CN108322391B - Data transmission method based on flow table - Google Patents

Data transmission method based on flow table Download PDF

Info

Publication number
CN108322391B
CN108322391B CN201711481899.3A CN201711481899A CN108322391B CN 108322391 B CN108322391 B CN 108322391B CN 201711481899 A CN201711481899 A CN 201711481899A CN 108322391 B CN108322391 B CN 108322391B
Authority
CN
China
Prior art keywords
virtual switch
node
virtual
physical machine
flow table
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN201711481899.3A
Other languages
Chinese (zh)
Other versions
CN108322391A (en
Inventor
袁航
周雍恺
吴金坛
祖立军
何东杰
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
China Unionpay Co Ltd
Original Assignee
China Unionpay Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by China Unionpay Co Ltd filed Critical China Unionpay Co Ltd
Priority to CN201711481899.3A priority Critical patent/CN108322391B/en
Publication of CN108322391A publication Critical patent/CN108322391A/en
Priority to PCT/CN2018/120306 priority patent/WO2019128699A1/en
Priority to TW107145030A priority patent/TWI759571B/en
Application granted granted Critical
Publication of CN108322391B publication Critical patent/CN108322391B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L45/00Routing or path finding of packets in data switching networks
    • H04L45/44Distributed routing
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L47/00Traffic control in data switching networks
    • H04L47/70Admission control; Resource allocation
    • H04L47/82Miscellaneous aspects
    • H04L47/825Involving tunnels, e.g. MPLS
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L61/00Network arrangements, protocols or services for addressing or naming
    • H04L61/09Mapping addresses
    • H04L61/10Mapping addresses of different types
    • H04L61/103Mapping addresses of different types across network layers, e.g. resolution of network layer into physical layer addresses or address resolution protocol [ARP]

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)

Abstract

The invention relates to a data transmission method based on a flow table, which comprises the following steps: issuing the flow table to a first virtual switch so that an external interface corresponding to the first virtual switch is configured to receive an ARP request from an external device; the first virtual switch generating a corresponding ARP response to the ARP request based on the flow table; the external interface receives a data packet from an external device; determining whether a destination virtual machine of the data packet is in a physical machine corresponding to the first node; and if the destination virtual machine is in a physical machine corresponding to a second node different from the first node, the first virtual switch forwards the data packet to the second virtual switch. The distributed routing communication scheme can reliably and efficiently realize the bidirectional transmission of data packets between each terminal and an external device, and can exert the effect to the maximum extent.

Description

Data transmission method based on flow table
Technical Field
The present invention relates to the field of data transmission technologies, and in particular, to a data transmission method based on a flow table.
Background
A Router (Router) is a device used to connect multiple logically separate networks, so-called logical networks represent a single network or a sub-network. This may be accomplished by the routing function of the router when data is transferred from one subnet to another. As shown in fig. 1.
Computer communications under different subnets must all be accomplished through routers. In the network implementation of the software SDN, the routing function is implemented by a software mechanism, and may be specifically divided into two forms, namely centralized routing and distributed routing.
(1) Centralized routing
In a centralized routing mechanism, both east-west traffic (traffic between different networks) and north-south traffic (traffic between an internal network and an external network) pass through a router. The core location of the router makes it a bottleneck in the network. To solve this problem, a distributed routing mechanism is proposed.
(2) Distributed routing
The distributed routing mechanism enables one router on each node. For east-west traffic, traffic may pass directly between compute nodes. For north-south traffic, if there is a floating IP, the traffic goes directly to the compute node. If there is no floating IP, the network node will be walked. Distributed routing is also a network node that will go centralized when handling traffic without floating IP, and is essentially a centralized routing model.
In the software SDN scheme, the function implementation of distributed routing is implemented based on flow tables. The following outlines the problem of the traditional distributed routing based on openflow flow table, taking openflow table and virtual switch executing the flow table as an example. A logic diagram of software SDN north-south traffic communication is shown in fig. 2.
Data streams for a virtual machine (e.g., corresponding to a network terminal) within a network to communicate with an external network all need to pass through a router. In the software SDN scheme, the logical graph is mapped into a physical structure graph, as shown in fig. 3. It can be seen that virtual machines of the same network segment may be distributed under different routers. When the virtual machine communicates with an external network and a data packet goes to a virtual switch, the virtual switch converts a source IP address of the data packet into a floating IP uniquely corresponding to the virtual machine. If v1 is in communication with the external network, the source IP address of the packet coming out of v1 is the IP address of v1, that is, 10.0.0.1, then after the packet arrives at the virtual switch, the virtual switch determines that the packet is a packet in communication with the external network by v1 according to the destination IP address of the packet, and at this time, the virtual switch has a corresponding flow table to convert the source IP address field of the packet, and convert 10.0.0.1 to 172.16.1.1, that is, to float IP of v 1. Then the IP address of v1 becomes 172.16.1.1 for the external network.
Because floating IP and virtual machine are corresponding to each other, when packet return is carried out, the external network can find the position of v1 through floating IP, so that return data packet is sent back to v 1. However, if v1 has no floating IP, the data it sends to the publishing network can be sent to the other party, but the return packet of the other party cannot be sent to v1, because the data packet of v1 has its intranet address of 10.0.0.1 as the source IP address, and its intranet address is not known by the external network. Backhaul traffic can only be directed to an external interface by way of static routing configured by the external network and then routed through that interface to the interior of the platform.
However, in existing distributed routing architecture designs, the external interface may not even have the capability to receive external network data. As shown in fig. 3, the interfaces between the router and the extranet are already distributed on each node when they are mapped into the physical architecture, that is, each node has an external interface with IP address 172.16.1.100. Thus, it is still difficult to accurately send the external packets back to the corresponding local end virtual machines (V1-V6) without floating IP via the nodes (nodes 1,2) and then via the subnets (Net1, Net 2).
Disclosure of Invention
An object of the present invention is to provide a flow table-based data transfer method that enables bidirectional transfer of a packet even without applying a floating IP.
In order to achieve the above purpose, the invention provides a technical scheme as follows:
a data transmission method based on a flow table, configured to provide a data packet to one of a plurality of network nodes, where each node is respectively deployed with a physical machine, the physical machine is configured with a virtual switch and at least one virtual machine, and the virtual machine is routed by the virtual switch, the method comprising: a) the flow table is issued to the first virtual switch, so that an external interface corresponding to the first virtual switch is configured to receive an ARP request from an external device; the first virtual switch is positioned in a physical machine corresponding to the first node; b) the first virtual switch generates a corresponding ARP response to the ARP request based on the flow table; c) the external interface receives a data packet from an external device; wherein the data packet is provided by the external device after receiving the ARP response; d) determining whether a destination virtual machine of the data packet is in a physical machine corresponding to the first node; and e) if the destination virtual machine is in a physical machine corresponding to a second node different from the first node, the first virtual switch forwards the data packet to the second virtual switch; and the second virtual switch is positioned in the physical machine corresponding to the second node.
Preferably, the flow table is generated by the SDN controller.
Preferably, the ARP response includes at least the MAC address of the physical machine to which the first virtual switch corresponds.
Preferably, in step e), the SDN controller is used to obtain an IP address of a physical machine where the second virtual switch is located, and the data packet is forwarded to the second virtual switch by using a tunneling technique.
Preferably, the destination virtual machine does not set a floating IP.
The present invention further provides a physical machine for receiving a data packet, deployed at a network node, wherein the physical machine is configured with a virtual switch and at least one virtual machine, the virtual machine is routed by the virtual switch, and the virtual switch is configured, based on a flow table, to: receiving, at the external interface, an ARP request from the external device and generating a corresponding ARP response to the ARP request; receiving a data packet from an external device by an external interface; wherein the data packet is provided by the external device after receiving the ARP response; determining whether a destination virtual machine of the data packet is in a physical machine corresponding to the first node; the first node is a current network node; if the target virtual machine is determined to be in the physical machine corresponding to the second node, forwarding the data packet to a virtual switch in the physical machine corresponding to the second node; wherein the second node is a network node different from the first node.
Preferably, the physical machine is coupled with the SDN controller and obtains the flow table from the SDN controller.
The data transmission method based on the flow table provided by each embodiment of the invention can still reliably and efficiently realize the bidirectional transmission of the data packet between each virtual machine and the external device under the condition that each network node or the virtual machine therein does not have the floating IP. The method enables the distributed routing communication scheme to exert the efficacy to the maximum extent, and can overcome the problem of flow bottleneck possibly existing in centralized routing and distributed routing in the prior art. The physical machine provided by the invention can realize the bidirectional transmission of the data packet under the condition that the virtual machine does not have a floating IP, thereby promoting the efficiency maximization of the distributed routing communication scheme.
Drawings
Fig. 1 shows a schematic diagram of a network topology between a router and different subnetworks.
Fig. 2 shows a logic diagram of software SDN north-south traffic communication.
Fig. 3 shows a schematic diagram of the mapping of the router interface to the extranet to the physical architecture.
Fig. 4 is a flow chart illustrating a transmission method according to an embodiment of the present invention.
Fig. 5 shows a network topology of a data transfer system according to an embodiment of the invention.
Detailed Description
In the following description specific details are set forth in order to provide a thorough understanding of the present invention. It will be apparent, however, to one skilled in the art that embodiments of the invention may be practiced without these specific details. In the present invention, specific numerical references such as "first element", "second device", and the like may be made. However, specific numerical references should not be construed as necessarily subject to their literal order, but rather construed as "first element" as opposed to "second element".
The specific details set forth herein are merely exemplary and may be varied while remaining within the spirit and scope of the invention. The term "coupled" is defined to mean either directly connected to a component or indirectly connected to the component via another component.
Preferred embodiments of methods, systems and devices suitable for implementing the present invention are described below with reference to the accompanying drawings. Although embodiments are described with respect to a single combination of elements, it is to be understood that the invention includes all possible combinations of the disclosed elements. Thus, if one embodiment includes elements A, B and C, while a second embodiment includes elements B and D, the invention should also be considered to include A, B, C or the other remaining combinations of D, even if not explicitly disclosed.
As shown in fig. 4, a first embodiment of the present invention provides a data transfer method, which is implemented based on a flow table and specifically includes the following steps.
And step S10, issuing the flow table to the first virtual switch, so that the external interface corresponding to the first virtual switch is configured to receive the ARP request from the external device.
The first virtual switch is located in a physical machine corresponding to the first node, and the first node may be any one of a plurality of network nodes. Throughout this application, the network is a specific network defined by SDN technology, and includes a plurality of network nodes, each node may respectively deploy a physical machine, a virtual switch and at least one virtual machine are configured in the physical machine, and each virtual machine is routed by a virtual switch in the same physical machine. In other words, communication between each virtual machine and the external network is achieved via the virtual switch. It should be understood that there may be one or more layers of subnets beneath the network, with the network nodes being re-accessed beneath the subnets.
According to embodiments of the present invention, each virtual machine in each network node and/or its corresponding physical machine may not have a floating IP, and bidirectional communication between the virtual machine and a device external to the network may still be achieved, as will be described in detail below.
The openflow flow table may be configured and applied to the first node by issuing the openflow table to the first virtual switch, so that the external interface corresponding to the first virtual switch is configured to receive an ARP (address resolution protocol) request from an external device, and further, a response to the ARP request can be generated (explained in step S11).
As an example, the flow table is generated by an SDN controller accessing the current network and issued by the SDN controller to all or part of network nodes in the current network. By being issued to the corresponding network node, the flow table can realize the functionality of the corresponding network node, and especially can still efficiently realize the bidirectional transmission of the data packet between the virtual machine and the network external device under the condition that the network node or the virtual machine under the network node does not have the floating IP.
In the distributed routing mode, external interfaces are distributed on each network node in the network, that is, each virtual switch is provided with an external interface, so that a full-quantity issuing (flow table) mode can be adopted in the implementation, that is, each network node acquires the flow table, and thus, the current network serving as a node cluster has a routing framework with high distribution and high availability. Alternatively, a certain optimization strategy may be adopted, for example, the flow table configured for ARP response is only issued to the network node to which the network terminal of the current tenant belongs, or other strategies are used to select a plurality of network nodes to issue the flow table, so that the external flow can be received more quickly and the network terminal can be positioned, and the content of the flow table is less, which is more convenient for maintenance.
The flow table integrates the network configuration information of each layer (including the subnet) of the current network into the table entry, so that a specific rule can be followed when data forwarding (communication with an external network) is carried out, and even more complex and richer rules can be defined. Specifically, the matching field of the flow table can be used to match the data packet received by the virtual switch, which covers the network configuration information of the second to fourth layers in the ISO network model. The action field of the flow table is used to indicate how the virtual switch should handle when receiving a matching packet, and multiple sets of actions may be defined in the action field. The flow table may also include a calculator for counting information about the data traffic.
According to the preferred embodiment of the present invention, after the flow table is issued for the first time, the flow table may be changed according to the actual situation or application. For example, such as modifying a Table value, a priority, and the like of the flow Table, or changing a step of performing an action in the openflow flow Table, or simplifying a step in the flow Table (e.g., not passing through a three-layer forwarding step), directly performing a port forwarding operation, and the like.
Step S11, the first virtual switch generates a corresponding ARP response to the ARP request based on the flow table.
It should be understood that, for each physical machine corresponding to each network node, the virtual switch may acquire the flow table and configure itself by using the flow table, and then the virtual switch generates a corresponding ARP response to the ARP request, where each ARP response is different in content. In particular, by receiving the ARP response, the network-external device should at least be able to distinguish the physical machines and determine their location in the network in order to subsequently send the data packet.
In order to implement a distributed architecture of network routing, the flow table is also issued to other network nodes (specifically, to corresponding virtual switches) in the current network, and the physical machines corresponding to these other network nodes respectively return an ARP response packet through the virtual switches, where the ARP response packet includes the MAC address of the physical machine, so that the network external device that acquires the MAC address can accurately identify the physical machine.
As an example, the flow table at this time may be designed in the following format (only a part of the flow table contents are shown):
table=20,priority=1024,arp,arp_tpa=172.16.1.100,arp_op=1actions=move:NXM_OF_ETH_SRC[]->NXM_OF_ETH_DST[],set_field:f8:4a:bf:5a:2b:ea->eth_src,load:0x2->NXM_OF_ARP_OP[],move:NXM_NX_ARP_SHA[]->NXM_NX_ARP_THA[],move:NXM_OF_ARP_SPA[]->NXM_OF_ARP_TPA[],load:0xf84abf5a2bea->NXM_NX_ARP_SHA[],load:0xac100164->NXM_OF_ARP_SPA[],IN_PORT
the main function of the above flow table is to construct a response packet for the ARP request for the external interface, and the external interface sends the response packet back to the ARP requester (network external device). When the requester receives the ARP reply packet, the data packet to be transmitted may be further sent to the external interface. It will be appreciated that the above flow table shows only a portion of the actual flow table as an example, which would be more complex in order to achieve full functionality of the virtual switch and/or virtual machine. In practical applications, various improvements may be made to the flow chart format, such as omitting and/or combining actions contained in the action fields, limiting the number of times each action is performed, and so forth.
In this step, the ARP request serves to obtain the MAC address of the data transmission target, and each ARP response at least includes the MAC address of the corresponding physical machine of the corresponding network node that is ready to receive the packet to be transmitted. It should be understood that the ARP request and ARP response are only preparations before sending a packet, and both do not relate to a packet to be transmitted.
In step S12, the external interface receives a packet from the external device.
In this step, specifically, after the external device obtains the ARP response, it can know the MAC address of the physical machine corresponding to each network node that is ready to receive the packet. With respect to the first node and its corresponding first virtual switch, the packet will be sent to the external interface of the first virtual switch after the external device receives the ARP response from the first virtual switch. After receiving the data packet, the external interface may directly deliver the data packet to any virtual machine under the first node or forward the data packet again, depending on the location of the destination terminal.
And step S13, determining whether the destination virtual machine of the data packet is in the physical machine corresponding to the first node.
Specifically, step S13 is executed by the first virtual switch corresponding to the first node, and the virtual switch may directly acquire the destination terminal (destination virtual machine) from the data packet, and further determine whether the destination terminal of the data packet sent by the network device is in the physical machine corresponding to the first node according to the flow table issued by the SDN controller.
If the destination terminal of the data packet is in the physical machine corresponding to the first node, the data packet can be delivered directly to the destination terminal by the first virtual switch, in which case complete communication about the data packet can be achieved in the most efficient manner, but this case is generally uncertain and random.
By way of example, the flow table at this time may take the following format (showing a portion of the flow table):
table=70,priority=1024,ip,tun_id=0x5a,nw_dst=10.0.0.3
actions set field fa 16:3e 99: df 47- > eth dst goto table 80 (three-layer forwarding)
table 110, tun _ id 0x5a, dl dst fa 16:3e 99: df 47actions output 23 (two-layer forwarding to virtual machine, port 23 is the port of the virtual switch connected to the virtual machine)
Step S14, if the destination terminal (destination virtual machine) is in a physical machine corresponding to a second node different from the first node, forwarding the data packet to the second virtual switch.
And the second virtual switch is positioned in the physical machine corresponding to the second node and corresponds to the second node.
As a more general case, when the destination terminal is not located in a physical machine corresponding to the first node but located in a physical machine corresponding to the second node, the IP address of the physical machine corresponding to the second node may be obtained based on the flow table or by using an SDN controller, and then the packet may be forwarded from the first node (specifically, the first virtual switch) to the second node (specifically, the second virtual switch) by using a Tunneling technique, for example, a Point-to-Point Tunneling Protocol (PPTP).
As an example, the flow table format in this case is as follows (a part of the flow table is shown):
table=70,priority=1024,ip,tun_id=0x5a,nw_dst=10.0.0.3
actions set field fa 16:3e 99: df 47- > eth dst goto table 80 (three-layer forwarding)
table 110, tun _ id 0x5a, dl _ dst fa 16:3e 99: df 47actions output 3 (via tunnel technology to corresponding physical machine, the latter output 3 represents the output from port 3, port 3 is the port of the tunnel)
After step S14, the following steps may also be performed: the second virtual switch delivers the packet directly to the destination virtual machine (because the destination virtual machine is at the physical machine corresponding to the second node and is routed by the second virtual switch), so that the destination virtual machine finally obtains the packet from the external device.
When the data packet arrives at the second node to be sent to the destination virtual machine, the example flow table may adopt the following format:
table 110, tun id 0x5a, dl dst fa 16:3e 99: df 47actions output 23 (two-tier forwarding to virtual machine)
The flow table-based data transfer method provided in the first embodiment described above can reliably and efficiently realize bidirectional transfer of data packets between virtual machines and external devices by defining a network using SDN technology and configuring the network using flow tables, even when each network node or each virtual machine does not have a floating IP.
In addition, the method can overcome the problem of traffic bottleneck possibly existing in centralized routing and distributed routing in the prior art, so that the communication scheme of the distributed routing can exert efficacy to the greatest extent.
A second embodiment of the invention provides a physical machine deployed at one or more network nodes in a network, the physical machine configured with one virtual switch and a plurality of virtual machines, each virtual machine routed by a respective virtual switch.
Wherein the virtual switch is configured based on the flow table and performs the following operations:
first, an ARP request from an external device is received at an external interface, and a corresponding ARP response to the ARP request is generated.
And secondly, receiving the data packet from the external device by the external interface. Wherein the data packet is provided by the external device upon receiving the ARP response.
And thirdly, determining whether the destination virtual machine of the data packet is in the physical machine corresponding to the first node. The first node is a current network node.
And fourthly, if the target virtual machine is determined to be in the physical machine corresponding to the second node, forwarding the data packet to the virtual switch in the physical machine corresponding to the second node.
Wherein the second node is another network node different from the first node.
Specifically, the SDN controller is first capable of a network, and is also capable of generating flow tables for configuring various network nodes in the network, including but not limited to configuration of physical machines, virtual switches, and virtual machines. The SDN controller can further provide a flow table changing unit, so that a designer can change the flow table and send the modified flow table to a virtual switch corresponding to the current network again.
According to the flow table, an external interface of a virtual switch (first virtual switch) corresponding to the first node receives an ARP request from an external device.
According to the flow table, the first virtual switch generates a corresponding ARP response to the ARP request, encapsulates the ARP response as a response packet, and sends back to the external device. The ARP response includes the MAC address of the physical machine where the first virtual switch is located.
According to the flow table, the first virtual switch receives a packet from an external device through its external interface.
According to the flow table, the first virtual switch can determine whether a destination terminal (destination virtual machine) of the packet is in a physical machine corresponding to the first node.
When the destination terminal is in a physical machine corresponding to the second node (but not the first node), according to the flow table, the first virtual switch can forward the data packet to the second virtual switch, which can be realized by a point-to-point tunneling protocol, and finally, the second virtual switch directly delivers the data packet to the destination virtual machine. Wherein the second virtual switch is a virtual switch in the physical machine corresponding to the second node, which provides a route to the destination virtual machine.
The virtual switch in the physical machine is configured based on the flow table, so that the physical machine has the following beneficial effects: the physical machine can realize the bidirectional transfer of data packets between the virtual machine and the external device whether the subordinate virtual machine has the floating IP or not, thereby facilitating the realization of distributed routing to the maximum extent.
As shown in fig. 5, a third embodiment of the present invention provides a data transmission system based on a flow table, configured to transmit data packets between a plurality of network nodes, where each network node is deployed with the physical machines disclosed in the second embodiment, and each of the physical machines may be configured by using the flow table issued by the SDN controller, so that a virtual switch provided therein can receive an ARP request from an external device and generate a corresponding ARP response. The external device can transmit the packet to the desired destination terminal upon receiving the ARP response.
Specifically, the first node 11 is provided with a first virtual switch 110, the second node 12 is provided with a second virtual switch 120, and the first and second virtual switches 110, 120 provide routing to virtual machines V1, V2, V3 and virtual machines V4, V5, V6, respectively.
After configuring a virtual switch provided in a physical machine with a flow table, such a data transfer system can facilitate bidirectional transfer of data packets between the virtual machine and an external device regardless of whether the virtual machines have a floating IP.
As an example, if the destination end of packet 1 points to virtual machine V1 in the first node 11, the first virtual switch 110 can deliver packet 1 directly to virtual machine V1; if the destination of the packet is directed to the virtual machine V5 in the second node 12, the first virtual switch 110 forwards the packet to the second virtual switch 120 through tunneling, and the second virtual switch 120 delivers the packet to the virtual machine V5.
In some embodiments of the invention, at least a portion of the above-described system may be implemented using a distributed set of computing devices connected by a communications network, or may be implemented based on a "cloud". In such a system, multiple computing devices operate together to provide services by using their shared resources.
A "cloud" based implementation may provide one or more advantages, including: openness, flexibility and extensibility, centrally manageable, reliable, scalable, optimized for computing resources, having the ability to aggregate and analyze information across multiple users, connecting across multiple geographic areas, and the ability to use multiple mobile or data network operators for network connectivity.
According to another embodiment of the present invention, there is provided a computer storage medium having stored thereon computer-executable instructions that, when executed by a processor, will implement the method of the first embodiment described above.
According to a further embodiment of the invention, there is provided a computer program comprising a collection of computer executable instructions which, when executed by a processor, perform the steps of the method of the first embodiment in order.
The above description is only for the preferred embodiment of the present invention and is not intended to limit the scope of the present invention. Various modifications may be made by those skilled in the art without departing from the spirit of the invention and the appended claims.

Claims (12)

1. A flow table based data transfer method for providing a data packet to one of a plurality of network nodes, wherein each of the nodes respectively deploys a physical machine configured with a virtual switch and at least one virtual machine, and the virtual machine is routed by the virtual switch, the method comprising:
a) the flow table is issued to a first virtual switch, so that an external interface corresponding to the first virtual switch is configured to receive an ARP request from an external device; wherein the first virtual switch is located in the physical machine corresponding to the first node;
b) generating, by the first virtual switch, a respective ARP response to the ARP request based on the flow table;
c) receiving a data packet from the external device by the external interface; wherein the data packet is provided by the external device upon receiving the ARP response;
d) determining whether a destination virtual machine of the data packet is in the physical machine corresponding to the first node; and
e) if the target virtual machine is in the physical machine corresponding to a second node different from the first node, the first virtual switch forwards the data packet to a second virtual switch; wherein the second virtual switch is at the physical machine corresponding to the second node.
2. The method of claim 1, wherein the flow table is generated by an SDN controller.
3. The method of claim 2, wherein the ARP response includes at least a MAC address of the physical machine to which the first virtual switch corresponds.
4. The method according to claim 2, wherein in step e), the SDN controller is used to obtain an IP address of the physical machine where the second virtual switch is located, and tunneling is used to forward the data packet to the second virtual switch.
5. The method of claim 1, further comprising:
and the second virtual switch delivers the data packet to the destination virtual machine.
6. The method of any of claims 1-5, wherein the destination virtual machine does not set a floating IP.
7. A computer storage medium having computer-executable instructions stored thereon that, when executed by a processor, will implement the method of any of claims 1-6.
8. A computer device comprising a processor, a memory, and a collection of computer-executable instructions stored on the memory which, when executed by the processor, perform the steps of the method of any one of claims 1-6.
9. A physical machine for receiving data packets, deployed at a network node, wherein the physical machine is configured with a virtual switch and at least one virtual machine, the virtual machine being routed by the virtual switch, the virtual switch being configured based on a flow table to:
receiving, at an external interface, an ARP request from an external device and generating a corresponding ARP response to the ARP request;
receiving a data packet from the external device with the external interface; wherein the data packet is provided by the external device upon receiving the ARP response;
determining whether a destination virtual machine of the data packet is in the physical machine corresponding to the first node; wherein the first node is the current network node; and
if the destination virtual machine is determined to be in the physical machine corresponding to the second node, forwarding the data packet to the virtual switch in the physical machine corresponding to the second node; wherein the second node is the network node different from the first node.
10. The physical machine of claim 9, wherein the physical machine is coupled with an SDN controller and obtains the flow table from the SDN controller.
11. A flow table based data transfer system for transferring data packets between a plurality of network nodes, characterized in that each of said network nodes is deployed with a physical machine according to claim 9 or 10.
12. The system of claim 11, wherein the system is deployed based on cloud computing.
CN201711481899.3A 2017-12-29 2017-12-29 Data transmission method based on flow table Active CN108322391B (en)

Priority Applications (3)

Application Number Priority Date Filing Date Title
CN201711481899.3A CN108322391B (en) 2017-12-29 2017-12-29 Data transmission method based on flow table
PCT/CN2018/120306 WO2019128699A1 (en) 2017-12-29 2018-12-11 Flow table-based data transfer method
TW107145030A TWI759571B (en) 2017-12-29 2018-12-13 Data transfer method based on flow table

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201711481899.3A CN108322391B (en) 2017-12-29 2017-12-29 Data transmission method based on flow table

Publications (2)

Publication Number Publication Date
CN108322391A CN108322391A (en) 2018-07-24
CN108322391B true CN108322391B (en) 2020-08-25

Family

ID=62892777

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201711481899.3A Active CN108322391B (en) 2017-12-29 2017-12-29 Data transmission method based on flow table

Country Status (3)

Country Link
CN (1) CN108322391B (en)
TW (1) TWI759571B (en)
WO (1) WO2019128699A1 (en)

Families Citing this family (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN108322391B (en) * 2017-12-29 2020-08-25 中国银联股份有限公司 Data transmission method based on flow table
CN109547342B (en) * 2018-11-30 2021-03-09 新华三技术有限公司 Strategy routing issuing method and network node
CN110035012B (en) 2018-12-25 2021-09-14 中国银联股份有限公司 SDN-based VPN flow scheduling method and SDN-based VPN flow scheduling system
CN115150106B (en) * 2021-03-16 2023-03-14 中国科学技术大学 Safety protection method of physical machine and network node equipment
CN114172789B (en) * 2021-12-07 2023-11-10 北京天融信网络安全技术有限公司 Virtual equipment link detection method, device, equipment and storage medium

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2015074395A1 (en) * 2013-11-22 2015-05-28 华为技术有限公司 Data packet forwarding method, apparatus and system
CN104869058A (en) * 2015-06-04 2015-08-26 北京京东尚科信息技术有限公司 Method and device for transmitting data message
CN105099779A (en) * 2015-07-29 2015-11-25 北京京东尚科信息技术有限公司 Multi-tenant cloud platform architecture
CN107124364A (en) * 2017-06-30 2017-09-01 广州市品高软件股份有限公司 The complete Proxy Methods of network A RP and system based on software defined network controller
CN107306215A (en) * 2016-04-18 2017-10-31 中国移动通信集团江西有限公司 A kind of data processing method, system and node

Family Cites Families (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US8300525B1 (en) * 2009-01-30 2012-10-30 Juniper Networks, Inc. Managing a flow table
CN105052087B (en) * 2013-11-19 2018-10-09 华为技术有限公司 A kind of list item addressing method, interchanger and controller based on flow table
CN108322391B (en) * 2017-12-29 2020-08-25 中国银联股份有限公司 Data transmission method based on flow table

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2015074395A1 (en) * 2013-11-22 2015-05-28 华为技术有限公司 Data packet forwarding method, apparatus and system
CN104869058A (en) * 2015-06-04 2015-08-26 北京京东尚科信息技术有限公司 Method and device for transmitting data message
CN105099779A (en) * 2015-07-29 2015-11-25 北京京东尚科信息技术有限公司 Multi-tenant cloud platform architecture
CN107306215A (en) * 2016-04-18 2017-10-31 中国移动通信集团江西有限公司 A kind of data processing method, system and node
CN107124364A (en) * 2017-06-30 2017-09-01 广州市品高软件股份有限公司 The complete Proxy Methods of network A RP and system based on software defined network controller

Also Published As

Publication number Publication date
WO2019128699A1 (en) 2019-07-04
TW201931828A (en) 2019-08-01
CN108322391A (en) 2018-07-24
TWI759571B (en) 2022-04-01

Similar Documents

Publication Publication Date Title
CN108322391B (en) Data transmission method based on flow table
JP7079866B2 (en) Packet processing method and device
CN105791463B (en) A kind of method and apparatus for realizing virtual machine communication
CN106789667B (en) Data forwarding method, related equipment and system
EP3240250B1 (en) Virtual router terminating an overlay tunnel in a storage area network
CN103081418B (en) Computer system and communication method in computer system
CN108574616A (en) A kind of method, equipment and the system of processing routing
US10009267B2 (en) Method and system for controlling an underlying physical network by a software defined network
EP2378720B1 (en) Extranet networking method, system and device for multicast virtual private network
CN108429680B (en) Route configuration method, system, medium and equipment based on virtual private cloud
CN104170331A (en) L3 gateway for VXLAN
CN104378297A (en) Message forwarding method and device
CN104869042A (en) Message forwarding method and message forwarding device
JPWO2014136864A1 (en) Packet rewriting device, control device, communication system, packet transmission method and program
KR102025680B1 (en) SDN based ARP implementation method and device
CN104798350A (en) Virtual link aggregations across multiple fabric switches
CN104683210A (en) Automatic tunnel establishing method and device
CN106209638A (en) From VLAN to the message forwarding method of virtual expansible LAN and equipment
CN107566277B (en) Topology determining method, message response method, controller and switch
CN107733800A (en) A kind of SDN message transmitting method and its device
CN112822097A (en) Message forwarding method, first network device and first device group
EP2670088A1 (en) Trill network interconnection method and system
JP7298606B2 (en) Communication system and communication method
CN114221895A (en) Data transmission method, device and network equipment
CN106209554A (en) Message forwarding method and equipment across virtual expansible LAN

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
REG Reference to a national code

Ref country code: HK

Ref legal event code: DE

Ref document number: 1258628

Country of ref document: HK

GR01 Patent grant
GR01 Patent grant