CN106789540A - A kind of gateway deployment method and apparatus - Google Patents

A kind of gateway deployment method and apparatus Download PDF

Info

Publication number
CN106789540A
CN106789540A CN201710061318.4A CN201710061318A CN106789540A CN 106789540 A CN106789540 A CN 106789540A CN 201710061318 A CN201710061318 A CN 201710061318A CN 106789540 A CN106789540 A CN 106789540A
Authority
CN
China
Prior art keywords
gateway
vrrp
priority
standby
vxlan
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN201710061318.4A
Other languages
Chinese (zh)
Other versions
CN106789540B (en
Inventor
刘大海
章成松
汪璇炫
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Beijing Huawei Digital Technologies Co Ltd
Original Assignee
Beijing Huawei Digital Technologies Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Beijing Huawei Digital Technologies Co Ltd filed Critical Beijing Huawei Digital Technologies Co Ltd
Priority to CN201710061318.4A priority Critical patent/CN106789540B/en
Publication of CN106789540A publication Critical patent/CN106789540A/en
Application granted granted Critical
Publication of CN106789540B publication Critical patent/CN106789540B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L12/00Data switching networks
    • H04L12/66Arrangements for connecting between networks having differing types of switching systems, e.g. gateways
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L12/00Data switching networks
    • H04L12/28Data switching networks characterised by path configuration, e.g. LAN [Local Area Networks] or WAN [Wide Area Networks]
    • H04L12/46Interconnection of networks
    • H04L12/4641Virtual LANs, VLANs, e.g. virtual private networks [VPN]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L12/00Data switching networks
    • H04L12/28Data switching networks characterised by path configuration, e.g. LAN [Local Area Networks] or WAN [Wide Area Networks]
    • H04L12/46Interconnection of networks
    • H04L12/4641Virtual LANs, VLANs, e.g. virtual private networks [VPN]
    • H04L12/4645Details on frame tagging
    • H04L12/465Details on frame tagging wherein a single frame includes a plurality of VLAN tags
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L12/00Data switching networks
    • H04L12/28Data switching networks characterised by path configuration, e.g. LAN [Local Area Networks] or WAN [Wide Area Networks]
    • H04L12/46Interconnection of networks
    • H04L12/4641Virtual LANs, VLANs, e.g. virtual private networks [VPN]
    • H04L12/4645Details on frame tagging
    • H04L12/465Details on frame tagging wherein a single frame includes a plurality of VLAN tags
    • H04L12/4662Details on frame tagging wherein a single frame includes a plurality of VLAN tags wherein a VLAN tag represents a service instance, e.g. I-SID in PBB

Abstract

This application discloses a kind of gateway deployment method and apparatus, the business limitation problem that cross-region deployment is caused cannot be realized to solve existing VRRP routers.The method is that the first gateway and the second gateway set up the first virtual extended LAN VXLAN tunnels;The VRRP messages that second gateway is transmitted are received by a VXLAN tunnels;The priority of the VRRP examples configured on the second gateway is recognized based on the VRRP messages;The priority of the VRRP examples configured in priority and the second gateway based on the VRRP examples configured on the first gateway, primary gateway and standby gateway are determined in the first gateway and the second gateway;Wherein, the first gateway and the second gateway deployment so, active/standby gateway are determined by disposing VXLAN tunnels between active/standby gateway in different regions, and VRRP messages can be made by VXLAN tunnel transmissions, make the active and standby deployment of VRRP gateways more convenient and flexible.

Description

A kind of gateway deployment method and apparatus
Technical field
The application is related to the communications field, more particularly to a kind of gateway deployment method and apparatus.
Background technology
The acquiescence next hop address of usual main frame is that, used as the router of gateway, main frame is generally used to obtain gateway address The mode of static routing is configured, the possibility of Single Point of Faliure is which increased, by the result of bringing on a disaster property when gateway is unavailable, because It is that, when gateway fails, all connected main frames will cause network due to that can not detect other available paths that can be replaced Interrupt.
Virtual Router Redundacy Protocol (Virtual Router Redundancy Protocol, VRRP) is a kind of election association View, each VRRP router for running VRRP agreements can be according to the priority of each VRRP router dynamically from LAN Multiple VRRP routers in elect the work that a router undertakes virtual gateway as primary gateway, primary gateway control Internet protocol (Internet Protocol, the IP) address of virtual gateway processed and be responsible for forwarding with virtual gateway IP address be scarce Save the message of gateway;Remaining VRRP router is standby gateway, and not responsible to E-Packet, intercepting for standby gateway timing is primary The state of gateway, standby gateway switches to primary gateway if finding that primary gateway is unavailable, undertakes the work of primary gateway.
Main frame and gateway can't be directly connected to same LAN by carrier network or enterprise network in deployment In, more commonly used way is main frame by access switch access network, and access switch access simultaneously primary gateway and Standby gateway, as shown in Figure 1.
VRRP messages use reserved multicast address as purpose IP address, and VRRP messages are when by intermediate equipment, Three one-tenth forwardings of VRRP messages cannot be realized by intermediate equipment, so requiring intermediate equipment and gateway device when striding equipment is transmitted With transparent transmission VRRP messages in same two layers of domain, otherwise between active/standby gateway cannot intercommunication, so on network design exist very Big limitation.Deployment VLAN (Virtual Local Area are for example needed in Fig. 1 on interchanger (SWITCH) Network, VLAN), VRRP messages are delivered to ROUTER1 and ROUTER2 by such as VLAN 10 by two layers of transparent transmission, and this is accomplished by ROUTER1 and ROUTE2 are deployed in same computer room, it is impossible to accomplish to be disposed across computer room and cross-region.
But, there is the demand of cross-region in actual applications, for example:Need deployment active and standby in financial industry solution Data center and three-layer network are closed, deployment scheme of usual two data center deployments in different regions, so above-mentioned Fig. 1 without Method meets cross-region requirement, causes business to be limited.
The content of the invention
The embodiment of the present application provides a kind of gateway deployment method and apparatus, cannot be realized with solving existing VRRP routers The business limitation problem that cross-region deployment is caused.
The concrete technical scheme that the embodiment of the present application is provided is as follows:
In a first aspect, the embodiment of the present application provides a kind of gateway deployment method, including:
First gateway and the second gateway set up the first virtual extended LAN VXLAN tunnels;
First gateway receives the virtual route redundancy association that second gateway is transmitted by a VXLAN tunnels View VRRP messages;
First gateway is based on the priority that the VRRP messages recognize the VRRP examples configured on second gateway;
First gateway is based in the priority and second gateway of the VRRP examples configured on first gateway The priority of the VRRP examples of configuration, primary gateway and standby gateway are determined in the first gateway and the second gateway;
Wherein, first gateway and second gateway deployment are in different regions, first gateway and described VRRP examples are configured with two gateways.
In such scheme, active/standby gateway is determined by disposing VXLAN tunnels between active/standby gateway, can report VRRP Text by VXLAN tunnel transmissions, across three-layer network, can solve traditional group down VRRP gateways cannot cross-region deployment ask Topic, makes the active and standby deployment of VRRP gateways more convenient and flexible, enhances the strange land redundancy protecting of VRRP gateways, right so as to realize The redundancy protecting of business.
With reference in a first aspect, in a kind of possible design, first gateway is based on what is configured on first gateway The priority of the VRRP examples configured in the priority of VRRP examples and second gateway, in the first gateway and the second gateway Determine primary gateway and standby gateway, including:
The priority of the VRRP examples that first gateway is configured on first gateway is higher than on second gateway During the priority of the VRRP examples of configuration, first gateway is determined for primary gateway, second gateway is standby gateway;
The priority of the VRRP examples that first gateway is configured on second gateway is higher than on first gateway During the priority of the VRRP examples of configuration, second gateway is determined for primary gateway, first gateway is standby gateway.
In this design, under the deployment of active/standby gateway cross-region, the priority based on the VRRP examples disposed on gateway is moved State determines primary gateway and standby gateway, realizes the protecting effect to primary gateway, reaches the redundancy protecting to business.
With reference in a first aspect, in a kind of possible design, methods described also includes:
First gateway sets up the 2nd VXLAN tunnels with intermediate equipment;
When first gateway is primary gateway, first gateway is by the 2nd VXLAN tunnels in described Between equipment transmission ARP message, make the intermediate equipment be based on the first gateway described in the ARP Receive messages MAC address.
With reference in a first aspect, in a kind of possible design, methods described also includes:
First gateway receives communication message of the intermediate equipment by the 2nd VXLAN tunnel transmissions, described Communication message is the message that VXLAN heading encapsulation is carried out according to the address information in the 2nd VXLAN tunnels;
After first gateway decapsulates the communication message, recognize the communication message destination address carry out it is described The forwarding of communication message.
In this design, by disposing VXLAN tunnels between gateway and intermediate equipment, can pass through communication message VXLAN tunnel transmissions, across three-layer network, realize the flexible forwarding of message.
With reference in a first aspect, in a kind of possible design, methods described also includes:
First gateway be primary gateway when, first gateway periodically through a VXLAN tunnels to The second gateway transfer protocol message, the protocol massages are used to determine that second gateway is maintained at stand-by state.
In this design, the protocol massages that standby gateway periodically receives primary gateway transmission are in just with confirming primary gateway Normal working condition, it is to avoid the message interrupt situation that primary gateway fails are caused, realizes the redundancy protecting to business.
Second aspect, the embodiment of the present application provides a kind of gateway deployment device, is applied to the first gateway, including:
Communication unit, for setting up the first virtual extended LAN VXLAN tunnels with the second gateway;And by described first VXLAN tunnels receive the Virtual Router Redundacy Protocol VRRP messages of the second gateway transmission;
Processing unit, for recognizing the preferential of the VRRP examples configured on second gateway based on the VRRP messages Level;And the VRRP examples configured in the priority and second gateway based on the VRRP examples configured on first gateway Priority, determine primary gateway and standby gateway in the first gateway and the second gateway;
Wherein, first gateway and second gateway deployment are in different regions, first gateway and described VRRP examples are configured with two gateways.
With reference to second aspect, in a kind of possible design, the processing unit determines in the first gateway and the second gateway When primary gateway and standby gateway, specifically for:
The priority of the VRRP examples configured on first gateway is higher than the VRRP realities configured on second gateway During the priority of example, first gateway is determined for primary gateway, second gateway is standby gateway;
The priority of the VRRP examples configured on second gateway is higher than the VRRP realities configured on first gateway During the priority of example, second gateway is determined for primary gateway, first gateway is standby gateway.
With reference to second aspect, in a kind of possible design, the communication unit is additionally operable to set up second with intermediate equipment VXLAN tunnels;And when first gateway is primary gateway, passed to the intermediate equipment by the 2nd VXLAN tunnels Defeated ARP message, makes the intermediate equipment be based on the media interviews of the first gateway described in the ARP Receive messages Control MAC Address.
With reference to second aspect, in a kind of possible design, the communication unit is additionally operable to:
Communication message of the intermediate equipment by the 2nd VXLAN tunnel transmissions is received, the communication message is root The message of VXLAN heading encapsulation is carried out according to the address information in the 2nd VXLAN tunnels;
The processing unit, after being additionally operable to decapsulate the communication message, recognizes the destination address of the communication message, And the communication message is forwarded by the communication unit according to the destination address.
With reference to second aspect, in a kind of possible design, the communication unit is additionally operable to:
When first gateway is primary gateway, periodically through a VXLAN tunnels to second gateway Transmission protocol message, the protocol massages are used to notify that second gateway is maintained at stand-by state.
The third aspect, the embodiment of the present application provides a kind of gateway device, and the equipment includes:
Transceiver, memory and processor, memory are used to store the program code performed needed for processor.Communication connects Mouth is for receiving the VRRP messages that other second gateways are transmitted.Processor is used to perform the program code that memory is stored, and has Body is used to perform the method described in any one design of first aspect or first aspect.
Fourth aspect, present invention also provides a kind of computer-readable recording medium, for being stored as performing above-mentioned first Computer software instructions used by the function of any one design of aspect, first aspect, it is included for performing above-mentioned first Program designed by the method for any one design of aspect, first aspect.
Brief description of the drawings
Fig. 1 is realization principle schematic diagram of the main frame by interchanger access to LAN;
Fig. 2 is a virtual double layer network schematic diagram in the embodiment of the present application using VXLAN tunnel buildings;
Fig. 3 is the flow chart of gateway deployment method in the embodiment of the present application;
Fig. 4 is an application scenarios schematic diagram for gateway deployment method in the embodiment of the present application;
Fig. 5 is gateway deployment structure drawing of device in the embodiment of the present application;
Fig. 6 is gateway device structure chart in the embodiment of the present application.
Specific embodiment
Below in conjunction with the accompanying drawing in the embodiment of the present application, the technical scheme in the embodiment of the present application is carried out clear, complete Site preparation is described.
Fig. 1 show main frame and accesses active/standby gateway by interchanger, and the realization of the LAN accessed by active/standby gateway is former Reason schematic diagram.
User side main frame is respectively ROUTER1 and ROUTER2 by the gateway that access switch (SWITCH) is accessed.User VRRP examples are disposed on the interface that ROUTER1 and ROUTER2 is connected with SWITCH respectively, ROUTER1 and ROUTER2 constitutes one Individual VRRP groups, used as user side gateway, virtual gateway IP address is 1.1.1.10.ROUTER1, ROUTER2 and SWITCH phase Interface even adds same two layers of domain network, and two layers of domain network are designated VLAN 10.
The priority for setting the VRRP examples of ROUTER1 is higher, and it is primary gateway to be allowed to, and ROUTER2 is standby gateway, main Protocol massages are periodically sent to standby gateway, standby net by the path between ROUTER1, SWITCH, ROUTER2 with gateway The protocol massages that pass periodically receives primary gateway transmission are in normal operating conditions to confirm primary gateway.
When primary gateway is in normal operating conditions, primary gateway periodically sends free address resolution protocol, (Address Resolution Protocol, ARP) message, ARP messages can be sent by the interface being connected between SWITCH, After SWITCH receives ARP messages, SWITCH can learn media access control (Media corresponding to gateway address 1.1.1.10 Access Control, MAC) address, the MAC Address is not the physics MAC of interface, is virtual mac address, and the MAC Address is What the ID according to VRRP examples was generated, therefore the ID and virtual ip address of the VRRP examples of same VRRP groups must be identical, SWITCH learns to Virtual MAC from the port being connected with primary gateway, and the letter learnt by MAC Address and from which port Breath is recorded.
The next-hop of the default route of main frame is virtual gateway IP address 1.1.1.10.It is first after main frame sends communication message It is virtual gateway IP address first to search route and obtain next-hop, and then sending please to the ARP of the MAC Address of virtual gateway IP address Message is sought, the corresponding MAC Address of virtual gateway IP address can be obtained after receiving arp reply message, obtain virtual gateway IP address After corresponding MAC Address, the target MAC (Media Access Control) address of communication message is encapsulated for the MAC Address of gateway and is sent to SWITCH.
SWITCH can carry out two layers of forwarding after receiving the communication message of main frame, i.e., according to gateway MAC address it is corresponding go out Interface sends so as to reach ROUTER1 communication message from the interface.
ROUTER1 is matched according to the target MAC (Media Access Control) address of communication message with the virtual mac address of itself, if finding logical Believe message target MAC (Media Access Control) address be ROUTER1 virtual mac address, and ROUTER1 be normal operating conditions when, further according to The purpose IP address of communication message go search route carry out three layers forwarding, to be forwarded to corresponding purpose equipment or intermediate equipment Go.
When primary gateway fails, i.e., ROUTER1 failures when, standby gateway can be because can not receive the agreement report of primary gateway Literary triggered protocol time-out is upgraded to primary gateway, i.e. ROUTER2 can be changed into primary gateway, and usual detection cycle is 3 times of message hair Send interval.
After ROUTER2 is changed into primary gateway, the MAC information that gratuitous ARP packet refreshes SWITCH is sent, make going out for SWITCH Port is the port being connected with ROUTER2, and the communication message of follow-up main frame is sent to ROUTER2 in meeting on SWITCH, Completed on ROUTER2 and ROUTER1 identicals Message processing and forwarded before.
Due to VRRP messages using reserved multicast address as purpose IP address, and VRRP messages are by intermediate equipment When, it is impossible to three one-tenth forwardings of VRRP messages are realized by intermediate equipment, so requiring intermediate equipment (as exchanged when striding equipment is transmitted Machine) and gateway device (such as router) in same two layers of domain with transparent transmission VRRP messages, otherwise between active/standby gateway cannot intercommunication, There is very big limitation so on network design.
Therefore, in order that the deployment of the active/standby gateway of operation VRRP agreements without geographical restrictions, is incited somebody to action in the embodiment of the present application VRRP messages are transmitted by virtual extended LAN (Virtual Extensible LAN, VXLAN) tunnel, reach foundation The purpose of strange land active/standby gateway.
VXLAN is a kind of network virtualization technology, and UDP is mounted in by the data envelope for sending main frame In (User Datagram Protocol, UDP) message, and IP/MAC using physical network is packaged as heading, Then transmit on ip networks, purpose equipment is decapsulated by tunnel destination node and sent the data to after arriving at.Simply For, VXLAN uses tunneling technique, and a virtual double layer network is constructed on the basis of three layer physical networks, completes data Forwarding in virtual network.
As shown in Fig. 2 be a virtual double layer network schematic diagram in the embodiment of the present application using VXLAN tunnel buildings, Specific functions of modules is as follows.
Network virtual fringe node (Network Virtualization Edge, NVE), is to realize network virtualization work( The network entity of energy, message based on three layers of basic network by that after NVE encapsulation transitions, two-layer virtual net can be set up between NVE Network.
VXLAN endpoint of a tunnels (VXLAN Tunnel Endpoints, VTEP), VTEP is VXLAN endpoint of a tunnels, is encapsulated in In NVE, for the encapsulation and decapsulation of VXLAN messages.VTEP is connected with physical network, is assigned the IP address of physical network, The address is unrelated with virtual network.Source IP address is the VTEP addresses of this node in VXLAN messages, purpose IP in VXLAN messages Address is the VTEP addresses of peer node, and a pair of VTEP addresses just correspond to a VXLAN tunnel.
VXLAN network identities (VXLAN Network Identifier, VNI), the similar VLAN marks of VNI (Identifier, ID), for distinguishing VXLAN sections, different VXLAN sections virtual machines can not directly in two-layer virtual network phase Mutual communication.One VNI represents a tenant, even if multiple terminal users belong to same VNI, also illustrates that a tenant.VNI by 24 bits are constituted, and the up to tenant of 16M is supported in theory.
Virtual access point (Virtual Access Point, VAP), for accessing data message.
Message repeating process in VXLAN networks is specially:After original message enters VXLAN tunnels, can encapsulate again VXLAN headings, UDP headings, IP and Ethernet header, this 4 part hereinafter referred to as outer layer heading, and forwarded by tunnel, Arriving at after tunnel exit can carry out decapsulation and send or forward process again.
As long as be not difficult to find out VXLAN tunnels ensure physical network route up to by intercommunication, be without geographical restrictions, because This is transmitted VRRP messages by VXLAN tunnels, can reach the purpose for setting up strange land active/standby gateway.
Based on the network diagram shown in Fig. 2, as shown in figure 3, the embodiment of the present application provides a kind of gateway deployment method, tool Body flow is as follows:
Step 31:First gateway and the second gateway set up a VXLAN tunnels.
Wherein, first gateway region different with second gateway deployment.
Step 32:First gateway receives the VRRP reports that second gateway is transmitted by a VXLAN tunnels Text.
Step 33:First gateway is based on the VRRP messages and recognizes the VRRP examples of configuration on second gateway Priority.
Step 34:First gateway is based on the priority and described second of the VRRP examples configured on first gateway The priority of the VRRP examples configured on gateway, primary gateway and standby gateway are determined in the first gateway and the second gateway.
Specifically, first gateway is based on the priority and described second of the VRRP examples configured on first gateway The priority of the VRRP examples configured on gateway, when determining primary gateway and standby gateway in the first gateway and the second gateway, Including two following situations:
Situation one:The priority of the VRRP examples that first gateway is configured on first gateway is higher than described second During the priority of the VRRP examples configured on gateway, first gateway is determined for primary gateway, second gateway is standby Gateway.
Situation two:The priority of the VRRP examples that first gateway is configured on second gateway is higher than described first During the priority of the VRRP examples configured on gateway, second gateway is determined for primary gateway, first gateway is standby Gateway;
Optionally, methods described also includes:
First gateway sets up the 2nd VXLAN tunnels with intermediate equipment;
When first gateway is primary gateway, first gateway is by the 2nd VXLAN tunnels in described Between equipment transmitting message, intermediate equipment is based on the MAC Address of the first gateway described in the ARP Receive messages, obtain described the The MAC Address of one gateway, the MAC Address of first gateway is closed with the 2nd VXLAN tunnels opposite end address for receiving ARP messages Connection and tunnel-associated broadcast domain are recorded, and tunnel opposite end address is now regarded as the outgoing interface in traditional approach.
Further, when first gateway is primary gateway, first gateway is periodically through described first To the second gateway transfer protocol message, the protocol massages are used to determine that second gateway is maintained at standby in VXLAN tunnels With state, if second gateway does not receive the transmission protocol message in preset duration, based on second gateway handoff With gateway, and ARP messages are sent to intermediate equipment, refresh the MAC table of intermediate equipment as the communication flows of main frame is incorporated into the Forwarded on two gateways, realize the strange land redundancy protecting of VRRP gateways.
Now, communication message repeating process in VXLAN networks is specially:
First gateway receives communication message of the intermediate equipment by the 2nd VXLAN tunnel transmissions, described Communication message is the message that VXLAN heading encapsulation is carried out according to the address information in the 2nd VXLAN tunnels;First net Close after the communication message is decapsulated, recognizing the destination address of the communication message carries out the forwarding of the communication message.
In such scheme, active/standby gateway is determined by disposing VXLAN tunnels between active/standby gateway, in gateway and centre VXLAN tunnels are disposed between equipment, VRRP messages can be made by VXLAN tunnel transmissions, across three-layer network, can solve to pass System networking under VRRP gateways cannot cross-region deployment problem, make the active and standby deployment of VRRP gateways more convenient and flexible, strengthen The strange land redundancy protecting of VRRP gateways, so as to realize the redundancy protecting to business.
Fig. 4 show a specific application scenarios schematic diagram of the embodiment of the present application offer.
In Fig. 4, the first gateway ROUTER1, intermediate equipment SWITCH1 is deployed in positioned at the first data center of Pekinese DC1, Second gateway ROUTER2, intermediate equipment SWITCH2 are deployed in the first data center DC2 positioned at Shanghai, ROUTER1 and ROUTER2 constitutes a VRRP group, and the virtual gateway IP address of ROUTER1 and ROUTER2 is:10.1.1.1.
ROUTER1 configuration VTEP addresses:1.1.1.1;ROUTER2 configuration VTEP addresses:2.2.2.2, VTEP addresses can be with Using local loopback (Loopback) interface IP address, by configuring routing service between ROUTER1 and ROUTER2, such as static road Can ensure that the route of the VTEP addresses of ROUTER1 and ROUTE2 is reachable by, dynamic routing, you can in ROUTER1 and ROUTER2 Set up a VXLAN tunnels.
VRRP is configured on the broadcast domain interface (Bridge-domain Interface, BDIF) of ROUTER1 and ROUTER2 Example, because the VXLAN tunnels meeting broadcast domain corresponding with BDIF interfaces between 1.1.1.1 and 2.2.2.2 is associated, so from BDIF The VRRP messages that interface sends can be by VXLAN tunnel transmissions to opposite end, i.e., between VETP 1.1.1.1 to VTEP 2.2.2.2 A direct channel so can be fictionalized in two equipment rooms by VXLAN tunnels by tunnel intercommunication, VRRP reports can be solved The limitation of text transmission hop count in three-layer network.
The VRRP messages of such as ROUTER1 by VXLAN tunnels reach ROUTER2, after ROUTER2 goes out tunnel on send it is right The VRRP examples answered, specifically, on the message content that send include the priority of VRRP examples, the information such as virtual ip address and ID, Wherein, it is that virtual ip address and id information are used for recognizing for which VRRP example, and priority is used for determining the right of correspondence VRRP examples The main and standby relation of the gateway answered, so can negotiate active/standby gateway according to the VRRP examples between two data centers in strange land, Redundancy protecting is formed, is illustrated as a example by negotiating ROUTER1 for primary gateway in the present embodiment, if similarly negotiating ROUTER2 is that primary gateway subsequent process is similar.
SWITCH1 configuration VTEP addresses:3.3.3.3;ROUTER1 configuration VTEP addresses:1.1.1.1 ROUTER1 with The 2nd VXLAN tunnels are set up between SWITCH1;ROUTER1 configuration VTEP addresses:1.1.1.1;SWITCH2 configuration VTEP addresses: 4.4.4.4, the 2nd VXLAN tunnels are disposed between ROUTER1 and SWITCH2.Similarly, SWITCH2 configuration VTEP addresses: 4.4.4.4;ROUTER2 configuration VTEP addresses:2.2.2.2, SWITCH2 respectively with ROUTER1 (VTEP address 1.1.1.1) and The 2nd VXLAN tunnels are set up between ROUTER2 (VTEP address 2.2.2.2), these VXLAN tunnels also and are configured with the BDIF of VRRP The corresponding broadcast domain association of interface, but be mainly used to carry customer flow.
Main frame (HOST) accesses SWITCH1 or SWITCH2 by two straton interfaces or main interface, and different HOST generally set Put different VLAN to distinguish, be tied to VLAN in the corresponding broadcast domains of BDIF by SWITCH1 or SWITCH2, such HOST hairs The communication message for going out can enter the 2nd VXLAN tunnels on SWITCH1 or SWITCH2 and be forwarded to ROUTER1 or ROUTER2.
Because ROUTER1 is primary gateway during normal operation, protocol massages to ROUTER2 can be regularly sent, it is ensured that ROUTER2 maintains standby state, if after ROUTER1 failures, the VRRP examples on ROUTER2 are because of agreement time-out, ROUTER2 switchings It is primary gateway, the MAC address entries that gratuitous ARP packet refreshes intermediate equipment SWITCH1 and SWITCH2 is sent immediately, by HOST's Communication flows guided to and forwarded on ROUTER2, reaches the protecting effect to primary gateway, reaches the redundancy protecting to business.
During normal operation, ROUTER1 can send gratuitous ARP packet as primary gateway, and ARP messages pass through and intermediate equipment Between the 2nd VXLAN tunnels send to SWITCH1 and SWITCH2.Also mac learning is supported in VXLAN networks, principle is: Received on SWITCH1 and SWITCH2 from the ARP messages that the 2nd VXLAN tunnel transmissions come when, obtain internal layer message MAC ground Location, is then carried out the MAC Address of internal layer message with the tunnel opposite end address and tunnel-associated broadcast domain for receiving ARP messages Association, and incidence relation is recorded, and tunnel opposite end address can now be regarded as the outgoing interface in traditional approach, for example this In MAC address entries form be:MAC:0000-5e00-0101 BD:1 tunnel opposite end address:1.1.1.1.
During normal operation, the communication message sent on HOST carries out route querying and obtains next according to destination address first Hop IP address is virtual gateway IP address 10.1.1.1, then sends the ARP request report to the MAC Address of virtual gateway IP address Text, the corresponding MAC Address of virtual gateway IP address can be obtained after receiving arp reply message, be now virtual mac address:0000- 5e00-0101, last byte is the ID of VRRP examples, is here 1, and virtual mac address then is encapsulated into communication message Target MAC (Media Access Control) address part, be sent in the intermediate equipment being attached thereto, it is assumed that be SWITCH1;SWITCH1 is first according to HOST Target MAC (Media Access Control) address and the user vlan mark of the communication message for sending, MAC address entries are searched in correspondence BD, are led to after hit Letter message needs the 2nd VXLAN tunnels for entering, it is assumed that be the VXLAN tunnels between ROUTER1 and SWITCH1, further according to the The source address information and destination address information in two VXLAN tunnels carry out VXLAN headings, UDP headings, IP headings and ether The encapsulation of heading, the communication message after encapsulation enters VXLAN tunnels, and message goes out tunnel on ROUTER1 and decapsulates outer layer Message, identifies virtual MAC addresses and corresponding VRRP gateway of the purpose MAC of internal layer message for VRRP examples on ROUTER1 It is master state currently, then looking into route according to purpose IP address carries out three layers of forwarding.
Based on identical technology design, the embodiment of the present invention additionally provides a kind of gateway deployment device 500, the device 500 The first gateway is applied to, the first gateway can be any type of gateway.The device 500 can perform the application previous embodiment institute The method flow of description, is used to perform the functional module of the method flow described by the application previous embodiment in the device 500 Can be realized by the combination of hardware, software programming and software and hardware, hardware may include one or more signal transactings and/or Application specific integrated circuit.
Fig. 5 shows the structural representation of the gateway deployment device 500 that the embodiment of the application one is provided, as shown in figure 5, The device 500 includes:
Communication unit 501, for setting up the first virtual extended LAN VXLAN tunnels with the second gateway;And by described First VXLAN tunnels receive the Virtual Router Redundacy Protocol VRRP messages of the second gateway transmission;
Processing unit 502, for recognizing the excellent of the VRRP examples configured on second gateway based on the VRRP messages First level;And the VRRP realities configured in the priority and second gateway based on the VRRP examples configured on first gateway The priority of example, primary gateway and standby gateway are determined in the first gateway and the second gateway;
Wherein, first gateway and second gateway deployment are in different regions, first gateway and described VRRP examples are configured with two gateways.
Optionally, when the processing unit 502 determines primary gateway and standby gateway in the first gateway and the second gateway, Specifically for:
The priority of the VRRP examples configured on first gateway is higher than the VRRP realities configured on second gateway During the priority of example, first gateway is determined for primary gateway, second gateway is standby gateway;
The priority of the VRRP examples configured on second gateway is higher than the VRRP realities configured on first gateway During the priority of example, second gateway is determined for primary gateway, first gateway is standby gateway.
Optionally, the communication unit 501, is additionally operable to set up the 2nd VXLAN tunnels with intermediate equipment;And described first When gateway is primary gateway, ARP message is transmitted to the intermediate equipment by the 2nd VXLAN tunnels, The intermediate equipment is set to be based on the MAC address of the first gateway described in the ARP Receive messages.
Optionally, the communication unit 501 is additionally operable to:
Communication message of the intermediate equipment by the 2nd VXLAN tunnel transmissions is received, the communication message is root The message of VXLAN heading encapsulation is carried out according to the address information in the 2nd VXLAN tunnels;
The processing unit 502, after being additionally operable to decapsulate the communication message, recognizes the destination of the communication message Location, and the communication message is forwarded by the communication unit 501 according to the destination address.
Optionally, the communication unit 501 is additionally operable to:
When first gateway is primary gateway, periodically through a VXLAN tunnels to second gateway Transmission protocol message, the protocol massages are used to notify that second gateway is maintained at stand-by state.
Based on same technology design, the principle and beneficial effect of the solve problem of device 500 that the embodiment of the present application is provided Fruit may refer to the implementation method of method shown in above-mentioned Fig. 3 and the beneficial effect brought, and the implementation of the device 500 can be joined See the implementation of above method embodiment, repeat part and repeat no more.
Based on identical technology design, the embodiment of the present application additionally provides a kind of gateway device, and the gateway device can be used for Perform the gateway deployment flow described by the application preceding method embodiment.
Fig. 6 shows the structural representation of the gateway device 600 that the embodiment of the present application is provided, as shown in fig. 6, the access sets It is standby to may include:Transceiver 601 and processor 602.
Can be connected by bus between transceiver 601 and processor 602, it is also possible to be otherwise attached to.
Transceiver 601 can include the interface for being connected with other network equipments.For example, it may include with user equipment Connected interface, the interface being connected with other gateway devices and the interface being connected with other service equipments.Interface can be had Line interface, wave point or its combination.Wireline interface for example can be Ethernet interface.Ethernet interface can be optical interface, Electrical interface or its combination.Wave point for example can be WLAN (English:Wireless local area network, WLAN) interface, cellular network interface or its combination.
Processor 602 can be central processing unit (English:Central processing unit, CPU), or CPU With the combination of hardware chip.Above-mentioned hardware chip can be the combination of one or more of:Application specific integrated circuit (English: Application-specific integrated circuit, ASIC), field programmable gate array (English: Field-programmable gate array, FPGA), CPLD (English:complex Programmable logic device, CPLD), GAL (English:Generic array logic, abbreviation: GAL) and network processing unit (English:Network processor, NP).
Access device can also include memory.Storage program is worked with instruction processing unit in memory.Memory can be wrapped Include volatile memory (English:Volatile memory), such as random access memory (English:random-access Memory, RAM);Memory can also include nonvolatile memory (English:Non-volatile memory), such as it is read-only Memory (English:Read-only memory, ROM), flash memory (English:Flash memory), hard disk (English: Hard disk drive, HDD) or solid state hard disc (English:Solid-state drive, SSD);Memory may also include above-mentioned The combination of species memory.
Processor 602 is used for:
The first virtual extended LAN VXLAN tunnels are set up with the second gateway for being deployed in different geographical;
The Virtual Router Redundacy Protocol VRRP messages that second gateway is transmitted are received by a VXLAN tunnels;
The priority of the VRRP examples configured on second gateway is recognized based on the VRRP messages;
The priority of the VRRP examples configured in the priority and second gateway of the VRRP examples based on itself configuration, Determine primary gateway and standby gateway in the first gateway and the second gateway;
Optionally, configured in the priority and second gateway based on the VRRP examples configured on itself gateway VRRP examples priority, when determining primary gateway and standby gateway in the first gateway and the second gateway, the processor 602 specifically for:
The priority of the VRRP examples configured on itself gateway is higher than the VRRP realities configured on second gateway During the priority of example, it is determined that itself gateway is primary gateway, second gateway is standby gateway;
The priority of the VRRP examples that itself gateway is configured on second gateway is higher than on itself gateway During the priority of the VRRP examples of configuration, second gateway is determined for primary gateway, itself gateway is standby gateway.
Optionally, the processor 602 is additionally operable to:
2nd VXLAN tunnels are set up by transceiver 601 and intermediate equipment;
When itself gateway is primary gateway, itself gateway is by the 2nd VXLAN tunnels in described Between equipment transmission ARP message, make the intermediate equipment be based on itself gateway described in the ARP Receive messages MAC address.
Optionally, the processor 602 is additionally operable to:
Communication message of the intermediate equipment by the 2nd VXLAN tunnel transmissions is received by transceiver 601, it is described Communication message is the message that VXLAN heading encapsulation is carried out according to the address information in the 2nd VXLAN tunnels;
After the communication message is decapsulated, recognizing the destination address of the communication message carries out turning for the communication message Hair.
Optionally, the processor 602 is additionally operable to:
Itself gateway be primary gateway when, by the periodicity of transceiver 601 using a VXLAN tunnels to The second gateway transfer protocol message, the protocol massages are used to determine that second gateway is maintained at stand-by state.
Based on identical technology design, the principle of the solve problem of gateway device 600 that the embodiment of the present application is provided and Beneficial effect may refer to the implementation method of method shown in above-mentioned Fig. 3 and the beneficial effect brought, the reality of the gateway deployment The implementation that may refer to above method embodiment is applied, part is repeated and is repeated no more.
The embodiment of the present application also provides a kind of computer-readable recording medium, needed for for being stored as performing above-mentioned processor The computer software instructions of execution, it is included for performing the program performed needed for above-mentioned processor.
It should be understood by those skilled in the art that, embodiments herein can be provided as method, system or computer program Product.Therefore, the application can be using the reality in terms of complete hardware embodiment, complete software embodiment or combination software and hardware Apply the form of example.And, the application can be used and wherein include the computer of computer usable program code at one or more The computer program implemented in usable storage medium (including but not limited to magnetic disk storage, CD-ROM, optical memory etc.) is produced The form of product.
The application is the flow with reference to method, equipment (system) and computer program product according to the embodiment of the present application Figure and/or block diagram are described.It should be understood that every first-class during flow chart and/or block diagram can be realized by computer program instructions The combination of flow and/or square frame in journey and/or square frame and flow chart and/or block diagram.These computer programs can be provided The processor of all-purpose computer, special-purpose computer, Embedded Processor or other programmable data processing devices is instructed to produce A raw machine so that produced for reality by the instruction of computer or the computing device of other programmable data processing devices The device of the function of being specified in present one flow of flow chart or multiple one square frame of flow and/or block diagram or multiple square frames.
These computer program instructions may be alternatively stored in can guide computer or other programmable data processing devices with spy In determining the computer-readable memory that mode works so that instruction of the storage in the computer-readable memory is produced and include finger Make the manufacture of device, the command device realize in one flow of flow chart or multiple one square frame of flow and/or block diagram or The function of being specified in multiple square frames.
These computer program instructions can be also loaded into computer or other programmable data processing devices so that in meter Series of operation steps is performed on calculation machine or other programmable devices to produce computer implemented treatment, so as in computer or The instruction performed on other programmable devices is provided for realizing in one flow of flow chart or multiple flows and/or block diagram one The step of function of being specified in individual square frame or multiple square frames.
Although having been described for the optional embodiment of the application, those skilled in the art once know basic wound The property made concept, then can make other change and modification to these embodiments.So, appended claims are intended to be construed to include Preferred embodiment and fall into having altered and changing for the application scope.
Obviously, those skilled in the art can carry out various changes and modification without deviating from this Shen to the embodiment of the present application Please embodiment spirit and scope.So, if these modifications of the embodiment of the present application and modification belong to the application claim And its within the scope of equivalent technologies, then the application is also intended to comprising these changes and modification.

Claims (10)

1. a kind of gateway deployment method, it is characterised in that including:
First gateway and the second gateway set up the first virtual extended LAN VXLAN tunnels;
First gateway receives the Virtual Router Redundacy Protocol that second gateway is transmitted by a VXLAN tunnels VRRP messages;
First gateway is based on the priority that the VRRP messages recognize the VRRP examples configured on second gateway;
First gateway is based on being configured on the priority of the VRRP examples configured on first gateway and second gateway VRRP examples priority, determine primary gateway and standby gateway in the first gateway and the second gateway;
Wherein, first gateway and second gateway deployment are in different regions, first gateway and second net Shut and be configured with VRRP examples.
2. the method for claim 1, it is characterised in that first gateway is based on what is configured on first gateway The priority of the VRRP examples configured in the priority of VRRP examples and second gateway, in the first gateway and the second gateway Determine primary gateway and standby gateway, including:
The priority of the VRRP examples that first gateway is configured on first gateway is configured higher than on second gateway VRRP examples priority when, determine first gateway for primary gateway, second gateway is standby gateway;
The priority of the VRRP examples that first gateway is configured on second gateway is configured higher than on first gateway VRRP examples priority when, determine second gateway for primary gateway, first gateway is standby gateway.
3. method as claimed in claim 2, it is characterised in that methods described also includes:
First gateway sets up the 2nd VXLAN tunnels with intermediate equipment;
When first gateway is primary gateway, first gateway is set by the 2nd VXLAN tunnels to the centre Standby transmission ARP message, makes the intermediate equipment be based on the media of the first gateway described in the ARP Receive messages Access control MAC addresses.
4. method as claimed in claim 3, it is characterised in that methods described also includes:
First gateway receives communication message of the intermediate equipment by the 2nd VXLAN tunnel transmissions, the communication Message is the message that VXLAN heading encapsulation is carried out according to the address information in the 2nd VXLAN tunnels;
After first gateway decapsulates the communication message, recognizing the destination address of the communication message carries out the communication The forwarding of message.
5. method as claimed in claim 2, it is characterised in that methods described also includes:
When first gateway is primary gateway, first gateway is periodically through a VXLAN tunnels to described Second gateway transfer protocol message, the protocol massages are used to notify that second gateway is maintained at stand-by state.
6. a kind of gateway deployment device, is applied to the first gateway, it is characterised in that including:
Communication unit, for setting up the first virtual extended LAN VXLAN tunnels with the second gateway;And by described first VXLAN tunnels receive the Virtual Router Redundacy Protocol VRRP messages of the second gateway transmission;
Processing unit, the priority for recognizing the VRRP examples configured on second gateway based on the VRRP messages;With And the VRRP examples configured in the priority and second gateway based on the VRRP examples configured on first gateway is excellent First level, primary gateway and standby gateway are determined in the first gateway and the second gateway;
Wherein, first gateway and second gateway deployment are in different regions, first gateway and second net Shut and be configured with VRRP examples.
7. device as claimed in claim 6, it is characterised in that the processing unit determines in the first gateway and the second gateway When primary gateway and standby gateway, specifically for:
The priority of the VRRP examples configured on first gateway is higher than the VRRP examples configured on second gateway During priority, first gateway is determined for primary gateway, second gateway is standby gateway;
The priority of the VRRP examples configured on second gateway is higher than the VRRP examples configured on first gateway During priority, second gateway is determined for primary gateway, first gateway is standby gateway.
8. device as claimed in claim 7, it is characterised in that the communication unit, is additionally operable to set up second with intermediate equipment VXLAN tunnels;And when first gateway is primary gateway, passed to the intermediate equipment by the 2nd VXLAN tunnels Defeated ARP message, makes the intermediate equipment be based on the media interviews of the first gateway described in the ARP Receive messages Control MAC Address.
9. device as claimed in claim 8, it is characterised in that the communication unit is additionally operable to:
Communication message of the intermediate equipment by the 2nd VXLAN tunnel transmissions is received, the communication message is according to institute Stating the address information in the 2nd VXLAN tunnels carries out the message of VXLAN heading encapsulation;
The processing unit, after being additionally operable to decapsulate the communication message, recognizes the destination address of the communication message, and root The communication message is forwarded by the communication unit according to the destination address.
10. device as claimed in claim 7, it is characterised in that the communication unit is additionally operable to:
When first gateway is primary gateway, transmitted to second gateway periodically through a VXLAN tunnels Protocol massages, the protocol massages are used to notify that second gateway is maintained at stand-by state.
CN201710061318.4A 2017-01-25 2017-01-25 A kind of gateway deployment method and apparatus Active CN106789540B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201710061318.4A CN106789540B (en) 2017-01-25 2017-01-25 A kind of gateway deployment method and apparatus

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201710061318.4A CN106789540B (en) 2017-01-25 2017-01-25 A kind of gateway deployment method and apparatus

Publications (2)

Publication Number Publication Date
CN106789540A true CN106789540A (en) 2017-05-31
CN106789540B CN106789540B (en) 2019-11-29

Family

ID=58942104

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201710061318.4A Active CN106789540B (en) 2017-01-25 2017-01-25 A kind of gateway deployment method and apparatus

Country Status (1)

Country Link
CN (1) CN106789540B (en)

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN108075971A (en) * 2017-12-25 2018-05-25 新华三技术有限公司 A kind of main/standby switching method and device
CN111679604A (en) * 2020-06-05 2020-09-18 中国石油化工股份有限公司 Multiple redundant structure of industrial control protocol gateway
CN113973045A (en) * 2020-07-24 2022-01-25 中移(苏州)软件技术有限公司 Message transmission method and device

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101022328A (en) * 2007-03-26 2007-08-22 杭州华为三康技术有限公司 Method for realizing redundant gateway path overhead dynamic regulation and gate way equipment
CN103200069A (en) * 2013-03-29 2013-07-10 华为技术有限公司 Message processing method and device
US20160197853A1 (en) * 2015-01-05 2016-07-07 Brocade Communications Systems, Inc. Distributed bidirectional forwarding detection protocol (d-bfd) for cluster of interconnected switches

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101022328A (en) * 2007-03-26 2007-08-22 杭州华为三康技术有限公司 Method for realizing redundant gateway path overhead dynamic regulation and gate way equipment
CN103200069A (en) * 2013-03-29 2013-07-10 华为技术有限公司 Message processing method and device
US20160197853A1 (en) * 2015-01-05 2016-07-07 Brocade Communications Systems, Inc. Distributed bidirectional forwarding detection protocol (d-bfd) for cluster of interconnected switches

Cited By (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN108075971A (en) * 2017-12-25 2018-05-25 新华三技术有限公司 A kind of main/standby switching method and device
CN108075971B (en) * 2017-12-25 2021-01-26 新华三技术有限公司 Main/standby switching method and device
CN111679604A (en) * 2020-06-05 2020-09-18 中国石油化工股份有限公司 Multiple redundant structure of industrial control protocol gateway
CN113973045A (en) * 2020-07-24 2022-01-25 中移(苏州)软件技术有限公司 Message transmission method and device
CN113973045B (en) * 2020-07-24 2024-02-23 中移(苏州)软件技术有限公司 Message transmission method and device

Also Published As

Publication number Publication date
CN106789540B (en) 2019-11-29

Similar Documents

Publication Publication Date Title
CN109873760B (en) Method and device for processing route, and method and device for data transmission
ES2899593T3 (en) VXLAN packet processing method, device and system
CN103841023B (en) The method and apparatus of data forwarding
CN104639414B (en) A kind of message forwarding method and equipment
CN103200069B (en) A kind of method and apparatus of Message processing
US10193707B2 (en) Packet transmission method and apparatus
WO2015165311A1 (en) Method for transmitting data packet and provider edge device
CN104579954B (en) The cross-domain retransmission method of message, device and communication equipment
CN104869042A (en) Message forwarding method and message forwarding device
CN103118149B (en) Communication control method between same tenant's server and the network equipment
CN107404436A (en) Communication means and device for virtual expansible LAN
CN109587059B (en) SR-BE inner layer tunnel label configuration method, device and communication system
CN108040135B (en) Method and device for VPWS message to pass through three-layer IP network
WO2019137355A1 (en) Method and device for transmitting data, and network system
CN107645433B (en) Message forwarding method and device
CN112887139B (en) Message processing method and device
CN107659484B (en) Method, device and system for accessing VXLAN network from VLAN network
US10003518B2 (en) Span session monitoring
CN106209638A (en) From VLAN to the message forwarding method of virtual expansible LAN and equipment
CN106789540B (en) A kind of gateway deployment method and apparatus
CN107968749A (en) Realize method, exchange chip and the interchanger of QinQ route terminations
CN109120492B (en) Storage unit, source switch, message forwarding method and mirror image system
EP2897328B1 (en) Method, system and apparatus for establishing communication link
CN107634893B (en) Method and device for processing Media Access Control (MAC) address advertisement route
WO2021108143A1 (en) Group-based policies for inter-domain traffic

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant