CN108337192B - Message communication method and device in cloud data center - Google Patents

Message communication method and device in cloud data center Download PDF

Info

Publication number
CN108337192B
CN108337192B CN201711452768.2A CN201711452768A CN108337192B CN 108337192 B CN108337192 B CN 108337192B CN 201711452768 A CN201711452768 A CN 201711452768A CN 108337192 B CN108337192 B CN 108337192B
Authority
CN
China
Prior art keywords
virtual machine
message
identifier
vlan
virtual
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN201711452768.2A
Other languages
Chinese (zh)
Other versions
CN108337192A (en
Inventor
王睿
钞勇
高晓秋
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Huawei Cloud Computing Technologies Co Ltd
Original Assignee
Huawei Technologies Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Huawei Technologies Co Ltd filed Critical Huawei Technologies Co Ltd
Priority to CN201711452768.2A priority Critical patent/CN108337192B/en
Publication of CN108337192A publication Critical patent/CN108337192A/en
Application granted granted Critical
Publication of CN108337192B publication Critical patent/CN108337192B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L49/00Packet switching elements
    • H04L49/35Switches specially adapted for specific applications
    • H04L49/354Switches specially adapted for specific applications for supporting virtual local area networks [VLAN]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L41/00Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
    • H04L41/06Management of faults, events, alarms or notifications
    • H04L41/0654Management of faults, events, alarms or notifications using network fault recovery
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/10Protocols in which an application is distributed across nodes in the network

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Small-Scale Networks (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)

Abstract

In the cloud data center, a message sent by a virtual machine which performs communication across a virtual local area network needs to be transparently transmitted to a three-layer switch, however, if the cloud data center uses the virtual machine as the three-layer switch, because a port on the virtual switch corresponding to the virtual machine is a channel port, a virtual local area network identifier based on the port is configured on the channel port, a message sent by a source virtual machine and carrying the virtual local area network identifier of the source virtual machine will be discarded in the virtual switch. The method and the device modify the message sent by the source virtual machine, so that the modified message can pass when the ports of the modified message are matched on the virtual switch, and finally the modified message is transmitted to the virtual machine serving as the three-layer switch in a transparent mode.

Description

Message communication method and device in cloud data center
Technical Field
The invention relates to the technical field of computers, in particular to a message communication method and device in a cloud data center.
Background
If the number of computers on the same network exceeds a certain number, network communication may be inefficient due to the large number of broadcasts on the network. In order to avoid broadcast storm caused by broadcasting on the switch, the switch may be further divided into a plurality of Virtual Local Area Networks (VLAN), and the devices in the lan need to communicate through a VLAN identifier (VLAN ID).
In a cloud data center scene, a computing Host includes multiple Virtual machines (VM for short), and the multiple Virtual machines may belong to different tenants or different local area networks, that is, the cloud data center may have multiple VLANs. The message sent by the virtual machine flows to the virtual switch, a port corresponding to the network card of the virtual machine on the virtual switch is generally configured as a channel port, a forwarding rule is configured on the channel port, and the forwarding rule is required to be matched when the message sent by the virtual machine passes through the virtual switch. The matching of the forwarding rules includes: for a message sent by a virtual machine, if the message is a VLAN message and the message does not carry a VLAN ID, the virtual switch encapsulates the message with the VLAN ID of a port corresponding to the virtual machine, and forwards the message, and if the message is a VLAN message and the message carries a VLAN ID, the message may be directly discarded, or it is determined whether the VLAN ID carried in the message is a VLAN ID matched with the port, and the message that does not pass the matching is discarded.
Communication between different VLANs needs to be accomplished through a three-layer switch. In a cloud data center, there is a scenario in which a virtual machine is regarded as a three-layer switch. If the virtual machine serves as a three-layer switch, the messages sent by other virtual machines need to be transmitted to the virtual machine serving as the three-layer switch, that is, the messages sent by the source virtual machine need to be sent to the virtual machine serving as the three-layer switch without being changed. However, the port on the virtual switch corresponding to the virtual machine serving as the three-layer switch is generally configured as a channel port, that is, when the forwarding rule of the packet carrying the VLAN ID sent by the source virtual machine is matched on the virtual switch, a result that the packet is discarded is obtained, so that the packet sent by the source virtual machine cannot be transmitted to the virtual machine serving as the three-layer switch.
Disclosure of Invention
The invention provides a method for repairing the fault of a connection chip in a link and a storage system based on the condition that only the state of a hard disk and the fault of the hard disk are repaired in the prior art.
In a first aspect, the present application provides a communication method for a packet in a cloud data center, where the cloud data center provided by the present application includes at least two virtual machines, and the at least two virtual machines constitute at least two virtual local area networks VLAN;
the method is applied to a network card of a first virtual machine, and comprises the following steps: the network card of the first virtual machine receives a first message sent by the first virtual machine, wherein the first message carries a source address, a destination address and a VLAN tag, the source address is the address of the first virtual machine, the destination address is the address of a second virtual machine, the first virtual machine and the second virtual machine are not in the same VLAN, the VLAN tag comprises a first identifier and a VLAN identifier, the first identifier indicates that the first message is a VLAN message, and the VLAN identifier comprises the identifier of the VLAN where the first virtual machine is located; replacing the first identifier in the first message with a second identifier by the network card of the first virtual machine to obtain a second message, wherein the second identifier indicates that the second message is a non-VLAN message; and the network card of the first virtual machine sends the second message to a virtual switch.
In the method, for a first message sent by a source virtual machine, because the first message is a VLAN message and carries a VLAN identifier of the first virtual machine, when port-based VLAN ID matching is performed on a virtual switch, matching does not pass and the first message is discarded, so that a network card of the source virtual machine (the network card of the first virtual machine) modifies the first message, so that a first identifier in the message is modified into a second identifier, and thus when the virtual switch performs matching, the first message may not be discarded, and thus is passed through to a third virtual machine serving as a three-layer switch, and communication between the first virtual machine and the second virtual machine is finally achieved.
In a second aspect, the present application provides another method for communicating a packet in a cloud data center, where the method is performed by a virtual switch, and includes:
the virtual switch receives a second message sent by a network card of a first virtual machine, wherein the second message carries a source address, a destination address and a VLAN tag, the source address is the address of the first virtual machine, the destination address is the address of a second virtual machine, the first virtual machine and the second virtual machine are not in the same VLAN, the VLAN tag comprises a second identifier and a VLAN identifier, the second identifier indicates that the second message is a non-VLAN message, and the VLAN identifier comprises the identifier of the VLAN where the first virtual machine is located;
the virtual switch transparently transmits the second message to a third virtual machine through a receiving port and a sending port on the virtual switch according to the second identifier, wherein the third virtual machine is a three-layer switch, the receiving port corresponds to the network card of the first virtual machine, the sending port corresponds to a network card of the third virtual machine, the receiving port and the sending port are channel ports, a port-based virtual local area network identifier is set on the channel port, the receiving port configures an identifier of a VLAN where the first virtual machine is located, the sending port configures the identification of the VLAN where the third virtual machine is located, the messages allowed to pass through by the channel port comprise non-VLAN messages or VLAN messages conforming to the rules, and the VLAN identification carried by the VLAN message which accords with the rule is consistent with the VLAN identification set by the channel port.
In a third aspect, the present application provides another method for communicating a packet in a cloud data center, where the method is executed by a network card of a third virtual machine, and includes:
the network card of the third virtual machine receives a second message transmitted by a virtual switch in a transparent manner, wherein the second message carries a source address, a destination address and a VLAN tag, the source address is the address of a first virtual machine, the destination address is the address of a second virtual machine, the first virtual machine and the second virtual machine are not in the same VLAN, the VLAN tag comprises a second identifier and a VLAN identifier, the second identifier indicates that the second message is a non-VLAN message, the VLAN identifier comprises the identifier of the VLAN where the first virtual machine is located, and the third virtual machine is a three-layer switch;
replacing the second identifier in the second message with a first identifier by the network card of the third virtual machine to obtain a first message, wherein the first identifier indicates that the second message is a VLAN message;
and the network card of the third virtual machine transmits the first message to the third virtual machine, so that the third virtual machine determines a forwarding path of the first message to the second virtual machine.
Based on the above three aspects, a specific implementation is that the first packet adopts an 802.1Q protocol, the first identifier is 0x8100 or 0x88a8, and the second identifier adopts a reserved field of the 802.1Q protocol. Since the 0x8100 or 0x88a8 specifically identifies that the packet belongs to a VLAN packet, if the identification is modified to a reserved field conforming to the 802.1Q protocol, the packet will not be considered as a VLAN packet, and thus forwarding can be obtained on the virtual switch.
Optionally, the second identifier is modified to 0 xffff.
In a fourth aspect, the present application provides a network card for a virtual machine, including:
a receiving module, configured to receive a first message sent by a first virtual machine, where the first message carries a source address, a destination address, and a VLAN tag, the source address is an address of the first virtual machine, the destination address is an address of a second virtual machine, the first virtual machine and the second virtual machine are not in the same VLAN, the VLAN tag includes a first identifier and a VLAN identifier, the first identifier indicates that the first message is a VLAN message, and the VLAN identifier includes an identifier of a VLAN where the first virtual machine is located;
a modification module, configured to replace the first identifier in the first packet with a second identifier to obtain a second packet, where the second identifier indicates that the second packet is a non-VLAN packet;
and the sending module is used for sending the second message to the virtual switch.
In a fifth aspect, the present application provides a virtual switch, comprising:
the receiving port is used for receiving a second message sent by a network card of a first virtual machine, wherein the second message carries a source address, a destination address and a VLAN tag, the source address is the address of the first virtual machine, the destination address is the address of a second virtual machine, the first virtual machine and the second virtual machine are not in the same VLAN, the VLAN tag comprises a second identifier and a VLAN identifier, the second identifier indicates that the second message is a non-VLAN message, and the VLAN identifier comprises the identifier of the VLAN where the first virtual machine is located;
the receiving port is further configured to forward the second packet to a sending port according to the second identifier;
the sending port is used for receiving the second message forwarded by the receiving port and transmitting the second message to a third virtual machine according to the second identifier;
the receiving port corresponds to a network card of the first virtual machine, the transmitting end corresponds to a network card of the third virtual machine, the receiving port and the transmitting port are channel ports, a port-based virtual local area network identifier is arranged on each channel port, messages allowed to pass through by the channel ports comprise non-VLAN messages or VLAN messages conforming to rules, and the VLAN identifiers carried by the VLAN messages conforming to the rules are consistent with the VLAN identifiers set by the channel ports.
In a sixth aspect, the present application provides a network card for a virtual machine, including:
a receiving module, configured to receive a second message transparently transmitted by a virtual switch, where the second message carries a source address, a destination address, and a VLAN tag, the source address is an address of a first virtual machine, the destination address is an address of a second virtual machine, the first virtual machine and the second virtual machine are not in the same VLAN, the VLAN tag includes a second identifier and a VLAN identifier, the second identifier indicates that the second message is a non-VLAN message, the VLAN identifier includes an identifier of a VLAN where the first virtual machine is located, and the third virtual machine is a three-layer switch;
a modification module, configured to replace the second identifier in the second packet with a first identifier to obtain a first packet, where the first identifier indicates that the second packet is a VLAN packet;
a sending module, configured to send the first message to the third virtual machine, so that the third virtual machine determines a forwarding path of the first message to the second virtual machine.
In a seventh aspect, the present application provides a computing device comprising: a storage unit to store instructions; and at least one processor coupled to the memory unit; wherein the instructions, when executed by the at least one processor, cause the processor to perform the method of the first or second or third aspect.
The method, the storage system and the storage controller provided by the aspects of the application can really solve the problem of execution delay of the operation instruction caused by link failure in the storage system, avoid the problem of low efficiency although the operation is successful caused by a mode of switching paths to process the failure in the prior art, and further improve the efficiency of the storage system.
Drawings
In order to more clearly illustrate the embodiments of the present invention or the technical solutions in the prior art, the drawings used in the description of the embodiments or the prior art will be briefly described below, and it is obvious that the drawings in the following description are only some embodiments of the present invention, and for those skilled in the art, other drawings can be obtained according to these drawings without creative efforts.
Fig. 1 is a schematic architecture diagram of a cloud data center provided in the present application;
FIG. 2(a) is a schematic diagram of a physical server component provided herein;
FIG. 2(b) is a schematic diagram of the physical server components provided herein;
fig. 3 is a schematic diagram illustrating an execution flow of the message communication method in the cloud data center according to the present application;
fig. 4 is another schematic diagram of a cloud data center provided in the present application.
Detailed Description
The technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the drawings in the embodiments of the present invention, and it is obvious that the described embodiments are some, not all, embodiments of the present invention. All other embodiments, which can be obtained by a person skilled in the art without any inventive step based on the embodiments of the present invention, shall fall within the scope of protection of the present invention.
Fig. 1 is a system architecture diagram of a cloud data center according to an embodiment of the present invention. The cloud data center is composed of at least one computing node, and fig. 1 shows three computing nodes (computing node 1, computing node 2, and computing node 3). The computing nodes 1, 2 and 3 may be connected by an interconnection bus or a network, which is not specifically limited in this application. In the present application, a compute node may be a physical server.
The schematic composition diagrams of the physical servers are shown in fig. 2(a) and 2(b), fig. 2(a) shows the software and hardware deployment situation in the physical servers, and fig. 2(b) shows the hardware composition situation of the physical servers. In fig. 2(a), the physical server includes a hardware platform 210, and the hardware platform 210 may include a hard disk, a central processing unit, a network interface card, a memory, and the like in the physical structure of the server. A software platform 212 may run on the hardware platform 210, and the software platform 212 may include software such as virtualization software, an operating system of a virtual machine, communication software of the virtual machine, and application software of the virtual machine. Virtualization software (e.g., Hypervisor) is an intermediate layer between physical hardware and virtual machines, responsible for coordinating access of the various virtual machines to the hardware platform. The Hypervisor is also called a Virtual Machine Monitor (VMM), and the VMM may include a virtual hardware platform for implementing a virtual Machine, where the virtual hardware platform includes a virtualized memory, a central processing unit, a hard disk, a video card, a network interface card, and the like. On top of the VMM are running a plurality of virtual machines VM1 through VMn, the software systems of which run on the virtual hardware platform of the virtual machine monitor. Communication between virtual machines requires a virtual switch, and the software platform 212 also includes communication software for the virtual machines, such as a virtual switch.
In fig. 2(b), the physical server may include a processing unit 201 and a communication interface 202, where the processing unit 201 is configured to execute functions defined by an operating system and various software programs running on the physical server, for example, functions of various software components on a software platform 212 shown in fig. 2(a) above, specifically, for example, the processing unit is configured to implement functions of a VMM, or a virtual switch, or virtual machines. The communication interface 202 is used for communication interaction with other computing nodes, and other devices may be other physical servers, and in particular, the communication interface 202 may be a network adapter card. Optionally, the physical server may further include an input/output interface 203, and the input/output interface 203 is connected with an input/output device for receiving input information and outputting an operation result. The input/output interface 203 may be a mouse, a keyboard, a display, or an optical drive, etc. Optionally, the physical server may further include a secondary storage 204, also commonly referred to as an external storage, and the storage medium of the secondary storage 204 may be a magnetic medium (e.g., a floppy disk, a hard disk, a magnetic tape), an optical medium (e.g., an optical disk), or a semiconductor medium (e.g., a solid state disk), etc. The processing unit 201 may have various specific implementation forms, for example, the processing unit 201 may include a processor 2011 and a memory 2012, the processor 2011 may execute related operations according to program units stored in the memory 2012, the processor 2011 may be a Central Processing Unit (CPU) or a Graphics Processing Unit (GPU), and the processor 2011 may be a single-core processor or a multi-core processor. The processing unit 201 may also be implemented by using a logic device with built-in processing logic, such as a Field Programmable Gate Array (FPGA), a Digital Signal Processor (DSP), or the like. Moreover, FIG. 2(a) is merely an example of a physical server, which may contain more or fewer components than shown in FIG. 2(a), or have a different arrangement of components.
According to the composition of the computing nodes shown in fig. 2(a), a cloud data center composed of three computing nodes is exemplarily shown in fig. 1, and the virtual machines and the virtual switches in each computing node in the cloud data center shown in fig. 1 are also exemplary in nature, and do not mean that the cloud data center in the present application must be networked with the number of the computing nodes and the composition of the computing nodes shown in fig. 1. As shown in fig. 1, a computing node 1 includes a virtual switch 1, where the virtual switch is a two-layer switch and is used for communication between virtual machines in the same local area network; the computing node 1 further includes a virtual machine 1 and a virtual machine 3, where the virtual machine 1 runs an application for executing a related service of the running application, and the virtual machine 3 runs a component of a three-layer switch for implementing a function of the three-layer switch, for example, when there is communication across local area networks (communication between virtual machines belonging to different local area networks), the virtual machine 3 implements a function of the three-layer switch for determining a forwarding path of a data packet across the local area networks. The computing node 2 comprises a virtual switch 2, a virtual machine 2 and a virtual machine 4, and the virtual machine 2 and the virtual machine 4 run applications. The computing node 3 comprises a virtual switch 3, a virtual machine 5 and a virtual machine 6, the virtual machine 5 runs an application, and the virtual machine 6 realizes the function of a three-layer switch.
In the cloud data center shown in fig. 1, the virtual machine 1 and the virtual machine 5 belong to the same local area network, the local area network identifier thereof is VLAN1, the virtual machine 2 and the virtual machine 4 belong to the same local area network, the local area network identifier thereof is VLAN2, and the virtual machine 3 and the virtual machine 6 belong to the same local area network, the local area network identifier thereof is VLAN 3. If the virtual machine 1 communicates with the virtual machine 2, the virtual machine 1 sends a message, the message uses an 802.1Q protocol, the message may carry a local area network identifier VLAN1 of the virtual machine 1, and may also carry a local area network identifier VLAN2 of the virtual machine 2, because the virtual machine 1 and the virtual machine 2 are not in the same local area network, the message of the virtual machine 1 needs to be transmitted to the virtual machine 3 as a three-tier switch, but when the message sent by the virtual machine 1 passes through the virtual switch 1, because the Port 1 corresponding to the virtual machine 1 and the Port 3 corresponding to the virtual machine 3 on the virtual switch 1 are both Access ports (Access ports), and the Access ports are configured with Port-based virtual local area network identifiers (english-base VLAN IDs, abbreviated as PVIDs), for example, the Port 1 is configured with VLAN1, and the Port 3 is configured with VLAN3, and the PVID rule indicates: for a message sent by a virtual machine, if the message is a VLAN message and the message does not carry a VLAN ID, the message is encapsulated with the VLAN ID configured for the port and forwarded, and if the message is a VLAN message and the message carries a VLAN ID, the message may be directly discarded, or it is determined whether the VLAN ID carried in the message matches the VLAN ID configured for the port, and a message that is not matched may be discarded. That is to say, when a message sent by the virtual machine 1 passes through the virtual switch, when the port 1 of the virtual switch matches the port-based VLAN1 identifier, the message may be discarded because the message carries the identifier of the VLAN1, even if the port 1 of the virtual switch 1 matches the port 1 identifier VLAN1, which is carried by the message, and the VLAN ID configured in the port 1 is consistent with the VLAN ID configured in the port 1, and when the message further enters the port 3 corresponding to the virtual machine 3 for rule matching, because the VLAN ID configured in the port is VLAN3, neither the VLAN1 nor the VLAN2 carried in the message may match with the message, and therefore the message may be discarded at the port 3 of the virtual machine, and the message sent by the virtual machine 1 cannot be transmitted to the virtual machine 3, and thus the communication between the virtual machine 1 and the virtual machine 2 cannot be finally achieved.
In order to implement communication between the virtual machine 1 and the virtual machine 2 through the virtual machine 3, in the embodiment of the application, a message sent by the virtual machine 1 is modified, so that when the virtual switch performs PVID matching, the modified message can be transmitted to the virtual machine serving as a three-layer switch through the virtual switch, thereby finally implementing communication between virtual machines of different local area networks.
Fig. 3 is a flowchart of a cloud data center message communication method according to an embodiment of the present application. A first virtual machine (for example, virtual machine 1 in fig. 1) sends out a first message, where a destination address of the first message is a second virtual machine (for example, virtual machine 2 in fig. 1), the first message carries a source address, a destination address and a VLAN tag, the source address is an address of the first virtual machine, the destination address is an address of the second virtual machine, the VLAN tag includes a first identifier and a VLAN identifier, the first identifier indicates that the first message is a VLAN message, and the VLAN identifier at least includes an identifier (VLAN1) of a VLAN where the first virtual machine is located; in a specific embodiment, the first packet conforms to an 802.1Q protocol, the first identifier is set to 0x8100 or 0x88a8, and the first VLAN identifier is VLAN 1. Next, after the first message reaches the network card of the first virtual machine, the network card of the first virtual machine modifies the first message in step 302, specifically, the first identifier in the first message may be replaced with a second identifier, so as to obtain a second message, where the second identifier indicates that the second message is a non-VLAN message. Since the first virtual machine and the second virtual machine are not in the same VLAN, the first packet needs to be transmitted to a third virtual machine (for example, virtual machine 3 in fig. 1) serving as a three-layer switch, however, both a receiving port (a port corresponding to the first virtual machine) of the virtual switch and a sending port (a port corresponding to the third virtual machine) of the virtual switch are channel ports, and packets allowed to pass through by the PVID rules configured on the virtual switch include non-VLAN packets or VLAN packets conforming to the rules, and a VLAN identifier carried by the VLAN packets conforming to the rules is consistent with a VLAN identifier set by the channel port. In other words, the virtual switch requires that the first packet carrying the VLAN identifier of the first virtual machine cannot be transmitted to the third virtual machine because the virtual switch requires that the first packet is not a VLAN packet, or a VLAN packet not carrying the VLAN identifier, or a packet carrying the VLAN identifier configured in the port. Based on the technical problem, the embodiment modifies the first message at the network card of the first virtual machine, specifically, modifies the first identifier in the first message to a second identifier, that is, modifies the indication of the VLAN message to an indication of a non-VLAN message, and such modification aims to enable the virtual switch to obtain a matching pass of the PVID rule. According to the 802.1Q protocol, 0x8100 or 0x88a8 is used to indicate that the type of the packet is a VLAN packet of the 802.1Q protocol, and 0xffff is a reserved field, so the first virtual machine modifies 0x8100 or 0x88a8 in the first packet to 0xffff, and thus the modified packet will not be considered as a VLAN packet.
After the receiving port (corresponding to the port of the first virtual machine) on the virtual switch receives the second packet in step 303, the receiving port of the virtual switch considers that the second packet conforms to the PVID rule because the second identifier in the second packet indicates that the packet is a non-VLAN packet, and forwards the second packet to the sending port (corresponding to the port of the third virtual machine) of the virtual switch in step 304. Since the second identifier in the second message indicates that the message is a non-VLAN message, the sending port of the virtual switch considers that the second message does not violate the PVID rule in step 305, and forwards the second message to the network card of the third virtual machine in step 306.
After the network card of the third virtual machine receives the second message, if it is found that the second identifier in the second message indicates that the message is a non-VLAN message, the network card of the third virtual machine replaces the second identifier in the second message with the first identifier to obtain a first message, and in step 307, the network card of the third virtual machine sends the first message to the third virtual machine. After receiving the first message, the third virtual machine determines a forwarding path according to the destination address carried in the first message, and finally forwards the first message to the second virtual machine in step 309.
The embodiment of the invention modifies the initially sent message through the network card of the virtual machine of the sender, so that the modified message is not considered as a VLAN message on the virtual switch, thereby not violating the PVID rule on the virtual switch, further realizing that the virtual switch transmits the initial message to the virtual machine serving as the three-layer switch, and finally realizing that the virtual machines of different VLANs communicate through the virtual switch provided with the PVID rule and the virtual machine serving as the three-layer switch.
As shown in fig. 4, the network card of the virtual machine and the functional module of the virtual switch provided in the embodiment of the present invention are described below.
The network card of the first virtual machine may include:
a receiving module 401, configured to receive a first message sent by a first virtual machine, where the first message carries a source address, a destination address, and a VLAN tag, the source address is an address of the first virtual machine, the destination address is an address of a second virtual machine, the first virtual machine and the second virtual machine are not in the same VLAN, the VLAN tag includes a first identifier and a VLAN identifier, the first identifier indicates that the first message is a VLAN message, and the VLAN identifier includes an identifier of a VLAN where the first virtual machine is located;
a modifying module 402, configured to replace the first identifier in the first message with a second identifier to obtain a second message, where the second identifier indicates that the second message is a non-VLAN message;
a sending module 403, configured to send the second packet to a virtual switch.
The virtual switch includes:
a receiving port 404, configured to receive a second message sent by a network card of a first virtual machine, where the second message carries a source address, a destination address, and a VLAN tag, the source address is an address of the first virtual machine, the destination address is an address of a second virtual machine, the first virtual machine and the second virtual machine are not in the same VLAN, the VLAN tag includes a second identifier and a VLAN identifier, the second identifier indicates that the second message is a non-VLAN message, and the VLAN identifier includes an identifier of a VLAN where the first virtual machine is located;
the receiving port 404 is further configured to forward the second packet to a sending port according to the second identifier;
the sending port 405 is configured to receive the second packet forwarded by the receiving port, and transparently transmit the second packet to a third virtual machine according to the second identifier;
the receiving port 404 corresponds to a network card of the first virtual machine, the sending port 405 corresponds to a network card of the third virtual machine, the receiving port 404 and the sending port 405 are channel ports, a port-based virtual local area network identifier is set on each channel port, the messages allowed to pass through by each channel port include non-VLAN messages or VLAN messages conforming to the rules, and the VLAN identifiers carried by the VLAN messages conforming to the rules are consistent with the VLAN identifiers set by the channel ports.
The network card of the third virtual machine includes:
a receiving module 406, configured to receive a second message transparently transmitted by a virtual switch, where the second message carries a source address, a destination address, and a VLAN tag, the source address is an address of a first virtual machine, the destination address is an address of a second virtual machine, the first virtual machine and the second virtual machine are not in the same VLAN, the VLAN tag includes a second identifier and a VLAN identifier, the second identifier indicates that the second message is a non-VLAN message, the VLAN identifier includes an identifier of a VLAN where the first virtual machine is located, and the third virtual machine is a three-layer switch;
a modifying module 407, configured to replace the second identifier in the second message with a first identifier to obtain a first message, where the first identifier indicates that the second message is a VLAN message;
a sending module 408, configured to send the first message to the third virtual machine, so that the third virtual machine determines a forwarding path of the first message to the second virtual machine.
The specific functions of each functional module are also described in the embodiment shown in fig. 3, and are not described herein again.
It is clear to those skilled in the art that, for convenience and brevity of description, the specific working processes of the above-described systems, apparatuses and units may refer to the corresponding processes in the foregoing method embodiments, and are not described herein again.
In the several embodiments provided in the present application, it should be understood that the disclosed system, apparatus and method may be implemented in other ways. For example, the above-described apparatus embodiments are merely illustrative, and for example, the division of the units is only one logical division, and other divisions may be realized in practice, for example, a plurality of units or components may be combined or integrated into another system, or some features may be omitted, or not executed. In addition, the shown or discussed mutual coupling or direct coupling or communication connection may be an indirect coupling or communication connection through some interfaces, devices or units, and may also be an electric, mechanical or other form of connection.
While the invention has been described with reference to specific embodiments, the invention is not limited thereto, and various equivalent modifications and substitutions can be easily made by those skilled in the art within the technical scope of the invention. Therefore, the protection scope of the present invention shall be subject to the protection scope of the claims.

Claims (14)

1. A communication method of messages in a cloud data center is characterized in that the cloud data center comprises at least two virtual machines, the at least two virtual machines form at least two Virtual Local Area Networks (VLANs), and the method comprises the following steps:
the network card of the first virtual machine receives a first message sent by the first virtual machine, wherein the first message carries a source address, a destination address and a VLAN tag, the source address is the address of the first virtual machine, the destination address is the address of a second virtual machine, the first virtual machine and the second virtual machine are not in the same VLAN, the VLAN tag comprises a first identifier and a VLAN identifier, the first identifier indicates that the first message is a VLAN message, and the VLAN identifier comprises the identifier of the VLAN where the first virtual machine is located;
replacing the first identifier in the first message with a second identifier by the network card of the first virtual machine to obtain a second message, wherein the second identifier indicates that the second message is a non-VLAN message;
and the network card of the first virtual machine sends the second message to a virtual switch.
2. The method of claim 1, wherein the first packet employs an 802.1Q protocol, wherein the first identifier is 0x8100 or 0x88a8, and wherein the second identifier employs a reserved field of the 802.1Q protocol.
3. The method of claim 2, wherein the second identifier is 0 xffff.
4. A communication method of messages in a cloud data center is characterized in that the cloud data center comprises at least two virtual machines which form at least two Virtual Local Area Networks (VLANs), and the method is applied to a virtual switch;
the method comprises the following steps:
the virtual switch receives a second message sent by a network card of a first virtual machine, wherein the second message carries a source address, a destination address and a VLAN tag, the source address is the address of the first virtual machine, the destination address is the address of a second virtual machine, the first virtual machine and the second virtual machine are not in the same VLAN, the VLAN tag comprises a second identifier and a VLAN identifier, the second identifier indicates that the second message is a non-VLAN message, and the VLAN identifier comprises the identifier of the VLAN where the first virtual machine is located;
the virtual switch transparently transmits the second message to a third virtual machine through a receiving port and a sending port on the virtual switch according to the second identifier, wherein the third virtual machine is a three-layer switch, the receiving port corresponds to the network card of the first virtual machine, the sending port corresponds to a network card of the third virtual machine, the receiving port and the sending port are channel ports, a port-based virtual local area network identifier is set on the channel port, the receiving port configures an identifier of a VLAN where the first virtual machine is located, the sending port configures the identification of the VLAN where the third virtual machine is located, the messages allowed to pass through by the channel port comprise non-VLAN messages or VLAN messages conforming to the rules, and the VLAN identification carried by the VLAN message which accords with the rule is consistent with the VLAN identification set by the channel port.
5. The method of claim 4, wherein the virtual switch passthrough the second packet to a third virtual machine through a first port on the virtual switch according to the second identifier, comprising:
and the virtual switch determines that the second message is a non-VLAN message according to the second identifier, and directly forwards the second message which is not packaged to the third virtual machine through the receiving port and the sending port.
6. The method according to claim 4 or 5, wherein the second packet uses 802.1Q protocol, and the second identifier uses a reserved field of 802.1Q protocol.
7. The method of claim 6, wherein the second identifier is 0 xffff.
8. A communication method of messages in a cloud data center is characterized in that the cloud data center comprises at least two virtual machines, the at least two virtual machines form at least two Virtual Local Area Networks (VLANs), and the method is applied to a network card of a third virtual machine and comprises the following steps:
the network card of the third virtual machine receives a second message transmitted by a virtual switch in a transparent manner, wherein the second message carries a source address, a destination address and a VLAN tag, the source address is the address of a first virtual machine, the destination address is the address of a second virtual machine, the first virtual machine and the second virtual machine are not in the same VLAN, the VLAN tag comprises a second identifier and a VLAN identifier, the second identifier indicates that the second message is a non-VLAN message, the VLAN identifier comprises the identifier of the VLAN where the first virtual machine is located, and the third virtual machine is a three-layer switch;
replacing the second identifier in the second message with a first identifier by the network card of the third virtual machine to obtain a first message, wherein the first identifier indicates that the second message is a VLAN message;
and the network card of the third virtual machine transmits the first message to the third virtual machine, so that the third virtual machine determines a forwarding path of the first message to the second virtual machine.
9. The method of claim 8, wherein the second packet employs an 802.1Q protocol, wherein the first identifier is 0x8100 or 0x88a8, and wherein the second identifier employs a reserved field of the 802.1Q protocol.
10. The method of claim 8, wherein the second identifier is 0 xffff.
11. A cloud data center, comprising:
the device comprises a first virtual machine and a second virtual machine, wherein the first virtual machine is used for sending a first message, the first message carries a source address, a destination address and a VLAN (virtual local area network) tag, the source address is the address of the first virtual machine, the destination address is the address of the second virtual machine, the first virtual machine and the second virtual machine are not in the same VLAN, the VLAN tag comprises a first identifier and a VLAN identifier, the first identifier indicates that the first message is a VLAN message, and the VLAN identifier comprises the identifier of the VLAN where the first virtual machine is located;
the network card of the first virtual machine is used for replacing the first identifier in the first message with a second identifier after receiving the first message to obtain a second message and sending the second message to a virtual switch, wherein the second identifier indicates that the second message is a non-VLAN message;
the virtual switch is used for receiving the second message sent by the network card of the first virtual machine, transmitting the second message to a third virtual machine through a receiving port and a sending port on the virtual switch according to the second identifier, wherein the third virtual machine is a three-layer switch, the receiving port corresponds to the network card of the first virtual machine, the sending port corresponds to a network card of the third virtual machine, the receiving port and the sending port are channel ports, a port-based virtual local area network identifier is set on the channel port, the receiving port configures an identifier of a VLAN where the first virtual machine is located, the sending port configures the identification of the VLAN where the third virtual machine is located, the messages allowed to pass through by the channel port comprise non-VLAN messages or VLAN messages conforming to the rules, the VLAN identification carried by the VLAN message which accords with the rule is consistent with the VLAN identification set by the channel port;
the network card of the third virtual machine is configured to receive the second message transparently transmitted by the virtual switch, replace the second identifier in the second message with the first identifier, obtain the first message, and send the first message to the third virtual machine;
and the third virtual machine is used for receiving the first message and determining a forwarding path of the first message to the second virtual machine.
12. The cloud data center of claim 11, wherein the first packet employs an 802.1Q protocol, the first identifier is 0x8100 or 0x88a8, and the second identifier employs a reserved field of the 802.1Q protocol.
13. The cloud data center of claim 12, wherein the second identifier is 0 xffff.
14. A computing device, comprising:
a storage unit to store instructions; and
at least one processor coupled to the memory unit;
wherein the instructions, when executed by the at least one processor, cause the processor to perform the method of any of claims 1-10.
CN201711452768.2A 2017-12-28 2017-12-28 Message communication method and device in cloud data center Active CN108337192B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201711452768.2A CN108337192B (en) 2017-12-28 2017-12-28 Message communication method and device in cloud data center

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201711452768.2A CN108337192B (en) 2017-12-28 2017-12-28 Message communication method and device in cloud data center

Publications (2)

Publication Number Publication Date
CN108337192A CN108337192A (en) 2018-07-27
CN108337192B true CN108337192B (en) 2021-02-23

Family

ID=62923591

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201711452768.2A Active CN108337192B (en) 2017-12-28 2017-12-28 Message communication method and device in cloud data center

Country Status (1)

Country Link
CN (1) CN108337192B (en)

Families Citing this family (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN109756412B (en) * 2018-12-24 2020-12-25 华为技术有限公司 Data message forwarding method and equipment
CN109617735B (en) 2018-12-26 2021-04-09 华为技术有限公司 Cloud computing data center system, gateway, server and message processing method
CN110213147B (en) * 2019-02-22 2021-09-03 企商在线(北京)网络股份有限公司 Cloud network intercommunication method and device, storage medium and terminal equipment
CN111800326B (en) * 2019-04-08 2021-08-24 中移(苏州)软件技术有限公司 Message transmission method and device, processing node and storage medium
CN112995006A (en) * 2019-12-17 2021-06-18 中兴通讯股份有限公司 Message processing method and module, detection method, exchange equipment and storage medium
CN114448752B (en) * 2022-04-07 2022-09-09 杭州优云科技有限公司 Multi-subnet communication method and device
CN115987574B (en) * 2022-12-06 2024-09-10 中国联合网络通信集团有限公司 Virtual private cloud security detection method, device, equipment and storage medium

Citations (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101064720A (en) * 2006-04-28 2007-10-31 华为技术有限公司 Method for improving base station access service stream
CN101425960A (en) * 2007-11-02 2009-05-06 中兴通讯股份有限公司 Method and apparatus for load equalizing implementation
US7706363B1 (en) * 2003-06-11 2010-04-27 Radlan Computer Communications, Ltd Method and apparatus for managing packets in a packet switched network
CN102739553A (en) * 2012-07-20 2012-10-17 烽火通信科技股份有限公司 Identification and processing device for Ethernet data packet
CN103973578A (en) * 2013-01-31 2014-08-06 杭州华三通信技术有限公司 Virtual machine traffic redirection method and device
US9178717B1 (en) * 2011-04-07 2015-11-03 Adtran, Inc. Systems and methods for enabling leaf isolation in a multi-node tree network
CN107018058A (en) * 2017-03-30 2017-08-04 国家计算机网络与信息安全管理中心 The method and system of VLAN and VXLAN communications are shared under a kind of cloud environment

Family Cites Families (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
IL190433A (en) * 2007-03-26 2012-07-31 Marvell Israel Misl Ltd System and method of modifying data packet tags

Patent Citations (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US7706363B1 (en) * 2003-06-11 2010-04-27 Radlan Computer Communications, Ltd Method and apparatus for managing packets in a packet switched network
CN101064720A (en) * 2006-04-28 2007-10-31 华为技术有限公司 Method for improving base station access service stream
CN101425960A (en) * 2007-11-02 2009-05-06 中兴通讯股份有限公司 Method and apparatus for load equalizing implementation
US9178717B1 (en) * 2011-04-07 2015-11-03 Adtran, Inc. Systems and methods for enabling leaf isolation in a multi-node tree network
CN102739553A (en) * 2012-07-20 2012-10-17 烽火通信科技股份有限公司 Identification and processing device for Ethernet data packet
CN103973578A (en) * 2013-01-31 2014-08-06 杭州华三通信技术有限公司 Virtual machine traffic redirection method and device
CN107018058A (en) * 2017-03-30 2017-08-04 国家计算机网络与信息安全管理中心 The method and system of VLAN and VXLAN communications are shared under a kind of cloud environment

Also Published As

Publication number Publication date
CN108337192A (en) 2018-07-27

Similar Documents

Publication Publication Date Title
CN108337192B (en) Message communication method and device in cloud data center
US10582420B2 (en) Processing of overlay networks using an accelerated network interface card
US20200204486A1 (en) Network interface card, computing device, and data packet processing method
US20210320872A1 (en) Cloud computing data center system, gateway, server, and packet processing method
US10623310B2 (en) Network interface card, computing device, and data packet processing method
US9178828B2 (en) Architecture for agentless service insertion
US9602400B2 (en) Hypervisor independent network virtualization
US9008085B2 (en) Network interface card having overlay gateway functionality
CN102801729B (en) Virtual machine message forwarding method, network switching equipment and communication system
EP2685676B1 (en) Multicast data forwarding method and device supporting virtual terminal
US20140016501A1 (en) Flow based overlay network
JP5967633B2 (en) Flexible and scalable enhanced transmission selection method for network fabrics
US20140280827A1 (en) Scalable distributed control plane for network switching systems
US9654421B2 (en) Providing real-time interrupts over ethernet
US10432515B1 (en) Reducing number of Ethernet segment MPLS labels for all-active multi-homing
US10541842B2 (en) Methods and apparatus for enhancing virtual switch capabilities in a direct-access configured network interface card
CN114765567A (en) Communication method and communication system
WO2017219272A1 (en) Packet forwarding method and device

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant
TR01 Transfer of patent right

Effective date of registration: 20220223

Address after: 550025 Huawei cloud data center, jiaoxinggong Road, Qianzhong Avenue, Gui'an New District, Guiyang City, Guizhou Province

Patentee after: Huawei Cloud Computing Technologies Co.,Ltd.

Address before: 518129 Bantian HUAWEI headquarters office building, Longgang District, Guangdong, Shenzhen

Patentee before: HUAWEI TECHNOLOGIES Co.,Ltd.

TR01 Transfer of patent right