CN106161225B - For handling the method, apparatus and system of VXLAN message - Google Patents

For handling the method, apparatus and system of VXLAN message Download PDF

Info

Publication number
CN106161225B
CN106161225B CN201510127449.9A CN201510127449A CN106161225B CN 106161225 B CN106161225 B CN 106161225B CN 201510127449 A CN201510127449 A CN 201510127449A CN 106161225 B CN106161225 B CN 106161225B
Authority
CN
China
Prior art keywords
message
encapsulation
vni
described
router
Prior art date
Application number
CN201510127449.9A
Other languages
Chinese (zh)
Other versions
CN106161225A (en
Inventor
查敏
刘树成
Original Assignee
华为技术有限公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 华为技术有限公司 filed Critical 华为技术有限公司
Priority to CN201510127449.9A priority Critical patent/CN106161225B/en
Publication of CN106161225A publication Critical patent/CN106161225A/en
Application granted granted Critical
Publication of CN106161225B publication Critical patent/CN106161225B/en

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L12/00Data switching networks
    • H04L12/28Data switching networks characterised by path configuration, e.g. local area networks [LAN], wide area networks [WAN]
    • H04L12/46Interconnection of networks

Abstract

This application provides a kind of for handling the method, apparatus and system of VXLAN message, and the router facilitated between different data centers obtains VNI.In this method, the first router receives the VXLAN message that VTEP is sent, and the VXLAN message includes VNI;The first router is according to the VXLAN message, message after being encapsulated, message after the encapsulation is the message for obtain after IPsec-ESP encapsulation to the VXLAN message, message after the encapsulation includes IP, the VXLAN message of VNI, ESP and the encryption, the VNI be packaged in described IP and it is ESP described between;The first router sends the message after the encapsulation to the second router.

Description

For handling the method, apparatus and system of VXLAN message

Technical field

The present invention relates to the communication technology, more particularly to it is a kind of for handle virtual expansible local area network (full name in English: Virtual Extensible Local Area Network, english abbreviation: VXLAN) message method, apparatus and system.

Background technique

VXLAN can be applied to inside data center, migrate virtual machine within the scope of the three-layer network interconnected, Without changing Internet protocol (full name in English: Internet Protocol, english abbreviation: IP) address and media access (full name in English: Media Access Control, english abbreviation: MAC) address is controlled, guarantees the continuity of business.Internet Protocol safety (full name in English: Internet Protocol Security, english abbreviation: IPSec) agreement can be by using The security service of encryption come ensure to be maintained secrecy on ip networks and safety communication.Package safety load (full name in English: Encapsulating Security Payload, english abbreviation: ESP) agreement is one of IPsec agreement main protocol, IPsec-ESP can be applied to the field communicated between different data centers (full name in English: Data Center, english abbreviation: DC) Scape.

Between different DC in communication scenes, such as in the scene that is communicated between DC1 and DC2, belong to the first via of DC1 by Device can receive belong to DC1 virtual channel endpoint (full name in English: virtual tunnel end point, english abbreviation: VTEP) the VXLAN message sent.The first router carries out IPsec-ESP encapsulation to the VXLAN message received, obtains IPsec-ESP message.IPsec-ESP message includes encrypted VXLAN message, is packaged in outside encrypted VXLAN message ESP and the IP head that is packaged in outside ESP.IP include source IP address and purpose IP address, source IP address be the first via by The IP address of device, purpose IP address are the IP address of the second router.The second router belongs to DC2.The first router is to second Router sends IPsec-ESP message.

Router between the first router and the second router can forward IPsec-ESP message, still, be located at the The router in transmission path between one router and the second router can not perceive VXLAN message institute in IPsec-ESP message Including information relevant to VXLAN, such as VXLAN network identity (full name in English: VXLAN Network Identifier, English abbreviation: VNI), and then the business processings such as load balancing can not be carried out.

Summary of the invention

In view of this, the embodiment of the invention provides a kind of for handling the method, apparatus and system of VXLAN message, have The router helped between different data centers obtains VNI.

Technical solution provided in an embodiment of the present invention is as follows.

In a first aspect, providing a kind of method for handling VXLAN message, comprising:

The first router receives the VXLAN message that VTEP is sent, and the VXLAN message includes VNI;

The first router is according to the VXLAN message, message after being encapsulated, and the message after the encapsulation is pair The VXLAN message carries out the message obtained after IPsec-ESP encapsulation, the message after the encapsulation includes IP, the VNI, ESP and encryption the VXLAN message, the VNI be packaged in described IP and it is ESP described between;

The first router sends the message after the encapsulation to the second router.

In the first possible implementation of the first aspect, described IP include first identifier information, described first The message that identification information is used to identify after the encapsulation carries the VNI.

With reference to the above first aspect, second of possible implementation of first aspect is additionally provided, after the encapsulation Message further includes being packaged in the described IP User Datagram Protocol (full name in English: User Datagram between the VNI Protocol, english abbreviation: UDP) head, described UDP is UDP head included by the VXLAN message from the VTEP;

Described IP includes first identifier information, and the message that the first identifier information is used to identify after the encapsulation carries There is a UDP head, described to be packaged in the described IP UDP head between the VNI include second identifier information, second mark Know the message that information is used to identify after the encapsulation and carries the VNI.

Second aspect provides a kind of method for handling VXLAN message, comprising:

The second router receives the message after the encapsulation that the first router is sent, and the message after the encapsulation is to coming from The VXLAN message of VTEP carries out the message obtained after IPsec-ESP encapsulation, and the message after the encapsulation includes IP, VNI, ESP Head and encryption the VXLAN message, the VNI be packaged in described IP and it is ESP described between;

The second router obtains the VNI from the message after the encapsulation.

In the first possible implementation of the second aspect, described IP include first identifier information, described first Identification information is used to identify the message after the encapsulation and carries the VNI, and the second router is from the report after the encapsulation Text obtains the VNI

The first identifier information that the second router includes according to described IP, the message after determining the encapsulation Including the VNI;

The second router obtains the VNI from described IP and between ESP described.

In conjunction with above-mentioned second aspect, second of possible implementation of second aspect is additionally provided, after the encapsulation Message further includes being packaged in the described IP UDP head between the VNI, and described UDP is from described in the VTEP The UDP head that VXLAN message includes, described IP includes first identifier information, and the first identifier information is for identifying the envelope Message after dress carries the UDP head, and described to be packaged in the described IP UDP head between the VNI include second identifier Information, the message that the second identifier information is used to identify after the encapsulation carry the VNI;

The second router obtains the VNI from the message after the encapsulation

The first identifier information that the second router includes according to described IP, acquisition be packaged in described IP and UDP head between the VNI;

Second mark that the second router includes according to the described IP UDP head between the VNI is packaged in Know information, the message after determining the encapsulation includes the VNI;

The second router obtains the VNI from described IP and between ESP described.

The third aspect provides the first router, comprising:

Receiving unit, for receiving the VXLAN message of VTEP transmission, the VXLAN message includes VNI;

Processing unit is used for the message according to the VXLAN message, after being encapsulated, and the message after the encapsulation is pair The VXLAN message carries out the message obtained after IPsec-ESP encapsulation, the message after the encapsulation includes IP, the VNI, ESP and encryption the VXLAN message, the VNI be packaged in described IP and it is ESP described between;

Transmission unit, for sending the message after the encapsulation to the second router.

In the first possible implementation of the third aspect, described IP include first identifier information, described first The message that identification information is used to identify after the encapsulation carries the VNI.

In conjunction with the above-mentioned third aspect, second of possible implementation of the third aspect is additionally provided, after the encapsulation Message further includes being packaged in the described IP UDP head between the VNI, and described UDP is from described in the VTEP UDP head included by VXLAN message;

Described IP includes first identifier information, and the message that the first identifier information is used to identify after the encapsulation carries There is a UDP head, described to be packaged in the described IP UDP head between the VNI include second identifier information, second mark Know the message that information is used to identify after the encapsulation and carries the VNI.

Fourth aspect provides the second router, comprising:

Receiving unit, the message after encapsulation for receiving the first router transmission, the message after the encapsulation is to next Carry out the message obtained after IPsec-ESP encapsulation from the VXLAN message of VTEP, the message after the encapsulation includes IP, VNI, ESP and encryption the VXLAN message, the VNI be packaged in described IP and it is ESP described between;

Processing unit, for obtaining the VNI from the message after the encapsulation.

In the first possible implementation of the fourth aspect, described IP include first identifier information, described first The message that identification information is used to identify after the encapsulation carries the VNI;

The processing unit is specifically used for the first identifier information for including according to described IP, after determining the encapsulation Message include the VNI;

The processing unit is specifically used for obtaining the VNI from described IP and between ESP described.

In conjunction with above-mentioned fourth aspect, second of possible implementation of fourth aspect is additionally provided, after the encapsulation Message further includes being packaged in the described IP UDP head between the VNI, and described UDP is from described in the VTEP The UDP head that VXLAN message includes, described IP includes first identifier information, and the first identifier information is for identifying the envelope Message after dress carries the UDP head, and described to be packaged in the described IP UDP head between the VNI include second identifier Information, the message that the second identifier information is used to identify after the encapsulation carry the VNI;

The processing unit is specifically used for the first identifier information for including according to described IP, and acquisition is packaged in described UDP head between IP and the VNI;

The processing unit is specifically used for according to be packaged in that the described IP UDP head between the VNI include Second identifier information, the message after determining the encapsulation include the VNI;

The processing unit is specifically used for obtaining the VNI from described IP and between ESP described.

5th aspect, provides the system for handling VXLAN message, comprising:

The first router provided by the possible implementation of any one of the above-mentioned third aspect or the third aspect and upper State the second router provided by any one possible implementation of fourth aspect or fourth aspect.

Through the above scheme, in the method, apparatus and system provided in an embodiment of the present invention for handling VXLAN message, The first router carries out IPsec-ESP encapsulation to the VXLAN message that VTEP is sent, the message after being encapsulated.The first via By the VNI that the VXLAN message that device sends the VTEP includes be packaged in IP head that the message after the encapsulation includes and Between ESP.The first router sends the message after the encapsulation to the second router.The second router is from described The VNI being packaged between IP and ESP is obtained in message after encapsulation.In this way, the routing between different data centers Device, such as the second router can obtain VNI from the message after the encapsulation received.

Detailed description of the invention

It in order to illustrate the embodiments of the present invention more clearly or scheme in the prior art, below will be to required in embodiment The attached drawing used is briefly described, it should be apparent that, drawings in the following description are some embodiments of the invention, for For those of ordinary skill in the art, without creative efforts, it can also be obtained according to these attached drawings other Attached drawing.

Fig. 1 is the method flow diagram for being used to handle VXLAN message that first embodiment of the invention provides;

Fig. 2 is the method flow diagram for being used to handle VXLAN message that second embodiment of the invention provides;

Fig. 3 a is the schematic diagram of the message after a kind of encapsulation provided in an embodiment of the present invention;

Fig. 3 b is the schematic diagram of the message after another encapsulation provided in an embodiment of the present invention;

Fig. 4 a is the schematic diagram of the message after a kind of encapsulation provided in an embodiment of the present invention;

Fig. 4 b is the schematic diagram of the message after another encapsulation provided in an embodiment of the present invention;

Fig. 5 is the schematic diagram for the IP head that the message after encapsulation provided in an embodiment of the present invention includes;

Fig. 6 is the schematic diagram for the UDP head that the message after encapsulation provided in an embodiment of the present invention includes;

Fig. 7 is the structural schematic diagram of the first router provided in an embodiment of the present invention;

Fig. 8 be another embodiment of the present invention provides the first router structural schematic diagram;

Fig. 9 is the structural schematic diagram of the second router provided in an embodiment of the present invention;

Figure 10 be another embodiment of the present invention provides the second router structural diagrams intention;

Figure 11 is provided in an embodiment of the present invention for handling the structural schematic diagram of the system of VXLAN message.

Specific embodiment

In order to make the object, technical scheme and advantages of the embodiment of the invention clearer, below in conjunction with the embodiment of the present invention In attached drawing, the technical scheme in the embodiment of the invention is clearly and completely described, it is clear that described embodiment is A part of the embodiment of the present invention, instead of all the embodiments.Based on the embodiments of the present invention, those of ordinary skill in the art Every other embodiment obtained without making creative work, shall fall within the protection scope of the present invention.

Fig. 1 is the flow chart for the method for handling VXLAN message that first embodiment of the invention provides.The present invention first Embodiment is the angle from the first router, is illustrated to the method for handling VXLAN message.The first router can To be Provider Edge (full name in English: provider edge, english abbreviation: PE) equipment.Below with reference to Fig. 1, to the present invention the The method for handling VXLAN message that one embodiment provides is illustrated.

S102, the first router receive the VXLAN message that VTEP is sent, and the VXLAN message includes VNI.

For example, the first router may belong to DC1 between different DC in communication scenes.VTEP in DC1 can The service message that virtual machine (full name in English: virtual machine, english abbreviation: VM) is sent carries out VXLAN encapsulation, obtains Obtain VXLAN message.VTEP VXLAN message obtained in DC1 includes VNI.VTEP VXLAN message obtained in DC1 Need to be sent to the VM in another DC, such as the VM in DC2.The first router can receive the VXLAN that the VTEP in DC1 is sent Message.Wherein, VNI can be used for distinguishing different VXLAN.Such as: a VNI can be used for identifying a tenant.

S104, the first router is according to the VXLAN message, message after being encapsulated, the report after the encapsulation Text is the message for obtain after IPsec-ESP encapsulation to the VXLAN message, and the message after the encapsulation includes IP, institute State VNI, ESP and encryption the VXLAN message, the VNI be packaged in described IP and it is ESP described between.

For example, the message that the VNI that VXLAN message can be included by the first router is inserted into after the encapsulation includes The IP and it is ESP described between.

For example, the first router, according to the VXLAN message, the message after being encapsulated includes: described One router obtains the VNI from the VXLAN message;The first router carries out IPsec-ESP to the VXLAN message Encapsulation, obtain IPsec-ESP encapsulated message, the IPsec-ESP encapsulated message include encryption VXLAN message, be packaged in plus ESP head outside close VXLAN message and the IP head being packaged in outside ESP;The VNI is inserted into IPsec- by the first router IP head that ESP encapsulated message includes and it is ESP described between, the message after obtaining the encapsulation.Message after the encapsulation can Think message shown in Fig. 3 a or Fig. 3 b.Message shown in Fig. 3 a is that transmission (English name transport) mode is used to send out Message after the encapsulation sent.Structure shown in fig. 5 can be used in the IP head that message shown in Fig. 3 a includes.Message shown in Fig. 3 b is Message after the encapsulation for using tunnel (English name tunnel) mode to send.The Intranet IP for including in message shown in Fig. 3 b Head is the IP head that the VXLAN message that VTEP is sent to the first router includes.The IP head that message shown in Fig. 3 b includes can be used Structure shown in fig. 5.The VXLAN message encrypted in Fig. 3 a and Fig. 3 b is the encrypted rear message obtained of VXLAN that VTEP is sent, The content for no longer including to the VXLAN message of encryption herein repeats.

For example, the first router, according to the VXLAN message, the message after being encapsulated includes: described One router obtains the VNI from the VXLAN message;The first router encrypts the VXLAN message, obtains Encrypted VXLAN message;The first router successively encapsulates ESP described, institute outside the encrypted VXLAN message State VNI and the IP head.Message after the encapsulation can be message shown in Fig. 3 a or Fig. 3 b.

Optionally, the IP head that the message after the encapsulation includes may also include first identifier information, the first identifier letter Message of the breath for after identifying the encapsulation carries the VNI.

For example, if the IP head that the message after the encapsulation of Fig. 3 a or Fig. 3 b includes uses IP head shown in fig. 5.Shown One identification information can be carried on the protocol number field in IP shown in fig. 5.In IP shown in fig. 5 in the present embodiment Protocol number field can be used for indicating the type of message after IP, such as by the protocol number field definition be " ESP/VXLAN ", use It is the ESP message for encapsulating VXLAN with the type of message after indicating IP.Wherein, encapsulating VXLAN ESP messages can Include the VXLAN head of VNI to be in ESP message outer package, can also be in the ESP message outer package VNI.Described first After router can increase the VNI at described ESP and between IP described, the information for including to described IP is updated. IP head as shown in Figure 5, after the first router can increase the VNI at described ESP and between IP described, to IP Protocol number field, total length field and the header check and field that head includes are updated, so that increasing the encapsulation of the VNI Message afterwards meets call format.

Optionally, the first router can obtain VXLAN head, the VXLAN head from the VXLAN message from VTEP Including the VNI.The VXLAN head that VXLAN message includes is packaged in described IP and the ESP head by the first router Between, the message after being encapsulated.In this way, the first router can be without identifying and obtaining from the VXLAN message from VTEP VNI is taken, helps to simplify operation.The first router obtain the method for the message after the encapsulation including VXLAN with it is above-mentioned The method of message after obtaining the encapsulation including VNI is identical, and details are not described herein.

S106, the first router send the message after the encapsulation to the second router.

For example, router of the second router between different DC.For example the first router belongs to DC1, third router belong to DC2.Message after the encapsulation is the third for needing to be sent to DC2 by the first router of DC1 The message of router.The second router is the router in the transmission network between DC1 and DC2.

For example, if the message after the encapsulation is the message that transport mode is sent, the report after the encapsulation The purpose IP address in IP head that text includes is the IP address of third router.If the message after the encapsulation is tunnel mode The message of transmission, the then purpose IP address in IP head that the message after the encapsulation includes are the destination address in tunnel, the tunnel The destination address in road is the IP address of third router.

For example, the first corresponding relationship can be pre-configured in the first router, the first corresponding relationship packet Include the IP address of the VNI and third router.The first router can according to first corresponding relationship and the VNI, Obtain the IP address of the third router.The first router can be using the IP address of the third router as the envelope The purpose IP address that IP head in message after dress includes.

For example, the second corresponding relationship can be pre-configured in the first router, the second corresponding relationship packet Include the IP address of address information and third router.The address information can be the source that the VXLAN message of VTEP transmission includes Any one in IP address, purpose IP address, source MAC and target MAC (Media Access Control) address or any combination.

By taking the scene communicated between DC1 and DC2 as an example, after the first router in DC1 obtains the encapsulation Message after, according to the IP purpose IP address for including, the third router into DC2 sends the message after the encapsulation.Institute The IP purpose IP address for including are the IP address of the third router in DC2 in message after stating encapsulation.The first via in DC1 By including the second router between the third router in device and DC2, that is to say, that in the first router and DC2 in DC1 Third router between path on include the second router.The second router can be that can obtain the report after the encapsulation The router for the VNI that text carries.After third router of the first router into DC2 in DC1 sends the encapsulation Message, the message after the encapsulation can be forwarded to described second along the first router to the path between the third router Router.

It is provided in an embodiment of the present invention for handling in the method for VXLAN message, the first router according to VXLAN message and VNI in the VXLAN message encapsulated after message, sealed between IP head that the message after the encapsulation includes and ESP Equipped with the VNI.The first router sends the message after the encapsulation to the second router, facilitates the second router root The further business processings such as business processing, such as load balancing are carried out according to the VNI carried in the message after the encapsulation, Help to improve network operation efficiency.

Based on the method for handling VXLAN message that first embodiment of the invention provides, another embodiment of the present invention is mentioned The method for handling VXLAN message is supplied.Another embodiment of the present invention provides method mentioned with first embodiment of the invention The method of confession the difference is that: after the UDP head that VXLAN message includes can be also inserted into the encapsulation by the first router Message include the IP between the VNI.I.e. another embodiment of the present invention provides the method S104 that includes and this hair The S104 in method that bright first embodiment provides is different, is illustrated at this to difference, other contents can be referring to this hair The corresponding contents in method that bright first embodiment provides.

For example, according to the VXLAN message, the message after being encapsulated includes: the first router in S104 The first router obtains the VNI and the UDP head from the VXLAN message;The first router is to the VXLAN Message carries out IPsec-ESP encapsulation, obtains IPsec-ESP encapsulated message, and the IPsec-ESP encapsulated message includes encryption VXLAN message, the ESP head being packaged in outside the VXLAN message of encryption and the IP head being packaged in outside ESP;The first router By the VNI and UDP insertion IPsec-ESP encapsulated message IP head that includes and it is ESP described between, after obtaining the encapsulation Message.Message after the encapsulation can be message shown in Fig. 4 a or Fig. 4 b.Message shown in Fig. 4 a is to use Message after the encapsulation that transport mode is sent.Structure shown in fig. 5 can be used in the IP head that message shown in Fig. 4 a includes, Structure shown in fig. 6 can be used in the UDP head that message shown in Fig. 4 a includes.Message shown in Fig. 4 b is to be sent out using tunnel mode Message after the encapsulation sent.The Intranet for including in message shown in Fig. 4 b IP VXLAN sent for VTEP to the first router The IP head that message includes.Structure shown in fig. 5 can be used in the IP head that message shown in Fig. 4 b includes, and message shown in Fig. 4 b includes UDP head structure shown in fig. 6 can be used.The VXLAN message encrypted in Fig. 4 a and Fig. 4 b is that the VXLAN that VTEP is sent is encrypted The message obtained afterwards, the content for no longer including to the VXLAN message of encryption herein repeat.

For example, according to the VXLAN message, the message after being encapsulated includes: the first router in S104 The first router obtains the VNI and the UDP head from the VXLAN message;The first router is to the VXLAN Message is encrypted, and encrypted VXLAN message is obtained;The first router outside the encrypted VXLAN message by Layer encapsulates ESP, the VNI, UDP and the IP head.Message after the encapsulation can be Fig. 4 a or Fig. 4 b Shown in message.

For example, the IP head that the message after the encapsulation includes may also include first identifier information, the first identifier The message that information is used to identify after the encapsulation carries the UDP head, described to be packaged in described IP between the VNI UDP include second identifier information, and the message that the second identifier information is used to identify after the encapsulation carries the VNI.

For example, if the IP head that the message after the encapsulation of Fig. 4 a or Fig. 4 b includes uses IP head shown in fig. 5.Shown One identification information can be carried on the protocol number field in IP shown in fig. 5.In the present embodiment, in IP shown in fig. 5 Protocol number field may be defined as UDP, for carrying UDP head after indicating IP.The first router can be in the ESP head And it is IP described between increase the VNI and it is UDP described after, the information for including to described IP is updated.As shown in Figure 5 IP head, the first router can be increased at described ESP and between IP described the VNI and it is UDP described after, it is right IP protocol number field, total length field and the header checks for including and field are updated, to carry the VNI and institute Message after stating UDP encapsulation meets call format.Destination slogan in UDP shown in fig. 6 can be used to carry described Second identifier information.Destination slogan in UDP shown in fig. 6 is ESP/VXLAN port numbers, i.e. ESP/VXLAN port numbers For carrying VNI after identifying UDP.If what is carried after UDP is to contain the VXLAN head of VNI, UDP head shown in fig. 6 In destination slogan be ESP/VXLAN port numbers, i.e., ESP/VXLAN port numbers are used to carry and be packaged with after identifying UDP VXLAN ESP messages.It include " UDP verification and " field in the UDP head that message shown in fig. 6 includes.If shown in fig. 5 The IP head that message includes has been provided with " header check and ", then " UDP verification with " in the UDP head that message shown in fig. 6 includes It can be set to 0.

For example, may include mulitpath between the first router of DC1 and the third router of DC2.The a plurality of road Each path on diameter may include one or more router.The source port number in UDP head that message after the encapsulation includes The five-tuple information for including with the message after the encapsulation can be used to determine from the mulitpath one be used to forward it is described The path of message after encapsulation.

Fig. 2 is the flow chart of the method for handling VXLAN message of second embodiment of the invention.The present invention second is implemented Example is the angle from the second router, is illustrated to the method provided in an embodiment of the present invention for handling VXLAN message.Institute Stating the second router can be operator (full name in English: provider, english abbreviation: P) equipment.Below with reference to Fig. 2, to this hair The method for handling VXLAN message of bright second embodiment is specifically described.

S202, the second router receive the message after the encapsulation that the first router is sent, and the message after the encapsulation is pair VXLAN message from VTEP carries out the message obtained after IPsec-ESP encapsulation, the message after the encapsulation includes IP, VNI, ESP and encryption the VXLAN message, the VNI be packaged in described IP and it is ESP described between.

For example, the second router is in the path between the first router of DC1 and the third router of DC2 On, the second router receives the message after the encapsulation that the first router is sent to the third router.It is described Message after encapsulation is identical as the message after the encapsulation in first embodiment of the invention, and details are not described herein.

Optionally, the IP head that the message after the encapsulation includes also carries first identifier information, the first identifier letter Message of the breath for after identifying the encapsulation carries the VNI.If the message after the encapsulation includes being packaged in the IP head With described ESP of VXLAN head, described VXLAN includes the VNI, then the first identifier information can be used for identifying institute Message after stating encapsulation carries the VXLAN head.

For example, the message after the encapsulation that the second router receives can be report shown in Fig. 3 a or Fig. 3 b Text herein no longer repeats specific structure.

S204, the second router obtain the VNI from the message after the encapsulation.

For example, it includes: the secondary route that the second router, which obtains the VNI from the message after the encapsulation, Device can be according to the first identifier information carried in the IP head of the message after the encapsulation, and the message after determining the encapsulation carries institute State VNI;The second router obtains the VNI of the carrying of the message after the encapsulation after the IP head of the message after the encapsulation.

For example, the second router can carry out at business the message after the encapsulation using the VNI obtained Reason, such as the business processings such as Qos, load balancing.VNI is for distinguishing different VXLAN.The second router can be by described VNI, tenant belonging to the VXLAN message that the message after determining the encapsulation includes.The second router can be stored with VNI With the mapping table of tenant.The second router can be according to the VNI and the mapping that the message after the encapsulation carries Relation table carries out load balancing operation to the message after the encapsulation, no longer repeats herein specific operating process.

In method provided in an embodiment of the present invention for handling VXLAN message, the VNI that the message after encapsulation includes is encapsulated Between IP and ESP, the second router can be carried the message after the encapsulation after receiving the message after encapsulation VNI identified.The second router can obtain the VNI from the message after the encapsulation.In this way, second tunnel Further business processing is carried out by the VNI that device can use acquisition, helps to improve network operation efficiency.

On the basis of the method for being used to handle VXLAN message that second embodiment of the invention provides, of the invention is another Embodiment provides the method for handling VXLAN message.In the method that another embodiment of the present invention provides, second tunnel Message after the encapsulation received by device includes VNI the and UDP head being packaged between IP and ESP or second tunnel Message after the encapsulation received by device includes the VXLAN head and UDP head being packaged between IP and ESP, the VXLAN head Including the VNI.Another embodiment of the present invention provides method and second embodiment of the invention provide method difference exist In S204, only difference is illustrated below, the side of second embodiment of the invention offer is provided for identical content Corresponding contents in method.

In S202, the message after the encapsulation that the second router receives includes IP, UDP, VNI, ESP and adds Close VXLAN message.Message after the encapsulation that the second router receives can be message shown in Fig. 4 a or Fig. 4 b, This no longer repeats specific structure.In this embodiment, the IP head of the message after the encapsulation can carry first identifier letter Breath, the first identifier information are used to identify the message after the encapsulation and carry the UDP head, described UDP be VTEP to The UDP head that the VXLAN message that the first router is sent carries.It is described to be packaged in the described IP UDP head between the VNI Including second identifier information, the message that the second identifier information is used to identify after the encapsulation carries the VNI.By institute Stating VNI would generally carry in VTEP into the VXLAN message that the first router is sent, if the message after the encapsulation includes Be packaged in described IP and it is ESP described in VXLAN head and UDP head, then described in the second identifier information can be used for identifying Message after encapsulation carries VXLAN head.

For example, it includes: described that the second router, which obtains the VNI from the message after the encapsulation, in S204 The second router obtains the first identifier information of the IP carrying from the IP head of the message after the encapsulation;Second tunnel By device according to the first identifier information, the message after obtaining the encapsulation include be located at described IP after UDP head;It is described The destination slogan that the second router includes according to described UDP, the message after determining the encapsulation carry the VNI;It is described The second router obtains the VNI after the UDP head of the message after the encapsulation.If the VNI of the message after the encapsulation takes Band is in VXLAN, between the UDP head of the VXLAN message being packaged in after the encapsulation and ESP, then described second Router can obtain the VXLAN head after the UDP head of the message after the encapsulation, obtain the VNI from described VXLAN.

Third router in DC2 receives the message after the encapsulation from the first router, i.e., turns through the second router Message after the encapsulation of hair, the third router can be handled the message after the encapsulation, obtain VXLAN message.

For example, if the message after the encapsulation includes the VNI for being packaged in IP He ESP, the third routing Device can be handled the message after the encapsulation, and obtaining VXLAN message includes: that the encapsulation can be removed in the third router What message afterwards included is packaged in the VNI of IP He ESP;The third router will remove in the message obtained after VNI IP are updated, and obtain the VXLAN message.The VXLAN message is the message that the VTEP in DC2 can be identified.Wherein, It may include: the third router pair that the IP head removed in the message obtained after VNI is updated by the third router Total length field, protocol number field and the header check and field for removing the IP head in the message obtained after VNI are updated, with Toilet states VXLAN message and can be identified and/or be handled by the VTEP in DC2.

For example, if the message after the encapsulation includes VNI the and UEP head for being packaged in IP He ESP, described Three routers can be handled the message after the encapsulation, and obtaining VXLAN message includes: that institute can be removed in the third router VNI the and UDP head for being packaged in IP He ESP that message after stating encapsulation includes;The third router will remove VNI and IP head in the message obtained after UDP is updated, and obtains the VXLAN message.The VXLAN message is in DC2 The message that VTEP can be identified.Wherein, IP head after the third router will remove VNI and UDP in the message that obtains into Row updates the total length word that may include: the third router to the IP head in the message obtained after removing VNI and UDP Section, protocol number field and header check and field are updated, so that the VXLAN message can be identified by the VTEP in DC2 And/or processing.

Fig. 7 is the structural schematic diagram of the first router provided in an embodiment of the present invention.The corresponding the first router of Fig. 7 can be with Execute the method that the corresponding embodiment of Fig. 1 provides.The corresponding the first router of Fig. 7 can be in the corresponding embodiment of Fig. 2 One router.The first router provided in an embodiment of the present invention includes receiving unit 702, processing unit 704 and transmission unit 706。

The receiving unit 702 is used to receive the VXLAN message of VTEP transmission, and the VXLAN message includes VNI.

The processing unit 704 is used for the message according to the VXLAN message, after being encapsulated, the report after the encapsulation Text is the message for obtain after IPsec-ESP encapsulation to the VXLAN message, and the message after the encapsulation includes IP, institute State VNI, ESP and encryption the VXLAN message, the VNI be packaged in described IP and it is ESP described between.

The transmission unit 706 is for sending the message after the encapsulation to the second router.

Optionally, described IP includes first identifier information, and the first identifier information is for after identifying the encapsulation Message carries the VNI.

Optionally, the message after the encapsulation further includes being packaged in the described IP UDP head between the VNI, described UDP are UDP head included by the VXLAN message from the VTEP, and described IP includes first identifier information, described First identifier information is used to identify the message after the encapsulation and carries the UDP head, it is described be packaged in described IP with it is described UDP head between VNI includes second identifier information, and the message that the second identifier information is used to identify after the encapsulation carries The VNI.

In the first router provided in an embodiment of the present invention, processing unit is according in VXLAN message and the VXLAN message VNI encapsulated after message, be packaged with the VNI between IP head that the message after the encapsulation includes and ESP.It sends Unit sends the message after the encapsulation to the second router, facilitates the second router according to the message after the encapsulation The VNI of middle carrying carries out the further business processings such as business processing, such as load balancing, helps to improve the network operation Efficiency.

Fig. 8 be another embodiment of the present invention provides the first router structural schematic diagram.The first router can be held The method that the corresponding embodiment of row Fig. 1 provides.The first router can be the first router in the corresponding embodiment of Fig. 2. The first router provided in an embodiment of the present invention includes processor 801, memory 802, interface 803 and bus 804.Wherein, it connects Mouth 803 can be realized by way of wirelessly or non-wirelessly, such as interface 803 can be network interface card (full name in English: Network Interface Card, english abbreviation: NIC) or other elements for realizing communication.The processor 801, the memory 802, the interface 803 can be connected by the bus 804.

The memory 802 is for storing program code.Optionally, said program code may include operating system program And application program.

The processor 801 executable instruction according to included by the program read from the memory 802 executes such as Lower operation.

The processor 801 receives the VXLAN message that VTEP is sent, the VXLAN message packet by the interface 803 Include VXLAN network identifier VNI;The processor 801 is according to the VXLAN message, message after being encapsulated, the encapsulation Message afterwards is the message for obtain after IPsec-ESP encapsulation to the VXLAN message, and the message after the encapsulation includes IP Head, it is described VNI, ESP and encrypt the VXLAN message, the VNI be packaged in described IP and it is ESP described between;Institute Processor 801 is stated by the interface 803, sends the message after the encapsulation to the second router.

Optionally, described IP includes first identifier information, and the first identifier information is for after identifying the encapsulation Message carries the VNI.

Optionally, the message after the encapsulation further includes being packaged in the described IP UDP head between the VNI, described UDP are UDP head included by the VXLAN message from the VTEP, and described IP includes first identifier information, described First identifier information is used to identify the message after the encapsulation and carries the UDP head, it is described be packaged in described IP with it is described UDP head between VNI includes second identifier information, and the message that the second identifier information is used to identify after the encapsulation carries The VNI.

In the first router provided in an embodiment of the present invention, processor 801 is according to VXLAN message and the VXLAN message In VNI encapsulated after message, be packaged with the VNI between IP head that the message after the encapsulation includes and ESP.Place Device 801 is managed by interface 803, sends the message after the encapsulation to the second router, facilitate the second router according to The VNI carried in message after the encapsulation carries out the further business processings such as business processing, such as load balancing, has Help improve network operation efficiency.

Fig. 9 is the structural schematic diagram of the second router provided in an embodiment of the present invention.The second router shown in Fig. 9 can be held The method that the corresponding embodiment of row Fig. 2 provides.The second router shown in Fig. 9 can be second in the corresponding embodiment of Fig. 1 Router.The second router provided in an embodiment of the present invention includes receiving unit 902 and processing unit 904.

The receiving unit 902 is used to receive the message after the encapsulation of the first router transmission.Message after the encapsulation It is the message for obtain after IPsec-ESP encapsulation to the VXLAN message from VTEP, the message after the encapsulation includes IP, VNI, ESP and encryption the VXLAN message, the VNI be packaged in described IP and it is ESP described between.

The processing unit 904 is used to obtain the VNI from the message after the encapsulation.

For example, the first identifier information is for identifying the encapsulation if described IP includes first identifier information Message afterwards carries the VNI, then the processing unit 904 is specifically used for the first identifier for including according to described IP Information, the message after determining the encapsulation include the VNI;The processing unit 904 is specifically used for from described IP and described The VNI is obtained between ESP.

For example, if the message after the encapsulation further includes being packaged in the described IP UDP head between the VNI, The described UDP UDP head for including for the VXLAN message from the VTEP, described IP includes first identifier information, institute It states message of the first identifier information for after identifying the encapsulation and carries the UDP head, it is described to be packaged in described IP and institute Stating the UDP head between VNI includes second identifier information, and the message that the second identifier information is used to identify after the encapsulation carries There is the VNI, then the processing unit 904 is specifically used for the first identifier information for including according to described IP, is sealed UDP head loaded on described IP between the VNI;The processing unit 904 be specifically used for according to be packaged in described IP and The second identifier information that UDP head between the VNI includes, the message after determining the encapsulation include the VNI;It is described Processing unit 904 is specifically used for obtaining the VNI from described IP and between ESP described.

In the second router provided in an embodiment of the present invention, the VNI that the message after encapsulation includes is packaged in IP and ESP head Between, processing unit 904 can be after receiving the message after encapsulation, and the VNI carried to the message after the encapsulation knows Not.The processing unit 904 can obtain the VNI from the message after the encapsulation.In this way, the second router can benefit Further business processing is carried out with the VNI of acquisition, helps to improve network operation efficiency.

Figure 10 be another embodiment of the present invention provides the second router structural schematic diagram.The second router can be held The method that the corresponding embodiment of row Fig. 2 provides.The second router can be the second router in 1 corresponding embodiment. The second router provided in an embodiment of the present invention includes: processor 1001, memory 1002, interface 1003 and bus 1004.Its In, interface 1003 can be realized by way of wirelessly or non-wirelessly, for example NIC or other is for realizing the element of communication.It is described Processor 1001, the memory 1002, the interface 1003 are connected by the bus 1004.

The memory 1002 is for storing program code.Optionally, program code may include operating system program and Application program.

The processor 1001 executable instruction according to included by the program read from the memory 1002 executes Following operation.

Message of the processor 1001 by the interface 1003, after receiving the encapsulation that the first router is sent.It is described Message after encapsulation is the message for obtain after IPsec-ESP encapsulation to the VXLAN message from VTEP, the encapsulation Message afterwards include IP, VNI, ESP and encryption the VXLAN message, the VNI be packaged in described IP with it is described Between ESP;The processor 1001 obtains the VNI from the message after the encapsulation.

For example, the first identifier information is for identifying the encapsulation if described IP includes first identifier information Message afterwards carries the VNI, then the first identifier information that the processor 1001 includes according to described IP, determines Message after the encapsulation includes the VNI;The processor 1001 obtains described from described IP and between ESP described VNI。

For example, if the message after the encapsulation further includes being packaged in the described IP UDP head between the VNI, The described UDP UDP head for including for the VXLAN message from the VTEP, described IP includes first identifier information, institute It states message of the first identifier information for after identifying the encapsulation and carries the UDP head, it is described to be packaged in described IP and institute Stating the UDP head between VNI includes second identifier information, and the message that the second identifier information is used to identify after the encapsulation carries There is the VNI, then the first identifier information that the processor 1001 includes according to described IP, acquisition is packaged in the IP UDP head between head and the VNI;The processor 1001 is wrapped according to the described IP UDP head between the VNI is packaged in The second identifier information included, the message after determining the encapsulation include the VNI;The processor 1001 is from the IP head And it is ESP described between obtain the VNI.

In the second router provided in an embodiment of the present invention, the VNI that the message after encapsulation includes is packaged in IP and ESP head Between, processor 1001 can be after receiving the message after encapsulation, and the VNI carried to the message after the encapsulation knows Not.The processor 1001 can obtain the VNI from the message after the encapsulation.In this way, the second router can benefit Further business processing is carried out with the VNI of acquisition, helps to improve network operation efficiency.

Figure 11 is the system provided in an embodiment of the present invention for handling VXLAN message.System provided in an embodiment of the present invention System may include that the first router that earlier figures 7 or the corresponding embodiment of Fig. 8 provide and the corresponding embodiment of Fig. 9 or Figure 10 provide The second router, no longer the first router and the second router are repeated herein.

It will be recognized by those of ordinary skill in the art that the possibility implementation of various aspects of the invention or various aspects It can be embodied as system, method or computer program product.Therefore, each aspect of the present invention or various aspects Possible implementation can use complete hardware embodiment, complete software embodiment (including firmware, resident software etc.), or The form of the embodiment of person's integration software and hardware aspect, collectively referred to herein as " circuit ", " module " or " system ".This Outside, the possibility implementation of each aspect of the present invention or various aspects can use the form of computer program product, computer Program product refers to the computer readable program code of storage in computer-readable medium.

Computer-readable medium can be computer-readable signal media or computer readable storage medium.Computer can Read storage medium including but not limited to electronics, magnetism, optics, electromagnetism, infrared or semiconductor system, equipment perhaps device or It is above-mentioned any appropriately combined, as random access memory (full name in English: random access memory, english abbreviation: RAM), read-only memory (full name in English: read-only memory, english abbreviation: ROM), the read-only storage of erasable programmable Device ((full name in English: erasable programmable read only memory, english abbreviation: EPROM) or flash memory Reservoir), optical fiber, portable read-only memory (full name in English: compact disc read-only memory, english abbreviation: CD-ROM)。

Processor in computer reads the computer readable program code of storage in computer-readable medium, so that place Reason device is able to carry out function action specified in the combination of each step or each step in flow charts;It generates and implements in block diagram Each piece or each piece of combination specified in function action device.

Computer readable program code can execute completely on the local computer of user, partially in the local of user meter On calculation machine execute, as individual software package, partially on the local computer of user and part on the remote computer, or Person executes on a remote computer or server completely.It is also noted that in some alternative embodiments, in flow charts Each piece of function of indicating may not be occurred by the sequence indicated in figure in each step or block diagram.For example, dependent on related Function, two steps or two blocks shown in succession may be actually executed substantially concurrently or these blocks sometimes may be used It can be performed with reverse order.

Obviously, various changes and modifications can be made to the invention without departing from essence of the invention by those skilled in the art Mind and range.In this way, if these modifications and changes of the present invention belongs to the range of the claims in the present invention and its equivalent technologies Within, then the present invention is also intended to include these modifications and variations.

Claims (13)

1. a kind of method for handling virtual expansible local area network VXLAN message, which is characterized in that the described method includes:
The first router receives the VXLAN message that virtual channel endpoint VTEP is sent, and the VXLAN message includes VXLAN network Identifier VNI;
The first router is according to the VXLAN message, message after being encapsulated, and the message after the encapsulation is to described VXLAN message carries out the message obtained after internet protocol security-package safety load IPsec-ESP encapsulation, the encapsulation Message afterwards includes Internet protocol IP head, the VNI, encapsulating security payload (esp) ESP and the VXLAN of encryption report Text, the VNI be packaged in described IP and it is ESP described between;
The first router sends the message after the encapsulation to the second router.
2. described first marks the method according to claim 1, wherein described IP includes first identifier information Know the message that information is used to identify after the encapsulation and carries the VNI.
3. the method according to claim 1, wherein the message after the encapsulation further includes being packaged in the IP head User datagram protocol UDP head between the VNI, described UDP is wrapped by the VXLAN message from the VTEP The UDP head included;
Described IP includes first identifier information, and the message that the first identifier information is used to identify after the encapsulation carries State UDP head, described to be packaged in the described IP UDP head between the VNI include second identifier information, the second identifier letter Message of the breath for after identifying the encapsulation carries the VNI.
4. a kind of method for handling virtual expansible local area network VXLAN message, which is characterized in that the described method includes:
The second router receives the message after the encapsulation that the first router is sent, and the message after the encapsulation is to carrying out self-virtualizing tunnel The VXLAN message of road endpoint VTEP carries out the report obtained after internet protocol security-package safety load IPsec-ESP encapsulation Text, the message after the encapsulation include Internet protocol IP head, VXLAN network identifier VNI, encapsulating security payload (esp) ESP Head and encryption the VXLAN message, the VNI be packaged in described IP and it is ESP described between;
The second router obtains the VNI from the message after the encapsulation.
5. according to the method described in claim 4, described first marks it is characterized in that, described IP includes first identifier information Know information and be used to identify the message after the encapsulation and carry the VNI, the second router is from the message after the encapsulation Obtaining the VNI includes:
The first identifier information that the second router includes according to described IP, the message after determining the encapsulation include The VNI;
The second router obtains the VNI from described IP and between ESP described.
6. according to the method described in claim 4, it is characterized in that, the message after the encapsulation further includes being packaged in the IP head User datagram protocol UDP head between the VNI, described UDP includes for the VXLAN message from the VTEP UDP head, described IP includes first identifier information, and the first identifier information is used to identify the message after the encapsulation and carries There is a UDP head, described to be packaged in the described IP UDP head between the VNI include second identifier information, second mark Know the message that information is used to identify after the encapsulation and carries the VNI;
The second router obtains the VNI from the message after the encapsulation
The first identifier information that the second router includes according to described IP, acquisition be packaged in described IP with it is described UDP head between VNI;
The second router is believed according to the second identifier that the described IP UDP head between the VNI includes is packaged in Breath, the message after determining the encapsulation includes the VNI;
The second router obtains the VNI from described IP and between ESP described.
7. a kind of the first router, which is characterized in that the first router includes:
Receiving unit, it is described for receiving the virtual expansible local area network VXLAN message of virtual channel endpoint VTEP transmission VXLAN message includes VXLAN network identifier VNI;
Processing unit is used for the message according to the VXLAN message, after being encapsulated, and the message after the encapsulation is to described VXLAN message carries out the message obtained after internet protocol security-package safety load IPsec-ESP encapsulation, the encapsulation Message afterwards includes Internet protocol IP head, the VNI, encapsulating security payload (esp) ESP and the VXLAN of encryption report Text, the VNI be packaged in described IP and it is ESP described between;
Transmission unit, for sending the message after the encapsulation to the second router.
8. the first router according to claim 7, which is characterized in that described IP includes first identifier information, described The message that first identifier information is used to identify after the encapsulation carries the VNI.
9. the first router according to claim 7, which is characterized in that the message after the encapsulation further includes being packaged in institute The user datagram protocol UDP head between IP and the VNI is stated, described UDP is the VXLAN report from the VTEP UDP head included by text;
Described IP includes first identifier information, and the message that the first identifier information is used to identify after the encapsulation carries State UDP head, described to be packaged in the described IP UDP head between the VNI include second identifier information, the second identifier letter Message of the breath for after identifying the encapsulation carries the VNI.
10. a kind of the second router, which is characterized in that the second router includes:
Receiving unit, the message after encapsulation for receiving the first router transmission, the message after the encapsulation is to from void The virtual expansible local area network VXLAN message of quasi- endpoint of a tunnel VTEP carries out internet protocol security-package safety load The message obtained after IPsec-ESP encapsulation, the message after the encapsulation includes Internet protocol IP head, VXLAN network identifier The VXLAN message of VNI, encapsulating security payload (esp) ESP and encryption, the VNI are packaged in described IP and the ESP Between head;
Processing unit, for obtaining the VNI from the message after the encapsulation.
11. the second router according to claim 10, which is characterized in that described IP includes first identifier information, institute It states message of the first identifier information for after identifying the encapsulation and carries the VNI;
The processing unit is specifically used for the first identifier information for including according to described IP, the report after determining the encapsulation Text includes the VNI;
The processing unit is specifically used for obtaining the VNI from described IP and between ESP described.
12. the second router according to claim 10, which is characterized in that the message after the encapsulation further includes being packaged in The described IP user datagram protocol UDP head between the VNI, described UDP is the VXLAN from the VTEP The UDP head that message includes, described IP includes first identifier information, and the first identifier information is for after identifying the encapsulation Message carries the UDP head, and described to be packaged in the described IP UDP head between the VNI include second identifier information, institute It states message of the second identifier information for after identifying the encapsulation and carries the VNI;
The processing unit is specifically used for the first identifier information for including according to described IP, and acquisition is packaged in the IP head UDP head between the VNI;
The processing unit is specifically used for basis and is packaged in the described IP UDP head between the VNI includes described second Identification information, the message after determining the encapsulation include the VNI;
The processing unit is specifically used for obtaining the VNI from described IP and between ESP described.
13. a kind of system for handling virtual expansible local area network VXLAN message, which is characterized in that the system comprises power Benefit requires 7 to 9 described in any item the first router and the described in any item the second router of claim 10 to 12.
CN201510127449.9A 2015-03-23 2015-03-23 For handling the method, apparatus and system of VXLAN message CN106161225B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201510127449.9A CN106161225B (en) 2015-03-23 2015-03-23 For handling the method, apparatus and system of VXLAN message

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
CN201510127449.9A CN106161225B (en) 2015-03-23 2015-03-23 For handling the method, apparatus and system of VXLAN message
PCT/CN2015/097523 WO2016150205A1 (en) 2015-03-23 2015-12-15 Method, device and system for processing vxlan message

Publications (2)

Publication Number Publication Date
CN106161225A CN106161225A (en) 2016-11-23
CN106161225B true CN106161225B (en) 2019-05-28

Family

ID=56977035

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201510127449.9A CN106161225B (en) 2015-03-23 2015-03-23 For handling the method, apparatus and system of VXLAN message

Country Status (2)

Country Link
CN (1) CN106161225B (en)
WO (1) WO2016150205A1 (en)

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103095546A (en) * 2013-01-28 2013-05-08 华为技术有限公司 Method, device and data center network for processing messages
WO2014028094A1 (en) * 2012-08-14 2014-02-20 Vmware, Inc. Method and system for virtual and physical network integration
CN104104747A (en) * 2014-07-28 2014-10-15 杭州华三通信技术有限公司 Method and device for message transmission
CN104335532A (en) * 2012-06-04 2015-02-04 瑞典爱立信有限公司 Routing VLAN tagged packets to far end addresses of virtual forwarding instances using separate administrations

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN104335532A (en) * 2012-06-04 2015-02-04 瑞典爱立信有限公司 Routing VLAN tagged packets to far end addresses of virtual forwarding instances using separate administrations
WO2014028094A1 (en) * 2012-08-14 2014-02-20 Vmware, Inc. Method and system for virtual and physical network integration
CN103095546A (en) * 2013-01-28 2013-05-08 华为技术有限公司 Method, device and data center network for processing messages
CN104104747A (en) * 2014-07-28 2014-10-15 杭州华三通信技术有限公司 Method and device for message transmission

Also Published As

Publication number Publication date
WO2016150205A1 (en) 2016-09-29
CN106161225A (en) 2016-11-23

Similar Documents

Publication Publication Date Title
Kempf et al. Moving the mobile evolved packet core to the cloud
US7643488B2 (en) Method and apparatus for supporting multiple customer provisioned IPSec VPNs
EP2853070B1 (en) Multi-tunnel virtual private network
US8873566B2 (en) Specifying priority on a virtual station interface discovery and configuration protocol response
US20140359275A1 (en) Method And Apparatus Securing Traffic Over MPLS Networks
US8396954B2 (en) Routing and service performance management in an application acceleration environment
US8351329B2 (en) Universal load-balancing tunnel encapsulation
EP2288083A1 (en) Communication device having VPN accomodation function
US10263916B2 (en) System and method for message handling in a network device
CN102694721B (en) Method for the packet switch in network
KR101694082B1 (en) Software-defined network overlay
CN103595648B (en) A method for load balancing in a receiving side system and a server
US20120099602A1 (en) End-to-end virtualization
US20140003434A1 (en) Method for Mapping Packets to Network Virtualization Instances
ES2311752T3 (en) Flow labels.
US9979704B2 (en) End-to-end security for virtual private service chains
CN104871495A (en) Overlay virtual gateway for overlay networks
CN104704778A (en) Method and system for virtual and physical network integration
US9516118B2 (en) Scalable segment identifier allocation in segment routing
JP6430634B2 (en) Chaining network service functions in communication networks
US7000120B1 (en) Scheme for determining transport level information in the presence of IP security encryption
WO2013184753A1 (en) Managing trace requests over tunneled links
US10181989B2 (en) Service chain fault detection method and apparatus
US10243847B2 (en) Forwarding packets with encapsulated service chain headers
CN101911611A (en) Flow classification for encrypted and tunneled packet streams

Legal Events

Date Code Title Description
C06 Publication
SE01 Entry into force of request for substantive examination
GR01 Patent grant