CN105991438B - Treating method and apparatus based on data packet in virtual double layer network - Google Patents
Treating method and apparatus based on data packet in virtual double layer network Download PDFInfo
- Publication number
- CN105991438B CN105991438B CN201510049926.4A CN201510049926A CN105991438B CN 105991438 B CN105991438 B CN 105991438B CN 201510049926 A CN201510049926 A CN 201510049926A CN 105991438 B CN105991438 B CN 105991438B
- Authority
- CN
- China
- Prior art keywords
- port
- ltid
- data packet
- mac address
- mark
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Images
Abstract
The embodiment of the present invention provides a kind for the treatment of method and apparatus based on data packet in virtual double layer network.This method comprises: ingress edge interchanger receives the first data packet that source server is sent;Search packaging information mapping table;If mapping item has not been obtained, then the port-mark of first port, the MAC Address of the first LTID and the purpose virtual machine are sent to controller, so that the controller obtains corresponding mapping item according to the MAC Address of the port-mark of first port, the first LTID and the purpose virtual machine, and the mapping item is returned into ingress edge interchanger;The 2nd LTID in the mapping item is replaced the first LTID in the first data packet by ingress edge interchanger, and is packaged according to mapping item to replaced first data packet, to obtain the second data packet;Second data packet is sent to outlet edge interchanger corresponding with the MAC Address of purpose virtual machine.
Description
Technical field
The present embodiments relate to the communication technology more particularly to a kind of processing sides based on data packet in virtual double layer network
Method and device.
Background technique
Fig. 1 is the network architecture schematic diagram of virtual data center in the prior art.As shown in Figure 1, virtual data center
The network architecture includes core layer switch 1, access-layer switch 2 and physical host 3, wherein physical host 3 includes virtual switch
Machine 4 and fictitious host computer 5.It should be noted that physical host 3 can be indicated with H1, H2, H3 and H4 etc. in Fig. 1, it is virtual main
Machine can be indicated with vm1-vm12 etc., wherein vm1, vm2, vm7, vm8 belong to tenant 1, and vm3, vm6, vm9, vm12 belong to rent
Family 2, vm4, vm5, vm10, vm11 belong to tenant 3.In existing network virtualization technology, need to solve to be isolated and reduce two
The list item number both of these problems of the forwarding table of layer network interchanger.
In order to solve above-mentioned two problems, there is virtual extended local area network (Virtual eXtensible Local
Area Network, abbreviation VXLAN) technology, VXLAN is a kind of technology for being packaged two layer message with three layer protocols,
VXLAN technology carries out MAC-in-UDP encapsulation by the Ethernet data that the source virtual machine to tenant issues, and increases one
The additional head VXLAN, contains the virtual process identifications of a 24bit, can support 224=16777216 virtual nets
Network.Table 1 is the message format of VXLAN.
The message format of 1 VXLAN of table
As shown in Figure 1, it is assumed that the VXLAN ID of tenant is that the vm1 of the tenant 1 on 10, H1 wants with the tenant's 1 on H3
Vm8 communication, when the message that fictitious host computer 5 is sent reaches virtual switch 4, original message is encapsulated as by virtual switch 5
UDP message, is specifically encapsulated as, and outer media access control head (Outer Medium/Media is added in original message
Access Control Header, abbreviation Outer MAC Header), outer layer Internet protocol head (Outer Internet
Protocol Header, abbreviation Outer IP Header), outer users datagram protocol head (Outer User Datagram
Protocol Header, abbreviation Outer UDP Header), VXLAN (VXLAN Header), source IP address is the IP of H1
Address, destination address are the IP address of H3, and VXLAN ID is set as 10 in VXLAN Header.It is virtual on H1 after the completion of encapsulation
Interchanger issues encapsulated message, and the virtual switch on H3 decapsulates after receiving the encapsulated message, by Outer MAC
Header, Outer IP Header, Outer UDP Header, VXLAN Header removing, then according to VXLAN ID and
Original message is sent purpose fictitious host computer i.e. vm8 by the target MAC (Media Access Control) address of Original L2 Frame.VXLAN technology
In, the two layer message that fictitious host computer is sent has been encapsulated in UDP message when reaching virtual switch, therefore double layer network exchanges
Machine perceives the MAC Address less than fictitious host computer, need to only meet the communication between physical host and physical host.Using
VXLAN technology both ensure that the isolation between variant virtual network, and the capacity of the forwarding table of double layer network interchanger is needed
It asks and does not also increase.
But VXLAN technology has used the additional head VXLAN of up to 50 bytes, so that network bandwidth expense is big,
The communication efficiency of network reduces.
Summary of the invention
The embodiment of the present invention provides a kind of processing method, device and system based on data packet in virtual double layer network, has
Effect reduces network bandwidth expense, improves the communication efficiency of network.
First aspect of the embodiment of the present invention provides a kind of processing method based on data packet in virtual double layer network, comprising:
Ingress edge interchanger receives the first data packet that source server is sent;Wherein, first data packet is described
First virtual network local identities LTID is inserted into the data packet obtained after raw data packets, and first data by source server
Packet includes the medium access control MAC Address of the first LTID and purpose virtual machine;Wherein, the first LTID is virtual net
Network in the source server on LTID;
The ingress edge interchanger is according to the port-mark, the first LTID and the purpose virtual machine of first port
MAC Address, packaging information mapping table is searched, wherein the first port is that the ingress edge interchanger receives described first
The port of data packet;
If the ingress edge interchanger does not get the end with the first port from the packaging information mapping table
The corresponding mapping item of MAC Address of mouth mark, the first LTID and the purpose virtual machine, then send described first to controller
The MAC Address of the port-mark of port, the first LTID and the purpose virtual machine, so that the controller is according to described
The MAC Address of the port-mark of Single port, the first LTID and the purpose virtual machine obtains corresponding mapping item, and will be described
Mapping item returns to the ingress edge interchanger, wherein the mapping item includes the 2nd LTID, the 2nd LTID
For LTID of the virtual network on the destination server;
2nd LTID is replaced the first LTID in first data packet by the ingress edge interchanger, and according to institute
It states mapping item to be packaged replaced first data packet, to obtain the second data packet;
The ingress edge interchanger is sent to outlet edge interchanger corresponding with the MAC Address of the purpose virtual machine
Second data packet, so that second data packet is carried out parsing and will be described in after parsing by the outlet edge interchanger
Second data packet is sent to destination server.
With reference to first aspect, in the first possible implementation of first aspect, the ingress edge interchanger according to
The MAC Address of the port-mark of first port, the first LTID and the purpose virtual machine, after searching packaging information mapping table,
Further include:
If the ingress edge interchanger got from packaging information mapping table with the port-mark of the first port,
The corresponding mapping item of MAC Address of first LTID and the purpose virtual machine, then the ingress edge interchanger is reflected described
The 2nd LTID in firing table item replaces the first LITD in first data packet, and according to the mapping item to replaced
First data packet is packaged, to obtain the second data packet, wherein the 2nd LTID is the virtual network in the purpose
LTID on server.
With reference to first aspect or the first possible implementation of first aspect, it can be able to achieve for second in first aspect
In mode, the mapping item further includes the MAC Address of outlet edge interchanger and the port-mark of second port;
It is then described that replaced first data packet is packaged according to the mapping item, to obtain the second data packet,
It specifically includes:
It is exchanged according to the MAC Address of the outlet edge interchanger and the port-mark and ingress edge of second port
The MAC Address of machine adds a header for replaced first data packet, to obtain the second data packet;Wherein, institute
The destination address for stating the outlet edge interchanger in header is the target MAC (Media Access Control) address, described of first data packet
The MAC Address of ingress edge interchanger is the source MAC of first data packet, sets in the virtual LAN VLAN field
The port-mark of the second port is set, the second port is the outlet edge interchanger of destination server access
Port.
The possible implementation of second with reference to first aspect, in the third possible implementation of first aspect, institute
It states ingress edge interchanger and sends second number to outlet edge interchanger corresponding with the MAC Address of the purpose virtual machine
According to packet, so that second data packet is carried out parsing and by second data packet after parsing by the outlet edge interchanger
It is sent to destination server, is specifically included:
Ingress edge switch query local forwarding table, determines third port, and by the third port to institute
It states outlet edge interchanger and sends second data packet, so that the outlet edge interchanger is by the second data packet solution
Analysis analytically obtains the second port of the VLAN field, and second data packet is passed through described second in result
Port is sent to the destination server.
Second aspect of the embodiment of the present invention provides a kind of processing method based on data packet in virtual double layer network, the side
Method includes:
Source server inquires local mapping table according to the port-mark of first port, and virtual network of winning the first place locally is marked
Know LTID;Wherein, the first LTID is LTID of the virtual network on source server, and the first port is source virtual switch
Machine receives the port for the raw data packets that source virtual machine is sent;
First LTID is inserted into the raw data packets by the source server, with the first data packet of acquisition;
First data packet is sent to ingress edge interchanger by the source server.
The third aspect of the embodiment of the present invention provides a kind of virtual double layer network data processing method, which comprises
Controller receives the port-mark for the first port that ingress edge interchanger is sent, the first virtual network local identities
The medium access control MAC Address of LTID and purpose virtual machine;Wherein, the first LTID is virtual network in source server
On LTID, the first port be the ingress edge interchanger receive the first data packet port;
The controller is according to the port-mark of the first port and the first LTID and the purpose virtual machine
MAC Address obtain corresponding mapping item;
The mapping item is sent to the ingress edge interchanger by the controller, so that the ingress edge exchanges
The 2nd LTID in the mapping item is replaced the first LITD in first data packet by machine, and according to the mapping
List item is packaged replaced first data packet, to obtain the second data packet;Wherein, the 2nd LTID is virtual network
LTID on destination server.
In conjunction with the third aspect, in the first possible implementation of the third aspect, the controller is according to described first
The MAC Address of the port-mark of port, the first LTID and the purpose virtual machine obtains corresponding mapping item, specific to wrap
It includes:
The controller obtains the mark of the source server according to the port-mark of the first port;
The controller obtains the virtual network overall situation mark according to the mark of the source server and the first LTID
Know GTID;
The controller obtains the 2nd LTID according to the MAC Address of the GTID and the purpose virtual machine;
The controller obtains the MAC Address and second port of the outlet edge interchanger according to the 2nd LTID
Port-mark;Wherein, the second port is the port of the outlet edge interchanger of purpose server access;
The controller is according to the 2nd LTID, the MAC Address of the outlet edge interchanger and the second port
Port-mark generate the mapping item.
Fourth aspect of the embodiment of the present invention provides a kind of processing unit based on data packet in virtual double layer network, comprising:
Transceiver module, for receiving the first data packet of source server transmission;Wherein, first data packet is the source
First virtual network local identities LTID is inserted into the data packet obtained after raw data packets, and first data packet by server
Medium access control MAC Address including purpose virtual machine;Wherein, the first LTID is virtual network in the source server
On LTID;
Enquiry module, for according to port-mark, the first LTID and the purpose virtual machine for receiving first port
MAC Address, search packaging information mapping table, wherein the first port is that the ingress edge interchanger receives described the
The port of one data packet;
The transceiver module, if be also used to the enquiry module do not got from the packaging information mapping table with it is described
The corresponding mapping item of MAC Address of the port-mark of first port, the first LTID and the purpose virtual machine, then to control
Device processed sends the MAC Address of the port-mark of the first port, the first LTID and the purpose virtual machine, so that
The controller is obtained according to the MAC Address of the port-mark of the first port, the first LTID and the purpose virtual machine
Corresponding mapping item is taken, and the mapping item is returned into the ingress edge interchanger, wherein the mapping item packet
The 2nd LTID is included, the 2nd LTID is LTID of the virtual network on the destination server;
Processing module, for the 2nd LTID to be replaced the first LITD described in first data packet, and according to
The mapping item is packaged replaced first data packet, to obtain the second data packet;
The transceiver module is also used to send out to outlet edge interchanger corresponding with the MAC Address of the purpose virtual machine
Second data packet is sent, so that second data packet is carried out parsing and by the institute after parsing by the outlet edge interchanger
It states the second data packet and is sent to destination server.
In conjunction with fourth aspect, in the first possible implementation of fourth aspect, the processing module, if being also used to institute
Enquiry module is stated to get from packaging information mapping table and the port-mark of the first port, the first LTID and described
The corresponding mapping item of the MAC Address of purpose virtual machine, then by the 2nd LTID replacement first number in the mapping item
Replaced first data packet is packaged according to the first LITD in packet, and according to the mapping item, to obtain
Two data packets, wherein the 2nd LTID is LTID of the virtual network on the destination server.
In conjunction with the possible implementation of the first of fourth aspect or fourth aspect, can be able to achieve for second in fourth aspect
In mode, the mapping item further includes the MAC Address of outlet edge interchanger and the port-mark of second port;
The processing module, specifically for according to the MAC Address of the outlet edge interchanger and the port of second port
The MAC Address of mark and ingress edge interchanger adds a header for replaced first data packet, with
Obtain the second data packet;Wherein, the destination address of the outlet edge interchanger in the header is first number
According to target MAC (Media Access Control) address, the ingress edge interchanger in packet MAC Address be first data packet in source MAC,
The port-mark of the second port is set in the virtual LAN VLAN field, and the second port is the purpose service
The port of the outlet edge interchanger of device access.
In second of possible implementation in conjunction with fourth aspect, in the third possible implementation of fourth aspect,
The enquiry module is also used to inquire local forwarding table, determines third port;The transceiver module by the third port to
The outlet edge interchanger sends second data, so that the outlet edge interchanger is by the second data packet solution
Analysis analytically obtains the second port of the VLAN field, and second data packet is passed through described second in result
Port is sent to the destination server.
The 5th aspect of the embodiment of the present invention provides a kind of processing unit based on data packet in virtual double layer network, comprising:
Enquiry module is obtained with first virtually for inquiring local mapping table according to the port-mark of first port
Network local identities LTID;Wherein, the first LTID is LTID of the virtual network on source server, and the first port is
Source virtual switch receives the port for the raw data packets that source virtual machine is sent;
Processing module, for the first LTID to be inserted into the raw data packets, with the first data packet of acquisition;
Transceiver module, for first data packet to be sent to ingress edge interchanger.
The 6th aspect of the embodiment of the present invention provides a kind of processing unit based on data packet in virtual double layer network, comprising:
Transceiver module, the port-mark of the first port for taking in the transmission of mouth edge switch, the first virtual network office
The medium access control MAC Address of portion mark LTID and purpose virtual machine;Wherein, the first LTID is that virtual network takes in source
The LTID being engaged on device, the first port are the port that the ingress edge interchanger receives the first data packet;
Module is obtained, for empty according to the port-mark of the first port and the first LTID and the purpose
The MAC Address of quasi- machine obtains corresponding mapping item;
The transceiver module is also used to for the mapping item to be sent to the ingress edge interchanger so that it is described enter
The 2nd LTID in the mapping item is replaced the first LITD in first data packet by mouth edge switch, and according to institute
It states mapping item to be packaged replaced first data packet, to obtain the second data packet;Wherein, the 2nd LTID is void
Quasi- LTID of the network on destination server.
In conjunction with the 6th aspect, in the first possible implementation of the 6th aspect, the acquisition module is specifically used for root
The mark of the source server is obtained according to the port-mark of the first port;According to the mark of the source server and described
One LTID obtains the virtual network overall identification GTID;It is obtained according to the MAC Address of the GTID and the purpose virtual machine
2nd LTID;The MAC Address of the outlet edge interchanger and the port of second port are obtained according to the 2nd LTID
Mark;Wherein, the second port is the port of the outlet edge interchanger of purpose server access;According to described second
The port-mark of LTID, the MAC Address of the outlet edge interchanger and the second port generate the mapping item.
Processing method provided in this embodiment based on data packet in virtual double layer network, is connect by ingress edge interchanger
The first data packet is received, according to the port-mark of first port, the first LTID of the first data packet carrying and purpose virtual machine
MAC Address searches packaging information mapping table, if not getting corresponding mapping item from packaging information mapping table, to control
Device sends the MAC Address of the port-mark of first port, the first LTID and purpose virtual machine, corresponds to so that controller returns
Mapping item after, the 2nd LTID in mapping item is replaced into the first LITD in the first data packet, and according to mapping item pair
Replaced first data packet is packaged, and to obtain the second data packet, the second data packet is sent to and purpose virtual machine
The corresponding outlet edge interchanger of MAC Address is sent out so that outlet edge interchanger will connect after the second data packet carries out dissection process
Give destination server.In the present embodiment, entire virtual network information is safeguarded using controller, and ingress edge interchanger is according to connecing
The mapping item that the controller received is sent, is packaged the first data packet, is sent to outlet side after obtaining the second data packet
Edge interchanger effectively reduces network bandwidth expense, improves network since encapsulation process is only with the additional packet header of very little
Communication efficiency.
Detailed description of the invention
In order to illustrate the technical solution of the embodiments of the present invention more clearly, below will be in embodiment or description of the prior art
Required attached drawing is briefly described, it should be apparent that, the accompanying drawings in the following description is some implementations of the invention
Example, for those of ordinary skill in the art, without any creative labor, can also be according to these attached drawings
Obtain other attached drawings.
Fig. 1 is the network architecture schematic diagram of virtual data center in the prior art;
Fig. 2 be the embodiment of the present invention processing method based on data packet in virtual double layer network based on virtual network
Networking structure schematic diagram;
Fig. 3 is the processing method flow chart based on data packet in virtual double layer network that the embodiment of the present invention one provides;
Fig. 4 is the processing method flow chart provided by Embodiment 2 of the present invention based on data packet in virtual double layer network;
Fig. 5 is the processing method flow chart based on data packet in virtual double layer network that the embodiment of the present invention four provides;
Fig. 6 is the processing method flow chart based on data packet in virtual double layer network that the embodiment of the present invention five provides;
Fig. 7 is the processing method flow chart based on data packet in virtual double layer network that the embodiment of the present invention six provides;
Fig. 8 is the processing method flow chart based on data packet in virtual double layer network that the embodiment of the present invention seven provides;
Fig. 9 is the exemplary stream based on the processing method of data packet in virtual double layer network that the embodiment of the present invention eight provides
Cheng Tu;
Figure 10 is the processing unit based on data packet in virtual double layer network that the embodiment of the present invention nine provides;
Figure 11 is the structural schematic diagram for the ingress edge interchanger that the embodiment of the present invention 11 provides;
Figure 12 is the processing unit based on data packet in virtual double layer network that the embodiment of the present invention 12 provides;
Figure 13 is the structural schematic diagram for the source server that the embodiment of the present invention 13 provides;
Figure 14 is the processing unit based on data packet in virtual double layer network that the embodiment of the present invention 14 provides;
Figure 15 is the structural schematic diagram for the controller that the embodiment of the present invention 15 provides.
Specific embodiment
In order to make the object, technical scheme and advantages of the embodiment of the invention clearer, below in conjunction with the embodiment of the present invention
In attached drawing, technical scheme in the embodiment of the invention is clearly and completely described, it is clear that described embodiment is
A part of the embodiment of the present invention, instead of all the embodiments.Based on the embodiments of the present invention, those of ordinary skill in the art
Every other embodiment obtained without creative efforts, shall fall within the protection scope of the present invention.
Fig. 2 be the embodiment of the present invention processing method based on data packet in virtual double layer network based on virtual network
Networking structure schematic diagram.As shown in Fig. 2, including source server 11, ingress edge interchanger in the networking structure of the virtual network
12, controller 13,14, two layers of core network 15 of outlet edge interchanger and destination server 16, wherein source server includes source
Virtual machine 17 and source virtual switch 18, purpose virtual machine include purpose virtual machine 20 and purpose virtual switch 19.
Fig. 3 is the processing method flow chart based on data packet in virtual double layer network that the embodiment of the present invention one provides.Such as
Shown in Fig. 3, this method comprises the following steps.
Step 101, ingress edge interchanger receive the first data packet that source server is sent.
Wherein, the first data packet be source server by the first virtual network local identities (Local Tag ID, referred to as
LTID it) is inserted into the data packet obtained after raw data packets, and the first data packet includes the medium access control of purpose virtual machine
The address (Medium/Media Access Control, abbreviation MAC);First LTID is virtual network on source server
LTID。
In the present embodiment, source server includes source virtual switch and source virtual machine, the first LTID be source server according to
Source virtual switch receives the port for the raw data packets that source virtual machine is sent, and inquires what local mapping table obtained, also,
First LTID is actually LTID of the virtual network on some source virtual machine in source server, is wrapped in a source server
Multiple source virtual machines are included, the different source virtual machines in a source server may belong to the same virtual network, can also belong to
In different virtual networks, LTID of the virtual network on different sources is virtual is different.Specifically, source virtual machine sends original number
Source virtual switch is given according to packet, source virtual switch is identified according to first port inquires local mapping table, will acquire
First LTID corresponding with first port mark is inserted into raw data packets, to obtain the first data packet, wherein local mapping relations
The mapping relations between the port-mark of first port and the first LTID are stored in table.
Wherein, first port is the port that ingress edge interchanger receives the first data packet.
In the present embodiment, first port is the end that ingress edge interchanger receives the first data packet that source server is sent
Mouthful, it include MAC Address and the mapping of the port-mark, the first LTID and purpose virtual machine of first port in packaging information mapping table
Mapping relations and mapping item between list item, for example, obtaining the port of first port by inquiry packaging information mapping table
Mapping relations between mark, the first LTID and the MAC Address and mapping item of purpose virtual machine, are obtained further according to the mapping relations
Corresponding mapping item is taken, the MAC Address of LTID, purpose virtual machine that destination server is specifically included in the mapping item are corresponding
The MAC Address of outlet edge interchanger, destination server access outlet edge port-mark of interchanger etc..
It should be noted that in the present embodiment, the MAC of the source virtual machine of data packet can also be carried in the first data packet
Location.
It is marked if step 103, ingress edge interchanger are not got from packaging information mapping table with the port of first port
Know, the corresponding mapping item of MAC Address of the first LTID and purpose virtual machine, is then marked to the port that controller sends first port
Know, the MAC Address of the first LTID and purpose virtual machine, so that port-mark, first LTID of the controller according to first port
Corresponding mapping item is obtained with the MAC Address of purpose virtual machine, and mapping item is returned into ingress edge interchanger.
Wherein, mapping item includes the 2nd LTID, and the 2nd LTID is LTID of the virtual network on destination server.
In the present embodiment, ingress edge switch query local packaging information mapping table is not found and first end
Mouthful port-mark, the first LTID and purpose virtual machine the corresponding mapping item of MAC Address, then above- mentioned information are sent to control
Device processed, controller are found according to the MAC Address of the port-mark of the first port received, the first LTID and purpose virtual machine
The information of corresponding outlet edge interchanger and destination server generates mapping item, which is sent to ingress edge
Interchanger specifically includes the LTID of destination server, the MAC Address of outlet edge interchanger and purpose service in the mapping item
Device accesses the port-mark of the port of outlet edge interchanger.Wherein, controller is used to safeguard the whole network information of the virtual network,
Information including ingress edge interchanger, outlet edge interchanger, source server and destination server.
2nd LTID is replaced the first LITD in the first data packet by step 104, ingress edge interchanger, and according to mapping
List item is packaged replaced first data packet, to obtain the second data packet.
In the present embodiment, the specific method and format of encapsulation are not intended to limit, for example, can be in replaced first data
An additional Ethernet head is added in packet can also use by the Information encapsulation in mapping item to the Ethernet head
Other packaged types, the present invention in be not limited thereto.
It should be noted that in the present embodiment, destination server includes purpose virtual switch and purpose virtual machine,
Two LTID are actually LTID of the virtual network on the purpose virtual machine in destination server, the purpose virtual machine and source clothes
The source virtual machine that raw data packets are sent in business device belongs to the same virtual network, but the virtual network is in the purpose virtual machine
Upper LTID and LTID on source virtual machine be not identical.
It include one or more interchanger in two layers of core network, the second data packet is in two layers of core in the present embodiment
In network by repeatedly forwarding after reach outlet edge interchanger, the outlet edge interchanger be the second data packet in purpose
The corresponding outlet edge interchanger of the MAC Address of virtual machine, outlet edge interchanger parse the second data packet, obtain mesh
Server information, the second data packet is sent to destination server by such as the LTID of destination server.
Processing method provided in this embodiment based on data packet in virtual double layer network, is connect by ingress edge interchanger
The first data packet is received, according to the port-mark of first port, the first LTID of the first data packet carrying and purpose virtual machine
MAC Address searches packaging information mapping table, if not getting corresponding mapping item from packaging information mapping table, to control
Device processed sends the MAC Address of the port-mark of first port, the first LTID and purpose virtual machine, so that controller return pair
After the mapping item answered, the 2nd LTID in mapping item is replaced into the first LITD in the first data packet, and according to mapping item
Replaced first data packet is packaged, to obtain the second data packet, the second data packet is sent to and purpose virtual machine
The corresponding outlet edge interchanger of MAC Address so that outlet edge interchanger will connect the second data packet carry out dissection process after
It is sent to destination server.In the present embodiment, safeguard entire virtual network information using controller, ingress edge interchanger according to
The mapping item that the controller received is sent, is packaged the first data packet, is sent to outlet after obtaining the second data packet
Edge switch effectively reduces network bandwidth expense, improves net since encapsulation process is only with the additional packet header of very little
The communication efficiency of network.
Fig. 4 is the processing method flow chart provided by Embodiment 2 of the present invention based on data packet in virtual double layer network.Such as
Shown in Fig. 4, this method comprises the following steps.
Wherein, the first data packet is the data packet that source server will obtain after the first LTID insertion raw data packets, and the
One data packet includes the MAC Address of the first LTID and purpose virtual machine;First LTID is virtual network on source server
LTID。
Wherein, first port is the port that ingress edge interchanger receives the first data packet.
In the present embodiment, step 201 and step 202 are identical as step 101 in above-mentioned embodiment illustrated in fig. 3 and step 102,
Details are not described herein again.
If step 203, ingress edge interchanger got from packaging information mapping table with the port-mark of first port,
The corresponding mapping item of MAC Address of first LTID and purpose virtual machine, then ingress edge interchanger is by mapping item
Two LTID replace the first LTID in the first data packet, and are packaged according to mapping item to replaced first data packet,
To obtain the second data packet.
Wherein, the 2nd LTID is LTID of the virtual network on destination server.
In the present embodiment, unlike above-mentioned embodiment illustrated in fig. 3 one, ingress edge switch query is locally encapsulated
Information MAP table is got empty with the port-mark of first port, the first LTID and purpose in local packaging information mapping table
The corresponding mapping item of MAC Address of quasi- machine has existed in that is, local packaging information mapping table and the in the first data packet
The corresponding mapping item of MAC Address of the port-mark of Single port, the first LTID and purpose virtual machine, it is not necessary to be sent out again to controller
Send the MAC Address of the port-mark of first port, the first LTID and purpose virtual machine to obtain corresponding mapping item.
Step 204, ingress edge interchanger are sent to outlet edge interchanger corresponding with the MAC Address of purpose virtual machine
Second data packet, so that the second data packet parse and be sent to the second data packet after parsing by outlet edge interchanger
Destination server.
In the present embodiment, the step 105 in step 204 and above-mentioned embodiment illustrated in fig. 3 one is identical, and details are not described herein again.
Processing method provided in this embodiment based on data packet in virtual double layer network, is connect by ingress edge interchanger
The first data packet is received, according to the port-mark of first port, the first LTID of the first data packet carrying and purpose virtual machine
MAC Address searches packaging information mapping table, if ingress edge interchanger is got and first port from packaging information mapping table
The corresponding mapping item of MAC Address of port-mark, the first LTID and purpose virtual machine, then ingress edge interchanger is according to local
The 2nd LTID in mapping item is replaced the first LTID in the first data packet by the mapping item of acquisition, and according to mapping item
Replaced first data packet is packaged, to obtain the second data packet, and the second data packet is sent to virtual with purpose
The corresponding outlet edge interchanger of the MAC Address of machine, so that outlet edge interchanger will connect the second data packet and be parsed and be incited somebody to action
The second data packet after parsing is sent to destination server.Since ingress edge interchanger replaces the 2nd LTID in mapping item
The first LTID in the first data packet is changed, different virtual networks is isolated using LTID, and safeguard entire void using controller
The quasi- network information, such as mapping relations between the first LTID and the 2nd LTID, can support infinite number of virtual network, according to reflecting
Firing table item is packaged replaced first data packet and obtains the second data packet, reduces double layer network interchanger forwarding-table item
Number, and encapsulation process merely adds lesser additional heading, effectively reduces network bandwidth expense, improves network
Communication efficiency.
Further, on the basis of above-described embodiment one or embodiment two, the embodiment of the present invention three provide based on
In virtual double layer network in the processing method of data packet, mapping item further includes the MAC Address and second of outlet edge interchanger
The port-mark of port;Then replaced first data packet is packaged according to mapping item, to obtain the second data packet, tool
Body includes:
According to the port-mark and ingress edge interchanger of the MAC Address of outlet edge interchanger and second port
MAC Address adds a header for replaced first data packet, to obtain the second data packet;Wherein, in header
Outlet edge interchanger destination address be the target MAC (Media Access Control) address of the first data packet, ingress edge interchanger MAC Address be
Source MAC, virtual LAN (Virtual eXtensible Local Area Network, the abbreviation of first data packet
VLAN) port-mark of second port is set in field, second port is the outlet edge interchanger of purpose server access
Port.
In the present embodiment, marked according to the port of the MAC Address of the outlet edge interchanger in mapping item and second port
The MAC Address of knowledge and ingress edge interchanger constructs a new two layer message head, by first in the header
The target MAC (Media Access Control) address of data packet is set as the destination address of outlet edge interchanger, the source MAC of the first data packet is arranged
For ingress edge interchanger the address MAC and in virtual LAN VLAN field be arranged second port port-mark, will
The header is encapsulated in the header of the first data packet, to get the second data packet, so that double layer network interchanger sense
Know the MAC Address less than virtual machine, it is only necessary to by the MAC Address between ingress edge interchanger and outlet edge interchanger come
Data communication is carried out, to reduce the number of the forwarding-table item of interchanger in two layers of core network.
Fig. 5 is the processing method flow chart based on data packet in virtual double layer network that the embodiment of the present invention four provides.?
On the basis of above-described embodiment three, " ingress edge interchanger is to corresponding with the MAC Address of purpose virtual machine as shown in figure 5, step
Outlet edge interchanger send the second data packet so that outlet edge interchanger by the second data packet carry out parsing and will parsing
The second data packet afterwards is sent to destination server " specifically comprise the following steps:
In the present embodiment, corresponding outlet edge interchanger is determined according to the MAC Address of purpose virtual machine, it is local to forward
Table stores the corresponding relationship of the port-mark of outlet edge interchanger and third port, and third port is that ingress edge interchanger connects
Enter the port of next interchanger in two layers of core network.
In the present embodiment, the second data packet is sent to next in core network by ingress edge interchanger by third port
Second data packet is transmitted to outlet edge interchanger, exports side by a exchange by the forwarding of multiple switch in core network
Second resolve packet is removed the MAC header of outer layer by edge interchanger, gets the second port of VLAN field, i.e. purpose takes
The port of business device access outlet edge interchanger, is sent to destination server for the second data packet by the second port.
In the present embodiment, destination server includes purpose virtual switch and purpose virtual machine, and purpose virtual switch connects
After the data packet for receiving ingress edge transmission, which is parsed, the purpose in second data packet is obtained
The MAC Address of virtual machine inquires local forwarding table according to the MAC Address of purpose virtual machine, to obtain the MAC with purpose virtual machine
The port of the corresponding purpose virtual switch access purpose virtual machine in address, and the second data packet is sent to by mesh by the port
Virtual machine.
Fig. 6 is the processing method flow chart based on data packet in virtual double layer network that the embodiment of the present invention five provides.This
The executing subject of embodiment is source server, as shown in fig. 6, this approach includes the following steps.
Wherein, the first LTID is LTID of the virtual network on source server, and first port is the reception of source virtual switch
The port for the raw data packets that source virtual machine is sent.
The first LTID that step 402, source server will acquire is inserted into the raw data packets received, with the first of acquisition
Data packet.
In the present embodiment, source virtual switch inquires local mapping table, will acquire with first port mark pair
The first LTID insertion raw data packets answered, to obtain the first data packet, wherein store first end in local mapping table
Mapping relations between the port-mark and the first LTID of mouth.
First data packet is sent to ingress edge interchanger by step 403, source server.
The processing method based on data packet in virtual double layer network provided in the present embodiment, source server inquiry is local to reflect
Relation table is penetrated, to obtain first LTID corresponding with the port-mark of first port, the first LTID insertion that will acquire is received
First data packet with the first data packet of acquisition, and is sent to ingress edge interchanger, the present embodiment by the raw data packets arrived
In insert LTID in the packet, realize the isolation between different virtual networks using LTID, the tenant's of guarantee is logical
Letter safety.
Fig. 7 is the processing method flow chart based on data packet in virtual double layer network that the embodiment of the present invention six provides.This
The executing subject of embodiment is controller, as shown in fig. 7, this approach includes the following steps.
Wherein, the first LTID is LTID of the virtual network on source server, and first port is that ingress edge interchanger connects
Receive the port of the first data packet.
Mapping item is sent to ingress edge interchanger by step 503, controller, so that ingress edge interchanger will map
The 2nd LTID in list item replaces the first LTID in the first data packet, and according to mapping item to replaced first data packet
It is packaged, to obtain the second data packet.
Wherein, the 2nd LTID is LTID of the virtual network on destination server.
Processing method provided in this embodiment based on data packet in virtual double layer network, controller receive ingress edge and hand over
It changes planes the port-mark of first port of transmission, the address MAC of the first LTID and purpose virtual machine, according to the end of first port
The MAC Address of mouth mark, the first LTID and purpose virtual machine obtains corresponding mapping item, and mapping item is sent to entrance side
Edge interchanger, so that the 2nd LTID in mapping item is replaced the first LTID in the first data packet by ingress edge interchanger,
And replaced first data packet is packaged according to mapping item, to obtain the second data packet, is safeguarded and protected by controller
And the mapping relations that are formed when saving virtual network building, it can support infinite number of virtual network, realize different virtual
Isolation between network, so that ingress edge interchanger is packaged acquisition to replaced first data packet according to mapping item
Second data packet, reduces the number of double layer network interchanger forwarding-table item, and encapsulation process merely add it is lesser additional
Heading effectively reduces network bandwidth expense, improves the communication efficiency of network.
Fig. 8 is the processing method flow chart based on data packet in virtual double layer network that the embodiment of the present invention seven provides.This
The executing subject of embodiment is controller, as shown in figure 8, this approach includes the following steps.
Wherein, the first LTID is LTID of the virtual network on source server, and first port is that ingress edge interchanger connects
Receive the port of the first data packet.
Wherein, second port is the port numbers of the outlet edge interchanger of purpose server access.
Mapping item is sent to ingress edge interchanger by step 607, controller, so that ingress edge interchanger will map
The 2nd LTID in list item replaces the first LTID in the first data packet, and according to mapping item to replaced first data packet
It is packaged, to obtain the second data packet.
Processing method provided in this embodiment based on data packet in virtual double layer network, controller are handed over according to ingress edge
It changes planes the port-mark of first port of transmission, the address MAC of the first LTID and purpose virtual machine, obtains corresponding second
The port-mark of LTID, the MAC Address of outlet edge interchanger and second port generate mapping item, by the generation mapping item
It is sent to ingress edge interchanger, the mapping relations protected and saved and formed when virtual network building are safeguarded by controller, it can
It supports infinite number of virtual network, realizes the isolation between different virtual networks, so that ingress edge interchanger is according to reflecting
Firing table item is packaged replaced first data packet and obtains the second data packet, reduces double layer network interchanger forwarding-table item
Number, and encapsulation process merely adds lesser additional heading, effectively reduces network bandwidth expense, improves network
Communication efficiency.
Fig. 9 is the example letter based on the processing method of data packet in virtual double layer network that the embodiment of the present invention eight provides
Enable figure.This method is based on system architecture shown in Fig. 2, as shown in figure 9, this approach includes the following steps.
Step 701, source virtual machine send raw data packets to source virtual switch.
Step 702, source virtual switch receive the raw data packets of source virtual machine transmission, according to the entrance of raw data packets
The port-mark SRC_VIRTUAL_SWITCH_PORT of port inquires the affiliated virtual network of the source virtual machine in source physical host
On localized network identify SRC_LTID, and be inserted into SRC_LTID in raw data packets, obtain the first data packet.
In the present embodiment, SRC_VIRTUAL_SWITCH_PORT is incoming end of the source virtual machine on the virtual switch of source
The port-mark of mouth, SRC_LTID are localized network mark of the virtual network on the physical host of source, are protected in the virtual switch of source
Deposit the localized network of the port-mark and virtual network of the port of source virtual switch access source virtual machine on the physical host of source
The mapping relations of mark are (SRC_VIRTUAL_SWITCH_PORT:SRC_LTID).It, can be with multiplexing number when being inserted into SRC_LTID
According to the VLAN id field in packet, it is also inserted into the other positions of data packet.
First data are forwarded a packet to ingress edge interchanger by step 703, source virtual switch.
Step 704, ingress edge interchanger receive the first data packet of source virtual switch transmission, according to the first data
(SRC_MAC, DST_MAC, the SRC_LTID) of packet inquires packaging information mapping table in a storage module, has checked whether matched
Mapping item.
In the present embodiment, SRC_MAC is the MAC Address for issuing the source virtual machine of data packet, virtual for the purpose of DST_MAC
The MAC Address of machine.Packaging information mapping table can also be inquired according to (SRC_PORT, DST_MAC, SRC_LTID), wherein
SRC_PORT is port-mark of the physical host where source virtual machine in the access interface of ingress edge interchanger, at this point, entrance
Corresponding mapping item includes (SRC_PORT, DST_MAC, SRC_LTID, DST_SW_MAC, DST_ in edge switch
LTID, DST_PORT), wherein the MAC for the edge switch that DST_SW_MAC physical host where purpose virtual machine connects
Address, DST_LTID are localized network mark of the virtual network in purpose physical host, wherein virtual for the purpose of DST_PORT
Incoming end slogan of the physical host in outlet edge interchanger where machine.Alternatively, being inquired according to (DST_MAC, SRC_LTID)
Packaging information mapping table, at this point, corresponding mapping item includes (DST_MAC, SRC_LTID, DST_ in ingress edge interchanger
SW_MAC, DST_LTID, DST_PORT), other mapping items can also be set, be not limited thereto in the present invention.
If step 705, ingress edge interchanger do not inquire matched entry, by the information of data packet, including
(SRC_MAC, DST_MAC, SRC_LTID, SRC_SW_MAC, SRC_PORT) is sent to controller, requests mapping item.
Step 706, controller receive the request mapping item message that ingress edge interchanger is sent, and are mapped according to request
Packet information in list item message, the mapping item of match query.
In the present embodiment, packet information includes (SRC_MAC, DST_MAC, SRC_LTID, SRC_SW_MAC, SRC_
PORT), mapping item includes (SRC_MAC, DST_MAC, SRC_LTID, DST_SW_MAC, DST_LTID, DST_PORT).
In order to complete above-mentioned inquiry, controller will at least save following four groups of mapping relations, as shown in table 2:
1) mapping relations between (SID, LTID) and GTID, it is corresponding according to the MAC Address of virtual machine and LTID identification
The GTID of virtual network, wherein SID is the mark of server, and LTID is virtual network local identities, and GTID is that virtual network is complete
Office's mark.
2) mapping relations between (GTID, VMAC) and (SID, LTID), wherein VMAC is the MAC Address of virtual machine.
Based on the MAC Address VMAC of a virtual machine in the GTID of virtual network and the virtual network, it can identify that this is virtual
Machine is placed on which platform physical server and the corresponding LTID on that server of the virtual network belonging to it.
3) mapping relations between SID and (SW_MAC, PORT), SW_MAC indicate the edge exchange of physical host access
Machine MAC Address, PORT indicate the port numbers of the edge switch of physical host access.
4) mapping relations between (SW_MAC, PORT) and SID.
Mapping relations between 2 packet information of table and mapping item
In the present embodiment, SRC_SW_ID is the ID of ingress edge interchanger in the controller, and controller can also be with cloud pipe
System synergistic working is managed, cloud management system can guarantee that the MAC Address of all virtual machines is different from, therefore can directly establish
<VMAC, SID>between mapping relations, in this case, controller will at least save following two groups of mapping relations:
1) mapping between VMAC and (SID, LTID) can identify this void based on the MAC Address of a virtual machine
Quasi- machine is placed on which platform physical server and the corresponding LTID on that server of the virtual network belonging to it.
2) mapping between SID and (SW_MAC, PORT), SW_MAC indicate the edge switch of physical host access
MAC Address, PORT indicate the port numbers of the edge switch of physical host access.
Mapping item is sent to ingress edge interchanger by step 707, controller.
Step 708, ingress edge interchanger receive the mapping item that controller issues, and according to the mapping item pair issued
Data carry out the encapsulation of Mac-in-Mac, obtain the second data packet.
In the present embodiment, encapsulation process is specifically divided into following two step:
A) value of the LTID of the first data packet is changed to DST_LTID;
B) two layers of packet header are added in the outer layer of the first data packet.
In the present embodiment, it is SRC_SW_MAC that source MAC is specifically arranged in two layers of packet header, and target MAC (Media Access Control) address is
The value of DST_SW_MAC, VLAN ID are the access interface of DST_PORT and purpose physical host on outlet edge interchanger
Number.
Step 709, ingress edge interchanger send the second data packet according to local forwarding table.
After step 710, outlet edge interchanger receive the second data packet, the second data packet is decapsulated, is removed
Two layers of packet header of outside, and by the second data packet after decapsulation from the port that the domain VLAN ID in outer layer packet header indicates
It forwards.
Step 711, purpose virtual switch receive after decapsulation after the second data packet, according to after decapsulation second
LTID and DST_MAC in data packet inquire forwarding table, the port-mark DST_VIRTUAL_SWITCH_ obtained according to inquiry
Second data packet after decapsulation is transmitted to purpose virtual machine by PORT.
Wherein, that forwarding table storage is the mapping relations of (LITD, DST_MAC) to port numbers, DST_VIRTUAL_
SWITCH_PORT is incoming end slogan of the purpose virtual machine on purpose virtual machine interchanger
Processing method provided in this embodiment based on data packet in virtual double layer network, is connect by ingress edge interchanger
The first data packet is received, according to the port-mark of first port, the MAC Address of the first LTID and purpose virtual machine, searches encapsulation letter
Mapping table is ceased, if corresponding mapping item has not been obtained, by the port-mark of first port, the first LTID and purpose virtual machine
MAC Address be sent to controller, so as to which the 2nd LTID in mapping item is replaced after controller returns to corresponding mapping item
The first LTID in the first data packet is changed, and replaced first data packet is packaged according to mapping item, to obtain second
Second data packet is sent to outlet edge interchanger corresponding with the MAC Address of purpose virtual machine by data packet, so that outlet side
Edge interchanger will connect the second data packet and parse, and the first data packet after parsing is sent to destination server.Due to entering
The 2nd LTID in mapping item is replaced the first LTID in the first data packet by mouth edge switch, uses LTID to be isolated different
Virtual network, and safeguard entire virtual network information using controller, such as the mapping between the first LTID and the 2nd LTID
Relationship can support infinite number of virtual network, be packaged acquisition to replaced first data packet according to mapping item
Two data packets reduce the number of double layer network interchanger forwarding-table item, and encapsulation process merely adds lesser additional report
Literary head effectively reduces network bandwidth expense, improves the communication efficiency of network.
Figure 10 is the processing unit based on data packet in virtual double layer network that the embodiment of the present invention nine provides.Such as Figure 10 institute
Show, which includes transceiver module 21, enquiry module 22 and processing module 23.
Transceiver module 21 is used to receive the first data packet of source server transmission;Wherein, the first data packet is source server
First LTID is inserted into the data packet obtained after raw data packets, and the first data packet includes the first LTID and purpose virtual machine
Medium access control MAC Address;Wherein, the first LTID is LTID of the virtual network on the source server.
Enquiry module 22 is with being used for the MAC according to the port-mark of reception first port, the first LTID and purpose virtual machine
Search packaging information mapping table in location, wherein first port is the port that ingress edge interchanger receives the first data packet.
If transceiver module 21 is also used to enquiry module 22 and does not get from the packaging information mapping table and first port
Port-mark, the first LTID and purpose virtual machine the corresponding mapping item of MAC Address, then to controller send first port
Port-mark, the first LTID and purpose virtual machine MAC Address so that controller according to the port-mark of first port,
The MAC Address of first LTID and purpose virtual machine obtains corresponding mapping item, and mapping item is returned to ingress edge and is handed over
It changes planes, wherein mapping item includes the 2nd LTID, and the 2nd LTID is LTID of the virtual network on destination server.
Processing module 23 is used to the 2nd LTID replacing the first LTID in the first data packet, and according to mapping item to replacement
The first data packet afterwards is packaged, to obtain the second data packet.
Transceiver module 21 is also used to send the second number to outlet edge interchanger corresponding with the MAC Address of purpose virtual machine
According to packet, so that the second data packet parse and the second data packet after parsing is sent to purpose service by outlet edge interchanger
Device.
The device of the present embodiment can be used for executing the technical solution of embodiment of the method shown in Fig. 3, realization principle and skill
Art effect is similar, and details are not described herein again.
Further, on the basis of above-described embodiment nine, the embodiment of the present invention ten provide based on virtual double layer network
In the processing unit of middle data packet,
It is got from packaging information mapping table and the port of first port mark if processing module 23 is also used to enquiry module
Know, the corresponding mapping item of MAC Address of the first LTID and purpose virtual machine will reflect then according to the mapping item locally obtained
The 2nd LTID in firing table item replaces the first LTID in the first data packet, and according to mapping item to replaced first number
It is packaged according to packet, to obtain the second data packet, wherein the 2nd LTID is LTID of the virtual network on destination server.
The device of the present embodiment can be used for executing the technical solution of embodiment of the method shown in Fig. 4, realization principle and skill
Art effect is similar, and details are not described herein again.
Closer, on the basis of above-described embodiment nine or embodiment ten, mapping item further includes outlet edge
The MAC Address of interchanger and the port-mark of second port;
Processing module 23 is specifically used for according to the MAC Address of outlet edge interchanger and the port-mark of second port, with
And the MAC Address of ingress edge interchanger, a header is added for replaced first data packet, to obtain the second data
Packet;Wherein, the destination address of the outlet edge interchanger in header is target MAC (Media Access Control) address, the entrance in the first data packet
The MAC Address of edge switch is source MAC in the first data packet, second port is arranged in virtual LAN VLAN field
Port-mark, second port be purpose server access outlet edge interchanger port.
In the present embodiment, processing module 23 is according to the MAC Address and second end of the outlet edge interchanger in mapping item
The port-mark of mouth and the MAC Address of ingress edge interchanger, construct a header, by the purpose of the first data packet
MAC Address is set as the destination address of outlet edge interchanger, the source MAC of the first data packet is set as ingress edge exchange
The MAC Address of machine, the port-mark that second port is set in virtual LAN VLAN field, and the header is encapsulated into
The header of first data packet, to obtain the second data packet, so that MAC of the double layer network interchanger perception less than virtual machine
Address, it is only necessary to data communication is carried out by the MAC Address between ingress edge interchanger and outlet edge interchanger,
To reduce the number of the forwarding-table item of interchanger in two layers of core network.
Still further, in above-described embodiment on the basis of above-described embodiment nine or embodiment ten,
Enquiry module 22 is also used to inquire local forwarding table, determines third port;
Transceiver module 21 is used to send the second data packet to outlet edge interchanger by the third port, so that outlet side
Second resolve packet is analytically obtained the second port of VLAN field by edge interchanger in result, and the second data packet is led to
It crosses second port and is sent to destination server.
The device of the present embodiment can be used for executing the technical solution of embodiment of the method shown in Fig. 5, realization principle and skill
Art effect is similar, and details are not described herein again.
Figure 11 is the structural schematic diagram for the ingress edge interchanger that the embodiment of the present invention 11 provides.As shown in figure 11, should
Ingress edge interchanger includes transmitter 31, receiver 32, processor 33.Wherein, receiver 32 is for receiving source server hair
The first data packet sent;Wherein, the first virtual network local identities LTID is inserted into original number for source server by the first data packet
According to the data packet obtained after packet, and the first data packet includes the medium access control MAC Address of the first LTID and purpose virtual machine;
Wherein, the first LTID is LTID of the virtual network on source server.
If transmitter 31 for processor 33 do not got from packaging information mapping table with the port-mark of first port,
The corresponding mapping item of MAC Address of first LTID and purpose virtual machine, then to controller send first port port-mark,
The MAC Address of first LTID and purpose virtual machine, so that port-mark, first LTID and mesh of the controller according to first port
The MAC Address of virtual machine obtain corresponding mapping item, and mapping item is returned into ingress edge interchanger, wherein reflect
Firing table item includes the 2nd LTID, and the 2nd LTID is LTID of the virtual network on destination server.
Further, in the present embodiment, if processor 33 is also used to get from packaging information mapping table and first
The corresponding mapping item of MAC Address of the port-mark of port, the first LTID and purpose virtual machine, then by mapping item
Two LTID replace the first LTID in the first data packet, and are packaged according to mapping item to replaced first data packet,
To obtain the second data packet, wherein the 2nd LTID is LTID of the virtual network on destination server.
Closer, mapping item further includes the MAC Address of outlet edge interchanger and the port-mark of second port;
Then processor 33 is specifically used for according to the MAC Address of outlet edge interchanger and the port-mark of second port and entrance side
The MAC Address of edge interchanger adds a header for replaced first data packet, to obtain the second data packet;Wherein,
The destination address of outlet edge interchanger in header is that target MAC (Media Access Control) address, the ingress edge in the first data packet exchange
The address MAC of machine is source MAC in the first data packet, the port that second port is arranged in virtual LAN VLAN field
Mark, second port are the port of the outlet edge interchanger of purpose server access.Processor 33 is also used to inquire local turn
It delivers, determines third port;Transmitter 31 sends the second data packet to outlet edge interchanger by third port, so that outlet
Second resolve packet is analytically obtained the second port of VLAN field by edge switch in result, and by the second data packet
Destination server is sent to by second port.
Optionally, in the present embodiment, ingress edge interchanger can also include memory (not shown), for depositing
Store up packaging information mapping table and local forwarding table.
The ingress edge interchanger of the present embodiment, can be used for executing the skill of embodiment one to example IV any embodiment
Art scheme, it is similar that the realization principle and technical effect are similar, and details are not described herein again.
Figure 12 is the processing unit based on data packet in virtual double layer network that the embodiment of the present invention 12 provides.Such as Figure 12
Shown, which includes enquiry module 41, processing module 42 and transceiver module 43.Wherein, enquiry module 41 is used for according to first
The port-mark of port inquires local mapping table, obtains the first LTID;Wherein, the first LTID is that virtual network services in source
LTID on device, first port are the port that source virtual switch receives the raw data packets that source virtual machine is sent.Processing module
42 for being inserted into raw data packets for the first LTID, with the first data packet of acquisition.Transceiver module 43 is used for the first data packet
It is sent to ingress edge interchanger.
The device of the present embodiment can be used for executing the technical solution of embodiment of the method shown in Fig. 6, realization principle and skill
Art effect is similar, and details are not described herein again.
Figure 13 is the structural schematic diagram for the source server that the embodiment of the present invention 13 provides.As shown in figure 13, source server
Including processor 45 and transmitter 46.Wherein, processor 45 is used to inquire local mapping according to the port-mark of first port and close
It is table, the first LTID is obtained, and the first LTID is inserted into raw data packets, with the first data packet of acquisition;Wherein, the first LTID
The LTID for being virtual network on source server, first port are the original number that source virtual switch receives that source virtual machine is sent
According to the port of packet.Transmitter 46 is used to the first data packet being sent to ingress edge interchanger.
The source server of the present embodiment can be used for executing the technical solution of embodiment of the method shown in Fig. 6, realization principle
Similar with technical effect, details are not described herein again.
Figure 14 is the processing unit based on data packet in virtual double layer network that the embodiment of the present invention 14 provides.Such as Figure 14
Shown, which includes transceiver module 51 and acquisition module 52.Wherein, transceiver module 51 is for taking in mouth edge switch hair
The medium access control MAC Address of the port-mark for the first port sent, the first LTID and purpose virtual machine;Wherein, first end
Mouth is the port that ingress edge interchanger receives the first data packet.Obtain module 52 be used for according to the port-mark of first port,
The MAC Address of first LTID and purpose virtual machine obtains corresponding mapping item.Transceiver module 51 is also used to send out mapping item
Ingress edge interchanger is given, so that ingress edge interchanger replaces the 2nd LTID in mapping item in the first data packet
The first LTID, and replaced first data packet is packaged according to mapping item, to obtain the second data packet.
Further, in the present embodiment, the acquisition module 52 is specifically used for being obtained according to the port-mark of first port
Take the mark of source server;Virtual network overall identification GTID is obtained according to the mark of source server and the first LTID;According to
The MAC Address of GTID and purpose virtual machine obtains the 2nd LTID;The MAC Address of outlet edge interchanger is obtained according to the 2nd LTID
With the port-mark of second port;Wherein, second port is the port of the outlet edge interchanger of purpose server access;According to
The port-mark of 2nd LTID, the MAC Address of outlet edge interchanger and second port generate mapping item.
The device of the present embodiment can be used for executing the technical solution of embodiment of the method shown in Fig. 7 or Fig. 8, realize former
Reason is similar with technical effect, and details are not described herein again.
Figure 15 is the structural schematic diagram for the controller that the embodiment of the present invention 15 provides.As shown in figure 15, the controller packet
Include transmitter 53, receiver 54 and processor 55.Wherein, receiver 54 is used to take in the first port of mouth edge switch transmission
Port-mark, the first LTID and purpose virtual machine medium access control MAC Address;Wherein, first port is ingress edge
Interchanger receives the port of the first data packet.Processor 55 is used for the port-mark according to first port, first and purpose is virtual
The address MAC of machine obtains corresponding mapping item.Transmitter 53 is used to mapping item being sent to ingress edge interchanger, with
Make ingress edge interchanger that the 2nd LTID in mapping item to be replaced to the first LTID in the first data packet, and according to mapping
List item is packaged replaced first data packet, to obtain the second data packet.
Further, in the present embodiment, processor 55 is specifically used for obtaining source clothes according to the port-mark of first port
The mark of business device;Virtual network overall identification GTID is obtained according to the mark of source server and the first LITD;According to GTID and mesh
Virtual machine MAC Address obtain the 2nd LTID;The MAC Address and second end of outlet edge interchanger are obtained according to the 2nd LTID
The port-mark of mouth;Wherein, second port is the port of the outlet edge interchanger of purpose server access;According to second
The port-mark of LTID, the MAC Address of outlet edge interchanger and second port generate mapping item.
The device of the present embodiment can be used for executing the technical solution of embodiment of the method shown in Fig. 7 or Fig. 8, realize former
Reason is similar with technical effect, and details are not described herein again.
Those of ordinary skill in the art will appreciate that: realize that all or part of the steps of above-mentioned each method embodiment can lead to
The relevant hardware of program instruction is crossed to complete.Program above-mentioned can be stored in a computer readable storage medium.The journey
When being executed, execution includes the steps that above-mentioned each method embodiment to sequence;And storage medium above-mentioned includes: read-only memory
(Read-Only Memory, abbreviation ROM), random access memory (random access memory, abbreviation RAM), magnetic disk
Or the various media that can store program code such as CD.
Finally, it should be noted that the above embodiments are only used to illustrate the technical solution of the present invention., rather than its limitations;To the greatest extent
Pipe present invention has been described in detail with reference to the aforementioned embodiments, those skilled in the art should understand that: its according to
So be possible to modify the technical solutions described in the foregoing embodiments, or to some or all of the technical features into
Row equivalent replacement;And these are modified or replaceed, various embodiments of the present invention technology that it does not separate the essence of the corresponding technical solution
The range of scheme.
Claims (12)
1. a kind of processing method based on data packet in virtual double layer network characterized by comprising
Ingress edge interchanger receives the first data packet that source server is sent;Wherein, first data packet is source clothes
First virtual network local identities LTID is inserted into the data packet obtained after raw data packets, and the first data packet packet by business device
Include the medium access control MAC Address of purpose virtual machine;Wherein, the first LTID is virtual network in the source server
On LTID;
The ingress edge interchanger is according to the port-mark of first port, the first LTID and the purpose virtual machine
MAC Address searches packaging information mapping table, wherein the first port is that the ingress edge interchanger receives described first
The port of data packet;
It is marked if the ingress edge interchanger is not got from the packaging information mapping table with the port of the first port
Know, the corresponding mapping item of MAC Address of the first LTID and the purpose virtual machine, then sends the first port to controller
Port-mark, the first LTID and the purpose virtual machine MAC Address so that the controller is according to the first port
Port-mark, the first LTID and the purpose virtual machine MAC Address obtain corresponding mapping item, and by the mapping table
Item returns to the ingress edge interchanger, wherein the mapping item includes the 2nd LTID, and the 2nd LTID is the void
Quasi- LTID of the network on destination server;
2nd LTID is replaced the first LTID in first data packet by the ingress edge interchanger, and according to described
Mapping item is packaged replaced first data packet, to obtain the second data packet;
The ingress edge interchanger is to described in outlet edge interchanger corresponding with the MAC Address of purpose virtual machine transmission
Second data packet, so that second data packet is carried out parsing and by described second after parsing by the outlet edge interchanger
Data packet is sent to the destination server.
2. the method according to claim 1, wherein port of the ingress edge interchanger according to first port
It identifies, the MAC Address of the first LTID and the purpose virtual machine, after lookup packaging information mapping table, further includes:
If the ingress edge interchanger is got and the port-mark of the first port, first from packaging information mapping table
The corresponding mapping item of MAC Address of LTID and the purpose virtual machine, then the ingress edge interchanger is by the mapping table
The 2nd LTID in replaces the first LITD in first data packet, and according to the mapping item to replaced first
Data packet is packaged, to obtain the second data packet, wherein the 2nd LTID is the virtual network in the purpose service
LTID on device.
3. method according to claim 1 or 2, which is characterized in that the mapping item further includes outlet edge interchanger
MAC Address and second port port-mark;
It is described that replaced first data packet is packaged according to the mapping item, it is specific to wrap to obtain the second data packet
It includes:
According to the port-mark and ingress edge interchanger of the MAC Address of the outlet edge interchanger and second port
MAC Address adds a header for replaced first data packet, to obtain the second data packet;Wherein, the report
The destination address of the outlet edge interchanger in literary head is target MAC (Media Access Control) address, the entrance of first data packet
The MAC Address of edge switch is the source MAC of first data packet, institute is arranged in the virtual LAN VLAN field
The port-mark of second port is stated, the second port is the end of the outlet edge interchanger of destination server access
Mouthful.
4. according to the method described in claim 3, it is characterized in that, the ingress edge interchanger to the purpose virtual machine
The corresponding outlet edge interchanger of MAC Address send second data packet so that the outlet edge interchanger will be described
Second data packet parse and second data packet after parsing is sent to destination server, specifically includes:
Ingress edge switch query local forwarding table, determines third port, and by the third port to it is described go out
Mouthful edge switch sends second data packet, so that the outlet edge interchanger is by second resolve packet, from
The second port of the VLAN field is obtained in parsing result, and second data packet is sent out by the second port
Give the destination server.
5. a kind of virtual double layer network data processing method characterized by comprising
Controller receives port-mark, the first virtual network local identities LTID for the first port that ingress edge interchanger is sent
With the medium access control MAC Address of purpose virtual machine;Wherein, the first LTID is virtual network on source server
LTID, the first port are the port that the ingress edge interchanger receives the first data packet;
The controller is according to the MAC of the port-mark of the first port, the first LTID and the purpose virtual machine
Location obtains corresponding mapping item;
The mapping item is sent to the ingress edge interchanger by the controller, so that the ingress edge interchanger will
The 2nd LTID in the mapping item replaces the first LITD in first data packet, and according to the mapping item
Replaced first data packet is packaged, to obtain the second data packet;Wherein, the 2nd LTID is virtual network in mesh
Server on LTID.
6. according to the method described in claim 5, it is characterized in that, the controller is marked according to the port of the first port
Know, the corresponding mapping item of the MAC Address acquisition of the first LTID and the purpose virtual machine, specifically include:
The controller obtains the mark of the source server according to the port-mark of the first port;
The controller obtains the virtual network overall identification according to the mark of the source server and the first LTID
GTID;
The controller obtains the 2nd LTID according to the MAC Address of the GTID and the purpose virtual machine;
The controller obtains the MAC Address of outlet edge interchanger and the port mark of second port according to the 2nd LTID
Know;Wherein, the second port is the port of the outlet edge interchanger of purpose server access;
The controller is according to the 2nd LTID, the MAC Address of the outlet edge interchanger and the end of the second port
Mouth mark generates the mapping item.
7. a kind of processing unit based on data packet in virtual double layer network characterized by comprising
Transceiver module, for receiving the first data packet of source server transmission;Wherein, first data packet is source service
First virtual network local identities LTID is inserted into the data packet obtained after raw data packets by device, and first data packet includes
The medium access control MAC Address of purpose virtual machine;Wherein, the first LTID is virtual network on the source server
LTID;
Enquiry module, for the MAC according to the port-mark of first port, the first LTID and the purpose virtual machine
Packaging information mapping table is searched, wherein the first port is the end that ingress edge interchanger receives first data packet in location
Mouthful;
The transceiver module is not got and described first if being also used to the enquiry module from the packaging information mapping table
The corresponding mapping item of MAC Address of the port-mark of port, the first LTID and the purpose virtual machine, then to controller
The port-mark of the first port, the MAC Address of the first LTID and the purpose virtual machine are sent, so that the control
Device processed is obtained according to the MAC Address of the port-mark of the first port, the first LTID and the purpose virtual machine and is corresponded to
Mapping item, and the mapping item is returned into the ingress edge interchanger, wherein the mapping item includes second
LTID, the 2nd LTID are LTID of the virtual network on destination server;
Processing module, for the 2nd LTID to be replaced the first LITD described in first data packet, and according to described
Mapping item is packaged replaced first data packet, to obtain the second data packet;
The transceiver module is also used to send institute to outlet edge interchanger corresponding with the MAC Address of the purpose virtual machine
The second data packet is stated, so that second data packet is carried out parsing and by described the after parsing by the outlet edge interchanger
Two data packets are sent to the destination server.
8. device according to claim 7, which is characterized in that the processing module, if be also used to the enquiry module from
It is got in the packaging information mapping table virtual with the port-mark of the first port, the first LTID and the purpose
The corresponding mapping item of the MAC Address of machine then replaces the 2nd LTID in the mapping item in first data packet
First LITD, and replaced first data packet is packaged according to the mapping item, to obtain the second data packet,
Wherein, the 2nd LTID is LTID of the virtual network on the destination server.
9. device according to claim 7 or 8, which is characterized in that the mapping item further includes outlet edge interchanger
MAC Address and second port port-mark;
The processing module, specifically for according to the MAC Address of the outlet edge interchanger and the port-mark of second port,
And the MAC Address of ingress edge interchanger, a header is added for replaced first data packet, to obtain the
Two data packets;Wherein, the destination address of the outlet edge interchanger in the header is in first data packet
Target MAC (Media Access Control) address, the ingress edge interchanger MAC Address be first data packet in source MAC, the void
The port-mark of the second port is set in quasi- local area network VLAN field, and the second port is destination server access
The outlet edge interchanger port.
10. device according to claim 9, which is characterized in that
The enquiry module is also used to inquire local forwarding table, determines third port,
The transceiver module is also used to send second data to the outlet edge interchanger by the third port
Packet, so that the outlet edge interchanger by second resolve packet, analytically obtains the VLAN field in result
The second port, and second data packet is sent to the destination server by the second port.
11. a kind of processing unit based on data packet in virtual double layer network characterized by comprising
Transceiver module, the port-mark of the first port for taking in the transmission of mouth edge switch, the first virtual network are locally marked
Know the medium access control MAC Address of LTID and purpose virtual machine;Wherein, the first LTID is virtual network in source server
On LTID, the first port be the ingress edge interchanger receive the first data packet port;
Module is obtained, for the MAC according to the port-mark of the first port, the first LTID and the purpose virtual machine
Address obtains corresponding mapping item;
The transceiver module is also used to for the mapping item to be sent to the ingress edge interchanger, so that the entrance side
The 2nd LTID in the mapping item is replaced the first LITD in first data packet by edge interchanger, and is reflected according to described
Firing table item is packaged replaced first data packet, to obtain the second data packet;Wherein, the 2nd LTID is virtual net
LTID of the network on destination server.
12. device according to claim 11, which is characterized in that the acquisition module is specifically used for according to described first
The port-mark of port obtains the mark of the source server;It is obtained according to the mark of the source server and the first LTID
Virtual network overall identification GTID;The 2nd LTID is obtained according to the MAC Address of the GTID and the purpose virtual machine;Root
The MAC Address of outlet edge interchanger and the port-mark of second port are obtained according to the 2nd LTID;Wherein, the second end
Mouth is the port of the outlet edge interchanger of purpose server access;It is handed over according to the 2nd LTID, the outlet edge
The MAC Address changed planes and the port-mark of the second port generate the mapping item.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201510049926.4A CN105991438B (en) | 2015-01-30 | 2015-01-30 | Treating method and apparatus based on data packet in virtual double layer network |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201510049926.4A CN105991438B (en) | 2015-01-30 | 2015-01-30 | Treating method and apparatus based on data packet in virtual double layer network |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN105991438A CN105991438A (en) | 2016-10-05 |
| CN105991438B true CN105991438B (en) | 2019-10-15 |
Family
ID=57034722
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201510049926.4A Active CN105991438B (en) | 2015-01-30 | 2015-01-30 | Treating method and apparatus based on data packet in virtual double layer network |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN105991438B (en) |
Families Citing this family (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN107786410B (en) * | 2016-12-29 | 2020-08-28 | 平安科技(深圳)有限公司 | VXLAN implementation method and terminal based on Ethernet encapsulation |
| CN107749831A (en) * | 2017-12-06 | 2018-03-02 | 锐捷网络股份有限公司 | Message forwarding method and device in the VSU of wave-division device interconnection |
| WO2020000409A1 (en) * | 2018-06-29 | 2020-01-02 | Intel Corporation | Managing quality of storage service in virtual network |
| CN109547354B (en) * | 2018-11-21 | 2022-08-30 | 广州市百果园信息技术有限公司 | Load balancing method, device, system, core layer switch and storage medium |
| CN114666270A (en) * | 2020-12-23 | 2022-06-24 | 中国移动通信有限公司研究院 | Data transmission method, network equipment and system |
| CN114430394B (en) * | 2021-12-29 | 2023-06-23 | 中国电信股份有限公司 | Message processing method and device, electronic equipment and readable storage medium |
Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US6389023B1 (en) * | 1997-04-07 | 2002-05-14 | Kabushiki Kaisha Toshiba | Router device and frame transfer method using datalink layer frame switching |
| CN102780601A (en) * | 2011-05-13 | 2012-11-14 | 国际商业机器公司 | Method and system of virtual managed network |
| CN102801599A (en) * | 2012-07-26 | 2012-11-28 | 华为技术有限公司 | Communication method and system |
| CN103888386A (en) * | 2012-12-24 | 2014-06-25 | 华为技术有限公司 | Extensible virtual local area network message transmission method, device and system |
| CN104283756A (en) * | 2013-07-02 | 2015-01-14 | 杭州华三通信技术有限公司 | Method and device for realizing distributed type multi-tenant virtual network |
Family Cites Families (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| WO2015021629A1 (en) * | 2013-08-15 | 2015-02-19 | 华为技术有限公司 | Resource allocation method |
-
2015
- 2015-01-30 CN CN201510049926.4A patent/CN105991438B/en active Active
Patent Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US6389023B1 (en) * | 1997-04-07 | 2002-05-14 | Kabushiki Kaisha Toshiba | Router device and frame transfer method using datalink layer frame switching |
| CN102780601A (en) * | 2011-05-13 | 2012-11-14 | 国际商业机器公司 | Method and system of virtual managed network |
| CN102801599A (en) * | 2012-07-26 | 2012-11-28 | 华为技术有限公司 | Communication method and system |
| CN103888386A (en) * | 2012-12-24 | 2014-06-25 | 华为技术有限公司 | Extensible virtual local area network message transmission method, device and system |
| CN104283756A (en) * | 2013-07-02 | 2015-01-14 | 杭州华三通信技术有限公司 | Method and device for realizing distributed type multi-tenant virtual network |
Also Published As
| Publication number | Publication date |
|---|---|
| CN105991438A (en) | 2016-10-05 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN105991438B (en) | Treating method and apparatus based on data packet in virtual double layer network | |
| CN103563329B (en) | Scalable multi-tenant network architecture for virtualized datacenters | |
| CN105207873B (en) | A kind of message processing method and device | |
| US10205657B2 (en) | Packet forwarding in data center network | |
| CN105830405B (en) | System and method for covering networking between expansible domain | |
| CN105812261B (en) | Message forwarding method and system in information centre's network | |
| EP3641245B1 (en) | Service routing packet processing method and apparatus, and network system | |
| JP6034979B2 (en) | Packet transfer method and apparatus, and data center network | |
| US8718071B2 (en) | Method to pass virtual local area network information in virtual station interface discovery and configuration protocol | |
| CN103748558B (en) | System and method for covering virtual network on physical network | |
| US9065766B2 (en) | Medium for storing packet conversion program, packet conversion apparatus and packet conversion method | |
| EP3282649B1 (en) | Data packet forwarding | |
| EP3975487A1 (en) | Scalable handling of bgp route information in vxlan with evpn control plane | |
| CN104811382B (en) | The processing method and device of data packet | |
| WO2013155959A1 (en) | Accessing ip network and edge devices | |
| CN104038401A (en) | Interoperability for distributed overlay virtual environments | |
| JP2015095894A (en) | Management server and management method thereof for managing cloud appliances in virtual local area networks | |
| CN105635190B (en) | Service executing apparatus in data center network and device | |
| CN108833299A (en) | A kind of large scale network data processing method based on restructural exchange chip framework | |
| CN108377262A (en) | Manage the method for the service chaining at the network equipment, the corresponding network equipment | |
| EP2721779B1 (en) | Communication mechanism for multiple interface network nodes | |
| CN102857428A (en) | Message transmitting method and message transmitting equipment on basis of access control list | |
| CN103763195B (en) | A kind of method and device of transmitting message | |
| CN104852846B (en) | A kind of data forwarding controlling method and system | |
| CN109905321A (en) | A kind of route control system interacted for customized high-speed interface with Ethernet |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |