicated.
However, the above-mentioned method for realizing gateway function, on the one hand, due to by the virtual machine forwarding number for realizing gateway function According to the performance of bag and this realize gateway function virtual machine bandwidth limitation, therefore cause between source virtual machine and destination host Communication efficiency is relatively low, wherein, destination host can include target physical main frame and target virtual machine;On the other hand, if gateway institute Server fail, then by all virtual machines of the gateway communication can not proper communication, so as to cause source void The interruption to be communicated between plan machine and destination host.
The content of the invention
Embodiments of the invention provide a kind of implementation method and device of gateway function, it is possible to increase virtual machine and main frame it Between communication efficiency and communication stability.
To reach above-mentioned purpose, embodiments of the invention adopt the following technical scheme that:
In a first aspect, embodiments of the invention provide a kind of implementation method of gateway function, including:
Server receives the first request message that management node is sent, and the first gateway is carried in first request message First detected rule of the first routing iinformation and first gateway, first request message are used to ask the server to exist First gateway is created on virtual switch in the server;
The server obtains first routing iinformation and the first detection rule according to first request message Then;
The server generates the first routing rule and the according to first routing iinformation and first detected rule Two detected rules;
The server is real by the virtual switch according to first routing rule and second detected rule The function of existing first gateway.
In the first possible implementation of first aspect, the server is according to first routing iinformation and institute The first detected rule is stated, the first routing rule is generated and the second detected rule specifically includes:
The server generates the first via corresponding with first routing iinformation according to first routing iinformation By rule and the first Route Distinguisher;
First Route Distinguisher is added in first detected rule by the server, to generate second inspection Gauge is then.
With reference to the first possible implementation of foregoing first aspect or first aspect, in second of possible realization In mode, first gateway and first routing rule are gateway corresponding with the first subnet and routing rule,
Wherein, the server passes through the virtual friendship according to first routing rule and second detected rule The method for the function of realizing first gateway of changing planes, including:
The server receives source virtual machine by the virtual switch and sent to the packet of destination host, the number According to the address information and the address information of the destination host for including the source virtual machine, wherein, the source virtual machine is by institute State the first subnet and service is provided, the destination host provides service by the second subnet;
The server is according to the address information of the source virtual machine, the address information of the destination host and described second Detected rule, determine the mark of first subnet and the mark of second subnet;
If the mark of first subnet is different from the mark of second subnet, the server is then according to described first Routing rule, the packet is forwarded.
With reference to second of possible implementation of first aspect, in the third possible implementation, the service After device determines the mark of first subnet and the mark of second subnet, methods described also includes:
If the mark of first subnet is identical with the mark of second subnet, the server is then according to described second Detected rule forwards to the packet.
With reference to the third possible implementation of first aspect, in the 4th kind of possible implementation, the target The address information of main frame includes the internet protocol address of the destination host,
Wherein, if the mark of first subnet is identical with the mark of second subnet, the server is then according to institute State before the second detected rule forwards to the packet, methods described also includes:
The server is according to the IP address of the destination host, in the first address of cache corresponding with the source virtual machine The MAC address of the destination host corresponding with the IP address of the destination host is searched in table;
If the server does not find the MAC Address of the destination host in first address mapping table, described Server then obtains the MAC Address of the destination host, and the MAC Address of the destination host is preserved to first address Mapping table.
With reference to the 4th kind of possible implementation of first aspect, in the 5th kind of possible implementation, the service Device forwards according to first routing rule to the packet;The server is according to second detected rule pair The packet is forwarded, and is specifically included:
The server is according to the IP address of first routing rule/second detected rule, the destination host And the MAC Address of the destination host, the packet is forwarded.
Second aspect, embodiments of the invention also provide a kind of implementation method of gateway function, including:
When creating the first virtual machine in first server, management node searches the first via in the first server By rule and the second detected rule, first routing rule and second detected rule are corresponding with first virtual machine The first gateway rule;
If the management node does not find first routing rule and second inspection in the first server Then, the management node then sends the first request message to the first server to gauge so that the first server according to First request message obtains the first routing iinformation and the first detected rule, and according to first routing iinformation and described the One detected rule generates first routing rule and second detected rule, and according to first routing rule and institute The second detected rule is stated, the function of first gateway is realized by the virtual switch in the first server, wherein, institute State and first routing iinformation and first detected rule are carried in the first request message, first request message is used for please The first server is asked to create first gateway on the virtual switch.
In the first possible implementation of second aspect, when there is virtual machine to be migrated in the first server When, the virtual machine to be migrated is virtual machine corresponding with first gateway, and methods described also includes:
The management node determines at least one second server in server cluster;
The management node searches first routing rule and described second at least one second server Detected rule;
If the management node finds first routing rule and described at least one second server Second detected rule, the management node then by the virtual machine (vm) migration to be migrated in the first server to it is described at least One second server.
With reference to the first possible implementation of second aspect, in second of possible implementation, the management Node is described by after the virtual machine (vm) migration to be migrated in the first server at least one second server Method also includes:
The management node determines whether there be do not migrate virtually corresponding with first gateway in the first server Machine;
If the management node determines not migrate virtual machine without described in the first server, the management node then refers to Show that the first server deletes first routing rule and second detected rule.
In the third possible implementation of second aspect, the management node is searched in the first server After first routing rule and the second detected rule, methods described also includes:
If the management node finds first routing rule and second detection in the first server Rule, the management node then indicate the first server according to first routing rule and second detected rule, The function of first gateway is realized by the virtual switch.
The third aspect, embodiments of the invention provide a kind of server, including:
Receiving unit, the is carried for receiving the first request message of management node transmission, in first request message First detected rule of the first routing iinformation of one gateway and first gateway, first request message are used to ask in institute State and first gateway is created on the virtual switch in server;
Acquiring unit, for first request message received according to the receiving unit, obtain the first via by Information and first detected rule;
Generation unit, for first routing iinformation obtained according to the acquiring unit and the first detection rule Then, the first routing rule and the second detected rule are generated;
Unit is realized, for first routing rule generated according to the generation unit and the second detection rule Then, the function of first gateway is realized by the virtual switch.
In the first possible implementation of the third aspect,
The generation unit, specifically for first routing iinformation obtained according to the acquiring unit, generation and institute First routing rule and the first Route Distinguisher corresponding to the first routing iinformation are stated, and first Route Distinguisher is added Into first detected rule, to generate second detected rule.
With reference to the first possible implementation of the foregoing third aspect or the third aspect, in second of possible realization In mode, first gateway and first routing rule are gateway corresponding with the first subnet and routing rule,
Wherein, the server also includes determining unit;
The receiving unit, it is additionally operable to send to the data of destination host by virtual switch reception source virtual machine Bag, the packet include the address information of the source virtual machine and the address information of the destination host, wherein, the source is empty Plan machine provides service by first subnet, and the destination host provides service by the second subnet;
The determining unit, address information, the mesh for the source virtual machine that is received according to the receiving unit Mark main frame address information and the generation unit generation second detected rule, determine first subnet mark and The mark of second subnet;
It is described to realize unit, if being additionally operable to the mark and the described second son for first subnet that the determining unit determines The mark of net is different, then first routing rule generated according to the generation unit, the packet is forwarded.
With reference to second of possible implementation of the third aspect, in the third possible implementation,
It is described to realize unit, it is additionally operable to determine the mark of first subnet and second subnet in the determining unit Mark after, if first subnet mark it is identical with the mark of second subnet, according to the generation unit life Into second detected rule packet is forwarded.
With reference to the third possible implementation of the third aspect, in the 4th kind of possible implementation,
The address information of the destination host includes the IP address of the destination host, wherein, the server also includes Searching unit and storage unit;
The searching unit, if the mark of first subnet determined for the determining unit and second subnet Mark it is identical, it is described to realize that unit then enters according to second detected rule to the packet that the receiving unit receives Before row forwarding, the IP address of the destination host received according to the receiving unit, corresponding with the source virtual machine The MAC Address of the destination host corresponding with the IP address of the destination host is searched in first address mapping table;
The acquiring unit, if be additionally operable to the searching unit does not find the mesh in first address mapping table The MAC Address of main frame is marked, then obtains the MAC Address of the destination host;
The storage unit, the MAC Address of the destination host for the acquiring unit to be obtained are preserved to described First address mapping table.
With reference to the 4th kind of possible implementation of the third aspect, in the 5th kind of possible implementation,
It is described to realize unit, specifically for first routing rule/described second generated according to the generation unit The IP address of the destination host and the MAC Address of the destination host that detected rule, the acquiring unit obtain, to described The packet that receiving unit receives is forwarded.
Fourth aspect, embodiments of the invention also provide a kind of management node, including:
Searching unit, for when creating the first virtual machine in first server, being searched in the first server First routing rule and the second detected rule, first routing rule and second detected rule be with it is described first virtual The rule of first gateway corresponding to machine;
Transmitting element, if not finding first routing rule in the first server for the searching unit With second detected rule, then send the first request message to the first server so that the first server according to First request message obtains the first routing iinformation and the first detected rule, and according to first routing iinformation and described the One detected rule generates first routing rule and second detected rule, and according to first routing rule and institute The second detected rule is stated, the function of first gateway is realized by the virtual switch in the first server, wherein, institute State and first routing iinformation and first detected rule are carried in the first request message, first request message is used for please The first server is asked to create first gateway on the virtual switch.
In the first possible implementation of fourth aspect, the management node also includes determining unit and migration is single Member;
The determining unit, for when having virtual machine to be migrated in the first server, in server cluster really Fixed at least one second server, wherein, the virtual machine to be migrated is virtual machine corresponding with first gateway;
The searching unit, it is additionally operable to search institute at least one second server that the determining unit determines State the first routing rule and second detected rule;
Migration units, if finding the first via at least one second server for the searching unit By regular and described second detected rule, then by the virtual machine (vm) migration to be migrated in the first server to it is described at least One second server.
With reference to the first possible implementation of fourth aspect, in second of possible implementation, the management Node also includes indicating member;
The determining unit, it is additionally operable to the virtual machine to be migrated in the first server in the migration units Migrate at least one second server, determine whether to have in the first server corresponding with first gateway Do not migrate virtual machine;
The indicating member, if determining not migrating virtually described in nothing in the first server for the determining unit Machine, it indicates that the first server deletes first routing rule and second detected rule.
In the third possible implementation of fourth aspect,
The indicating member, if be additionally operable to the searching unit found in the first server first via by Regular and described second detected rule, it indicates that the first server is according to first routing rule and second detection Rule, the function of first gateway is realized by the virtual switch.
5th aspect, embodiments of the invention provide a kind of system of realizing of gateway function, including:At least one such as right It is required that the server described in any one of 11-16, and the management node as described in claim any one of 17-20.
Embodiments of the invention provide a kind of implementation method and device of gateway function, and management node is received by server The first request message sent, carry in first request message the first gateway the first routing iinformation and the first gateway first Detected rule, first request message are used to create the first gateway on the virtual switch of request server in the server, and The server obtains the first routing iinformation and the first detected rule, and the server is according to first according to the first request message Routing iinformation and the first detected rule, generate the first routing rule and the second detected rule, finally the server according to this first Routing rule and second detected rule, the function of the first gateway is realized by virtual switch.By the program, on the one hand by The first routing rule and second detected rule are generated in server, the function of the first gateway is realized by virtual switch, from And the limitation of the performance and the virtual machine bandwidth of the virtual machine forwarding packet for realizing gateway function in the prior art is avoided, because This, improves the communication efficiency between virtual machine and main frame;On the other hand, because the program is every suitable for virtualization system Individual server, therefore, gateway function corresponding with some subnet can be created on each server, so as to work as the subnet During some interior server fail, other virtual machines in the subnet can still continue to communicate with main frame, and then improve Communication stability between virtual machine and main frame.
Brief description of the drawings
Fig. 1 is the schematic diagram that gateway function is realized by virtual machine that prior art provides;
Fig. 2 is a kind of flow chart one of the implementation method of gateway function provided in an embodiment of the present invention;
Fig. 3 is the schematic diagram provided in an embodiment of the present invention that gateway function is realized by virtual switch;
Fig. 4 is a kind of flowchart 2 of the implementation method of gateway function provided in an embodiment of the present invention;
Fig. 5 is a kind of interaction figure one of the implementation method of gateway function provided in an embodiment of the present invention;
Fig. 6 is a kind of interaction figure two of the implementation method of gateway function provided in an embodiment of the present invention;
Fig. 7 is a kind of flow chart 3 of the implementation method of gateway function provided in an embodiment of the present invention;
Fig. 8 is a kind of flow chart four of the implementation method of gateway function provided in an embodiment of the present invention;
Fig. 9 is the structural representation one of server provided in an embodiment of the present invention;
Figure 10 is the structural representation two of server provided in an embodiment of the present invention;
Figure 11 is the structural representation three of server provided in an embodiment of the present invention;
Figure 12 is the structural representation four of server provided in an embodiment of the present invention;
Figure 13 is the structural representation one of management node provided in an embodiment of the present invention;
Figure 14 is the structural representation two of management node provided in an embodiment of the present invention;
Figure 15 is the structural representation three of management node provided in an embodiment of the present invention;
Figure 16 is the structural representation five of server provided in an embodiment of the present invention;
Figure 17 is the structural representation four of management node provided in an embodiment of the present invention;
Figure 18 realizes system block diagram for gateway function provided in an embodiment of the present invention.
Embodiment
The implementation method and device of a kind of gateway function provided below in conjunction with the accompanying drawings embodiments of the invention carry out detailed Carefully describe.
In the prior art, when creating a subnet, a void is created on a server that can be in virtualization system Plan machine, and realize gateway function by configuring the routing rule of the subnet on the virtual machine.So as in the virtualization system Servers-all on the subnet in virtual machine can be communicated by realizing the virtual machine of gateway function.
Wherein, gateway is when using being communicated between different architecture or the network of agreement, there is provided Route Selection, The facility of the Web-compatible function such as data exchange.
Specifically, between virtual machine and main frame in same subnet, and between virtual machine and main frame in different sub-network During transmission packet, source virtual machine needs that the packet first sent into the interchanger to server, then by interchanger send to Realize on the virtual machine of gateway function, finally by realizing that the packet is forwarded to by the virtual machine of gateway function by interchanger Destination host.Wherein, source virtual machine provides service by the first subnet, and destination host provides service by the second subnet, i.e. source is virtual Machine belongs to the first subnet, and destination host belongs to the second subnet.Exist simultaneously belonging to source virtual machine for example, working as on a server Realized corresponding to first subnet and realize gateway function corresponding to the second subnet belonging to the virtual machine and destination host of gateway function Virtual machine when, between source virtual machine and destination host during transmission packet, source virtual machine need to first by the packet send to The packet is sent to corresponding with the first subnet belonging to source virtual machine realize net again by the interchanger on server, interchanger On the virtual machine for closing function, realize that the packet is passed through the interchanger by the virtual machine of gateway function as corresponding to first subnet It is forwarded on the virtual machine for realizing gateway function corresponding with the second subnet belonging to destination host, and by second subnet pair The virtual machine for realizing gateway function answered, which is subcontracted the data by the interchanger, is forwarded to destination host.
Further, for example, between the virtual machine in different sub-network exemplified by transmission packet, as shown in figure 1, In virtualization system, if the virtual machine 2 in server A in subnet 1 will be led to the virtual machine 6 in subnet in server B 2 Letter, then can create the virtual machine 1 for realizing gateway function on server, the gateway is gateway 1 corresponding to subnet 1, is being serviced The virtual machine 4 for realizing gateway function is created on device B, the gateway is gateway 2 corresponding to subnet 2.In server A, in subnet 1 Virtual machine 2 sends packet to virtual switch 1, and the packet is sent to realizing the virtual of the function of gateway 1 by virtual switch 1 Machine 1, then the packet is forwarded to virtual switch 1 by virtual machine 1, and be forwarded to the packet by virtual switch 1 The upstream Interface of server A.In server B, server B receives the data that the upstream Interface from server A is sent Bag, and the packet is forwarded to the virtual machine 4 for realizing the function of gateway 2 by virtual switch 2, then counted this by virtual machine 4 Virtual switch 2 is forwarded to according to bag, the virtual machine 6 being finally forwarded to again by virtual switch 2 in subnet 2, to realize server A The communication between virtual machine 6 in virtual machine 2 and server B in middle subnet 1 in subnet 2.
Bandwidth of the above method due to being forwarded the performance of packet and the Microsoft Loopback Adapter of the virtual machine by the virtual machine Limitation, therefore the communication efficiency between source virtual machine and destination host is relatively low;And if event occurs for the server where the virtual machine Barrier, then all other main frames to be communicated by the virtual machine can not all carry out proper communication in virtualization system, so as to make Into the communication disruption between source virtual machine and destination host.
Main frame can include physical host and virtual machine, in the embodiment of the present invention, using main frame as virtual machine instance, i.e. and target Main frame is target virtual machine, and a kind of implementation method of gateway function provided in an embodiment of the present invention is described in detail.Can With understanding, when main frame is physical host, the implementation method and main frame of a kind of gateway function provided in an embodiment of the present invention For virtual machine when gateway function implementation method it is similar, it will not be described.
Embodiment one
Embodiments of the invention provide a kind of implementation method of gateway function, as shown in Fig. 2 this method is server side The implementation method of gateway function, this method can include:
S101, server receive the first request message that management node is sent, and the first net is carried in first request message The first routing iinformation and the first detected rule of first gateway closed, first request message are used for request server in the clothes The first gateway is created on virtual switch in business device.
Management node is the node of network resource administration and virtual resource etc. in virtualization system.Management node can wrap Include network resource management unit and virtual resource administrative unit.Management node can manage multiple services in virtualization system Device, management node carry out Internet resources distribution and virtual resource allocation to the plurality of server, and with the plurality of server it Between mutually carry out data and issuing and receiving, so as to realize that the scheduling of virtual network and virtual resource links.
Gateway can realize network interconnection in Internet, be most complicated network interconnection apparatus, network interconnection.Gateway can both be used Interconnected in wide area network, can be used for local area network interconnection.Using different communication protocol, data format or language, or even body During the entirely different two kinds of systems of architecture, gateway is repacked to the information received, with the need of adaptation to end system Ask.
Some interfaces for separating main frame and router in the interconnection network being made up of router and main frame be present, these Interface causes network to be divided into the network of several separation, and independent network endpoint can be connected by these interfaces.These independences Network endpoint in each network endpoint be the system in a subnet.
Further, during user's planning network, network can be divided into many subnets, the division of subnet is by borrowing IP (Internet Protocol, the agreement interconnected between network)Subnet address is served as in some main frame positions of address, so as to will Former network is divided into some subnets.During user's subnet division, as subnet address borrows increasing for main frame position, the number of subnet Increase therewith, and the available host position in each subnet gradually decreases.
In the embodiment of the present invention, above-mentioned main frame position can be expressed as virtual seat in the plane.
It should be noted that in virtualization system, the virtual machine in a subnet can be by corresponding with the subnet Gateway is communicated with the virtual machine in another subnet.When creating first virtual machine in a subnet, server Gateway corresponding with the subnet can be created by virtual switch.
The implementation method for the gateway function that embodiments of the invention provide is that gateway function is realized in virtualized environment, Therefore the virtual gateway that can realize gateway function that the gateway created in the embodiment of the present invention refers to.Wherein, virtual gateway is in void In planization system, user is the module that can realize gateway function of the subnet distribution in the virtualization system.
It should be noted that as shown in figure 3, on one server, can there is one or more virtual switches, the void Intend exchanging the virtual machine that machine testing is connected with its virtual port progress logic, packet is transmitted to virtual machine.It is of the invention real Shi Zhong, in virtualization system, the virtual switch used is the distributed virtual switch, each with management node management The distributed virtual switch in server all be present, so that the virtual machine on server can enter across multiple servers During row migration, it is ensured that its network configuration is consistent.
In the embodiment of the present invention, when on one server create a subnet in first virtual machine when, it is necessary to Gateway corresponding with the subnet is created on the server, to realize the communication between first virtual machine and other virtual machines. As shown in figure 3, in the implementation method of gateway function provided in an embodiment of the present invention, it can create and service on each server Gateway corresponding to the subnet belonging to virtual machine on device.For example, server A is included in the subnet 1 that runs on server Virtual machine 1, the virtual machine 2 in subnet 1, the virtual machine 3 in subnet 2, virtual switch 1 and gateway 1 corresponding with subnet 1 The corresponding gateway 2 with subnet 2.Server B is included in the virtual machine 5 in the subnet 1 run in server B, the void in subnet 2 Virtual machine 6, virtual switch 2 and gateway 1 corresponding with subnet 1 and gateway 2 corresponding with subnet 2 in plan machine 4, subnet 2. So, in virtualization system, server A and server B in server cluster can pass through respective virtual switch respectively On gateway, carry out the communication between virtual machine, and when server A breaks down, the virtual machine that is run in server B it is logical Letter is unaffected, so as to improve the communication stability between the communication efficiency between virtual machine and virtual machine.
Server receives the first request message that management node is sent, and is created on the virtual switch in the server First gateway, wherein, include in first request message the first gateway the first routing iinformation and first gateway first Detected rule.
Inputted it should be noted that routing iinformation configures the first gateway for user, the route letter of first gateway Breath determines after passing through the first virtual gateway that the next-hop of route, the first detected rule of first gateway can be virtual including source The address information of machine, the address information of target virtual machine, mark of subnet etc..
S102, server obtain the first routing iinformation and the first detected rule according to first request message.
After server receives the first request message, server can obtain the first via by believing according to first request message Breath and the first detected rule.
Specifically, the first routing iinformation and the first detection rule are carried in the first request message received due to server Then, therefore server can obtain the first routing iinformation and the first detected rule from first request message.
S103, server generate the first routing rule and the second detection according to the first routing iinformation and the first detected rule Rule.
After server obtains the first routing iinformation and the first detected rule, server can according to first routing iinformation and First detected rule, generate the first routing rule and the second detected rule.
In the embodiment of the present invention, server is real by the first routing rule and the second detected rule on virtual switch Existing gateway function.
It should be noted that server generates the first routing rule according to first routing iinformation and the first detected rule It will be illustrated with the detailed step of the second detected rule in subsequent embodiment.
S104, server realize the first gateway according to the first routing rule and the second detected rule by virtual switch Function.
After server generates the first routing rule and the second detected rule, server can be according to the first routing rule and the Two detected rules, the function of the first gateway is realized by virtual switch.
It should be noted that when source virtual machine need to be communicated with target virtual machine, i.e., source virtual machine need to send packet During to target virtual machine, it is assumed that the first gateway is gateway corresponding with source virtual machine, and source virtual machine can be sent out by first gateway The packet is given to target virtual machine.Specifically, server can detect source void respectively according to the second detected rule of generation The subnet information of the second subnet belonging to the subnet information and target virtual machine of the first subnet belonging to plan machine, and in second inspection Gauge then in find Route Distinguisher corresponding with the subnet information of the subnet information of the first subnet and the second subnet, so as to server The first routing rule corresponding with the first gateway can be found according to the Route Distinguisher, to determine that source virtual machine and target are empty Access path between plan machine, and then server can be according to the access path found, the packet that source virtual machine is sent By the first gateway forwards, target virtual machine is eventually sent to, so as to realize the function of the first gateway.
, can be by creating the first gateway in virtual switch in the server, to be handed in virtual machine in the embodiment of the present invention The function of the first gateway is realized on changing planes.Wherein, the first gateway can correspond to a plurality of first routing rule, when source virtual machine needs to send out When sending packet to target virtual machine, if having preserved the source in the first gateway corresponding with the first subnet belonging to source virtual machine The first routing rule between virtual machine and target virtual machine, then server can be directly virtual by source according to first routing rule The packet that machine is sent is sent to the first gateway created on virtual switch, and by first gateway it is upper preserve the Two detected rules and the first routing rule, the access path between source virtual machine and target virtual machine is selected, and according to the visit Footpath of asking the way forwards the packet to target virtual machine.
Embodiments of the invention also provide a kind of implementation method of gateway function, as shown in figure 4, this method is management node The implementation method of the gateway function of side, this method can include:
S201, when creating the first virtual machine in first server, management node searches in the first server One routing rule and the second detected rule, first routing rule and second detected rule are corresponding with the first virtual machine the The rule of one gateway.
It should be noted that in virtualization system, the virtual machine in a subnet can be by corresponding with the subnet Gateway is communicated with the virtual machine in another subnet.When creating first virtual machine in a subnet, server Gateway corresponding with the subnet can be created by virtual switch.
When creating the first virtual machine in first server, management node searched in the first server first via by Rule and the second detected rule, first routing rule and second detected rule are the first gateway corresponding with the first virtual machine Rule.
It is understood that when creating the first virtual machine in first server, management node can first judge this It whether there is the first gateway corresponding with the first subnet belonging to first virtual machine in one server, to determine whether at this First gateway is created in first server.Because the implementation method of the gateway function of embodiments of the invention offer is virtual Change in environment and realize gateway function, therefore the virtual net that can realize gateway function that the gateway created in the embodiment of the present invention refers to Close, therefore, server realizes the first gateway by the rule of the first gateway corresponding with the first virtual machine on virtual switch Function, i.e. the first routing rule and second detected rule constitute the first gateway.
, should if S202, the management node do not find the first routing rule and the second detected rule in first server Management node then sends the first request message to first server, so that the first server obtains the according to the first request message One routing iinformation and the first detected rule, and the first routing rule is generated according to first routing iinformation and first detected rule With the second detected rule, and according to first routing rule and second detected rule, by virtual in first server Interchanger realizes the function of the first gateway, wherein, the first routing iinformation and the first detected rule are carried in the first request message, should First request message is used to ask first server to create the first gateway on virtual switch.
Management node searches the first routing rule and the second detected rule in the first server, if the management node exists The first routing rule and the second detected rule are not found in first server, i.e., the management node is not in the first server The first gateway is found, the management node then sends the first request message to first server, make it that the first server can First routing iinformation and the first detected rule are obtained with the first request message sent according to management node, and make it that server can To generate the first routing rule and the second detected rule according to first routing iinformation and first detected rule, and cause clothes Device of being engaged in can realize the according to first routing rule and second detected rule by the virtual switch in first server The function of one gateway.Wherein, the first routing iinformation and the first detected rule are carried in the first request message, first request message For asking first server to create the first gateway on virtual switch.
It should be noted that carry the first routing iinformation and first in the first request message sent due to management node Detected rule, therefore server can obtain the first routing iinformation and first from first request message of management node transmission Detected rule.
Wherein, routing iinformation configures the first gateway for user and inputted, and the routing iinformation of first gateway is first The routing information that gateway is forwarded, the first detected rule of first gateway can include address information, the mesh of source virtual machine Mark address information, mark of subnet of virtual machine etc..
Embodiments of the invention provide a kind of implementation method of gateway function, receive what management node was sent by server First request message, the first routing iinformation of the first gateway and the first detection rule of the first gateway are carried in first request message Then, first request message is used to create the first gateway, and the service on the virtual switch of request server in the server Device obtains the first routing iinformation and the first detected rule according to the first request message, and the server according to the first via by believing Breath and the first detected rule, generate the first routing rule and the second detected rule, finally the server according to the first via by advising Then with second detected rule, the function of the first gateway is realized by virtual switch.By the program, on the one hand due to service Device generates the first routing rule and second detected rule, the function of the first gateway is realized by virtual switch, so as to avoid The limitation of the performance and the virtual machine bandwidth of the virtual machine forwarding packet of gateway function is realized in the prior art, therefore, is carried High communication efficiency between virtual machine and main frame;On the other hand, each clothes due to the program suitable for virtualization system Business device, therefore, can create gateway function corresponding with some subnet on each server, so as to when in the subnet During some server fail, other virtual machines in the subnet can still continue to communicate with main frame, and then improve virtual Communication stability between machine and main frame.
Embodiment two
Embodiments of the invention provide a kind of implementation method of gateway function, as shown in figure 5, this method is server side The implementation method of gateway function, this method can include:
S301, when creating the first virtual machine in first server, management node searches in the first server One routing rule and the second detected rule, the first routing rule and the second detected rule are and first virtual machine corresponding first The rule of gateway.
Management node is the node of network resource administration and virtual resource etc. in virtualization system.Management node can wrap Include network resource management unit and virtual resource administrative unit.Management node can manage multiple services in virtualization system Device, management node carry out Internet resources distribution and virtual resource allocation to the plurality of server, and with the plurality of server it Between mutually carry out data and issuing and receiving, so as to realize that the scheduling of virtual network and virtual resource links.
Particularly, first server is that management node passes through scheduling of resource, in virtualized environment, a service of selection Device.Specifically, some virtual machine created on which server in some subnet is determined by management node by scheduling of resource It is fixed.
It should be noted that in virtualization system, the virtual machine in subnet can pass through gateway corresponding with the subnet Communicated with the virtual machine in another subnet.When creating first virtual machine in a subnet, management node is looked into Whether have with the subnet corresponding gateway, when management node is not found and the subnet pair on that server if looking on the server During the gateway answered, server can create gateway corresponding with the subnet on its virtual switch.
Gateway can realize network interconnection in Internet, be most complicated network interconnection apparatus, network interconnection.Gateway can both be used Interconnected in wide area network, can be used for local area network interconnection.Using different communication protocol, data format or language, or even body During the entirely different two kinds of systems of architecture, gateway is repacked to the information received, with the need of adaptation to end system Ask.
Some interfaces for separating main frame and router in the interconnection network being made up of router and main frame be present, these Interface causes network to be divided into the network of several separation, and independent network endpoint can be connected by these interfaces.These independences Network endpoint in each network endpoint be the system in a subnet.
Further, during user's planning network, network can be divided into many subnets, the division of subnet is by borrowing IP Subnet address is served as in some main frame positions of address, so as to which former network is divided into some subnets.During user's subnet division, As subnet address borrows increasing for main frame position, the number of subnet increases therewith, and the available host position in each subnet is gradual Reduce.
In the embodiment of the present invention, above-mentioned main frame position can be expressed as virtual seat in the plane.
When creating the first virtual machine in first server, management node searched in the first server first via by Rule and the second detected rule, first routing rule and second detected rule are the first gateway corresponding with the first virtual machine Rule.
It is understood that when creating the first virtual machine in first server, management node can first judge this It whether there is the first gateway corresponding with the first subnet belonging to first virtual machine in one server, to determine whether at this First gateway is created in first server.Because the implementation method of the gateway function of embodiments of the invention offer is virtual Change in environment and realize gateway function, therefore the virtual net that can realize gateway function that the gateway created in the embodiment of the present invention refers to Close, i.e., server can realize the first gateway by the rule of the first gateway corresponding with the first virtual machine on virtual switch Function, you can the function of the first gateway is realized by the first routing rule on virtual switch and the second detected rule.
Wherein, virtual gateway is in virtualization system, and user can be real for the subnet distribution in the virtualization system The module of existing gateway function.
If S302, the management node do not find the first routing rule and the second detected rule in the first server, The management node then sends the first request message to first server, wherein, the first via is carried in first request message by believing Breath and the first detected rule, first request message are used to ask first server to create the first gateway on virtual switch.
Management node searches the first routing rule and the second detected rule in the first server, if the management node exists The first routing rule and the second detected rule are not found in first server, i.e., the management node is not in the first server The first gateway is found, the management node then sends the first request message to first server, wherein, taken in the first request message The routing iinformation of band first and the first detected rule, first request message are used to ask first server to be created on virtual switch Build the first gateway.
It should be noted that carry the first routing iinformation and first in the first request message sent due to management node Detected rule, thus first server can from management node send first request message in, obtain the first routing iinformation and First detected rule.
Wherein, routing iinformation configures the first gateway for user and inputted, and the routing iinformation of first gateway is first The routing information that gateway is forwarded, the first detected rule of first gateway can include address information, the mesh of source virtual machine Mark address information, mark of subnet of virtual machine etc..
It should be noted that on one server, can there is one or more virtual switches, the virtual switch machine examination The virtual machine for carrying out logic with its virtual port and being connected is surveyed, packet is transmitted to virtual machine.During the present invention is implemented, virtual In change system, the virtual switch used is the distributed virtual switch, in each server with management node management In the presence of the distributed virtual switch so that virtual machine on server can when being migrated across multiple servers, Ensure that its network configuration is consistent.
S303, first server obtain the first routing iinformation and the first detected rule according to first request message.
First server receive management node transmission the first request message after, first server can according to this first Request message, the first gateway is created on virtual switch, wherein, include the first of the first gateway in first request message First detected rule of routing iinformation and first gateway.
After first server receives the first request message, first server can obtain the according to first request message One routing iinformation and the first detected rule.
Specifically, the first routing iinformation and the first detection are carried in the first request message received due to first server Rule, therefore first server can obtain the first routing iinformation and the first detected rule from first request message.
S304, first server generate the first via corresponding with first routing iinformation by advising according to the first routing iinformation Then with the first Route Distinguisher.
After first server obtains the first routing iinformation and the first detected rule from management node, first server First routing rule and the first Route Distinguisher can be generated according to first routing iinformation.
Optionally, the first Route Distinguisher can use " routing table 1 " or " route table1 " are represented, can also use other The mark of the first routing rule can be represented to represent.
First Route Distinguisher is added in the first detected rule by S305, first server, generates the second detected rule.
After first server generates the first Route Distinguisher, first server and by first Route Distinguisher added to this In one detected rule, the second detected rule is generated.
In the embodiment of the present invention, server is real by the first routing rule and the second detected rule on virtual switch Existing gateway function.
S306, first server realize first according to the first routing rule and the second detected rule by virtual switch The function of gateway.
After first server generates the first routing rule and the second detected rule, first server can according to the first via by Rule and the second detected rule, the function of the first gateway is realized by virtual switch.
It should be noted that when source virtual machine need to be communicated with target virtual machine, i.e., source virtual machine need to send packet During to target virtual machine, it is assumed that the first gateway is gateway corresponding with source virtual machine, and source virtual machine can be sent out by first gateway The packet is given to target virtual machine.Specifically, first server can find source respectively according to the second detected rule of generation The subnet information of the second subnet belonging to the subnet information and target virtual machine of the first subnet belonging to virtual machine, and this second Route Distinguisher corresponding with the subnet information of the subnet information of the first subnet and the second subnet is found in detected rule, so as to first Server can find the first routing rule corresponding with the first gateway according to the Route Distinguisher, with determine source virtual machine and Access path between target virtual machine, and then first server can be sent out source virtual machine according to the access path found The packet sent passes through the first gateway forwards, is eventually sent to target virtual machine, it is achieved thereby that the function of the first gateway.
, can be by creating the first gateway in virtual switch in the server, to be handed in virtual machine in the embodiment of the present invention The function of the first gateway is realized on changing planes.Wherein, the first gateway can correspond to a plurality of first routing rule, when source virtual machine needs to send out When sending packet to target virtual machine, if having preserved the source in the first gateway corresponding with the first subnet belonging to source virtual machine The first routing rule between virtual machine and target virtual machine, then server can be directly virtual by source according to first routing rule The packet that machine is sent is sent to the first gateway created on virtual switch, and by first gateway it is upper preserve the Two detected rules and the first routing rule, the access path between source virtual machine and target virtual machine is selected, and according to the visit Footpath of asking the way forwards the packet to target virtual machine.
It should be noted that as shown in fig. 6, after S301, the realization side of gateway function provided in an embodiment of the present invention Method also includes:
If S307, management node find the first routing rule and the second detected rule in first server, the management Node then indicates that according to the first routing rule and the second detected rule, the first gateway is realized by virtual switch for first server Function.
Management node searches the first routing rule and the second detected rule in the first server, if the management node exists The first routing rule and the second detected rule are found in first server, i.e., the management node is searched in the first server To the first gateway, the management node then indicates first server according to the first routing rule and the second detected rule, by virtual Interchanger realizes the function of the first gateway.
Further, if as shown in fig. 7, the first gateway and the first routing rule are gateway corresponding with the first subnet and road By rule, according to the first routing rule and the second detected rule, the first gateway then is realized by virtual switch for first server The method of function can include:
S401, first server receive source virtual machine by virtual switch and sent to the packet of target virtual machine, should Packet includes the address information of source virtual machine and the address information of target virtual machine, wherein, the source virtual machine is by the first subnet Service is provided, the target virtual machine provides service by the second subnet.
It should be noted that when the source virtual machine run in first server is communicated with target virtual machine, first Server by virtual switch receive by source virtual machine send packet, and by the packet by with source virtual machine institute First gateway forwards corresponding to first subnet of category are gone out.
First server receives source virtual machine by virtual switch and sent to the packet of target virtual machine, the packet In can include source virtual machine address information and target virtual machine address information, wherein, the source virtual machine is by the first subnet Service is provided, the target virtual machine provides service by the second subnet, i.e. source virtual machine belongs to the first subnet, and target virtual machine belongs to Second subnet.
Particularly, when the source virtual machine of first server is to target virtual machine transmission data, first server divides data Section, and one piece of data is packaged into the packet with IP heads, data are sent in the form of packet.
Specifically, due to different network system and equipment, such as the data of Ethernet, packet switching network transmission is basic The form of unit is different, therefore, can not be in communication with each other between different network system and equipment.And IP agreement is by software program The protocol software of composition, various different " frames " can be uniformly converted into " IP packets " form by it, and this conversion can cause All computers can on the internet be realized and communicated.
Further, packet is a kind of form of packet switch, i.e., the data sectional that equipment is sent is broken into " bag ", then Send.Due to each " bag " broken into(Packet)All send as one " independent message ", therefore, be referred to as " packet ".IP has the function of packet packing and set assembling, and each packet has header and the two parts of message, reports The targetedly required content such as location information in head, to allow each packet to accurately arrive at purpose by different paths Ground, and the data for being reduced into and sending originally are reconfigured in destination.Wherein, every number after to above-mentioned data sectional is passed through IP heads are added respectively according to the header portion of bag, to cause these packets to form IP packets.
S402, first server are according to the address information of source virtual machine, the address information of target virtual machine and the second detection Rule, determine the mark of the first subnet and the mark of the second subnet.
First server receives source virtual machine by virtual switch and sent to the packet of target virtual machine, and first Server can obtain address information, the address information of target virtual machine of source virtual machine from the packet, and empty according to source The address information of plan machine, the address information of target virtual machine and the second detected rule, determine the mark and the second son of the first subnet The mark of net.
It should be noted that first server obtains the address information and destination virtual of source virtual machine from above-mentioned packet The address information of machine is respectively the IP address of source virtual machine and the IP address of target virtual machine.
It should be noted that the mark of the first subnet and the second subnet are identified as the subnet that can be characterized belonging to virtual machine Mark, the mark can be numeral mark, or word marking or alphabetic flag etc., the present invention be not restricted.
Specifically, first server is by the IP address of source virtual machine, the IP address of target virtual machine and the second detected rule In source IP, target ip address matched respectively, so that it is determined that the mark and target of the first subnet belonging to source virtual machine The mark of the second subnet belonging to virtual machine.
If the mark of S403, the first subnet is different from the mark of the second subnet, first server is then according to the first via by advising Then, the IP address of target virtual machine, is forwarded to packet.
After first server determines the mark of the first subnet and the mark of the second subnet, if the mark of the first subnet and the The mark of two subnets is different, and first server then according to the IP address of the first routing rule, target virtual machine, is carried out to packet Forwarding forwards to packet.
It should be noted that it is the head Field Options in the second detected rule as shown in table 1, this Field Options include Route Distinguisher, source MAC, destination-mac address, source IP address, the mark of target ip address and subnet, wherein, source IP address For representing the IP address of source virtual machine;Target ip address is used for the IP address for representing target virtual machine.Specifically, first service Device can be checked corresponding respectively with it in the second detected rule according to the IP address of source virtual machine and the IP address of target virtual machine Subnet mark, i.e. the first subnet mark and the second subnet mark.
Table 1
Wherein, MAC(Media Access Control, media access control)Address or be hardware address, be for Define the position of the network equipment.In OSI7 layer protocols, third layer Internet is responsible for IP address, and second layer data link layer is then It is responsible for MAC Address.One main frame has an IP address, and each network site has a MAC Address for being specific to it.
Specifically, if the mark of the first subnet is different from the mark of the second subnet, first server is then according to the second detection The first Route Distinguisher corresponding with source virtual machine in rule, then found and first Route Distinguisher pair by first Route Distinguisher The first routing rule answered, and first server forwards then according to the first routing rule to packet.
Further, first server can abandon according to the second detected rule to packet.
In the embodiment of the present invention, source MAC is the MAC Address of source virtual machine, source IP address for source virtual machine IP Location, destination-mac address are the MAC Address of the first gateway, and the IP address that target ip address is target virtual machine.Because source is empty Intend confidential by the first gateway corresponding with the subnet belonging to source virtual machine, therefore, destination-mac address is first gateway MAC Address.Specifically, the acquisition methods of the MAC Address of the first gateway carry out further part in the present embodiment in detail Explanation.
Exemplary, it is assumed that the IP address of source virtual machine is A, and the IP address of target virtual machine is B, is source as shown in table 2 Second detected rule corresponding to virtual machine and target virtual machine difference, from Table 2, it can be seen that the first son belonging to source virtual machine Net be identified as 1, the second subnet belonging to target virtual machine is identified as 2, due to 1 from 2 be different subnets mark, because This, the mark of the first subnet is different from the mark of the second subnet, and now, first server can be in the second detected rule the One Route Distinguisher-route 1 finds the first routing rule, and first server is further according to the first routing rule and the MAC of the first gateway Address, above-mentioned packet is forwarded.Wherein, the first routing rule is as shown in table 3, and table 3 is with routeing the 1 corresponding first via By rule.
Table 2
Table 3
It is by the first net it should be noted that when first server forwards above-mentioned packet by the first routing rule The packet is sent to target virtual machine by the MAC Address of pass.Specifically, first server is first from the first via shown in table 3 By obtaining the response to the packet in rule, that is, forward.
In the embodiment of the present invention, targeted subnet is the subnet belonging to target virtual machine, and target port is target virtual machine institute Server communication interface, source IP address be source virtual machine IP address, gateway be and belonging to source virtual machine first son First gateway corresponding to net.
If the mark of S404, the first subnet is identical with the mark of the second subnet, first server is then according to target virtual machine IP address, in the first address mapping table corresponding with source virtual machine search it is corresponding with the IP address of the target virtual machine this The MAC Address of target virtual machine.
It should be noted that corresponding pass of the address mapping table between the IP address and the MAC Address of virtual machine of virtual machine It is to have an address mapping table in each virtual machine, wherein, the first mapping table is the source virtual machine run in first server IP address and the source virtual machine MAC between corresponding relation, and other are virtual with the source virtual machine communicate Corresponding relation between the IP address of machine and the MAC Address of other virtual machines.
It is understood that because IP address is in third layer-Internet of OSI7 layer protocols, MAC Address is assisted in OSI7 layers The second layer-data link layer of view, and virtual switch is the forwarding that packet is carried out by MAC Address, therefore, the first clothes When the virtual machine in business device source sends packet to target virtual machine, the forwarding of virtual switch is first passed through, from the packet The IP address of target virtual machine is obtained, and target void is searched in the first address mapping table according to the IP address of the target virtual machine The MAC Address of plan machine, to carry out the forwarding of the packet by virtual switch, i.e. first server can be according to target virtual machine IP address, in the first address mapping table corresponding with source virtual machine search it is corresponding with the IP address of the target virtual machine this The MAC Address of target virtual machine.
After first server determines the mark of the first subnet and the mark of the second subnet, first server is then according to target The IP address of virtual machine, the IP address pair with the target virtual machine is searched in the first address mapping table corresponding with source virtual machine The MAC Address for the target virtual machine answered.
If S405 first servers do not find the MAC Address of target virtual machine in first address mapping table, first Server then obtains the MAC Address of the target virtual machine, and the MAC Address of the target virtual machine is preserved to first address and reflected Firing table.
If the mark of the first subnet is identical with the mark of the second subnet, first server is then according to the IP of target virtual machine Location, it is empty that the target corresponding with the IP address of the target virtual machine is searched in the first address mapping table corresponding with source virtual machine After the MAC Address of plan machine, if first server with not finding the MAC of target virtual machine in first address mapping table Location, first server then obtain the MAC Address of the target virtual machine, and by the MAC Address of the target virtual machine preserve to this In one address mapping table.
Specifically, first server can be according to the IP address of target virtual machine, in the first address corresponding with source virtual machine The MAC Address of the target virtual machine corresponding with the IP address of the target virtual machine is searched in mapping table, if first server exists The MAC Address of the target virtual machine is not found in first address mapping table, source virtual machine then sends ARP (Address Resolution Protocol, address resolution protocol) request to target virtual machine, carries target virtual machine in the ARP request IP address.So, all virtual machines in virtualization system can all receive the ARP request of source virtual machine transmission, normal In the case of only the destination virtual chance provide arp reply, the MAC Address of target virtual machine is carried in the arp reply, from And the MAC Address of the target virtual machine is returned to the source virtual machine by target virtual machine by arp reply.Source virtual machine obtains After arp reply, the MAC Address of target virtual machine is put into the arp cache of source virtual machine, i.e. in the first address mapping table, so as to Used next time.Specifically, when source virtual machine receives arp reply, its first address mapping table will be carried out more Newly, the first ground is stored in by the IP address of the target virtual machine in the arp reply is corresponding with the MAC Address of the target virtual machine In the mapping table of location.
Wherein, ARP protocol is a TCP for obtaining physical address(Transmission Control Protocol, pass Transport control protocol is discussed)/ IP agreement.After the ARP request of the IP address of carrying target virtual machine is broadcast on network, the target is empty Intend chance and receive the ARP request, and the arp reply for the MAC Address for carrying target virtual machine is generated according to the ARP request, and By sending the arp reply to source virtual machine, and the MAC Address of the target virtual machine is sent to the source virtual machine.
It is exemplary, it is assumed that virtual machine A need to send packet give virtual machine B, virtual machine A and virtual machine B then can respectively according to It is secondary to perform following six steps:
(1), virtual machine A can check virtual machine A address mapping table first, check whether virtual machine B MAC Address.
(2)If, virtual machine A do not find virtual machine B MAC Address, virtual machine A in virtual machine A address mapping table Then can be to one ARP request of Web broadcast, to ask virtual machine B MAC Address.Wherein, the Target IP carried in the ARP request Address is virtual machine B IP address, and destination-mac address is the MAC Address (i.e. FF-FF-FF-FF-FF-FF) of broadcast frame, source IP Address and source MAC are virtual machine A IP address and virtual machine A MAC Address.
(3), after virtual switch receives the ARP request, it is a broadcast frame, therefore, meeting to find the ARP request The ARP request is transmitted to all virtual machines from non-reception total interface.
(4), after virtual machine B receives the ARP request, the IP of the target virtual machine carried in the ARP request can be proofreaded Whether address is identical with virtual machine B IP address, if virtual machine B is with proofreading the IP of the target virtual machine carried in the ARP request Location is identical with virtual machine B IP address, and virtual machine B then sends an arp reply to virtual machine A, is wherein carried in the arp reply Virtual machine A IP address and virtual machine A MAC Address are correspondingly saved in virtually by virtual machine B MAC Address, and virtual machine B In machine B address mapping table.
(5), virtual machine A receive virtual machine B transmission arp reply after, virtual machine A obtains void from the arp reply Plan machine B MAC Address, and corresponding record virtual machine B IP address and virtual machine B MAC in virtual machine A address mapping table Address.
(6), after virtual machine A gets virtual machine B MAC Address, virtual machine A can according to virtual machine B MAC Address, The packet that virtual machine A is sent to virtual machine B is sent to virtual machine B.
It should be noted that in same subnet, source virtual machine is with obtaining the MAC of the first gateway corresponding with the subnet The method of location is consistent with the method for the virtual machine A MAC Address for obtaining virtual machine B.
S406, first server are according to the MAC of the second detected rule, the IP address of target virtual machine and target virtual machine Location, packet is forwarded.
If the mark of the first subnet is identical with the mark of the second subnet, and first server obtains the MAC of target virtual machine After address, first server is then according to the MAC of the second detected rule, the IP address of target virtual machine and target virtual machine Location, packet is forwarded.
It should be noted that the present invention does not limit S403 and S404-S405-S406 execution sequence, i.e. the present invention can be with S403 is first carried out, then performs S404-S405-S406, S404-S405-S406 can also be first carried out, then perform S403.
Further, when there is virtual machine to be migrated in first server, the virtual machine to be migrated is and the first gateway pair The virtual machine answered, as shown in figure 8, the implementation method of gateway function also includes:
S501, management node determine at least one second server in server cluster.
It should be noted that the Servers-all in management node management server cluster.
When there is virtual machine to be migrated in first server, management node determines at least in its server cluster managed One server.
Wherein, at least one second server for the virtual machine to be migrated in first server to be migrated to target Server.
Further, management node can select the server of at least one underloading in server cluster, using as this extremely A few second server, this is due to that the server of only underloading could provide resource for the virtual machine to be migrated.Specifically At least one second server of management node selection can be set according to actual conditions, and the present invention is not restricted.
It is understood that when management node need to be by the virtual machine (vm) migration to be migrated in first server at least one During two servers, management node can select at least one server in server cluster, to be used as at least one second clothes Business device.Because the virtual machine to be migrated in first server can have multiple, the plurality of virtual machine to be migrated can be migrated to one Individual second server, it can also migrate to multiple second servers, therefore, management node need to determine at least one second service Device.
S502, management node search the first routing rule and the second detected rule at least one second server.
After management node determines at least one second server in server cluster, management node in its determination extremely The first routing rule and the second detected rule are searched in a few second server.
It is understood that management node is determined the virtual machine (vm) migration to be migrated in first server to second server Afterwards, if so that the virtual machine to be migrated is communicated with other virtual machines, first need to check at least one second server On whether have the first gateway, i.e., management node searches the first routing rule and the second detection at least one second server Rule.
If S503, management node find the first routing rule and the second detection rule at least one second server Then, the management node is then by the virtual machine (vm) migration to be migrated in first server at least one second server.
After management node searches the first routing rule and the second detected rule at least one second server, if pipe Reason node the first routing rule and the second detected rule are found at least one second server, i.e., this at least one second Have the first gateway on server, the management node then by the virtual machine (vm) migration to be migrated in first server to this at least one Two servers.
It is understood that management node searches the first routing rule and the second detection at least one second server After rule, if management node finds the first routing rule and the second detected rule at least one second server, pipe Managing node can be directly by the virtual machine (vm) migration to be migrated in first server at least one second server, i.e., this is to be migrated Can be directly to be communicated with other virtual machines after on virtual machine (vm) migration at least one second server.
Further, if management node finds the first routing rule and the second detection at least one second server Rule, the management node then indicate at least one second server according to first routing rule and second detected rule, The function of the first gateway is realized by virtual switch.Concrete implementation process has been carried out in detail in the previous section of the present embodiment Carefully illustrate, here is omitted.
Further, if management node does not find the first routing rule and the second inspection at least one second server Then, the management node then sends the first request message at least one second server, at least one second server to gauge First routing rule and the second detected rule are generated according to the first request message, and the first gateway is realized by virtual switch Function.Specifically, the method for the first gateway function and the reality in first server are realized at least one second server The method of existing first gateway function is identical, and here is omitted.
Whether S504, management node, which determine to have in first server, corresponding with the first gateway does not migrate virtual machine.
Management node is managed after the virtual machine (vm) migration to be migrated in first server at least one second server Whether reason node, which determines in first server to also have, corresponding with the first gateway does not migrate virtual machine.
It should be noted that management node by the virtual machine (vm) migration to be migrated in first server to this at least one second After server, whether management node can be determined also corresponding with the first gateway in first server by way of lookup Virtual machine is not migrated, determines whether to delete first gateway.
If S505, management node are determined in first server without not migrating virtual machine, the management node then indicate this first Server deletes the first routing rule and the second detected rule.
Management node determine whether to have in first server it is corresponding with the first gateway after not migrating virtual machine, if management Node determines that the management node then indicates that the first server deletes the first via by advising without virtual machine is not migrated in first server Then with the second detected rule.
It is understood that if management node is determined without virtual machine is not migrated in first server, i.e., in first server On the virtual machine that has been communicated not over the first gateway, the management node then may indicate that the first server deletes the One routing rule and the second detected rule, that is, the first gateway in first server is deleted, taken so as to discharge first gateway Resource, so, management node can separately use it for anything else the resource discharged in the first server, to realize the reasonable profit of resource With.
Further, if management node, which determines to have in first server, does not migrate virtual machine, the management node, which is not done then, to be located Reason, it is real by virtual switch to cause first server to continue according to first routing rule and second detected rule The function of existing first gateway, i.e., not migrating virtual machine and can continue through first gateway and communicated in first server.
Embodiments of the invention provide a kind of implementation method of gateway function, receive what management node was sent by server First request message, the first routing iinformation of the first gateway and the first detection rule of the first gateway are carried in first request message Then, first request message is used to create the first gateway, and the service on the virtual switch of request server in the server Device obtains the first routing iinformation and the first detected rule according to the first request message, and the server according to the first via by believing Breath and the first detected rule, generate the first routing rule and the second detected rule, finally the server according to the first via by advising Then with second detected rule, the function of the first gateway is realized by virtual switch.By the program, on the one hand due to service Device generates the first routing rule and second detected rule, the function of the first gateway is realized by virtual switch, so as to avoid The limitation of the performance and the virtual machine bandwidth of the virtual machine forwarding packet of gateway function is realized in the prior art, therefore, is carried High communication efficiency between virtual machine and main frame;On the other hand, each clothes due to the program suitable for virtualization system Business device, therefore, can create gateway function corresponding with some subnet on each server, so as to when in the subnet During some server fail, other virtual machines in the subnet can still continue to communicate with main frame, and then improve virtual Communication stability between machine and main frame.
Embodiment three
As shown in figure 9, embodiments of the invention provide a kind of server 1, corresponding to service provided in an embodiment of the present invention The implementation method of the gateway function of device side, the server 1 can include:
Receiving unit 10, for receiving the first request message of management node transmission, carried in first request message First detected rule of the first routing iinformation of the first gateway and first gateway, first request message are used to ask First gateway is created on virtual switch in the server.
Acquiring unit 11, for first request message received according to the receiving unit 10, obtain described first Routing iinformation and first detected rule.
Generation unit 12, for first routing iinformation obtained according to the acquiring unit 11 and first detection Rule, generate the first routing rule and the second detected rule.
Unit 13 is realized, for first routing rule generated according to the generation unit 12 and second detection Rule, the function of first gateway is realized by the virtual switch.
Optionally, the generation unit 12, specifically for the first via that is obtained according to the acquiring unit 11 by believing Breath, generates corresponding with first routing iinformation first routing rule and the first Route Distinguisher, and by described first Route Distinguisher is added in first detected rule, to generate second detected rule.
Optionally, first gateway and first routing rule are gateway corresponding with the first subnet and route rule Then,
Wherein, as shown in Figure 10, the server 1 also includes determining unit 14;
The receiving unit 10, it is additionally operable to send to target virtual machine by virtual switch reception source virtual machine Packet, the packet include the address information of the source virtual machine and the address information of the target virtual machine, wherein, institute State source virtual machine and provide service by first subnet, the target virtual machine provides service by the second subnet.
The determining unit 14, address information, institute for the source virtual machine that is received according to the receiving unit 10 Second detected rule that the address information of target virtual machine and the generation unit 12 generate is stated, determines first subnet Mark and second subnet mark.
It is described to realize unit 13, if being additionally operable to the mark of first subnet that the determining unit 14 determines and described the The mark of two subnets is different, then first routing rule generated according to the generation unit 12, the packet is carried out Forwarding.
Optionally, it is described to realize unit 13, it is additionally operable to mark and institute that the determining unit 14 determines first subnet After the mark for stating the second subnet, if the mark of first subnet is identical with the mark of second subnet, according to Second detected rule that generation unit 12 generates forwards to the packet.
Optionally, as shown in figure 11, the address information of the target virtual machine includes the IP address of the target virtual machine, Wherein, the server 1 also includes searching unit 15 and storage unit 16.
The searching unit 15, if the mark and described second of first subnet determined for the determining unit 14 The mark of subnet is identical, described to realize unit 13 then according to second detected rule to described in the receiving unit 10 reception Before packet is forwarded, according to the receiving unit 10 receive the target virtual machine IP address, with the source The target virtual machine corresponding with the IP address of the target virtual machine is searched in first address mapping table corresponding to virtual machine MAC Address.
The acquiring unit 11, if be additionally operable to the searching unit 15 does not find institute in first address mapping table The MAC Address of target virtual machine is stated, then obtains the MAC Address of the target virtual machine.
The storage unit 16, the MAC Address of the target virtual machine for the acquiring unit 11 to be obtained preserve To first address mapping table.
Optionally, as shown in figure 12, it is described to realize unit 13, specifically for according to the generation unit 12 generation The IP address for the target virtual machine that first routing rule/second detected rule, the acquiring unit 11 obtain and institute The MAC Address of target virtual machine is stated, the packet received to the receiving unit 10 forwards.
Embodiments of the invention provide a kind of server, and the first request that management node transmission is received by server disappears Cease, carry the first routing iinformation of the first gateway and the first detected rule of the first gateway in first request message, this first Request message is used to create the first gateway on the virtual switch of request server in the server, and the server is according to first Request message, the first routing iinformation and the first detected rule are obtained, and the server is examined according to the first routing iinformation and first Gauge then, generates the first routing rule and the second detected rule, finally the server according to first routing rule and this second Detected rule, the function of the first gateway is realized by virtual switch.By the program, on the one hand due to server generation first Routing rule and second detected rule, the function of the first gateway is realized by virtual switch, so as to avoid prior art The limitation of the performance and the virtual machine bandwidth of the middle virtual machine forwarding packet for realizing gateway function, this improves virtual machine Communication efficiency between main frame;On the other hand, each server due to the program suitable for virtualization system, therefore, Gateway function corresponding with some subnet can be created on each server, so as to when some server in the subnet When breaking down, other virtual machines in the subnet can still continue to communicate with main frame, so improve virtual machine and main frame it Between communication stability.
As shown in figure 13, embodiments of the invention provide a kind of management node 2, corresponding to pipe provided in an embodiment of the present invention The implementation method of the gateway function of node side is managed, the management node 2 can include:
Searching unit 20, for when creating the first virtual machine in first server, being looked into the first server The first routing rule and the second detected rule are looked for, first routing rule and second detected rule are and the described first void The rule of first gateway corresponding to plan machine.
Transmitting element 21, if for the searching unit 20 do not found in the first server first via by Regular and described second detected rule, then the first request message is sent to the first server, so that the first server First routing iinformation and the first detected rule are obtained according to first request message, and according to first routing iinformation and institute State the first detected rule and generate first routing rule and second detected rule, and according to first routing rule With second detected rule, the function of first gateway is realized by the virtual switch in the first server, its In, first routing iinformation and first detected rule, first request message are carried in first request message For asking the first server to create first gateway on the virtual switch.
Optionally, as shown in figure 14, the management node 2 also includes determining unit 22 and migration units 23.
The determining unit 22, for when having virtual machine to be migrated in the first server, in server cluster At least one second server is determined, wherein, the virtual machine to be migrated is virtual machine corresponding with first gateway.
The searching unit 20, it is additionally operable to look at least one second server that the determining unit 22 determines Look for first routing rule and second detected rule.
Migration units 23, if finding described at least one second server for the searching unit 20 One routing rule and second detected rule, then by the virtual machine (vm) migration to be migrated in the first server to described At least one second server.
Optionally, as shown in figure 15, the management node 2 also includes indicating member 24.
The determining unit 22, it is additionally operable to the void to be migrated in the first server in the migration units 23 Plan machine is migrated at least one second server, determines whether have in the first server and first gateway It is corresponding not migrate virtual machine.
The indicating member 24, if determining not migrate void described in nothing in the first server for the determining unit 22 Plan machine, it indicates that the first server deletes first routing rule and second detected rule.
Optionally, the indicating member 24, it is additionally operable to the searching unit 20 and searches first in the first server After routing rule and the second detected rule, if the searching unit 20 finds the first via in the first server By regular and described second detected rule, it indicates that the first server is according to first routing rule and second inspection Gauge then, the function of first gateway is realized by the virtual switch.
Embodiments of the invention provide a kind of management node, when creating the first virtual machine in first server, management Node searches the first routing rule and the second detected rule in the first server, first routing rule and second detection Rule is the rule of the first gateway corresponding with the first virtual machine, and if not finding the first via in first server by advising The first request message is then then sent to first server with the second detected rule, the management node, so that the first server root The first routing iinformation and the first detected rule are obtained according to the first request message, and according to the first routing iinformation and the first detected rule Generate the first routing rule and the second detected rule, and according to the first routing rule and the second detected rule, by this first Virtual switch in server realizes the function of the first gateway, wherein, carried in the first request message the first routing iinformation and First detected rule, first request message are used to ask first server to create the first gateway on virtual switch.Pass through The program, on the one hand because server generates the first routing rule and second detected rule, the is realized by virtual switch The function of one gateway, it is virtual with this so as to avoid the performance for the virtual machine forwarding packet for realizing gateway function in the prior art The limitation of machine bandwidth, this improves the communication efficiency between virtual machine and main frame;On the other hand, because the program is applied to Each server in virtualization system, therefore, gateway corresponding with some subnet can be created on each server Function, so as to when some server fail in the subnet, other virtual machines in the subnet still can with main frame after Continuous communication, and then improve the communication stability between virtual machine and main frame.
Example IV
As shown in figure 16, embodiments of the invention provide a kind of server, and the server can include:Processor 30, deposit Reservoir 31, system bus 32 and COM1 33, wherein,
Connected and completed mutual lead to by system bus 32 between processor 30, memory 31 and COM1 33 Letter.
Processor 30 may be monokaryon or multinuclear CPU, be either specific integrated circuit or to be configured Into the one or more integrated circuits for implementing the embodiment of the present invention.
Memory 31 can be high-speed RAM memory, or nonvolatile memory(non-volatile memory), a for example, at least magnetic disk storage.
Memory 31 is used for the execute instruction of storage server.Specifically, it can include in the execute instruction of server soft Part program and software code.
COM1 33 can be used for receiving or sending data.
Specifically, the processor 30 can be used for receiving management section from the COM1 33 by the system bus 32 The first request message sent is put, the first routing iinformation of the first gateway and first net are carried in first request message The first detected rule closed, first request message are used to ask on the virtual switch in the server described in establishment First gateway, and according to first request message, obtain first routing iinformation and first detected rule, Yi Jigen According to first routing iinformation and first detected rule, the first routing rule and the second detected rule, last basis are generated First routing rule and second detected rule, the function of first gateway is realized by the virtual switch; The memory 31 can be used for storage from the software code of the first routing iinformation of the first gateway of the COM1 33 reception With the software code of the first detected rule of the first gateway, and the software code of the first routing rule and the second detected rule is soft Part code, and control server complete the software program of said process, so that the processor 30 can be by execution The software program and the corresponding software code of calling stored in the memory 31, completes said process.
Optionally, the processor 30, specifically for according to first routing iinformation, generation is with the first via by believing First routing rule and the first Route Distinguisher corresponding to breath, and first Route Distinguisher is examined added to described first Gauge then in, to generate second detected rule.
Optionally, first gateway and first routing rule are gateway corresponding with the first subnet and route rule Then, wherein, the processor 30, it is additionally operable to send to the number of target virtual machine by virtual switch reception source virtual machine According to bag, the packet includes the address information of the source virtual machine and the address information of the target virtual machine, wherein, it is described Source virtual machine provides service by first subnet, and the target virtual machine provides service by the second subnet, and according to the source The address information of virtual machine, the address information of the target virtual machine and second detected rule, determine first subnet Mark and second subnet mark, and if first subnet mark it is different from the mark of second subnet, Then according to first routing rule, the packet is forwarded.
Optionally, the processor 30, it is additionally operable to determine the mark of first subnet and the mark of second subnet Afterwards, if the mark of first subnet is identical with the mark of second subnet, according to second detected rule to institute Packet is stated to be forwarded.
Optionally, the address information of the target virtual machine includes the IP address of the target virtual machine, wherein, the place Device 30 is managed, if the mark for being additionally operable to first subnet is identical with the mark of second subnet, according to the described second detection Before rule forwards to the packet, according to the IP address of the target virtual machine, corresponding with the source virtual machine The first address mapping table in search the MAC Address of corresponding with the IP address of the target virtual machine target virtual machine, And if do not find the MAC Address of the target virtual machine in first address mapping table, it is empty to obtain the target The MAC Address of plan machine, and the MAC Address of the target virtual machine is preserved to first address mapping table.
Optionally, the processor 30, also particularly useful for according to first routing rule/second detected rule, The MAC Address of the IP address of the target virtual machine and the target virtual machine, the packet is forwarded.
Embodiments of the invention provide a kind of server, and the first request that management node transmission is received by server disappears Cease, carry the first routing iinformation of the first gateway and the first detected rule of the first gateway in first request message, this first Request message is used to create the first gateway on the virtual switch of request server in the server, and the server is according to first Request message, the first routing iinformation and the first detected rule are obtained, and the server is examined according to the first routing iinformation and first Gauge then, generates the first routing rule and the second detected rule, finally the server according to first routing rule and this second Detected rule, the function of the first gateway is realized by virtual switch.By the program, on the one hand due to server generation first Routing rule and second detected rule, the function of the first gateway is realized by virtual switch, so as to avoid prior art The limitation of the performance and the virtual machine bandwidth of the middle virtual machine forwarding packet for realizing gateway function, this improves virtual machine Communication efficiency between main frame;On the other hand, each server due to the program suitable for virtualization system, therefore, Gateway function corresponding with some subnet can be created on each server, so as to when some server in the subnet When breaking down, other virtual machines in the subnet can still continue to communicate with main frame, so improve virtual machine and main frame it Between communication stability.
As shown in figure 17, embodiments of the invention provide a kind of management node, and the management node can include:Processor 40th, memory 41, system bus 42 and COM1 43, wherein,
Connected and completed mutual lead to by system bus 42 between processor 40, memory 41 and COM1 43 Letter.
Processor 40 may be monokaryon or multinuclear CPU, be either specific integrated circuit or to be configured Into the one or more integrated circuits for implementing the embodiment of the present invention.
Memory 41 can be high-speed RAM memory, or nonvolatile memory(non-volatile memory), a for example, at least magnetic disk storage.
Memory 41 is used for the execute instruction of storage management node.Specifically, it can be wrapped in the execute instruction of management node Include software program and software code.
COM1 43 can be used for receiving or sending data.
Specifically, the processor 40 can be used for when creating the first virtual machine in first server, described first Search the first routing rule and the second detected rule in server, first routing rule and second detected rule be with The rule of first gateway corresponding to first virtual machine, and if not finding the first via in the first server By regular and described second detected rule, then the first request message is sent to the first server, so that the first service Device obtains the first routing iinformation and the first detected rule according to first request message, and according to first routing iinformation and First detected rule generates first routing rule and second detected rule, and according to the first via by advising Then with second detected rule, the function of first gateway is realized by the virtual switch in the first server, Wherein, first routing iinformation and first detected rule are carried in first request message, first request disappears Cease for asking the first server to create first gateway on the virtual switch;The memory 41 can be used for The software code of the first routing iinformation and the software code of the first detected rule sent from the COM1 43 is stored, and Management node is controlled to complete the software program of said process, so that the processor 40 can be by performing the upper memory The software program and the corresponding software code of calling stored in 41, completes said process.
Optionally, the processor 40, it is additionally operable to when having virtual machine to be migrated in the first server, in server At least one second server is determined in cluster, wherein, the virtual machine to be migrated is corresponding with first gateway virtual Machine, and first routing rule and second detected rule, Yi Ji are searched at least one second server First routing rule and second detected rule are found at least one second server, then by described first The virtual machine (vm) migration to be migrated on server is at least one second server.
Optionally, the processor 40, it is additionally operable to the virtual machine (vm) migration to be migrated in the first server extremely After at least one second server, determine whether to have in the first server and corresponding with first gateway do not move Virtual machine is moved, and if it is determined that not migrating virtual machine without described in the first server, it indicates that the first server is deleted Except first routing rule and second detected rule.
Optionally, the processor 40, it is additionally operable to search the first routing rule and the second inspection in the first server Gauge then after, if finding first routing rule and second detected rule in the first server, refer to Show that the first server according to first routing rule and second detected rule, is realized by the virtual switch The function of first gateway.
Embodiments of the invention provide a kind of management node, when creating the first virtual machine in first server, management Node searches the first routing rule and the second detected rule in the first server, first routing rule and second detection Rule is the rule of the first gateway corresponding with the first virtual machine, and if not finding the first via in first server by advising Then then send the first request message to first server with the second detected rule, management node so that the first server according to First request message obtains the first routing iinformation and the first detected rule, and is given birth to according to the first routing iinformation and the first detected rule Into the first routing rule and the second detected rule, and according to the first routing rule and the second detected rule, first taken by this Virtual switch in business device realizes the function of the first gateway, wherein, the first routing iinformation and the are carried in the first request message One detected rule, first request message are used to ask first server to create the first gateway on virtual switch.By this Scheme, on the one hand because server generates the first routing rule and second detected rule, first is realized by virtual switch The function of gateway, so as to avoid the performance and the virtual machine of the virtual machine forwarding packet for realizing gateway function in the prior art The limitation of bandwidth, this improves the communication efficiency between virtual machine and main frame;On the other hand, because the program is applied to void Each server in planization system, therefore, gateway work(corresponding with some subnet can be created on each server Can, so as to which when some server fail in the subnet, other virtual machines in the subnet can still continue with main frame Communication, and then improve the communication stability between virtual machine and main frame.
As shown in figure 18, what the embodiment of the present invention also provided a kind of gateway function realizes system, the realization of the gateway function System can include at least one server as described in claim any one of 11-16, and such as any one of claim 17-20 Described management node.At least one server is a server cluster, and management node is to every in the server cluster Individual server is managed, and the management node is connected with each server in server cluster respectively.Wherein, with server set Exemplified by a server in group, server receives the first request message that management node is sent, and is taken in first request message First detected rule of the first routing iinformation and the first gateway with the first gateway, first request message are used for request server Create the first gateway on virtual switch in the server, and the server is according to the first request message, obtain the first via by Information and the first detected rule, and the server, according to the first routing iinformation and the first detected rule, the generation first via is by advising Then with the second detected rule, finally the server virtual switch is passed through according to first routing rule and second detected rule Machine realizes the function of the first gateway.Gateway function provided in an embodiment of the present invention realizes system, on the one hand because server is given birth to Into the first routing rule and second detected rule, the function of the first gateway is realized by virtual switch, it is existing so as to avoid There is the limitation of the performance and the virtual machine bandwidth of the virtual machine forwarding packet that gateway function is realized in technology, this improves Communication efficiency between virtual machine and main frame;On the other hand, each server due to the program suitable for server cluster, Therefore, gateway function corresponding with some subnet can be created on each server, so as to when some in the subnet During server fail, other virtual machines in the subnet can still continue to communicate with main frame, so improve virtual machine with Communication stability between main frame.
It is apparent to those skilled in the art that for convenience and simplicity of description, only with above-mentioned each function The division progress of module, can be as needed and by above-mentioned function distribution by different function moulds for example, in practical application Block is completed, i.e., the internal structure of device is divided into different functional modules, to complete all or part of work(described above Energy.The specific work process of the system, apparatus, and unit of foregoing description, it may be referred to corresponding in preceding method embodiment Journey, it will not be repeated here.
In several embodiments provided herein, it should be understood that disclosed system, apparatus and method can be with Realize by another way.For example, device embodiment described above is only schematical, for example, the module or The division of unit, only a kind of division of logic function, can there are other dividing mode, such as multiple units when actually realizing Or component can combine or be desirably integrated into another system, or some features can be ignored, or not perform.It is another, institute Display or the mutual coupling discussed or direct-coupling or communication connection can be by some interfaces, device or unit INDIRECT COUPLING or communication connection, can be electrical, mechanical or other forms.
The unit illustrated as separating component can be or may not be physically separate, show as unit The part shown can be or may not be physical location, you can with positioned at a place, or can also be distributed to multiple On NE.Some or all of unit therein can be selected to realize the mesh of this embodiment scheme according to the actual needs 's.
In addition, each functional unit in each embodiment of the present invention can be integrated in a processing unit, can also That unit is individually physically present, can also two or more units it is integrated in a unit.Above-mentioned integrated list Member can both be realized in the form of hardware, can also be realized in the form of SFU software functional unit.
If the integrated unit is realized in the form of SFU software functional unit and is used as independent production marketing or use When, it can be stored in a computer read/write memory medium.Based on such understanding, technical scheme is substantially The part to be contributed in other words to prior art or all or part of the technical scheme can be in the form of software products Embody, the computer software product is stored in a storage medium, including some instructions are causing a computer Equipment(Can be personal computer, server, or network equipment etc.)Or processor(processor)It is each to perform the present invention The all or part of step of embodiment methods described.And foregoing storage medium includes:USB flash disk, mobile hard disk, read-only storage (ROM, Read-Only Memory), random access memory(RAM, Random Access Memory), magnetic disc or CD Etc. it is various can be with the medium of store program codes.
The foregoing is only a specific embodiment of the invention, but protection scope of the present invention is not limited thereto, any Those familiar with the art the invention discloses technical scope in, change or replacement can be readily occurred in, should all be contained Cover within protection scope of the present invention.Therefore, protection scope of the present invention described should be defined by scope of the claims.

Claims (19)

  1. A kind of 1. implementation method of gateway function, it is characterised in that including:
    Server receives the first request message that management node is sent, and the first of the first gateway is carried in first request message First detected rule of routing iinformation and first gateway, first request message are used to ask the server described First gateway is created on virtual switch in server;
    The server obtains first routing iinformation and first detected rule according to first request message;
    The server generates the first routing rule and the second inspection according to first routing iinformation and first detected rule Gauge is then;
    The server realizes institute according to first routing rule and second detected rule by the virtual switch State the function of the first gateway;
    The server generates the first routing rule and the second inspection according to first routing iinformation and first detected rule Gauge then specifically includes:
    The server generates the first via corresponding with first routing iinformation by advising according to first routing iinformation Then with the first Route Distinguisher;
    First Route Distinguisher is added in first detected rule by the server, is advised with generating second detection Then.
  2. 2. the implementation method of gateway function according to claim 1, it is characterised in that first gateway and described first Routing rule is gateway corresponding with the first subnet and routing rule,
    Wherein, the server passes through the virtual switch according to first routing rule and second detected rule The method for realizing the function of first gateway, including:
    The server receives source virtual machine by the virtual switch and sent to the packet of destination host, the packet The address information of address information and the destination host including the source virtual machine, wherein, the source virtual machine is by described One subnet provides service, and the destination host provides service by the second subnet;
    The server is according to the address information of the source virtual machine, the address information of the destination host and second detection Rule, determine the mark of first subnet and the mark of second subnet;
    If first subnet mark it is different from the mark of second subnet, the server then according to the first via by Rule, the packet is forwarded.
  3. 3. the implementation method of gateway function according to claim 2, it is characterised in that the server determines described first After the mark of subnet and the mark of second subnet, methods described also includes:
    If the mark of first subnet is identical with the mark of second subnet, the server is then according to the described second detection Rule forwards to the packet.
  4. 4. the implementation method of gateway function according to claim 3, it is characterised in that the address information of the destination host Include the internet protocol address of the destination host,
    Wherein, if the mark of first subnet is identical with the mark of second subnet, the server is then according to described the Before two detected rules forward to the packet, methods described also includes:
    The server is according to the IP address of the destination host, in the first address mapping table corresponding with the source virtual machine Search the MAC address of the destination host corresponding with the IP address of the destination host;
    If the server does not find the MAC Address of the destination host, the service in first address mapping table Device then obtains the MAC Address of the destination host, and the MAC Address of the destination host is preserved to first address of cache Table.
  5. 5. the implementation method of gateway function according to claim 4, it is characterised in that the server is according to described first Routing rule, the packet is forwarded, including:
    The server turns according to the IP address of first routing rule and the destination host to the packet Hair;
    The server forwards according to second detected rule to the packet, specifically includes:
    The server is according to the MAC of second detected rule, the IP address of the destination host and the destination host Location, the packet is forwarded.
  6. A kind of 6. implementation method of gateway function, it is characterised in that including:
    When creating the first virtual machine in first server, management node searches the first via by advising in the first server It is then corresponding with first virtual machine the with the second detected rule, first routing rule and second detected rule The rule of one gateway;
    If the management node does not find first routing rule and the second detection rule in the first server Then, the management node then sends the first request message to the first server, so that the first server is according to First request message obtains the first routing iinformation and the first detected rule, and according to first routing iinformation and first inspection Gauge then generates first routing rule and second detected rule, and according to first routing rule and described Two detected rules, the function of first gateway is realized by the virtual switch in the first server, wherein, described First routing iinformation and first detected rule are carried in one request message, first request message is used to ask institute State first server and first gateway is created on the virtual switch;
    The server generates first routing rule and institute according to first routing iinformation and first detected rule The second detected rule is stated to specifically include:
    The server generates the first via corresponding with first routing iinformation by advising according to first routing iinformation Then with the first Route Distinguisher;
    First Route Distinguisher is added in first detected rule by the server, is advised with generating second detection Then.
  7. 7. the implementation method of gateway function according to claim 6, it is characterised in that need when in the first server When migrating virtual machine, the virtual machine to be migrated is virtual machine corresponding with first gateway, and methods described also includes:
    The management node determines at least one second server in server cluster;
    The management node searches first routing rule and second detection at least one second server Rule;
    If the management node finds first routing rule and described second at least one second server Detected rule, the management node is then by the virtual machine (vm) migration to be migrated in the first server to described at least one Second server.
  8. 8. the implementation method of gateway function according to claim 7, it is characterised in that the management node is by described first After the virtual machine (vm) migration to be migrated at least one second server on server, methods described also includes:
    Whether the management node, which determines to have in the first server, corresponding with first gateway does not migrate virtual machine;
    If the management node determines not migrate virtual machine without described in the first server, the management node then indicates institute State first server and delete first routing rule and second detected rule.
  9. 9. the implementation method of gateway function according to claim 6, it is characterised in that the management node is described first After the first routing rule and the second detected rule are searched in server, methods described also includes:
    If the management node finds first routing rule and second detected rule in the first server, The management node then indicates that the first server according to first routing rule and second detected rule, passes through institute State the function that virtual switch realizes first gateway.
  10. A kind of 10. server, it is characterised in that including:
    Receiving unit, for receiving the first request message of management node transmission, the first net is carried in first request message The first routing iinformation and the first detected rule of first gateway closed, first request message are used to ask in the clothes First gateway is created on virtual switch in business device;
    Acquiring unit, for first request message received according to the receiving unit, obtain first routing iinformation With first detected rule;
    Generation unit, for first routing iinformation obtained according to the acquiring unit, generation is with the first via by believing First routing rule corresponding to breath and the first Route Distinguisher, and first Route Distinguisher is advised added to the described first detection In then, to generate the second detected rule;
    Unit is realized, for first routing rule generated according to the generation unit and second detected rule, is led to Cross the function that the virtual switch realizes first gateway.
  11. 11. server according to claim 10, it is characterised in that first gateway and first routing rule are Corresponding with the first subnet gateway and routing rule,
    Wherein, the server also includes determining unit;
    The receiving unit, it is additionally operable to send to the packet of destination host by virtual switch reception source virtual machine, The packet includes the address information of the source virtual machine and the address information of the destination host, wherein, the source is virtual Machine provides service by first subnet, and the destination host provides service by the second subnet;
    The determining unit, address information, the target master for the source virtual machine that is received according to the receiving unit The address information of machine and second detected rule of generation unit generation, determine the mark of first subnet and described The mark of second subnet;
    It is described to realize unit, if being additionally operable to the mark for first subnet that the determining unit determines and second subnet Mark is different, then first routing rule generated according to the generation unit, the packet is forwarded.
  12. 12. server according to claim 11, it is characterised in that
    It is described to realize unit, it is additionally operable to determine the mark of first subnet and the mark of second subnet in the determining unit After knowledge, if the mark of first subnet is identical with the mark of second subnet, generated according to the generation unit Second detected rule forwards to the packet.
  13. 13. server according to claim 12, it is characterised in that the address information of the destination host includes the mesh The IP address of main frame is marked,
    Wherein, the server also includes searching unit and storage unit;
    The searching unit, if the mark and the mark of second subnet of first subnet determined for the determining unit It is sensible same, it is described to realize that unit then turns according to second detected rule to the packet that the receiving unit receives Before hair, the IP address of the destination host received according to the receiving unit, corresponding with the source virtual machine first The MAC Address of the destination host corresponding with the IP address of the destination host is searched in address mapping table;
    The acquiring unit, if be additionally operable to the searching unit does not find the target master in first address mapping table The MAC Address of machine, then obtain the MAC Address of the destination host;
    The storage unit, the MAC Address of the destination host for the acquiring unit to be obtained are preserved to described first Address mapping table.
  14. 14. server according to claim 13, it is characterised in that
    It is described to realize unit, specifically for first routing rule generated according to the generation unit and the acquiring unit The IP address of the destination host obtained, the packet received to the receiving unit forward;
    It is described to realize unit, specifically for generated according to the generation unit second detected rule, the acquiring unit The IP address of the destination host and the MAC Address of the destination host obtained, the number received to the receiving unit Forwarded according to bag.
  15. A kind of 15. management node, it is characterised in that including:
    Searching unit, for when creating the first virtual machine in first server, first to be searched in the first server Routing rule and the second detected rule, first routing rule and second detected rule are and first virtual machine pair The rule for the first gateway answered;
    Transmitting element, if not finding first routing rule and institute in the first server for the searching unit The second detected rule is stated, then the first request message is sent to the first server, so that the first server is according to First request message obtains the first routing iinformation and the first detected rule, and according to first routing iinformation and first inspection Gauge then generates first routing rule and second detected rule, and according to first routing rule and described Two detected rules, the function of first gateway is realized by the virtual switch in the first server, wherein, described First routing iinformation and first detected rule are carried in one request message, first request message is used to ask institute State first server and first gateway is created on the virtual switch;
    The first server generates first routing rule according to first routing iinformation and first detected rule Specifically included with second detected rule:
    The first server generates the first via corresponding with first routing iinformation according to first routing iinformation By rule and the first Route Distinguisher;
    First Route Distinguisher is added in first detected rule by the first server, to generate second inspection Gauge is then.
  16. 16. management node according to claim 15, it is characterised in that the management node also includes determining unit and moved Move unit;
    The determining unit, for when having virtual machine to be migrated in the first server, determined in server cluster to A few second server, wherein, the virtual machine to be migrated is virtual machine corresponding with first gateway;
    The searching unit, it is additionally operable to search described the at least one second server that the determining unit determines One routing rule and second detected rule;
    Migration units, if finding the first via by advising at least one second server for the searching unit Then with second detected rule, then by the virtual machine (vm) migration to be migrated in the first server to described at least one Second server.
  17. 17. management node according to claim 16, it is characterised in that the management node also includes indicating member;
    The determining unit, it is additionally operable to the virtual machine (vm) migration to be migrated in the first server in the migration units It is corresponding not with first gateway to after at least one second server, determining whether to have in the first server Migrate virtual machine;
    The indicating member, if determining not migrate virtual machine described in nothing in the first server for the determining unit, Indicate that the first server deletes first routing rule and second detected rule.
  18. 18. management node according to claim 15, it is characterised in that the management node also includes indicating member;
    The indicating member, if found for the searching unit in the first server first routing rule and Second detected rule, it indicates that the first server according to first routing rule and second detected rule, The function of first gateway is realized by the virtual switch.
  19. 19. a kind of gateway function realizes system, it is characterised in that including:
    At least one server as described in claim any one of 10-14, and the pipe as described in claim any one of 15-18 Manage node.
CN201310684671.XA 2013-12-13 2013-12-13 The implementation method and device of a kind of gateway function Active CN104717081B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201310684671.XA CN104717081B (en) 2013-12-13 2013-12-13 The implementation method and device of a kind of gateway function

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201310684671.XA CN104717081B (en) 2013-12-13 2013-12-13 The implementation method and device of a kind of gateway function

Publications (2)

Publication Number Publication Date
CN104717081A CN104717081A (en) 2015-06-17
CN104717081B true CN104717081B (en) 2018-01-23

Family

ID=53416077

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201310684671.XA Active CN104717081B (en) 2013-12-13 2013-12-13 The implementation method and device of a kind of gateway function

Country Status (1)

Country Link
CN (1) CN104717081B (en)

Families Citing this family (11)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN105657081B (en) * 2016-04-07 2019-01-18 华为技术有限公司 The method, apparatus and system of DHCP service are provided
CN107846358B (en) * 2016-09-19 2020-07-10 北京金山云网络技术有限公司 Data transmission method, device and network system
CN106685813B (en) * 2016-11-16 2019-05-10 国家数字交换系统工程技术研究中心 Suitable for accessing the output service response device and method of net gateway security
CN106789667B (en) * 2016-11-21 2021-01-01 华为技术有限公司 Data forwarding method, related equipment and system
CN106790614B (en) * 2016-12-30 2020-11-13 上海顶竹通讯技术有限公司 Scheduling method and system based on cloud platform
CN108462594B (en) * 2017-02-21 2022-03-04 阿里巴巴集团控股有限公司 Virtual private network and rule table generation method, device and routing method
US20200409737A1 (en) * 2017-12-14 2020-12-31 Samsung Electronics Co., Ltd. Server and method for controlling packet transmission
CN108551413B (en) * 2018-03-27 2020-11-03 青岛海信智慧家居系统股份有限公司 Intelligent household equipment binding method and device, gateway equipment and storage medium
CN110753071A (en) * 2018-07-23 2020-02-04 视联动力信息技术股份有限公司 Information acquisition method and device
CN109067573B (en) * 2018-07-26 2020-12-29 新华三技术有限公司 Traffic scheduling method and device
CN110730133B (en) * 2019-10-21 2021-11-12 北京百度网讯科技有限公司 Route notification method and system

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US7126941B1 (en) * 2001-08-24 2006-10-24 Cisco Technology, Inc. Managing packet voice networks using a virtual switch approach
CN102469004A (en) * 2010-10-29 2012-05-23 中国科学院计算技术研究所 Virtual machine network system and creation method thereof
CN102801715A (en) * 2012-07-30 2012-11-28 华为技术有限公司 Method for virtual machine migration in network, gateway and system

Family Cites Families (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
GB2458154B (en) * 2008-03-07 2012-06-27 Hewlett Packard Development Co Routing across a virtual network
US8184648B2 (en) * 2009-06-18 2012-05-22 Rockstar Bidco, LP Method and apparatus for implementing control of multiple physically dual homed devices
US8923149B2 (en) * 2012-04-09 2014-12-30 Futurewei Technologies, Inc. L3 gateway for VXLAN

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US7126941B1 (en) * 2001-08-24 2006-10-24 Cisco Technology, Inc. Managing packet voice networks using a virtual switch approach
CN102469004A (en) * 2010-10-29 2012-05-23 中国科学院计算技术研究所 Virtual machine network system and creation method thereof
CN102801715A (en) * 2012-07-30 2012-11-28 华为技术有限公司 Method for virtual machine migration in network, gateway and system

Also Published As

Publication number Publication date
CN104717081A (en) 2015-06-17

Similar Documents

Publication Publication Date Title
CN104717081B (en) The implementation method and device of a kind of gateway function
US10698739B2 (en) Multitenant access to multiple desktops on host machine partitions in a service provider network
CN111866064B (en) Load balancing method, device and system
CN102334111B (en) Providing logical networking functionality for managed computer networks
CN104350467B (en) Elasticity for the cloud security using SDN carries out layer
TWI543566B (en) Data center network system based on software-defined network and packet forwarding method, address resolution method, routing controller thereof
US7242665B2 (en) Network device virtual interface
US10210008B2 (en) Control server, service providing system, and method of providing a virtual infrastructure
CN105657081B (en) The method, apparatus and system of DHCP service are provided
CN103023827B (en) Data forwarding method for virtualized data centre and realization equipment of data forwarding method
CN103917967A (en) Network control system for configuring middleboxes
CN102546742B (en) The method and apparatus of the down hop identifier in managing distributed switch structure system
CN104780088A (en) Service message transmission method and equipment
CN104871145A (en) Memory sharing in network device
CN107846358A (en) A kind of data transmission method, device and network system
CN101772918A (en) The Operations, Administration and Maintenance of service chaining (OAM)
CN106576075A (en) Ingress ecmp in virtual distributed routing environment
CN104754025A (en) Programmable Distributed Networking
CN103812777B (en) Efficient data transmission system and method in overlay virtualized network
CN106034077A (en) Dynamic route configuration method, device and system thereof
CN105939290A (en) Resource allocation method and device
CN103685583A (en) Method and system for resolving domain names
CN104782104B (en) Scaled using the OTV of website virtual mac address
CN109547349A (en) Flow managing method, device, terminal and storage medium based on virtual flow-line
CN108432189A (en) Load balance on multiple endpoint of a tunnel

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant
TR01 Transfer of patent right
TR01 Transfer of patent right

Effective date of registration: 20200423

Address after: 518129 Bantian HUAWEI headquarters office building, Longgang District, Guangdong, Shenzhen

Patentee after: HUAWEI TECHNOLOGIES Co.,Ltd.

Address before: 301, A building, room 3, building 301, foreshore Road, No. 310052, Binjiang District, Zhejiang, Hangzhou

Patentee before: Huawei Technologies Co.,Ltd.