CN109639557B - Method, device and system for network communication - Google Patents
Method, device and system for network communication Download PDFInfo
- Publication number
- CN109639557B CN109639557B CN201910109575.XA CN201910109575A CN109639557B CN 109639557 B CN109639557 B CN 109639557B CN 201910109575 A CN201910109575 A CN 201910109575A CN 109639557 B CN109639557 B CN 109639557B
- Authority
- CN
- China
- Prior art keywords
- private line
- gateway
- external
- vpn
- line gateway
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L12/00—Data switching networks
- H04L12/28—Data switching networks characterised by path configuration, e.g. LAN [Local Area Networks] or WAN [Wide Area Networks]
- H04L12/46—Interconnection of networks
- H04L12/4641—Virtual LANs, VLANs, e.g. virtual private networks [VPN]
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L12/00—Data switching networks
- H04L12/28—Data switching networks characterised by path configuration, e.g. LAN [Local Area Networks] or WAN [Wide Area Networks]
- H04L12/46—Interconnection of networks
- H04L12/4633—Interconnection of networks using encapsulation techniques, e.g. tunneling
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L45/00—Routing or path finding of packets in data switching networks
- H04L45/20—Hop count for routing purposes, e.g. TTL
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L45/00—Routing or path finding of packets in data switching networks
- H04L45/74—Address processing for routing
- H04L45/745—Address table lookup; Address filtering
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/10—Network architectures or network communication protocols for network security for controlling access to devices or network resources
- H04L63/101—Access control lists [ACL]
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/01—Protocols
- H04L67/133—Protocols for remote procedure calls [RPC]
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L69/00—Network arrangements, protocols or services independent of the application payload and not provided for in the other groups of this subclass
- H04L69/16—Implementation or adaptation of Internet protocol [IP], of transmission control protocol [TCP] or of user datagram protocol [UDP]
- H04L69/164—Adaptation or special uses of UDP protocol
Landscapes
- Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Security & Cryptography (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Data Exchanges In Wide-Area Networks (AREA)
Abstract
The embodiment of the disclosure discloses a method, a device and a system for network communication. One embodiment of the method comprises: receiving a VXLAN data message from a virtual private cloud router; analyzing the VXLAN data message in response to detecting that the outer-layer target IP address of the VXLAN data message is the IP address of the external private line gateway and the inner-layer target MAC address of the VXLAN data message is the MAC address of the external private line gateway; and sending the analyzed VXLAN data message to a gateway of a user network through a physical private line according to a routing forwarding table of an external private line gateway. The implementation mode improves the reliability and stability of the special line product.
Description
Technical Field
Embodiments of the present disclosure relate to the field of computer technologies, and in particular, to a method, an apparatus, and a system for network communication.
Background
The private line access provides a method for quickly and safely connecting a Virtual Private Cloud (VPC) with an Internet Data Center (IDC), a user can get through cloud resources in a local domain of an access point through one physical private line, and then cloud resources in all regions of the VPC can be realized through peer-to-peer connection, so that flexible and reliable mixed cloud deployment is realized.
The current private line channel only supports static route access, and when the network topology changes or faults occur, the static route cannot be corrected automatically and needs to be modified manually by a user. Static routing is suitable for a small single network, errors are prone to occur in the environment with many routing entries, manual configuration is needed by a user, errors or loops may occur, and therefore public cloud access efficiency is reduced, and network stability risks are increased.
Disclosure of Invention
Embodiments of the present disclosure propose methods and apparatuses for network communication.
In a first aspect, an embodiment of the present disclosure provides a method for network communication, which is applied to an external private line gateway, and includes: receiving a VXLAN data message from a virtual private cloud router; analyzing the VXLAN data message in response to detecting that the outer-layer target IP address of the VXLAN data message is the IP address of the external private line gateway and the inner-layer target MAC address of the VXLAN data message is the MAC address of the external private line gateway; and sending the analyzed VXLAN data message to a gateway of a user network through a physical private line according to a routing forwarding table of an external private line gateway.
In some embodiments, the method further comprises: receiving a data packet from a gateway of a user network; searching next hop information in a route forwarding table; packaging the data packet into a VXLAN data message according to the next hop information; and forwarding the encapsulated VXLAN data message to a virtual private cloud router.
In some embodiments, the method further comprises: acquiring first routing information of a gateway of a user network and second routing information of a VPN example; and sending the first routing information and the second routing information to a private line server.
In a second aspect, an embodiment of the present disclosure provides a method for network communication, applied to a virtual private cloud router, including: receiving a data packet from a virtual private cloud; performing message matching on the data packet to determine next hop information; packaging the data packet into a VXLAN data message according to the next hop information; and sending the VXLAN data message to an external private line gateway.
In some embodiments, the virtual private cloud router supports equivalent route forwarding; and performing packet matching on the data packet to determine next hop information, including: and if the number of the next hop information obtained by message matching of the data packet is more than 1, selecting one piece of next hop information through a Hash algorithm.
In a third aspect, an embodiment of the present disclosure provides a method for network communication, applied to a private line server, including: receiving first routing information of a gateway of a user network and second routing information of a VPN example, which are sent by an external private line gateway; and modifying a route forwarding table of the external private line gateway in response to detecting that the first route information and/or the second route information changes.
In some embodiments, the method further comprises: and carrying out health detection on the physical special line through an external special line gateway.
In a fourth aspect, an embodiment of the present disclosure provides an apparatus for network communication, which is applied to an external private line gateway, and includes: a first receiving unit configured to receive a VXLAN data message from a virtual private cloud router; the analysis unit is configured to respond to the fact that the target IP address of the outer layer of the VXLAN data message is the IP address of the external private line gateway and the target MAC address of the inner layer of the VXLAN data message is the MAC address of the external private line gateway, and analyze the VXLAN data message; and the first sending unit is configured to send the analyzed VXLAN data message to a gateway of the user network through a physical private line according to a routing forwarding table of an external private line gateway.
In some embodiments, the apparatus further comprises: a second receiving unit configured to receive a data packet from a gateway of a user network; the query unit is configured to search next hop information in the route forwarding table; the first encapsulating unit is configured to encapsulate the data packet into a VXLAN data message according to the next hop information; and the second sending unit is configured to forward the encapsulated VXLAN data message to the VPN cloud router.
In some embodiments, the apparatus further comprises: a third receiving unit configured to acquire first routing information of a gateway of a user network and second routing information of a VPN instance; and a third transmitting unit configured to transmit the first routing information and the second routing information to the private line server.
In a fifth aspect, an embodiment of the present disclosure provides an apparatus for network communication, applied to a virtual private cloud router, including: a fourth receiving unit configured to receive a data packet from the virtual private cloud; a matching unit configured to perform packet matching on the data packet to determine next hop information; the second encapsulating unit is configured to encapsulate the data packet into a VXLAN data message according to the next hop information; and the fourth sending unit is configured to send the VXLAN data message to the external private line gateway.
In some embodiments, the virtual private cloud router supports equivalent route forwarding; and the matching unit is further configured to: and if the number of the next hop information obtained by message matching of the data packet is more than 1, selecting one piece of next hop information through a Hash algorithm.
In a sixth aspect, an embodiment of the present disclosure provides an apparatus for network communication, applied to a private line server, including: a fifth receiving unit, configured to receive the first routing information of the gateway of the user network and the second routing information of the VPN instance sent by the external private line gateway; and the route detection unit is configured to respond to the detection that the first route information and/or the second route information are changed, and modify a route forwarding table of the external private line gateway.
In some embodiments, the apparatus further comprises a health route detection unit configured to: and carrying out health detection on the physical special line through an external special line gateway.
In a seventh aspect, an embodiment of the present disclosure provides a system for network communication, including: the external private line gateway is configured to receive VXLAN data messages from the virtual private cloud router, respond to the fact that the target IP address of the outer layer of each VXLAN data message is the IP address of the external private line gateway and the target MAC address of the inner layer of each VXLAN data message is the MAC address of the external private line gateway, analyze the VXLAN data messages and send the analyzed VXLAN data messages to a gateway of a user network through a physical private line according to a routing forwarding table of the external private line gateway; the virtual private cloud router is configured to receive a data packet from the virtual private cloud, perform message matching on the data packet to determine next hop information, package the data packet into a VXLAN data message according to the next hop information, and send the VXLAN data message to an external private line gateway; a gateway of the user network configured to communicate data with an external private line gateway through a physical private line.
In some embodiments, the system further comprises: and the private line server is configured to receive first routing information of a gateway of the user network and second routing information of the VPN instance, which are sent by an external private line gateway, and modify a routing forwarding table of the external private line gateway in response to detecting that the first routing information and/or the second routing information are/is changed.
In an eighth aspect, an embodiment of the present disclosure provides an electronic device, including: one or more processors; a storage device having one or more programs stored thereon which, when executed by one or more processors, cause the one or more processors to implement a method as in any one of the first aspects.
In a ninth aspect, embodiments of the disclosure provide a computer readable medium having a computer program stored thereon, wherein the program when executed by a processor implements the method as in any one of the first aspect.
According to the method, the device and the system for network communication provided by the embodiment of the disclosure, at least one special line is erected between a VPC and an IDC, so that the load balancing and active/standby modes are supported, the functions of switching and the like are supported in the active/standby mode, the development of a user from a single center to multiple centers is supported, and the influence of a single-point network fault on a service is avoided.
Drawings
Other features, objects and advantages of the disclosure will become more apparent upon reading of the following detailed description of non-limiting embodiments thereof, made with reference to the accompanying drawings in which:
FIG. 1 is an exemplary system architecture diagram in which one embodiment of the present disclosure may be applied;
FIG. 2 is a flow diagram for one embodiment of a method for network communication, according to the present disclosure;
FIG. 3 is yet another exemplary system architecture diagram to which an embodiment of the present disclosure may be applied;
FIG. 4 is a flow diagram of message matching equal cost routing according to one embodiment of a method for network communication of the present disclosure;
FIG. 5 is a flow diagram of a private line health check according to one embodiment of a method for network communication of the present disclosure;
FIG. 6 is a schematic block diagram illustrating one embodiment of an apparatus for network communications according to the present disclosure;
FIG. 7 is a schematic block diagram of yet another embodiment of an apparatus for network communication according to the present disclosure;
fig. 8 is a schematic block diagram of another embodiment of an apparatus for network communication according to the present disclosure;
FIG. 9 is a schematic block diagram of a computer system suitable for use with an electronic device to implement embodiments of the present disclosure.
Detailed Description
The present disclosure is described in further detail below with reference to the accompanying drawings and examples. It is to be understood that the specific embodiments described herein are merely illustrative of the relevant invention and not restrictive of the invention. It should be noted that, for convenience of description, only the portions related to the related invention are shown in the drawings.
It should be noted that, in the present disclosure, the embodiments and features of the embodiments may be combined with each other without conflict. The present disclosure will be described in detail below with reference to the accompanying drawings in conjunction with embodiments.
Fig. 1 illustrates an exemplary system architecture 100 to which embodiments of the disclosed method for network communication or apparatus for network communication may be applied.
As shown in fig. 1, system architecture 100 may include a virtual private cloud router (BVR)101, an external private gateway (EVR)102, a Gateway (GW)103 of a user network. Wherein, there is at least one private line gateway (qz)104 on the BVR, and each qz corresponds to a path. VNI (Virtual Private Network, VPN) and VRF (Virtual routing forwarding) on EVR are in one-to-one correspondence. The BVR-qz interface corresponds to the BDIF (broadcast domain interface) interface on the EVR one by one, and the VNIs are the same. BDIF and VLAN interfaces (VLAN1, VLAN2) are in one-to-one correspondence, and belong to the same VRF.
For the flow out of the VPC, qz goes overlay and is sent to a VXLAN gateway, the VXLAN gateway finds that the destination ID of an outer layer packet is the vtep ip, an inner layer destination MAC is the MAC of BDIF, the VXLAN message is analyzed and forwarded through a VRF routing table, and the VXLAN message is sent out from the corresponding VLAN interface (if the VLAN interface supports LAG, the VXLAN message needs to be sent out through one-time hash operation).
For the flow entering the VPC, the VLAN interface is forwarded to the corresponding qz interface by searching a routing table in the VRF and packaging a VXLAN message by a VXLAN gateway at the next hop.
Taking fig. 1 as an example, a user has two physical private lines respectively connected to two EVRs at the cloud, two VLAN interfaces and BDIFs are created on the EVR1 and respectively belong to two different VRFs, two VLAN interfaces and BDIFs are created on the EVR2 and respectively belong to two different VRFs, 4 BDIFs on the EVR1 and the EVR2 and 4 qz (not necessarily the same VPC, where the equivalent routes discussed herein are all the same VPC) on the BVR to establish a VXLAN tunnel.
Isolation requirements for EVR: traffic from different qz cannot be forwarded to each other. Traffic from different VLAN interfaces cannot be forwarded to each other. The traffic between BDIF and VLAN interface can only be forwarded in the VRF.
It should be understood that the number of virtual private cloud routers (BVRs), external private gateways (EVRs), Gateways (GWs) of the user networks in fig. 1 are merely illustrative. There may be any number of virtual private cloud routers, outside private gateways (EVRs), Gateways (GWs) for user networks, as desired for an implementation.
With continued reference to fig. 2, a flow 200 of one embodiment of a method for network communication in accordance with the present disclosure is shown. The method for network communication comprises the following steps:
in step 201, the virtual private cloud router obtains a data packet from the VPC.
In this embodiment, an executing agent of the method for network communication (e.g., a virtual private cloud router (BVR) shown in fig. 1) may obtain a packet from the VPN-instance from the VPC through a wired connection manner or a wireless connection manner. VPN instance, also known as VRF (Virtual Routing and Forwarding) instance. Each VPN instance has a relatively independent routing table and LFIB (Label Forwarding Information Base). RD (Route distingguicher, Route identifier): the method is used for solving the routing of the VPN when different VRF spaces are overlapped. RT (route Target or VPN Target): the BGP extended community attribute is used to control the publishing of VPN routing information.
Step 202, the virtual private cloud router performs packet matching on the data packet to determine next hop information.
In this embodiment, the data plane supports equivalent routing forwarding, and the control plane supports addition and deletion of equivalent routing. The equivalent routing of BVRs is responsible for load balancing VPC to IDC traffic onto different dedicated lanes, as shown in fig. 1. And adjusting the data structure of the BVR routing table, adding a field of a table entry type, and indicating whether the common routing is the equivalent routing, wherein the common routing only has one next hop, and the equivalent routing has a plurality of next hops. At present, BVR sets all policy routing rules to the same ACL (Access Control List ) category, so that only one userdata (user data, e.g. index of routing table) can be obtained for each matching message.
If the equivalent routes are respectively built into different classes, a plurality of userdata can be returned each time the messages are matched. A single valid userdata indicates that there is only one next hop, and the forwarding is performed directly according to the next hop. Multiple valid userdata representations have multiple next hops. And if a plurality of next hops are obtained, adding a hash algorithm to select one next hop for forwarding the message.
As shown in fig. 4, assuming that there are 4 rules in the router table, where rule 2, rule 3, and rule 4 are equivalent routes, only node (node) of rule 1 and rule 4 (equivalent route has only one rule added to ACL ctx when there is build ACL) exists in ACL ctx of DPDK (intel data plane development kit). The matching process is as follows:
when receiving the message matched with the equivalent route, the node of rule 4 will be matched, and if the obtained user data (user data) is 5, rule 4 in the corresponding router table.
The ECMP (Equal-Cost Multipath) group index recorded in rule 4 is 1, which indicates that the rule is an Equal-Cost route, and the ECMP group index finds the corresponding ECMP group, thereby obtaining the number of valid members of the ECMP group.
Hash calculation is performed according to the quintuple of the packet and the number of the members to obtain a number between 0 and the number of the members, if the number is 0;
hash value 0 corresponds to member0 in ECMP group and member0 is 3, corresponding to rule 2 in router table;
finally, the packet is encapsulated according to the next hop and output interface in rule 2.
Step 203, the virtual private cloud router encapsulates the data packet into a VXLAN data message according to the next hop information.
In this embodiment, as shown in fig. 4, a packet is encapsulated according to a next hop (next hop) and an output interface (output interface) in rule 2.
And step 204, the virtual private cloud router sends the VXLAN data message to an external private line gateway.
In this embodiment, the virtual private cloud router sends the VXLAN data packet to the external private line gateway through the virtual private line. As shown in fig. 1, there are two EVRs, which EVR is to be taken is determined by the routing table of the BVR, and then the message is sent to the EVR.
Step 205, the external private line gateway resolves the VXLAN data message in response to detecting that the outer layer destination IP address of the VXLAN data message is the IP address of the external private line gateway and the inner layer destination MAC address of the VXLAN data message is the MAC address of the external private line gateway.
In this embodiment, the EVR determines whether the VXLAN data packet is processed by itself according to the content of the VXLAN data packet, and if the IP and MAC addresses are not the conditions of processing by itself, the VXLAN data packet is parsed and converted into a UDP data packet transmitted on a physical private line.
And step 206, the external private line gateway sends the analyzed VXLAN data message to a gateway of the user network through a physical private line according to a routing forwarding table of the external private line gateway.
In this embodiment, the physical dedicated line is a dedicated link providing various speeds for the client, and the link is directly connected to the IP backbone network, so as to implement a convenient and fast high-speed internet access service. In the embodiment of the invention, the physical special line refers to a special line for connecting a VPC network and an IDC network. And finding the corresponding gateway for forwarding the analyzed data packet according to the destination address.
Step 207, the external private line gateway receives the data packet from the gateway of the user network.
In this embodiment, the packet may be a UDP packet.
In step 208, the external private gateway searches for next hop information in the routing forwarding table.
In this embodiment, information of the VXLAN gateway of the next hop, for example, the number of the private line gateway qz, is recorded in the VRF.
And step 209, the external private line gateway encapsulates the data packet into a VXLAN data message according to the next hop information.
In this embodiment, the packet is encapsulated into a VXLAN data packet according to the information of the VXLAN gateway of the next hop.
And step 210, the external private line gateway forwards the encapsulated VXLAN data message to the virtual private cloud router.
In this embodiment, the EVR forwards the encapsulated VXLAN data packet to the BVR private line gateway qz.
In step 211, the external private line gateway obtains the first routing information of the gateway of the user network.
In this embodiment, EBGP is established between the external private gateway and the gateway of the user network. The user publishes the route of the IDC on the gateway of the user network, and the VPC can obtain the first route information of the gateway of the user network.
In step 212, the external private line gateway obtains second routing information of the VPN instance.
In the present embodiment, BGP (Border Gateway Protocol). After the private line supports BGP, when the network topology changes, the routing of the IDC can update VPC routing information, and the VPC routing can also be synchronized to a routing table of the IDC. When the nodes or the links between the nodes in the network have faults, the routes can be automatically found according to the routing protocol, the optimal available route is automatically selected, and the message is continuously forwarded.
Step 213, the external private line gateway sends the first routing information and the second routing information to the private line server.
In this embodiment, the private line server, as shown in fig. 3 at 304, may include that the private line server 304 includes a private line agent (agent), a private line manager (master), a Neutron server, and a database (db). agent and EVR establish IBGP (Internal Border Gateway Protocol), EVR and user Gateway establish EBGP (External Border Gateway Protocol, agent is responsible for reporting to master, and master calls neutron server to add and delete routes.
In step 214, the private line server modifies the route forwarding table of the external private line gateway in response to detecting that the first routing information and/or the second routing information changes.
Fig. 3 illustrates yet another exemplary system architecture 300 to which embodiments of the disclosed method for network communication or apparatus for network communication may be applied.
As shown in fig. 3, the system architecture 300 may include a virtual private cloud router (BVR)301, an external private gateway (EVR)302, a Gateway (GW)303 of a user network, and a private server 304. The private line server 304 includes a private line agent (agent), a private line manager (master), a Neutron server, and a database (db). The functions of the modules are described in detail as follows:
first, outside private line gateway (EVR) 302:
the method is responsible for establishing EBGP with the IDC of the tenants, realizing the isolation of different tenants and learning the routing information of the IDC. The BGP information of all vpn-instanc is passed through IBGP into bgpd (BGP daemon). BGP for vpn-instanc derives the present vpn-instanc static route.
Second, special line agent
The functions are as follows: the bgpd is deployed. And receiving the routing information of all the vpn-instance EBGPs on the EVR of the region. And performing Routing and Routing strategies, and calculating the RIB (Routing Information Base). Push its incremental RIB to the master.
The process comprises the following steps:
(1) start gobgpd (BGP daemon)
And configuring information of the EVRs in a configuration file, starting gobgp, and respectively establishing IBGP with the EVRs in the region.
Calling the api of the gobgp when the master is started, reading db to create all VRFs, and monitoring the change of the routing information.
(2) Binding special line channel of special line gateway
And judging whether the VRF exists or not, and if not, creating the VRF in the bgpd of the region.
And updating parameters, routing identifiers and VPN target values on the VPN-instance of the EVR private line channel.
And learning a routing table in the VRF, and calling the neutron server to add the route.
(3) Special line gateway unbinding special line channel
And deleting the route identifier and the VPN target value of the private line channel VPN-instance on the EVR.
All routes on the EBGP are deleted.
And deleting the corresponding VRF on the gobgpd when the last private line gateway in the VPC is unbound.
(III) special line manager
The functions are as follows:
the routing information is monitored by calling gobgp-api through grpc (developed by google, a language neutral, platform neutral, open source Remote Procedure Call (RPC) system). The master is divided into a main master and a standby master, and the data pushed by the bgpd are not processed. And the user is supported to publish and withdraw the route of the VPC side through the EBGP, and the prefix supports self-definition. The master supports an interface that calls the neutron server across regions.
Configuration of BFD is supported.
The process comprises the following steps:
(1) master and slave control
Through etcd (an open source, distributed key value pair data storage system, providing for registration and discovery of shared configurations, services).
(2) Adding and deleting BGP and BFD (Bidirectional Forwarding Detection). BFD is a universal, standardized, media independent and protocol independent fast failure detection mechanism for detecting the link connection status in IP network, ensuring fast detection of communication failure between devices, so as to take measures in time and ensure continuous operation of service.
(3) IDC side route update
And (4) receiving the routing update, and if the private line channel is not bound, adding or deleting the DB by the BGP routing information. If the special line channel is bound, the routing information adds or deletes the database, and the neutron server is called to add or delete the special line route.
Binding the private line gateway: and calling the neutron server to add all learned BGP special routes.
Unbinding the private line gateway: when qz-id is deleted, neutron deletes all routes.
(4) EVR VPN instance EBGP Peer enablement
The private line gateway status is updated as unavailable.
The state of the gateway of the private line of the updated neutron is available, and other static routes are available.
(5) EVRVPN instance EBGP Peer deactivation
And calling the neutron server to delete all BGP special routes and deleting the corresponding BGP special routes in the database. The private line gateway status is updated as unavailable. The state of the gateway special for updating the neutron is unavailable, and other static routes are unavailable.
(6) VPC side routing
And the user self-defines a network segment, adds and deletes the cloud network, calls the system private line service to add/delete the corresponding VPN instance static route, and the EBGP distributes the VPN instance static route to the EBGP peer.
The system also has a health check function, as shown in fig. 5, and the modules are explained as follows:
1. the private line client calls an interface of a private line manager in an RPC or HTTP mode to realize create, list, get, delete and update health check instances.
2. The health check manager receives the request, and designs the interaction of the EVR and the Neutron server:
and calling a neutron server interface to create and delete a port, inquiring the VNI of the VPC to which the private line gateway belongs, and inquiring the IP and MAC of qr of the detection IP. The EVR interface is invoked to configure the EVR.
3. And the private line agent reads the database at regular time and calculates which health check instances start to send the detection messages.
4. And the packet sending module constructs a VXLAN packet according to the configuration of the health check example and sends the packet. And simultaneously issues a delay message to an NSQ (real-time distributed messaging platform) lookup (process of managing topology information and providing a finally consistent discovery service).
5. And the packet receiving module monitors a UDP 4789 port, decapsulates VXLAN, and issues a message to a lookup (a process for managing topology information and providing final consistent discovery service) of an NSQ (real-time distributed message delivery platform) according to the message information.
6. The health check manager subscribes to the NSQ message, judges the state of the link after receiving the message, and then updates the state of the link to the routing output state of the neutron.
With further reference to fig. 6, as an implementation of the methods shown in the above-mentioned figures, the present disclosure provides an embodiment of an apparatus for network communication, where the embodiment of the apparatus corresponds to the embodiment of the method shown in fig. 2, and the apparatus is applied to an external private line gateway, and the apparatus may be applied to various electronic devices in particular.
As shown in fig. 6, the apparatus 600 for network communication of the present embodiment includes: a first receiving unit 601, a parsing unit 602, and a first transmitting unit 603. The first receiving unit 601 is configured to receive a VXLAN data packet from a virtual private cloud router. Parsing unit 602 is configured to parse the VXLAN data message in response to detecting that the destination IP address of the outer layer of the VXLAN data message is the IP address of the external private line gateway and the destination MAC address of the inner layer of the VXLAN data message is the MAC address of the external private line gateway. The first sending unit 603 is configured to send the parsed VXLAN data packet to a gateway of the user network through a physical private line according to a routing forwarding table of an external private line gateway.
In some optional implementations of this embodiment, the apparatus 600 further includes: a second receiving unit 604 configured to receive data packets from a gateway of the user network. A query unit 605 configured to look up next hop information in the route forwarding table. A first encapsulating unit 606 configured to encapsulate the data packet into a VXLAN data message according to the next hop information. A second sending unit 607 configured to forward the encapsulated VXLAN data packet to the virtual private cloud router.
In some optional implementations of this embodiment, the apparatus 600 further includes: a third receiving unit 608 configured to obtain first routing information of a gateway of the user network and second routing information of the VPN instance. A third sending unit 609 configured to send the first routing information and the second routing information to the private line server.
With further reference to fig. 7, as an implementation of the methods shown in the above-mentioned figures, the present disclosure provides an embodiment of an apparatus for network communication, where the apparatus embodiment corresponds to the method embodiment shown in fig. 2, and is applied to a virtual private cloud router, and the apparatus may be applied to various electronic devices in particular.
As shown in fig. 7, the apparatus 700 for network communication of the present embodiment includes: a fourth receiving unit 701, a matching unit 702, a second encapsulating unit 703 and a fourth transmitting unit 704. Wherein, the fourth receiving unit 701 is configured to receive the data packet from the virtual private cloud. A matching unit 702 configured to perform packet matching on the data packet to determine next hop information. A second encapsulating unit 703 configured to encapsulate the data packet into a VXLAN data packet according to the next hop information. A fourth sending unit 704 configured to send the VXLAN data message to an external private line gateway.
In some optional implementations of this embodiment, the virtual private cloud router supports equivalent route forwarding; and the matching unit 702 is further configured to: and if the number of the next hop information obtained by message matching of the data packet is more than 1, selecting one piece of next hop information through a Hash algorithm.
With further reference to fig. 8, as an implementation of the methods shown in the above-mentioned figures, the present disclosure provides an embodiment of an apparatus for network communication, where the embodiment of the apparatus corresponds to the embodiment of the method shown in fig. 2, and the apparatus is applied to a dedicated line server, and the apparatus may be applied to various electronic devices in particular.
As shown in fig. 8, the apparatus 800 for network communication of the present embodiment includes: a fifth receiving unit 801, configured to receive the first routing information of the gateway of the user network and the second routing information of the VPN instance, which are sent by the external private line gateway. A route detection unit 802 configured to modify a route forwarding table of the external private line gateway in response to detecting that the first routing information and/or the second routing information changes.
In some optional implementations of this embodiment, the apparatus 800 further includes a healthy route detection unit 803 configured to: and carrying out health detection on the physical special line through an external special line gateway.
Referring now to fig. 9, a schematic diagram of an electronic device (e.g., external private cloud router, virtual private cloud router, private line server in fig. 1) 900 suitable for use in implementing embodiments of the present disclosure is shown. The external private line gateway, the virtual private cloud router, and the private line server shown in fig. 9 are only one example, and should not bring any limitation to the functions and the use range of the embodiments of the present disclosure.
As shown in fig. 9, the electronic device 900 may include a processing means (e.g., a central processing unit, a graphics processor, etc.) 901 that may perform various appropriate actions and processes in accordance with a program stored in a Read Only Memory (ROM)902 or a program loaded from a storage means 908 into a Random Access Memory (RAM) 903. In the RAM 903, various programs and data necessary for the operation of the electronic apparatus 900 are also stored. The processing apparatus 901, the ROM 902, and the RAM 903 are connected to each other through a bus 904. An input/output (I/O) interface 905 is also connected to bus 904.
Generally, the following devices may be connected to the I/O interface 905: input devices 906 including, for example, a touch screen, touch pad, keyboard, mouse, camera, microphone, accelerometer, gyroscope, etc.; an output device 907 including, for example, a Liquid Crystal Display (LCD), a speaker, a vibrator, and the like; storage 908 including, for example, magnetic tape, hard disk, etc.; and a communication device 909. The communication device 909 may allow the electronic apparatus 900 to perform wireless or wired communication with other apparatuses to exchange data. While fig. 9 illustrates an electronic device 900 having various means, it is to be understood that not all illustrated means are required to be implemented or provided. More or fewer devices may alternatively be implemented or provided. Each block shown in fig. 9 may represent one device or may represent multiple devices as desired.
In particular, according to an embodiment of the present disclosure, the processes described above with reference to the flowcharts may be implemented as computer software programs. For example, embodiments of the present disclosure include a computer program product comprising a computer program embodied on a computer readable medium, the computer program comprising program code for performing the method illustrated in the flow chart. In such an embodiment, the computer program may be downloaded and installed from a network through the communication device 909, or installed from the storage device 908, or installed from the ROM 902. The computer program, when executed by the processing apparatus 901, performs the above-described functions defined in the methods of the embodiments of the present disclosure. It should be noted that the computer readable medium described in the embodiments of the present disclosure may be a computer readable signal medium or a computer readable storage medium or any combination of the two. A computer readable storage medium may be, for example, but not limited to, an electronic, magnetic, optical, electromagnetic, infrared, or semiconductor system, apparatus, or device, or any combination of the foregoing. More specific examples of the computer readable storage medium may include, but are not limited to: an electrical connection having one or more wires, a portable computer diskette, a hard disk, a Random Access Memory (RAM), a read-only memory (ROM), an erasable programmable read-only memory (EPROM or flash memory), an optical fiber, a portable compact disc read-only memory (CD-ROM), an optical storage device, a magnetic storage device, or any suitable combination of the foregoing. In embodiments of the disclosure, a computer readable storage medium may be any tangible medium that can contain, or store a program for use by or in connection with an instruction execution system, apparatus, or device. In embodiments of the present disclosure, however, a computer readable signal medium may comprise a propagated data signal with computer readable program code embodied therein, for example, in baseband or as part of a carrier wave. Such a propagated data signal may take many forms, including, but not limited to, electro-magnetic, optical, or any suitable combination thereof. A computer readable signal medium may also be any computer readable medium that is not a computer readable storage medium and that can communicate, propagate, or transport a program for use by or in connection with an instruction execution system, apparatus, or device. Program code embodied on a computer readable medium may be transmitted using any appropriate medium, including but not limited to: electrical wires, optical cables, RF (radio frequency), etc., or any suitable combination of the foregoing.
The computer readable medium may be embodied in the electronic device; or may exist separately without being assembled into the electronic device. The computer readable medium carries one or more programs which, when executed by the electronic device, cause the electronic device to: receiving a VXLAN data message from a virtual private cloud router; analyzing the VXLAN data message in response to detecting that the outer-layer target IP address of the VXLAN data message is the IP address of the external private line gateway and the inner-layer target MAC address of the VXLAN data message is the MAC address of the external private line gateway; and sending the analyzed VXLAN data message to a gateway of a user network through a physical private line according to the routing forwarding table of the external private line gateway. Or when the one or more programs are executed by the electronic device, cause the electronic device to: receiving a data packet from a virtual private cloud; performing message matching on the data packet to determine next hop information; packaging the data packet into a VXLAN data message according to the next hop information; and sending the VXLAN data message to an external private line gateway. Or when the one or more programs are executed by the electronic device, cause the electronic device to: receiving first routing information of a gateway of a user network and second routing information of a VPN example, which are sent by an external private line gateway; and modifying a routing forwarding table of the external private line gateway in response to detecting that the first routing information and/or the second routing information changes.
Computer program code for carrying out operations for embodiments of the present disclosure may be written in any combination of one or more programming languages, including an object oriented programming language such as Java, Smalltalk, C + +, and conventional procedural programming languages, such as the "C" programming language or similar programming languages. The program code may execute entirely on the user's computer, partly on the user's computer, as a stand-alone software package, partly on the user's computer and partly on a remote computer or entirely on the remote computer or server. In the case of a remote computer, the remote computer may be connected to the user's computer through any type of network, including a Local Area Network (LAN) or a Wide Area Network (WAN), or the connection may be made to an external computer (for example, through the Internet using an Internet service provider).
The flowchart and block diagrams in the figures illustrate the architecture, functionality, and operation of possible implementations of systems, methods and computer program products according to various embodiments of the present disclosure. In this regard, each block in the flowchart or block diagrams may represent a module, segment, or portion of code, which comprises one or more executable instructions for implementing the specified logical function(s). It should also be noted that, in some alternative implementations, the functions noted in the block may occur out of the order noted in the figures. For example, two blocks shown in succession may, in fact, be executed substantially concurrently, or the blocks may sometimes be executed in the reverse order, depending upon the functionality involved. It will also be noted that each block of the block diagrams and/or flowchart illustration, and combinations of blocks in the block diagrams and/or flowchart illustration, can be implemented by special purpose hardware-based systems which perform the specified functions or acts, or combinations of special purpose hardware and computer instructions.
The units described in the embodiments of the present disclosure may be implemented by software or hardware. The described units may also be provided in a processor, and may be described as: a processor comprises a first receiving unit, a resolving unit and a first sending unit. The names of these units do not in some cases form a limitation on the unit itself, for example, the first receiving unit may also be described as a "unit that receives VXLAN datagrams from a virtual private cloud router".
The foregoing description is only exemplary of the preferred embodiments of the disclosure and is illustrative of the principles of the technology employed. It will be appreciated by those skilled in the art that the scope of the invention in the present disclosure is not limited to the specific combination of the above-mentioned features, but also encompasses other embodiments in which any combination of the above-mentioned features or their equivalents is possible without departing from the inventive concept. For example, the above features and (but not limited to) the features disclosed in this disclosure having similar functions are replaced with each other to form the technical solution.
Claims (15)
1. A method for network communication is applied to an external private line gateway and comprises the following steps:
receiving a VXLAN data message from a virtual private cloud router;
analyzing the VXLAN data message in response to detecting that the outer-layer target IP address of the VXLAN data message is the IP address of the external private line gateway and the inner-layer target MAC address of the VXLAN data message is the MAC address of the external private line gateway;
sending the analyzed VXLAN data message to a gateway of a user network through a physical private line according to a routing forwarding table of the external private line gateway;
acquiring first routing information of a gateway of the user network and second routing information of a VPN example;
sending the first routing information and the second routing information to a private line server, wherein the private line server receives first routing information of a gateway of a user network and second routing information of a VPN instance, which are sent by an external private line gateway, and modifies a routing forwarding table of the external private line gateway in response to detecting that the first routing information and/or the second routing information are/is changed;
the system applying the external private line gateway comprises a virtual private cloud router, the external private line gateways, gateways of a user network and a private line server, wherein at least one external private line gateway is arranged on the virtual private cloud router, each external private line gateway corresponds to one path, VPN examples and VPN route forwarding tables on the external private line gateways are in one-to-one correspondence, a virtual private cloud router-external private line gateway interface and a broadcast domain interface on the external private line gateway are in one-to-one correspondence, the VPN examples, the broadcast domain interfaces and VLAN interfaces are in one-to-one correspondence, the VPN examples, the broadcast domain interfaces and the VLAN interfaces belong to the same VPN route forwarding tables, and the broadcast domain interface on the external private line gateway and the external private line gateway of the same VPC on the virtual private cloud router establish a VXLAN tunnel.
2. The method of claim 1, wherein the method further comprises:
receiving a data packet from a gateway of the user network;
searching next hop information in the routing forwarding table;
packaging the data packet into a VXLAN data message according to the next hop information;
and forwarding the encapsulated VXLAN data message to the virtual private cloud router.
3. A method for network communication is applied to a virtual private cloud router and comprises the following steps:
receiving a data packet from a virtual private cloud;
performing message matching on the data packet to determine next hop information;
packaging the data packet into a VXLAN data message according to the next hop information;
sending the VXLAN data message to an external private line gateway;
the system applying the virtual private cloud router comprises the virtual private cloud router, external private line gateways, gateways of a user network and a private line server, wherein the virtual private cloud router is provided with at least one external private line gateway, each external private line gateway corresponds to a path, VPN examples and VPN route forwarding tables on the external private line gateways are in one-to-one correspondence, a virtual private cloud router-external private line gateway interface and a broadcast domain interface on the external private line gateway are in one-to-one correspondence, the VPN examples, the broadcast domain interfaces and VLAN interfaces are in one-to-one correspondence and belong to the same VPN route forwarding table, and the broadcast domain interface on the external private line gateway and the external private line gateway with the same VPC on the virtual private cloud router establish a VXLAN tunnel;
the private line server receives first routing information of a gateway of a user network and second routing information of a VPN instance, which are sent by an external private line gateway, and modifies a routing forwarding table of the external private line gateway in response to detecting that the first routing information and/or the second routing information are/is changed.
4. The method of claim 3, wherein the virtual private cloud router supports equivalent route forwarding; and
performing packet matching on the data packet to determine next hop information, including:
and if the number of the next hop information obtained by message matching of the data packet is more than 1, selecting one piece of next hop information through a Hash algorithm.
5. A method for network communication is applied to a private line server and comprises the following steps:
receiving first routing information of a gateway of a user network and second routing information of a VPN example, which are sent by an external private line gateway;
modifying a routing forwarding table of an external private line gateway in response to detecting that the first routing information and/or the second routing information changes;
the system applying the private line server comprises a virtual private cloud router, external private line gateways, gateways of a user network and a private line server, wherein the virtual private cloud router is provided with at least one external private line gateway, each external private line gateway corresponds to a path, VPN examples and VPN route forwarding tables on the external private line gateways are in one-to-one correspondence, a virtual private cloud router-external private line gateway interface and a broadcast domain interface on the external private line gateway are in one-to-one correspondence, the VPN examples, the broadcast domain interfaces and VLAN interfaces are in one-to-one correspondence, the VPN examples, the broadcast domain interfaces and the VLAN interfaces belong to the same VPN route forwarding table, and the broadcast domain interface on the external private line gateway and the external private line gateway of the same VPC on the virtual private cloud router establish a VXLAN tunnel.
6. The method of claim 5, wherein the method further comprises:
and carrying out health detection on the physical private line through the external private line gateway.
7. An apparatus for network communication, applied to an external private line gateway, comprising:
a first receiving unit configured to receive a VXLAN data message from a virtual private cloud router;
an analyzing unit configured to analyze the VXLAN data message in response to detecting that a destination IP address of an outer layer of the VXLAN data message is an IP address of the external private line gateway and a destination MAC address of an inner layer of the VXLAN data message is an MAC address of the external private line gateway;
the first sending unit is configured to send the analyzed VXLAN data message to a gateway of a user network through a physical private line according to a routing forwarding table of the external private line gateway;
a third receiving unit configured to acquire first routing information of a gateway of the user network and second routing information of a VPN instance;
a third sending unit, configured to send the first routing information and the second routing information to a private line server, where the private line server receives the first routing information of a gateway of a user network and the second routing information of a VPN instance sent by an external private line gateway, and modifies a routing forwarding table of the external private line gateway in response to detecting that the first routing information and/or the second routing information changes;
the system applying the external private line gateway comprises a virtual private cloud router, the external private line gateways, gateways of a user network and a private line server, wherein at least one external private line gateway is arranged on the virtual private cloud router, each external private line gateway corresponds to one path, VPN examples and VPN route forwarding tables on the external private line gateways are in one-to-one correspondence, a virtual private cloud router-external private line gateway interface and a broadcast domain interface on the external private line gateway are in one-to-one correspondence, the VPN examples, the broadcast domain interfaces and VLAN interfaces are in one-to-one correspondence, the VPN examples, the broadcast domain interfaces and the VLAN interfaces belong to the same VPN route forwarding tables, and the broadcast domain interface on the external private line gateway and the external private line gateway of the same VPC on the virtual private cloud router establish a VXLAN tunnel.
8. The apparatus of claim 7, wherein the apparatus further comprises:
a second receiving unit configured to receive a data packet from a gateway of the user network;
a query unit configured to find next hop information in the route forwarding table;
a first encapsulating unit configured to encapsulate the data packet into a VXLAN data message according to the next hop information;
a second sending unit configured to forward the encapsulated VXLAN data packet to the VPN cloud router.
9. An apparatus for network communication, applied to a virtual private cloud router, comprising:
a fourth receiving unit configured to receive a data packet from the virtual private cloud;
a matching unit configured to perform packet matching on the data packet to determine next hop information;
the second encapsulating unit is configured to encapsulate the data packet into a VXLAN data message according to the next hop information;
the fourth sending unit is configured to send the VXLAN data message to an external private line gateway;
the system applying the virtual private cloud router comprises the virtual private cloud router, external private line gateways, gateways of a user network and a private line server, wherein the virtual private cloud router is provided with at least one external private line gateway, each external private line gateway corresponds to a path, VPN examples and VPN route forwarding tables on the external private line gateways are in one-to-one correspondence, a virtual private cloud router-external private line gateway interface and a broadcast domain interface on the external private line gateway are in one-to-one correspondence, the VPN examples, the broadcast domain interfaces and VLAN interfaces are in one-to-one correspondence and belong to the same VPN route forwarding table, and the broadcast domain interface on the external private line gateway and the external private line gateway with the same VPC on the virtual private cloud router establish a VXLAN tunnel;
the private line server receives first routing information of a gateway of a user network and second routing information of a VPN instance, which are sent by an external private line gateway, and modifies a routing forwarding table of the external private line gateway in response to detecting that the first routing information and/or the second routing information are/is changed.
10. The apparatus of claim 9, wherein the virtual private cloud router supports equivalent route forwarding; and
the matching unit is further configured to:
and if the number of the next hop information obtained by message matching of the data packet is more than 1, selecting one piece of next hop information through a Hash algorithm.
11. An apparatus for network communication, applied to a private line server, comprising:
a fifth receiving unit, configured to receive the first routing information of the gateway of the user network and the second routing information of the VPN instance sent by the external private line gateway;
a route detection unit configured to modify a route forwarding table of an external dedicated line gateway in response to detecting that the first routing information and/or the second routing information changes;
the system applying the private line server comprises a virtual private cloud router, external private line gateways, gateways of a user network and a private line server, wherein the virtual private cloud router is provided with at least one external private line gateway, each external private line gateway corresponds to a path, VPN examples and VPN route forwarding tables on the external private line gateways are in one-to-one correspondence, a virtual private cloud router-external private line gateway interface and a broadcast domain interface on the external private line gateway are in one-to-one correspondence, the VPN examples, the broadcast domain interfaces and VLAN interfaces are in one-to-one correspondence, the VPN examples, the broadcast domain interfaces and the VLAN interfaces belong to the same VPN route forwarding table, and the broadcast domain interface on the external private line gateway and the external private line gateway of the same VPC on the virtual private cloud router establish a VXLAN tunnel.
12. The apparatus of claim 11, wherein the apparatus further comprises a health route detection unit configured to:
and carrying out health detection on the physical private line through the external private line gateway.
13. A system for network communication, comprising:
the external private line gateway is configured to receive VXLAN data messages from a virtual private cloud router, analyze the VXLAN data messages in response to detecting that a destination IP address of an outer layer of the VXLAN data messages is an IP address of the external private line gateway and a destination MAC address of an inner layer of the VXLAN data messages is an MAC address of the external private line gateway, and send the analyzed VXLAN data messages to a gateway of a user network through a physical private line according to a routing forwarding table of the external private line gateway;
the virtual private cloud router is configured to receive a data packet from a virtual private cloud, perform message matching on the data packet to determine next hop information, encapsulate the data packet into a VXLAN data message according to the next hop information, and send the VXLAN data message to an external private line gateway;
a gateway of a user network configured to perform data communication with the external private line gateway through a physical private line;
a private line server configured to receive first routing information of a gateway of a user network and second routing information of a VPN instance, which are sent by the external private line gateway, and modify a routing table of the virtual private cloud router in response to detecting that the first routing information and/or the second routing information is changed;
the virtual private cloud router is provided with at least one private line gateway, each private line gateway corresponds to one path, VPN examples on external private line gateways correspond to VPN route forwarding tables one by one, virtual private cloud router-private line gateway interfaces correspond to broadcast domain interfaces on the external private line gateways one by one, VPN examples, the broadcast domain interfaces correspond to VLAN interfaces one by one, the VPN examples, the broadcast domain interfaces and the VLAN interfaces belong to the same VPN route forwarding tables, and the broadcast domain interfaces on the external private line gateways and the private line gateways of the same VPC on the virtual private cloud router establish VXLAN tunnels.
14. An electronic device, comprising:
one or more processors;
a storage device having one or more programs stored thereon,
when executed by the one or more processors, cause the one or more processors to implement the method of any one of claims 1-6.
15. A computer-readable medium, on which a computer program is stored, wherein the program, when executed by a processor, implements the method of any one of claims 1-6.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201910109575.XA CN109639557B (en) | 2019-02-11 | 2019-02-11 | Method, device and system for network communication |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201910109575.XA CN109639557B (en) | 2019-02-11 | 2019-02-11 | Method, device and system for network communication |
Publications (2)
Publication Number | Publication Date |
---|---|
CN109639557A CN109639557A (en) | 2019-04-16 |
CN109639557B true CN109639557B (en) | 2021-11-26 |
Family
ID=66065060
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201910109575.XA Active CN109639557B (en) | 2019-02-11 | 2019-02-11 | Method, device and system for network communication |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN109639557B (en) |
Families Citing this family (11)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN110891325B (en) * | 2019-12-10 | 2021-11-23 | 新华三大数据技术有限公司 | Tunnel establishment method and device |
CN113630314B (en) * | 2020-05-09 | 2022-09-16 | 北京金山云网络技术有限公司 | Disaster recovery method and device for hybrid cloud private line access network |
CN111614541B (en) * | 2020-06-09 | 2022-02-18 | 浪潮云信息技术股份公司 | Method for adding public cloud network physical host into VPC |
CN111565142B (en) * | 2020-07-15 | 2020-11-03 | 鹏城实验室 | Message processing method and device and computer readable storage medium |
CN112887317A (en) * | 2021-01-30 | 2021-06-01 | 北京中安星云软件技术有限公司 | Method and system for protecting database based on VXLAN network |
CN114401222B (en) * | 2021-12-28 | 2024-03-26 | 网络通信与安全紫金山实验室 | Data forwarding method, device and storage medium based on policy routing |
CN114726780B (en) * | 2022-03-23 | 2024-04-02 | 阿里云计算有限公司 | Communication method, device and storage medium from top to bottom of cloud |
CN115225634B (en) * | 2022-06-17 | 2023-10-20 | 北京百度网讯科技有限公司 | Data forwarding method, device and computer program product under virtual network |
CN115333994B (en) * | 2022-08-01 | 2024-05-31 | 北京金山云网络技术有限公司 | Method and device for realizing VPN route rapid convergence and electronic equipment |
CN115473767A (en) * | 2022-09-06 | 2022-12-13 | 中电云数智科技有限公司 | Method and system for accessing OVN cluster tenant network by using cloud private line |
CN115208888B (en) * | 2022-09-13 | 2022-12-27 | 杭州优云科技有限公司 | Communication method and device for cloud instance to cross available areas and electronic equipment |
Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN202551067U (en) * | 2012-03-26 | 2012-11-21 | 上海地面通信息网络有限公司 | Network routing control device with multiple links as redundant backup mutually |
CN106789667A (en) * | 2016-11-21 | 2017-05-31 | 华为技术有限公司 | A kind of data forwarding method, relevant device and system |
CN106998284A (en) * | 2016-01-25 | 2017-08-01 | 阿里巴巴集团控股有限公司 | The network system and method for private network are connected by virtual private networks |
CN108429680A (en) * | 2018-03-07 | 2018-08-21 | 北京优帆科技有限公司 | A kind of method for configuring route, system, medium and equipment based on virtual private cloud |
Family Cites Families (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20170324707A1 (en) * | 2016-05-03 | 2017-11-09 | At&T Intellectual Property I, L.P. | Network service provider architecture with internet-route-free control plane |
-
2019
- 2019-02-11 CN CN201910109575.XA patent/CN109639557B/en active Active
Patent Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN202551067U (en) * | 2012-03-26 | 2012-11-21 | 上海地面通信息网络有限公司 | Network routing control device with multiple links as redundant backup mutually |
CN106998284A (en) * | 2016-01-25 | 2017-08-01 | 阿里巴巴集团控股有限公司 | The network system and method for private network are connected by virtual private networks |
CN106789667A (en) * | 2016-11-21 | 2017-05-31 | 华为技术有限公司 | A kind of data forwarding method, relevant device and system |
CN108429680A (en) * | 2018-03-07 | 2018-08-21 | 北京优帆科技有限公司 | A kind of method for configuring route, system, medium and equipment based on virtual private cloud |
Also Published As
Publication number | Publication date |
---|---|
CN109639557A (en) | 2019-04-16 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN109639557B (en) | Method, device and system for network communication | |
US11310079B2 (en) | EVPN packet processing method, device, and system for MAC learning via MAC/IP advertisement route | |
US10361884B2 (en) | Virtual private network forwarding and nexthop to transport mapping scheme | |
US20240022650A1 (en) | Computing power application traffic forwarding method and apparatus | |
CN111740913B (en) | Method, router and readable medium for forwarding network traffic in computer network | |
US10666459B1 (en) | System and method to facilitate interoperability between virtual private LAN service (VPLS) and ethernet virtual private network (EVPN) with all-active multi-homing | |
CN112511444B (en) | Multicast traffic transmission method, device, communication node and storage medium | |
US8830998B2 (en) | Separation of edge and routing/control information for multicast over shortest path bridging | |
US10263808B2 (en) | Deployment of virtual extensible local area network | |
WO2022007503A1 (en) | Service traffic processing method and apparatus | |
US10237164B2 (en) | Inter-provider network architecture | |
CN112491701B (en) | Message forwarding method and device | |
US11362954B2 (en) | Tunneling inter-domain stateless internet protocol multicast packets | |
US8923162B2 (en) | Management of private virtual networks | |
US20230291682A1 (en) | Method and device for processing data packet, storage medium, and electronic device | |
US20130308637A1 (en) | Multicast data delivery over mixed multicast and non-multicast networks | |
US20190215191A1 (en) | Deployment Of Virtual Extensible Local Area Network | |
EP3982596A1 (en) | Processing a flow at the egress node in segment routing | |
US20230353479A1 (en) | Edge Computing Data and Service Discovery Using an Interior Gateway Protocol (IGP) | |
US20240064099A1 (en) | Communication method and related apparatus | |
WO2023045871A1 (en) | Packet processing method, network device and system | |
WO2023274083A1 (en) | Route publishing method and apparatus, packet forwarding method and apparatus, device, and storage medium | |
US20240214301A1 (en) | Packet processing method and related apparatus | |
CN113904981B (en) | Routing information processing method and device, electronic equipment and storage medium | |
US10498606B1 (en) | Methods and systems for neighbor-acknowledged graceful insertion/removal protocol |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
GR01 | Patent grant | ||
GR01 | Patent grant |