CN108881013A - Control method, system, SDN controller and the access device of gateway mode - Google Patents

Control method, system, SDN controller and the access device of gateway mode Download PDF

Info

Publication number
CN108881013A
CN108881013A CN201810713493.1A CN201810713493A CN108881013A CN 108881013 A CN108881013 A CN 108881013A CN 201810713493 A CN201810713493 A CN 201810713493A CN 108881013 A CN108881013 A CN 108881013A
Authority
CN
China
Prior art keywords
access device
layers
gateway
forwarding
virtual router
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN201810713493.1A
Other languages
Chinese (zh)
Other versions
CN108881013B (en
Inventor
樊超
王海
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
New H3C Information Technologies Co Ltd
Original Assignee
New H3C Technologies Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by New H3C Technologies Co Ltd filed Critical New H3C Technologies Co Ltd
Priority to CN201810713493.1A priority Critical patent/CN108881013B/en
Publication of CN108881013A publication Critical patent/CN108881013A/en
Application granted granted Critical
Publication of CN108881013B publication Critical patent/CN108881013B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L45/00Routing or path finding of packets in data switching networks
    • H04L45/58Association of routers
    • H04L45/586Association of routers of virtual routers
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L12/00Data switching networks
    • H04L12/66Arrangements for connecting between networks having differing types of switching systems, e.g. gateways
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L41/00Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
    • H04L41/06Management of faults, events, alarms or notifications
    • H04L41/0631Management of faults, events, alarms or notifications using root cause analysis; using analysis of correlation between notifications, alarms or events based on decision criteria, e.g. hierarchy, tree or time analysis
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L41/00Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
    • H04L41/08Configuration management of networks or network elements
    • H04L41/0803Configuration setting
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L45/00Routing or path finding of packets in data switching networks
    • H04L45/38Flow based routing
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L45/00Routing or path finding of packets in data switching networks
    • H04L45/74Address processing for routing
    • H04L45/745Address table lookup; Address filtering

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)

Abstract

Present disclose provides a kind of method, system, SDN controller and access devices for controlling gateway mode, are related to Internet technical field.The upper limit alarm information and alarm release information that SDN controller passes through monitoring access device;If receiving upper limit alarm information, three layers of forwarding configuration information of the virtual router on access device are transferred to borde gateway, so that access device is switched to non-gateway mode by gateway mode;If receiving alarm release information, three layers of forwarding configuration information of the corresponding virtual router of access device are restored by borde gateway to access device, so that access device is gateway mode by non-gateway pattern switching.By above-mentioned technology, the effective guarantee repeating process of three layer cross-network segment flows improves whole data forwarding performance.

Description

Control method, system, SDN controller and the access device of gateway mode
Technical field
This disclosure relates to which Internet technical field, is controlled more particularly, to a kind of method for controlling gateway mode, system, SDN Device and access device processed.
Background technique
EVPN (Ethernet Virtual Private Network, Ethernet Virtual Private Network) is two layers a kind of VPN technologies, (MultiProtocol-Border Gateway Protocol, multi-protocols are compatible using MP-BGP for control plane Border Gateway Protocol) notice EVPN routing iinformation, data plane using VXLAN (Virtual eXtensible LAN, it is expansible Virtual Local Area Network) packaged type E-Packets.When the physical site of tenant is dispersed in different location, EVPN can be same The identical subnet of tenant provides two layers of interconnection;Simultaneously three layers can be provided mutually for the different sub-network of same tenant by EVPN gateway Connection, and three layers of interconnection with external network are provided for tenant.
EVPN networking structure is usually applied to data center, can use distributed network gate networking model.
In distributed network gate networking model, EVPN access device is worked under gateway mode, EVPN access device and EVPN borde gateway can forward three layer cross-network segment flows, and therefore, three layer cross-network segment flows can be forwarded by optimal path, simultaneously The flow forwarding pressure of EVPN borde gateway can be alleviated.But when EVPN access device works in gateway mode, gateway need to be increased Relevant configuration, such as VPN (Virtual Private Network, Virtual Private Network) configuration information, VSI-IF (Virtual Switch Interface, Virtual Switch Interface) and gateway ip address etc., the limited ACL of EVPN access device can be occupied (Access Control List, accesses control list) resource not can guarantee if virtual machine online in EVPN is more EVPN access device has enough resource forwarding table memory items, and then influences data forwarding performance.
Summary of the invention
In view of this, the disclosure be designed to provide it is a kind of control the method for gateway mode, system, SDN controller and Access device, can be according to the occupation condition of access device, and dynamic adjusts the operating mode of access device, to promote data Forwarding performance.
To achieve the goals above, the technical solutions adopted are as follows for the disclosure:
In a first aspect, the method is applied to SDN controller present disclose provides a kind of method for controlling gateway mode, The method includes:
The warning message of access device is monitored, the warning message includes upper limit alarm information and alarm release information, In, the upper limit alarm information is the access device when in gateway mode, detects that two layers of forwarding resource occupation reach What upper limit value was sent, the lower limit warning message is the access device when in non-gateway mode, detects described two layers Resource occupation is forwarded to send lower than lower limit value;
If receiving the upper limit alarm information, three layers of forwarding of the corresponding virtual router of the access device are matched Confidence breath is transferred to borde gateway, so that the access device is switched to non-gateway mode by gateway mode;
If receiving the alarm release information, by three layers of forwarding configuration information of the virtual router by the side Boundary's gateway restores to the access device, so that the access device is gateway mode by non-gateway pattern switching.
Second aspect, present disclose provides a kind of method for controlling gateway mode, the method is applied to access device, institute The method of stating includes:
Detect the occupancy situation of two layers of forwarding resource;
Warning message is sent to SDN controller according to the occupancy situation;The warning message includes upper limit alarm information And alarm release information, wherein the upper limit alarm information is the access device when in gateway mode, is detected described The occupancy of two layers of forwarding resource reaches upper limit value transmission, and the alarm release information is the access device in non-gateway When mode, sent when detecting the occupancy of two layers of forwarding resource lower than lower limit value;
If the virtual router for receiving the transmission of SDN controller deletes notice, is deleted and notified according to the virtual router Delete three layers of forwarding configuration information of corresponding virtual router;
If the virtual router configuration notification of SDN controller transmission is received, according to the virtual router configuration notification Three layers of forwarding configuration information of corresponding virtual router are configured, and send gratuitous ARP packet.
The third aspect present disclose provides a kind of SDN controller, including first processor and connects with the first processor The first memory connect;The first memory is stored with the machine-executable instruction that can be executed by the first processor, The first processor executes the machine-executable instruction to realize method described in first aspect.
Fourth aspect present disclose provides a kind of access device, including second processor and connects with the second processor The second memory connect;The second memory is stored with the machine-executable instruction that can be executed by the second processor, The second processor executes the machine-executable instruction to realize method described in second aspect.
5th aspect, present disclose provides a kind of systems for controlling gateway mode, control including SDN described in the third aspect Access device described in device, fourth aspect and borde gateway;
The borde gateway is used for when the virtual router for receiving the transmission of SDN controller deletes notice, according to described Virtual router deletes three layers of forwarding configuration information that notice deletes corresponding virtual router;Receiving SDN controller hair When the virtual router configuration notification sent, three layers of corresponding virtual router are configured according to the virtual router configuration notification Configuration information is forwarded, and sends gratuitous ARP packet.
Method, system, SDN controller and the access device of above-mentioned control gateway mode, SDN controller is by monitoring access The upper limit alarm information and alarm release information of equipment;Dynamic control access device is reasonable between gateway mode and non-gateway mode Switching shifts three layers of forwarding configuration information of the corresponding virtual router of access device if receiving upper limit alarm information To borde gateway, so that access device is switched to non-gateway mode by gateway mode;If receiving alarm release information, will connect Three layers of forwarding configuration information for entering the virtual router in equipment are restored by borde gateway to access device so that access device by Non-gateway pattern switching is gateway mode.By above-mentioned technology, the effective guarantee repeating process of three layer cross-network segment flows is promoted Whole data forwarding performance.
Other feature and advantage of the disclosure will illustrate in the following description, alternatively, Partial Feature and advantage can be with Deduce from specification or unambiguously determine, or by implement the disclosure above-mentioned technology it can be learnt that.
To enable the above objects, features and advantages of the present invention to be clearer and more comprehensible, better embodiment is cited below particularly, and match Appended attached drawing is closed, is described in detail below.
Detailed description of the invention
It, below will be to specific in order to illustrate more clearly of disclosure specific embodiment or technical solution in the prior art Embodiment or attached drawing needed to be used in the description of the prior art be briefly described, it should be apparent that, it is described below Attached drawing is some embodiments of the disclosure, for those of ordinary skill in the art, before not making the creative labor It puts, is also possible to obtain other drawings based on these drawings.
Fig. 1 is the application environment schematic diagram of the method for the control gateway mode that disclosure embodiment provides;
Fig. 2 is a kind of flow chart of the method for control gateway mode that disclosure embodiment provides;
Fig. 3 is the flow chart of the method for another control gateway mode that disclosure embodiment provides;
Fig. 4 is a kind of interaction figure of the method for control gateway mode that disclosure embodiment provides;
Fig. 5 is a kind of structural block diagram of the device for control gateway mode that disclosure embodiment provides;
Fig. 6 is the structural block diagram of the device for another control gateway mode that disclosure embodiment provides;
Fig. 7 is the structural block diagram of the device for another control gateway mode that disclosure embodiment provides;
Fig. 8 is a kind of structural block diagram of the system for control gateway mode that disclosure embodiment provides.
Specific embodiment
To keep the purposes, technical schemes and advantages of disclosure embodiment clearer, below in conjunction with attached drawing to this public affairs The technical solution opened is clearly and completely described, it is clear that and described embodiment is a part of embodiment of the disclosure, Rather than whole embodiment.Based on the embodiment in the disclosure, those of ordinary skill in the art are not making creation Property labour under the premise of every other embodiment obtained, belong to the disclosure protection range.
The method and apparatus for the control gateway mode that disclosure embodiment provides can be applied but be not limited to EVPN networking In structure, Fig. 1 shows a kind of EVPN networking structure schematic diagram, wherein VTEP (VXLAN Tunnel End Point, VXLAN Endpoint of a tunnel) be EVPN edge device.VTEP1 and VTEP2 in Fig. 1 are that EVPN access device (is referred to as Leaf to set It is standby), VTEP3 is EVPN borde gateway (being referred to as border equipment).Between each EVPN access device and EVPN connects Enter and is connected between equipment and EVPN borde gateway by the tunnel VXLAN.VTEP1 is connect with the first website S1 in Fig. 1, VTEP2 with Second website S2 connection.
The configuration information such as table 1 of the corresponding access device of S1 and S2 in present embodiment and the virtual machine in S1 and S2 It is shown:
Table 1
Wherein, VM1 and VM4 belongs to same subnet, and VTEP1 will connect three layer interfaces or ethernet server of site-local Example is associated with VSI, and the VXLAN created in the VSI of VTEP1 is to pass through belonging to the message that three layer interface receives VXLAN.Wherein, in the present embodiment, VXLAN10, VM2 are corresponded to three layer interfaces for receiving the message of VM1 transmission in VTEP1 Three layer interfaces that three layer interfaces of the message of transmission correspond to the message of VXLAN20, VM3 transmission are said for corresponding to VXLAN30 It is bright;Three layer interfaces that the message of VM4 transmission is received in VTEP2 correspond to three layer interfaces pair of the message that VXLAN10, VM5 are sent Three layer interfaces of the message for answering VXLAN20, VM6 to send are illustrated for corresponding to VXLAN30.
SDN (Software Defined Network, software defined network) is a kind of new network framework, and core is thought Think be separated network equipment control plane and forwarding plane, by SDN controller to network flow carry out collection neutralize flexibly control System, so that the innovation for core network and application provides good platform.VTEP (including EVPN access device in above-mentioned Fig. 1 With EVPN borde gateway) (this connection relationship of non-schematic diagram in Fig. 1) is communicated to connect with SDN controller, SDN controller conduct The virtual management platform of EVPN provides a user the network management deployment window of EVPN, which disposes window can be with It is realized by cloud platform.
SDN controller receives the network creation of user, subnet distribution, router creation, router administration by cloud platform Etc. the relevant configuration information of functions and/or operational order, SDN controller refer to further according to the configuration information and/or operation received The physical equipment or virtual unit in management EVPN are enabled, such as:SDN controller configures the VPN configuration information of EVPN access device, And three layers of offloading functions can also be configured on EVPN access device, i.e., virtual router is configured on EVPN access device, Realize three layers of forwarding of cross-network segment flow in EVPN.
EVPN networking structure shown in FIG. 1 can work under centralized gateway networking model, can also work and be distributed Under formula gateway networking model.
Under centralized gateway networking model, VTEP1 and VTEP2 work in non-gateway mode, are only used as Layer2 switching Machine uses, for forwarding two laminar flow amounts of the equipment room in identical subnet.And VTEP3 is used as centralized gateway, to match described in table 1 It is set to example, the corresponding configuration of VTEP3 is as shown in table 2:
Table 2
In networking stage, virtual router can be configured on VTEP3 according to the VXLAN configured in current networking (VRouter), the corresponding VSI interface of each VRouter and a VXLAN network, the IP address of VSI interface is as corresponding The gateway ip address of virtual machine in VXLAN network.And each VSI interface can be bound with a VPN instance.It is each as a result, A virtual router can the independent message forwarded under the VPN instance bound with it.Receive three layers of VTEP1 and VTEP2 Cross-network segment flow and the flow for being sent to external network are required to unload by VTEP3 and forward.
Below under centralized gateway networking model, VM1 illustrates two layers of repeating process, tool for sending message to VM4 Body is as follows:
(1) VM1 learns the MAC Address to VM4 by ARP message;
(2) VM1 sends datagram, and the source MAC of the message is the MAC1 of VM1, and target MAC (Media Access Control) address is VM4's MAC4。
(3) above-mentioned data message first reaches VTEP1, and VTEP1 is according to target MAC (Media Access Control) address in the mac address table of VSI-10 Matched list item is searched, VXLAN tunnel of the corresponding outgoing interface of the message between VTEP1 and VTEP2 is obtained.VTEP1 according to VXLAN agreement is packaged message, is then sent to the message after encapsulation by the corresponding tunnel VXLAN of above-mentioned outgoing interface VTEP2.Message after encapsulation carries VXLAN network identifier.
(4) VTEP2 receives the message after encapsulation, determines that the message belongs to according to the VXLAN network identifier in message VXLAN10 decapsulates the message received, and searches the corresponding mac address table of VXLAN10 in VTEP2, by looking into Message after decapsulation is sent to VM4 by the outgoing interface found.
Below under centralized gateway networking model, VM1 illustrates three layers of forwarding of cross-network segment for sending message to VM5 Process, it is specific as follows:
(1) VM1 determines that the message sent to VM5 is cross-network segment message according to the IP address of VM5, first passes through ARP message Practise the corresponding MAC Address of gateway ip address;
(2) VM1 sends datagram, and the source MAC of the message is the MAC1 of VM1, and target MAC (Media Access Control) address is for gateway IP The corresponding MAC Address in location;Source IP address is the IP address of VM1, and purpose IP address is the IP address of VM5.
(3) above-mentioned data message first reaches VTEP1, and VTEP1 is looked into the mac address table of VSI-10 according to purpose IP address Matched list item is looked for, VXLAN tunnel of the corresponding outgoing interface of the message between VTEP1 and VTEP3 is obtained.VTEP1 to message into VTEP3 is sent to after row encapsulation;
(4) after VTEP3 receives the message of encapsulation, message is decapsulated, Host routes are looked into according to purpose IP address Table determines VXLAN tunnel of the outgoing interface between VTEP3 and VTEP2, sends it to VTEP2 by the tunnel, should by VTEP2 Message is sent to VM5.
In distributed network gate networking model, VTEP1 and VTEP2 are worked under gateway mode, on VTEP1 and VTEP2 Can be based on VSI and VXLAN configuration virtual router (VRouter), concrete configuration is with above-mentioned VTEP3, and details are not described herein again.At this In networking model, if VM1 sends message to VM5, message is sent to VTEP1 by VM1, and VTEP1 judges VXLAN belonging to message Network is VXLAN20, and the corresponding outgoing interface of VXLAN20 is searched in the Host routes table in VTEP1, by outgoing interface by message It is sent to VTEP2, then is forwarded the packet by VTEP2 to VM5.
In view of under centralized networking model, three layer cross-network segment flows are required to be forwarded by borde gateway, cause The flow forwarding pressure of borde gateway is larger;And under distributed networking mode, if online virtual machine is more, occupies access and set Standby two layers of upper forwarding resource will be larger, may cause two layers of forwarding resource exhaustion of access device configuration, not can guarantee number According to forwarding performance.In order to more reasonably utilize Internet resources, data forwarding performance is improved, disclosure embodiment provides one The method of kind of control gateway mode, system, SDN controller and access device, can be according to the resource occupation feelings of access device Condition is rationally switched with dynamically controlling access device between gateway mode and non-gateway mode.
Fig. 2 shows a kind of flow chart of method for controlling gateway mode, this method is applied to SDN controller, including such as Lower step:
Step S202, SDN controller monitor access device warning message, the warning message include upper limit alarm information and Alarm release information, wherein the upper limit alarm information is the access device when in gateway mode, detects two layers of forwarding Resource occupation reaches upper limit value transmission;The lower limit warning message is the access device when in non-gateway mode, detection Resource occupation is forwarded to send lower than lower limit value to described two layers;
Wherein, two layers of forwarding resource may include the resource that the relevant information forwarded for realizing two layers occupies, such as MAC Forwarding table and/or VSI resource, the VSI resource may include the relevant informations such as VPN routing table.
Step S204, if SDN controller receives upper limit alarm information, by the corresponding virtual flow-line of above-mentioned access device Three layers of forwarding configuration information of device are transferred to borde gateway, so that the access device is switched to non-gateway mode by gateway mode.
Wherein, the corresponding virtual router of access device is often referred to the virtual flow-line that SDN controller is access device configuration Device, if for example, VXLAN belonging to virtual machine on access device 1 includes VXLAN1 and VXLAN2, on access device 1 in advance The corresponding vRouter2 of VXLAN1 corresponding vRouter1 and VXLAN2 can be configured.Three layers of forwarding of each virtual router configure Information may include:VPN configuration information, VSI-IF and gateway ip address etc..
Borde gateway is matched when receiving three layers of forwarding configuration information of above-mentioned virtual router of SDN controller transmission Three layers of forwarding configuration information of the virtual router are set, and send gratuitous ARP packet.The borde gateway is by configuring virtual flow-line Three layers of forwarding configuration information of device can be realized and configure the corresponding VPN configuration information of the virtual router, VSI-IF and gateway IP The information such as address, then by sending gratuitous ARP packet, enable each equipment in current networking according to the gratuitous ARP packet The gateway ip address currently corresponding gateway MAC address is obtained, and then when user equipment sends message to its corresponding gateway, So that being sent to the message of access device originally, it is sent to borde gateway, i.e. borde gateway has taken over the net originally on access device Close function.
Step S206, if SDN controller receives alarm release information, by the corresponding virtual flow-line of above-mentioned access device Three layers of forwarding configuration information of device are restored by borde gateway to access device, so that the access device is by non-gateway pattern switching Gateway mode.
SDN controller receives alarm release information, the mark for the access device that can be carried according to the alarm release information Knowledge finds the corresponding VXLAN of the access device, and then obtains the corresponding virtual router of the access device and the virtual road By three layers of forwarding configuration information of device.
Above-mentioned three layers of forwarding configuration information is restored by borde gateway to access device, specifically can be from SDN controller to side Boundary's gateway sends virtual router and deletes notice, which, which deletes notice, can carry virtual router mark, so that Borde gateway deletes notice according to the virtual router and deletes virtual router after receiving the virtual router and deleting notice Identify corresponding three layers of forwarding configuration information.It is set in addition, SDN controller can also identify corresponding access to the virtual router Preparation send virtual router configuration notification, and three layers of forwarding which can carry the virtual router are matched Confidence breath, receives three layers of forwarding configuration information in the access device configuration notification of the virtual router configuration notification, and send Gratuitous ARP packet.
By the above method, SDN controller can be in gateway mode in access device, and two layers of forwarding resource occupation reach The upper limit alarm information that access device reports is received when to upper limit value, is in non-gateway mode, and two layers of forwarding in access device Resource occupation receives alarm release information when being lower than lower limit value, and then when receiving upper limit alarm information, by above-mentioned access device On three layers of forwarding configuration information of virtual router be transferred to borde gateway;It, will be above-mentioned when receiving alarm release information Three layers of forwarding configuration information of the virtual router on access device are restored by borde gateway to access device.
It is this three layers forwarding configuration information processing mode, can access device two layers of forwarding resource it is practical occupancy compared with When big, access device is controlled by gateway mode and is switched to non-gateway mode, ensures the forwarding performance of two layers of forwarding service, reduction is lost Packet rate.When the practical occupancy of two layers of forwarding resource of access device is smaller, control access device is net by non-gateway pattern switching Pass mode forwards the three layer cross-network segment flows for reaching access device by optimal path, reduces by three layer cross-network segment flows and is forwarding Time delay in the process, and then improve the forwarding performance of data.
The above method is illustrated by taking the SDN controller applied to EVPN as an example.In EVPN networking structure, above-mentioned access is set Standby can be specifically Leaf equipment, and borde gateway can be specifically border equipment, SDN controller and access device and boundary net Close communication connection.In EVPN networking building process, SDN controller receives the cellular logic resource that user is created by cloud platform Configuration information, wherein cellular logic resource allocation information includes three layers of forwarding configuration information of virtual router, this three layers forwarding Configuration information includes:VPN configuration information, VSI-IF and gateway ip address etc.;Cellular logic resource allocation information further includes Network (relative address etc. of the outer net equipment of IP core network docking) and subnet (each equipment in IP core network Subnet configuration information, such as:Core equipment, edge device, server and subnet configuration information of virtual machine etc.);User The information such as software and hardware require information or the model of access device can also be added by cloud platform.
By taking SDN controller executes the above method as an example, the above method includes the following steps:
(1) SDN controller monitors the warning message of access device.Wherein, warning message includes upper limit alarm information and report It is alert to release information.
Wherein, when access device is in gateway mode, if two layers of forwarding resource occupation control when reaching upper limit value to SDN Device reports upper limit alarm information, when access device is in gateway mode, if two layers of forwarding resource occupation are lower than lower limit value To SDN controller report alarm release information.Wherein, upper limit value and lower limit value can be pre-configured with, and can also dynamically be adjusted.
In one implementation, upper limit value and lower limit value can be based on the current resources modes and resource of access device Total amount determines, wherein total resources can refer to the total resources that the network equipment is configured for forwarding service, including MAC forwarding The summation of the related resources such as table, Host routes table, VPN routing table.
In general, resources mode is preconfigured according to device role, such as core switching device, and access The ability of its bearer traffic of equipment is different, thus SDN controller is when for equipment initial configuration resources mode, generally can basis The role of equipment configures different resources modes for it.
Under each resources mode, the ratio of each resource occupation total resources is determining, and so knows that access is set The current resources mode of standby total resources and access device, so that it may know that the lower two layers of forwarding resource of the resources mode accounts for With the maximum value of total resources, and then calculate under the resources mode, two layers of corresponding upper limit value of forwarding resource and lower limit value.Tool When body is realized, the method for salary distribution of the one mode as Current resource can be selected from multiple resources modes, such as the 5 of the signal of table 3 Kind mode:
Table 3
Wherein, table 3 is only the MAC forwarding table illustrated and Host routes table is one in the total resources of access device Point, there are also other resource tables 3 not to illustrate one by one, because the ratio of each resource occupation total resources is true under every kind of resources mode Fixed, so the upper limit value of triggering warning message and lower limit value are values related with resources mode in access device.Using this In method provided by implementing, in access device under non-gateway mode and gateway mode, resources mode can flexibly change, because And in specific implementation, the percentage dynamic that can first pass through two layers of forwarding resource of configuration in advance calculates under each resources mode Upper limit value and lower limit value, without configuring the lower two layers of corresponding upper limit value of forwarding resource of each resources mode and lower limit one by one Value simplifies realization process.Illustratively, SDN controller can first obtain upper limit percentage and lower percentiles, such as flat from cloud Platform obtains the percentage of user configuration, perhaps obtains in the percentage of SDN controller local reception user configuration or from system Preconfigured default percentage;According to access device current resources mode and total resources, calculates two layers of forwarding resource and account for Maximum value, is 100K with total resources, and the ratio of the lower two layers of forwarding resource occupation total resources of Current resource mode is 30%, then the maximum value of two layers of forwarding resource occupation is 100K × 30%=30K;Then using this maximum value multiplied by the upper limit hundred Divide ratio, obtains the upper limit values of two layers of forwarding resource occupation;Using maximum value multiplied by lower percentiles, obtains two layers of forwarding resource and account for Lower limit value.
To simplify the description, it is illustrated for resources mode shown in the table 4:
Table 4
For example, if access device is currently distributed network gate, and resources mode is A, then upper limit value:10K*80%= 8K, lower limit value:10K*30%=3K.Wherein, 80% is upper limit percentage, and 30% is lower percentiles.Explanation:Under the scene, If the usage amount (also referred to as occupancy) of MAC forwarding table can generate critical event, that is, send above-mentioned upper limit alarm more than 8K Information will generate normal event lower than 3K, that is, send above-mentioned alarm release information.
It is understood that the upper limit value and lower limit value of two layers of forwarding resource occupation were also possible to directly to set.For example, Access device model and resources mode can also be showed user by cloud platform by SDN controller, and user is set by cloud platform Under fixed different resource mode, the upper limit value and lower limit value of two layers of forwarding resource occupation.SDN controller accounts for two layers of forwarding resource Upper limit value and lower limit value are issued to access device.Access device receives SDN controller and issues above-mentioned upper limit value and lower limit After value, persistently monitor whether two layers of forwarding resource meet alarm threshold according to upper limit value and lower limit value.
By taking two layers of forwarding resource are specially MAC forwarding table as an example, if constantly increased by the virtual machine that access device accesses More, the content in the MAC forwarding table of access device will be increasing, and the memory space that MAC forwarding table occupies is gradually increased, can It can reach upper limit value.If by access device access virtual machine reduce, MAC forwarding table occupy memory space if may Lower limit value can be decreased below.When access device is in gateway mode, monitor whether two layers of forwarding resource reach upper limit value, such as Fruit reaches upper limit value, to SDN controller report upper limit alarm information;When access device is in gateway mode, monitors two layers and turn Whether hair resource is lower than lower limit value, if being lower than lower limit value, to SDN controller report alarm release information.
(2) if SDN controller receives upper limit alarm information, by three layers of forwarding of the virtual router on access device Configuration information is transferred to borde gateway, so that access device is switched to non-gateway mode by gateway mode, takes over borde gateway The corresponding gateway of the access device.
As a kind of implementation, three layers of forwarding configuration information of the virtual router on access device are transferred to boundary Gateway may include:
(1) the corresponding virtual router of access device is checked in the configuration information pre-established, is pre-established at this The associated other access devices of above-mentioned virtual router are searched in configuration information;Wherein, the configuration information pre-established can be It establishes in networking stage, is had recorded in the configuration information:The mark of each access device, the virtual road configured for access device By device, the corresponding virtual router of the virtual router corresponding VXLAN and the VXLAN and other routing forwarding information etc.; Therefore the corresponding virtual flow-line of the access device can be found in the configuration information pre-established according to the mark of access device Device.Because the corresponding access device of each virtual router might not be unique, by the configuration information pre-established The middle corresponding other access devices of mark for searching the virtual router, other access devices are also configured with the virtual flow-line Device.
(2) virtual router is sent to access device and the other access devices found and delete notice, so as to receive The access device of deletion notice deletes three layers of forwarding configuration information of above-mentioned virtual router;(3) by above-mentioned virtual router Three layers of forwarding configuration information be sent to borde gateway so that borde gateway configures above-mentioned three layers of forwarding configuration information, and send Gratuitous ARP packet.
Wherein, which carries the gateway ip address of above-mentioned three layers of forwarding configuration information, also carries boundary Gateway is the gateway MAC address of gateway ip address configuration, and the access device for receiving the gratuitous ARP packet will record this freely The corresponding gateway MAC address of incoming interface and gateway ip address of ARP message, under being searched for the service message of subsequent inter-network forwarding One jumps address.The specific detailed process for sending gratuitous ARP packet is referring to other the relevant technologies, and which is not described herein again.
Still be illustrated for EVPN networking structure shown in Fig. 1, vRouter can be understood as be router with Distributed mode is virtually distributed in different VTEP equipment.In the description of the present embodiment, if vRouter1 is in a distributed manner Mode be distributed configuration on VTEP1 and VTEP2, then be described as the vRouter1 and VTEP2 configured on VTEP1 in the present embodiment The vRouter1 of upper configuration is not distinguish with different vRouter serial numbers.Wherein, the vRouter1 that is configured on VTEP1 and The vRouter1 configured on VTEP2 can be used for forwarding the message under same VPN instance.
SDN controller receives the upper limit alarm information of access device transmission, determines that this sets according to the mark of access device Standby is VTEP1, and it is corresponding there are two vRouter to search VTEP1 in the configuration information pre-established, respectively vRouter1 and vRouter2.The associated other access devices of vRouter1 or vRouter2 are searched in above-mentioned configuration information.Such as VTEP2 It is configured with vRouter1, it is determined that there are also VTEP2 for the associated access device of VRouter1.If there are also also provided on VTEP4 VRouer2, then other associated access devices of VTEP1 further include VTEP2.VTEP1 is notified to delete vRouter1 and vRouter2 Configuration information, notice VTEP2 delete VRouter1 three layers of forwarding configuration information.By three layers of vRouter1 and vRouter2 Forwarding configuration information is sent to VTEP3 (namely borde gateway).VTEP3 receives three layers of above-mentioned vRouter1 and vRouter2 After forwarding configuration information, gateway is configured, and send gratuitous ARP packet.Later, VTEP1 is switched to non-gateway mould by gateway mode Formula.
Meanwhile SDN controller can control and the access device of upper limit alarm information is reported to switch to new resources mode.Its In, the ratio of the lower two layers of forwarding resource occupation of new resources mode is greater than the lower two layers of forwarding resource occupation of current resources mode Ratio.For example, VTEP1 Current resource mode, if it is mode 3, the new resources mode after switching can be mode 0, mode 1 Or mode 2, switched by resources mode, the maximum value for the memory space that MAC forwarding table can occupy can be increased, guarantees virtual machine Data can normally forward.It, can be according to new resource mould after SDN controller control access device switches to new resources mode The maximum value of the lower two layers of forwarding resource occupation of formula, redefines the upper limit value and lower limit value of triggering warning message, by what is newly determined Upper limit value and lower limit value are sent to above-mentioned access device, so that access device monitors two layers according to new upper limit value and lower limit value Forward the occupancy situation of resource, it is determined whether send warning message to SDN controller.(3) if SDN controller receives alarm Information is released, three layers of forwarding configuration information of the virtual router on access device are restored to EVPN to connect by EVPN borde gateway Enter equipment, so that access device is gateway mode by non-gateway pattern switching, so that borde gateway is removed the access device corresponding Gateway.
SDN controller receives the alarm release information of access device transmission, checks in the configuration information pre-established The corresponding virtual router of the access device, and search the associated other access devices of the virtual router;Notify boundary net Close three layers of forwarding configuration information for deleting the virtual router;It is sent to the access device and the other access devices found empty Quasi- configuration of routers notice, so that three layers of forwarding that the access device for receiving the configuration notification configures above-mentioned virtual router are matched Confidence breath, and send gratuitous ARP packet.
For example, SDN controller receives the alarm release information of VTEP1 transmission, the VXLAN net connected according to VTEP1 Network determines on VTEP1 configured with vRouter1 and vRouter2.Search the other EVPN for being configured with vRouter1 or vRouter2 Access device, it is assumed that find on VTEP2 configured with vRouter1.The new configuration information of vRouter1 and vRouter2 is sent To VTEP1, the new configuration information of vRouter2 is sent into VTEP2, makes the new configuration of VTEP1 setting vRouter1 and vRouter2 Information makes the new configuration information of vTEP2 setting vRouter1.Reinform VTEP3 delete before save vRouter1 and The configuration information of vRouter2, and notice VTEP2 delete the configuration information of previously stored vRouter1;Wherein, above-mentioned new Configuration information and configuration information before are three layers of forwarding configuration information, the later vRouter1 of VTEP1 and vRouter2 pairs After the interface answered powers on, by sending corresponding first gratuitous ARP packet of VRouter1 and vRouter2 corresponding second freely ARP message.Similarly, after the corresponding interface of vRouter1 on VTEP2 powers on, the corresponding gratuitous ARP of vRouter1 can also be sent Message.
By the above process, VTEP1 is when the practical resource that occupies of MAC forwarding table is bigger, such as MAC forwarding table is practical When the resource of occupancy is greater than upper limit value, non-gateway mode is switched to by gateway mode, can ensure the forwarding of two layers of forwarding service Performance reduces packet loss.VTEP1 is when the practical resource that occupies of MAC forwarding table is smaller, such as MAC forwarding table is practical occupies Resource be lower than lower limit value when, by non-gateway pattern switching be gateway mode, can make reach VTEP1 three layer cross-network segment flows It is forwarded by optimal path, reduces time delay of the three layer cross-network segment flows in repeating process.
Optionally, SDN controller receives the alarm release information of access device transmission, can control access device switching To next resources mode, wherein the ratio of next lower two layers of forwarding resource occupation of resources mode is less than current resource mould The ratio of the lower two layers of forwarding resource occupation of formula.
By the above method, when carrying out gateway handoff, carried out under relevant configuration based on the vRouter on warning device Hair, it is assumed that have vRouter1 and vRouter2 on warning device VTEP A, there is 1 He of vRouter on normal device VTEP B At this moment vRouter3 needs to switch the position of vRouter1 and vRouter2 corresponding gateway, the switching of gateway position Process is the transfer process of three layers of forwarding configuration information of above-mentioned virtual router, and which is not described herein again, and on VTEP B The corresponding gateway position vRouter3 remains stationary.
Assuming that the IP address of VM1 is:192.168.100.1 the gateway ip address of VM1 is exactly 192.168.100.254, right The IP address of the internal interface 1 of the VLAN1 of the vRouter answered is 192.168.100.254/24.If being by this IP address It is deployed on EVPN access device, which is properly termed as three layers of configuration of vRouter, if on the EVPN access device IP address there are also the internal interface 2 of VLAN2 is:192.168.200.254/24 (and belong to VLAN internal interface 1 same VPN, i.e., same vRouter), which connects VM2, and the IP address of VM2 is 192.168.200.1, then VM1 can be by certainly The VM2 of VLAN2 is accessed in oneself gateway, that is, interface 1, cross-network segment.
If gateway ip address is deployed on borde gateway, above-mentioned access device cross-network segment flow can not be handled, can only Two layers are walked by gateway MAC address and is forwarded to borde gateway, then three layers of forwarding are carried out by borde gateway.
With above embodiment correspondingly, Fig. 3 shows the flow chart of the method for another control gateway mode, the party Method can be applied to the access device of EVPN, access device and SDN controller and borde gateway communicates to connect.This method includes such as Lower step:
Step S302, access device detect the occupancy situation of two layers of forwarding resource.
After access device receives upper limit value and the lower limit value of two layers of forwarding resource occupation that SDN controller issues, continue The occupancy situation for monitoring two layers of forwarding resource, specifically includes:When access device is in gateway mode, two layers of forwarding resource are monitored Whether upper limit value is reached;When access device is in non-gateway mode, monitor whether two layers of forwarding resource are lower than lower limit value.
Step S304, access device forward the occupancy situation of resource to send alarm signal to SDN controller according to above-mentioned two layers Breath.
Wherein, warning message includes upper limit alarm information and alarm release information.Upper limit alarm information is that access device exists When in gateway mode, detect that the occupancy of this two layers forwarding resource reaches upper limit value transmission;Above-mentioned alarm release information is Access device is sent when detecting the occupancy of two layers of forwarding resource lower than lower limit value when being in non-gateway mode.
Step S306, if the virtual router for receiving the transmission of SDN controller deletes notice, according to the virtual router Delete three layers of forwarding configuration information that notice deletes corresponding virtual router.
If the warning message that access device is sent is upper limit alarm information, the subsequent SDN controller that will receive is issued Virtual router delete notice, which may include the mark of virtual router, so that access device deletes the virtual road By three layers of forwarding configuration information of device, so that access device is switched to non-gateway mode, three layers of forwarding of deletion by gateway mode Configuration information may include the routing iinformation etc. in Host routes table.When access device receives the free of borde gateway transmission ARP message carries out the update of routing iinformation according to gratuitous ARP packet.
When access device receives the control instruction of the switchable resource mode of SDN controller transmission, new money is switched to Source module.Wherein, the ratio of the lower two layers of forwarding resource occupation of new resources mode is greater than under current resources mode described two layers Forward the ratio of resource occupation.
Step S308 is configured if receiving the virtual router configuration notification of SDN controller transmission according to virtual router Notice configures three layers of forwarding configuration information of corresponding virtual router, and sends gratuitous ARP packet.
If the warning message that access device is sent is alarm release information, subsequent to will receive what SDN controller issued Three layers of forwarding configuration information of virtual router, and gratuitous ARP packet is sent, so that base on borde gateway and other access devices Routing update is carried out in gratuitous ARP packet, and then makes the access device by non-gateway pattern switching gateway mode.
When access device receives the control instruction of the switchable resource mode of SDN controller transmission, switch to next Resources mode.Wherein, the ratio of the lower two layers of forwarding resource occupation of next resources mode is less than current lower two layers of resources mode Forward the ratio of resource occupation.
In order to be more convenient for understanding, below in conjunction with interaction figure shown in Fig. 4, by taking EVPN networking as an example, wherein access device tool Body is known as EVPN access device, and borde gateway is particularly referred to as EVPN borde gateway, and the present invention will be described in detail, and embodiment is provided Control gateway mode method the course of work.As shown in figure 4, the process includes:
Step S401, cloud platform issue configuration information, and detailed process can be:User creates cellular logic by cloud platform The upper limit value or upper limit percentage, lower limit value or lower limit of two layers of forwarding resource occupation in resource allocation information and EVPN access device The configuration informations such as percentage.Cloud platform, which is obtained, is issued to SDN controller for above-mentioned configuration information.
Cellular logic resource allocation information includes three layers of forwarding configuration information of virtual router, and confidence is matched in this three layers forwarding Breath includes:VPN configuration information, VSI-IF and gateway ip address etc..Cellular logic resource allocation information further includes network (IP The relative address etc. of the outer net equipment of core network docking) and subnet (configuration information of each subnet in IP core network, Such as:Core equipment, edge device, server and virtual machine etc.);
Step S402, EVPN access device is online.
Step S403, SDN controller issues upper limit value and lower limit value.It specifically includes:SDN controller obtains online The current resources mode and total resources of EVPN access device issues the upper of two layers of forwarding resource occupation to EVPN access device Limit value and lower limit value.
Step S404, EVPN access device sends upper limit alarm information.
After EVPN access device receives upper limit value and the lower limit value of two layers of forwarding resource occupation that SDN controller issues, Persistently detect the occupancy situation of two layers of forwarding resource.When EVPN access device is in gateway mode, two layers of forwarding resource are detected Whether upper limit value is reached;If the occupancy of two layers of forwarding resource reaches upper limit value, EVPN access device is sent to SDN controller Limit warning message.
Step S405, SDN controller and EVPN access device carry out first mode switching, and the mode handover procedure is as follows: SDN controller receives the upper limit alarm information of EVPN access device transmission, and checking in the configuration information pre-established should The corresponding virtual router of EVPN access device;Searched in the configuration information pre-established above-mentioned virtual router it is associated its Its access device;Virtual router, which is sent, to EVPN access device and the other EVPN access devices found deletes notice, with The EVPN access device for receiving deletion notice is set to delete three layers of forwarding configuration information of the virtual router;By above-mentioned void Three layers of forwarding configuration information of quasi- router are sent to borde gateway, so that confidence is matched in the above-mentioned three layers of forwarding of borde gateway configuration Breath, and send gratuitous ARP packet.
Step S406, EVPN access device sends alarm release information.
When EVPN access device is in gateway mode, detect whether two layers of forwarding resource are lower than lower limit value.If two layers The occupancy of resource is forwarded to be lower than lower limit value, EVPN access device sends alarm release information to SDN controller.
Step S407, SDN controller and EVPN access device carry out second mode switching, and the mode handover procedure is as follows: SDN controller receives the alarm release information of EVPN access device transmission, and checking in the configuration information pre-established should EVPN access device corresponding virtual router under gateway mode;Above-mentioned virtual road is searched in the configuration information pre-established By the associated other EVPN access devices of device;Notice EVPN borde gateway deletes three layers of forwarding of above-mentioned virtual router with confidence Breath;Virtual router configuration notification is sent to the EVPN access device and the other EVPN access devices found, so as to receive EVPN access device to configuration notification configures above-mentioned three layers of forwarding configuration information, and sends gratuitous ARP packet.At this point, should EVPN access device is gateway mode by non-gateway pattern switching.
The method of control gateway mode provided by disclosure embodiment, SDN controller are set by monitoring EVPN access Standby upper limit alarm information and alarm release information dynamically control the EVPN access device between gateway mode and non-gateway mode Rationally switching, when two layers of forwarding resource occupation being made to reach upper limit value, EVPN access device is switched to non-gateway mould by gateway mode Formula, when two layers of forwarding resource occupation are lower than lower limit value, EVPN access device is gateway mode by non-gateway pattern switching.Pass through this The mode of kind switching at runtime gateway mode, can make EVPN access device under the scene of the virtual machine negligible amounts in EVPN Gateway mode is maintained, forwards three layer cross-network segment flows by optimal path, reduces by three layer cross-network segment flows in repeating process Time delay;And under a fairly large number of scene of virtual machine in EVPN, so that EVPN access device is maintained non-gateway mode, makes three Layer cross-network segment flow is forwarded by EVPN borde gateway, and the repeating process of three layer cross-network segment flow of effective guarantee improves entirety Data forwarding performance.
With above method embodiment correspondingly, the disclosure embodiment further provides it is a kind of control gateway mode dress It sets, is applied to SDN controller, SDN controller and access device and borde gateway communicates to connect.As shown in figure 5, the device packet It includes:
Warning message monitors module 51, and for monitoring the warning message of access device, warning message includes upper limit alarm letter Breath and alarm release information, the upper limit alarm information are the access devices when in gateway mode, detect that two layers turn Hair resource occupation reaches upper limit value transmission, and the lower limit warning message is the access device when in non-gateway mode, Detect what two layers of forwarding resource occupation was sent lower than lower limit value;
Mode control module 52, if for receiving upper limit alarm information, by the corresponding virtual router of access device Three layers of forwarding configuration information be transferred to borde gateway so that access device is switched to non-gateway mode by gateway mode;If Receive alarm release information, by three layers of forwarding configuration information of the virtual router on access device by borde gateway restore to Access device, so that access device is gateway mode by non-gateway pattern switching.
Wherein, mode control module 52 can be also used for:If receiving upper limit alarm information, control access device switching To new resources mode, wherein the ratio of the lower two layers of forwarding resource occupation of new resources mode is greater than under current resources mode The ratio of two layers of forwarding resource occupation;If receiving alarm release information, control access device switches to next resource mould Formula, wherein the ratio of next lower two layers of forwarding resource occupation of resources mode is less than the lower two layers of forwarding money of current resources mode The ratio that source occupies.
Mode control module 52 can be also used for:Check that the access device is corresponding in the configuration information pre-established Virtual router;The associated other access devices of the virtual router are searched in the configuration information pre-established;To The access device and the other access devices found send virtual router and delete notice, so as to receive described delete Except the access device of notice deletes three layers of forwarding configuration information of the virtual router;Three layers of the virtual router are turned Hair configuration information is sent to borde gateway, so that the borde gateway configures three layers of forwarding configuration information, and sends free ARP message.And it is also used to check the access device corresponding void under gateway mode in the configuration information pre-established Quasi- router;The associated other access devices of the virtual router are searched in the configuration information pre-established;Notice The borde gateway deletes three layers of forwarding configuration information of the virtual router;To the access device and described in finding Other access devices send virtual router configuration notification, so as to receive the access device configuration described three of the configuration notification Layer forwarding configuration information, and send gratuitous ARP packet.
Optionally, as shown in fig. 6, above-mentioned apparatus can also include that warning message issues module 61, for being set according to access Standby current resources mode and total resources, issue upper limit value and lower limit value to access device, so that access device is based on the upper limit Value and lower limit value send warning message.
Warning message issues module 61 and can be also used for:Obtain upper limit percentage and lower percentiles;According to access device Current resources mode and total resources calculates the maximum value of two layers of forwarding resource occupation;Using maximum value multiplied by upper limit percentage Than obtaining the upper limit value of two layers of forwarding resource occupation;Using maximum value multiplied by lower percentiles, two layers of forwarding resource occupation are obtained Lower limit value.
The disclosure is embodiment further provides a kind of SDN controller, including first processor and connect with first processor First memory;First memory is stored with the machine-executable instruction that can be executed by first processor, first processor Machine-executable instruction is executed to realize method shown in Fig. 2.
The disclosure is applied to access device, access is set embodiment further provides the device of another control gateway mode It is standby to be communicated to connect with SDN controller and borde gateway, as shown in fig. 7, the device includes:
Resource occupation monitors module 71, for detecting the occupancy situation of two layers of forwarding resource;
Warning message sending module 72, for sending warning message to the SDN controller according to occupancy situation;Alarm Information includes upper limit alarm information and alarm release information, wherein the upper limit alarm information is that the access device is being in When gateway mode, detect that the occupancy of two layers of forwarding resource reaches upper limit value transmission, the alarm release information is institute Access device is stated when in non-gateway mode, is sent when detecting the occupancy of two layers of forwarding resource lower than lower limit value;
Mode switch module 73, the virtual router for receiving the transmission of SDN controller deletes notice, according to described virtual Router deletes three layers of forwarding configuration information that notice deletes corresponding virtual router;And receive what SDN controller was sent Virtual router configuration notification is matched according to three layers of forwarding that the virtual router configuration notification configures corresponding virtual router Confidence breath, and send gratuitous ARP packet.
Embodiment further provides a kind of access devices for the disclosure, connect including second processor and with second processor Second memory;Second memory is stored with the machine-executable instruction that can be executed by second processor, and second processor is held Row machine-executable instruction is to realize method shown in Fig. 3.
Embodiment further provides a kind of systems for controlling gateway mode for the disclosure, as shown in figure 8, the system includes SDN Controller 20, the access device 30 being connect with SDN controller 20, borde gateway 40 and cloud platform 10 (optional).Wherein, SDN It is provided with the device of Fig. 5 or shown in fig. 6 control gateway mode in controller, is provided with control shown in Fig. 7 in access device The device of gateway mode.
Borde gateway is used for when the virtual router for receiving the transmission of SDN controller deletes notice, according to described virtual Router deletes three layers of forwarding configuration information that notice deletes corresponding virtual router;Receiving the transmission of SDN controller When virtual router configuration notification, three layers of forwarding of corresponding virtual router are configured according to the virtual router configuration notification Configuration information, and send gratuitous ARP packet.
For the disclosure embodiment further provides a kind of machine readable storage medium, machine readable storage medium storage is organic Device executable instruction, for the machine-executable instruction when being called and being executed by processor, machine-executable instruction promotes processor The method for realizing any of the above-described kind of control gateway mode, specific implementation can be found in method implementation, and details are not described herein.
Method, system, SDN controller and the access device of control gateway mode provided by disclosure embodiment, Realization principle and the technical effect of generation are identical with preceding method embodiment, and to briefly describe, device embodiments part is not It refers to place, can refer to corresponding contents in preceding method embodiment.
In several embodiments provided by the disclosure, it should be understood that disclosed device and method can also lead to Other modes are crossed to realize.Device embodiments described above are only schematical, for example, the flow chart in attached drawing and Block diagram shows the system in the cards of the device of multiple embodiments according to the present invention, method and computer program product Framework, function and operation.In this regard, each box in flowchart or block diagram can represent a module, program segment or generation A part of code, a part of the module, section or code include one or more for realizing defined logic function Executable instruction.It should also be noted that function marked in the box can also be in some implementations as replacement Occur different from the sequence marked in attached drawing.For example, two continuous boxes can actually be basically executed in parallel, they Sometimes it can also execute in the opposite order, this depends on the function involved.It is also noted that block diagram and or flow chart In each box and the box in block diagram and or flow chart combination, can function or movement as defined in executing it is special Hardware based system is realized, or can be realized using a combination of dedicated hardware and computer instructions.
Finally it should be noted that:Embodiment described above, the only specific embodiment of the disclosure, to illustrate this public affairs The technical solution opened, rather than its limitations, the protection scope of the disclosure are not limited thereto, although referring to aforementioned embodiments pair The disclosure is described in detail, those skilled in the art should understand that:Any technology for being familiar with the art Personnel can still modify to technical solution documented by aforementioned embodiments in the technical scope that the disclosure discloses Or variation or equivalent replacement of some of the technical features can be readily occurred in;And these modifications, variation or replacement, The spirit and scope for disclosure embodiment technical solution that it does not separate the essence of the corresponding technical solution, should all cover in this public affairs Within the protection scope opened.Therefore, the protection scope of the disclosure shall be subject to the protection scope of the claim.

Claims (10)

1. a kind of method for controlling gateway mode, which is characterized in that the method is applied to SDN controller, the method includes:
The warning message of access device is monitored, the warning message includes upper limit alarm information and alarm release information, wherein institute Stating upper limit alarm information is the access device when in gateway mode, detects that two layers of forwarding resource occupation reach upper limit value It sends, the lower limit warning message is the access device when in non-gateway mode, detects two layers of forwarding money Source is occupied lower than lower limit value transmission;
If receiving the upper limit alarm information, confidence is matched into three layers of forwarding of the corresponding virtual router of the access device Breath is transferred to borde gateway, so that the access device is switched to non-gateway mode by gateway mode;
If receiving the alarm release information, by three layers of forwarding configuration information of the virtual router by the boundary net It closes and restores to the access device, so that the access device is gateway mode by non-gateway pattern switching.
2. the method according to claim 1, wherein the method also includes:
According to access device current resources mode and total resources, to the access device issue the upper limit value and it is described under Limit value, so that the access device is based on the upper limit value and the lower limit value sends the warning message.
3. according to the method described in claim 2, it is characterized in that, the resources mode and resource current according to access device Total amount, the step of issuing the upper limit value and the lower limit value to the access device, including:
Obtain upper limit percentage and lower percentiles;
According to access device current resources mode and total resources, the maximum value of two layers of forwarding resource occupation is calculated;
Using the maximum value multiplied by the upper limit percentage, the upper limit value of two layers of forwarding resource occupation is obtained;
Using the maximum value multiplied by the lower percentiles, the lower limit value of two layers of forwarding resource occupation is obtained.
4. according to the method described in claim 3, it is characterized in that, the method also includes:
If receiving the upper limit alarm information, control the access device and switch to new resources mode, wherein is described new Resources mode under the ratio of two layers of forwarding resource occupation be greater than two layers of forwarding under the current resources mode and provide The ratio that source occupies;
If receiving the alarm release information, controls the access device and switch to next resources mode, wherein is described The ratio of two layers of forwarding resource occupation is less than under the current resources mode and turns for described two layers under next resources mode Send out the ratio of resource occupation.
5. the method according to claim 1, wherein described by the corresponding virtual router of the access device The step of three layers of forwarding configuration information are transferred to borde gateway, including:
The corresponding virtual router of the access device is checked in the configuration information pre-established;
The associated other access devices of the virtual router are searched in the configuration information pre-established;
It sends virtual router to the access device and the other access devices found and deletes notice, so as to receive The access device for deleting notice deletes three layers of forwarding configuration information of the virtual router;
Three layers of forwarding configuration information of the virtual router are sent to borde gateway, so that described in borde gateway configuration Three layers of forwarding configuration information, and send gratuitous ARP packet.
6. the method according to claim 1, wherein described match confidence for three layers of forwarding of the virtual router The step of breath is restored by the borde gateway to the access device, including:
The access device corresponding virtual router under gateway mode is checked in the configuration information pre-established;
The associated other access devices of the virtual router are searched in the configuration information pre-established;
The borde gateway is notified to delete three layers of forwarding configuration information of the virtual router;
Virtual router configuration notification is sent to the access device and the other access devices found, so as to receive The access device of the configuration notification configures three layers of forwarding configuration information, and sends gratuitous ARP packet.
7. a kind of method for controlling gateway mode, which is characterized in that the method is applied to access device, the method includes:
Detect the occupancy situation of two layers of forwarding resource;
Warning message is sent to SDN controller according to the occupancy situation;The warning message includes upper limit alarm information and report It is alert to release information, wherein the upper limit alarm information is the access device when in gateway mode, detects described two layers The occupancy of forwarding resource reaches upper limit value transmission, and the alarm release information is the access device in non-gateway mode When, it is sent when detecting the occupancy of two layers of forwarding resource lower than lower limit value;
If the virtual router for receiving the transmission of SDN controller deletes notice, notice is deleted according to the virtual router and is deleted Three layers of forwarding configuration information of corresponding virtual router;
If receiving the virtual router configuration notification of SDN controller transmission, configured according to the virtual router configuration notification Three layers of forwarding configuration information of corresponding virtual router, and send gratuitous ARP packet.
8. a kind of SDN controller, which is characterized in that including first processor and the first storage being connect with the first processor Device;The first memory is stored with the machine-executable instruction that can be executed by the first processor, first processing Device executes the machine-executable instruction to realize method described in any one of claims 1 to 6.
9. a kind of access device, which is characterized in that including second processor and the second storage being connect with the second processor Device;The second memory is stored with the machine-executable instruction that can be executed by the second processor, the second processing Device executes the machine-executable instruction to realize method of claim 7.
10. a kind of system for controlling gateway mode, which is characterized in that wanted including SDN controller according to any one of claims 8, right Access device described in asking 9 and borde gateway;
The borde gateway is used for when the virtual router for receiving the transmission of SDN controller deletes notice, according to described virtual Router deletes three layers of forwarding configuration information that notice deletes corresponding virtual router;Receiving the transmission of SDN controller When virtual router configuration notification, three layers of forwarding of corresponding virtual router are configured according to the virtual router configuration notification Configuration information, and send gratuitous ARP packet.
CN201810713493.1A 2018-06-29 2018-06-29 Method and system for controlling gateway mode, SDN controller and access device Active CN108881013B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201810713493.1A CN108881013B (en) 2018-06-29 2018-06-29 Method and system for controlling gateway mode, SDN controller and access device

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201810713493.1A CN108881013B (en) 2018-06-29 2018-06-29 Method and system for controlling gateway mode, SDN controller and access device

Publications (2)

Publication Number Publication Date
CN108881013A true CN108881013A (en) 2018-11-23
CN108881013B CN108881013B (en) 2021-05-07

Family

ID=64296736

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201810713493.1A Active CN108881013B (en) 2018-06-29 2018-06-29 Method and system for controlling gateway mode, SDN controller and access device

Country Status (1)

Country Link
CN (1) CN108881013B (en)

Cited By (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN109729019A (en) * 2018-12-28 2019-05-07 新华三技术有限公司 The method for limiting speed and device of private line service in a kind of EVPN networking
CN113676409A (en) * 2021-08-16 2021-11-19 北京全路通信信号研究设计院集团有限公司 Message forwarding method and device, electronic equipment and storage medium
CN114268568A (en) * 2021-12-22 2022-04-01 快云信息科技有限公司 Network traffic monitoring method, device and equipment
CN114466447A (en) * 2021-12-15 2022-05-10 四川天邑康和通信股份有限公司 Cloud management end management system based on WiFi6 router

Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101702689A (en) * 2009-11-30 2010-05-05 迈普通信技术股份有限公司 Transmission control method with balanced multicast service data load and access device thereof
CN102055647A (en) * 2009-11-03 2011-05-11 中兴通讯股份有限公司 Three-layer virtual private network (VPN) access method and system
US8166187B2 (en) * 2009-01-28 2012-04-24 Cisco Technology, Inc. Distributed IP gateway based on sharing a MAC address and IP address concurrently between a first network switching device and a second network switching device
CN105099922A (en) * 2015-06-18 2015-11-25 杭州华三通信技术有限公司 Cross-VXLAN (Virtual eXtensible Local Area Network) data message forwarding method and device
CN105612508A (en) * 2013-10-11 2016-05-25 华为技术有限公司 Systems and methods for signal brokering in distributed evolved packet core (epc) network architectures
CN107846342A (en) * 2016-09-20 2018-03-27 华为技术有限公司 A kind of retransmission method, equipment and the system of VXLAN messages

Patent Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US8166187B2 (en) * 2009-01-28 2012-04-24 Cisco Technology, Inc. Distributed IP gateway based on sharing a MAC address and IP address concurrently between a first network switching device and a second network switching device
CN102055647A (en) * 2009-11-03 2011-05-11 中兴通讯股份有限公司 Three-layer virtual private network (VPN) access method and system
CN101702689A (en) * 2009-11-30 2010-05-05 迈普通信技术股份有限公司 Transmission control method with balanced multicast service data load and access device thereof
CN105612508A (en) * 2013-10-11 2016-05-25 华为技术有限公司 Systems and methods for signal brokering in distributed evolved packet core (epc) network architectures
CN105099922A (en) * 2015-06-18 2015-11-25 杭州华三通信技术有限公司 Cross-VXLAN (Virtual eXtensible Local Area Network) data message forwarding method and device
CN107846342A (en) * 2016-09-20 2018-03-27 华为技术有限公司 A kind of retransmission method, equipment and the system of VXLAN messages

Cited By (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN109729019A (en) * 2018-12-28 2019-05-07 新华三技术有限公司 The method for limiting speed and device of private line service in a kind of EVPN networking
CN113676409A (en) * 2021-08-16 2021-11-19 北京全路通信信号研究设计院集团有限公司 Message forwarding method and device, electronic equipment and storage medium
CN113676409B (en) * 2021-08-16 2023-04-18 北京全路通信信号研究设计院集团有限公司 Message forwarding method and device, electronic equipment and storage medium
CN114466447A (en) * 2021-12-15 2022-05-10 四川天邑康和通信股份有限公司 Cloud management end management system based on WiFi6 router
CN114466447B (en) * 2021-12-15 2023-08-11 四川天邑康和通信股份有限公司 Cloud management end management system based on WiFi6 router
CN114268568A (en) * 2021-12-22 2022-04-01 快云信息科技有限公司 Network traffic monitoring method, device and equipment
CN114268568B (en) * 2021-12-22 2023-08-25 快云信息科技有限公司 Network traffic monitoring method, device and equipment

Also Published As

Publication number Publication date
CN108881013B (en) 2021-05-07

Similar Documents

Publication Publication Date Title
US10116559B2 (en) Operations, administration and management (OAM) in overlay data center environments
US10182496B2 (en) Spanning tree protocol optimization
US8300614B2 (en) Preventing packet loops in unified networks
US11349687B2 (en) Packet processing method, device, and system
US9912612B2 (en) Extended ethernet fabric switches
CN106576117B (en) Ultra-high speed mobile network based on layer 2 switching
EP2985959B1 (en) Progressive mac address learning
EP3229421B1 (en) Media access control address forwarding table transmission control method, apparatus, and system
JP5927352B2 (en) IP multicast service retirement processing for MPLS-based virtual private cloud networking
CN108881013A (en) Control method, system, SDN controller and the access device of gateway mode
US20140006585A1 (en) Providing Mobility in Overlay Networks
US10263808B2 (en) Deployment of virtual extensible local area network
US20170264496A1 (en) Method and device for information processing
CN109660442B (en) Method and device for multicast replication in Overlay network
KR20140054357A (en) Implementing a 3g packet core in a cloud computer with openflow data and control planes
JP4279300B2 (en) Network virtualization apparatus and network virtualization program
WO2018171529A1 (en) Method, device and computer storage medium for implementing double control plane
US9392527B2 (en) System and method for efficient L3 mobility in a wired/wireless network
CN104066207A (en) 802.11 wireless access network based on virtualization technology
CN102447703B (en) A kind of heat backup method and system, CGN equipment
CN111245700B (en) Loop detection method and device
CN107911495A (en) A kind of MAC Address synchronous method and VTEP
US11025536B1 (en) Support for flooding in encapsulation and inter-VLAN communication via proxy-ARP
Gupta et al. A road map for SDN-open flow networks
Elsadek et al. SOAP: SDN overlay across providers for IoT cognition services

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant
TR01 Transfer of patent right
TR01 Transfer of patent right

Effective date of registration: 20230616

Address after: 310052 11th Floor, 466 Changhe Road, Binjiang District, Hangzhou City, Zhejiang Province

Patentee after: H3C INFORMATION TECHNOLOGY Co.,Ltd.

Address before: 310052 Changhe Road, Binjiang District, Hangzhou, Zhejiang Province, No. 466

Patentee before: NEW H3C TECHNOLOGIES Co.,Ltd.