CN105391635B - A kind of network virtualization method based on SDN - Google Patents

A kind of network virtualization method based on SDN Download PDF

Info

Publication number
CN105391635B
CN105391635B CN201510667519.XA CN201510667519A CN105391635B CN 105391635 B CN105391635 B CN 105391635B CN 201510667519 A CN201510667519 A CN 201510667519A CN 105391635 B CN105391635 B CN 105391635B
Authority
CN
China
Prior art keywords
virtual network
network
module
message
bandwidth
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN201510667519.XA
Other languages
Chinese (zh)
Other versions
CN105391635A (en
Inventor
唐勇
栾谋升
汪文勇
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
University of Electronic Science and Technology of China
Original Assignee
University of Electronic Science and Technology of China
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by University of Electronic Science and Technology of China filed Critical University of Electronic Science and Technology of China
Priority to CN201510667519.XA priority Critical patent/CN105391635B/en
Publication of CN105391635A publication Critical patent/CN105391635A/en
Application granted granted Critical
Publication of CN105391635B publication Critical patent/CN105391635B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L45/00Routing or path finding of packets in data switching networks
    • H04L45/74Address processing for routing
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L47/00Traffic control in data switching networks
    • H04L47/10Flow control; Congestion control
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L61/00Network arrangements, protocols or services for addressing or naming
    • H04L61/09Mapping addresses
    • H04L61/10Mapping addresses of different types

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)

Abstract

The network virtualization method based on SDN that the invention discloses a kind of comprising:When netinit, controller obtains SDN network topology information by detection;Create a virtual network piece, it creates virtual network piece and calls virtual network generation module, it creates and adds host into virtual network after completing, host is added to virtual network piece, when some host is needed with another main-machine communication, if interchanger has matched flow table item, then directly forward data packet, if interchanger does not have matched flow table item, the data packet can be sent to controller, controller calls the message block block intercepts data packet, message block module calls message resolution module, the result that the parsing module that waits for the arrival of news returns, it decides whether to abandon the data packet;This method can flexibly create virtual network, be driven completely by user demand, have preferable autgmentability.Simultaneously for the handling capacity for promoting network and the competition of hot-spot link is avoided to also proposed preferably solution.

Description

A kind of network virtualization method based on SDN
Technical field
The present invention relates to computer networks to virtualize field, specifically relates to a kind of network virtualization side based on SDN Method.
Background technology
Virtualization technology is inseparable with the development of network always, in order to solve the problems, such as current internet " rigid " and pierce Swash the innovation studied future network, the concept of network virtualization is suggested, and network virtualization technology, which refers to using, to be abstracted, divides With realizing node and link virtualization with isolation mech isolation test, the physical resource structure by sharing bottom coexists but mutually isolated more Sample virtual network, physical network can be asked to realize according to the virtual resource of dynamic change to the reasonable disposition of physical resource and Management.Researcher constructs logical network to meet specific industry using virtualization technology on the basis of the existing network architecture Business demand.The virtual LAN for showing user isolation strictly according to the facts, connects the Virtual Private Network etc. of strange land user.
Now, lot of domestic and international group and academic institution propose to build network experimental platform using network virtualization, by net Architecture of the network virtualization technology as structure Next Generation Internet.Including GENI(Global Environment for Network Innovations), it is intended to the large scale experiment platform of one General Open of structure, conventional internet is solved and exists Safety, reliability and managerial etc. deficiency, its design object is programmable structure one, virtualization, full Global network that sufficient heterogeneous networks interconnect, having safety.GENI can realize user to the access of underlying resource and Control;PlantLab projects originate in 2003, initial architecture by Princeton University Larry Peterson, Tom Anderson of University of Washington, the David Culler Joint Designings of University of California Berkeley, it is one and opens Global experiment platform putting, for next generation network internet and service.The computing resource of node, memory source, network Resource etc. is shared by more virtual machines.By more virtual robot arms at virtual machine be referred to as a resource piece of PlantLab. Multiple resource pieces are run on PlantLab simultaneously, are mutually independent of each other in logic;VegaNet(Virtual Gigabit Network)Project originates in 2009, is initiated by University of Science & Technology, Beijing, Tsinghua University, Beijing University of Post & Telecommunication.VegaNet's Main feature includes introducing true customer flow, supporting node and link failure injection, synchronous bottom-layer network failure, virtual road It is realized based on true business router platform by device, supports the virtual network flow of high bandwidth, the association run in virtual network Race is discussed independently of bottom Physical Network, virtual network is transparent to bottom physical network;4WARD projects are the scientific and technological frame meters of European Union the 7th EP7 is drawn in the sub-project of network technology research field, is started in January, 2008.Its target is to overcome existing lead to by innovation The framework of multiple networks can coexists in the shortcomings that communication network, structure simultaneously.4WARD virtualization frames allow multiple network operations to exist On one general platform, realize that multiple network architectures coexist by the virtualization of Internet resources Working level, and it is existing Internet is only allowed in link layer and application layer while coexisting unlike multiple networks, and 4WARD should be able to also be in network Multiple networks coexist in layer and transport layer.4WARD can support the virtualization of heterogeneous network, the terminal user of isomery and novel simultaneously Procotol etc..Its main research contents includes network virtualization technology, the principle of new architecture and content etc..
SDN originates from the clean state projects of Stanford University earliest, it is a kind of network architecture of innovation, Its core concept is that Forwarding plane and control plane are decoupled, by centralized controller and using the interface of standard to various The different network equipments are managed.Currently, OpenFlow has been used widely as the interface of standard, master controller The fining of physical switches is monitored and managed by OpenFlow protocol realizations.Meanwhile SDN has natural network virtual The advantage of change, especially for the network virtualization application of data center.For the requirement of deployment, virtualization requires concentration The network architecture of formula control, and SDN network is exactly exactly a kind of network architecture of centralized management.
Through retrieval, it is not closer to technical scheme on national patent board web and foreign patent board web Technical solution application cross patent, the periodical file not also being closer to technical scheme, be not carried out based on SDN create Build the prior art of virtual network.
Invention content
The present invention is directed to existing for the above-mentioned prior art defects and deficiency, and it is empty to provide a kind of network based on SDN Quasi-ization method, this method can not only be based on MAC Address and create virtual network, be also based on IP address and create virtual network, Virtual network can carry specific application layer energy or certain flows from and to up to host.
The present invention is realized by using following technical proposals:
A kind of network virtualization method based on SDN, it is characterised in that:
Step 1, when netinit, controller by detection obtain SDN network topology information, including exchanger information and Link information;
Step 2, any virtual network is not had to exist when netinit, all bottom-layer network resources wouldn't can be used;
Step 3, the use of the premise of Internet resources is to obtain a virtual network piece, otherwise can not be provided using any network Source creates a virtual network piece, goes to step 4;
Step 4, it creates virtual network piece and calls virtual network generation module, it is various that virtual network generation module collects user The information of required parameter creates virtual network piece according to required parameter, and required parameter includes ID, name, the flow of virtual network Type of isolation and bandwidth demand create and add host into virtual network after completing, go to step 5;
Step 5, addition host is to virtual network piece, and virtual network is a series of set of hosts, these host sets amount to The resource in virtual network is enjoyed, the MAC Address or IP address of the host Intrusion Detection based on host of virtual network piece, but the same void are added to Quasi- network can only be based on a kind of addition manner, such as only add host MAC address or only add host IP address, host addition is completed Afterwards, 6 are gone to step;
Step 6, when some host needs and another main-machine communication, if interchanger has matched flow table item, directly Data packet is forwarded, if interchanger does not have matched flow table item, which can be sent to controller, go to step 7;
Step 7, controller calls the message block block intercepts data packet, message block module that message is called to parse mould Block goes to step 8, the parsing module that waits for the arrival of news return as a result, deciding whether to abandon the data packet;
Step 8, message resolution module parses the data packet, and whether inquiry data packet comes from some virtual network, if looking into It askes result to belong to some virtual network and meet virtual network relevant parameter, notification message blocking module allows the data packet By and issue flow table, otherwise notification message blocking module abandons the data packet;
Whether inquiry data packet, which comes from some virtual network, needs to call virtual network mapping block, goes to step 9;
Step 9, virtual network mapping block inquires mapping relations, determines whether data packet belongs to some virtual network, The relevant parameter for determining virtual network simultaneously, the process flow of data packet is determined according to relevant parameter, such as calls flow isolation mode Block, bandwidth virtualization route generation module, if necessary to call flow isolation module, 10 are gone to step, if necessary to call bandwidth Virtualization routing generation module goes to step 11;
Step 10, if the starting stage created in virtual network specifies carried flow, the isolation of flow isolation module Otherwise any types flow will not be isolated in the flow that all non-virtual networks are carried;
Step 11, if the starting stage created in virtual network specifies bandwidth demand, bandwidth virtualization routing generates mould Block calls MM_ATT algorithms to calculate a routing first, flow table is installed on path, then the master in all virtual networks Speed limit queue is arranged in the connected edge switch exit port of machine.
The virtual network generation module is used for user's virtual network requests to generate logical Virtual network piece slice, empty Request of the generation from user of quasi- network, required parameter is determined by user, and virtual network sheet data knot is generated by controller Structure, and safeguard the mapping of all virtual network relevant parameters.
The message block module, for intercepting all packet_in message from bottom physical network, network is initial When change, it can not use any physical network resource, all not matched packets that will all be transmitted to control by packet_in message Device;Virtual network is had been set up before only, and the packet_in message belongs to the stream where some virtual network, After message resolution module, allows message to pass through, otherwise abandon the message.
The message resolution module, for the data packet that message block module is intercepted, message resolution module parses phase Information is closed, such as source IP address, purpose IP address, source TCP/UDP port numbers, purpose TCP/UDP port numbers, source MAC, purpose MAC Address and enter switch ports themselves number;Meanwhile determining whether message is broadcast message, dhcp message, for this kind of message block Module not intercepts.
The virtual network mapping block, for managing all virtual network mapping relations data structures, including virtual net Network ID is to the mapping of virtual network, the mapping of virtual network ID to virtual network name, virtual network ID to virtual network host The mapping of the mapping of collection, the mapping of IP address to MAC Address and host to switch port.These Mapping data structures are empty The kernel data structure of quasi- network mapping module.
The flow isolation module is used for the particular flow rate of isolation applications layer, such as HTTP, FTP and P2P flow;Virtual net If network specifies the required flow being isolated, the processing request of flow isolation module, and all interchanger peaces on path when creating Flow table is filled, these flow tables only match specific packet, realize accurate matching.As accurately matched following field:Enter switch port, source MAC Address, target MAC (Media Access Control) address, source IP address, purpose IP address, source transportation level port, purpose transportation level port.
The bandwidth virtualization route generation module, for completing the generation of bandwidth virtualization routing, bandwidth virtualization meaning I.e. for the limited bandwidth of virtual network and isolation, the minimum value or maximum value of occupied bandwidth needed for virtual network are generally set, It is that stream finds routing using MM_ATT algorithms, it is several in the edge switch exit port setting that all virtual network hosts are connected The speed limit of stream and the generation of routing are realized in speed limit queue.
The formalized description of the MM_ATT algorithms is:Give a network G (V, E), source node s ∈ V, destination node D ∈ V, bandwidth demand b ∈ R.For (i, j) ∈ E, link capacity Cij ∈ R, residual capacity Lij ∈ R, it is desirable that find source node For s, destination node is the path p of d so that the available bandwidth available >=b, available of path p is institute on the p of path There is the least residue capacity of link, while requiring the bandwidth availability ratio U (p) of p minimum, i.e. U (p)=min U (pi);Wherein V is represented Node set, E represent link set, and R represents positive real number collection, and pi ∈ P, P represent all set of paths from s to d;
Algorithm steps:
(1)Deletion figure G links are unsatisfactory for the link of bandwidth requirement, obtain newly scheming G2=(V, E2).
(2)To each of the links computation bandwidth utilization rate Uij in figure G2.
(3)All all path Ps from source node s to destination node d are searched for, while limiting hop count and being not more than max_hop.
(4)From step(3)In the path of a paths bandwidth availability ratio minimum is found out in the path found.
The step 1 further comprises:
Controller periodically sends LLDP probe data packets to detect the connection status of interchanger in SDN network, safeguards The topological relation of SDN network.
The step 5 further comprises:
It adds the virtual network belonging to host to be identified by the ID of virtual network, while the end that given host is connected with interchanger Mouthful.The host address added is identified with the address format of standard;
The step 8 further comprises:
Whether inquiry data packet, which comes from some virtual network, is determined by the source address and destination address of data packet , if host representated by these addresses, all in the host complexes of virtual network, which belongs to the virtual network, Otherwise the data packet is directly abandoned;
The step 9 further comprises:
Virtual network mapping block inquires whether data packet belongs to some virtual network first, further inquires virtual net The parameter attribute of network.It specifically includes:Virtual network only carries specified source and destination address, the isolation of application layer traffic, bandwidth Demand.The wherein flow of " virtual network only carries specified source and destination address " only needs simply to sentence in network mapping module Whether the source and destination address of disconnected data packet matches.
The step 10 further comprises:
The specified application layer traffic of flow isolation module isolation, the flows such as including HTTP, FTP, P2P, these standard applications Transport layer port is normalized used in laminar flow amount, and flow isolation module passes through the source transportation level port of data packet and purpose Transportation level port determines the application layer traffic on upper layer, realizes the purpose of flow isolation.
The step 11 further comprises:
Bandwidth virtualization routing generation module generates routing and needs the port speed that edge switch is arranged after issuing flow table Rate can configure several speed limit queues in switch port, and queue specified queue id, queue minimum transmission rate, queue are maximum Then transmission rate adds special flow table item in edge switch, the stream that flow table item instruction is reached from some port is directed to The port particular queue being configured before, has achieved the purpose that flow accurate speed limit.
Compared with prior art, what the present invention was reached has the beneficial effect that:
1, this method is formed by system, an application module on controller is can be used as, with a kind of pluggable group Part form realizes flexible addition and deletes, when not needing virtual network function, this is deleted in configuration file i.e. It can.This method can flexibly create virtual network, be driven completely by user demand, have preferable autgmentability.Simultaneously for carrying It rises the handling capacity of network and the competition of hot-spot link is avoided to also proposed preferably solution.
2, the technical program neatly creates virtual network and virtual network ginseng is arranged by way of dividing virtual network Number, multiple virtual network Share and concomitance Internet resources.This programme can not only be based on MAC Address and create virtual network, can be with Virtual network is created based on IP address.Virtual network can carry specific application layer energy or certain from/to up to host Flow.
3, the technical program uses MM_ATT algorithms, to there is the virtual network of bandwidth demand to select the chain of a relative free Road, the routing principle of the algorithm are to find the path of a paths bandwidth availability ratio minimum, to ensure virtual network band Under the premise of wide demand so that path remaining bandwidth is maximum, is effectively promoted to the handling capacity of network entirety.It finds simultaneously Speed limit queue is set in all virtual network host edge switch exit ports after routing, the flow for injecting virtual network can not Required bandwidth demand can be more than, to control burst flow well.
Description of the drawings
Below in conjunction with specification drawings and specific embodiments, the present invention is described in further detail, wherein:
Fig. 1 is a kind of module map of the network virtualization method based on SDN of the present invention.
Fig. 2 is that host communicates flow chart in virtual network of the embodiment of the present invention based on MAC Address.
Fig. 3 is that host communicates flow chart in the IP address-based virtual network of the embodiment of the present invention.
Fig. 4 is that the embodiment of the present invention is based on MM_ATT algorithm pathfinding topology schematic diagrames.
Specific implementation mode
Embodiment 1
As the preferred forms of the technical program, the process flow of network topology and Fig. 2 referring to Fig.1, this example It is primarily based on MAC Address and establishes virtual network, virtual network relevant parameter is set and adds several hosts, briefly describe virtual net Host is in communication with each other process in network, is as follows:
Step 1, virtual network slice1 is created, virtual network name and id are specified, is specified virtual based on MAC Address foundation Network, target flow isolation parameters are http flows, and it is bandwidth to specify the bandwidth requirement of virtual network;
Step 2, host h1, h3, h4 are added to virtual network slice1, the addresses mac are respectively mac1, mac3, mac4. The host address collection in virtual network slice1 is combined into { mac1, mac3, mac4 } at this time;
Step 3, host h1 sends http data packets toward h4, which arrives first at interchanger s1, if interchanger s1 does not have Controller can be will be forwarded to, be handled by controller with matched flow table item, the data packet by having.If interchanger s1 has matched flow table , then directly forward the data packet;
Step 4, the message block block intercepts of controller data packet gives message resolution module processing, goes to step 5;
Step 5, message resolution module obtains the data packet, starts to parse the data packet, if causing to solve due to any Analysis failure, abandons the data packet, goes to step 9.Otherwise virtual network mapping block is given, goes to step 6;
Step 6, virtual network mapping block is according to stored correlation map data structure, the source of searching data packet Flow isolation mode, if in a virtual network, is given in the addresses mac and the addresses purpose mac whether in the same virtual network Block goes to step 7.Otherwise packet discard goes to step 9.Here mac1 and mac4 belongs to the host complexes of virtual network slice1, Therefore 7 will be gone to step;
Step 7, flow isolation module determines whether the flow is virtual network needs by searching for the parameter of virtual network The flow of isolation goes to step 8 if not then giving bandwidth virtualization routing generation module processing.Otherwise module is needed to be isolated and is somebody's turn to do Flow, packet discard go to step 9.Here http flows need not be isolated in flow isolation module, therefore go to step 8 processing;
Step 8, bandwidth virtualization routing generation module searches whether the virtual network has bandwidth requirement, if being wanted without bandwidth It asks, directly issues flow table, forwarding.Otherwise routing, all friendships on path are generated by bandwidth virtualization routing generation module It changes planes and flow table is installed, and the edge switch exit port setting speed limit queue that the host where virtual network is connected.Assuming that raw At routing be:S1-s6-s5-s4, then can the port s4-s5 of the port s1-s6 and s4 of s1 be arranged speed limit queue, from h1 to The data packet of h4 can be directed to the speed limit queue that port s1-s6 has been set, and the data packet from h4 to h1 can be directed to port The speed limit queue that s4-s5 has been set;
Step 9, processing terminates;
Embodiment 2
As the preferred forms of the technical program, with reference to Fig. 4, illustrates and how using MM_ATT algorithms to find out one Item makes network throughput get a promotion, avoids the Routing Algorithm of hot spot for competition link, is as follows:
Step 1, the bandwidth availability ratio of calculating each of the links is needed in initialization procedure.
Step 2, the link that all remaining bandwidths are unsatisfactory for virtual network bandwidth requirement is deleted, topology such as Fig. 4 after deletion Shown, the number in chain roadside represents the bandwidth availability ratio of the link(Unit:%).
Step 3, it is assumed that need to calculate the routing of s1 to s11, max_hop=6 are arranged in we first, and algorithm is excellent by depth The routing of s1 to s11 is first searched for, the routing which finds is:S1-s0-s3-s8-s10-s11, the bandwidth usage on the path Rate is 4,6,6,6,4, it can be found that the maximum bandwidth utilization rate on the path is 6, which is all from s1 to s11 The minimum value of all path bandwidth utilization rates.If max_hop=5 are arranged, the routing that algorithm is found is s1-s0-s3-s8-s11, Bandwidth availability ratio on the path is 4,6,6,8, it can be found that maximum bandwidth utilization rate is 8 on the path, although the number ratio It is big that the number that max_hop=6 are found is set, but the path is shorter so that search complexity further decreases, in actual use Search time can be reduced by adjusting the size of max_hop parameters.
Generally speaking, algorithm routing principle is to try to find a paths so that the path remaining bandwidth is more sufficient, avoids Hot-spot link has achieved the purpose that network bandwidth resources efficiently use to add somewhat to the handling capacity of network.
Embodiment 3
Another better embodiment as this method comprising:
Step 1, when netinit, controller by detection obtain SDN network topology information, including exchanger information and Link information;
Step 2, any virtual network is not had to exist when netinit, all bottom-layer network resources wouldn't can be used;
Step 3, the use of the premise of Internet resources is to obtain a virtual network piece, otherwise can not be provided using any network Source creates a virtual network piece, goes to step 4;
Step 4, it creates virtual network piece and calls virtual network generation module, it is various that virtual network generation module collects user The information of required parameter creates virtual network piece according to required parameter, and required parameter includes ID, name, the flow of virtual network Type of isolation and bandwidth demand create and add host into virtual network after completing, go to step 5;
Step 5, addition host is to virtual network piece, and virtual network is a series of set of hosts, these host sets amount to The resource in virtual network is enjoyed, the MAC Address or IP address of the host Intrusion Detection based on host of virtual network piece, but the same void are added to Quasi- network can only be based on a kind of addition manner, such as only add host MAC address or only add host IP address, host addition is completed Afterwards, 6 are gone to step;
Step 6, when some host needs and another main-machine communication, if interchanger has matched flow table item, directly Data packet is forwarded, if interchanger does not have matched flow table item, which can be sent to controller, go to step 7;
Step 7, controller calls the message block block intercepts data packet, message block module that message is called to parse mould Block goes to step 8, the parsing module that waits for the arrival of news return as a result, deciding whether to abandon the data packet;
Step 8, message resolution module parses the data packet, and whether inquiry data packet comes from some virtual network, if looking into It askes result to belong to some virtual network and meet virtual network relevant parameter, notification message blocking module allows the data packet By and issue flow table, otherwise notification message blocking module abandons the data packet;
Whether inquiry data packet, which comes from some virtual network, needs to call virtual network mapping block, goes to step 9;
Step 9, virtual network mapping block inquires mapping relations, determines whether data packet belongs to some virtual network, The relevant parameter for determining virtual network simultaneously, the process flow of data packet is determined according to relevant parameter, such as calls flow isolation mode Block, bandwidth virtualization route generation module, if necessary to call flow isolation module, 10 are gone to step, if necessary to call bandwidth Virtualization routing generation module goes to step 11;
Step 10, if the starting stage created in virtual network specifies carried flow, the isolation of flow isolation module Otherwise any types flow will not be isolated in the flow that all non-virtual networks are carried;
Step 11, if the starting stage created in virtual network specifies bandwidth demand, bandwidth virtualization routing generates mould Block calls MM_ATT algorithms to calculate a routing first, flow table is installed on path, then the master in all virtual networks Speed limit queue is arranged in the connected edge switch exit port of machine.
Embodiment 4
Using the system of this method formation, include mainly:Virtual network generation module, message block module, message Parsing module, virtual network mapping block, flow isolation module, bandwidth virtualization route generation module.
The virtual network generation module is used for user's virtual network requests to generate logical Virtual network piece slice, empty Request of the generation from user of quasi- network, required parameter is determined by user, and virtual network sheet data knot is generated by controller Structure, and safeguard the mapping of all virtual network relevant parameters.
The message block module, for intercepting all packet_in message from bottom physical network, network is initial When change, it can not use any physical network resource, all not matched packets that will all be transmitted to control by packet_in message Device.Virtual network is had been set up before only, and the packet_in message belongs to the stream where some virtual network, After message resolution module, allows message to pass through, otherwise abandon the message.
The message resolution module, for the data packet that message block module is intercepted, message resolution module parses phase Information is closed, such as source IP address, purpose IP address, source TCP/UDP port numbers, purpose TCP/UDP port numbers, source MAC, purpose MAC Address enters switch ports themselves number.Meanwhile determining whether message is broadcast message, dhcp message, for this kind of message block Module not intercepts.
The virtual network mapping block, for managing all virtual network mapping relations data structures, including virtual net Network ID is to the mapping of virtual network, the mapping of virtual network ID to virtual network name, virtual network ID to virtual network host The mapping of the mapping of collection, the mapping of IP address to MAC Address and host to switch port.These Mapping data structures are empty The kernel data structure of quasi- network mapping module.
The flow isolation module is used for the particular flow rate of isolation applications layer, such as HTTP, FTP, P2P flow.Virtual net If network specifies the required flow being isolated, the processing request of flow isolation module, and all interchanger peaces on path when creating Flow table is filled, these flow tables only match specific packet, realize accurate matching, such as accurately match following field:Enter switch port, source MAC Address, target MAC (Media Access Control) address, source IP address, purpose IP address, source transportation level port, purpose transportation level port.
The bandwidth virtualization route generation module, for completing the generation of bandwidth virtualization routing, bandwidth virtualization meaning I.e. for the limited bandwidth of virtual network and isolation, the minimum value or maximum value of occupied bandwidth needed for virtual network are generally set, It is that stream finds routing using MM_ATT algorithms, it is several in the edge switch exit port setting that all virtual network hosts are connected The speed limit of stream and the generation of routing are realized in speed limit queue.MM_ATT algorithms are explained in detail below:
MM-ATT is a kind of include two kinds of demands algorithm,(1)First, bandwidth demand is specified when creating virtual network, A paths then are found using Min-Max Bandwidth Utilization algorithms, flow table is issued for the interchanger on path, Meanwhile speed limit queue is configured in the flow exit port of all edge switch, these queues specify the maximum bandwidth of outlet, right Bandwidth demand specified when creating virtual network is answered, therefore these streams never may be with outside more than specified bandwidth rates Inject flow;(2)Secondly, there is no nominated bandwidth demand when creating virtual network, the stream operated in the virtual network is random Bigger, bandwidth fluctuation uncertainty is bigger.According to the Routing Algorithm of controller routine, selects to route for the stream, issue stream Table.The bandwidth availability ratio of monitoring control devices link uses Min-Max if link bandwidth utilization rate is more than specified trigger conditions Bandwidth Utilization algorithms are that the stream of the non-bandwidth demand of the link selects the path of an other relative free, The circulation is moved on into the path.
It therefore, can be by the not specified bandwidth demand of the link when the bandwidth availability ratio of certain link is more than trigger condition Circulation moves on to other links, and the unborn stream for having bandwidth demand of the link will not be transferred, and the stream being transferred all is those The stream of not specified bandwidth demand.
Min-Max Bandwidth Utilization minimize maximum bandwidth utilization rate:So that selected path band Wide utilization rate is minimum, and path bandwidth utilization rate is all link bandwidth utilization rate maximum values on path.The algorithm target is to try to So that path bandwidth utilization rate is minimum, crowded link is avoided, the link of those relative frees is used.Meanwhile the algorithm makes The remaining bandwidth of chain road is more, and the needs of of stream is reached after can meeting as far as possible.
Formalized description:Give a network G (V, E), source node s ∈ V, destination node d ∈ V, bandwidth demand b ∈ R.It is right In (i, j) ∈ E, link capacity Cij∈ R, residual capacity Lij∈ R, it is desirable that it is s to find source node, and destination node is the path of d P so that the available bandwidth available >=b, available of path p is the least residue capacity of all links on the p of path, Require the bandwidth availability ratio U (p) of p minimum simultaneously, i.e. U (p)=min U (pi).Wherein V represents node set, and E represents link set It closes, R represents positive real number collection, and pi ∈ P, P represent all set of paths from s to d.
Algorithm steps:
(1)Deletion figure G links are unsatisfactory for the link of bandwidth requirement, obtain newly scheming G2=(V, E2)。
(2)To scheming G2In each of the links computation bandwidth utilization rate Uij
(3)All all path Ps from source node s to destination node d of depth-first search, while limiting hop count and being not more than max_hop。
(4)From step(3)In the path of a paths bandwidth availability ratio minimum is found out in the path found.
For the algorithm pathfinding referring to shown in embodiment 2.

Claims (9)

1. a kind of network virtualization method based on SDN, it is characterised in that:
Step 1, when netinit, controller obtains SDN network topology information, including exchanger information and link by detection Information;
Step 2, any virtual network is not had to exist when netinit, all bottom-layer network resources wouldn't can be used;
Step 3, a virtual network piece is created, goes to step 4;
Step 4, creating virtual network piece calls virtual network generation module, virtual network generation module to collect the various requests of user The information of parameter creates virtual network piece according to required parameter, and required parameter includes that ID, name, the flow of virtual network are isolated Type and bandwidth demand create and add host into virtual network after completing, go to step 5;
Step 5, addition host is to virtual network piece, with being added to MAC Address or the IP of the host Intrusion Detection based on host of virtual network piece Location, the same virtual network can only be based on a kind of addition manner, and a kind of addition manner is only addition host MAC address or only It adds host IP address and goes to step 6 after the completion of host addition;
Step 6, it when some host needs and another main-machine communication, if interchanger has matched flow table item, directly forwards Data packet, if interchanger does not have matched flow table item, which can be sent to controller, go to step 7;
Step 7, controller calls the message block block intercepts data packet, message block module to call message resolution module, turns Step 8, the parsing module that waits for the arrival of news return as a result, deciding whether to abandon the data packet;
Step 8, message resolution module parses the data packet, and whether inquiry data packet comes from some virtual network, if inquiry knot Fruit belongs to some virtual network and meets virtual network relevant parameter, and notification message blocking module allows the data packet to pass through And flow table is issued, otherwise notification message blocking module abandons the data packet.
2. a kind of network virtualization method based on SDN according to claim 1, it is characterised in that:Inquiring data packet is No some virtual network that comes from needs to call virtual network mapping block, goes to step 9;
Step 9, virtual network mapping block inquires mapping relations, determines whether data packet belongs to some virtual network, simultaneously The relevant parameter for determining virtual network determines that the process flow of data packet, the process flow are to call to flow according to relevant parameter It measures isolation module or bandwidth virtualization route generation module, if necessary to call flow isolation module, go to step 10, if necessary Bandwidth virtualization routing generation module is called to go to step 11;
Step 10, if the starting stage created in virtual network specifies carried flow, the isolation of flow isolation module is all Otherwise any types flow will not be isolated in the flow that non-virtual network is carried;
Step 11, if the starting stage created in virtual network specifies bandwidth demand, it is first that bandwidth virtualization route generation module First MM_ATT algorithms is called to calculate a routing, flow table is installed on path, then the host phase in all virtual networks Speed limit queue is arranged in edge switch exit port even.
3. a kind of network virtualization method based on SDN according to claim 1 or 2, it is characterised in that:The virtual net Network generation module is used for user's virtual network requests to generate logical Virtual network piece slice, and the generation of virtual network is derived from The request of user determines required parameter by user, generates virtual network sheet data structure by controller, and safeguard all virtual nets The mapping of network relevant parameter.
4. a kind of network virtualization method based on SDN according to claim 1 or 2, it is characterised in that:The message is blocked Module is cut, for intercepting all packet_in message from bottom physical network, when netinit, can not be used any Physical network resource, all not matched packets all will be transmitted to controller by packet_in message;It is had built up before only Virtual network, and the packet_in message belongs to the stream where some virtual network, after message resolution module, Allow message to pass through, otherwise abandons the message.
5. a kind of network virtualization method based on SDN according to claim 1 or 2, it is characterised in that:The message solution Module is analysed, for the data packet that message block module is intercepted, message resolution module parses relevant information, the relevant information Including source IP address, purpose IP address, source TCP/UDP port numbers, purpose TCP/UDP port numbers, source MAC, purpose MAC Location and enter switch ports themselves number;Meanwhile determining whether message is broadcast message, dhcp message, for this kind of message block module Not intercept.
6. a kind of network virtualization method based on SDN according to claim 2, it is characterised in that:The virtual network Mapping block, for managing all virtual network mapping relations data structures, including virtual network ID to virtual network mapping, Virtual network ID to the mapping of virtual network name, virtual network ID to the mapping of virtual network host set, IP address with arriving MAC The mapping of the mapping of location and host to switch port.
7. a kind of network virtualization method based on SDN according to claim 2, it is characterised in that:The flow isolation Module, is used for the particular flow rate of isolation applications layer, and the particular flow rate is HTTP, FTP and P2P flow;When virtual network creates If the flow being isolated needed for specifying, the processing request of flow isolation module, and all interchangers install flow table on path, this A little flow tables only match specific packet, realize accurate matching.
8. a kind of network virtualization method based on SDN according to claim 2, it is characterised in that:The bandwidth is virtual Change routing generation module, for completing the generation of bandwidth virtualization routing, bandwidth virtualization implies that the bandwidth for virtual network It limits and is isolated, the minimum value or maximum value of occupied bandwidth needed for virtual network are set, be that stream finds road using MM_ATT algorithms By, several speed limit queues are arranged in the edge switch exit port connected in all virtual network hosts, realize stream speed limit and The generation of routing.
9. a kind of network virtualization method based on SDN according to claim 2, it is characterised in that:The MM_ATT The formalized description of algorithm is:Give a network G (V, E), source node s ∈ V, destination node d ∈ V, bandwidth demand b ∈ R;It is right In (i, j) ∈ E, link capacity Cij ∈ R, residual capacity Lij ∈ R, it is desirable that it is s to find source node, and destination node is the road of d Diameter p so that the available bandwidth available >=b, available of path p is that the least residue of all links on the p of path is held Amount, while requiring the bandwidth availability ratio U (p) of p minimum, i.e. U (p)=min U (pi);Wherein V represents node set, and E represents link Set, R represent positive real number collection, and pi ∈ P, P represent all set of paths from s to d;
Algorithm steps:
(1)Deletion figure G links are unsatisfactory for the link of bandwidth requirement, obtain newly scheming G2=(V, E2);
(2)To each of the links computation bandwidth utilization rate Uij in figure G2;
(3)All all path Ps from source node s to destination node d are searched for, while limiting hop count and being not more than max_hop;
(4)From step(3)In the path of a paths bandwidth availability ratio minimum is found out in the path found.
CN201510667519.XA 2015-10-16 2015-10-16 A kind of network virtualization method based on SDN Active CN105391635B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201510667519.XA CN105391635B (en) 2015-10-16 2015-10-16 A kind of network virtualization method based on SDN

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201510667519.XA CN105391635B (en) 2015-10-16 2015-10-16 A kind of network virtualization method based on SDN

Publications (2)

Publication Number Publication Date
CN105391635A CN105391635A (en) 2016-03-09
CN105391635B true CN105391635B (en) 2018-10-16

Family

ID=55423483

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201510667519.XA Active CN105391635B (en) 2015-10-16 2015-10-16 A kind of network virtualization method based on SDN

Country Status (1)

Country Link
CN (1) CN105391635B (en)

Families Citing this family (10)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US10469374B2 (en) 2016-03-30 2019-11-05 Futurewei Technologies, Inc. Multiple provider framework for virtual switch data planes and data plane migration
CN105763438B (en) * 2016-04-29 2018-08-28 清华大学 A kind of content distribution method based on software defined network Yu name route technology
CN107070766B (en) * 2017-04-25 2019-11-05 福州大学 It may be programmed the virtual network construction method of language based on software definition data plane
CN107682258A (en) * 2017-09-27 2018-02-09 北京邮电大学 A kind of multi-path network transmission method and device based on virtualization
CN107786458B (en) * 2017-11-02 2021-06-25 下一代互联网重大应用技术(北京)工程研究中心有限公司 DPDK-based multi-port access and egress method
CN110300139B (en) * 2018-03-23 2021-11-23 北方工业大学 Point-to-point content distribution method
CN108650112A (en) * 2018-04-02 2018-10-12 郑州云海信息技术有限公司 A kind of the network virtualization design system and method for data center's total management system
CN110753054A (en) * 2019-10-25 2020-02-04 电子科技大学 Anonymous communication method based on SDN
CN111049747B (en) * 2019-12-18 2022-01-04 北京计算机技术及应用研究所 Intelligent virtual network path planning method for large-scale container cluster
CN116938811B (en) * 2023-09-18 2024-05-07 厦门市佐云佑网科技有限公司 SDN routing method and routing system based on virtual network mapping

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2013139298A1 (en) * 2012-03-22 2013-09-26 Huawei Technologies Co., Ltd. Supporting software defined networking with application layer traffic optimization
CN103905523A (en) * 2013-12-23 2014-07-02 浪潮(北京)电子信息产业有限公司 Cloud computing network virtualization method and system based on SDN
CN104717683A (en) * 2015-03-26 2015-06-17 清华大学 User request processing method based on software-defined network southing interface protocol
CN104767676A (en) * 2014-01-03 2015-07-08 华为技术有限公司 Data message forwarding method and data message forwarding system in software defined network (SDN)

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2013139298A1 (en) * 2012-03-22 2013-09-26 Huawei Technologies Co., Ltd. Supporting software defined networking with application layer traffic optimization
CN103905523A (en) * 2013-12-23 2014-07-02 浪潮(北京)电子信息产业有限公司 Cloud computing network virtualization method and system based on SDN
CN104767676A (en) * 2014-01-03 2015-07-08 华为技术有限公司 Data message forwarding method and data message forwarding system in software defined network (SDN)
CN104717683A (en) * 2015-03-26 2015-06-17 清华大学 User request processing method based on software-defined network southing interface protocol

Also Published As

Publication number Publication date
CN105391635A (en) 2016-03-09

Similar Documents

Publication Publication Date Title
CN105391635B (en) A kind of network virtualization method based on SDN
JP7417825B2 (en) slice-based routing
US9413649B2 (en) Virtual network device architecture
CN106100999B (en) Image network flow control methods in a kind of virtualized network environment
CN107395532B (en) Multi-tenant virtual network isolation method based on SDN
US10541913B2 (en) Table entry in software defined network
EP2882150B1 (en) Physical path determination for virtual network packet flows
CN104303467B (en) A kind of interchanger and its operating method
US8599830B2 (en) Method and system for network aware virtual machines
KR101669700B1 (en) Agile data center network architecture
CN104253770B (en) Realize the method and apparatus of the distributed virtual switch system
CN104283756B (en) A kind of method and apparatus for realizing distributed multi-tenant virtual network
US10237179B2 (en) Systems and methods of inter data center out-bound traffic management
CN103997513B (en) A kind of programmable virtual network service system
CN104717098B (en) A kind of data processing method and device
CN102957619B (en) Virtual route system and method
CN107113241B (en) Route determining method, network configuration method and related device
US20170317850A1 (en) Layer-3 Forwarding in VXLAN
CN110430114B (en) Virtual router and method for realizing interconnection between SDN network and traditional IP network
CN108737272A (en) High-performance routing conversion in a kind of cloud computing
CN104980373B (en) A kind of system and method for controlling server and its application
CN107040605A (en) Cloud platform scheduling of resource and management system and its application process based on SDN
KR101841026B1 (en) Service function chaining network system for path optimization
CN105407045A (en) Router virtualization method based on safety isolation
CN110768911B (en) Method, device, equipment, system and storage medium for efficient flow drainage

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant