CN108322391A - Data transferring method based on flow table - Google Patents

Data transferring method based on flow table Download PDF

Info

Publication number
CN108322391A
CN108322391A CN201711481899.3A CN201711481899A CN108322391A CN 108322391 A CN108322391 A CN 108322391A CN 201711481899 A CN201711481899 A CN 201711481899A CN 108322391 A CN108322391 A CN 108322391A
Authority
CN
China
Prior art keywords
node
virtual switch
data packet
machine
virtual
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN201711481899.3A
Other languages
Chinese (zh)
Other versions
CN108322391B (en
Inventor
袁航
周雍恺
吴金坛
祖立军
何东杰
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
China Unionpay Co Ltd
Original Assignee
China Unionpay Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by China Unionpay Co Ltd filed Critical China Unionpay Co Ltd
Priority to CN201711481899.3A priority Critical patent/CN108322391B/en
Publication of CN108322391A publication Critical patent/CN108322391A/en
Priority to PCT/CN2018/120306 priority patent/WO2019128699A1/en
Priority to TW107145030A priority patent/TWI759571B/en
Application granted granted Critical
Publication of CN108322391B publication Critical patent/CN108322391B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L45/00Routing or path finding of packets in data switching networks
    • H04L45/44Distributed routing
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L47/00Traffic control in data switching networks
    • H04L47/70Admission control; Resource allocation
    • H04L47/82Miscellaneous aspects
    • H04L47/825Involving tunnels, e.g. MPLS
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L61/00Network arrangements, protocols or services for addressing or naming
    • H04L61/09Mapping addresses
    • H04L61/10Mapping addresses of different types
    • H04L61/103Mapping addresses of different types across network layers, e.g. resolution of network layer into physical layer addresses or address resolution protocol [ARP]

Abstract

The present invention relates to a kind of data transferring methods based on flow table, including:By flow table issuance to the first virtual switch, so that the corresponding external interface of the first virtual switch is configured to receive the ARP request from external device (ED);First virtual switch generates the corresponding arp response to ARP request based on flow table;External interface receives the data packet from external device (ED);Determine whether the purpose virtual machine of data packet is in the corresponding physical machine of first node;If purpose virtual machine is in the corresponding physical machine of second node different from first node, the first virtual switch forwards the packet to the second virtual switch.It can reliably and efficiently realize bi-directional of the data packet between each terminal and external device (ED), and distributed routing communication plan is enable farthest to play effect.

Description

Data transferring method based on flow table
Technical field
The present invention relates to technical field of data transmission, more specifically to a kind of data transferring method based on flow table.
Background technology
Router (Router) is for connecting multiple logically separate networks, and so-called logical network is to represent a list Only network or a subnet.When data is transferred from one subnet to another subnet, the routing work(of router can be passed through It can complete.As shown in Figure 1.
Computer communication under different sub-network must all be completed by router.In the real-time performance of software SDN, routing Function is realized by the mechanism of software, and two kinds of forms of concentrated route and distributed routing can be specifically divided into.
(1) concentrated route
East and West direction flow (flow between different network) and north-south flow are (interior in concentrated route mechanism Flow between portion network and external network) router will be passed through.The core position of router has become in network A bottleneck.In order to solve this problem, it is proposed that distributed routing mechanism.
(2) distributed routing
Distributed routing mechanism then all enables a router on each node.For transmeridional flow, flow meeting Directly transmitted between calculate node.For the flow in north-south, if there is Floating IP address, flow just directly walks calculate node.Such as Fruit does not have Floating IP address, then can walk network node.Distribution routing still can walk concentration when handling the not flow of Floating IP address Network node, in itself or concentrated route pattern.
In software SDN schemes, the function realization of distribution routing is all based on flow table to realize.Below just with For the virtual switch of openflow flow tables and the execution flow table, traditional distribution based on openflow flow tables is summarized The problem of routing.The logic chart of the north-souths software SDN traffic communication is as shown in Figure 2.
Virtual machine (for example, being equivalent to the network terminal) and the data flow of external network communication in one network are required for leading to Cross router.And in software SDN schemes, which is mapped as physical structure, as shown in Figure 3.It can be seen that same net The virtual machine of section may be distributed under different routers.When with external network communication, data packet is gone to virtually virtual machine When on interchanger, the source IP address of data packet is converted to uniquely Floating IP address corresponding with the virtual machine by virtual switch chance.Such as V1 is when with external network communication, the source IP address of the data packet from v1 out or the IP address of v1, i.e. 10.0.0.1, that After data packet has arrived on virtual switch, virtual switch according to the purpose IP address of the data packet judge this be v1 with At this moment the data packet of external network communication just has source IP address field of the corresponding flow table to the data packet in virtual switch It is converted, 10.0.0.1 is converted into 172.16.1.1, that is, the Floating IP address of v1.So for external network, v1 IP address also just become for 172.16.1.1.
Because being one-to-one between Floating IP address and virtual machine, external network is when carrying out back packet, so that it may To find the position where v1 by Floating IP address, to which returned data packet is returned to v1.But if v1 does not have Floating IP address, it The data actively sent to delivery network are can to send to other side, but the return packet of other side can not be sent to v1, this is because v1 Data packet be using its internal address 10.0.0.1 as source IP address, and its internal address is not recognized by external network. So external interface can only be directed to backhaul traffic in such a way that external network configures static routing, then pass through the interface It send to platform interior.
However, in existing distributed routing framework design, the external interface is possibly even without receiving external network number According to function.As shown in figure 3, the interface of router and outer net has been distributed in each section when being mapped in physical structure in fact On point, that is to say, that each node can there are one the external interfaces that IP address is 172.16.1.100.To by outside Data packet accurately sends the corresponding, sheet without Floating IP address back to via subnet (Net1, Net2) again via node (node 1,2) There are still difficulties for ground terminal virtual machine (V1-V6).
Invention content
The purpose of the present invention is to provide a kind of data transferring method based on flow table, make even if floating in no application Also the bi-directional of data packet can be realized in the case of dynamic IP.
To achieve the above object, it is as follows to provide a kind of technical solution by the present invention:
A kind of data transferring method based on flow table, a section for being provided to data packet in multiple network nodes Point, wherein each node disposes a physical machine respectively, and physical machine is configured with a virtual switch and an at least virtual machine, virtual machine It is route by virtual switch, this method includes:A), by flow table issuance to the first virtual switch, so that the first virtual friendship Corresponding external interface of changing planes is configured to receive the ARP request from external device (ED);Wherein, the first virtual switch is in first The corresponding physical machine of node;B), the first virtual switch generates the corresponding arp response to ARP request based on flow table;C), external Data packet of the interface from external device (ED);Wherein, data packet is provided by external device (ED) after receiving arp response;D), really Whether the purpose virtual machine for determining data packet is in the corresponding physical machine of first node;And if e), purpose virtual machine be in difference In the corresponding physical machine of the second node of first node, then the first virtual switch forwards the packet to the second virtual switch Machine;Wherein, the second virtual switch is in the corresponding physical machine of second node.
Preferably, flow table is generated by SDN controllers.
Preferably, arp response includes at least the MAC Address of the corresponding physical machine of the first virtual switch.
Preferably, in step e), the IP address of the physical machine where the second virtual switch is obtained using SDN controllers, The second virtual switch is forwarded the packet to using tunneling technique.
Preferably, purpose virtual machine is not provided with Floating IP address.
The present invention further provides a kind of physical machines for received data packet, are deployed at a network node, wherein object Reason machine is configured with a virtual switch and at least a virtual machine, virtual machine are route by virtual switch, and virtual switch is based on stream Table is configured to:With ARP request of the external interface from external device (ED), and, generate the corresponding arp response to ARP request; With data packet of the external interface from external device (ED);Wherein, data packet is carried by external device (ED) after receiving arp response For;Determine whether the purpose virtual machine of data packet is in the corresponding physical machine of first node;Wherein, first node is current network Node;And if it is determined that purpose virtual machine is in the corresponding physical machine of second node, then forward the packet in the second section Virtual switch in the corresponding physical machine of point;Wherein, second node is the network node different from first node.
Preferably, physical machine is coupled with SDN controllers, and obtains flow table from SDN controllers.
Various embodiments of the present invention provide the data transferring method based on flow table, each network node or in which virtual machine In the case of without Floating IP address, it still is able to reliably and efficiently realize that data packet is double between each virtual machine and external device (ED) To transmission.This method enables distributed routing communication plan farthest to play its effect, and can overcome existing skill Concentrated route and distributed routing traffic bottlenecks problem that may be present in art.The present invention additionally provides physical machine can be Virtual machine realizes the bi-directional of data packet in the case of not having Floating IP address, and then promotes the work(of distributed routing communication plan Effect maximizes.
Description of the drawings
Fig. 1 shows the network topology structure schematic diagram between router and different sub-network.
Fig. 2 shows the logic charts of the north-souths software SDN traffic communication.
Fig. 3 shows the interface mappings of router and outer net to the schematic diagram of physical structure.
Fig. 4 shows the flow diagram of transmission transfer approach according to an embodiment of the invention.
Fig. 5 shows the network topology structure of data communication system according to an embodiment of the invention.
Specific implementation mode
Detail is proposed in the following description, in order to provide thorough understanding of the present invention.However, the technology of this field Personnel will clearly know, can implement the embodiment of the present invention without these details.In the present invention, it can carry out Specific numeric reference, such as " first element ", " second device " etc..But be understood not to must for specific number reference Its literal sequence must be submitted to, but should be understood that " first element " is different from " second element ".
Detail proposed by the invention is exemplary, and detail can change, but still fall into the present invention Spirit and scope within.Term " coupling ", which is defined to indicate that, is directly connected to component or via another component and in succession It is connected to component.
Below by way of the preferred embodiment for the mthods, systems and devices for being described with reference to be adapted for carrying out the present invention.Though Right each embodiment be described for single combine of element, however, it is understood that the present invention include all of disclosed element can It can combination.Therefore, if one embodiment includes element A, B and C, and second embodiment includes element B and D, then of the invention Other residue combinations of A, B, C or D should be believed to comprise, even if not disclosing clearly.
As shown in figure 4, first embodiment of the invention provides a kind of data transferring method, realized based on flow table, specifically Including following each step.
Step S10, by flow table issuance to the first virtual switch, so that the corresponding external interface of the first virtual switch It is configured to receive the ARP request from external device (ED).
Wherein, the first virtual switch is in the corresponding physical machine of first node, and first node can be multiple networks Any one node in node.The application in the whole text in, network is the specific network defined according to SDN technologies, packet Include multiple network nodes, each node can dispose a physical machine respectively, and configuration is there are one virtual switch and at least in physical machine One virtual machine, each virtual machine are route by the virtual switch in same physical machine.In other words, each virtual machine and outside Communication between network is realized via virtual switch.It should be understood that may exist one or more layers under network Subnet, access network nodes again under subnet.
According to an embodiment of the invention, each virtual machine in each network node and/or its corresponding physical machine can not With Floating IP address, the two-way communication between virtual machine and network-external device will still may be implemented, will be explained in detail below.
By the way that by openflow flow table issuances to the first virtual switch, openflow flow tables can be configured and are applied to First node, so that the corresponding external interface of the first virtual switch is configured to receive (the addresses ARP from external device (ED) Analysis protocol) request, in turn, additionally it is possible to generate the response (illustrating in step s 11) to the ARP request.
As an example, flow table is generated by the SDN controllers of access current network, and current net is issued to by SDN controllers All or part of network node in network.By being issued to corresponding network node, flow table will realize corresponding network node Functionality still is able to efficiently real especially in the case where the network node or the virtual machine of its subordinate do not have Floating IP address Existing transmitted in both directions of the data packet between virtual machine and network-external device.
Under distributed route pattern, external interface distribution is in a network on each network node, that is, each virtual switch Machine is designed with external interface, so the mode that full dose issues (flow table) can be used in the implementation, i.e., each network node obtains The flow table just has the routing framework for having high distributivity and high availability as the current network of set of node group in this way.Alternatively Certain optimisation strategy can be used in ground, for example, the network that the flow table for being configured to arp response is only issued to current tenant is whole On the network node for holding institute subordinate, or using other strategies several network nodes are picked out to issue flow table, in this way can External flow is received more quickly and carries out network terminal positioning, moreover, flow table content is less, is more convenient for safeguarding.
Flow table incorporates the network configuration information of each level of current network (including subnet) in its list item so that is carrying out There are specific rules can be according to when data forwarding (with outbound communication), or even more complicated, more rich rule can be defined.Specifically For, the matching domain of flow table can be used in being matched with the data packet that virtual switch receives, and cover ISO network models In second to the 4th layer of network configuration information.The action fields of flow table are used to indicate virtual switch and are receiving matched data packet When how should handle, multigroup action can be defined in action fields.Flow table can also include calculator, for counting about data The information of flow.
It according to the preferred embodiment of the present invention, can also be according to actual conditions or application after flow table issues for the first time Occasion is modified flow table.For example, such as changing Table values, the priority of flow table, or changes and held in openflow flow tables The step of action is made, or simplify the step (such as without three layers of forwarding step) in flow table, directly carry out port forwarding operations Deng.
Step S11, the first virtual switch generates the corresponding arp response to ARP request based on flow table.
It should be understood that for the physical machine corresponding to each network node, flow table can be obtained by virtual switch And itself is configured using flow table, and then the corresponding arp response to the ARP request is generated by virtual switch, and each arp response is Content is different.Specifically, by receiving arp response, network-external device can should at least distinguish each physical machine and determination Its position in a network, in order to subsequent transmission data packet.
In order to realize that the distributed structure/architecture of network routing, flow table are also issued to other network nodes in current network together (specifically, being issued to corresponding virtual switch), the physical machine corresponding to these other network nodes is respectively by virtually handing over It changes planes and carrys out one arp response packet of loopback, wherein including the MAC Address of the physical machine, to get the network-external of MAC Address The physical machine can be recognized accurately in device.
As an example, at this moment flow table can be by following format design (part for only showing flow table content):
Table=20, priority=1024, arp, arp_tpa=172.16.1.100, arp_op=1actions= move:NXM_OF_ETH_SRC[]->NXM_OF_ETH_DST[],set_field:f8:4a:bf:5a:2b:ea->eth_ src,load:0x2->NXM_OF_ARP_OP[],move:NXM_NX_ARP_SHA[]->NXM_NX_ARP_THA[],move: NXM_OF_ARP_SPA[]->NXM_OF_ARP_TPA[],load:0xf84abf5a2bea->NXM_NX_ARP_SHA[], load:0xac100164->NXM_OF_ARP_SPA[],IN_PORT
The main function of the above flow table is exactly to construct a response bag for being directed to ARP request for external interface, and outside connects The response bag is sent back to ARP request side's (network-external device) by mouth.It, can be into one after requesting party, which receives the ARP, returns packet Step will need the data packet transmitted to be sent to the external interface.It is appreciated that the above flow table only shows reality as an example A part for flow table, in order to realize that the full functionality of virtual switch and/or virtual machine, practical flow table will be more complicated. Practical application, can make various improvement with convection current sheet format, for example, the action to including in action fields omit and/ Or combination, limit execution number of each action etc..
In this step, the effect of ARP request is to obtain the MAC Address that data send target, and each arp response is extremely Few includes the MAC Address for preparing to receive the correspondence physical machine of the corresponding network node of data to be transmitted packet.It should be understood that ARP request Preparation before being only transmission data packet with arp response, the two are not related to data to be transmitted packet.
Step S12, external interface receives the data packet from external device (ED).
In this step, specifically, after external device (ED) obtains arp response, it understand that preparation received data packet The corresponding physical machine of each network node MAC Address.For first node and its corresponding first virtual switch, outside After part device receives the arp response from the first virtual switch, data packet will be sent to the outer of the first virtual switch Portion's interface.After the external interface receives the data packet, depending on the position of purpose terminal, it can directly be delivered to first segment Any one virtual machine of point subordinate, or be forwarded again.
Step S13, determine whether the purpose virtual machine of data packet is in the corresponding physical machine of first node.
Specifically, step S13 is executed by corresponding first virtual switch of first node, and virtual switch is from number According to packet it can directly know its purpose terminal (purpose virtual machine), and then the flow table issued according to SDN controllers determines network Whether the purpose terminal of the data packet transmitted by device is in the corresponding physical machine of first node.
It, can be by the first virtual switch by the number if the purpose terminal of data packet is in the corresponding physical machine of first node It directly delivers in purpose terminal according to packet, in this case, can in the most efficient manner realize about the complete of the data packet Communication, but usually such case has uncertain and randomness.
As an example, at this moment following format (part for showing flow table) can be used in flow table:
Table=70, priority=1024, ip, tun_id=0x5a, nw_dst=10.0.0.3
Actions=set_field:fa:16:3e:99:df:47->eth_dst,goto_table:80 (three layers of forwarding)
Table=110, tun_id=0x5a, dl_dst=fa:16:3e:99:df:47actions=output:23 (two layers It is forwarded to virtual machine, 23 ports are the ports for the virtual switch being connect with virtual machine)
If step S14, purpose terminal (purpose virtual machine) is in the corresponding physics of second node different from first node Machine then forwards the packet to the second virtual switch.
Wherein, the second virtual switch is in the corresponding physical machine of second node, corresponding with second node.
As more generally situation, in purpose terminal not at the corresponding physical machine of first node, but it is located at second When the corresponding physical machine of node, flow table can be based on or utilize SDN controllers, to obtain the IP that second node corresponds to physical machine Address reuses tunneling technique, such as Point to Point Tunnel Protocol (Point to Point Tunneling Protocol, abbreviation For PPTP), data packet is forwarded to second node (specifically, second from first node (specifically, the first virtual switch) Virtual switch).
As an example, such case downstream table format is following (part for showing flow table):
Table=70, priority=1024, ip, tun_id=0x5a, nw_dst=10.0.0.3
Actions=set_field:fa:16:3e:99:df:47->eth_dst,goto_table:80 (three layers of forwarding)
Table=110, tun_id=0x5a, dl_dst=fa:16:3e:99:df:47actions=output:3 (pass through tunnel Road technology is forwarded to corresponding physical machine, subsequent output:3 representatives are sent out from port 3, and port 3 is the port in tunnel)
After step s 14, following steps can also be performed:Data packet is directly delivered to purpose by the second virtual switch Virtual machine (because purpose virtual machine is in the corresponding physical machine of second node, and is route) by the second virtual switch, to, Purpose virtual machine finally obtains the data packet from external device (ED).
Data packet reaches second node so that when being issued to purpose virtual machine, following format can be used in example flow table:
Table=110, tun_id=0x5a, dl_dst=fa:16:3e:99:df:47actions=output:23 (two layers It is forwarded to virtual machine)
The data transferring method based on flow table that above-mentioned first embodiment provides, network is defined by using SDN technologies, And it still is able to reliable come Configuration network in the case where each network node or each virtual machine do not have Floating IP address using flow table And efficiently realize transmitted in both directions of the data packet between virtual machine and external device (ED).
In addition, the above method can overcome concentrated route in the prior art and distributed routing flow bottle that may be present Neck problem so that the communication plan of distribution routing can play effect to the full extent.
Second embodiment of the invention provides a kind of physical machine, is deployed at one or more of network network node, There are one virtual switch and multiple virtual machines, each virtual machine is route by corresponding virtual switch for physical machine configuration.
Wherein, virtual switch is configured based on flow table, and executes following various operations:
One, with ARP request of the external interface from external device (ED), and, and then generate and the corresponding ARP of ARP request is rung It answers.
Two, with data packet of the external interface from external device (ED).Wherein, data packet is receiving ARP sound by external device (ED) Should after provide.
Three, determine whether the purpose virtual machine of data packet is in the corresponding physical machine of first node.Wherein, first node is current Network node.
Four, it if it is determined that purpose virtual machine is in the corresponding physical machine of second node, then forwards the packet in second node Virtual switch in corresponding physical machine.
Wherein, second node is another network node different from first node.
Specifically, SDN controllers first being capable of network, additionally it is possible to generate flow table for each network in Configuration network Node, the including but not limited to configuration to physical machine, virtual switch and virtual machine.SDN controllers may further provide Flow table changing unit so that designer can be modified flow table, and the flow table that modification is completed is re-issued to current The corresponding virtual switch of network.
According to flow table, the external interface of the corresponding virtual switch of first node (the first virtual switch) is received from outer The ARP request of part device.
According to flow table, the first virtual switch generates the corresponding arp response to ARP request, and arp response is encapsulated as responding It wraps and sends back external device (ED).Arp response includes the MAC Address of the physical machine where the first virtual switch.
According to flow table, the first virtual switch is by its external interface from external device (ED) received data packet.
According to flow table, whether the first virtual switch can determine the purpose terminal (purpose virtual machine) of data packet in the The corresponding physical machine of one node.
It is empty according to flow table, first when purpose terminal is in second node (rather than first node) corresponding physical machine Quasi- interchanger can forward the packet to the second virtual switch, this can be realized by Point to Point Tunnel Protocol, finally Data packet is directly delivered into purpose virtual machine by the second virtual switch.Wherein, the second virtual switch is in second node Virtual switch in corresponding physical machine provides the routing to purpose virtual machine.
The virtual switch in physical machine is configured based on flow table so that physical machine has the advantages that:No matter its Whether the virtual machine of subordinate there is Floating IP address, the physical machine can realize that data packet is double between virtual machine and external device (ED) To transmission, and then contribute to the realization of distributed routing to the full extent.
As shown in figure 5, third embodiment of the invention provides a kind of data communication system based on flow table, in multiple nets Data packet is transmitted between network node, wherein each network node is deployed with the physical machine disclosed in above-mentioned second embodiment, these The flow table that SDN controllers are issued can be selected to configure in physical machine so that the virtual switch being provided with, which can receive, to be come From the ARP request of external device (ED), and generate corresponding arp response.External device (ED) is receiving arp response, can be by data packet It is sent to desired purpose terminal.
Specifically, first node 11 is provided with the first virtual switch 110, and second node 12 is provided with the second virtual friendship Change planes 120, the first, second virtual switch 110,120 is provided respectively to virtual machine V1, V2, V3 and virtual machine V4, V5, V6 Routing.
After configuring the virtual switch being arranged in physical machine using flow table, this data communication system can promote number According to transmitted in both directions of the packet between virtual machine and external device (ED), whether there is Floating IP address but regardless of these virtual machines.
As an example, if the purpose terminal of data packet 1 is directed toward the virtual machine V1 in first node 11, the first virtual switch Data packet 1 can be directly delivered to virtual machine V1 by 110;If the purpose terminal of data packet is directed toward the virtual machine in second node 12 V5, the first virtual switch 110 forward the packet to the second virtual switch 120 by tunneling technique, then virtual by second Data packet is delivered virtual machine V5 by interchanger 120.
In some embodiments of the invention, at least part of above system can be used that communication network is connected one group Distributed computing devices are realized, or, realized based on " cloud ".In such systems, multiple computing devices co-operate, with logical It crosses and provides service using its shared resource.
Reality based on " cloud " nows provide one or more advantages, including:Open, flexibility and scalability, can in Heart management, reliability, scalability, computing resource is optimized, with polymerization and analyze across multiple users information ability, It is attached and is used for multiple movements or data network operator the ability of network connectivty across multiple geographic areas.
According to another embodiment of the present invention, a kind of computer storage media is provided, is stored thereon with the executable finger of computer It enables, which when executed by the processor, will realize the method in above-mentioned first embodiment.
According to further embodiment of this invention, a kind of computer program is provided comprising a collection of computer executable instructions, this A little computer executable instructions when executed by the processor, orderly execute each step in the method in first embodiment.
Above description is not lain in and is limited the scope of the invention only in the preferred embodiment of the present invention.Ability Field technique personnel may make various modifications design, the thought without departing from the present invention and subsidiary claim.

Claims (12)

1. a kind of data transferring method based on flow table, for data packet to be provided to a node in multiple network nodes, Wherein, each node disposes a physical machine respectively, and the physical machine is configured with a virtual switch and an at least virtual machine, institute Virtual machine is stated by the virtual switch to route, the method includes:
A), by flow table issuance to the first virtual switch, so that the corresponding external interface configuration of first virtual switch At ARP request of the reception from external device (ED);Wherein, first virtual switch is in the corresponding physics of first node Machine;
B), first virtual switch generates the corresponding arp response to the ARP request based on the flow table;
C), the external interface receives the data packet from the external device (ED);Wherein, the data packet is by the external device (ED) It is provided after receiving the arp response;
D), determine whether the purpose virtual machine of the data packet is in the corresponding physical machine of the first node;And
If e), the purpose virtual machine is in the corresponding physical machine of second node different from the first node, institute It states the first virtual switch and the data packet is forwarded to the second virtual switch;Wherein, second virtual switch is in The corresponding physical machine of the second node.
2. according to the method described in claim 1, it is characterized in that, the flow table is generated by SDN controllers.
3. according to the method described in claim 2, it is characterized in that, the arp response includes at least first virtual switch The MAC Address of the corresponding physical machine of machine.
4. according to the method described in claim 2, it is characterized in that, in step e), described the is obtained using the SDN controllers The data packet is forwarded to second void by the IP address of the physical machine where two virtual switches using tunneling technique Quasi- interchanger.
5. according to the method described in claim 1, it is characterized in that, the method further includes:
The data packet is delivered the purpose virtual machine by second virtual switch.
6. the method according to any one of claims 1 to 5, it is characterized in that, the purpose virtual machine is not provided with floating IP。
7. a kind of computer storage media, is stored thereon with computer executable instructions, which is characterized in that the computer can be held Row instruction when executed by the processor, will realize the method described in any one of claim 1-6.
8. a kind of computer program, including a collection of computer executable instructions, the computer executable instructions are by processor When execution, the step of perform claim requires the method described in any one of 1-6.
9. a kind of physical machine for received data packet is deployed at a network node, wherein the physical machine is empty configured with one Quasi- interchanger and an at least virtual machine, the virtual machine are route by the virtual switch, and the virtual switch is based on flow table It is configured to:
With ARP request of the external interface from external device (ED), and, generate the corresponding arp response to the ARP request;
The data packet from the external device (ED) is received with the external interface;Wherein, the data packet is by the external device (ED) It is provided after receiving the arp response;
Determine whether the purpose virtual machine of the data packet is in the corresponding physical machine of first node;Wherein, described first Node is presently described network node;And
If it is determined that the purpose virtual machine is in the corresponding physical machine of second node, then the data packet is forwarded to and is in The virtual switch in the corresponding physical machine of the second node;Wherein, the second node is different from described The network node of first node.
10. physical machine according to claim 9, which is characterized in that the physical machine is coupled with SDN controllers, and from institute It states SDN controllers and obtains the flow table.
11. a kind of data communication system based on flow table, for transmitting data packet between multiple network nodes, feature exists In each network node deployment is just like the physical machine described in claim 9 or 10.
12. system according to claim 11, which is characterized in that the system is disposed based on cloud computing.
CN201711481899.3A 2017-12-29 2017-12-29 Data transmission method based on flow table Active CN108322391B (en)

Priority Applications (3)

Application Number Priority Date Filing Date Title
CN201711481899.3A CN108322391B (en) 2017-12-29 2017-12-29 Data transmission method based on flow table
PCT/CN2018/120306 WO2019128699A1 (en) 2017-12-29 2018-12-11 Flow table-based data transfer method
TW107145030A TWI759571B (en) 2017-12-29 2018-12-13 Data transfer method based on flow table

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201711481899.3A CN108322391B (en) 2017-12-29 2017-12-29 Data transmission method based on flow table

Publications (2)

Publication Number Publication Date
CN108322391A true CN108322391A (en) 2018-07-24
CN108322391B CN108322391B (en) 2020-08-25

Family

ID=62892777

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201711481899.3A Active CN108322391B (en) 2017-12-29 2017-12-29 Data transmission method based on flow table

Country Status (3)

Country Link
CN (1) CN108322391B (en)
TW (1) TWI759571B (en)
WO (1) WO2019128699A1 (en)

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN109547342A (en) * 2018-11-30 2019-03-29 新华三技术有限公司 A kind of delivery method and network node of policybased routing
WO2019128699A1 (en) * 2017-12-29 2019-07-04 中国银联股份有限公司 Flow table-based data transfer method
WO2020134017A1 (en) * 2018-12-25 2020-07-02 中国银联股份有限公司 Sdn-based vpn traffic scheduling method and sdn-based vpn traffic scheduling system

Families Citing this family (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN115150106B (en) * 2021-03-16 2023-03-14 中国科学技术大学 Safety protection method of physical machine and network node equipment
CN114172789B (en) * 2021-12-07 2023-11-10 北京天融信网络安全技术有限公司 Virtual equipment link detection method, device, equipment and storage medium

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2015074395A1 (en) * 2013-11-22 2015-05-28 华为技术有限公司 Data packet forwarding method, apparatus and system
CN104869058A (en) * 2015-06-04 2015-08-26 北京京东尚科信息技术有限公司 Method and device for transmitting data message
CN105099779A (en) * 2015-07-29 2015-11-25 北京京东尚科信息技术有限公司 Multi-tenant cloud platform architecture
CN107124364A (en) * 2017-06-30 2017-09-01 广州市品高软件股份有限公司 The complete Proxy Methods of network A RP and system based on software defined network controller
CN107306215A (en) * 2016-04-18 2017-10-31 中国移动通信集团江西有限公司 A kind of data processing method, system and node

Family Cites Families (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US8300525B1 (en) * 2009-01-30 2012-10-30 Juniper Networks, Inc. Managing a flow table
EP3059906B1 (en) * 2013-11-19 2018-06-20 Huawei Technologies Co., Ltd. Table items addressing method, switch, and controller based on flow table
CN108322391B (en) * 2017-12-29 2020-08-25 中国银联股份有限公司 Data transmission method based on flow table

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2015074395A1 (en) * 2013-11-22 2015-05-28 华为技术有限公司 Data packet forwarding method, apparatus and system
CN104869058A (en) * 2015-06-04 2015-08-26 北京京东尚科信息技术有限公司 Method and device for transmitting data message
CN105099779A (en) * 2015-07-29 2015-11-25 北京京东尚科信息技术有限公司 Multi-tenant cloud platform architecture
CN107306215A (en) * 2016-04-18 2017-10-31 中国移动通信集团江西有限公司 A kind of data processing method, system and node
CN107124364A (en) * 2017-06-30 2017-09-01 广州市品高软件股份有限公司 The complete Proxy Methods of network A RP and system based on software defined network controller

Cited By (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2019128699A1 (en) * 2017-12-29 2019-07-04 中国银联股份有限公司 Flow table-based data transfer method
CN109547342A (en) * 2018-11-30 2019-03-29 新华三技术有限公司 A kind of delivery method and network node of policybased routing
CN109547342B (en) * 2018-11-30 2021-03-09 新华三技术有限公司 Strategy routing issuing method and network node
WO2020134017A1 (en) * 2018-12-25 2020-07-02 中国银联股份有限公司 Sdn-based vpn traffic scheduling method and sdn-based vpn traffic scheduling system
US11296997B2 (en) 2018-12-25 2022-04-05 China Unionpay Co., Ltd. SDN-based VPN traffic scheduling method and SDN-based VPN traffic scheduling system

Also Published As

Publication number Publication date
CN108322391B (en) 2020-08-25
WO2019128699A1 (en) 2019-07-04
TW201931828A (en) 2019-08-01
TWI759571B (en) 2022-04-01

Similar Documents

Publication Publication Date Title
CN108322391A (en) Data transferring method based on flow table
CN105207873B (en) A kind of message processing method and device
CN104717081B (en) The implementation method and device of a kind of gateway function
CN103444143B (en) Network system and policy route configuration method
CN104780066B (en) Determined for the physical pathway of virtual network stream of packets
CN108768817A (en) A kind of virtualization network constructing system, data packet sending method
CN101136921B (en) Communication apparatus and communication system
CN105553849B (en) A kind of traditional IP and SPTN network intercommunication method and system
CN104285416B (en) The virtual router in termination covering tunnel in storage area network
CN102334112A (en) Method and system for virtual machine networking
EP2843906B1 (en) Method, apparatus, and system for data transmission
EP3720075B1 (en) Data transmission method and virtual switch
CN106487719A (en) The system and method making network function externalizing via packet relaying
JP6544401B2 (en) PACKET TRANSFER DEVICE, CONTROL DEVICE, COMMUNICATION SYSTEM, COMMUNICATION METHOD, AND PROGRAM
CN109698788A (en) Flow forwarding method and flow forwarding device
CN102957619B (en) Virtual route system and method
CN106341330A (en) Topology discovery method and system of SDN controller
CN109245984A (en) A kind of message transmitting method, a kind of information processing method and its relevant device
CN103081418A (en) Computer system and communication method in computer system
CN101789949B (en) Method and router equipment for realizing load sharing
CN105556916B (en) The information statistical method and device of network flow
CN107113238A (en) Equipment, system and method for business chain
CN108471383A (en) Message forwarding method, device and system
CN105391635A (en) Network virtualization method based on software defined network (SDN)
CN101729404A (en) Mechanism for enabling layer two host addresses to be shielded from the switches in a network

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
REG Reference to a national code

Ref country code: HK

Ref legal event code: DE

Ref document number: 1258628

Country of ref document: HK

GR01 Patent grant
GR01 Patent grant