CN104811382B

CN104811382B - The processing method and device of data packet

Info

Publication number: CN104811382B
Application number: CN201410041372.9A
Authority: CN
Inventors: 肖文曙
Original assignee: Huawei Technologies Co Ltd
Current assignee: Huawei Cloud Computing Technologies Co Ltd
Priority date: 2014-01-28
Filing date: 2014-01-28
Publication date: 2018-05-29
Anticipated expiration: 2034-01-28
Also published as: WO2015113410A1; CN104811382A

Abstract

The present embodiments relate to the processing methods and device of a kind of data packet.The described method includes：Source controller receives the data packet sent by source virtual machine of source Virtual switch forwarding；Whether the TP addresses included according to data packet, source controller identification TP addresses have been stored in address list；If TP addresses are not stored in address list, source controller determines that purpose virtual machine is not in source data center；Source controller determines to forward the packet to the first forwarding rule of purpose virtual machine；Source controller sends the first forwarding rule to source Virtual switch and source virtual protocol respectively, so that source Virtual switch forwards the packet to source virtual protocol using the first forwarding rule, source virtual protocol forwards the packet to the purpose data center where purpose virtual machine using the first regular and stored route forwarding table of forwarding；Wherein, source controller, source Virtual switch, source virtual machine and source virtual protocol are in source data center together.

Description

The processing method and device of data packet

Technical field

The present invention relates to communication technique field more particularly to the processing methods and device of a kind of data packet.

Background technology

In order to realize the business such as disaster recovery and across the data center dynamic migration of virtual machine, at present, by will be across wide area network (Wide Area Network, referred to as：WAN) (Software Defined Network, referred to as：SDN) SDN clustered controls Technology and virtual extended LAN (Virtua l Extensib le LAN, abbreviation：VXLAN) technology is combined, and then is realized Superposition (over lay) double layer network between multiple data centers, flexible extended capability is provided for client.

As shown in Fig. 1-A, SDN clustered controls technology is combined realize between multiple data centers two with VXLAN technologies Layer network interconnects.There are SDN controllers, convergence switch, access switch and multiple physical services in each data center Device loads Virtual switch and virtual machine, also, the letter of any one SDN controller storage on each physical server Breath need to carry out information sharing, synchronous with other SDN controllers, and each SDN controllers can carry out the transmission path of data packet Management.

In Fig. 1, due to grasp of the SDN controllers to global information, the first virtual machine in data center A in data When communication interaction is carried out between the second virtual machine in heart B, in terms of stacking network level, two virtual machines are connected directly.It is actual As shown in phantom in FIG., data packet is transmitted to the physical network passed through by the first virtual machine loaded on the first physical server One Virtual switch, and data packet is transmitted to the first access switch by the first Virtual switch, the first access switch will Data packet is transmitted to the first core switch, and data packet is transmitted to data center B by the first core switch by route network In the second core switch, data packet is transmitted to the second access switch, the second access switch by the second core switch Data packet is transmitted to corresponding second Virtual switch, and the second virtual machine is transmitted to by the second Virtual switch, by second Virtual machine carries out data packet subsequent processing, and then realizes the double layer network interconnection between data center.Foregoing communication process In, Virtual switch, access switch and core switch are in transmission packet, all in accordance with VXLAN outer header information, Data packet is forwarded to by the forwarding rule stored according to forwarding unit.

But scheme of the prior art also exposes problems with：1) since the information of each SDN controllers storage needs It is shared, is synchronous, sharing across WAN, will synchronously network overhead being caused to become larger for bulk information increases the processing of SDN controllers Burden；2) since virtual machine is when being in communication with each other, there are a transmission paths between the virtual machine that communicates, as shown if figure 1-b, virtually It is fully-meshed network between machine, increases the complexity of network system, meanwhile, SDN controllers need the communication of real-time management each two empty Transmission path between plan machine wastes the process resource of SDN controllers, also reduces SDN controllers and the processing of data packet is imitated Rate.

The content of the invention

An embodiment of the present invention provides the processing methods and device of a kind of data packet, realize two between multiple data centers Layer network interconnects and VM communications.

In a first aspect, an embodiment of the present invention provides a kind of processing method of data packet, the described method includes：

Source controller receives the data packet sent by source virtual machine of source Virtual switch forwarding, and the data packet carries The destination address of the data packet, the destination address include the TP addresses of the purpose virtual machine to communicate with the source virtual machine；

According to the TP addresses of the target virtual machine, whether the TP addresses of the source controller identification purpose virtual machine It has been stored in address list；

If the TP addresses of the purpose virtual machine are not stored in described address list, the source controller determines institute It states purpose virtual machine and is not in the source data center；

The source controller determines for the data packet to be forwarded to the first forwarding rule of the purpose virtual machine；

The source controller sends the first forwarding rule to the source Virtual switch and source virtual protocol respectively, with So that the data packet is forwarded to the source virtual protocol by the source Virtual switch using the described first forwarding rule, it is described The data packet is forwarded to institute by source virtual protocol using the information of the described first regular and stored route forwarding table of forwarding State the purpose data center where purpose virtual machine；

Wherein, the source controller, the source Virtual switch, the source virtual machine and the source virtual protocol exist together In the source data center.

In the first possible implementation, the destination address further includes the MAC Address of the purpose virtual machine；

If the purpose virtual machine is not in the source data center, the source controller is determined for by institute State data packet be forwarded to the purpose virtual machine first forwarding rule specifically include：

If the purpose virtual machine is not in the source data center, and the purpose virtual machine and the source virtual machine In the same network segment, then the source controller is according to the MAC Address of the purpose virtual machine and the TP of the purpose virtual machine Address determines for the data packet to be forwarded to the first forwarding rule of the purpose virtual machine.

The possible realization method of with reference to first aspect the first, in second of possible realization method, the source control Device processed further includes before receiving the data packet sent by source virtual machine of source Virtual switch forwarding：

The source controller receives the ARP request sent by the source virtual machine of the source Virtual switch forwarding, institute ARP request is stated for obtaining the MAC Address of the purpose virtual machine, the ARP request is with including the TP of the purpose virtual machine Location；

According to the TP addresses of the purpose virtual machine, the source controller search whether stored in described address list with The MAC Address of the purpose virtual machine of the TP address matchings of the purpose virtual machine；

If the source controller does not find the MAC Address of the purpose virtual machine, the source controller determines to turn The transmission path for sending out data packet described；

According to the transmission path, the source controller determines the ARP request being forwarded to the purpose virtual Second forwarding rule of machine；

The source controller sends the second forwarding rule to the source Virtual switch and the source virtual protocol respectively, with So that the ARP request is forwarded to the source virtual protocol, institute by the source Virtual switch using the described second forwarding rule It states source virtual protocol and the ARP request is forwarded to the mesh using the described second forwarding regular and stored route forwarding table Data center, and by the arp response that the purpose virtual machine received is sent by the source Virtual switch to described Source virtual machine is sent, and the arp response includes the MAC Address of the purpose virtual machine.

In the third possible realization method, if the purpose virtual machine is not in the source data center, Then the source controller determines for the data packet to be forwarded to the first of the purpose virtual machine rule to be forwarded to specifically include：

If the purpose virtual machine is not in the source data center, and the purpose virtual machine and the source virtual machine In different segment, then the source controller is according to the TP addresses of the purpose virtual machine, with obtaining the MAC of purpose virtual gateway Location；

According to the TP addresses of the MAC Address of the purpose virtual gateway and the purpose virtual machine, the source controller Determine the transmission path of the forwarding data packet；

According to the transmission path, the source controller determines the data packet being forwarded to the purpose virtual machine First forwarding rule.

The third possible realization method with reference to first aspect, in the 4th kind of possible realization method, the target Address further includes the MAC Address of source virtual gateway；

The source controller sends the first forwarding rule to the source Virtual switch and source virtual protocol respectively Before further include：

The source controller carries the MAC Address of the purpose virtual gateway in the described first forwarding rule, so that The source Virtual switch is obtained using the described first forwarding rule, by the MAC Address of the source gateway and the purpose gateway MAC Address be encapsulated in the data packet, and the data packet after encapsulation is forwarded to the source virtual protocol.

The 4th kind of possible realization method with reference to first aspect, in the 5th kind of possible realization method, the source control Device processed further includes before receiving the data packet sent by source virtual machine of source Virtual switch forwarding：

The source controller receives the ARP request sent by the source virtual machine of the source Virtual switch forwarding, institute ARP request is stated for obtaining the MAC Address of the source virtual gateway, the ARP request is with including the TP of the source virtual gateway Location；

According to the TP addresses of the source virtual gateway, the source controller search whether stored in described address list with The MAC Address of the source virtual gateway of the TP address matchings；

If the source controller finds the MAC Address of the source virtual gateway, the source controller passes through described Source Virtual switch sends arp response to the source virtual machine, and the arp response includes the MAC Address of the source virtual gateway.

In second aspect, an embodiment of the present invention provides a kind of processing method of data packet, the described method includes：

Purpose controller receives the data packet sent by source virtual protocol of purpose virtual protocol forwarding, and the data packet is taken Destination address with the data packet, the destination address include the TP addresses of purpose virtual machine；

According to the TP addresses of the purpose virtual machine, the purpose controller identifies that the TP addresses of the purpose virtual machine are It is no to be stored in address list；

If the TP addresses of the purpose virtual machine are stored in described address list, the purpose controller determines institute It states purpose virtual machine and is in the purpose data center；

The purpose controller determines for the data packet to be forwarded to the first forwarding rule of the purpose virtual machine；

The purpose controller sends the first forwarding rule to the purpose virtual protocol and purpose Virtual switch respectively, So that the data packet is forwarded to the purpose virtual switch by the purpose virtual protocol using the described first forwarding rule The data packet is forwarded to the purpose virtual machine by device, the purpose Virtual switch using the described first forwarding rule；

Wherein, the purpose controller, the purpose virtual protocol and the purpose Virtual switch are in purpose number According to center, the source virtual protocol is in source data center.

If the purpose virtual machine is in the purpose data center, the purpose controller determines to be used to incite somebody to action The first forwarding rule that the data packet is forwarded to the purpose virtual machine specifically includes：

If the purpose virtual machine is in the purpose data center, and the purpose virtual machine and the source virtual machine In phase same network segment, then according to the MAC Address of the purpose virtual machine, the purpose controller searches whether exist and the mesh Virtual machine matching connection the purpose Virtual switch；

If the purpose controller finds the purpose Virtual switch that connection is matched with the purpose virtual machine, Then the purpose controller is determined according to the MAC Address of the purpose virtual gateway and the TP addresses of the purpose virtual machine Forward the transmission path of the data packet；

According to the transmission path, the purpose controller determines the data packet being forwarded to the purpose virtual First forwarding rule of machine.

With reference to the first possible realization method of second aspect, in second of possible realization method, the purpose Controller further includes before receiving the data packet sent by source virtual protocol of purpose virtual protocol forwarding：

The ARP sent by the source virtual protocol that the purpose controller receives the purpose virtual protocol forwarding please It asks, the ARP request is used to obtain the MAC Address of the purpose virtual machine, and the ARP request includes the purpose virtual machine TP addresses；

According to the TP addresses of the purpose virtual machine, the purpose controller searches whether exist and the purpose virtual machine Match the purpose Virtual switch of connection；

If the purpose controller finds the purpose Virtual switch that connection is matched with the purpose virtual machine, Then the purpose controller determines for the ARP request to be forwarded to the second forwarding rule of the purpose virtual machine；

The purpose controller sends described second to the purpose virtual protocol and the purpose Virtual switch respectively Forwarding rule, so that the ARP request is forwarded to the mesh by the purpose virtual protocol using the described second forwarding rule Virtual switch, the ARP request is forwarded to the mesh by the purpose Virtual switch using the described second forwarding rule Virtual machine, and receive the arp response that the purpose virtual machine is sent, and virtual to the source by the purpose virtual protocol Agency sends the arp response, and the arp response includes the MAC Address of the purpose virtual machine.

In the third possible realization method, if the purpose virtual machine is in the purpose data center, Then the purpose controller determines for the data packet to be forwarded to the first specific bag of forwarding rule of the purpose virtual machine It includes：

If the purpose virtual machine is in purpose data center, and the purpose virtual machine is in the source virtual machine Different segment, then according to the TP addresses of the purpose virtual machine, the purpose controller is with obtaining the MAC of the purpose virtual machine Location；

According to the MAC Address of the purpose virtual machine, the purpose controller searches whether to exist virtual with the purpose The purpose Virtual switch of machine matching connection；

If the purpose controller finds the purpose Virtual switch for matching and linking with the purpose virtual machine, Then the purpose controller determines forwarding according to the TP addresses of the virtual MAC Address of the purpose and the purpose virtual machine The transmission path of the data packet；

In the third aspect, an embodiment of the present invention provides a kind of processing unit of data packet, described device includes：

Receiving unit, for receiving the data packet sent by source virtual machine of source Virtual switch forwarding, the data packet The destination address of the data packet is carried, the destination address includes the TP of the purpose virtual machine to communicate with the source virtual machine Address；

Recognition unit, for the TP addresses according to the purpose virtual machine, identifying the TP addresses of the purpose virtual machine is It is no to be stored in address list；

Determination unit, if the TP addresses for the purpose virtual machine are not stored in described address list, it is determined that The purpose virtual machine is not in the source data center；

The determination unit is additionally operable to, and determines for the data packet to be forwarded to the first forwarding of the purpose virtual machine Rule；

Transmitting element, for sending the first forwarding rule to the source Virtual switch and source virtual protocol respectively, So that the data packet is forwarded to the source virtual protocol, institute by the source Virtual switch using the described first forwarding rule It states source virtual protocol and the data packet is forwarded to the mesh using the described first forwarding regular and stored route forwarding table Virtual machine where purpose data center；

Wherein, the processing unit of the data packet, the source Virtual switch, the source virtual machine and the source are virtual Agency is in the source data center together.

In the first possible implementation, the destination address for the data packet that the receiving unit receives further includes The MAC Address of the purpose virtual machine；

The determination unit is specifically used for, if the purpose virtual machine is not in the source data center, and the mesh Virtual machine and the source virtual machine be in the same network segment, then according to the MAC Address of the purpose virtual machine and the purpose The TP addresses of virtual machine determine the transmission path of the forwarding data packet；

According to the transmission path, determine that the first forwarding for the data packet to be forwarded to the purpose virtual machine is advised Then.

With reference to the first possible realization method of the third aspect, in second of possible realization method, the reception Unit is additionally operable to, and receives the ARP request sent by the source virtual machine of the source Virtual switch forwarding, the ARP request For obtaining the MAC Address of the purpose virtual machine, the ARP request includes the TP addresses of the purpose virtual machine；

Described device further includes：First searching unit for the TP addresses according to the purpose virtual machine, is searched describedly Whether MAC Address with the purpose virtual machine of the TP address matching of the purpose virtual machine has been stored in the list of location；

The determination unit is additionally operable to, if not finding the MAC Address of the purpose virtual machine, it is determined that for by institute State the second forwarding rule that ARP request is forwarded to the purpose virtual machine；

The transmitting element is additionally operable to, and sends the second forwarding to the source Virtual switch and the source virtual protocol respectively Rule, so that using the described second forwarding rule the ARP request to be forwarded to the source virtual for the source Virtual switch Agency, the source virtual protocol are forwarded the ARP request using the described second regular and stored route forwarding table of forwarding To the purpose data center, and the arp response that the purpose virtual machine received is sent passes through the source virtual switch Device is sent to the source virtual machine, and the arp response includes the MAC Address of the purpose virtual machine.

In the third possible realization method, the determination unit is specifically used for, if the purpose virtual machine is not located In the source data center, and the purpose virtual machine is in different segment with the source virtual machine, then empty according to the purpose The TP addresses of plan machine obtain the MAC Address of purpose virtual gateway；

According to the TP addresses of the MAC Address of the purpose virtual gateway and the purpose virtual machine, determine described in forwarding The transmission path of data packet；

With reference to the third possible realization method of the third aspect, in the 4th kind of possible realization method, the reception The destination address for the data packet that unit receives further includes the MAC Address of source virtual gateway；

Described device further includes：Processing unit, for carrying the MAC Address of the purpose virtual gateway described first Forwarding rule in so that the source Virtual switch using described first forwarding rule, by the MAC Address of the source gateway with And the MAC Address of the purpose gateway is encapsulated in the data packet, and the data packet after encapsulation is forwarded to the source Virtual protocol.

With reference to the 4th kind of possible realization method of the third aspect, in the 5th kind of possible realization method, the reception Unit is additionally operable to, and receives the ARP request sent by the source virtual machine of the source Virtual switch forwarding, the ARP request For obtaining the MAC Address of the source virtual gateway, the ARP request includes the TP addresses of the source virtual gateway；

Described device further includes：Second searching unit for the TP addresses according to the source virtual gateway, is searched describedly Whether MAC Address with the source virtual gateway of the TP address matching has been stored in the list of location；

The transmitting element is additionally operable to, virtual by the source if finding the MAC Address of the source virtual gateway Exchanger sends arp response to the source virtual machine, and the arp response includes the MAC Address of the source virtual gateway.

In fourth aspect, an embodiment of the present invention provides a kind of processing unit of data packet, described device includes：

Receiving unit, for receiving the data packet sent by source virtual protocol of purpose virtual protocol forwarding, the data Bag carries the destination address of the data packet, and the destination address includes the TP addresses of purpose virtual machine；

Determination unit, if the TP addresses for the purpose virtual machine are stored in described address list, it is determined that institute It states purpose virtual machine and is in the purpose data center；

The determination unit is additionally operable to, if the purpose virtual machine is in the purpose data center, it is determined that be used for The data packet is forwarded to the first forwarding rule of the purpose virtual machine；

Transmitting element, for sending the first forwarding rule to the purpose virtual protocol and purpose Virtual switch respectively, So that the data packet is forwarded to the purpose virtual switch by the purpose virtual protocol using the described first forwarding rule The data packet is forwarded to the purpose virtual machine by device, the purpose Virtual switch using the described first forwarding rule；

Wherein, the processing unit of the data packet, the purpose virtual protocol and the purpose Virtual switch are in Purpose data center, the source virtual protocol are in source data center.

The determination unit is specifically used for, if the purpose virtual machine is in the purpose data center, and the mesh Virtual machine be in phase same network segment with the source virtual machine, then according to the MAC Address of the purpose virtual machine, search whether exist The purpose Virtual switch of connection is matched with the purpose virtual machine；

If the purpose Virtual switch that connection is matched with the purpose virtual machine is found, according to the purpose The TP addresses of the MAC Address of virtual machine and the purpose virtual machine determine the transmission path of the forwarding data packet；

With reference to the first possible realization method of fourth aspect, in second of possible realization method, the reception Unit is additionally operable to, and receives the ARP request sent by the source virtual protocol of the purpose virtual protocol forwarding, the ARP please Seek to obtain the MAC Address of the purpose virtual machine, the ARP request includes the TP addresses of the purpose virtual machine；

The determination unit is additionally operable to, and according to the TP addresses of the purpose virtual machine, searches whether exist and the purpose The purpose Virtual switch of virtual machine matching connection；

If find the purpose Virtual switch that connection is matched with the purpose virtual machine, it is determined that for by institute State the second forwarding rule that ARP request is forwarded to the purpose virtual machine；

The transmitting element is additionally operable to, respectively to described in the purpose virtual protocol and purpose Virtual switch transmission Second forwarding rule, so that the ARP request is forwarded to institute by the purpose virtual protocol using the described second forwarding rule Purpose Virtual switch is stated, the ARP request is forwarded to institute by the purpose Virtual switch using the described second forwarding rule Purpose virtual machine is stated, and receives the arp response that the purpose virtual machine is sent, and by the purpose virtual protocol to the source Virtual protocol sends the arp response, and the arp response includes the MAC Address of the purpose virtual machine.

In the third possible realization method, the determination unit is specifically used for, if the purpose virtual machine is in Purpose data center, and the purpose virtual machine is in different segment with the source virtual machine, then according to the purpose virtual machine TP addresses, obtain the MAC Address of the purpose virtual machine；

According to the MAC Address of the purpose virtual machine, search whether there is the institute that connection is matched with the purpose virtual machine State purpose Virtual switch；

If the purpose Virtual switch for matching and linking with the purpose virtual machine is found, according to the purpose The TP addresses of the MAC Address of virtual machine and the purpose virtual machine determine the transmission path of the forwarding data packet；

Therefore, by the processing method and device of application data packet provided in an embodiment of the present invention, source controller is according to mesh Address is marked, whether identifying purpose virtual machine is in source data center, when purpose virtual machine is not in source data center, source control Device determines to forward the packet to the first forwarding rule of purpose virtual machine, and to source Virtual switch and source Virtual Agent Haircut send the first forwarding regular, so that source Virtual switch forwards the packet to source Virtual Agent using the first forwarding rule Reason, source virtual protocol are forwarded the packet to using the first regular and stored route forwarding table of forwarding where purpose virtual machine Purpose data center.The controller for solving each data center in the prior art carries out bulk information to share synchronization across WAN, Increase controller processing load, waste the process resource of controller, reduce the problem of controller is to the treatment effeciency of data packet, The interconnection of virtual network between multiple data centers is realized, controller processing load is reduced, saves the process resource of control, carry High treatment effeciency of the controller to data packet.

Description of the drawings

Fig. 1-A are the transmission packet schematic diagram that the prior art provides；

Fig. 1-B are transmission path schematic diagram between the virtual machine that the prior art provides；

Fig. 2 is the process flow figure for the data packet that the embodiment of the present invention one provides；

Fig. 3 is the process flow figure of data packet provided by Embodiment 2 of the present invention；

Fig. 4 is the process flow figure for the data packet that the embodiment of the present invention three provides；

Fig. 5 is the process flow figure for the data packet that the embodiment of the present invention four provides；

Fig. 6 is a kind of processing method signaling diagram for data packet that the embodiment of the present invention five provides；

Fig. 7 is the MAC Address signaling diagram for the acquisition purpose VM that the embodiment of the present invention five provides；

Fig. 8 is the processing method signaling diagram for another data packet that the embodiment of the present invention six provides；

Fig. 9 is the MAC Address signaling diagram for the acquisition source gateway that the embodiment of the present invention six provides；

Figure 10 transmission path schematic diagrames between virtual machine provided in an embodiment of the present invention；

Figure 11 is the processing device structure diagram for the data packet that the embodiment of the present invention seven provides；

Figure 12 is the processing device structure diagram for the data packet that the embodiment of the present invention eight provides；

Figure 13 is the processing device structure diagram for the data packet that the embodiment of the present invention nine provides；

Figure 14 is the processing device structure diagram for the data packet that the embodiment of the present invention ten provides；

Figure 15 is the processing unit hardware architecture diagram for the data packet that the embodiment of the present invention 11 provides；

Figure 16 is the processing unit hardware architecture diagram for the data packet that the embodiment of the present invention 12 provides；

Figure 17 is the processing unit hardware architecture diagram for the data packet that the embodiment of the present invention 13 provides；

Figure 18 is the processing unit hardware architecture diagram for the data packet that the embodiment of the present invention 14 provides；

Figure 19 is the processing system schematic diagram for the data packet that the embodiment of the present invention 15 provides.

Specific embodiment

To make the purpose, technical scheme and advantage of the embodiment of the present invention clearer, below in conjunction with the embodiment of the present invention In attached drawing, the technical solution in the embodiment of the present invention is clearly and completely described, it is clear that described embodiment is Part of the embodiment of the present invention, instead of all the embodiments.Based on the embodiments of the present invention, those of ordinary skill in the art All other embodiments obtained without making creative work belong to the scope of protection of the invention.

For ease of being understood in real time of the invention, it is further explained below in conjunction with attached drawing with specific embodiment Bright, embodiment does not form the restriction to the embodiment of the present invention.

Embodiment one

The processing method for the data packet that embodiment one that the present invention will be described in detail by taking Fig. 2 as an example below provides, Fig. 2 are the present invention The process flow figure for the data packet that embodiment one provides, subject of implementation is source controller in embodiments of the present invention, described Source controller is specially source SDN controllers, which is in source data center.The source data center further includes source void Intend exchanger (vSwitch), source virtual machine (VM) and source virtual protocol (vProxy).As shown in Fig. 2, the embodiment is specifically wrapped Include following steps：

Step 210, source controller receive the data packet sent by source virtual machine of source Virtual switch forwarding, the data Bag carries the destination address of the data packet, and the destination address includes the purpose virtual machine to communicate with the source virtual machine TP addresses.

Specifically, source controller receives the data packet sent by source VM of source vSwitch forwardings, and the data packet carries The destination address of the data packet, the destination address include the TP addresses of the purpose VM to communicate with source VM.

Wherein, the source controller receives the data packet sent by source virtual machine that source Virtual switch forwards and specifically wraps It includes：

When source, vSwitch receives the data packet of source VM transmissions, and in the forwarding lists that are stored at itself of source vSwitch not When finding the forwarding rule of forwarding data packet, source controller receives the data packet sent by source VM of source vSwitch forwardings.

It is understood that further including source address in the data packet, the source address is TP, the MAC Address of source VM Deng.

Step 220, the TP addresses according to the purpose virtual machine, the source controller identify the TP of the purpose virtual machine Whether address has been stored in address list.

Specifically, source controller receiving data bag obtains source address and the TP addresses of purpose VM from data packet.According to The TP addresses of source address and purpose VM, it is logical that source controller determines that source VM prepares to interact with the purpose VM of TP addresses instruction Letter.Whether source controller identifies purpose VM in source data center according to the TP addresses of purpose VM.

According to the TP addresses of purpose VM, whether the TP addresses of source controller identifying purpose VM have been stored in the address column of itself In table, the attribute information of the multiple VM managed in the controller of source is store in described address list.

If step 230, the TP addresses of the purpose virtual machine are not stored in described address list, the source control Device determines that the purpose virtual machine is not in the source data center.

Specifically, since the TP addresses of purpose VM are not stored in address list, then source controller determines that purpose VM is one A VM for being not belonging to source controller self-management.

Step 240, the source controller determine the data packet being forwarded to first turn of the purpose virtual machine Hair rule.

Specifically, according to the identification of step 220 and step 230, if purpose VM is not in source data center, source control Device processed determines the purpose data center where purpose virtual machine, and determines the first forwarding rule, and the first forwarding rule is used for Forward the packet to purpose VM.

Step 250, the source controller send described first turn to the source Virtual switch and source virtual protocol respectively Hair rule, so that using the described first forwarding rule the data packet to be forwarded to the source virtual for the source Virtual switch The data packet is forwarded to by agency, the source virtual protocol using the described first regular and stored route forwarding table of forwarding Purpose data center where the purpose virtual machine.

Specifically, after source controller determines the first forwarding rule, source controller is sent out respectively to source vSwitch and source vProxy Send the first forwarding regular, the forwarding item that the first forwarding rule includes forwarding data packet (that is to say at the encapsulation to data packet The transmission path of reason rule and forwarding data packet) so that source vSwitch is using forwarding item to forward the packet to source VProxy, source vProxy are using forwarding item and stored route forwarding table forwards the packet to mesh where purpose virtual machine Data center, purpose data center handles data packet accordingly.

Further, source controller sends the first forwarding rule, source vSwitch to source vSwitch and source vProxy respectively Forwarding item is obtained from the first forwarding rule, and (encapsulation is i.e. in data by data packet progress VXLAN encapsulation using item is forwarded Bag is outer to increase VXLAN frame heads portion, and outer layer source, purpose TP addresses and outer layer source, target MAC (Media Access Control) address are filled in frame head portion), Obtain the first VXLAN messages, the first VXLAN messages are forwarded to source vProxy by source vSwitch, and source vProxy is from the first VXLAN Data packet is obtained in message, (encapsulation is i.e. by VXLAN frame heads portion using forwarding item that data packet is carried out to VXLAN encapsulation again Middle outer layer source TP addresses are arranged to the TP addresses of source vProxy, and outer layer purpose TP addresses set the TP addresses for purpose vProxy) The 2nd VXLAN messages are obtained, the 2nd VXLAN messages are forwarded to purpose vProxy by source vProxy, and the purpose vProxy is in Purpose data center.

It is understood that source vProxy obtains mesh before VXLAN encapsulation is carried out, according to stored route forwarding table VProxy TP addresses, VXLAN encapsulation is carried out again to data packet using the TP addresses of the purpose vProxy of acquisition.Wherein, By existing standard agreement between source vProxy and purpose vProxy, routing iinformation and the TP addresses of other side are mutually obtained, and will The routing iinformation of acquisition and the TP addresses of other side are stored in route forwarding table.

Wherein, non-limiting as example, the transmission path for forwarding data packet is specially：Source VM-- sources vSwitch-- sources The vProxy of vProxy- mesh.

In embodiments of the present invention, the first forwarding rule is also wrapped in addition to including forwarding the forwarding item of data packet Include the rule that source Switch, source vProxy is made to carry out VXLAN encapsulation/decapsulation to data packet.

Therefore, by the processing method of application data packet provided in an embodiment of the present invention, source controller according to destination address, Whether identifying purpose virtual machine is in source data center, and when purpose virtual machine is not at source data center, source controller determines For forwarding the packet to the first of purpose virtual machine the forwarding rule, and sent to source Virtual switch and source virtual protocol First forwarding rule, so that source Virtual switch forwards the packet to source virtual protocol using the first forwarding rule, source is empty Intend acting on behalf of the purpose forwarded the packet to using the first regular and stored route forwarding table of forwarding where purpose virtual machine Data center.The controller for solving each data center in the prior art carries out bulk information to share synchronization across WAN, increases control Device processing load processed wastes the process resource of controller, reduces the problem of controller is to the treatment effeciency of data packet, realizes The interconnection of virtual network between multiple data centers reduces controller processing load, saves the process resource of control, improve control Device processed is to the treatment effeciency of data packet.

Embodiment two

The processing method for the data packet that embodiment two that the present invention will be described in detail by taking Fig. 3 as an example below provides, Fig. 3 are the present invention Embodiment two provide data packet process flow figure, in embodiments of the present invention subject of implementation be purpose controller, institute It is specifically purpose SDN controllers to state purpose controller, which is in purpose data center.In the purpose data The heart further includes purpose vSwitch, purpose VM and purpose vProxy.As shown in figure 3, the embodiment specifically includes following steps：

Step 310, purpose controller receive the data packet sent by source virtual protocol of purpose virtual protocol forwarding, described Data packet carries the destination address of the data packet, and the destination address includes the TP addresses of purpose virtual machine.

Specifically, purpose controller receives the data packet sent by source vProxy of purpose vProxy forwardings, the data Bag carries the destination address of the data packet, and the destination address includes the TP addresses of purpose VM.The source vProxy is in Source data center.

Wherein, the purpose controller receives the data packet sent by source vProxy that purpose vProxy is forwarded and specifically wraps It includes：

When purpose vProxy receives the data packet of source vProxy transmissions, and purpose vProxy is arranged in the forwarding that itself store When not finding the forwarding rule of forwarding data packet in table, purpose controller receives being sent out by source vProxy for purpose vProxy forwardings The data packet sent.

Step 320, the TP addresses according to the purpose virtual machine, the purpose controller identify the purpose virtual machine Whether TP addresses have been stored in address list.

Specifically, purpose controller receiving data bag obtains source address and the TP addresses of purpose VM from data packet.Root According to source address and the TP addresses of purpose VM, purpose controller determines that the source VM preparations in source data center refer to TP addresses The purpose VM shown interacts communication.Purpose controller is according to the TP addresses of purpose VM, and whether identifying purpose VM is in purpose number According to center.

According to the TP addresses of purpose VM, whether the TP addresses of purpose controller identifying purpose VM have been stored in the address of itself In list, the attribute information of the multiple VM managed in purpose controller is store in described address list.

If step 330, the TP addresses of the purpose virtual machine are stored in described address list, the purpose control Device determines that the purpose virtual machine is in the purpose data center.

Specifically, since the TP addresses of purpose VM are stored in address list, then purpose controller determines that purpose VM is one A VM for belonging to purpose controller self-management.

If step 340, the purpose virtual machine are in the purpose data center, the purpose controller determines to use In the first forwarding rule that the data packet is forwarded to the purpose virtual machine.

Specifically, according to the identification of step 320, if purpose VM is in purpose data center, purpose controller determines First forwarding rule, the first forwarding rule are used to forward the packet to purpose VM.

Step 350, the purpose controller send first to the purpose virtual protocol and purpose Virtual switch respectively Forwarding rule, so that the data packet is forwarded to the purpose by the purpose virtual protocol using the described first forwarding rule The data packet is forwarded to the purpose void by Virtual switch, the purpose Virtual switch using the described first forwarding rule Plan machine.

Specifically, after purpose controller determines the first forwarding rule, then purpose controller is respectively to purpose vProxy and mesh VSwitch send first forwarding rule, it is described first forwarding rule include forwarding data packet forwarding item (that is to say to data The encapsulation process rule of bag and the transmission path of forwarding data packet) so that purpose vProxy is utilized item is forwarded to turn data packet Purpose vSwitch is sent to, for purpose vSwitch using item is forwarded to forward the packet to purpose VM, purpose VM carries out data packet Corresponding processing, establishes the communication link between the VM of source.

Further, purpose controller sends the first forwarding rule, purpose to purpose vProxy and purpose vSwitch respectively VProxy obtains forwarding item from the first forwarding rule, and by data packet progress VXLAN encapsulation, (encapsulation is i.e. using item is forwarded Outer layer source TP addresses in VXLAN frame heads portion are set into the TP addresses for purpose vProxy, for the purpose of the setting of outer layer purpose TP addresses The TP addresses of vSwitch), VXLAN messages are obtained, VXLAN messages are forwarded to purpose vSwitch, purpose by purpose vProxy VSwitch decapsulates VXLAN messages, obtains data packet, purpose VM is forwarded the packet to using rule is forwarded.

It is understood that purpose vProxy is before VXLAN encapsulation is carried out, according to the target carried in data packet Location obtains the TP addresses of purpose vSwitch from forwarding item, using acquisition purpose vSwitch TP addresses to data packet again Secondary progress VXLAN encapsulation.

Wherein, non-limiting as example, the transmission path for forwarding data packet is specially：Source vProxy-- purposes The VM of the vSwi tch-- mesh of vProxy-- mesh.

In embodiments of the present invention, the first forwarding rule is also wrapped in addition to including forwarding the forwarding item of data packet Include the rule that purpose vProxy, purpose Switch is made to carry out VXLAN encapsulation/decapsulation to data packet.

Therefore, by the processing method of application data packet provided in an embodiment of the present invention, it is empty that purpose controller receives purpose Intend agency, the data packet that source virtual protocol is sent, according to destination address, identifying purpose virtual machine is whether in purpose data The heart, when purpose virtual machine is in purpose data center, purpose controller determines to forward the packet to purpose virtual First forwarding rule of machine, and the first forwarding rule is sent to purpose Virtual switch and purpose virtual protocol, so that mesh Virtual protocol forward the packet to purpose Virtual switch using the first forwarding rule, purpose Virtual switch utilizes first Forwarding rule forwards the packet to purpose virtual machine.The controller of each data center in the prior art is solved by bulk information It carries out sharing synchronization across WAN, increases controller processing load, waste the process resource of controller, reduce controller to data The problem for the treatment of effeciency of bag, realizes the interconnection of virtual network between multiple data centers, reduces controller processing load, section The process resource about controlled improves treatment effeciency of the controller to data packet.

Embodiment three

The processing method for the data packet that embodiment three that the present invention will be described in detail by taking Fig. 4 as an example below provides, Fig. 4 are the present invention The process flow figure for the data packet that embodiment three provides, subject of implementation is source vProxy in embodiments of the present invention, described Source vProxy is in source data center.The source data center further includes source controller, source vSwitch and source VM.Such as Fig. 4 Shown, which specifically includes following steps：

Step 410, source virtual protocol receive the data packet that source Virtual switch is sent, and the data packet carries the number According to the destination address of bag.

Specifically, source vProxy receives the data packet that source vSwitch is sent, and the data packet carries the data packet Destination address.

Further, source vProxy receives messages of the source vSwitch after VXLAN is encapsulated, and the VXLAN messages carry Data packet.

In embodiments of the present invention, cloud management system is the vProxy of each data center configuration data center, described VProxy is used to be received according to forwarding rule or data packet to be sent, message are forwarded to, and the vProxy can be loaded In physical server.

Step 420, the source virtual protocol receive the first forwarding rule that source controller is sent, the first forwarding rule For the data packet to be forwarded to the purpose virtual machine of the destination address instruction.

Specifically, source vProxy receives the first forwarding rule that source controller is sent, and the first forwarding rule is deposited Storage, the first forwarding rule are used to forward the packet to the purpose VM of destination address instruction.

Step 430, the destination address according to the data packet, the source virtual protocol using described first forwarding rule and The data packet is forwarded to purpose virtual protocol by stored route forwarding table, so that the purpose virtual protocol is by institute It states data packet and is forwarded to the purpose virtual machine.

Specifically, source vProxy obtains source address and destination address from data packet.Source controller determines that source VM prepares It interacts and communicates with the purpose VM of destination address instruction.Source vProxy is obtained according to destination address from the first forwarding rule Matched forwarding item (transmission path that is to say the encapsulation process rule and forwarding data packet to data packet).

Purpose is forwarded the packet to according to matched forwarding item and stored routing table information, source vProxy VProxy, so that purpose vProxy, which forwards the packet to purpose VM, the purpose vProxy, is in destination address instruction Purpose data center where purpose VM.

Further, described using the described first regular and described routing table information of forwarding, the source virtual protocol is by institute It states data packet and is forwarded to purpose virtual protocol and specifically include：

Using route forwarding table, source vProxy obtains the TP addresses of purpose vProxy, according to the TP addresses of purpose vProxy, Source vProxy forwards the packet to purpose vProxy, so that purpose vProxy turns data packet using the first forwarding rule It is sent to purpose VM.

It is understood that source vProxy when forwarding data packet to purpose vProxy, can also carry out VXLAN to data packet Encapsulation, (outer layer source TP addresses in VXLAN frame heads portion are arranged to the TP addresses of source vProxy, outer layer purpose TP by the encapsulation Address sets the TP addresses for purpose vProxy), the VXLAN messages after encapsulation are forwarded to purpose vProxy by source vProxy, by Purpose vProxy forwards the packet to purpose VM again.Wherein, assisted between source vProxy and purpose vProxy by existing standard View mutually obtains routing iinformation and the TP addresses of other side, and the TP addresses of the routing iinformation of acquisition and other side is stored in routing In forwarding table.

In embodiments of the present invention, the first forwarding rule is also wrapped in addition to including forwarding the forwarding item of data packet Include the rule that source vProxy is made to carry out VXLAN encapsulation/decapsulation to data packet.

Therefore, by the processing method of application data packet provided in an embodiment of the present invention, it is virtual that source virtual protocol receives source The data packet that exchanger is sent according to destination address, obtains matched forwarding item, and utilizes and forward item and stored routing Table forwards the packet to purpose virtual protocol, realizes across WAN transmission, establishes the biography between the virtual machine at different data center Transmission link, the controller for solving each data center in the prior art carry out bulk information to share synchronization across WAN, increase control Device processing load wastes the process resource of controller, reduces the problem of controller is to the treatment effeciency of data packet, realizes more The interconnection of virtual network between a data center reduces controller processing load, saves the process resource of control, improve control Device is to the treatment effeciency of data packet.

Example IV

The processing method for the data packet that example IV that the present invention will be described in detail by taking Fig. 5 as an example below provides, Fig. 5 are the present invention Example IV provide data packet process flow figure, in embodiments of the present invention subject of implementation be purpose vProxy, institute Purpose vProxy is stated to be in purpose data center.The purpose data center further include purpose controller, purpose vSwitch with And purpose VM.As shown in figure 5, the embodiment specifically includes following steps：

Step 510, purpose virtual protocol receive the data packet that source virtual protocol is sent, and the data packet carries the number According to the destination address of bag.

Specifically, purpose vProxy receives the data packet that source vProxy is sent, and the data packet carries the data packet Destination address.

It is understood that the data packet also carries source address, the source address is TP, the MAC Address of source VM, according to Source address and destination address, purpose vProxy determine that source VM prepares to interact with the purpose VM of destination address instruction and communicate.

Wherein, source vProxy can also carry out VXLAN encapsulation, (institute when sending data packet to purpose vProxy to data packet The TP addresses that outer layer source TP addresses in VXLAN frame heads portion are arranged to source vProxy by encapsulation are stated, outer layer purpose TP addresses are set For the TP addresses of purpose vProxy), source vProxy sends the VXLAN messages after encapsulation to purpose vProxy.

Step 520, when the purpose virtual protocol do not find with the destination address it is matched forwarding rule when, it is described Purpose virtual protocol sends the data packet to purpose controller.

Specifically, purpose vProxy is searched to whether there is in the forwarding list of storage and advised with the matched forwarding of destination address Then.When purpose vProxy does not find forwarding rule matched with destination address, purpose vProxy is sent to purpose controller Data packet.

The first forwarding that step 530, the purpose virtual protocol receive the purpose controller transmission is regular, and described first Forwarding rule is used to the data packet being forwarded to the purpose virtual machine of the destination address instruction.

Specifically, purpose vProxy receives the first forwarding rule that purpose controller is sent, the first forwarding rule bag Include to forward the forwarding item (transmission path that is to say the encapsulation process rule and forwarding data packet to data packet) of data packet. The first forwarding rule is used to forward the packet to the purpose VM of destination address instruction.

Step 540, using the described first forwarding rule, the purpose virtual protocol is by purpose Virtual switch to described Purpose virtual machine sends the data packet.

Specifically, the first forwarding rule obtained according to step 530, purpose vProxy is by purpose vSwitch to purpose VM sends data packet, and purpose VM handles data packet accordingly, establishes the communication link between the VM of source.

Further, described using the described first forwarding rule, the purpose virtual protocol passes through purpose Virtual switch The data packet is sent to the purpose virtual machine to specifically include：

According to the first forwarding rule, purpose vProxy obtains matched forwarding item from the first forwarding rule, according to matching Forwarding item, purpose vProxy obtains the TP addresses of purpose vSwitch；According to the TP addresses of purpose vSwitch, purpose vProxy Purpose vSwitch is forwarded the packet to, so that purpose vSwitch sends data packet according to destination address to purpose VM.

Wherein, purpose vProxy can also carry out VXLAN encapsulation when sending data packet to purpose vSwitch to data packet (outer layer source TP addresses in VXLAN frame heads portion are set TP addresses for purpose vProxy, outer layer purpose TP addresses by the encapsulation TP addresses for purpose vSwitch are set), the VXLAN messages after encapsulation are forwarded to purpose vSwitch by purpose vProxy, by Purpose vSwitch obtains data packet from VXLAN messages, and purpose vSwitch forwards the packet to purpose VM transmissions.

In embodiments of the present invention, the first forwarding rule is also wrapped in addition to including forwarding the forwarding item of data packet Include the rule that purpose vProxy is made to carry out VXLAN encapsulation/decapsulation to data packet.

Therefore, by the processing method of application data packet provided in an embodiment of the present invention, it is empty that purpose virtual protocol receives source Intend the data packet that agency sends, according to destination address, obtain the first forwarding rule that purpose controller is sent, and utilize first turn Hair rule, forwards the packet to purpose virtual machine by purpose Virtual switch, realizes across WAN transmission, establish different data Transmission link between the virtual machine at center, solve the controller of each data center in the prior art by bulk information carry out across WAN shares synchronization, increases controller processing load, wastes the process resource of controller, reduce place of the controller to data packet The problem of managing efficiency realizes the interconnection of virtual network between multiple data centers, reduces controller processing load, saves control Process resource, improve treatment effeciency of the controller to data packet.

Aforesaid plurality of embodiment illustrates the processing method of data packet using different executive agents as emphasis respectively, passes through The description of aforesaid plurality of embodiment, the controller of data center no longer carry out, across the shared, synchronous of WAN information, reducing network and opening Pin, reduces the processing load of control, and information, transmission path of each controller only to data central interior are managed；In data The heart increases vProxy so that the data packet for passing in and out data center is both needed to be forwarded to by vProxy, reduces answering for network system Miscellaneous degree, meanwhile, the transmission path of the virtual machine of data center where controller only maintains itself, the processing for saving controller provides Source improves controller to the treatment effeciency of data packet, realizes the interconnection of virtual network between multiple data centers.

Embodiment five

Source, purpose VM involved in previous embodiment are in phase same network segment, but belong in different data centers；Or Person, source, purpose VM are in different segment, and also belong in different data centers.

In embodiments of the present invention, the source, purpose VM belong to the same network segment, but belong in different data centers. The controller that includes below in conjunction with source, purpose data center and each data center, vSwitch, VM, vProxy are to data packet Processing method be described in detail, as shown in fig. 6, Fig. 6 is the processing of a kind of data packet that the embodiment of the present invention five provides Method signaling diagram.The embodiment specifically includes following steps：

Step 601, source virtual machine send data packet to source Virtual switch, and the data packet carries the data packet Destination address.

Specifically, source VM prepares to carry out communication interaction with the purpose VM for belonging to the same network segment, and source VM is sent to source vSwitch Data packet, the data packet carry destination address, and the destination address specifically includes the TP addresses of purpose VM and purpose VM MAC Address.

It is understood that the TP addresses of active VM, the MAC Address of source VM are also carried in data packet.

Step 602, source Virtual switch send data packet to source controller.

Specifically, source vSwitch parses data packet, and the MAC Address of purpose VM, source vSwitch are obtained from data packet It searches and whether there is in the forwarding list of itself storage and the matched forwarding rule of target MAC (Media Access Control) address.When source vSwitch is not searched During to the forwarding rule for forwarding data packet, source vSwitch sends data packet to source controller.

Step 603, source controller send the first forwarding rule to source Virtual switch and source virtual protocol respectively.

Specifically, source controller receiving data bag, and source address, the TP addresses of purpose VM and mesh are obtained from data packet VM MAC Address, according to source address, the TP addresses of purpose VM and target MAC (Media Access Control) address, source controller determine source VM prepare with Purpose VM interacts communication.

According to the TP addresses of purpose VM, whether the TP addresses of source controller identifying purpose VM have been stored in address list； If the TP addresses of purpose VM are not stored in address list, source controller determines the purpose VM of the TP addresses instruction of purpose VM It is not in source data center.

Further, source controller determines that purpose VM and source VM belongs to the same network segment also according to the TP addresses of purpose VM.

If purpose VM is not in source data center, and purpose VM and source VM is in phase same network segment, then source controller according to The MAC Address of purpose VM and the TP addresses of purpose VM determine to forward the packet to the first forwarding of purpose virtual machine Rule.

In embodiments of the present invention, since data packet includes the MAC Address of purpose VM, then source controller is directly according to mesh The MAC Address of VM and the TP addresses of purpose VM determine forwarding data packet transmission path, according to transmission path, source controller Determine the first forwarding rule.

In embodiments of the present invention, forwarded by what source controller determined for forwarding the packet to the first of purpose VM Rule can make source vSwitch, source vProxy after data packet is received, and according to the first forwarding rule, forward the packet to mesh VM communicate so that source VM is interacted with purpose VM.

It is understood that first forwarding rule except the TP addresses of the MAC Address according to purpose VM and purpose VM into Outside row determines, source controller determines the first forwarding rule also according to other information together, and the other information specifically refers to source, mesh The port information of VM etc..

After source controller determines the first forwarding rule, source controller sends first to source vSwitch and source vProxy respectively Forwarding rule, the forwarding item that the first forwarding rule includes forwarding data packet (that is to say the encapsulation process rule to data packet With the transmission path of forwarding data packet).

Source vSwitch receives the first forwarding rule, and forwarding item is obtained from the first forwarding rule, and using item is forwarded, really Surely the transmission path of data packet is forwarded.Source vSwitch using forward item by data packet carry out VXLAN encapsulation (i.e. outside data packet Increase VXLAN frame heads portion, and outer layer source, purpose TP addresses and outer layer source, target MAC (Media Access Control) address filled in frame head portion) after Message, the VXLAN messages carry data packet.

TP addresses, the MAC Address of source VM of source VM is filled in the frame head portion；The TP addresses of purpose VM, the MAC of purpose VM Address.

Step 604, source virtual protocol receive the data packet that source Virtual switch is sent.

Step 605, source virtual protocol forward the packet to purpose virtual protocol.

Specifically, source vProxy obtains source address and destination address from data packet.Source vProxy determines that source VM prepares It interacts and communicates with the purpose VM of destination address instruction.Source vProxy is obtained according to destination address from the first forwarding rule Matched forwarding item (transmission path that is to say the encapsulation process rule and forwarding data packet to data packet).First forwarding Rule is used to forward the packet to the purpose VM of destination address instruction.

Further, using stored route forwarding table, source vProxy obtains the TP addresses of purpose vProxy, according to mesh VProxy TP addresses, source vProxy using first forwarding rule, purpose vProxy is forwarded the packet to, so that purpose VProxy forwards the packet to purpose VM.

Step 606, purpose virtual protocol send data packet to purpose controller.

Specifically, purpose vProxy is searched in the forwarding list stored with the presence or absence of matched with the MAC Address of purpose VM Forwarding rule.When not there is no forwarding rule matched with the MAC Address of purpose VM in the forwarding list of purpose vProxy storages, Purpose vProxy sends data packet to purpose controller.

Step 607, purpose controller send the second forwarding rule to purpose virtual protocol and purpose Virtual switch respectively.

Specifically, purpose controller receiving data bag obtains source address and destination address from data packet.According to source Location and destination address, purpose controller determine that the source VM in source data center prepares the purpose VM with destination address instruction Interact communication.Whether the purpose VM of purpose controller identification destination address instruction is in purpose data center.

According to the TP addresses of purpose VM, whether the TP addresses of purpose controller identifying purpose VM have been stored in address list In；If the TP addresses of purpose VM are stored in address list, purpose controller determines the mesh of the TP addresses instruction of purpose VM VM be in purpose data center.

Further, purpose controller determines that purpose VM and source VM belongs to the same network segment also according to the TP addresses of purpose VM.

If purpose VM is in purpose data center, and purpose VM and source VM is in phase same network segment, then according to purpose VM's MAC Address, purpose controller search whether there is the purpose vSwitch that connection is matched with purpose VM；If purpose controller is looked into The purpose vSwitch that connection is matched with purpose VM is found, then purpose controller is according to the MAC Address of purpose VM and purpose VM TP addresses determine the transmission path of forwarding data packet, and according to transmission path, purpose controller determines the second forwarding rule.

In embodiments of the present invention, second turn that is used to forward the packet to purpose VM determined by purpose controller Hair rule, can make purpose vSwitch, purpose vProxy after data packet is received, and according to the second forwarding rule, data packet is turned Purpose VM is sent to, is communicated so that source VM is interacted with purpose VM.

After purpose controller determines the second forwarding rule, then purpose controller is respectively to purpose vProxy and purpose VSwitch sends the second forwarding rule, and the forwarding item that the second forwarding rule includes forwarding data packet (that is to say to data packet Encapsulation process rule and forwarding data packet transmission path).It is understood that the second forwarding rule is except according to purpose VM MAC Address and the TP addresses of purpose VM be determined outer, purpose controller determines second turn together also according to other information Hair rule, the other information specifically refer to source, the port information etc. of purpose VM.

Step 608, purpose virtual protocol send data packet to purpose Virtual switch.

Specifically, purpose vProxy obtains forwarding item from the second forwarding rule, using item is forwarded, determines forwarding data packet Transmission path, to purpose vSwitch send data packet.

Further, by data packet progress VXLAN encapsulation, (encapsulation is i.e. by VXLAN using item is forwarded by purpose vProxy Outer layer source TP addresses set the TP addresses for purpose vProxy in frame head portion, and outer layer purpose TP addresses are set as purpose vSwitch TP addresses), the VXLAN messages after encapsulation are forwarded to purpose by the VXLAN messages after being encapsulated, purpose vProxy vSwitch。

It is understood that purpose vProxy is before VXLAN encapsulation is carried out, according to the target carried in data packet Location obtains the TP addresses of purpose vSwitch from forwarding item, using acquisition purpose vSwitch TP addresses to data packet into Row VXLAN is encapsulated.

Step 609, purpose Virtual switch send data packet to purpose virtual machine.

Specifically, purpose vSwitch obtains forwarding item from the second forwarding rule, using item is forwarded, is sent to purpose VM Data packet, purpose VM handle data packet accordingly, establish the communication link between the VM of source.

Further, purpose vSwitch obtains data packet from VXLAN messages, and purpose vSwitch is forwarded the packet to Purpose VM.

Optionally, the step of source VM obtains the MAC Address of purpose VM is further included before step 601 of the embodiment of the present invention, As shown in fig. 7, in embodiments of the present invention, the MAC Address of purpose VM is obtained by source VM, so that source VM can be initiated and mesh VM transmission packets, the step of interacting communication.It is as follows：

Step 701, source virtual machine send ARP request to source Virtual switch, and the ARP request is with including the IP of purpose VM Location.

Specifically, when source VM prepares to carry out communication interaction with the purpose VM for belonging to the same network segment, source VM is to source vSwitch ARP request is sent, the ARP request is used to obtain the MAC Address of purpose VM, and the ARP request includes the TP addresses of purpose VM.

It is understood that the ARP request further includes the TP addresses of source VM.

Step 702, source Virtual switch send the ARP request to source controller.

Specifically, after source vSwitch receives ARP request, the TP addresses of source VM and the TP of purpose VM are obtained from ARP Address, it is for obtaining the MAC Address of purpose VM to determine that source VM sends ARP request.

Whether source vSwitch according to the MAC of storage purpose VM in the TP address search Self address lists of source gateway Location.If not finding the MAC Address of purpose VM, source vSwitch sends ARP request to source controller.

Step 703, source controller send the 3rd forwarding rule to source Virtual switch and source virtual protocol respectively.

Specifically, source controller receives the ARP request that source vSwitch is sent.Source controller obtains source VM from ARP request TP addresses and purpose VM TP addresses, determine the MAC Address of source VM acquisition request purposes VM.

According to the TP addresses of purpose VM, source controller searches the TP addresses whether stored in address list with purpose VM The MAC Address matched somebody with somebody；If source controller does not find the MAC Address of purpose VM, source controller determines the mesh where purpose VM Data center.

Source controller is according to the TP addresses of purpose VM, the purpose data center of the TP address attributions of identifying purpose VM, and root The transmission path of forwarding ARP request is determined according to the purpose VM purpose data centers belonged to, according to transmission path, source controller determines 3rd forwarding rule.The forwarding item that the 3rd forwarding rule includes forwarding ARP request (that is to say at the encapsulation to ARP request The transmission path of reason rule and forwarding ARP request).

In embodiments of the present invention, the 3rd turn that is used to ARP request being forwarded to purpose VM determined by source controller Hair rule, can make source vSwitch, source vProxy after ARP request is received, and according to the 3rd forwarding rule, ARP request is forwarded To purpose VM, so that purpose VM feeds back arp response to source VM, the arp response includes the MAC Address of purpose VM, source VM After the MAC Address of purpose VM is obtained, the step of initiation with purpose VM transmission packets.

After source controller determines the 3rd forwarding rule, source controller sends the 3rd to source vSwitch and source vProxy respectively Forwarding rule.Source vSwitch and source vProxy receives the 3rd forwarding rule.

Source vSwitch receives the 3rd forwarding rule, and forwarding item is obtained from the 3rd forwarding rule, and using item is forwarded, really Surely the transmission path of ARP request is forwarded.

Further, ARP request is also carried out VXLAN encapsulation (i.e. in ARP request by source vSwitch using forwarding item Increase VXLAN frame heads portion, and outer layer source, purpose TP addresses and outer layer source, target MAC (Media Access Control) address filled in frame head portion) after Message, the VXLAN messages carry ARP request.

The TP addresses of source VM, the MAC Address of source VM, the TP addresses of purpose VM, the MAC of purpose VM are filled in the frame head portion Address is not filled with.

Step 704, source virtual protocol receive the ARP request that source Virtual switch is sent.

ARP request is forwarded to purpose virtual protocol by step 705, source virtual protocol.

Specifically, source vProxy obtains the TP addresses of source VM and the TP addresses of purpose VM from ARP request, determines source VM The MAC Address of acquisition request purpose VM.Source vProxy is obtained matched according to the TP addresses of purpose VM from the 3rd forwarding rule Forwarding item (transmission path that is to say the encapsulation process rule and forwarding ARP request to ARP request).

Further, using stored route forwarding table, source vProxy obtains the TP geology of purpose vProxy, according to mesh VProxy TP addresses, source vProxy using the 3rd forwarding rule, ARP request is forwarded to purpose vProxy, so that mesh VProxy ARP request is forwarded to purpose VM.

It is understood that source vProxy can also carry out ARP request when forwarding ARP request to purpose vProxy VXLAN is encapsulated, and (outer layer source TP addresses in VXLAN frame heads portion are arranged to the TP addresses of source vProxy, outer layer mesh by the encapsulation TP addresses TP addresses for purpose vProxy are set), the VXLAN messages after encapsulation are forwarded to purpose by source vProxy VProxy forwards the packet to purpose VM again by purpose vProxy.Wherein, by existing between source vProxy and purpose vProxy There is standard agreement, mutually obtain routing iinformation and the TP addresses of other side, and the TP addresses of the routing iinformation of acquisition and other side are deposited Storage is in route forwarding table.

Step 706, purpose virtual protocol send ARP request to purpose controller.

Specifically, purpose vProxy searches the use that whether there is in the forwarding list of storage with the TP address matchings of purpose VM In the forwarding rule of forwarding ARP request.When purpose vProxy is not found with the TP address matchings of purpose VM for forwarding ARP During the forwarding rule of request, purpose vProxy sends ARP request to purpose controller.

Step 707, purpose controller send the 4th forwarding rule to purpose virtual protocol and purpose Virtual switch respectively.

Specifically, purpose controller receives ARP request, and the TP addresses of source VM and purpose VM are obtained from ARP request TP addresses determine the MAC Address of source VM acquisition request purposes VM.According to the TP addresses of purpose VM, purpose controller identifying purpose Whether the TP addresses of VM have been stored in address list；If the TP addresses of purpose VM are stored in address list, purpose control Device processed determines that the purpose VM of the TP addresses instruction of purpose VM is in purpose data center.

If purpose VM is in purpose data center, according to the TP addresses of purpose VM, purpose controller searches whether to deposit The purpose vSwitch of connection is being matched with purpose VM；If purpose controller finds the purpose that connection is matched with purpose VM VSwitch, then purpose controller determine forwarding data packet transmission path, according to transmission path, purpose controller determines the 4th Forwarding rule.

In embodiments of the present invention, by purpose controller determine for ARP request to be forwarded to the 4th of purpose VM Forwarding rule, can make purpose vSwitch, purpose vProxy after ARP request is received, please by ARP according to the 4th forwarding rule It asks and is forwarded to purpose VM, so that purpose VM feeds back arp response to source VM, the arp response is with including the MAC of purpose VM Location, source VM is after the MAC Address of purpose VM is obtained, the step of initiation with purpose VM transmission packets.

After purpose controller determines the 4th forwarding rule, then purpose controller is respectively to purpose vProxy and purpose VSwitch sends the 4th forwarding rule, and (that is to say please to ARP for the regular forwarding item for including forwarding ARP request of the 4th forwarding The encapsulation process rule and the transmission path of forwarding ARP request asked).Purpose vProxy and purpose vSwitch receives the 4th forwarding Rule.

It should be noted that in embodiments of the present invention, purpose VM can be store in the address list of purpose controller MAC Address, but for the accuracy for ensureing the MAC Address of the purpose VM replied, purpose controller is in definite purpose VM After purpose data center, the purpose vSwitch for matching and linking with purpose VM is still searched, the 4th forwarding rule is determined, without that will deposit The MAC Address of the purpose VM of storage is fed back.

Step 708, purpose virtual protocol send ARP request to purpose Virtual switch.

Specifically, purpose vProxy obtains forwarding item from the 4th forwarding rule, using item is forwarded, determines that forwarding ARP please The transmission path asked sends ARP request to purpose vSwitch.

Further, by ARP request progress VXLAN encapsulation, (encapsulation is i.e. by VXLAN using item is forwarded by purpose vProxy Outer layer source TP addresses set the TP addresses for purpose vProxy in frame head portion, and outer layer purpose TP addresses are set as purpose vSwitch TP addresses), obtain VXLAN messages, the VXLAN messages after encapsulation are forwarded to purpose vSwitch by purpose vProxy.

It is understood that before VXLAN encapsulation is carried out, purpose vSwitch is obtained from forwarding item by purpose vProxy TP addresses, using acquisition purpose vSwitch TP addresses to data packet carry out VXLAN encapsulation.

Step 709, purpose Virtual switch send ARP request to purpose virtual machine.

Specifically, purpose vSwitch obtains forwarding item from the 4th forwarding rule, using item is forwarded, is sent to purpose VM ARP request, purpose VM handle ARP request accordingly.

Further, purpose vSwitch obtains ARP request from VXLAN messages, and purpose vSwitch is by ARP request message It is forwarded to purpose VM.

Step 710, purpose virtual machine carry out alignment processing to ARP request, and arp response is sent to source virtual machine.

Specifically, purpose VM receives ARP request, the TP addresses of source VM and the TP addresses of purpose VM is obtained from ARP, really It is for obtaining the MAC Address of purpose VM to determine source VM to send ARP request.

Purpose VM obtains the MAC Address of itself, and generates arp response, and the arp response includes the MAC Address of purpose VM.

Purpose VM sends arp response to purpose vSwitch, and purpose vSwitch receives arp response, and by arp response to mesh VProxy forwarding；Purpose vProxy receives arp response, and arp response is sent to source vProxy；Source vProxy receives arp response, Arp response is sent to source vSwitch, source vSwitch receives arp response, and sends arp response to source VM.

Source VM receives arp response, and therefrom obtains the MAC Address of source gateway, and prepares to carry out communication interaction with purpose VM.

Embodiment six

In embodiments of the present invention, the source, purpose VM are in different segment, and belong in different data centers. The controller that includes below in conjunction with source, purpose data center and each data center, vSwitch, VM, vProxy are to data packet Processing method be described in detail, as shown in figure 8, Fig. 8 is the place of another data packet that the embodiment of the present invention six provides Reason method signaling diagram.The embodiment specifically includes following steps：

Step 801, source virtual machine send data packet to source Virtual switch, and the data packet carries the data packet Destination address.

Specifically, source VM prepares to carry out communication interaction with the purpose VM for belonging to different segment, and source VM is sent to source vSwitch Data packet, the data packet carry destination address, the destination address specifically include purpose VM TP addresses and source it is virtual The MAC Address of gateway.

Step 802, source Virtual switch send the data packet to source controller.

Specifically, source vSwitch parses data packet, and the TP addresses of purpose VM are obtained from data packet, and source vSwitch is looked into The forwarding rule that whether there is with purpose TP address matchings is looked in the forwarding list itself stored.When source vSwitch is not found When forwarding the forwarding rule of data packet, source vSwitch sends data packet to source controller.

Step 803, source controller send the first forwarding rule to source Virtual switch and source virtual protocol respectively.

Specifically, source controller receiving data bag, and from data packet obtain source address, purpose VM TP addresses and with The MAC Address of source virtual gateway, according to the MAC Address of source address, the TP addresses of purpose VM and source virtual gateway, source controller Determine that source VM prepares purpose VM and interacts communication.

Further, source controller determines that purpose VM and source VM belongs to different segment also according to the TP addresses of purpose VM.

If purpose VM is not in source data center, and purpose VM and source VM is in different segment, then source controller according to The TP addresses of purpose VM obtain the MAC Address of purpose virtual gateway；According to the MAC Address of purpose virtual gateway and purpose VM TP addresses, source controller determine forwarding data packet transmission path, according to transmission path, source controller determine the first forwarding advise Then.

It is understood that the first forwarding rule is except the MAC Address according to purpose virtual gateway and the TP of purpose VM Outside address is determined, source controller determines the first forwarding rule also according to other information together, and the other information is specifically Finger source, the port information etc. of purpose VM.

In embodiments of the present invention, source controller preserve the virtual gateway of all network segments of virtual network TP addresses and Mac address information, also, virtual gateway can be realized by the software program loaded in the controller.

In embodiments of the present invention, source controller also carries the MAC Address of purpose virtual gateway in the first forwarding rule It is interior, so that the MAC that after data packet is received, the regular purpose virtual gateway carried is forwarded according to first by source vSwitch Location and the TP addresses of purpose virtual machine are packaged data packet processing, and the data packet after encapsulation is forwarded to source vProxy。

Source vSwitch receives the first forwarding rule, and forwarding item is obtained from the first forwarding rule, and using item is forwarded, really Surely the transmission path of data packet is forwarded.Source vSwitch using forward item by data packet carry out VXLAN encapsulation (i.e. outside data packet Increase VXLAN frame heads portion, and outer layer source, purpose TP addresses and outer layer source, target MAC (Media Access Control) address are filled in frame head portion, it will Outer layer source MAC is arranged to the MAC Address of source virtual gateway in VXLAN frame heads portion, for the purpose of outer layer target MAC (Media Access Control) address is set The MAC Address of virtual gateway) after message, the VXLAN messages carry data packet.

TP addresses, the MAC Address of source VM of source VM is also filled up in the frame head portion；The TP addresses of purpose VM.

Step 804, the source virtual protocol receive the data packet that source Virtual switch is sent.

The data packet is forwarded to purpose virtual protocol by step 805, the source virtual protocol.

Specifically, source vProxy obtains source address and destination address from data packet.Source controller determines that source VM prepares It interacts and communicates with the purpose VM of destination address instruction.Source vProxy is obtained according to destination address from the first forwarding rule Matched forwarding item (transmission path that is to say the encapsulation process rule and forwarding data packet to data packet).First forwarding Rule is used to forward the packet to the purpose VM of destination address instruction.

Step 806, the purpose virtual protocol send the data packet to purpose controller.

Specifically, purpose vProxy searches turn that whether there is in the forwarding list of storage with the TP address matchings of purpose VM Hair rule.When not there is no the forwarding rule with the TP address matchings of purpose VM in the forwarding list of purpose vProxy storages, mesh VProxy to purpose controller send data packet.

Step 807, the purpose controller send second to the purpose virtual protocol and purpose Virtual switch respectively Forwarding rule.

Further, purpose controller determines that purpose VM and source VM belongs to different segment also according to the TP addresses of purpose VM.

If purpose VM is in purpose data center, and purpose VM and source VM is in different segment, then according to purpose VM's TP addresses, purpose controller obtain the MAC Address of purpose VM；According to the MAC Address of purpose VM, purpose controller searches whether to deposit The purpose vSwitch of connection is being matched with purpose VM；If purpose controller finds the purpose that connection is matched with purpose VM VSwitch, then purpose controller is according to the MAC Address of the purpose virtual machine and the TP addresses of the purpose virtual machine, really Surely the transmission path of data packet is forwarded, according to transmission path, purpose controller determines the second forwarding rule.

After purpose controller determines the second forwarding rule, then purpose controller is respectively to purpose vProxy and purpose VSwitch sends the second forwarding rule, and the forwarding item that the second forwarding rule includes forwarding data packet (that is to say to data packet Encapsulation process rule and forwarding data packet transmission path).

It is understood that second forwarding rule except the TP addresses of the MAC Address according to purpose VM and purpose VM into Row determines outer, and purpose controller determines the second forwarding rule also according to other information together, the other information specifically refer to source, Port information of purpose VM etc..

Step 808, the purpose virtual protocol send the data packet to purpose Virtual switch.

Step 809, the purpose Virtual switch send the data packet to purpose virtual machine.

Optionally, the step of MAC Address of acquisition source virtual gateway is further included before step 801 of the embodiment of the present invention, As shown in figure 9, in embodiments of the present invention, the MAC Address of source virtual gateway is obtained by source VM, so that source VM can be initiated With purpose VM transmission packets, the step of interacting communication.It is as follows：

Step 901, source virtual machine send ARP request to source Virtual switch, and the ARP request includes source virtual gateway TP addresses.

Specifically, when source VM prepares to carry out communication interaction with the purpose VM for being not belonging to the same network segment, source VM is to source VSwitch sends ARP request, and the ARP request is used to obtain the MAC Address of source virtual gateway, and it is empty that the ARP request includes source Intend the TP addresses of gateway.

Step 902, source Virtual switch send the ARP request to source controller.

Specifically, after source vSwitch receives ARP request, the TP addresses of source gateway are obtained from ARP, determine that source VM is sent out It is for obtaining the MAC Address of source virtual gateway to send ARP request.

Whether source vSwitch according to storage source virtual gateway in the TP address search Self address lists of source virtual gateway MAC Address.If not finding the MAC Address of source virtual gateway, source vSwitch sends ARP request to source controller.

Step 903, source controller send arp response to source Virtual switch.

Specifically, source controller receives the ARP request that source vSwitch is sent.Source controller obtains source VM from ARP request TP addresses and source virtual gateway TP addresses, determine the MAC Address of source VM acquisition requests source virtual gateway.

According to the TP addresses of source virtual gateway, whether source controller is searched has stored and source virtual gateway in address list The MAC Address of the source virtual gateway of TP address matchings；If source controller finds the MAC Address of source virtual gateway, source control Device processed generates arp response, and the arp response includes the MAC Address of source virtual gateway.

Source controller sends arp response to source vSwitch.

Step 904, source Virtual switch send arp response to source virtual machine.

Specifically, source vSwitch receives the arp response that source controller is sent.Source vSwitch sends arp response to source VM, Source VM receives arp response, and therefrom obtains the MAC Address of source virtual gateway, and prepares to carry out communication interaction with purpose VM.

By the description of aforesaid plurality of embodiment, communication interaction is carried out between the virtual machine two-by-two in different data center When, it is forwarded to by the virtual protocol of respective data center, as shown in Figure 10, in Fig. 10, the transmission between each virtual machine Path is forwarded to by virtual protocol, reduces the complexity of network system, meanwhile, controller only manages data where itself The transmission path of virtual machine in center saves the process resource of controller, improves treatment effeciency of the controller to data packet.

Embodiment seven

Correspondingly, the embodiment of the present invention additionally provides a kind of processing unit of data packet, realizes that structure is as shown in figure 11, It is used to implement present invention one, embodiment five, the processing method of data packet in embodiment six.Described device is in In source data center.The source data center further includes source vSwitch, source VM and source vProxy.Described device includes following Unit：Receiving unit 1110, recognition unit 1120, determination unit 1130 and transmitting element 1140.

Receiving unit 1110, for receiving the data packet sent by source virtual machine of source Virtual switch forwarding, the number The destination address of the data packet is carried according to bag, the destination address includes the purpose virtual machine to communicate with the source virtual machine TP addresses；

Recognition unit 1120, for the TP addresses according to the purpose virtual machine, with identifying the TP of the purpose virtual machine Whether location has been stored in address list；

Determination unit 1130, if the TP addresses for the purpose virtual machine are not stored in described address list, The source controller determines that the purpose virtual machine is not in the source data center；

The determination unit 1130 is additionally operable to, and determines the data packet being forwarded to the first of the purpose virtual machine Forwarding rule；

Transmitting element 1140 is advised for sending first forwarding to the source Virtual switch and source virtual protocol respectively Then, so that the data packet is forwarded to the source Virtual Agent by the source Virtual switch using the described first forwarding rule The data packet is forwarded to institute by reason, the source virtual protocol using the described first regular and stored route forwarding table of forwarding State the purpose data center where purpose virtual machine；

The destination address for the data packet that the receiving unit 1110 receives is with further including the MAC of the purpose virtual machine Location；

The determination unit 1130 is specifically used for, if the purpose virtual machine is not in the source data center, and institute It states purpose virtual machine and is in phase same network segment with the source virtual machine, then according to the MAC Address of the purpose virtual machine and described The TP addresses of purpose virtual machine determine the transmission path of the forwarding data packet；

The receiving unit 1110 is additionally operable to, and receives being sent by the source virtual machine for source Virtual switch forwarding ARP request, the ARP request are used to obtain the MAC Address of the purpose virtual machine, and it is empty that the ARP request includes the purpose The TP addresses of plan machine；

Described device further includes：First searching unit 1150 for the TP addresses according to the purpose virtual machine, searches institute State the MAC Address whether stored in address list with the purpose virtual machine of the TP address matchings of the purpose virtual machine；

The determination unit 1130 is additionally operable to, if not finding the MAC Address of the purpose virtual machine, it is determined that be used for The ARP request is forwarded to the second forwarding rule of the purpose virtual machine；

The transmitting element 1140 is additionally operable to, and sends second to the source Virtual switch and the source virtual protocol respectively Forwarding rule, so that the ARP request is forwarded to the source by the source Virtual switch using the described second forwarding rule Virtual protocol, the source virtual protocol forward regular and stored route forwarding table by the ARP request using described second The purpose data center is forwarded to, and the arp response that the purpose virtual machine received is sent is virtual by the source Exchanger is sent to the source virtual machine, and the arp response includes the MAC Address of the purpose virtual machine.

The determination unit 1130 is specifically used for, if the purpose virtual machine is not in the source data center, and institute It states purpose virtual machine and is in different segment with the source virtual machine, then according to the TP addresses of the purpose virtual machine, obtain purpose The MAC Address of virtual gateway；

The destination address for the data packet that the receiving unit 1110 receives further includes the MAC Address of source virtual gateway；

Described device further includes：Processing unit 1160, for carrying the MAC Address of the purpose virtual gateway described In first forwarding rule, so that the source Virtual switch is regular using the described first forwarding, by the MAC of the source gateway The MAC Address of location and the purpose gateway is encapsulated in the data packet, and the data packet after encapsulation is forwarded to institute State source virtual protocol.

The receiving unit 1110 is additionally operable to, and receives being sent by the source virtual machine for source Virtual switch forwarding ARP request, the ARP request are used to obtain the MAC Address of the source virtual gateway, and it is virtual that the ARP request includes the source The TP addresses of gateway；

Described device further includes：Second searching unit 1170 for the TP addresses according to the source virtual gateway, searches institute State the MAC Address whether stored in address list with the source virtual gateway of the TP address matchings；

The transmitting element 1140 is additionally operable to, if finding the MAC Address of the source virtual gateway, passes through the source Virtual switch sends arp response to the source virtual machine, and the arp response includes the MAC Address of the source virtual gateway.

Therefore, by the processing unit of application data packet provided in an embodiment of the present invention, described device according to destination address, Whether identifying purpose virtual machine is in source data center, when purpose virtual machine for when being not at source data center, described device is true It is fixed regular for forwarding the packet to the first of purpose virtual machine the forwarding, and get a haircut to source Virtual switch and source Virtual Agent Send the first forwarding regular, so that source Virtual switch forwards the packet to source virtual protocol, source using the first forwarding rule Virtual protocol forwards the packet to the mesh where purpose virtual machine using the first regular and stored route forwarding table of forwarding Data center.The controller for solving each data center in the prior art carries out bulk information to share synchronization across WAN, increases Controller processing load wastes the process resource of controller, reduces the problem of controller is to the treatment effeciency of data packet, realizes The interconnection of virtual network between multiple data centers, reduces controller processing load, saves the process resource of control, improve Controller is to the treatment effeciency of data packet.

Embodiment eight

Correspondingly, the embodiment of the present invention additionally provides a kind of processing unit of data packet, realizes that structure is as shown in figure 12, It is used to implement present invention two, embodiment five, the processing method of data packet in embodiment six.Described device is in In purpose data center.The purpose data center further includes purpose vSwitch, source VM and source vProxy.Described device bag It includes with lower unit：Receiving unit 1210, recognition unit 1220, determination unit 1230 and transmitting element 1240.

Receiving unit 1210, it is described for receiving the data packet sent by source virtual protocol of purpose virtual protocol forwarding Data packet carries the destination address of the data packet, and the destination address includes the TP addresses of purpose virtual machine；

Recognition unit 1220, for the TP addresses according to the purpose virtual machine, with identifying the TP of the purpose virtual machine Whether location has been stored in address list；

Determination unit 1230, if the TP addresses for the purpose virtual machine are stored in described address list, really The fixed purpose virtual machine is in the purpose data center；

The determination unit 1230 is additionally operable to, and determines the data packet being forwarded to the first of the purpose virtual machine Forwarding rule；

Transmitting element 1240 is advised for sending the first forwarding to the purpose virtual protocol and purpose Virtual switch respectively Then, so that the data packet is forwarded to the purpose and is virtually handed over by the purpose virtual protocol using the described first forwarding rule The data packet is forwarded to the purpose virtual machine by parallel operation, the purpose Virtual switch using the described first forwarding rule；

The destination address for the data packet that the receiving unit 1210 receives is with further including the MAC of the purpose virtual machine Location；

The determination unit 1230 is specifically used for, if the purpose virtual machine is in the purpose data center, and institute It states purpose virtual machine and is in phase same network segment with the source virtual machine, then according to the MAC Address of the purpose virtual machine, search whether In the presence of the purpose Virtual switch that connection is matched with the purpose virtual machine；

The receiving unit 1210 is additionally operable to, and receives being sent by the source virtual protocol for the purpose virtual protocol forwarding ARP request, the ARP request is used to obtain the MAC Address of the purpose virtual machine, and the ARP request includes the purpose The TP addresses of virtual machine；

The determination unit 1230 is additionally operable to, according to the TP addresses of the purpose virtual machine, search whether to exist with it is described The purpose Virtual switch of purpose virtual machine matching connection；

The transmitting element 1240 is additionally operable to, and is sent respectively to the purpose virtual protocol and the purpose Virtual switch The second forwarding rule, so that the purpose virtual protocol is forwarded the ARP request using the described second forwarding rule To the purpose Virtual switch, the purpose Virtual switch is forwarded the ARP request using the described second forwarding rule To the purpose virtual machine, and the arp response that the purpose virtual machine is sent is received, and by the purpose virtual protocol to institute It states source virtual protocol and sends the arp response, the arp response includes the MAC Address of the purpose virtual machine.

The determination unit 1230 is specifically used for, if the purpose virtual machine is in purpose data center, and the mesh Virtual machine and the source virtual machine be in different segment, then according to the TP addresses of the purpose virtual machine, obtain the purpose The MAC Address of virtual machine；

Therefore, by the processing unit of application data packet provided in an embodiment of the present invention, it is virtual that described device receives purpose The data packet that agency, source virtual protocol are sent, according to destination address, whether identifying purpose virtual machine is in purpose data center, When purpose virtual machine is in purpose data center, described device determines to forward the packet to the of purpose virtual machine One forwarding rule, and the first forwarding rule is sent to purpose Virtual switch and purpose virtual protocol, so that purpose is virtual Agency forwards the packet to purpose Virtual switch using the first forwarding rule, and purpose Virtual switch is advised using the first forwarding Then forward the packet to purpose virtual machine.Solve the controller of each data center in the prior art by bulk information carry out across WAN shares synchronization, increases controller processing load, wastes the process resource of controller, reduce place of the controller to data packet The problem of managing efficiency realizes the interconnection of virtual network between multiple data centers, reduces controller processing load, saves control Process resource, improve treatment effeciency of the controller to data packet.

Embodiment nine

Correspondingly, the embodiment of the present invention additionally provides a kind of processing unit of data packet, realizes that structure is as shown in figure 13, It is used to implement present invention three, embodiment five, the processing method of data packet in embodiment six.Described device is in In source data center.The source data center further includes source vSwitch, source VM and source controller.Described device includes following Unit：Receiving unit 1310 and transmitting element 1320.

Receiving unit 1310, for receiving the data packet that source Virtual switch is sent, the data packet carries the number According to the destination address of bag；

The receiving unit 1310 is additionally operable to, and receives the first forwarding rule that source controller is sent, the first forwarding rule Then it is used to the data packet being forwarded to the purpose virtual machine of the destination address instruction；

Transmitting element 1320 for the destination address according to the data packet, using the described first forwarding rule and has been deposited The data packet is forwarded to purpose virtual protocol by the route forwarding table of storage, so that the purpose virtual protocol is by the number The purpose virtual machine is forwarded to according to bag；

Wherein, the processing unit of the data packet, the source Virtual switch and the source controller are in source number together According to center, the purpose virtual protocol and the purpose virtual machine are in purpose data center together.

When the destination address for the data packet that the receiving unit receives includes the MAC Address of the purpose virtual machine When, the receiving unit 1310 is additionally operable to,

The second forwarding rule that the source controller is sent is received, described second forwards rule for forwarding ARP request；

The ARP request that the source Virtual switch is sent is received, the ARP request is used to obtain the purpose virtual machine MAC Address, the ARP request include the TP addresses of the purpose virtual machine；

The transmitting element 1320 is additionally operable to, and according to the TP addresses of the purpose virtual machine, is advised using the described second forwarding The ARP request is then forwarded to the purpose virtual protocol with the route forwarding table, so that the purpose virtual protocol The ARP request is forwarded to the purpose virtual machine；

The receiving unit 1310 is additionally operable to, and receives being sent by the purpose virtual machine for the purpose virtual protocol forwarding Arp response, the arp response includes the MAC Address of the purpose virtual machine；

The transmitting element 1320 is additionally operable to, and the arp response is sent to source virtual machine by the source Virtual switch；

Wherein, the source virtual machine is in the source data center.

The transmitting element 1320 is specifically used for, and utilizes the route forwarding table, the TP addresses of acquisition purpose virtual protocol；

According to the TP addresses of the purpose virtual protocol, using the described first forwarding rule, the data packet is forwarded to The purpose virtual protocol, so that the data packet is forwarded to the purpose virtual machine by the purpose virtual protocol.

According to the TP addresses of the purpose virtual protocol, using the described second forwarding rule, the ARP request is forwarded to The purpose virtual protocol, so that the ARP request is forwarded to the purpose virtual machine by the purpose virtual protocol.

Therefore, by the processing unit of application data packet provided in an embodiment of the present invention, described device receives source and virtually hands over The data packet that parallel operation is sent according to destination address, obtains matched forwarding item, and utilizes and forward item and stored routing forwarding Table forwards the packet to purpose virtual protocol, realizes across WAN transmission, establishes the biography between the virtual machine at different data center Transmission link, the controller for solving each data center in the prior art carry out bulk information to share synchronization across WAN, increase control Device processing load wastes the process resource of controller, reduces the problem of controller is to the treatment effeciency of data packet, realizes more The interconnection of virtual network between a data center reduces controller processing load, saves the process resource of control, improve control Device is to the treatment effeciency of data packet.

Embodiment ten

Correspondingly, the embodiment of the present invention additionally provides a kind of processing unit of data packet, realizes that structure is as shown in figure 14, It is used to implement present invention four, embodiment five, the processing method of data packet in embodiment six.Described device is in In purpose data center.The purpose data center further includes purpose vSwitch, purpose VM and purpose controller.The dress It puts including with lower unit：Receiving unit 1410 and transmitting element 1420.

Receiving unit 1410, for receiving the data packet that source virtual protocol is sent, the data packet carries the data The destination address of bag；

Transmitting element 1420, for when not finding forwarding rule matched with the destination address, being controlled to purpose Device sends the data packet；

The receiving unit 1410 is additionally operable to, and receives the first forwarding rule that the purpose controller is sent, and described first Forwarding rule is used to the data packet being forwarded to the purpose virtual machine of the destination address instruction；

The transmitting element 1420 is additionally operable to, using the described first forwarding rule, by purpose Virtual switch to described Purpose virtual machine sends the data packet；

Wherein, the source virtual protocol is in source data center, the purpose controller, the purpose Virtual switch, The processing unit of the data packet and the purpose virtual machine are in purpose data center together.

When the destination address of the data packet includes the MAC Address of the purpose virtual machine, the receiving unit 1410 It is additionally operable to, receives the ARP request that the source virtual protocol is sent, the ARP request is used to obtain the MAC of the purpose virtual machine Address, the ARP request include the TP addresses of the purpose virtual machine；

The transmitting element 1420 is additionally operable to, and is advised when not finding with the forwarding of the TP address matchings of the purpose virtual machine When then, the ARP request is sent to the purpose controller；

The receiving unit 1410 is additionally operable to, and receives the second forwarding rule that the purpose controller is sent, and described second Forwarding rule is used for the purpose virtual machine that the ARP request is forwarded to the TP addresses of the purpose virtual machine and is indicated；

The transmitting element 1420 is additionally operable to, using the described second forwarding rule, by purpose Virtual switch to described Purpose virtual machine sends the ARP request；

The receiving unit 1410 is additionally operable to, and receives being sent out by the purpose virtual machine for the purpose Virtual switch forwarding The arp response sent, the arp response include the MAC Address of the purpose virtual machine；

The transmitting element 1420 is additionally operable to, and the arp response is sent to the source virtual protocol.

The transmitting element 1420 is specifically used for, and is virtually handed over using purpose described in first/second forwarding Rule The TP addresses of parallel operation；

According to the TP addresses of the purpose Virtual switch, the data packet/ARP request is forwarded to the purpose Virtual switch, so that the purpose Virtual switch sends the number according to the destination address to the purpose virtual machine According to bag/ARP request.

Therefore, by the processing unit of application data packet provided in an embodiment of the present invention, described device receives source Virtual Agent The data packet that haircut is sent according to destination address, obtains the first forwarding rule that purpose controller is sent, and the first forwarding is utilized to advise Then, purpose virtual machine is forwarded the packet to by purpose Virtual switch, realizes across WAN transmission, establish different data center Virtual machine between transmission link, solve the controller of each data center in the prior art and carry out bulk information across WAN It is shared synchronous, increase controller processing load, waste the process resource of controller, reduce controller and the processing of data packet is imitated The problem of rate, realizes the interconnection of virtual network between multiple data centers, reduces controller processing load, saves the place of control Resource is managed, improves treatment effeciency of the controller to data packet.

Embodiment 11

In addition, the realization method that the processing unit for the data packet that the embodiment of the present invention seven provides can also use is as follows, use To realize the processing method of the data packet in the foregoing embodiment of the present invention, described device is in source data center, the source data Center further includes source vSwitch, source VM and source vProxy.As shown in figure 15, the processing unit of the data packet includes：Network Interface 1510, processor 1520 and memory 1530.System bus 1540 is used to connect network interface 1510,1520 and of processor Memory 1530.

Network interface 1510 is used to interact and communicate with source vSwitch, source vProxy.

Memory 1530 can be permanent memory, such as hard disk drive and flash memory, memory 1530 should for storing With program, the application program includes can be used for processor 1520 is made to access and perform such as giving an order：

The data packet sent by source virtual machine of reception source Virtual switch forwarding, the data packet carry the data The destination address of bag, the destination address include the TP addresses of the purpose virtual machine to communicate with the source virtual machine；

According to the TP addresses of the purpose virtual machine, identify whether the TP addresses of the purpose virtual machine have been stored in address In list；

It determines for the data packet to be forwarded to the first forwarding rule of the purpose virtual machine；

The first forwarding rule is sent to the source Virtual switch and source virtual protocol respectively, so that the source is empty Intend exchanger and the data packet is forwarded to the source virtual protocol, the source virtual protocol profit using the described first forwarding rule The data packet is forwarded to where the purpose virtual machine with the described first forwarding regular and stored route forwarding table Purpose data center.

Specifically, the processing unit of data packet performs above-described embodiment one, embodiment five and reality also according to described instruction The processing method of the data packet described in example six is applied, specific details are not described herein.

Embodiment 12

In addition, the realization method that the processing unit for the data packet that the embodiment of the present invention eight provides can also use is as follows, use To realize the processing method of the data packet in the foregoing embodiment of the present invention, described device is in purpose data center, the purpose Data center further includes purpose vSwitch, purpose VM and purpose vProxy.As shown in figure 16, the processing dress of the data packet Put including：Network interface 1610, processor 1620 and memory 1630.System bus 1640 for connect network interface 1610, Processor 1620 and memory 1630.

Network interface 1610 is used to interact and communicate with purpose vSwitch, purpose vProxy.

Memory 1630 can be permanent memory, such as hard disk drive and flash memory, memory 1630 should for storing With program, the application program includes can be used for processor 1620 is made to access and perform such as giving an order：

The data packet sent by source virtual protocol of purpose virtual protocol forwarding is received, the data packet carries the number According to the destination address of bag, the destination address includes the TP addresses of purpose virtual machine；

The first forwarding rule is sent to the purpose virtual protocol and purpose Virtual switch respectively, so that the purpose The data packet is forwarded to the purpose Virtual switch by virtual protocol using the described first forwarding rule, and the purpose is virtual The data packet is forwarded to the purpose virtual machine by exchanger using the described first forwarding rule.

Specifically, the processing unit of data packet performs above-described embodiment two, embodiment five and reality also according to described instruction The processing method of the data packet described in example six is applied, specific details are not described herein.

Embodiment 13

In addition, the realization method that the processing unit for the data packet that the embodiment of the present invention nine provides can also use is as follows, use To realize the processing method of the data packet in the foregoing embodiment of the present invention, described device is in source data center, the source data Center further includes source vSwitch, source VM and source controller.As shown in figure 17, the processing unit of the data packet includes：Network Interface 1710, processor 1720 and memory 1730.System bus 1740 is used to connect network interface 1710,1720 and of processor Memory 1730.

Network interface 1710 is used to interact and communicate with source vSwitch, source controller and purpose data center.

Memory 1730 can be permanent memory, such as hard disk drive and flash memory, memory 1730 should for storing With program, the application program includes can be used for processor 1720 is made to access and perform such as giving an order：

The data packet that reception source Virtual switch is sent, the data packet carry the destination address of the data packet；

The source virtual protocol receives the first forwarding rule that source controller is sent, and the first forwarding rule is used for institute State the purpose virtual machine that data packet is forwarded to the destination address instruction；

According to the destination address of the data packet, the source virtual protocol is regular and stored using the described first forwarding The data packet is forwarded to purpose virtual protocol by route forwarding table, so that the purpose virtual protocol is by the data packet It is forwarded to the purpose virtual machine.

Specifically, the processing unit of data packet performs above-described embodiment three, embodiment five and reality also according to described instruction The processing method of the data packet described in example six is applied, specific details are not described herein.

Embodiment 14

In addition, the realization method that the processing unit for the data packet that the embodiment of the present invention ten provides can also use is as follows, use To realize the processing method of the data packet in the foregoing embodiment of the present invention, described device is in purpose data center, the purpose Data center further includes source vSwitch, source VM and purpose controller.As shown in figure 18, the processing unit bag of the data packet It includes：Network interface 1810, processor 1820 and memory 1830.System bus 1840 is used to connect network interface 1810, processing Device 1820 and memory 1830.

Network interface 1810 is used to interact and communicate with purpose vSwitch, purpose controller and purpose data center.

Memory 1830 can be permanent memory, such as hard disk drive and flash memory, memory 1830 should for storing With program, the application program includes can be used for processor 1820 is made to access and perform such as giving an order：

Purpose virtual protocol receives the data packet that source virtual protocol is sent, and the data packet carries the mesh of the data packet Mark address；

When the purpose virtual protocol does not find forwarding rule matched with the destination address, the purpose is virtual It acts on behalf of to purpose controller and sends the data packet；

The purpose virtual protocol receives the first forwarding rule that the purpose controller is sent, the first forwarding rule For the data packet to be forwarded to the purpose virtual machine of the destination address instruction；

Using the described first forwarding rule, the purpose virtual protocol is virtual to the purpose by purpose Virtual switch Machine sends the data packet.

Embodiment 15

Correspondingly, the embodiment of the present invention 15 additionally provides a kind of processing system of data packet, as shown in figure 19, the system System includes the first data center and the second data center, and the first data center includes the embodiment of the present invention seven and the present invention is real The processing unit of the data packet of the offer of example nine is applied, the second data center includes the embodiment of the present invention eight and the embodiment of the present invention ten The processing unit of the data packet of offer；

Alternatively, first data center includes：What the embodiment of the present invention 11 and the embodiment of the present invention 13 provided The processing unit of data packet, the second data center include the number that the embodiment of the present invention 12 and the embodiment of the present invention 14 provide According to the processing unit of bag.

Further, the system also includes：Access switch；

Further, the system also includes：Core switch.

Aforesaid plurality of embodiment is no longer multiple herein the course of work for each device that data center includes is described in detail It states.

It should be noted that in actual networking, it can also be in the access switch of the first data center virtual protocol access Communication tunnel is established between the access switch accessed with second data center's virtual protocol so that logical between virtual protocol Letter, the data packet between VM, message carry out the forwarding of data packet, message by communication tunnel, and no longer by core switch, Router, WAN carry out the forwarding of data packet, message, save transmission path.The communication tunnel is specially that multiprotocol label is handed over Change -- Virtual Private Network (Multi-Protocol Label Switching--Virtual Private Network, letter Claim：MPLS VPN).

Professional should further appreciate that, be described with reference to the embodiments described herein each exemplary Unit and algorithm steps can be realized with the combination of electronic hardware, computer software or the two, hard in order to clearly demonstrate The interchangeability of part and software generally describes each exemplary composition and step according to function in the above description. These functions are performed actually with hardware or software mode, specific application and design constraint depending on technical solution. Professional technician can realize described function to each specific application using distinct methods, but this realization It is it is not considered that beyond the scope of this invention.

The step of method or algorithm for being described with reference to the embodiments described herein, can use hardware, processor to perform The combination of software module or the two is implemented.Software module can be placed in random access memory (RAM), memory, read-only memory (ROM), electrically programmable ROM, electrically erasable ROM, register, hard disk, moveable magnetic disc, CD-ROM or technical field In any other form of storage medium well known to interior.

Above-described specific embodiment has carried out the purpose of the present invention, technical solution and advantageous effect further It is described in detail, it should be understood that the foregoing is merely the specific embodiments of the present invention, is not intended to limit the present invention Protection domain, within the spirit and principles of the invention, any modification, equivalent substitution, improvement and etc. done should all include Within protection scope of the present invention.

Claims

1. a kind of processing method of data packet, which is characterized in that the described method includes：

Source controller receives the data packet sent by source virtual machine of source Virtual switch forwarding, and the data packet carries described The destination address of data packet, the destination address include the IP address of the purpose virtual machine to communicate with the source virtual machine；

According to the IP address of the purpose virtual machine, the source controller identifies whether the IP address of the purpose virtual machine has deposited Storage is in address list；

If the IP address of the purpose virtual machine is not stored in described address list, the source controller determines the mesh Virtual machine be not in source data center；

The source controller sends the first forwarding rule to the source Virtual switch and source virtual protocol respectively, so that The data packet is forwarded to the source virtual protocol by the source Virtual switch using the described first forwarding rule, and the source is empty Intending agency, using the described first forwarding regular and stored route forwarding table the data packet to be forwarded to the purpose virtual Purpose data center where machine；

Wherein, the source controller, the source Virtual switch, the source virtual machine and the source virtual protocol are in institute together State source data center；

Wherein, the destination address further includes the MAC Address of the purpose virtual machine；

The source controller determines for the data packet to be forwarded to the first specific bag of forwarding rule of the purpose virtual machine It includes：

If the purpose virtual machine is not in the source data center, and the purpose virtual machine is in the source virtual machine The same network segment, then the source controller is according to the MAC Address of the purpose virtual machine and the IP address of the purpose virtual machine, Determine the transmission path of the forwarding data packet；

According to the transmission path, the source controller determines the data packet being forwarded to the of the purpose virtual machine One forwarding rule.

2. the processing method of data packet according to claim 1, which is characterized in that the source controller receives source and virtually hands over It is further included before the data packet sent by source virtual machine of parallel operation forwarding：

The source controller receives the ARP request sent by the source virtual machine of the source Virtual switch forwarding, the ARP For obtaining the MAC Address of the purpose virtual machine, the ARP request includes the IP address of the purpose virtual machine for request；

According to the IP address of the purpose virtual machine, the source controller search whether stored in described address list with it is described The MAC Address of the matched purpose virtual machine of IP address of purpose virtual machine；

If the source controller does not find the MAC Address of the purpose virtual machine, the source controller determines to be used to incite somebody to action The ARP request is forwarded to the second forwarding rule of the purpose virtual machine；

The source controller sends the second forwarding rule to the source Virtual switch and the source virtual protocol respectively, so that The ARP request is forwarded to the source virtual protocol, the source by the source Virtual switch using the described second forwarding rule The ARP request is forwarded to the purpose number by virtual protocol using the described second regular and stored route forwarding table of forwarding According to center, and the arp response that the purpose virtual machine received is sent is empty to the source by the source Virtual switch Plan machine is sent, and the arp response includes the MAC Address of the purpose virtual machine.

3. the processing method of data packet according to claim 1, which is characterized in that source controller determines to be used for The first forwarding rule that the data packet is forwarded to the purpose virtual machine specifically includes：

If the purpose virtual machine is not in the source data center, and the purpose virtual machine is in the source virtual machine Different segment, then the source controller is according to the IP address of the purpose virtual machine, the MAC Address of acquisition purpose virtual gateway；

According to the IP address of the MAC Address of the purpose virtual gateway and the purpose virtual machine, the source controller determines Forward the transmission path of the data packet；

4. the processing method of data packet according to claim 3, which is characterized in that it is virtual that the destination address further includes source The MAC Address of gateway；The source controller sends first forwarding to the source Virtual switch and source virtual protocol respectively It is further included before rule：

The source controller carries the MAC Address of the purpose virtual gateway in the described first forwarding rule, so that institute Source Virtual switch is stated using the described first forwarding rule, by the MAC Address of source virtual gateway and the purpose virtual gateway MAC Address be encapsulated in the data packet, and the data packet after encapsulation is forwarded to the source virtual protocol.

5. the processing method of data packet according to claim 4, which is characterized in that the source controller receives source and virtually hands over It is further included before the data packet sent by source virtual machine of parallel operation forwarding：

The source controller receives the ARP request sent by the source virtual machine of the source Virtual switch forwarding, the ARP For obtaining the MAC Address of the source virtual gateway, the ARP request includes the IP address of the source virtual gateway for request；

According to the IP address of the source virtual gateway, the source controller search whether stored in described address list with it is described The MAC Address of the matched source virtual gateway of IP address；

If the source controller finds the MAC Address of the source virtual gateway, the source controller is empty by the source Intend exchanger and send arp response to the source virtual machine, the arp response includes the MAC Address of the source virtual gateway.

6. a kind of processing method of data packet, which is characterized in that the described method includes：

Purpose controller receives the data packet sent by source virtual protocol of purpose virtual protocol forwarding, and the data packet carries The destination address of the data packet, the destination address include the IP address of purpose virtual machine；

According to the IP address of the purpose virtual machine, whether the purpose controller identifies the IP address of the purpose virtual machine It is stored in address list；

If the IP address of the purpose virtual machine is stored in described address list, the purpose controller determines the mesh Virtual machine be in the purpose data center；

The purpose controller sends the first forwarding rule to the purpose virtual protocol and purpose Virtual switch respectively, so that It obtains the purpose virtual protocol and the data packet is forwarded to the purpose Virtual switch, institute using the described first forwarding rule It states purpose Virtual switch and the data packet is forwarded to the purpose virtual machine using the described first forwarding rule；

Wherein, the purpose controller, the purpose virtual protocol and the purpose Virtual switch are in purpose data The heart, the source virtual protocol are in source data center；

The purpose controller determines for the data packet to be forwarded to the first forwarding rule of the purpose virtual machine It specifically includes：

If the purpose virtual machine is in the purpose data center, and the purpose virtual machine is in the source virtual machine Phase same network segment, then according to the MAC Address of the purpose virtual machine, the purpose controller searches whether to exist empty with the purpose The purpose Virtual switch of plan machine matching connection；

If the purpose controller finds the purpose Virtual switch that connection is matched with the purpose virtual machine, institute Purpose controller is stated according to the MAC Address of the purpose virtual gateway and the IP address of the purpose virtual machine, determines forwarding The transmission path of the data packet；

According to the transmission path, the purpose controller determines the data packet being forwarded to the purpose virtual machine First forwarding rule.

7. the processing method of data packet according to claim 6, which is characterized in that it is empty that the purpose controller receives purpose Intend further including before the data packet sent by source virtual protocol of agency's forwarding：

The purpose controller receives the ARP request sent by the source virtual protocol of the purpose virtual protocol forwarding, institute ARP request is stated for obtaining the MAC Address of the purpose virtual machine, the ARP request is with including the IP of the purpose virtual machine Location；

According to the IP address of the purpose virtual machine, the purpose controller is searched whether to exist and matched with the purpose virtual machine The purpose Virtual switch of connection；

If the purpose controller finds the purpose Virtual switch that connection is matched with the purpose virtual machine, institute Purpose controller is stated to determine for the ARP request to be forwarded to the second forwarding rule of the purpose virtual machine；

The purpose controller sends second forwarding to the purpose virtual protocol and the purpose Virtual switch respectively Rule, so that the ARP request is forwarded to the purpose void by the purpose virtual protocol using the described second forwarding rule Intend exchanger, the ARP request is forwarded to the purpose void by the purpose Virtual switch using the described second forwarding rule Plan machine, and receive the arp response that the purpose virtual machine is sent, and by the purpose virtual protocol to the source virtual protocol The arp response is sent, the arp response includes the MAC Address of the purpose virtual machine.

8. the processing method of data packet according to claim 6, which is characterized in that the purpose controller determines to use It is specifically included in the first forwarding rule that the data packet is forwarded to the purpose virtual machine：

If the purpose virtual machine is in purpose data center, and the purpose virtual machine is in different from the source virtual machine The network segment, then according to the IP address of the purpose virtual machine, the purpose controller obtains the MAC Address of the purpose virtual machine；

According to the MAC Address of the purpose virtual machine, the purpose controller searches whether exist and the purpose virtual machine The purpose Virtual switch with connection；

If the purpose controller finds the purpose Virtual switch for matching and linking with the purpose virtual machine, institute Purpose controller is stated according to the MAC Address of the purpose virtual machine and the IP address of the purpose virtual machine, determines forwarding institute State the transmission path of data packet；

9. a kind of processing unit of data packet, which is characterized in that described device includes：

Receiving unit, for receiving the data packet sent by source virtual machine of source Virtual switch forwarding, the data packet carries There is the destination address of the data packet, the destination address is with including the IP of the purpose virtual machine to communicate with the source virtual machine Location；

Whether recognition unit for the IP address according to the purpose virtual machine, identifies the IP address of the purpose virtual machine It is stored in address list；

Determination unit, if the IP address for the purpose virtual machine is not stored in described address list, it is determined that described Purpose virtual machine is not in source data center；

The determination unit is additionally operable to, and determines that the first forwarding for the data packet to be forwarded to the purpose virtual machine is advised Then；

Transmitting element, for sending the first forwarding rule to the source Virtual switch and source virtual protocol respectively, so that It obtains the source Virtual switch and the data packet is forwarded to the source virtual protocol, the source using the described first forwarding rule The data packet is forwarded to the purpose void by virtual protocol using the described first regular and stored route forwarding table of forwarding Purpose data center where plan machine；

Wherein, the processing unit of the data packet, the source Virtual switch, the source virtual machine and the source virtual protocol It is in the source data center together；

Wherein, the destination address for the data packet that the receiving unit receives further includes the MAC Address of the purpose virtual machine；

The determination unit is specifically used for, if the purpose virtual machine is not in the source data center, and the purpose is empty Plan machine is in the same network segment with the source virtual machine, then virtual according to the MAC Address of the purpose virtual machine and the purpose The IP address of machine determines the transmission path of the forwarding data packet；

According to the transmission path, determine for the data packet to be forwarded to the first forwarding rule of the purpose virtual machine.

10. the processing unit of data packet according to claim 9, which is characterized in that the receiving unit is additionally operable to, and is received The ARP request sent by the source virtual machine of the source Virtual switch forwarding, the ARP request are used to obtain the purpose The MAC Address of virtual machine, the ARP request include the IP address of the purpose virtual machine；

Described device further includes：First searching unit for the IP address according to the purpose virtual machine, searches described address row Whether MAC Address with the IP address of the purpose virtual machine matched purpose virtual machine has been stored in table；

The determination unit is additionally operable to, if not finding the MAC Address of the purpose virtual machine, it is determined that for by described in ARP request is forwarded to the second forwarding rule of the purpose virtual machine；

The transmitting element is additionally operable to, and sending the second forwarding to the source Virtual switch and the source virtual protocol respectively advises Then, so that the ARP request is forwarded to the source Virtual Agent by the source Virtual switch using the described second forwarding rule The ARP request is forwarded to by reason, the source virtual protocol using the described second regular and stored route forwarding table of forwarding The purpose data center, and the arp response that the purpose virtual machine received is sent passes through the source Virtual switch It is sent to the source virtual machine, the arp response includes the MAC Address of the purpose virtual machine.

11. the processing unit of data packet according to claim 9, which is characterized in that the determination unit is specifically used for, such as Purpose virtual machine described in fruit is not in the source data center, and the purpose virtual machine is in different nets from the source virtual machine Section, then according to the IP address of the purpose virtual machine, the MAC Address of acquisition purpose virtual gateway；

According to the IP address of the MAC Address of the purpose virtual gateway and the purpose virtual machine, the forwarding data are determined The transmission path of bag；

12. the processing unit of data packet according to claim 11, which is characterized in that the receiving unit receives described The destination address of data packet further includes the MAC Address of source virtual gateway；

Described device further includes：Processing unit, for carrying the MAC Address of the purpose virtual gateway in the described first forwarding In rule, so that the source Virtual switch is regular using the described first forwarding, by the MAC Address of source virtual gateway and institute The MAC Address for stating purpose virtual gateway is encapsulated in the data packet, and the data packet after encapsulation is forwarded to the source Virtual protocol.

13. the processing unit of data packet according to claim 12, which is characterized in that the receiving unit is additionally operable to, and is connect The ARP request sent by the source virtual machine of the source Virtual switch forwarding is received, the ARP request is used to obtain the source The MAC Address of virtual gateway, the ARP request include the IP address of the source virtual gateway；

Described device further includes：Second searching unit for the IP address according to the source virtual gateway, searches described address row Whether MAC Address with the IP address matched source virtual gateway has been stored in table；

The transmitting element is additionally operable to, if finding the MAC Address of the source virtual gateway, passes through the source virtual switch Device sends arp response to the source virtual machine, and the arp response includes the MAC Address of the source virtual gateway.

14. a kind of processing unit of data packet, which is characterized in that described device includes：

Receiving unit, for receiving the data packet sent by source virtual protocol of purpose virtual protocol forwarding, the data packet is taken Destination address with the data packet, the destination address include the IP address of purpose virtual machine；

Determination unit, if the IP address for the purpose virtual machine is stored in described address list, it is determined that the mesh Virtual machine be in the purpose data center；

The determination unit is additionally operable to, if the purpose virtual machine is in the purpose data center, it is determined that for by institute State the first forwarding rule that data packet is forwarded to the purpose virtual machine；

Transmitting element, for sending the first forwarding rule to the purpose virtual protocol and purpose Virtual switch respectively, so that It obtains the purpose virtual protocol and the data packet is forwarded to the purpose Virtual switch, institute using the described first forwarding rule It states purpose Virtual switch and the data packet is forwarded to the purpose virtual machine using the described first forwarding rule；

Wherein, the processing unit of the data packet, the purpose virtual protocol and the purpose Virtual switch are in purpose Data center, the source virtual protocol are in source data center；

The determination unit is specifically used for, if the purpose virtual machine is in the purpose data center, and the purpose is empty Plan machine is in phase same network segment with the source virtual machine, then according to the MAC Address of the purpose virtual machine, searches whether exist and institute State the purpose Virtual switch of purpose virtual machine matching connection；

It is virtual according to the purpose if finding the purpose Virtual switch that connection is matched with the purpose virtual machine The IP address of the MAC Address of machine and the purpose virtual machine determines the transmission path of the forwarding data packet；

15. the processing unit of data packet according to claim 14, which is characterized in that the receiving unit is additionally operable to, and is connect The ARP request sent by the source virtual protocol of the purpose virtual protocol forwarding is received, the ARP request is described for obtaining The MAC Address of purpose virtual machine, the ARP request include the IP address of the purpose virtual machine；

The determination unit is additionally operable to, and according to the IP address of the purpose virtual machine, searches whether to exist virtual with the purpose The purpose Virtual switch of machine matching connection；

If find the purpose Virtual switch that connection is matched with the purpose virtual machine, it is determined that for by described in ARP request is forwarded to the second forwarding rule of the purpose virtual machine；

The transmitting element is additionally operable to, and sends described second to the purpose virtual protocol and the purpose Virtual switch respectively Forwarding rule, so that the ARP request is forwarded to the mesh by the purpose virtual protocol using the described second forwarding rule Virtual switch, the ARP request is forwarded to the mesh by the purpose Virtual switch using the described second forwarding rule Virtual machine, and receive the arp response that the purpose virtual machine is sent, and virtual to the source by the purpose virtual protocol Agency sends the arp response, and the arp response includes the MAC Address of the purpose virtual machine.

16. the processing unit of data packet according to claim 14, which is characterized in that the determination unit is specifically used for, If the purpose virtual machine is in purpose data center, and the purpose virtual machine is in different nets from the source virtual machine Section then according to the IP address of the purpose virtual machine, obtains the MAC Address of the purpose virtual machine；

According to the MAC Address of the purpose virtual machine, search whether there is the mesh that connection is matched with the purpose virtual machine Virtual switch；

It is virtual according to the purpose if finding the purpose Virtual switch for matching and linking with the purpose virtual machine The IP address of the MAC Address of machine and the purpose virtual machine determines the transmission path of the forwarding data packet；