CN108881013A - Control method, system, SDN controller and the access device of gateway mode - Google Patents
Control method, system, SDN controller and the access device of gateway mode Download PDFInfo
- Publication number
- CN108881013A CN108881013A CN201810713493.1A CN201810713493A CN108881013A CN 108881013 A CN108881013 A CN 108881013A CN 201810713493 A CN201810713493 A CN 201810713493A CN 108881013 A CN108881013 A CN 108881013A
- Authority
- CN
- China
- Prior art keywords
- access device
- layers
- gateway
- forwarding
- virtual router
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L45/00—Routing or path finding of packets in data switching networks
- H04L45/58—Association of routers
- H04L45/586—Association of routers of virtual routers
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L12/00—Data switching networks
- H04L12/66—Arrangements for connecting between networks having differing types of switching systems, e.g. gateways
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L41/00—Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
- H04L41/06—Management of faults, events, alarms or notifications
- H04L41/0631—Management of faults, events, alarms or notifications using root cause analysis; using analysis of correlation between notifications, alarms or events based on decision criteria, e.g. hierarchy, tree or time analysis
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L41/00—Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
- H04L41/08—Configuration management of networks or network elements
- H04L41/0803—Configuration setting
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L45/00—Routing or path finding of packets in data switching networks
- H04L45/38—Flow based routing
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L45/00—Routing or path finding of packets in data switching networks
- H04L45/74—Address processing for routing
- H04L45/745—Address table lookup; Address filtering
Landscapes
- Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Data Exchanges In Wide-Area Networks (AREA)
Abstract
Present disclose provides a kind of method, system, SDN controller and access devices for controlling gateway mode, are related to Internet technical field.The upper limit alarm information and alarm release information that SDN controller passes through monitoring access device;If receiving upper limit alarm information, three layers of forwarding configuration information of the virtual router on access device are transferred to borde gateway, so that access device is switched to non-gateway mode by gateway mode;If receiving alarm release information, three layers of forwarding configuration information of the corresponding virtual router of access device are restored by borde gateway to access device, so that access device is gateway mode by non-gateway pattern switching.By above-mentioned technology, the effective guarantee repeating process of three layer cross-network segment flows improves whole data forwarding performance.
Description
Technical field
This disclosure relates to which Internet technical field, is controlled more particularly, to a kind of method for controlling gateway mode, system, SDN
Device and access device processed.
Background technique
EVPN (Ethernet Virtual Private Network, Ethernet Virtual Private Network) is two layers a kind of
VPN technologies, (MultiProtocol-Border Gateway Protocol, multi-protocols are compatible using MP-BGP for control plane
Border Gateway Protocol) notice EVPN routing iinformation, data plane using VXLAN (Virtual eXtensible LAN, it is expansible
Virtual Local Area Network) packaged type E-Packets.When the physical site of tenant is dispersed in different location, EVPN can be same
The identical subnet of tenant provides two layers of interconnection;Simultaneously three layers can be provided mutually for the different sub-network of same tenant by EVPN gateway
Connection, and three layers of interconnection with external network are provided for tenant.
EVPN networking structure is usually applied to data center, can use distributed network gate networking model.
In distributed network gate networking model, EVPN access device is worked under gateway mode, EVPN access device and
EVPN borde gateway can forward three layer cross-network segment flows, and therefore, three layer cross-network segment flows can be forwarded by optimal path, simultaneously
The flow forwarding pressure of EVPN borde gateway can be alleviated.But when EVPN access device works in gateway mode, gateway need to be increased
Relevant configuration, such as VPN (Virtual Private Network, Virtual Private Network) configuration information, VSI-IF (Virtual
Switch Interface, Virtual Switch Interface) and gateway ip address etc., the limited ACL of EVPN access device can be occupied
(Access Control List, accesses control list) resource not can guarantee if virtual machine online in EVPN is more
EVPN access device has enough resource forwarding table memory items, and then influences data forwarding performance.
Summary of the invention
In view of this, the disclosure be designed to provide it is a kind of control the method for gateway mode, system, SDN controller and
Access device, can be according to the occupation condition of access device, and dynamic adjusts the operating mode of access device, to promote data
Forwarding performance.
To achieve the goals above, the technical solutions adopted are as follows for the disclosure:
In a first aspect, the method is applied to SDN controller present disclose provides a kind of method for controlling gateway mode,
The method includes:
The warning message of access device is monitored, the warning message includes upper limit alarm information and alarm release information,
In, the upper limit alarm information is the access device when in gateway mode, detects that two layers of forwarding resource occupation reach
What upper limit value was sent, the lower limit warning message is the access device when in non-gateway mode, detects described two layers
Resource occupation is forwarded to send lower than lower limit value;
If receiving the upper limit alarm information, three layers of forwarding of the corresponding virtual router of the access device are matched
Confidence breath is transferred to borde gateway, so that the access device is switched to non-gateway mode by gateway mode;
If receiving the alarm release information, by three layers of forwarding configuration information of the virtual router by the side
Boundary's gateway restores to the access device, so that the access device is gateway mode by non-gateway pattern switching.
Second aspect, present disclose provides a kind of method for controlling gateway mode, the method is applied to access device, institute
The method of stating includes:
Detect the occupancy situation of two layers of forwarding resource;
Warning message is sent to SDN controller according to the occupancy situation;The warning message includes upper limit alarm information
And alarm release information, wherein the upper limit alarm information is the access device when in gateway mode, is detected described
The occupancy of two layers of forwarding resource reaches upper limit value transmission, and the alarm release information is the access device in non-gateway
When mode, sent when detecting the occupancy of two layers of forwarding resource lower than lower limit value;
If the virtual router for receiving the transmission of SDN controller deletes notice, is deleted and notified according to the virtual router
Delete three layers of forwarding configuration information of corresponding virtual router;
If the virtual router configuration notification of SDN controller transmission is received, according to the virtual router configuration notification
Three layers of forwarding configuration information of corresponding virtual router are configured, and send gratuitous ARP packet.
The third aspect present disclose provides a kind of SDN controller, including first processor and connects with the first processor
The first memory connect;The first memory is stored with the machine-executable instruction that can be executed by the first processor,
The first processor executes the machine-executable instruction to realize method described in first aspect.
Fourth aspect present disclose provides a kind of access device, including second processor and connects with the second processor
The second memory connect;The second memory is stored with the machine-executable instruction that can be executed by the second processor,
The second processor executes the machine-executable instruction to realize method described in second aspect.
5th aspect, present disclose provides a kind of systems for controlling gateway mode, control including SDN described in the third aspect
Access device described in device, fourth aspect and borde gateway;
The borde gateway is used for when the virtual router for receiving the transmission of SDN controller deletes notice, according to described
Virtual router deletes three layers of forwarding configuration information that notice deletes corresponding virtual router;Receiving SDN controller hair
When the virtual router configuration notification sent, three layers of corresponding virtual router are configured according to the virtual router configuration notification
Configuration information is forwarded, and sends gratuitous ARP packet.
Method, system, SDN controller and the access device of above-mentioned control gateway mode, SDN controller is by monitoring access
The upper limit alarm information and alarm release information of equipment;Dynamic control access device is reasonable between gateway mode and non-gateway mode
Switching shifts three layers of forwarding configuration information of the corresponding virtual router of access device if receiving upper limit alarm information
To borde gateway, so that access device is switched to non-gateway mode by gateway mode;If receiving alarm release information, will connect
Three layers of forwarding configuration information for entering the virtual router in equipment are restored by borde gateway to access device so that access device by
Non-gateway pattern switching is gateway mode.By above-mentioned technology, the effective guarantee repeating process of three layer cross-network segment flows is promoted
Whole data forwarding performance.
Other feature and advantage of the disclosure will illustrate in the following description, alternatively, Partial Feature and advantage can be with
Deduce from specification or unambiguously determine, or by implement the disclosure above-mentioned technology it can be learnt that.
To enable the above objects, features and advantages of the present invention to be clearer and more comprehensible, better embodiment is cited below particularly, and match
Appended attached drawing is closed, is described in detail below.
Detailed description of the invention
It, below will be to specific in order to illustrate more clearly of disclosure specific embodiment or technical solution in the prior art
Embodiment or attached drawing needed to be used in the description of the prior art be briefly described, it should be apparent that, it is described below
Attached drawing is some embodiments of the disclosure, for those of ordinary skill in the art, before not making the creative labor
It puts, is also possible to obtain other drawings based on these drawings.
Fig. 1 is the application environment schematic diagram of the method for the control gateway mode that disclosure embodiment provides;
Fig. 2 is a kind of flow chart of the method for control gateway mode that disclosure embodiment provides;
Fig. 3 is the flow chart of the method for another control gateway mode that disclosure embodiment provides;
Fig. 4 is a kind of interaction figure of the method for control gateway mode that disclosure embodiment provides;
Fig. 5 is a kind of structural block diagram of the device for control gateway mode that disclosure embodiment provides;
Fig. 6 is the structural block diagram of the device for another control gateway mode that disclosure embodiment provides;
Fig. 7 is the structural block diagram of the device for another control gateway mode that disclosure embodiment provides;
Fig. 8 is a kind of structural block diagram of the system for control gateway mode that disclosure embodiment provides.
Specific embodiment
To keep the purposes, technical schemes and advantages of disclosure embodiment clearer, below in conjunction with attached drawing to this public affairs
The technical solution opened is clearly and completely described, it is clear that and described embodiment is a part of embodiment of the disclosure,
Rather than whole embodiment.Based on the embodiment in the disclosure, those of ordinary skill in the art are not making creation
Property labour under the premise of every other embodiment obtained, belong to the disclosure protection range.
The method and apparatus for the control gateway mode that disclosure embodiment provides can be applied but be not limited to EVPN networking
In structure, Fig. 1 shows a kind of EVPN networking structure schematic diagram, wherein VTEP (VXLAN Tunnel End Point, VXLAN
Endpoint of a tunnel) be EVPN edge device.VTEP1 and VTEP2 in Fig. 1 are that EVPN access device (is referred to as Leaf to set
It is standby), VTEP3 is EVPN borde gateway (being referred to as border equipment).Between each EVPN access device and EVPN connects
Enter and is connected between equipment and EVPN borde gateway by the tunnel VXLAN.VTEP1 is connect with the first website S1 in Fig. 1, VTEP2 with
Second website S2 connection.
The configuration information such as table 1 of the corresponding access device of S1 and S2 in present embodiment and the virtual machine in S1 and S2
It is shown:
Table 1
Wherein, VM1 and VM4 belongs to same subnet, and VTEP1 will connect three layer interfaces or ethernet server of site-local
Example is associated with VSI, and the VXLAN created in the VSI of VTEP1 is to pass through belonging to the message that three layer interface receives
VXLAN.Wherein, in the present embodiment, VXLAN10, VM2 are corresponded to three layer interfaces for receiving the message of VM1 transmission in VTEP1
Three layer interfaces that three layer interfaces of the message of transmission correspond to the message of VXLAN20, VM3 transmission are said for corresponding to VXLAN30
It is bright;Three layer interfaces that the message of VM4 transmission is received in VTEP2 correspond to three layer interfaces pair of the message that VXLAN10, VM5 are sent
Three layer interfaces of the message for answering VXLAN20, VM6 to send are illustrated for corresponding to VXLAN30.
SDN (Software Defined Network, software defined network) is a kind of new network framework, and core is thought
Think be separated network equipment control plane and forwarding plane, by SDN controller to network flow carry out collection neutralize flexibly control
System, so that the innovation for core network and application provides good platform.VTEP (including EVPN access device in above-mentioned Fig. 1
With EVPN borde gateway) (this connection relationship of non-schematic diagram in Fig. 1) is communicated to connect with SDN controller, SDN controller conduct
The virtual management platform of EVPN provides a user the network management deployment window of EVPN, which disposes window can be with
It is realized by cloud platform.
SDN controller receives the network creation of user, subnet distribution, router creation, router administration by cloud platform
Etc. the relevant configuration information of functions and/or operational order, SDN controller refer to further according to the configuration information and/or operation received
The physical equipment or virtual unit in management EVPN are enabled, such as:SDN controller configures the VPN configuration information of EVPN access device,
And three layers of offloading functions can also be configured on EVPN access device, i.e., virtual router is configured on EVPN access device,
Realize three layers of forwarding of cross-network segment flow in EVPN.
EVPN networking structure shown in FIG. 1 can work under centralized gateway networking model, can also work and be distributed
Under formula gateway networking model.
Under centralized gateway networking model, VTEP1 and VTEP2 work in non-gateway mode, are only used as Layer2 switching
Machine uses, for forwarding two laminar flow amounts of the equipment room in identical subnet.And VTEP3 is used as centralized gateway, to match described in table 1
It is set to example, the corresponding configuration of VTEP3 is as shown in table 2:
Table 2
In networking stage, virtual router can be configured on VTEP3 according to the VXLAN configured in current networking
(VRouter), the corresponding VSI interface of each VRouter and a VXLAN network, the IP address of VSI interface is as corresponding
The gateway ip address of virtual machine in VXLAN network.And each VSI interface can be bound with a VPN instance.It is each as a result,
A virtual router can the independent message forwarded under the VPN instance bound with it.Receive three layers of VTEP1 and VTEP2
Cross-network segment flow and the flow for being sent to external network are required to unload by VTEP3 and forward.
Below under centralized gateway networking model, VM1 illustrates two layers of repeating process, tool for sending message to VM4
Body is as follows:
(1) VM1 learns the MAC Address to VM4 by ARP message;
(2) VM1 sends datagram, and the source MAC of the message is the MAC1 of VM1, and target MAC (Media Access Control) address is VM4's
MAC4。
(3) above-mentioned data message first reaches VTEP1, and VTEP1 is according to target MAC (Media Access Control) address in the mac address table of VSI-10
Matched list item is searched, VXLAN tunnel of the corresponding outgoing interface of the message between VTEP1 and VTEP2 is obtained.VTEP1 according to
VXLAN agreement is packaged message, is then sent to the message after encapsulation by the corresponding tunnel VXLAN of above-mentioned outgoing interface
VTEP2.Message after encapsulation carries VXLAN network identifier.
(4) VTEP2 receives the message after encapsulation, determines that the message belongs to according to the VXLAN network identifier in message
VXLAN10 decapsulates the message received, and searches the corresponding mac address table of VXLAN10 in VTEP2, by looking into
Message after decapsulation is sent to VM4 by the outgoing interface found.
Below under centralized gateway networking model, VM1 illustrates three layers of forwarding of cross-network segment for sending message to VM5
Process, it is specific as follows:
(1) VM1 determines that the message sent to VM5 is cross-network segment message according to the IP address of VM5, first passes through ARP message
Practise the corresponding MAC Address of gateway ip address;
(2) VM1 sends datagram, and the source MAC of the message is the MAC1 of VM1, and target MAC (Media Access Control) address is for gateway IP
The corresponding MAC Address in location;Source IP address is the IP address of VM1, and purpose IP address is the IP address of VM5.
(3) above-mentioned data message first reaches VTEP1, and VTEP1 is looked into the mac address table of VSI-10 according to purpose IP address
Matched list item is looked for, VXLAN tunnel of the corresponding outgoing interface of the message between VTEP1 and VTEP3 is obtained.VTEP1 to message into
VTEP3 is sent to after row encapsulation;
(4) after VTEP3 receives the message of encapsulation, message is decapsulated, Host routes are looked into according to purpose IP address
Table determines VXLAN tunnel of the outgoing interface between VTEP3 and VTEP2, sends it to VTEP2 by the tunnel, should by VTEP2
Message is sent to VM5.
In distributed network gate networking model, VTEP1 and VTEP2 are worked under gateway mode, on VTEP1 and VTEP2
Can be based on VSI and VXLAN configuration virtual router (VRouter), concrete configuration is with above-mentioned VTEP3, and details are not described herein again.At this
In networking model, if VM1 sends message to VM5, message is sent to VTEP1 by VM1, and VTEP1 judges VXLAN belonging to message
Network is VXLAN20, and the corresponding outgoing interface of VXLAN20 is searched in the Host routes table in VTEP1, by outgoing interface by message
It is sent to VTEP2, then is forwarded the packet by VTEP2 to VM5.
In view of under centralized networking model, three layer cross-network segment flows are required to be forwarded by borde gateway, cause
The flow forwarding pressure of borde gateway is larger;And under distributed networking mode, if online virtual machine is more, occupies access and set
Standby two layers of upper forwarding resource will be larger, may cause two layers of forwarding resource exhaustion of access device configuration, not can guarantee number
According to forwarding performance.In order to more reasonably utilize Internet resources, data forwarding performance is improved, disclosure embodiment provides one
The method of kind of control gateway mode, system, SDN controller and access device, can be according to the resource occupation feelings of access device
Condition is rationally switched with dynamically controlling access device between gateway mode and non-gateway mode.
Fig. 2 shows a kind of flow chart of method for controlling gateway mode, this method is applied to SDN controller, including such as
Lower step:
Step S202, SDN controller monitor access device warning message, the warning message include upper limit alarm information and
Alarm release information, wherein the upper limit alarm information is the access device when in gateway mode, detects two layers of forwarding
Resource occupation reaches upper limit value transmission;The lower limit warning message is the access device when in non-gateway mode, detection
Resource occupation is forwarded to send lower than lower limit value to described two layers;
Wherein, two layers of forwarding resource may include the resource that the relevant information forwarded for realizing two layers occupies, such as MAC
Forwarding table and/or VSI resource, the VSI resource may include the relevant informations such as VPN routing table.
Step S204, if SDN controller receives upper limit alarm information, by the corresponding virtual flow-line of above-mentioned access device
Three layers of forwarding configuration information of device are transferred to borde gateway, so that the access device is switched to non-gateway mode by gateway mode.
Wherein, the corresponding virtual router of access device is often referred to the virtual flow-line that SDN controller is access device configuration
Device, if for example, VXLAN belonging to virtual machine on access device 1 includes VXLAN1 and VXLAN2, on access device 1 in advance
The corresponding vRouter2 of VXLAN1 corresponding vRouter1 and VXLAN2 can be configured.Three layers of forwarding of each virtual router configure
Information may include:VPN configuration information, VSI-IF and gateway ip address etc..
Borde gateway is matched when receiving three layers of forwarding configuration information of above-mentioned virtual router of SDN controller transmission
Three layers of forwarding configuration information of the virtual router are set, and send gratuitous ARP packet.The borde gateway is by configuring virtual flow-line
Three layers of forwarding configuration information of device can be realized and configure the corresponding VPN configuration information of the virtual router, VSI-IF and gateway IP
The information such as address, then by sending gratuitous ARP packet, enable each equipment in current networking according to the gratuitous ARP packet
The gateway ip address currently corresponding gateway MAC address is obtained, and then when user equipment sends message to its corresponding gateway,
So that being sent to the message of access device originally, it is sent to borde gateway, i.e. borde gateway has taken over the net originally on access device
Close function.
Step S206, if SDN controller receives alarm release information, by the corresponding virtual flow-line of above-mentioned access device
Three layers of forwarding configuration information of device are restored by borde gateway to access device, so that the access device is by non-gateway pattern switching
Gateway mode.
SDN controller receives alarm release information, the mark for the access device that can be carried according to the alarm release information
Knowledge finds the corresponding VXLAN of the access device, and then obtains the corresponding virtual router of the access device and the virtual road
By three layers of forwarding configuration information of device.
Above-mentioned three layers of forwarding configuration information is restored by borde gateway to access device, specifically can be from SDN controller to side
Boundary's gateway sends virtual router and deletes notice, which, which deletes notice, can carry virtual router mark, so that
Borde gateway deletes notice according to the virtual router and deletes virtual router after receiving the virtual router and deleting notice
Identify corresponding three layers of forwarding configuration information.It is set in addition, SDN controller can also identify corresponding access to the virtual router
Preparation send virtual router configuration notification, and three layers of forwarding which can carry the virtual router are matched
Confidence breath, receives three layers of forwarding configuration information in the access device configuration notification of the virtual router configuration notification, and send
Gratuitous ARP packet.
By the above method, SDN controller can be in gateway mode in access device, and two layers of forwarding resource occupation reach
The upper limit alarm information that access device reports is received when to upper limit value, is in non-gateway mode, and two layers of forwarding in access device
Resource occupation receives alarm release information when being lower than lower limit value, and then when receiving upper limit alarm information, by above-mentioned access device
On three layers of forwarding configuration information of virtual router be transferred to borde gateway;It, will be above-mentioned when receiving alarm release information
Three layers of forwarding configuration information of the virtual router on access device are restored by borde gateway to access device.
It is this three layers forwarding configuration information processing mode, can access device two layers of forwarding resource it is practical occupancy compared with
When big, access device is controlled by gateway mode and is switched to non-gateway mode, ensures the forwarding performance of two layers of forwarding service, reduction is lost
Packet rate.When the practical occupancy of two layers of forwarding resource of access device is smaller, control access device is net by non-gateway pattern switching
Pass mode forwards the three layer cross-network segment flows for reaching access device by optimal path, reduces by three layer cross-network segment flows and is forwarding
Time delay in the process, and then improve the forwarding performance of data.
The above method is illustrated by taking the SDN controller applied to EVPN as an example.In EVPN networking structure, above-mentioned access is set
Standby can be specifically Leaf equipment, and borde gateway can be specifically border equipment, SDN controller and access device and boundary net
Close communication connection.In EVPN networking building process, SDN controller receives the cellular logic resource that user is created by cloud platform
Configuration information, wherein cellular logic resource allocation information includes three layers of forwarding configuration information of virtual router, this three layers forwarding
Configuration information includes:VPN configuration information, VSI-IF and gateway ip address etc.;Cellular logic resource allocation information further includes
Network (relative address etc. of the outer net equipment of IP core network docking) and subnet (each equipment in IP core network
Subnet configuration information, such as:Core equipment, edge device, server and subnet configuration information of virtual machine etc.);User
The information such as software and hardware require information or the model of access device can also be added by cloud platform.
By taking SDN controller executes the above method as an example, the above method includes the following steps:
(1) SDN controller monitors the warning message of access device.Wherein, warning message includes upper limit alarm information and report
It is alert to release information.
Wherein, when access device is in gateway mode, if two layers of forwarding resource occupation control when reaching upper limit value to SDN
Device reports upper limit alarm information, when access device is in gateway mode, if two layers of forwarding resource occupation are lower than lower limit value
To SDN controller report alarm release information.Wherein, upper limit value and lower limit value can be pre-configured with, and can also dynamically be adjusted.
In one implementation, upper limit value and lower limit value can be based on the current resources modes and resource of access device
Total amount determines, wherein total resources can refer to the total resources that the network equipment is configured for forwarding service, including MAC forwarding
The summation of the related resources such as table, Host routes table, VPN routing table.
In general, resources mode is preconfigured according to device role, such as core switching device, and access
The ability of its bearer traffic of equipment is different, thus SDN controller is when for equipment initial configuration resources mode, generally can basis
The role of equipment configures different resources modes for it.
Under each resources mode, the ratio of each resource occupation total resources is determining, and so knows that access is set
The current resources mode of standby total resources and access device, so that it may know that the lower two layers of forwarding resource of the resources mode accounts for
With the maximum value of total resources, and then calculate under the resources mode, two layers of corresponding upper limit value of forwarding resource and lower limit value.Tool
When body is realized, the method for salary distribution of the one mode as Current resource can be selected from multiple resources modes, such as the 5 of the signal of table 3
Kind mode:
Table 3
Wherein, table 3 is only the MAC forwarding table illustrated and Host routes table is one in the total resources of access device
Point, there are also other resource tables 3 not to illustrate one by one, because the ratio of each resource occupation total resources is true under every kind of resources mode
Fixed, so the upper limit value of triggering warning message and lower limit value are values related with resources mode in access device.Using this
In method provided by implementing, in access device under non-gateway mode and gateway mode, resources mode can flexibly change, because
And in specific implementation, the percentage dynamic that can first pass through two layers of forwarding resource of configuration in advance calculates under each resources mode
Upper limit value and lower limit value, without configuring the lower two layers of corresponding upper limit value of forwarding resource of each resources mode and lower limit one by one
Value simplifies realization process.Illustratively, SDN controller can first obtain upper limit percentage and lower percentiles, such as flat from cloud
Platform obtains the percentage of user configuration, perhaps obtains in the percentage of SDN controller local reception user configuration or from system
Preconfigured default percentage;According to access device current resources mode and total resources, calculates two layers of forwarding resource and account for
Maximum value, is 100K with total resources, and the ratio of the lower two layers of forwarding resource occupation total resources of Current resource mode is
30%, then the maximum value of two layers of forwarding resource occupation is 100K × 30%=30K;Then using this maximum value multiplied by the upper limit hundred
Divide ratio, obtains the upper limit values of two layers of forwarding resource occupation;Using maximum value multiplied by lower percentiles, obtains two layers of forwarding resource and account for
Lower limit value.
To simplify the description, it is illustrated for resources mode shown in the table 4:
Table 4
For example, if access device is currently distributed network gate, and resources mode is A, then upper limit value:10K*80%=
8K, lower limit value:10K*30%=3K.Wherein, 80% is upper limit percentage, and 30% is lower percentiles.Explanation:Under the scene,
If the usage amount (also referred to as occupancy) of MAC forwarding table can generate critical event, that is, send above-mentioned upper limit alarm more than 8K
Information will generate normal event lower than 3K, that is, send above-mentioned alarm release information.
It is understood that the upper limit value and lower limit value of two layers of forwarding resource occupation were also possible to directly to set.For example,
Access device model and resources mode can also be showed user by cloud platform by SDN controller, and user is set by cloud platform
Under fixed different resource mode, the upper limit value and lower limit value of two layers of forwarding resource occupation.SDN controller accounts for two layers of forwarding resource
Upper limit value and lower limit value are issued to access device.Access device receives SDN controller and issues above-mentioned upper limit value and lower limit
After value, persistently monitor whether two layers of forwarding resource meet alarm threshold according to upper limit value and lower limit value.
By taking two layers of forwarding resource are specially MAC forwarding table as an example, if constantly increased by the virtual machine that access device accesses
More, the content in the MAC forwarding table of access device will be increasing, and the memory space that MAC forwarding table occupies is gradually increased, can
It can reach upper limit value.If by access device access virtual machine reduce, MAC forwarding table occupy memory space if may
Lower limit value can be decreased below.When access device is in gateway mode, monitor whether two layers of forwarding resource reach upper limit value, such as
Fruit reaches upper limit value, to SDN controller report upper limit alarm information;When access device is in gateway mode, monitors two layers and turn
Whether hair resource is lower than lower limit value, if being lower than lower limit value, to SDN controller report alarm release information.
(2) if SDN controller receives upper limit alarm information, by three layers of forwarding of the virtual router on access device
Configuration information is transferred to borde gateway, so that access device is switched to non-gateway mode by gateway mode, takes over borde gateway
The corresponding gateway of the access device.
As a kind of implementation, three layers of forwarding configuration information of the virtual router on access device are transferred to boundary
Gateway may include:
(1) the corresponding virtual router of access device is checked in the configuration information pre-established, is pre-established at this
The associated other access devices of above-mentioned virtual router are searched in configuration information;Wherein, the configuration information pre-established can be
It establishes in networking stage, is had recorded in the configuration information:The mark of each access device, the virtual road configured for access device
By device, the corresponding virtual router of the virtual router corresponding VXLAN and the VXLAN and other routing forwarding information etc.;
Therefore the corresponding virtual flow-line of the access device can be found in the configuration information pre-established according to the mark of access device
Device.Because the corresponding access device of each virtual router might not be unique, by the configuration information pre-established
The middle corresponding other access devices of mark for searching the virtual router, other access devices are also configured with the virtual flow-line
Device.
(2) virtual router is sent to access device and the other access devices found and delete notice, so as to receive
The access device of deletion notice deletes three layers of forwarding configuration information of above-mentioned virtual router;(3) by above-mentioned virtual router
Three layers of forwarding configuration information be sent to borde gateway so that borde gateway configures above-mentioned three layers of forwarding configuration information, and send
Gratuitous ARP packet.
Wherein, which carries the gateway ip address of above-mentioned three layers of forwarding configuration information, also carries boundary
Gateway is the gateway MAC address of gateway ip address configuration, and the access device for receiving the gratuitous ARP packet will record this freely
The corresponding gateway MAC address of incoming interface and gateway ip address of ARP message, under being searched for the service message of subsequent inter-network forwarding
One jumps address.The specific detailed process for sending gratuitous ARP packet is referring to other the relevant technologies, and which is not described herein again.
Still be illustrated for EVPN networking structure shown in Fig. 1, vRouter can be understood as be router with
Distributed mode is virtually distributed in different VTEP equipment.In the description of the present embodiment, if vRouter1 is in a distributed manner
Mode be distributed configuration on VTEP1 and VTEP2, then be described as the vRouter1 and VTEP2 configured on VTEP1 in the present embodiment
The vRouter1 of upper configuration is not distinguish with different vRouter serial numbers.Wherein, the vRouter1 that is configured on VTEP1 and
The vRouter1 configured on VTEP2 can be used for forwarding the message under same VPN instance.
SDN controller receives the upper limit alarm information of access device transmission, determines that this sets according to the mark of access device
Standby is VTEP1, and it is corresponding there are two vRouter to search VTEP1 in the configuration information pre-established, respectively vRouter1 and
vRouter2.The associated other access devices of vRouter1 or vRouter2 are searched in above-mentioned configuration information.Such as VTEP2
It is configured with vRouter1, it is determined that there are also VTEP2 for the associated access device of VRouter1.If there are also also provided on VTEP4
VRouer2, then other associated access devices of VTEP1 further include VTEP2.VTEP1 is notified to delete vRouter1 and vRouter2
Configuration information, notice VTEP2 delete VRouter1 three layers of forwarding configuration information.By three layers of vRouter1 and vRouter2
Forwarding configuration information is sent to VTEP3 (namely borde gateway).VTEP3 receives three layers of above-mentioned vRouter1 and vRouter2
After forwarding configuration information, gateway is configured, and send gratuitous ARP packet.Later, VTEP1 is switched to non-gateway mould by gateway mode
Formula.
Meanwhile SDN controller can control and the access device of upper limit alarm information is reported to switch to new resources mode.Its
In, the ratio of the lower two layers of forwarding resource occupation of new resources mode is greater than the lower two layers of forwarding resource occupation of current resources mode
Ratio.For example, VTEP1 Current resource mode, if it is mode 3, the new resources mode after switching can be mode 0, mode 1
Or mode 2, switched by resources mode, the maximum value for the memory space that MAC forwarding table can occupy can be increased, guarantees virtual machine
Data can normally forward.It, can be according to new resource mould after SDN controller control access device switches to new resources mode
The maximum value of the lower two layers of forwarding resource occupation of formula, redefines the upper limit value and lower limit value of triggering warning message, by what is newly determined
Upper limit value and lower limit value are sent to above-mentioned access device, so that access device monitors two layers according to new upper limit value and lower limit value
Forward the occupancy situation of resource, it is determined whether send warning message to SDN controller.(3) if SDN controller receives alarm
Information is released, three layers of forwarding configuration information of the virtual router on access device are restored to EVPN to connect by EVPN borde gateway
Enter equipment, so that access device is gateway mode by non-gateway pattern switching, so that borde gateway is removed the access device corresponding
Gateway.
SDN controller receives the alarm release information of access device transmission, checks in the configuration information pre-established
The corresponding virtual router of the access device, and search the associated other access devices of the virtual router;Notify boundary net
Close three layers of forwarding configuration information for deleting the virtual router;It is sent to the access device and the other access devices found empty
Quasi- configuration of routers notice, so that three layers of forwarding that the access device for receiving the configuration notification configures above-mentioned virtual router are matched
Confidence breath, and send gratuitous ARP packet.
For example, SDN controller receives the alarm release information of VTEP1 transmission, the VXLAN net connected according to VTEP1
Network determines on VTEP1 configured with vRouter1 and vRouter2.Search the other EVPN for being configured with vRouter1 or vRouter2
Access device, it is assumed that find on VTEP2 configured with vRouter1.The new configuration information of vRouter1 and vRouter2 is sent
To VTEP1, the new configuration information of vRouter2 is sent into VTEP2, makes the new configuration of VTEP1 setting vRouter1 and vRouter2
Information makes the new configuration information of vTEP2 setting vRouter1.Reinform VTEP3 delete before save vRouter1 and
The configuration information of vRouter2, and notice VTEP2 delete the configuration information of previously stored vRouter1;Wherein, above-mentioned new
Configuration information and configuration information before are three layers of forwarding configuration information, the later vRouter1 of VTEP1 and vRouter2 pairs
After the interface answered powers on, by sending corresponding first gratuitous ARP packet of VRouter1 and vRouter2 corresponding second freely
ARP message.Similarly, after the corresponding interface of vRouter1 on VTEP2 powers on, the corresponding gratuitous ARP of vRouter1 can also be sent
Message.
By the above process, VTEP1 is when the practical resource that occupies of MAC forwarding table is bigger, such as MAC forwarding table is practical
When the resource of occupancy is greater than upper limit value, non-gateway mode is switched to by gateway mode, can ensure the forwarding of two layers of forwarding service
Performance reduces packet loss.VTEP1 is when the practical resource that occupies of MAC forwarding table is smaller, such as MAC forwarding table is practical occupies
Resource be lower than lower limit value when, by non-gateway pattern switching be gateway mode, can make reach VTEP1 three layer cross-network segment flows
It is forwarded by optimal path, reduces time delay of the three layer cross-network segment flows in repeating process.
Optionally, SDN controller receives the alarm release information of access device transmission, can control access device switching
To next resources mode, wherein the ratio of next lower two layers of forwarding resource occupation of resources mode is less than current resource mould
The ratio of the lower two layers of forwarding resource occupation of formula.
By the above method, when carrying out gateway handoff, carried out under relevant configuration based on the vRouter on warning device
Hair, it is assumed that have vRouter1 and vRouter2 on warning device VTEP A, there is 1 He of vRouter on normal device VTEP B
At this moment vRouter3 needs to switch the position of vRouter1 and vRouter2 corresponding gateway, the switching of gateway position
Process is the transfer process of three layers of forwarding configuration information of above-mentioned virtual router, and which is not described herein again, and on VTEP B
The corresponding gateway position vRouter3 remains stationary.
Assuming that the IP address of VM1 is:192.168.100.1 the gateway ip address of VM1 is exactly 192.168.100.254, right
The IP address of the internal interface 1 of the VLAN1 of the vRouter answered is 192.168.100.254/24.If being by this IP address
It is deployed on EVPN access device, which is properly termed as three layers of configuration of vRouter, if on the EVPN access device
IP address there are also the internal interface 2 of VLAN2 is:192.168.200.254/24 (and belong to VLAN internal interface 1 same
VPN, i.e., same vRouter), which connects VM2, and the IP address of VM2 is 192.168.200.1, then VM1 can be by certainly
The VM2 of VLAN2 is accessed in oneself gateway, that is, interface 1, cross-network segment.
If gateway ip address is deployed on borde gateway, above-mentioned access device cross-network segment flow can not be handled, can only
Two layers are walked by gateway MAC address and is forwarded to borde gateway, then three layers of forwarding are carried out by borde gateway.
With above embodiment correspondingly, Fig. 3 shows the flow chart of the method for another control gateway mode, the party
Method can be applied to the access device of EVPN, access device and SDN controller and borde gateway communicates to connect.This method includes such as
Lower step:
Step S302, access device detect the occupancy situation of two layers of forwarding resource.
After access device receives upper limit value and the lower limit value of two layers of forwarding resource occupation that SDN controller issues, continue
The occupancy situation for monitoring two layers of forwarding resource, specifically includes:When access device is in gateway mode, two layers of forwarding resource are monitored
Whether upper limit value is reached;When access device is in non-gateway mode, monitor whether two layers of forwarding resource are lower than lower limit value.
Step S304, access device forward the occupancy situation of resource to send alarm signal to SDN controller according to above-mentioned two layers
Breath.
Wherein, warning message includes upper limit alarm information and alarm release information.Upper limit alarm information is that access device exists
When in gateway mode, detect that the occupancy of this two layers forwarding resource reaches upper limit value transmission;Above-mentioned alarm release information is
Access device is sent when detecting the occupancy of two layers of forwarding resource lower than lower limit value when being in non-gateway mode.
Step S306, if the virtual router for receiving the transmission of SDN controller deletes notice, according to the virtual router
Delete three layers of forwarding configuration information that notice deletes corresponding virtual router.
If the warning message that access device is sent is upper limit alarm information, the subsequent SDN controller that will receive is issued
Virtual router delete notice, which may include the mark of virtual router, so that access device deletes the virtual road
By three layers of forwarding configuration information of device, so that access device is switched to non-gateway mode, three layers of forwarding of deletion by gateway mode
Configuration information may include the routing iinformation etc. in Host routes table.When access device receives the free of borde gateway transmission
ARP message carries out the update of routing iinformation according to gratuitous ARP packet.
When access device receives the control instruction of the switchable resource mode of SDN controller transmission, new money is switched to
Source module.Wherein, the ratio of the lower two layers of forwarding resource occupation of new resources mode is greater than under current resources mode described two layers
Forward the ratio of resource occupation.
Step S308 is configured if receiving the virtual router configuration notification of SDN controller transmission according to virtual router
Notice configures three layers of forwarding configuration information of corresponding virtual router, and sends gratuitous ARP packet.
If the warning message that access device is sent is alarm release information, subsequent to will receive what SDN controller issued
Three layers of forwarding configuration information of virtual router, and gratuitous ARP packet is sent, so that base on borde gateway and other access devices
Routing update is carried out in gratuitous ARP packet, and then makes the access device by non-gateway pattern switching gateway mode.
When access device receives the control instruction of the switchable resource mode of SDN controller transmission, switch to next
Resources mode.Wherein, the ratio of the lower two layers of forwarding resource occupation of next resources mode is less than current lower two layers of resources mode
Forward the ratio of resource occupation.
In order to be more convenient for understanding, below in conjunction with interaction figure shown in Fig. 4, by taking EVPN networking as an example, wherein access device tool
Body is known as EVPN access device, and borde gateway is particularly referred to as EVPN borde gateway, and the present invention will be described in detail, and embodiment is provided
Control gateway mode method the course of work.As shown in figure 4, the process includes:
Step S401, cloud platform issue configuration information, and detailed process can be:User creates cellular logic by cloud platform
The upper limit value or upper limit percentage, lower limit value or lower limit of two layers of forwarding resource occupation in resource allocation information and EVPN access device
The configuration informations such as percentage.Cloud platform, which is obtained, is issued to SDN controller for above-mentioned configuration information.
Cellular logic resource allocation information includes three layers of forwarding configuration information of virtual router, and confidence is matched in this three layers forwarding
Breath includes:VPN configuration information, VSI-IF and gateway ip address etc..Cellular logic resource allocation information further includes network (IP
The relative address etc. of the outer net equipment of core network docking) and subnet (configuration information of each subnet in IP core network,
Such as:Core equipment, edge device, server and virtual machine etc.);
Step S402, EVPN access device is online.
Step S403, SDN controller issues upper limit value and lower limit value.It specifically includes:SDN controller obtains online
The current resources mode and total resources of EVPN access device issues the upper of two layers of forwarding resource occupation to EVPN access device
Limit value and lower limit value.
Step S404, EVPN access device sends upper limit alarm information.
After EVPN access device receives upper limit value and the lower limit value of two layers of forwarding resource occupation that SDN controller issues,
Persistently detect the occupancy situation of two layers of forwarding resource.When EVPN access device is in gateway mode, two layers of forwarding resource are detected
Whether upper limit value is reached;If the occupancy of two layers of forwarding resource reaches upper limit value, EVPN access device is sent to SDN controller
Limit warning message.
Step S405, SDN controller and EVPN access device carry out first mode switching, and the mode handover procedure is as follows:
SDN controller receives the upper limit alarm information of EVPN access device transmission, and checking in the configuration information pre-established should
The corresponding virtual router of EVPN access device;Searched in the configuration information pre-established above-mentioned virtual router it is associated its
Its access device;Virtual router, which is sent, to EVPN access device and the other EVPN access devices found deletes notice, with
The EVPN access device for receiving deletion notice is set to delete three layers of forwarding configuration information of the virtual router;By above-mentioned void
Three layers of forwarding configuration information of quasi- router are sent to borde gateway, so that confidence is matched in the above-mentioned three layers of forwarding of borde gateway configuration
Breath, and send gratuitous ARP packet.
Step S406, EVPN access device sends alarm release information.
When EVPN access device is in gateway mode, detect whether two layers of forwarding resource are lower than lower limit value.If two layers
The occupancy of resource is forwarded to be lower than lower limit value, EVPN access device sends alarm release information to SDN controller.
Step S407, SDN controller and EVPN access device carry out second mode switching, and the mode handover procedure is as follows:
SDN controller receives the alarm release information of EVPN access device transmission, and checking in the configuration information pre-established should
EVPN access device corresponding virtual router under gateway mode;Above-mentioned virtual road is searched in the configuration information pre-established
By the associated other EVPN access devices of device;Notice EVPN borde gateway deletes three layers of forwarding of above-mentioned virtual router with confidence
Breath;Virtual router configuration notification is sent to the EVPN access device and the other EVPN access devices found, so as to receive
EVPN access device to configuration notification configures above-mentioned three layers of forwarding configuration information, and sends gratuitous ARP packet.At this point, should
EVPN access device is gateway mode by non-gateway pattern switching.
The method of control gateway mode provided by disclosure embodiment, SDN controller are set by monitoring EVPN access
Standby upper limit alarm information and alarm release information dynamically control the EVPN access device between gateway mode and non-gateway mode
Rationally switching, when two layers of forwarding resource occupation being made to reach upper limit value, EVPN access device is switched to non-gateway mould by gateway mode
Formula, when two layers of forwarding resource occupation are lower than lower limit value, EVPN access device is gateway mode by non-gateway pattern switching.Pass through this
The mode of kind switching at runtime gateway mode, can make EVPN access device under the scene of the virtual machine negligible amounts in EVPN
Gateway mode is maintained, forwards three layer cross-network segment flows by optimal path, reduces by three layer cross-network segment flows in repeating process
Time delay;And under a fairly large number of scene of virtual machine in EVPN, so that EVPN access device is maintained non-gateway mode, makes three
Layer cross-network segment flow is forwarded by EVPN borde gateway, and the repeating process of three layer cross-network segment flow of effective guarantee improves entirety
Data forwarding performance.
With above method embodiment correspondingly, the disclosure embodiment further provides it is a kind of control gateway mode dress
It sets, is applied to SDN controller, SDN controller and access device and borde gateway communicates to connect.As shown in figure 5, the device packet
It includes:
Warning message monitors module 51, and for monitoring the warning message of access device, warning message includes upper limit alarm letter
Breath and alarm release information, the upper limit alarm information are the access devices when in gateway mode, detect that two layers turn
Hair resource occupation reaches upper limit value transmission, and the lower limit warning message is the access device when in non-gateway mode,
Detect what two layers of forwarding resource occupation was sent lower than lower limit value;
Mode control module 52, if for receiving upper limit alarm information, by the corresponding virtual router of access device
Three layers of forwarding configuration information be transferred to borde gateway so that access device is switched to non-gateway mode by gateway mode;If
Receive alarm release information, by three layers of forwarding configuration information of the virtual router on access device by borde gateway restore to
Access device, so that access device is gateway mode by non-gateway pattern switching.
Wherein, mode control module 52 can be also used for:If receiving upper limit alarm information, control access device switching
To new resources mode, wherein the ratio of the lower two layers of forwarding resource occupation of new resources mode is greater than under current resources mode
The ratio of two layers of forwarding resource occupation;If receiving alarm release information, control access device switches to next resource mould
Formula, wherein the ratio of next lower two layers of forwarding resource occupation of resources mode is less than the lower two layers of forwarding money of current resources mode
The ratio that source occupies.
Mode control module 52 can be also used for:Check that the access device is corresponding in the configuration information pre-established
Virtual router;The associated other access devices of the virtual router are searched in the configuration information pre-established;To
The access device and the other access devices found send virtual router and delete notice, so as to receive described delete
Except the access device of notice deletes three layers of forwarding configuration information of the virtual router;Three layers of the virtual router are turned
Hair configuration information is sent to borde gateway, so that the borde gateway configures three layers of forwarding configuration information, and sends free
ARP message.And it is also used to check the access device corresponding void under gateway mode in the configuration information pre-established
Quasi- router;The associated other access devices of the virtual router are searched in the configuration information pre-established;Notice
The borde gateway deletes three layers of forwarding configuration information of the virtual router;To the access device and described in finding
Other access devices send virtual router configuration notification, so as to receive the access device configuration described three of the configuration notification
Layer forwarding configuration information, and send gratuitous ARP packet.
Optionally, as shown in fig. 6, above-mentioned apparatus can also include that warning message issues module 61, for being set according to access
Standby current resources mode and total resources, issue upper limit value and lower limit value to access device, so that access device is based on the upper limit
Value and lower limit value send warning message.
Warning message issues module 61 and can be also used for:Obtain upper limit percentage and lower percentiles;According to access device
Current resources mode and total resources calculates the maximum value of two layers of forwarding resource occupation;Using maximum value multiplied by upper limit percentage
Than obtaining the upper limit value of two layers of forwarding resource occupation;Using maximum value multiplied by lower percentiles, two layers of forwarding resource occupation are obtained
Lower limit value.
The disclosure is embodiment further provides a kind of SDN controller, including first processor and connect with first processor
First memory;First memory is stored with the machine-executable instruction that can be executed by first processor, first processor
Machine-executable instruction is executed to realize method shown in Fig. 2.
The disclosure is applied to access device, access is set embodiment further provides the device of another control gateway mode
It is standby to be communicated to connect with SDN controller and borde gateway, as shown in fig. 7, the device includes:
Resource occupation monitors module 71, for detecting the occupancy situation of two layers of forwarding resource;
Warning message sending module 72, for sending warning message to the SDN controller according to occupancy situation;Alarm
Information includes upper limit alarm information and alarm release information, wherein the upper limit alarm information is that the access device is being in
When gateway mode, detect that the occupancy of two layers of forwarding resource reaches upper limit value transmission, the alarm release information is institute
Access device is stated when in non-gateway mode, is sent when detecting the occupancy of two layers of forwarding resource lower than lower limit value;
Mode switch module 73, the virtual router for receiving the transmission of SDN controller deletes notice, according to described virtual
Router deletes three layers of forwarding configuration information that notice deletes corresponding virtual router;And receive what SDN controller was sent
Virtual router configuration notification is matched according to three layers of forwarding that the virtual router configuration notification configures corresponding virtual router
Confidence breath, and send gratuitous ARP packet.
Embodiment further provides a kind of access devices for the disclosure, connect including second processor and with second processor
Second memory;Second memory is stored with the machine-executable instruction that can be executed by second processor, and second processor is held
Row machine-executable instruction is to realize method shown in Fig. 3.
Embodiment further provides a kind of systems for controlling gateway mode for the disclosure, as shown in figure 8, the system includes SDN
Controller 20, the access device 30 being connect with SDN controller 20, borde gateway 40 and cloud platform 10 (optional).Wherein, SDN
It is provided with the device of Fig. 5 or shown in fig. 6 control gateway mode in controller, is provided with control shown in Fig. 7 in access device
The device of gateway mode.
Borde gateway is used for when the virtual router for receiving the transmission of SDN controller deletes notice, according to described virtual
Router deletes three layers of forwarding configuration information that notice deletes corresponding virtual router;Receiving the transmission of SDN controller
When virtual router configuration notification, three layers of forwarding of corresponding virtual router are configured according to the virtual router configuration notification
Configuration information, and send gratuitous ARP packet.
For the disclosure embodiment further provides a kind of machine readable storage medium, machine readable storage medium storage is organic
Device executable instruction, for the machine-executable instruction when being called and being executed by processor, machine-executable instruction promotes processor
The method for realizing any of the above-described kind of control gateway mode, specific implementation can be found in method implementation, and details are not described herein.
Method, system, SDN controller and the access device of control gateway mode provided by disclosure embodiment,
Realization principle and the technical effect of generation are identical with preceding method embodiment, and to briefly describe, device embodiments part is not
It refers to place, can refer to corresponding contents in preceding method embodiment.
In several embodiments provided by the disclosure, it should be understood that disclosed device and method can also lead to
Other modes are crossed to realize.Device embodiments described above are only schematical, for example, the flow chart in attached drawing and
Block diagram shows the system in the cards of the device of multiple embodiments according to the present invention, method and computer program product
Framework, function and operation.In this regard, each box in flowchart or block diagram can represent a module, program segment or generation
A part of code, a part of the module, section or code include one or more for realizing defined logic function
Executable instruction.It should also be noted that function marked in the box can also be in some implementations as replacement
Occur different from the sequence marked in attached drawing.For example, two continuous boxes can actually be basically executed in parallel, they
Sometimes it can also execute in the opposite order, this depends on the function involved.It is also noted that block diagram and or flow chart
In each box and the box in block diagram and or flow chart combination, can function or movement as defined in executing it is special
Hardware based system is realized, or can be realized using a combination of dedicated hardware and computer instructions.
Finally it should be noted that:Embodiment described above, the only specific embodiment of the disclosure, to illustrate this public affairs
The technical solution opened, rather than its limitations, the protection scope of the disclosure are not limited thereto, although referring to aforementioned embodiments pair
The disclosure is described in detail, those skilled in the art should understand that:Any technology for being familiar with the art
Personnel can still modify to technical solution documented by aforementioned embodiments in the technical scope that the disclosure discloses
Or variation or equivalent replacement of some of the technical features can be readily occurred in;And these modifications, variation or replacement,
The spirit and scope for disclosure embodiment technical solution that it does not separate the essence of the corresponding technical solution, should all cover in this public affairs
Within the protection scope opened.Therefore, the protection scope of the disclosure shall be subject to the protection scope of the claim.
Claims (10)
1. a kind of method for controlling gateway mode, which is characterized in that the method is applied to SDN controller, the method includes:
The warning message of access device is monitored, the warning message includes upper limit alarm information and alarm release information, wherein institute
Stating upper limit alarm information is the access device when in gateway mode, detects that two layers of forwarding resource occupation reach upper limit value
It sends, the lower limit warning message is the access device when in non-gateway mode, detects two layers of forwarding money
Source is occupied lower than lower limit value transmission;
If receiving the upper limit alarm information, confidence is matched into three layers of forwarding of the corresponding virtual router of the access device
Breath is transferred to borde gateway, so that the access device is switched to non-gateway mode by gateway mode;
If receiving the alarm release information, by three layers of forwarding configuration information of the virtual router by the boundary net
It closes and restores to the access device, so that the access device is gateway mode by non-gateway pattern switching.
2. the method according to claim 1, wherein the method also includes:
According to access device current resources mode and total resources, to the access device issue the upper limit value and it is described under
Limit value, so that the access device is based on the upper limit value and the lower limit value sends the warning message.
3. according to the method described in claim 2, it is characterized in that, the resources mode and resource current according to access device
Total amount, the step of issuing the upper limit value and the lower limit value to the access device, including:
Obtain upper limit percentage and lower percentiles;
According to access device current resources mode and total resources, the maximum value of two layers of forwarding resource occupation is calculated;
Using the maximum value multiplied by the upper limit percentage, the upper limit value of two layers of forwarding resource occupation is obtained;
Using the maximum value multiplied by the lower percentiles, the lower limit value of two layers of forwarding resource occupation is obtained.
4. according to the method described in claim 3, it is characterized in that, the method also includes:
If receiving the upper limit alarm information, control the access device and switch to new resources mode, wherein is described new
Resources mode under the ratio of two layers of forwarding resource occupation be greater than two layers of forwarding under the current resources mode and provide
The ratio that source occupies;
If receiving the alarm release information, controls the access device and switch to next resources mode, wherein is described
The ratio of two layers of forwarding resource occupation is less than under the current resources mode and turns for described two layers under next resources mode
Send out the ratio of resource occupation.
5. the method according to claim 1, wherein described by the corresponding virtual router of the access device
The step of three layers of forwarding configuration information are transferred to borde gateway, including:
The corresponding virtual router of the access device is checked in the configuration information pre-established;
The associated other access devices of the virtual router are searched in the configuration information pre-established;
It sends virtual router to the access device and the other access devices found and deletes notice, so as to receive
The access device for deleting notice deletes three layers of forwarding configuration information of the virtual router;
Three layers of forwarding configuration information of the virtual router are sent to borde gateway, so that described in borde gateway configuration
Three layers of forwarding configuration information, and send gratuitous ARP packet.
6. the method according to claim 1, wherein described match confidence for three layers of forwarding of the virtual router
The step of breath is restored by the borde gateway to the access device, including:
The access device corresponding virtual router under gateway mode is checked in the configuration information pre-established;
The associated other access devices of the virtual router are searched in the configuration information pre-established;
The borde gateway is notified to delete three layers of forwarding configuration information of the virtual router;
Virtual router configuration notification is sent to the access device and the other access devices found, so as to receive
The access device of the configuration notification configures three layers of forwarding configuration information, and sends gratuitous ARP packet.
7. a kind of method for controlling gateway mode, which is characterized in that the method is applied to access device, the method includes:
Detect the occupancy situation of two layers of forwarding resource;
Warning message is sent to SDN controller according to the occupancy situation;The warning message includes upper limit alarm information and report
It is alert to release information, wherein the upper limit alarm information is the access device when in gateway mode, detects described two layers
The occupancy of forwarding resource reaches upper limit value transmission, and the alarm release information is the access device in non-gateway mode
When, it is sent when detecting the occupancy of two layers of forwarding resource lower than lower limit value;
If the virtual router for receiving the transmission of SDN controller deletes notice, notice is deleted according to the virtual router and is deleted
Three layers of forwarding configuration information of corresponding virtual router;
If receiving the virtual router configuration notification of SDN controller transmission, configured according to the virtual router configuration notification
Three layers of forwarding configuration information of corresponding virtual router, and send gratuitous ARP packet.
8. a kind of SDN controller, which is characterized in that including first processor and the first storage being connect with the first processor
Device;The first memory is stored with the machine-executable instruction that can be executed by the first processor, first processing
Device executes the machine-executable instruction to realize method described in any one of claims 1 to 6.
9. a kind of access device, which is characterized in that including second processor and the second storage being connect with the second processor
Device;The second memory is stored with the machine-executable instruction that can be executed by the second processor, the second processing
Device executes the machine-executable instruction to realize method of claim 7.
10. a kind of system for controlling gateway mode, which is characterized in that wanted including SDN controller according to any one of claims 8, right
Access device described in asking 9 and borde gateway;
The borde gateway is used for when the virtual router for receiving the transmission of SDN controller deletes notice, according to described virtual
Router deletes three layers of forwarding configuration information that notice deletes corresponding virtual router;Receiving the transmission of SDN controller
When virtual router configuration notification, three layers of forwarding of corresponding virtual router are configured according to the virtual router configuration notification
Configuration information, and send gratuitous ARP packet.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201810713493.1A CN108881013B (en) | 2018-06-29 | 2018-06-29 | Method and system for controlling gateway mode, SDN controller and access device |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201810713493.1A CN108881013B (en) | 2018-06-29 | 2018-06-29 | Method and system for controlling gateway mode, SDN controller and access device |
Publications (2)
Publication Number | Publication Date |
---|---|
CN108881013A true CN108881013A (en) | 2018-11-23 |
CN108881013B CN108881013B (en) | 2021-05-07 |
Family
ID=64296736
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201810713493.1A Active CN108881013B (en) | 2018-06-29 | 2018-06-29 | Method and system for controlling gateway mode, SDN controller and access device |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN108881013B (en) |
Cited By (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN109729019A (en) * | 2018-12-28 | 2019-05-07 | 新华三技术有限公司 | The method for limiting speed and device of private line service in a kind of EVPN networking |
CN113676409A (en) * | 2021-08-16 | 2021-11-19 | 北京全路通信信号研究设计院集团有限公司 | Message forwarding method and device, electronic equipment and storage medium |
CN114268568A (en) * | 2021-12-22 | 2022-04-01 | 快云信息科技有限公司 | Network traffic monitoring method, device and equipment |
CN114466447A (en) * | 2021-12-15 | 2022-05-10 | 四川天邑康和通信股份有限公司 | Cloud management end management system based on WiFi6 router |
Citations (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN101702689A (en) * | 2009-11-30 | 2010-05-05 | 迈普通信技术股份有限公司 | Transmission control method with balanced multicast service data load and access device thereof |
CN102055647A (en) * | 2009-11-03 | 2011-05-11 | 中兴通讯股份有限公司 | Three-layer virtual private network (VPN) access method and system |
US8166187B2 (en) * | 2009-01-28 | 2012-04-24 | Cisco Technology, Inc. | Distributed IP gateway based on sharing a MAC address and IP address concurrently between a first network switching device and a second network switching device |
CN105099922A (en) * | 2015-06-18 | 2015-11-25 | 杭州华三通信技术有限公司 | Cross-VXLAN (Virtual eXtensible Local Area Network) data message forwarding method and device |
CN105612508A (en) * | 2013-10-11 | 2016-05-25 | 华为技术有限公司 | Systems and methods for signal brokering in distributed evolved packet core (epc) network architectures |
CN107846342A (en) * | 2016-09-20 | 2018-03-27 | 华为技术有限公司 | A kind of retransmission method, equipment and the system of VXLAN messages |
-
2018
- 2018-06-29 CN CN201810713493.1A patent/CN108881013B/en active Active
Patent Citations (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US8166187B2 (en) * | 2009-01-28 | 2012-04-24 | Cisco Technology, Inc. | Distributed IP gateway based on sharing a MAC address and IP address concurrently between a first network switching device and a second network switching device |
CN102055647A (en) * | 2009-11-03 | 2011-05-11 | 中兴通讯股份有限公司 | Three-layer virtual private network (VPN) access method and system |
CN101702689A (en) * | 2009-11-30 | 2010-05-05 | 迈普通信技术股份有限公司 | Transmission control method with balanced multicast service data load and access device thereof |
CN105612508A (en) * | 2013-10-11 | 2016-05-25 | 华为技术有限公司 | Systems and methods for signal brokering in distributed evolved packet core (epc) network architectures |
CN105099922A (en) * | 2015-06-18 | 2015-11-25 | 杭州华三通信技术有限公司 | Cross-VXLAN (Virtual eXtensible Local Area Network) data message forwarding method and device |
CN107846342A (en) * | 2016-09-20 | 2018-03-27 | 华为技术有限公司 | A kind of retransmission method, equipment and the system of VXLAN messages |
Cited By (7)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN109729019A (en) * | 2018-12-28 | 2019-05-07 | 新华三技术有限公司 | The method for limiting speed and device of private line service in a kind of EVPN networking |
CN113676409A (en) * | 2021-08-16 | 2021-11-19 | 北京全路通信信号研究设计院集团有限公司 | Message forwarding method and device, electronic equipment and storage medium |
CN113676409B (en) * | 2021-08-16 | 2023-04-18 | 北京全路通信信号研究设计院集团有限公司 | Message forwarding method and device, electronic equipment and storage medium |
CN114466447A (en) * | 2021-12-15 | 2022-05-10 | 四川天邑康和通信股份有限公司 | Cloud management end management system based on WiFi6 router |
CN114466447B (en) * | 2021-12-15 | 2023-08-11 | 四川天邑康和通信股份有限公司 | Cloud management end management system based on WiFi6 router |
CN114268568A (en) * | 2021-12-22 | 2022-04-01 | 快云信息科技有限公司 | Network traffic monitoring method, device and equipment |
CN114268568B (en) * | 2021-12-22 | 2023-08-25 | 快云信息科技有限公司 | Network traffic monitoring method, device and equipment |
Also Published As
Publication number | Publication date |
---|---|
CN108881013B (en) | 2021-05-07 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US10116559B2 (en) | Operations, administration and management (OAM) in overlay data center environments | |
US10182496B2 (en) | Spanning tree protocol optimization | |
US8300614B2 (en) | Preventing packet loops in unified networks | |
US11349687B2 (en) | Packet processing method, device, and system | |
US9912612B2 (en) | Extended ethernet fabric switches | |
CN106576117B (en) | Ultra-high speed mobile network based on layer 2 switching | |
EP2985959B1 (en) | Progressive mac address learning | |
EP3229421B1 (en) | Media access control address forwarding table transmission control method, apparatus, and system | |
JP5927352B2 (en) | IP multicast service retirement processing for MPLS-based virtual private cloud networking | |
CN108881013A (en) | Control method, system, SDN controller and the access device of gateway mode | |
US20140006585A1 (en) | Providing Mobility in Overlay Networks | |
US10263808B2 (en) | Deployment of virtual extensible local area network | |
US20170264496A1 (en) | Method and device for information processing | |
CN109660442B (en) | Method and device for multicast replication in Overlay network | |
KR20140054357A (en) | Implementing a 3g packet core in a cloud computer with openflow data and control planes | |
JP4279300B2 (en) | Network virtualization apparatus and network virtualization program | |
WO2018171529A1 (en) | Method, device and computer storage medium for implementing double control plane | |
US9392527B2 (en) | System and method for efficient L3 mobility in a wired/wireless network | |
CN104066207A (en) | 802.11 wireless access network based on virtualization technology | |
CN102447703B (en) | A kind of heat backup method and system, CGN equipment | |
CN111245700B (en) | Loop detection method and device | |
CN107911495A (en) | A kind of MAC Address synchronous method and VTEP | |
US11025536B1 (en) | Support for flooding in encapsulation and inter-VLAN communication via proxy-ARP | |
Gupta et al. | A road map for SDN-open flow networks | |
Elsadek et al. | SOAP: SDN overlay across providers for IoT cognition services |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
GR01 | Patent grant | ||
GR01 | Patent grant | ||
TR01 | Transfer of patent right | ||
TR01 | Transfer of patent right |
Effective date of registration: 20230616 Address after: 310052 11th Floor, 466 Changhe Road, Binjiang District, Hangzhou City, Zhejiang Province Patentee after: H3C INFORMATION TECHNOLOGY Co.,Ltd. Address before: 310052 Changhe Road, Binjiang District, Hangzhou, Zhejiang Province, No. 466 Patentee before: NEW H3C TECHNOLOGIES Co.,Ltd. |