CN106209616A - One floods suppressing method and device - Google Patents
One floods suppressing method and device Download PDFInfo
- Publication number
- CN106209616A CN106209616A CN201610543360.5A CN201610543360A CN106209616A CN 106209616 A CN106209616 A CN 106209616A CN 201610543360 A CN201610543360 A CN 201610543360A CN 106209616 A CN106209616 A CN 106209616A
- Authority
- CN
- China
- Prior art keywords
- vxlan
- address
- arp
- message
- public network
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L45/00—Routing or path finding of packets in data switching networks
- H04L45/32—Flooding
Landscapes
- Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Data Exchanges In Wide-Area Networks (AREA)
Abstract
The invention provides one to flood suppressing method and device, wherein, this suppressing method that floods includes: receives and has gratuitous ARP packet mark and carry the virtual expansible local area network multicast message of VXLAN of free message;Generate public network ARP based on this VXLAN multicast message to flood suppression information;Wherein, flood VXLAN mark, source tunnel endpoint addresses, IP address of terminal and the terminal MAC address of suppression information of public network ARP corresponds respectively to the VXLAN mark of VXLAN multicast message, the transmitting terminal IP address of the outer layer source IP address of VXLAN multicast message, gratuitous ARP packet, the transmitting terminal MAC Address of gratuitous ARP packet.Based on the present invention, in VXLAN network, switch as convergent point generates ARP message in public network ARP floods suppression information thus suppresses VXLAN network and floods.
Description
Technical field
The present invention relates to communication technical field, particularly relate to one and flood suppressing method and device.
Background technology
VXLAN (Virtual Extensible Local Area Network, virtual expansible LAN) be based on
IP network, two layers of employing " MAC in UDP (User Datagram Protocol, User Datagram Protocol) " packing forms
VPN (Virtual Private Network, Virtual Private Network) technology.VXLAN can be based on existing service provider or enterprise
Industry IP network, provides two layers of interconnection for scattered physical site, therefore has ARP (Address Resolution
Protocol, address resolution protocol) flood generation.
The existing ARP of VXLAN network floods in suppressor mode, as VTEP (VXLAN Tunnel End Point,
VXLAN endpoint of a tunnel) switch receive this website ARP request message and flood suppression table at locally created ARP, belonging to identification
VXLAN, sends ARP request message by all local interfaces in addition to receiving interface in this VXLAN and carries out ARP request report
Literary composition is sent in VXLAN network according to the multicast address packaging V XLAN multicast message of affiliated VXLAN network.In VXLAN network
The multicast forwarding list item that equipment has built up forwards this VXLAN multicast message to the switch as convergent point (RP).As RP
Switch replicate according to multicast forwarding list item and forward VXLAN multicast message in VXLAN network as other websites
The switch of VETP.
Although said method can reduce the number of times that ARP request message in VXLAN network floods relatively, but still as the friendship of RP
Change planes and still can take the network bandwidth at VXLAN network copy transmission ARP message.
Summary of the invention
Present invention aim at providing one to flood suppressing method and device, to generate ARP message in suppression VXLAN network
The public network ARP flooded floods suppression information.
For achieving the above object, the invention provides one and flood suppressing method, wherein the method includes: receives to have and exempts from
Take a VXLAN multicast message of ARP message identification;Wherein a VXLAN multicast message carries the first gratuitous ARP packet;Base
Generate public network ARP in a VXLAN multicast message to flood suppression information;Wherein, public network ARP flood suppression information VXLAN mark
Knowledge, source tunnel endpoint addresses, IP address of terminal and terminal MAC address correspond respectively to the VXLAN mark of a VXLAN multicast message
Knowledge, the outer layer source IP address of a VXLAN multicast message, the transmitting terminal IP address of the first gratuitous ARP packet, the first gratuitous ARP
The transmitting terminal MAC Address of message.
For achieving the above object, present invention also offers one and flood restraining device, wherein this device includes: receive mould
Block, for receiving a VXLAN multicast message with gratuitous ARP packet mark;Wherein a VXLAN multicast message carries
One gratuitous ARP packet;Flood suppression module, floods suppression information for generating public network ARP based on a VXLAN multicast message;
Wherein, flood VXLAN mark, source tunnel endpoint addresses, IP address of terminal and the terminal MAC address of suppression information of public network ARP divides
Dui Yingyu the VXLAN mark of a VXLAN multicast message, the outer layer source IP address of a VXLAN multicast message, first free
The transmitting terminal IP address of ARP message, the transmitting terminal MAC Address of the first gratuitous ARP packet.
The beneficial effects of the present invention is, switch as convergent point generates public network ARP and floods suppression in VXLAN network
Information, it is simple to according to the public network ARP suppression information that floods, the ARP request message in VXLAN network is responded further, it is to avoid
Flooding of ARP message in VXLAN network, decreases bandwidth occupancy.
Accompanying drawing explanation
In order to be illustrated more clearly that the embodiment of the present invention or technical scheme of the prior art, below will be to embodiment or existing
In having technology to describe, the required accompanying drawing used is briefly described, it should be apparent that, the accompanying drawing in describing below is only this
Some embodiments of invention, for those of ordinary skill in the art, on the premise of not paying creative work, it is also possible to
Other accompanying drawing is obtained according to these accompanying drawings.
The flow chart of the suppressing method that floods that Fig. 1 provides for the embodiment of the present invention;
The VXLAN network diagram that Fig. 2 provides for the present invention;
The schematic diagram of the VXLAN message format with ARP type of message mark that Fig. 3 provides for the embodiment of the present invention;
The schematic diagram of the restraining device that floods that Fig. 4 provides for the embodiment of the present invention.
Detailed description of the invention
Flooding to reduce ARP in the address information obtaining virtual unit, save the network bandwidth, the embodiment of the present invention provides
One floods suppressing method and device.
Below in conjunction with the accompanying drawing in the embodiment of the present invention, the technical scheme in the embodiment of the present invention is carried out clear, complete
Describe, it is clear that described embodiment is only a part of embodiment of the present invention rather than whole embodiments wholely.Based on
Embodiment in the present invention, it is every other that those of ordinary skill in the art are obtained under not making creative work premise
Embodiment, broadly falls into the scope of protection of the invention.
It should be noted that in the case of not conflicting, the embodiment in the present invention and the feature in embodiment can phases
Combination mutually.Describe the present invention below with reference to the accompanying drawings and in conjunction with the embodiments in detail.
The suppressing method that floods shown in Fig. 1 is applied to the interior switch as convergent point of VXLAN network, including:
Step S101, receives and has gratuitous ARP packet mark and carry the VXLAN multicast message of gratuitous ARP packet.
Step S102, generates public network ARP based on the VXLAN multicast message that receives and floods suppression information.
Public network ARP floods VXLAN mark, source tunnel endpoint addresses, IP address of terminal and the terminal MAC address of suppression information
Correspond respectively to the VXLAN mark of VXLAN multicast message, the transmitting terminal IP ground of outer layer source IP address, gratuitous ARP packet received
Location and transmitting terminal MAC Address.
Having the beneficial effects that of embodiment illustrated in fig. 1, in VXLAN network, the switch as convergent point generates public network ARP
The suppression information that floods thus in suppressing VXLAN network ARP message flood.
In the VXLAN network that the embodiment of the present invention shown in Fig. 2 provides, switch F is as the convergence of VXLAN10 network
Point.
The IP address of virtual machine VM1 and VM4 of server sever1 carrying and MAC Address be respectively IP1 and MAC1 and
IP address and the MAC Address of the virtual machine VM2 of IP4 and MAC4, server sever2 carrying are respectively IP2 and MAC2, server
IP address and the MAC Address of the virtual machine VM3 of sever3 carrying are respectively IP3 and MAC3.
Between switch A and switch b, foundation has VXLAN tunnel, switch D, F, G can be on this VXLAN tunnel
Intermediate equipment.Setting up between switch A and C and have VXLAN tunnel, switch changes planes D, F, E can centre on this VXLAN tunnel
Equipment.Between switch b and switch C, foundation has VXLAN tunnel, switch G, F, E can be the centre on this VXLAN tunnel
Equipment.
Switch F and switch A, B, C have set up VXLAN tunnel respectively, VXLAN tunnel between switch F and switch A
Intermediate equipment is switch D, and between switch F and B, the intermediate equipment in VXLAN tunnel is switch G, between switch F and C
The intermediate equipment in VXLAN tunnel is switch E.VXLAN multicast message in VXLAN10 network is sent out by the equipment in VXLAN10
Toward the switch F as convergent point.
Switch A, switch b and switch C set up the IP address of VXLAN network tunnel in VXLAN10
IPA, IPB and IPC.
Gratuitous ARP packet is sent when virtual machine VM1 and VM4 access network.Switch A is received by port GE1/0/1
Carry out the gratuitous ARP packet of self virtualizing machine VM1 and VM4, determine belonging to VLAN2 Yu VXLAN 10 belonging to receiving port GE1/0/1
Virtual Switch Instance VSI association.Switch A record VXLAN10, IP1, MAC1, port GE1/0/1, VLAN2 are as virtual machine
The local ARP of VM1 floods suppression information, and record VXLAN10, IP4, MAC4, port GE1/0/1 and VLAN2 are as void
The local ARP of plan machine VM4 floods suppression information.The ARP of the switch A record suppression information that floods is as shown in the table:
| VXLAN identifies | IP address of terminal | Terminal MAC address | Port |
| VXLAN10 | IP1 | MAC1 | GE1/0/1,VLAN2 |
| VXLAN10 | IP4 | MAC4 | GE1/0/1,VLAN2 |
Switch A can obtain virtual machine VM1 according to the transmitting terminal IP address of gratuitous ARP packet and transmitting terminal MAC Address
IP address and MAC Address.
The gratuitous ARP packet received, according to the multicast ip address of VXLAN network 10, is encapsulated as having free by switch A
ARP message identification and carry the VXLAN multicast message of gratuitous ARP packet, wherein, outer layer source IP address is IPA (that is, switch A
The IP address in VXLAN tunnel), outer layer purpose IP address is multicast ip address;VXLAN head carries gratuitous ARP packet mark.Hand over
The A that changes planes passes through the outgoing interface in VXLAN tunnel corresponding to multicast ip address and sends the VXLAN multicast report carrying gratuitous ARP packet
Literary composition.
Fig. 3 show the signal of the VXLAN message format with ARP type of message mark that the embodiment of the present invention provides
Figure.As it is shown on figure 3, first reserved field 301 of the VXLAN head of VXLAN message has 24 bits (bit).The present invention implements
The first of 24 bits reserved field 301 can be divided into three parts, each part 8 bit by example.So, by three parts
It is respectively used to carry gratuitous ARP packet mark, ARP request message identification, arp response message identification.Or, the present embodiment uses
A part of bit of reserved field 301, is respectively used to carry above-mentioned different ARP type of message mark.Or, utilize VXLAN
The reserved field of last 8 bits of head carries above-mentioned different ARP type of message mark.In the embodiment of the present invention, as convergent point
Switch F receive VXLAN multicast message there is gratuitous ARP packet mark or ARP request message identification or arp response message mark
Know, the most no longer perform core and replicate, and be carried out process described below.
Switch F receives having gratuitous ARP packet mark and carrying the VXLAN of gratuitous ARP packet of switch A transmission
Multicast message, record VXLAN10, IP1, MAC1 and IPA flood suppression information as the public network ARP of virtual machine VM1, record
VXLAN10, IP4, MAC4 and IPA flood suppression information as the public network ARP of virtual machine VM4.The public network of switch F record
The ARP suppression information that floods is as shown in the table:
| VXLAN identifies | IP address of terminal | Terminal MAC address | Source VETP | Association VTEP |
| VXLAN10 | IP1 | MAC1 | IP A | |
| VXLAN10 | IP4 | MAC4 | IP A |
Switch F receives the VXLAN multicast message carrying gratuitous ARP packet mark, obtains according to the UNI field of VXLAN head
Take VXLAN10 (that is, VXLAN mark);IPA (that is, the IP address of source VETP) is obtained according to outer layer source IP address;Exempt from according to internal layer
Take the transmitting terminal IP address of ARP message and transmitting terminal MAC Address obtains IP address and the MAC Address of virtual machine VM1 and VM4.
Same, virtual machine VM2 access network sends gratuitous ARP packet.Switch b is received by port GE2/0/1
Carrying out the gratuitous ARP packet of self virtualizing machine VM2, record VXLAN10, IP2, MAC2, port GE2/0/1 and VLAN2 are as this locality
ARP floods suppression information.The local ARP of the switch b record suppression information that floods is as shown in the table:
| VXLAN identifies | IP address of terminal | Terminal MAC address | Port |
| VXLAN10 | IP2 | MAC2 | GE2/0/1,VLAN2 |
The gratuitous ARP packet received, according to the multicast ip address of VXLAN10, is encapsulated as having gratuitous ARP report by switch b
Literary composition identifies and carries the VXLAN multicast message of gratuitous ARP packet, and wherein, outer layer source IP address is IPB;Outer layer purpose IP address
For multicast ip address;VXLAN head has gratuitous ARP packet mark.Switch b passes through the VXLAN tunnel that multicast ip address is corresponding
Outgoing interface send and carry the VXLAN multicast message of gratuitous ARP packet.
Virtual machine VM3 sends gratuitous ARP packet.Switch C receives self virtualizing machine VM3's by port GE3/0/1
Gratuitous ARP packet, record VXLAN10, IP3, MAC3, port GE3/0/1 and VLAN2 flood suppression information as local ARP.
The local ARP suppression information that floods of switch C record is as shown in the table:
| VXLAN identifies | IP address of terminal | Terminal MAC address | Port |
| VXLAN10 | IP3 | MAC3 | GE3/0/1,VLAN2 |
The gratuitous ARP packet received, according to the multicast ip address of VXLAN10, is encapsulated as having gratuitous ARP report by switch C
The civilian VXLAN multicast message identified and carry gratuitous ARP packet, wherein, outer layer source IP address is IPC;Outer layer purpose IP address
For multicast ip address;VXLAN head carries gratuitous ARP packet mark.Switch C passes through the VXLAN tunnel that multicast ip address is corresponding
Outgoing interface send and carry the VXLAN multicast message of gratuitous ARP packet.
What switch F desampler B and switch C sent has the VXLAN multicast message of gratuitous ARP packet mark,
The public network ARP of record virtual machine VM2 and VM3 floods suppression information such as following table:
| VXLAN identifies | IP address of terminal | Terminal MAC address | Source VETP | Association VTEP |
| VXLAN10 | IP1 | MAC1 | IP A | |
| VXLAN10 | IP4 | MAC4 | IP A | |
| VXLAN10 | IP2 | MAC2 | IP B | |
| VXLAN10 | IP3 | MAC3 | IP C |
Virtual machine VM1 sends the ARP request message of the MAC Address of request virtual machine VM4.Switch A according to VXLAN10 and
IP4 finds the local ARP of coupling and floods suppression information, generates arp response message.
In the present invention, switch A is according to VXLAN mark and the destination end IP address of ARP request message, at local ARP
The suppression information that floods makes a look up.Switch A finds the local ARP of coupling and floods suppression information, generates arp response report
Literary composition, the IP address of terminal of the suppression information that flooded by local ARP and terminal MAC address are set to the transmitting terminal IP ground of arp response message
Location and MAC Address, be set to the destination end IP address of arp response message by the transmitting terminal IP address of ARP request message and MAC Address
And MAC Address.Switch A arranges the VLAN mark of arp response message according to the flood VLAN2 of suppression information of the local ARP of coupling
Know, then flooded by local ARP and suppress information port GE1/0/1 to send arp response message.
Virtual machine VM1 sends the ARP request message of request virtual machine VM3.Switch A is according to VXLAN10 and destination end IP
Address ip 3 does not finds the local ARP of coupling and suppresses information, the multicast ip address according to VXLAN network 10 is entered ARP message
Row encapsulation, obtains having ARP request message identification and carry the VXLAN multicast message of ARP request message, wherein, and outer layer source IP
Address is the IP address in the VXLAN tunnel of switch A, and outer layer purpose IP address is multicast ip address;VXLAN head has ARP please
Seek message identification.Switch A passes through the outgoing interface transmission in VXLAN tunnel corresponding to multicast ip address and carries gratuitous ARP packet
VXLAN multicast message.
In VXLAN network 10, what switch A sent has ARP request message identification and carries ARP request message
VXLAN multicast message is sent to convergent point switch F.Switch F finds according to VXLAN10 and destination end IP address ip 3
The public network ARP of coupling floods suppression information, generates arp response message according to the public network ARP of the coupling suppression information that floods, will generate
Arp response message be encapsulated as having arp response message identification and carry the VXLAN unicast message of arp response message of generation;
Wherein, outer layer source IP address is that the public network ARP of coupling floods the IP C of source VTEP in suppression information, and outer layer purpose IP address is to look into
Ask public network ARP to flood the IPA of switch A of suppression information;VXLAN head has arp response message identification.
In the embodiment of the present invention, the public network ARP finding coupling as convergent point switch F floods suppression information, and generation is answered
Generate arp response message, VXLAN packet outer layer source IP address and outer layer purpose IP address are set to target side and requesting party
The IP address in VXLAN tunnel, sends the VXLAN clean culture carrying arp response message by the VXLAN tunnel of self connection request side
Message.So, in VXLAN network, there is arp response message identification and carry the VXLAN unicast message meeting of arp response message
The IP address in the VXLAN tunnel according to requesting party, i.e. IPA, can be eventually transmitted to switch A.Thus, the embodiment of the present invention is permissible
Avoid ARP request message flooding in VXLAN10 network, decrease bandwidth occupancy.
Switch F floods the association VETP of information at the public network ARP of coupling this public network of record queries in suppression information that floods
The IP address of (that is, switch A).Public network suppression information such as following table after switch F renewal:
| VXLAN identifies | IP address of terminal | Terminal MAC address | Source VETP | Association VTEP |
| VXLAN10 | IP1 | MAC1 | IP A | |
| VXLAN10 | IP4 | MAC4 | IP A | |
| VXLAN10 | IP2 | MAC2 | IP B | |
| VXLAN10 | IP3 | MAC3 | IP C | IPA |
Switch A receives the arp response message of VXLAN encapsulation, and record VXLAN10 and IP3 is corresponding to MAC3 and Tunnel
ID1 floods suppression information as the local ARP of virtual machine VM3.The local ARP of switch A record floods suppression information such as following table
Shown in:
| VXLAN identifies | IP address of terminal | Terminal MAC address | Port |
| VXLAN10 | IP1 | MAC1 | GE1/0/1,VLAN2 |
| VXLAN10 | IP4 | MAC4 | GE1/0/1,VLAN2 |
| VXLAN10 | IP3 | MAC3 | Tunnel ID1 |
When switch A receives the VXLAN unicast message carrying arp response message, can think according to outer layer source IP address IPC
Arp response message is received by connecting the VXLAN tunnel of switch C.Therefore switch A obtains this VXLAN Tunnel Identifier, such as
Tunnel ID2;The local ARP of record floods suppression information.
Switch A will have arp response message identification and carries the VXLAN unicast message decapsulation of arp response message, root
Find local ARP according to VXLAN10 and destination end IP address ip 1 to flood suppression information, send decapsulation according to port GE1/0/1
After arp response message.Virtual machine VM1 receives arp response message, learns ARP, according to the ARP learnt by virtual
The IP message of machine VM3 is encapsulated as Ethernet message.The Ethernet report of virtual machine VM3 is mail to when switch A receives virtual machine VM1
Literary composition, finds the local ARP of coupling according to target MAC (Media Access Control) address MAC3 and floods suppression information, corresponding according to Tunnel ID1
VXLAN tunnel index is encapsulated as VXLAN unicast message and is sent by outgoing interface corresponding for Tunnel ID1.Finally, VXLAN is mono-
Report literary composition and be sent to switch C by the VXLAN tunnel between switch A and C.Switch C receives VXLAN unicast message,
Release VXLAN encapsulation, find this locality of coupling according to purpose MAC and flood suppression information, sent by port GE3/0/1.?
Eventually, Ethernet message is sent to virtual machine VM3.
When virtual machine VM3 moves to server 2 from server 3, virtual machine VM3 sends gratuitous ARP
Message.Gratuitous ARP packet is encapsulated as by switch b to be had gratuitous ARP packet mark and carries the VXLAN group of gratuitous ARP packet
Report literary composition, sent by the outgoing interface in corresponding VXLAN tunnel.Switch b updates local ARP and floods suppression information, such as following table:
| VXLAN identifies | IP address of terminal | Terminal MAC address | Port |
| VXLAN10 | IP2 | MAC2 | GE2/0/1,VLAN2 |
| VXLAN10 | IP3 | MAC3 | GE2/0/1,VLAN2 |
What switch F desampler B sent has gratuitous ARP packet mark and carries the VXLAN group of gratuitous ARP packet
Reporting literary composition, the public network ARP finding coupling according to VXLAN10 and IP3 floods information, and flood suppression letter by the public network ARP of coupling
IPB is revised as, such as following table in the IP address of the source VETP of breath:
| VXLAN identifies | IP address of terminal | Terminal MAC address | Source VETP | Association VTEP |
| VXLAN10 | IP1 | MAC1 | IP A | |
| VXLAN10 | IP4 | MAC4 | IP A | |
| VXLAN10 | IP2 | MAC2 | IP B | |
| VXLAN10 | IP3 | MAC3 | IP B | IPA |
The VXLAN multicast message carrying gratuitous ARP packet is decapsulated by switch F, floods according to the public network ARP of coupling and presses down
Information processed associates the IP address of VETP, gratuitous ARP packet encapsulation is had gratuitous ARP packet mark and carries gratuitous ARP report
The VXLAN unicast message of literary composition, wherein, outer layer source IP address and outer layer purpose IP address are IPB and IPA respectively.
Switch F receives the VXLAN multicast message carrying gratuitous ARP packet, when confirming source VETP change, by gratuitous ARP
Message unicasts to inquire about this public network ARP and floods the association VETP of suppression information.Switch F will update after source VTEP and association
The IP address in the VXLAN tunnel of VETP is set to VXLAN packet outer layer source IP address and outer layer purpose IP address, is connected by self
The VXLAN tunnel of requesting party sends the VXLAN unicast message carrying arp response message.So, in VXLAN network, have and exempt from
Expense ARP message identification and carry the VXLAN unicast message of gratuitous ARP packet to be sent directly to inquire about public network ARP general
The switch A of flood suppression information.Thus, not only avoid gratuitous ARP broadcasting packet flooding in VXLAN10 network, also can and
Shi Tongzhi switch A updates local ARP and floods suppression information.
Switch A receives the VXLAN unicast message carrying gratuitous ARP packet, finds VXLAN 10 and transmitting terminal IP ground
Location IP3 floods suppression information to the local ARP of coupling, determines the outer layer receiving the VXLAN unicast message carrying gratuitous ARP packet
Flood with the local ARP of the coupling VXLAN tunnel outgoing interface of suppression information of the VXLAN tunnel that source IP address is corresponding is the most corresponding, then
The Tunnel Identifier of the suppression information that flooded by the local ARP of coupling is updated to Tunnel ID2, as shown in the table:
| VXLAN identifies | IP address of terminal | Terminal MAC address | Port |
| VXLAN10 | IP1 | MAC1 | GE1/0/1,VLAN2 |
| VXLAN10 | IP4 | MAC4 | GE1/0/1,VLAN2 |
| VXLAN10 | IP3 | MAC3 | Tunnel ID2 |
When virtual machine VM1 sends Ethernet message to virtual machine VM3, switch A can flood according to this locality after updating
Suppression information, is packaged according to the VXLAN tunnel connecting switch b that Tunnel ID2 is corresponding and sends.As virtual machine VM1
ARP aging after resend request virtual machine VM3 ARP request message time, switch A directly floods according to this locality and presses down
Information processed generates arp response message, and is sent to switch VM1.
Corresponding to above method embodiment, the embodiment of the present invention additionally provides corresponding device embodiment.
Fig. 4 show the schematic diagram of the restraining device 400 that floods that the embodiment of the present invention provides, this restraining device 400 that floods
Can apply to the interior switch as convergent point of VXLAN network.The restraining device 400 that floods includes receiver module 410, floods and press down
Molding block 420 and sending module 430.
Receiver module 410, for receiving a VXLAN multicast message with gratuitous ARP packet mark;Wherein first
VXLAN multicast message carries the first gratuitous ARP packet.Flood suppression module 420, for raw based on a VXLAN multicast message
Public network ARP is become to flood suppression information;Wherein, public network ARP floods the VXLAN mark of suppression information, source tunnel endpoint addresses, terminal
IP address and terminal MAC address correspond respectively to the VXLAN mark of a VXLAN multicast message, a VXLAN multicast message
Outer layer source IP address, the transmitting terminal IP address of the first gratuitous ARP packet, the transmitting terminal MAC Address of the first gratuitous ARP packet.
Receiver module 410, is additionally operable to receive the 2nd VXLAN multicast message with ARP request message identification.Flood suppression
Module 420, is additionally operable to find the VXLAN mark of the 2nd VXLAN multicast message and the destination end IP address of ARP request message
Be assigned in public network ARP flood suppression information VXLAN mark and IP address of terminal;Based on public network ARP flood suppression information generate ARP
Response message and arp response message is encapsulated as a VXLAN unicast message;Wherein, the transmitting terminal IP address of arp response message
Flood the IP address of terminal of suppression information and terminal MAC address corresponding to public network ARP with transmitting terminal MAC Address;Oneth VXLAN is mono-
Report the outer layer source IP address of literary composition and outer layer purpose IP address corresponding to being that public network ARP floods the source endpoint of a tunnel ground of suppression information
Location and the source IP address of the 2nd VXLAN multicast message.Sending module 430, for sending a VXLAN unicast message.
Flood suppression module 420, is additionally operable to that the outer layer source IP address of the 2nd VXLAN multicast message is set to public network ARP general
The association tunnel endpoint addresses of flood suppression information.
Receiver module 410, is additionally operable to receive the 3rd VXLAN multicast message with gratuitous ARP packet mark;Wherein the 3rd
VXLAN multicast message carries the second gratuitous ARP packet.Flood suppression module 420, is additionally operable to find the 3rd VXLAN multicast report
The VXLAN mark of literary composition and the transmitting terminal IP address of the second gratuitous ARP packet are matched with public network ARP and flood the VXLAN of suppression information
The outer layer source IP address of mark and IP address of terminal and the 3rd VXLAN multicast message and public network ARP flood the source tunnel of suppression information
Road end-point addresses is inconsistent, revises public network ARP according to the outer layer source IP address of the 3rd VXLAN multicast message and floods suppression information
Source tunnel endpoint addresses.
Flood suppression module 420, is additionally operable to be encapsulated as by the second gratuitous ARP packet according to the public network ARP suppression information that floods
2nd VXLAN unicast message;Outer layer source IP address and the outer layer purpose IP address of VXLAN unicast message are that public network ARP is general respectively
Flood suppression information source tunnel endpoint addresses with associate tunnel endpoint addresses.Sending module 430, is additionally operable to send the 2nd VXLAN
Unicast message.
For device embodiment, owing to it is substantially similar to embodiment of the method, so describe is fairly simple, relevant
Part sees the part of embodiment of the method and illustrates.
It should be noted that in this article, the relational terms of such as first and second or the like is used merely to a reality
Body or operation separate with another entity or operating space, and deposit between not necessarily requiring or imply these entities or operating
Relation or order in any this reality.And, term " includes ", " comprising " or its any other variant are intended to
Comprising of nonexcludability, so that include that the process of a series of key element, method, article or equipment not only include that those are wanted
Element, but also include other key elements being not expressly set out, or also include for this process, method, article or equipment
Intrinsic key element.In the case of there is no more restriction, statement " including ... " key element limited, it is not excluded that
Including process, method, article or the equipment of described key element there is also other identical element.
Each embodiment in this specification all uses relevant mode to describe, identical similar portion between each embodiment
Dividing and see mutually, what each embodiment stressed is the difference with other embodiments.Real especially for system
For executing example, owing to it is substantially similar to embodiment of the method, so describe is fairly simple, relevant part sees embodiment of the method
Part illustrate.
The foregoing is only presently preferred embodiments of the present invention, be not intended to limit protection scope of the present invention.All
Any modification, equivalent substitution and improvement etc. made within the spirit and principles in the present invention, are all contained in protection scope of the present invention
In.
Claims (10)
1. the suppressing method that floods, it is characterised in that be applied to the interior friendship as convergent point of virtual expansible LAN VXLAN
Changing planes, described method includes:
Receive a VXLAN multicast message with gratuitous ARP packet mark;A wherein said VXLAN multicast message carries
First gratuitous ARP packet;
Generate public network ARP based on a described VXLAN multicast message to flood suppression information;Wherein, described public network ARP floods suppression
VXLAN mark, source tunnel endpoint addresses, IP address of terminal and the terminal MAC address of information correspond respectively to a described VXLAN
The VXLAN mark of multicast message, the outer layer source IP address of a described VXLAN multicast message, described first gratuitous ARP packet
Transmitting terminal IP address, the transmitting terminal MAC Address of described first gratuitous ARP packet.
Method the most according to claim 1, it is characterised in that described method also includes:
Receive the 2nd VXLAN multicast message with ARP request message identification;
Find the VXLAN mark of described 2nd VXLAN multicast message and the destination end IP address coupling of described ARP request message
In described public network ARP flood suppression information VXLAN mark and IP address of terminal;
Arp response message and described arp response message is encapsulated as first is generated based on the described public network ARP suppression information that floods
VXLAN unicast message;Wherein, transmitting terminal IP address and the transmitting terminal MAC Address of described arp response message corresponds to described public network
ARP floods the IP address of terminal of suppression information and terminal MAC address;The outer layer source IP address of a described VXLAN unicast message
Flood the source tunnel endpoint addresses of suppression information and described 2nd VXLAN corresponding to described public network ARP with outer layer purpose IP address
The source IP address of multicast message;
Send a described VXLAN unicast message.
Method the most according to claim 2, it is characterised in that described method also includes;
The outer layer source IP address of described 2nd VXLAN multicast message is set to described public network ARP flood the association tunnel of suppression information
Road end-point addresses.
Method the most according to claim 3, it is characterised in that described method also includes:
Receive the 3rd VXLAN multicast message with gratuitous ARP packet mark;Wherein said 3rd VXLAN multicast message carries
Second gratuitous ARP packet;
Find VXLAN mark and the transmitting terminal IP address of described second gratuitous ARP packet of described 3rd VXLAN multicast message
It is matched with described public network ARP to flood the VXLAN mark of suppression information and IP address of terminal and described 3rd VXLAN multicast message
The flood source tunnel endpoint addresses of suppression information of outer layer source IP address and described public network ARP is inconsistent, according to described 3rd VXLAN
The outer layer source IP address of multicast message is revised described public network ARP and is flooded the source tunnel endpoint addresses of suppression information.
Method the most according to claim 4, it is characterised in that described method also includes:
According to the described public network ARP suppression information that floods, described second gratuitous ARP packet is encapsulated as the 2nd VXLAN unicast message;
The outer layer source IP address of described VXLAN unicast message and outer layer purpose IP address are that described public network ARP floods suppression information respectively
Source tunnel endpoint addresses with associate tunnel endpoint addresses;
Send described 2nd VXLAN unicast message.
6. the restraining device that floods, it is characterised in that be applied to the interior friendship as convergent point of virtual expansible LAN VXLAN
Changing planes, described device includes:
Receiver module, for receiving a VXLAN multicast message with gratuitous ARP packet mark;A wherein said VXLAN
Multicast message carries the first gratuitous ARP packet;
Flood suppression module, floods suppression information for generating public network ARP based on a described VXLAN multicast message;Wherein, institute
State flood VXLAN mark, source tunnel endpoint addresses, IP address of terminal and the terminal MAC address of suppression information of public network ARP the most right
The VXLAN mark of a VXLAN multicast message described in Ying Yu, the outer layer source IP address of a described VXLAN multicast message, described
The transmitting terminal IP address of the first gratuitous ARP packet, the transmitting terminal MAC Address of described first gratuitous ARP packet.
Device the most according to claim 6, it is characterised in that described device also includes sending module;
Described receiver module, is additionally operable to receive the 2nd VXLAN multicast message with ARP request message identification;
The described suppression module that floods, is additionally operable to find the VXLAN mark of described 2nd VXLAN multicast message and described ARP please
The destination end IP address seeking message be matched with described public network ARP flood suppression information VXLAN mark and IP address of terminal;Based on
The described public network ARP suppression information that floods generates arp response message and described arp response message is encapsulated as a VXLAN clean culture
Message;Wherein, transmitting terminal IP address and the transmitting terminal MAC Address of described arp response message floods corresponding to described public network ARP and presses down
The IP address of terminal of information processed and terminal MAC address;The outer layer source IP address of a described VXLAN unicast message and outer layer purpose
IP address is corresponding to being that described public network ARP floods the source tunnel endpoint addresses of suppression information and described 2nd VXLAN multicast message
Source IP address;
Described sending module, is used for sending a described VXLAN unicast message.
Device the most according to claim 7, it is characterised in that
The described suppression module that floods, is additionally operable to the outer layer source IP address of described 2nd VXLAN multicast message is set to described public network
ARP floods the association tunnel endpoint addresses of suppression information.
Device the most according to claim 8, it is characterised in that
Described receiver module, is additionally operable to receive the 3rd VXLAN multicast message with gratuitous ARP packet mark;Wherein said
Three VXLAN multicast messages carry the second gratuitous ARP packet;
The described suppression module that floods, the VXLAN mark and described second being additionally operable to find described 3rd VXLAN multicast message is exempted from
Expense ARP message transmitting terminal IP address be matched with described public network ARP flood suppression information VXLAN mark and IP address of terminal and
The outer layer source IP address of described 3rd VXLAN multicast message and described public network ARP flood the source tunnel endpoint addresses of suppression information
Inconsistent, the source of the suppression information that floods according to the outer layer source IP address described public network ARP of amendment of described 3rd VXLAN multicast message
Tunnel endpoint addresses.
Device the most according to claim 9, it is characterised in that
The described suppression module that floods, is additionally operable to flood suppression information by described second gratuitous ARP packet envelope according to described public network ARP
Dress is the 2nd VXLAN unicast message;Outer layer source IP address and the outer layer purpose IP address of described VXLAN unicast message are institute respectively
State public network ARP flood suppression information source tunnel endpoint addresses with associate tunnel endpoint addresses;
Described sending module, is additionally operable to send described 2nd VXLAN unicast message.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201610543360.5A CN106209616B (en) | 2016-07-06 | 2016-07-06 | Flooding inhibition method and device |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201610543360.5A CN106209616B (en) | 2016-07-06 | 2016-07-06 | Flooding inhibition method and device |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN106209616A true CN106209616A (en) | 2016-12-07 |
| CN106209616B CN106209616B (en) | 2020-11-06 |
Family
ID=57477733
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201610543360.5A Active CN106209616B (en) | 2016-07-06 | 2016-07-06 | Flooding inhibition method and device |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN106209616B (en) |
Cited By (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN106899706A (en) * | 2017-01-11 | 2017-06-27 | 新华三技术有限公司 | One kind floods suppressing method and device |
| CN107547340A (en) * | 2017-06-19 | 2018-01-05 | 新华三技术有限公司 | A kind of message forwarding method and device |
| CN109257265A (en) * | 2018-08-10 | 2019-01-22 | 锐捷网络股份有限公司 | One kind floods suppressing method, VXLAN bridge, gateway and system |
| CN110048925A (en) * | 2018-01-15 | 2019-07-23 | 厦门靠谱云股份有限公司 | A kind of IaaS OverLay control Planar realization method based on open source EVPN |
| CN110995623A (en) * | 2019-11-26 | 2020-04-10 | 锐捷网络股份有限公司 | Method for controlling flooding between data centers and first switch |
| CN116055398A (en) * | 2022-12-29 | 2023-05-02 | 天翼云科技有限公司 | Forwarding method and system node of VXLAN cluster system |
| CN118041859A (en) * | 2023-12-12 | 2024-05-14 | 天翼云科技有限公司 | Vxlan forwarding table self-learning method |
Citations (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US7596693B1 (en) * | 2003-03-12 | 2009-09-29 | Occam Networks | Controlling ARP packet traffic to enhance network security and scalability in TCP/IP networks |
| CN103200069A (en) * | 2013-03-29 | 2013-07-10 | 华为技术有限公司 | Message processing method and device |
| CN103647853A (en) * | 2013-12-04 | 2014-03-19 | 华为技术有限公司 | Method for sending ARP message in VxLAN, VTEP and VxLAN controller |
| CN103841028A (en) * | 2014-03-24 | 2014-06-04 | 杭州华三通信技术有限公司 | Method and device for forwarding messages |
| CN104702476A (en) * | 2013-12-05 | 2015-06-10 | 华为技术有限公司 | Distributed gateway, message processing method and message processing device based on distributed gateway |
| CN104935516A (en) * | 2015-06-17 | 2015-09-23 | 武汉邮电科学研究院 | Communication system based on software defined network and communication method |
-
2016
- 2016-07-06 CN CN201610543360.5A patent/CN106209616B/en active Active
Patent Citations (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US7596693B1 (en) * | 2003-03-12 | 2009-09-29 | Occam Networks | Controlling ARP packet traffic to enhance network security and scalability in TCP/IP networks |
| CN103200069A (en) * | 2013-03-29 | 2013-07-10 | 华为技术有限公司 | Message processing method and device |
| CN103647853A (en) * | 2013-12-04 | 2014-03-19 | 华为技术有限公司 | Method for sending ARP message in VxLAN, VTEP and VxLAN controller |
| CN104702476A (en) * | 2013-12-05 | 2015-06-10 | 华为技术有限公司 | Distributed gateway, message processing method and message processing device based on distributed gateway |
| CN103841028A (en) * | 2014-03-24 | 2014-06-04 | 杭州华三通信技术有限公司 | Method and device for forwarding messages |
| CN104935516A (en) * | 2015-06-17 | 2015-09-23 | 武汉邮电科学研究院 | Communication system based on software defined network and communication method |
Cited By (9)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN106899706A (en) * | 2017-01-11 | 2017-06-27 | 新华三技术有限公司 | One kind floods suppressing method and device |
| CN106899706B (en) * | 2017-01-11 | 2020-04-17 | 新华三技术有限公司 | Flooding inhibition method and device |
| CN107547340A (en) * | 2017-06-19 | 2018-01-05 | 新华三技术有限公司 | A kind of message forwarding method and device |
| CN110048925A (en) * | 2018-01-15 | 2019-07-23 | 厦门靠谱云股份有限公司 | A kind of IaaS OverLay control Planar realization method based on open source EVPN |
| CN109257265A (en) * | 2018-08-10 | 2019-01-22 | 锐捷网络股份有限公司 | One kind floods suppressing method, VXLAN bridge, gateway and system |
| CN109257265B (en) * | 2018-08-10 | 2021-04-20 | 锐捷网络股份有限公司 | Flooding suppression method, VXLAN bridge, gateway and system |
| CN110995623A (en) * | 2019-11-26 | 2020-04-10 | 锐捷网络股份有限公司 | Method for controlling flooding between data centers and first switch |
| CN116055398A (en) * | 2022-12-29 | 2023-05-02 | 天翼云科技有限公司 | Forwarding method and system node of VXLAN cluster system |
| CN118041859A (en) * | 2023-12-12 | 2024-05-14 | 天翼云科技有限公司 | Vxlan forwarding table self-learning method |
Also Published As
| Publication number | Publication date |
|---|---|
| CN106209616B (en) | 2020-11-06 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN106209616A (en) | One floods suppressing method and device | |
| CN103841028B (en) | Method and device for forwarding messages | |
| US9749230B2 (en) | Method of sending address correspondence in a second layer protocol of applying link state routing | |
| CN102025591B (en) | Method and system for implementing virtual private network | |
| CN103795636B (en) | Multicast processing method, device and system | |
| EP2637364B1 (en) | Method, apparatus and system for address resolution | |
| CN104396192B (en) | Dissymmetric network address encapsulates | |
| US8982707B2 (en) | Interoperability of data plane based overlays and control plane based overlays in a network environment | |
| CN105577548B (en) | Message processing method and device in a kind of software defined network | |
| CN102932254B (en) | Message forwarding method and device | |
| CN104243269A (en) | Processing method and device of messages in VxLAN (virtual extensible local area network) | |
| CN107547349A (en) | A kind of method and device of virtual machine (vm) migration | |
| CN103227843A (en) | Physical link address management method and device | |
| CN104601472A (en) | Chip VXLAN gateway distributed routing implementation method and message processing system | |
| CN107645431B (en) | Message forwarding method and device | |
| CN106209553A (en) | Message processing method, equipment and system | |
| CN103685006A (en) | Packet forwarding method for edge device and edge device | |
| CN102355417A (en) | Data center two-layer interconnection method and device | |
| CN106302220A (en) | A kind of method of SDN Precise control conventional switch | |
| CN105827495A (en) | Message forwarding method and device for VXLAN gateway | |
| CN102739502B (en) | A kind of realize network identity conversion method, Apparatus and system | |
| CN106209638A (en) | From VLAN to the message forwarding method of virtual expansible LAN and equipment | |
| CN106209648A (en) | Multicast data packet forwarding method and apparatus across virtual expansible LAN | |
| WO2020220459A1 (en) | Vxlan and openflow-based method and system for sharing virtual home network | |
| CN105187311A (en) | Message forwarding method and message forwarding device |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| CB02 | Change of applicant information | ||
| CB02 | Change of applicant information |
Address after: 310052 Binjiang District Changhe Road, Zhejiang, China, No. 466, No. Applicant after: Xinhua three Technology Co., Ltd. Address before: 310053 Hangzhou science and Technology Industrial Park, high tech Industrial Development Zone, Zhejiang Province, No. six and road, No. 310 Applicant before: Huasan Communication Technology Co., Ltd. |
|
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |