CN109842692A - VxLAN switch, system and method for obtaining host information in physical network - Google Patents
VxLAN switch, system and method for obtaining host information in physical network Download PDFInfo
- Publication number
- CN109842692A CN109842692A CN201811347670.5A CN201811347670A CN109842692A CN 109842692 A CN109842692 A CN 109842692A CN 201811347670 A CN201811347670 A CN 201811347670A CN 109842692 A CN109842692 A CN 109842692A
- Authority
- CN
- China
- Prior art keywords
- host
- data packet
- information
- packet
- vxlan
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1441—Countermeasures against malicious traffic
- H04L63/1466—Active attacks involving interception, injection, modification, spoofing of data unit addresses, e.g. hijacking, packet injection or TCP sequence number attacks
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1408—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
- H04L63/1425—Traffic logging, e.g. anomaly detection
Abstract
The invention discloses a method for a VxLAN switch, which is used for obtaining information of a host in a physical network connected to the VxLAN switch, and comprises the following steps: sending a discovery packet through a physical network; receiving an information data packet which is sent by a host and replies to the discovery data packet; and collecting information of the host from the information data packet through the VxLAN switch. By actively sending discovery packets by the network, the present invention achieves rapid convergence through the virtual network host learning process and suppresses broadcast packets as much as possible.
Description
Technical field
The present invention relates to computer networks, more particularly to host of the discovery for the endpoint of virtual network.
Background technique
Virtual expansible LAN (VxLAN) is a kind of soverlay technique for network virtualization.It passes through User Datagram Protocol
(UDP) tunnel encapsulation is discussed, the 2nd layer of extension is provided on the 3rd layer of shared underlying infrastructure network.In order to overcome RFC 7348
Defined in flood the limitation of study (flood-and-learn) VxLAN, multiprotocol-border gateway association can be used in various tissues
Discuss the control plane of Ethernet Virtual Private Network (MP-BGP EVPN) as VxLAN.
Virtual channel endpoint (VTEP) in MP-BGP EVPN needs to learn the locally-attached master of Fast Learning by local
The media access control address (MAC) of machine and IP address, and the information is synchronized by the MP-BGP of other VTEP.Host is believed at a slow speed
Breath synchronizes will cause a large amount of excess flows by tunnel transmission on all-network.In particular, when VTEP is restarted, slow convergence
It will lead to the high load in network.
Existing solution for host study includes the solution based on local data plane, passes through monitoring packet
Include all address resolution protocols (ARP) data packet of the reply in ARP request and local lan.But in real network environment
There may be silent hosts, they may not send any ARP data packet automatically.Alternatively, host is only needing and other portions
Part can just send ARP data packet when connecting, and in this case, VTEP can not be sent out passively, in time according to ARP study
Now all local hosts.In addition, when whole network just starts, VTEP need a kind of positive method scan local network with
All hosts that may be present are found immediately.
Summary of the invention
Therefore, in one aspect, the present invention is the method for VxLAN interchanger, and the method is for being connected to
The information of host in the physical network of VxLAN interchanger, comprising the following steps: discovery data packet is sent by physical network;It connects
Receive information packet that host issues, being replied discovery data packet;And by VxLAN interchanger, from information data
The information of host is collected in packet.
According to another aspect of the present invention, a kind of VxLAN interchanger is disclosed, acquisition is used for and is connected to VxLAN exchange
The information of host in the physical network of machine, VxLAN interchanger include: receiver, are configured as being received as host sending, use
In the information packet for replying discovery data packet;Wherein, VxLAN interchanger is further adapted for collecting the host from information packet
Information.
According to another aspect of the present invention, a kind of system is disclosed, acquisition is configured for and is connected to VxLAN interchanger
The information of host in physical network.The system includes VxLAN interchanger, which includes receiver, which is configured
To be received as information packet that host issues, for replying discovery data packet.VxLAN interchanger is further adapted for from information data
Packet collects the information of host.VxLAN interchanger is connect with host.
Therefore, the present invention provides the improved host study mechanisms for virtual network.By actively being sent out on network
Discovery data packet is sent, the present invention realizes the fast convergence of host learning process in virtual network, and inhibits as much as possible wide
Unicast packets.Some embodiments of the present invention also reduce potential as caused by the update mechanism of ARP table wave.Finally, this
Invention reduces the system pressure of VTEP interchanger, and VTEP interchanger does not need to capture all to learn always
ARP data packet is for the analysis of its processor.
Detailed description of the invention
From the description of following preferred embodiment, above-mentioned and further feature of the invention be will become obvious,
The preferred embodiment is provided only in conjunction with attached drawing as way of example, in which:
Fig. 1 shows typical virtual network comprising multiple VTEP, wherein host is connected to VTEP.
What it is Fig. 2 shows embodiment according to the present invention includes VTEP and dynamic host configuration protocol connected to it
(DHCP) system of server.
Fig. 3 is the flow chart for showing the step of obtaining host information by DHCP data packet in the system of figure 2.
That Fig. 4 shows another embodiment according to the present invention includes VTEP and the master that VTEP is connected under different sub-network
The system of machine.
Fig. 5 is the flow chart for the step of ARP scanning of the VTEP in the system shown through Fig. 4 obtains host information, with
And
Fig. 6 is flow chart the step of showing by VTEP maintenance host information table in the system of Fig. 4, and
In the accompanying drawings, in several embodiments described herein, identical appended drawing reference indicates identical component.
Specific embodiment
Turning now to Fig. 1, the exemplary computer network 18 that can realize virtual network on it is shown.By that will retouch below
The host study mechanism proposed by the present invention stated can be applied to network shown in FIG. 1.With wherein use virtual network interface control
The virtual network of device (VNIC) processed device interconnected compares, and computer as shown in Figure 1 is by passing through physical network interface
The physical unit of controller (NIC) connection indicates.In Fig. 1, computer network 18 includes core 26, is allowed multiple individual
Physical network is connected thereto.Positioned at 18 center of network core 26 indicate for connect physical network any one or more
Backbone network.One example of core 26 is internet.Each physical network is defined by router 22 and corresponding VTEP 20.
Multiple VTEP 20 shown in Fig. 1 are a kind of virtual network endpoints.Each VTEP 20 is suitable for sending out from another VTEP 20
Send/arrive the data packet of VTEP 20 to execute VXLAN encapsulation and decapsulation.In other words, between two or more VTEP 20
The data packet of transmission is physical network packet, but be located at each other side VTEP20 is virtual network packet, VTEP 20 be suitable for into
The conversion of row physical network packet and virtual network packet.Router 22 is for the trunking in network 18, to forward Data Data
Packet.By core 26, three routers 22 shown in Fig. 1 are connected to each other, and the data from any of which
Data packet can be transferred to rest part.It is connected with physical network behind each router 22, which can only
It is communicated by particular router 22 with core 26.In other words, three physical networks shown in Fig. 1 logically each other every
From.In each physical network, there are one or more calculating equipment 24 (being also referred to as host in the present embodiment), pass through
Corresponding VTEP 20 is connected to corresponding router 22.Calculating equipment 24 can be any electronics with Network connecting member and set
It is standby, including but not limited to desktop computer, smart phone, laptop, tablet computer etc..It should be noted that passing through VTEP
20, the calculating equipment 24 being distributed in different physical networks can be positioned in same virtual network, this is such as art technology
Known to personnel.
Turning now to Fig. 2, it to be physical network the embodiment show working as that it illustrates an embodiment of the invention
When enabling DHCP, how VTEP 120 learns the information of the host in physical network associated with VTEP 120.As long as enabling
DHCP, the process in the embodiment can be applied to network shown in FIG. 1.As shown in Fig. 2, be connected to VTEP 120 is
Multiple main frames 124 form at least part of physical network associated with VTEP 120.In other words, multiple main frames 124
Dependent on VTEP 120, the company of other hosts in different physical networks to realize VTEP (not shown) different from being connected to
It connects.Dynamic Host Configuration Protocol server 130 is also connected to VTEP 120.Dynamic Host Configuration Protocol server 130 can be any node of network, provide automatic
Distribute the DHCP function of IP address.For example, Dynamic Host Configuration Protocol server 130 can be realized as being similar to router shown in Fig. 1.
Turning now to the operation of the VTEP 120 in the virtual network of above-mentioned Fig. 2, it is used to find the letter of multiple main frames 124
Breath.The step of this operation, is as shown in Figure 3.Firstly, in step 132, VTEP 120 starts, to open it as virtual network
The function of endpoint.VTEP 120 enables its DHCP listening functions, then constructs DHCP and listens to table, but at the time of step 132,
DHCP listens to table as sky.VTEP 120 listens to table by all DHCP data packets of VTEP 120 by monitoring to fill in DHCP,
And learn MAC and IP information from DHCP data packet.
For example, it is assumed that the host 124a in Fig. 2 will be main from 130 IP address requesting of Dynamic Host Configuration Protocol server, in step 134
Machine 124a has found (discover) data packet to physical network broadcast DHCP, to find any available Dynamic Host Configuration Protocol server.
DHCP has found all possible DHCP that data packet will be reached in the physical network for including Dynamic Host Configuration Protocol server 130 by VTEP 120
Server.Then, since in the embodiment of Fig. 2, Dynamic Host Configuration Protocol server 130 is the available unique DHCP service of host 124a
The DHCP of device, network configuration information of the Dynamic Host Configuration Protocol server 130 by broadcast including host 124a provides data packet, replys in step
DHCP in 136 has found data packet.Next, host 124a receive DHCP provide (offer) data packet after, in step
Broadcast DHCP request (request) data packet in 138 will reach Dynamic Host Configuration Protocol server 130, to confirm that host 124a provides for it
Select Dynamic Host Configuration Protocol server 130.Finally, after Dynamic Host Configuration Protocol server 130 receives DHCP request data packet, in step 140, it
The DHCP for broadcasting the all-network configuration information with host 124a confirms (ACK) data packet, including what is distributed for host 124a
IP address.Therefore, DHCP ack msg packet is referred to as information packet in the present embodiment, because it includes host 124a
Network address, including IP address and MAC Address, although it be as the direct reply to DHCP request data packet, can be with
DHCP ack msg packet is considered eventually as the reply to first initial DHCP data packet, and the first DHCP data packet is main
The DHCP that machine 124a is sent has found data packet.DHCP ack msg packet is that address provides data packet comprising is supplied to host
The address of the confirmation of 124a, and in contrast, DHCP provide data packet be only it is interim, need the confirmation of host 124a.
Then, host 124a carrys out its network interface of configuration access physical network using provided network configuration information.
It should be noted that above-mentioned DHCP configuration process is well known to the skilled artisan.However, difference exists
It can monitor in, VTEP 120 through the relevant data packet of all and DHCP of VTEP 120, be connected to VTEP to obtain
The information of 120 host.In the above example, once DHCP ack msg coating is broadcast to host 124a, in step 142
In, VTEP 120 will identify that DHCP ack msg packet, the DHCP ack msg packet not only include for the host 124a IP distributed
Location further includes the MAC Address for including in DHCP ack msg packet.Then, VTEP 120 uses the MAC Address and IP of host 124a
Table is listened to update DHCP in step 144 in address.In this way, VTEP 120 collects host 124a's from DHCP ack msg packet
Host information.VTEP 120 is that each host in physical network repeats the above process, and can then form institute in physical network
There is the complete DHCP of host to listen to table.Table 1 below illustrates the examples that the DHCP safeguarded by VTEP 120 listens to table.
Host | MAC | IP |
Host 1 | 00:AA:00:BB:00::11 | 10.10.10.5/24 |
Host 2 | 00:AA:00:FF:00::11 | 10.10.10.2/24 |
Host 3 | 00:AA:00:FF:AA:40 | 10.10.20.55/24 |
Host 4 | 00:AA:00:FF:12:55 | 10.10.30.66/24 |
Table 1
After the host information for obtaining its physical network, in step 143, then VTEP 120 updates host information
For Multiprotocol Border Gateway Protocol (MP-BGP), then, host information is updated to other in virtual network by MP-BGP
VTEP (not shown).When VTEP 120 at runtime, any new host that physical network is added will also have to be obtained by VTEP 120
The information obtained, because new host also must obtain IP address from Dynamic Host Configuration Protocol server 130.On the other hand, even if VTEP 120 needs
Restart, DHCP listens to the All hosts information for including in table and will also be stored in the flash memory (not shown) of VTEP 120.Work as VTEP
120 when restoring later, VTEP 120 then can from flash memory reading of content, and directly regain host information, without
DHCP is carried out again to listen to.
Turning now to Fig. 4, it illustrates an embodiment of the invention, the embodiment show VTEP 220 how
Without DHCP service is provided for physical network, learn the host in physical network associated with VTEP 220
Information.If not having DHCP service in a network, in the embodiment, process can be applied to network shown in FIG. 1.
As shown in figure 4, multiple main frames 224a and 224b are connected to VTEP 220, they form at least part of physical network.Change sentence
It talks about, multiple main frames 224a and 224b depend on VTEP 220, to realize the not jljl of VTEP (not shown) different from being connected to
Manage the connection of other hosts in network.Note that host 224a and 224b are belonging respectively to different subnet 225a and 225b.At this
In example, host 224a and 224b belong to the different VXLAN with different VXLAN network identifiers (VNI), so that each subnet
Corresponding to a VXLAN.Table 2 below shows different sub-network, VNI the and VLAN ID (VID) in network shown in Fig. 4
Between relationship.VTEP 220 is suitable for carrying out ARP scanning using the relevant data packet of different types of ARP, this will be detailed below
Thin description.
VNI | Subnet | VID |
10001 | 10.10.10.1/24 | 100 |
10002 | 10.10.20.1/24 | 200 |
Table 2
Now, the operation of the associated VTEP 220 of virtual network different from two of Fig. 4 above is turned to, it is multiple to find
The information of host 224a and 224b.The step of this operation, is as shown in Figure 5.Firstly, in step 232, VTEP 120 starts, with
Open its function as virtual network endpoint.VTEP 220 constructs ARP table, but at the time of step 232, ARP table is sky.
After executing ARP scanning to each of physical network host 224a and 224b, VTEP 220 fills ARP table.
For example, it is assumed that VTEP 220 goes for IP address in subnet 225a network, may having 10.10.10.2
The information of the unknown host of (as shown in Figure 4), then the broadcast ARP request packet in step 234 of VTEP 220, as discovery data
Packet, target is the IP address of 10.10.10.2.Then, in step 236, the host 224a of IP address 10.10.10.2 is used
By by sending VTEP 220 for the arp reply data packet of its MAC Address, to respond ARP request (request) data packet.
Arp reply data packet is such information packet, is provided the validation of information of host 224a to VTEP 220.It should pay attention to
, for other hosts without IP address 10.10.10.2, these hosts will directly abandon the ARP that they receive
Request packet.Then, in step 238, VTEP 220 is receiving the arp reply that IP address is 10.10.10.2 from host 224a
(reply) its ARP table is updated after data packet.
It should be noted that above-mentioned ARP scanning process is well known to the skilled artisan, but it is only limitted to carry out this
The degree of one or more hosts in the network of kind ARP scanning.In embodiments of the present invention, the difference is that,
VTEP 220 can be connected to VTEP's 220 to obtain by broadcast ARP request data packet, actively to carry out ARP scanning
The information of All hosts.It should be noted that as described above, an ARP request packet can only detect whether that there are a hosts.Above-mentioned
In example, similar to the described process of the information for obtaining the host 224a that IP address is 10.10.10.2, VTEP
220 repeat similar process for each IP address, may belong to the different sub-network in physical network.As a result, ARP table can be with
Maximum possible information filled with host in network.Table 3 below shows the examples for the ARP table safeguarded by VTEP 220.?
After the host information for obtaining its physical network, then VTEP 220 sends bgp update to other VTEP in virtual network
(not shown).
VID | IP | In the presence of | MAC Address |
100 | 10.10.10.3 | N | N/A |
100 | 10.10.10.5 | N | 000abb180a1c |
100 | 10.10.10.7 | Y | 00aabb11011b |
…… | |||
200 | 10.10.20.3 | N | ff0abb180a1f |
200 | 10.10.20.5 | N | N/A |
200 | 10.10.20.7 | N | N/A |
200 | 10.10.20.9 | Y | a1cabb11011b |
200 | 10.10.20.253 | N | N/A |
Table 3
In this embodiment, in order to avoid heartbeat effect, VTEP 220 attempt the IP address of detection IP address most
Latter position is divided into two different groups of odd number or even number.Table 3 shows a part of ARP table after first time ARP scanning, this is swept
Retouch the IP address be directed toward and there is odd number.A part of ARP table after being scanned table 4 below shows second of ARP, the scanning needle
To the IP address with even number.
VID | IP | In the presence of | MAC Address |
100 | 10.10.10.2 | Y | 00aabb110156 |
100 | 10.10.10.4 | N | N/A |
100 | 10.10.10.6 | N | N/A |
…… | |||
200 | 10.10.20.2 | N | 1233bb180a1c |
200 | 10.10.20.4 | N | N/A |
200 | 10.10.20.6 | N | N/A |
200 | 10.10.20.8 | Y | 00aabb110188 |
200 | 10.10.20.254 | N | N/A |
Table 4
It should be noted that if the ARP request data packet sent for the IP address does not return to any confirmation, for specific
It is not that All hosts all exist for IP address.For example, do not have host acknowledgement: IP address is 10.10.10.3's in table 3
ARP request data packet, therefore it is shown in Table 3 below and is not present, therefore cannot obtain MAC Address for host.On the other hand, VTEP
220 can periodically start ARP scanning, to detect any new host or remove offline host.According to the object for being connected to VTEP 220
The scale of network is managed to determine this time.
Fig. 6 shows the step of being executed by VTEP 220 to safeguard ARP table to add new host or remove offline host.When
When ARP entry in ARP table updates, VTEP 220 will not immediately delete it from ARP table.But in step 240,
VTEP 220 sends unicast (UNICAST) ARP request data packet, and destination MAC Address is the current of host in arp entry
MAC Address.Then in step 242, VTEP 220 is determined after sending UNICAST ARP request, if is replied ARP and is returned
It is multiple.If receiving ARP reply really, VTEP 220 confirms that host is still online, and VTEP 220 will be used in step 243
The arp entry of the host in new update of time stamp ARP table, to update the state of host.Then, only its in next update
When, it can just check this arp entry.
If not returning to ARP reply after step 242, in step 244, VTEP 220 retransmits inverse arp
(Reversed ARP) inquires data packet, is directed to the particular host to check, whether IP address is changed.In step 246,
Then VTEP 220 is determined after RARP inquires data packet, if receive reply.If do not replied, VTEP 220 exists
The entry in ARP table is removed in step 250, because VTEP 220 confirms that host related with arp entry has been off really.Or
Person, if receiving reply after RARP inquires data packet, VTEP 220 knows that particular host has changed its IP address,
And in step 248, VTEP 220 updates ARP using the address information for including in the reply to RARP inquiry data packet
Table.
In the above-described embodiment, common ARP request is replaced using UNICAST ARP request, to avoid wide in network
Broadcast flow.On the other hand, VTEP 220 is inquired using RARP, to detect whether the IP address of host changes.UNICAST ARP is asked
RARP inquiry of summing all is well-known to those skilled in the art, but is only second to host and sends UNICAST ARP request and RARP
The range of inquiry, rather than VTEP.
Therefore, exemplary embodiments of the present invention are fully described.Although the description is related to specific embodiment,
It is it will be apparent to one skilled in the art that the present invention can be practiced by changing these details.Therefore, the present invention should not be by
It is interpreted as being limited to embodiments set forth herein.
Although illustrating and describing the present invention in detail in the drawings and the preceding description, same content is recognized
To be illustrative and be not restrictive, it should be understood that illustrative embodiments only have shown and described, and not with any side
Formula limits the scope of the invention.It is appreciated that any feature described herein can be used for any embodiment.Exemplary implementation
Scheme is not excluded for each other or other embodiments not enumerated herein.Therefore, the present invention also provides include said one or more
The combined embodiment of a exemplary implementation scheme.It without departing from the spirit and scope of the present invention, can be to this
The present invention described in text modifies and modification, therefore, should only apply these limitations as shown in appended claims.
For example, VTEP identification DHCP ack msg packet simultaneously obtains DHCP ACK number in the embodiment shown in Fig. 2-3
According to the host information for including in packet, table is listened to fill up DHCP.However, in other modifications of information, other DHCP data packets
It can be used for obtaining host information, such as DHCP provides data packet.But DHCP, which provides the address for including in data packet, is not
The final confirmation address of requesting host, it is therefore desirable to further confirm that, and DHCP can be updated when necessary and listen to table.
In embodiment shown in Fig. 4, last position based on its IP address, the host in virtual network is divided into two
Group, for carrying out ARP scanning in different time.However, it would be recognized by those skilled in the art that other standards also can be used
Host is grouped, such as is grouped by VLAN or subnet.
In the embodiment shown in Fig. 2-3, DHCP discovery data packet and DHCP ack msg packet as broadcast quilt
Description.However, one skilled in the art would recognize that these data packets can also be with it in other modifications of the invention
He sends mode.For example, these data packets are also possible to unicast.
Claims (30)
1. a kind of method for VxLAN interchanger, the method is connected in the physical network of VxLAN interchanger for obtaining
The information of host, comprising the following steps:
Discovery data packet is sent by physical network;
Information packet that receiving host issues, that discovery data packet is replied, and
By VxLAN interchanger, the information of host is collected from information packet.
2. according to the method described in claim 1, wherein, in sending step, the host sends discovery data packet, with request
Network address;Information packet is that address provides packet comprising is supplied to the address of the host.
3. according to the method described in claim 2, wherein, the receiving step executes at the VxLAN interchanger.
4. according to the method described in claim 2, the VxLAN interchanger is constructed and is safeguarded wherein in the collection step
Information including the host listens to table.
5. the method according to any one of claim 2-4, wherein the discovery data packet is dynamic host configuration protocol
DHCP has found data packet;The information packet is DHCP confirmation data packet.
6. according to the method described in claim 1, wherein in the sending step, sent as the VxLAN interchanger described in
It was found that data packet, to detect the presence of the host on the physical network;The information packet is that the host is sent to
The confirmation data packet of the VxLAN interchanger, to reply the discovery data packet.
7. according to the method described in claim 6, wherein, the discovery data packet is broadcast to the physical network, and wraps
Include the anticipation network address of the host.
8. according to the method described in claim 7, wherein, the physical network includes the multiple masters connecting with VxLAN interchanger
Machine, multiple host belong to multiple virtual networks;In the sending step, the discovery data packet is only broadcast to each time
Subnet corresponding to a virtual network in the multiple virtual network.
9. according to the method described in claim 6, wherein, in the collection step, the VxLAN interchanger is constructed and is safeguarded
Table, the table include host information.
It further include by after the collection step, described 10. the method according to any one of claim 6-9
The discovery data packet is periodically sent on physical network, the step of state to monitor the host.
11. according to the method described in claim 10, wherein, the monitoring step further includes expiring it in the information of the host
Afterwards, the step of Xiang Suoshu host triggering unitcast request data packet.
12. according to the method for claim 11, wherein if the monitoring step further includes after the triggering step
The step of not receiving any reply from it, then sending reverse request to host.
13. according to the method for claim 12, wherein if the monitoring step further includes after the sending step
Any reply is not received from it, then the host is labeled as offline step.
14. the method according to any one of claim 6-12, wherein the discovery data packet is address resolution protocol
ARP request data packet;Information packet is that ARP replys data packet.
15. according to claim 1-4, method described in any one of 6-9 and 11-13, wherein the VxLAN interchanger is
VXLAN channel termination point VTEP;VXLAN channel termination point VTEP is suitably packaged the physical network packet sent from the host, or solution
Encapsulate the virtual network packet of host.
It, should 16. a kind of VxLAN interchanger is used to obtain the information of host in the physical network for being connected to VxLAN interchanger
VxLAN interchanger includes:
Receiver is configured as being received as information packet that host issues, for replying discovery data packet;
Wherein, the VxLAN interchanger is further adapted for collecting the information of the host from the information packet.
17. VxLAN interchanger according to claim 16, wherein the information packet be include being supplied to the master
The address of the address of machine provides packet.
18. VxLAN interchanger according to claim 17, wherein the information packet is that DHCP provides data packet.
19. VxLAN interchanger according to claim 17, wherein the VxLAN interchanger is suitable for building and maintenance includes
The information of the host listens to table.
20. VxLAN interchanger described in any one of 7-19 according to claim 1, wherein the discovery data packet is that dynamic is main
Machine configuration protocol DHCP finds data packet;The information packet is DHCP confirmation ack msg packet.
21. VxLAN interchanger according to claim 16, further includes: transmitter, suitable for being sent by the physical network
The discovery data packet, to find the presence of the host;Information packet is that the host is sent to the VxLAN interchanger
Confirmation data packet, to reply the discovery data packet.
22. VxLAN interchanger according to claim 21, wherein the transmitter is suitable for the discovery data packet is wide
It is multicast to the physical network;The discovery data packet includes the anticipation network address of the host.
23. VxLAN interchanger according to claim 22, wherein the transmitter is suitable for each time by the discovery data
It is opposite to wrap a virtual network being only broadcast in multiple virtual networks associated with the multiple main frames in the physical network
The subnet answered.
24. VxLAN interchanger according to claim 21, wherein the VxLAN interchanger is suitable for building and maintenance includes
The table of the information of the host.
25. VxLAN interchanger according to claim 21, wherein the transmitter is additionally configured to through the physics
The discovery data packet is sent to network cycle, so that the VxLAN interchanger is suitable for monitoring the state of the host.
26. VxLAN interchanger according to claim 25, wherein the transmitter is additionally configured to by the VxLAN
After the information of the host of interchanger storage expires, Xiang Suoshu host sends unitcast request data packet.
27. VxLAN interchanger according to claim 26, wherein if the transmitter is also configured to not from institute
It states host and receives reply, then send reverse request to the host.
28. the VxLAN interchanger according to any one of claim 21-27, wherein the discovery data packet is address point
Distinguish agreement ARP request data packet;The information packet is that ARP replys data packet.
29. VxLAN interchanger described in any one of 6-28 according to claim 1, wherein the VxLAN interchanger is virtually to believe
Road endpoint VTEP;Pseudo channel endpoint VTEP is suitably packaged the physical network packet sent from the host, or described in decapsulation
The virtual network packet of host.
30. a kind of system is configured for obtaining the information of host in the physical network for being connected to VxLAN interchanger;Institute
The system of stating include connect with the host, VxLAN interchanger described in any one of 6-29 according to claim 1.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201811347670.5A CN109842692B (en) | 2018-11-13 | 2018-11-13 | VxLAN switch, system and method for obtaining host information in physical network |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201811347670.5A CN109842692B (en) | 2018-11-13 | 2018-11-13 | VxLAN switch, system and method for obtaining host information in physical network |
Publications (2)
Publication Number | Publication Date |
---|---|
CN109842692A true CN109842692A (en) | 2019-06-04 |
CN109842692B CN109842692B (en) | 2022-06-14 |
Family
ID=66883116
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201811347670.5A Active CN109842692B (en) | 2018-11-13 | 2018-11-13 | VxLAN switch, system and method for obtaining host information in physical network |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN109842692B (en) |
Cited By (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN111431911A (en) * | 2020-03-30 | 2020-07-17 | 绿盟科技集团股份有限公司 | Method for collecting basic information of equipment in network, network edge equipment and network equipment |
WO2021142158A1 (en) * | 2020-01-08 | 2021-07-15 | Cisco Technology, Inc. | Dhcp snooping with host mobility |
Citations (8)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN101039176A (en) * | 2007-04-25 | 2007-09-19 | 华为技术有限公司 | DHCP monitoring method and apparatus thereof |
US20120163182A1 (en) * | 2010-12-27 | 2012-06-28 | Motorola Solutions, Inc. | Detection of unauthorized changes to an address resolution protocol cache in a communication network |
CN102546307A (en) * | 2012-02-08 | 2012-07-04 | 神州数码网络(北京)有限公司 | Method and system for realizing proxy ARP (Address Resolution Protocol) function based on DHCP (Dynamic Host Configuration Protocol) interception |
CN102710439A (en) * | 2012-05-29 | 2012-10-03 | 南京邮电大学 | Obtaining method of user terminal parameter information |
CN102821023A (en) * | 2012-08-07 | 2012-12-12 | 杭州华三通信技术有限公司 | Method and device for dynamically migrating VLAN (virtual local area network) configuration |
CN102857588A (en) * | 2012-09-17 | 2013-01-02 | 杭州华三通信技术有限公司 | Processing method and apparatus for address resolution protocol ARP information |
CN105812502A (en) * | 2016-03-07 | 2016-07-27 | 北京工业大学 | OpenFlow-based implementation method for address resolution protocol proxy technology |
US20180027012A1 (en) * | 2016-07-20 | 2018-01-25 | Cisco Technology, Inc. | Technologies for preventing man-in-the-middle attacks in software defined networks |
-
2018
- 2018-11-13 CN CN201811347670.5A patent/CN109842692B/en active Active
Patent Citations (8)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN101039176A (en) * | 2007-04-25 | 2007-09-19 | 华为技术有限公司 | DHCP monitoring method and apparatus thereof |
US20120163182A1 (en) * | 2010-12-27 | 2012-06-28 | Motorola Solutions, Inc. | Detection of unauthorized changes to an address resolution protocol cache in a communication network |
CN102546307A (en) * | 2012-02-08 | 2012-07-04 | 神州数码网络(北京)有限公司 | Method and system for realizing proxy ARP (Address Resolution Protocol) function based on DHCP (Dynamic Host Configuration Protocol) interception |
CN102710439A (en) * | 2012-05-29 | 2012-10-03 | 南京邮电大学 | Obtaining method of user terminal parameter information |
CN102821023A (en) * | 2012-08-07 | 2012-12-12 | 杭州华三通信技术有限公司 | Method and device for dynamically migrating VLAN (virtual local area network) configuration |
CN102857588A (en) * | 2012-09-17 | 2013-01-02 | 杭州华三通信技术有限公司 | Processing method and apparatus for address resolution protocol ARP information |
CN105812502A (en) * | 2016-03-07 | 2016-07-27 | 北京工业大学 | OpenFlow-based implementation method for address resolution protocol proxy technology |
US20180027012A1 (en) * | 2016-07-20 | 2018-01-25 | Cisco Technology, Inc. | Technologies for preventing man-in-the-middle attacks in software defined networks |
Cited By (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
WO2021142158A1 (en) * | 2020-01-08 | 2021-07-15 | Cisco Technology, Inc. | Dhcp snooping with host mobility |
CN111431911A (en) * | 2020-03-30 | 2020-07-17 | 绿盟科技集团股份有限公司 | Method for collecting basic information of equipment in network, network edge equipment and network equipment |
CN111431911B (en) * | 2020-03-30 | 2022-08-12 | 绿盟科技集团股份有限公司 | Method for collecting basic information of equipment in network, network edge equipment and network equipment |
Also Published As
Publication number | Publication date |
---|---|
CN109842692B (en) | 2022-06-14 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN104283980B (en) | A kind of address resolution protocol pickup method and device | |
US9774563B2 (en) | Packet transmission method, apparatus, and system in multicast domain name system | |
US8189580B2 (en) | Method for blocking host in IPv6 network | |
US9184930B2 (en) | Detection and support of a dual-stack capable host | |
CN104935516A (en) | Communication system based on software defined network and communication method | |
EP2637364A1 (en) | Method, apparatus and system for address resolution | |
CN102273177B (en) | Neighbour discovery protocol mediation | |
US20120324063A1 (en) | Method, network device, and system for automatically configuring network device in ipv6 network | |
US8478891B1 (en) | Employing socket ranges to ascertain layer 2 addresses | |
CN101257523A (en) | Method for supporting IP network interconnectivity between partitions in a virtualized environment | |
CN107094110B (en) | DHCP message forwarding method and device | |
WO2014114228A1 (en) | Item aggregation in shortest path bridging mac-in-mac mode (spbm) network | |
CN101883158A (en) | Method and client for acquiring VLAN (Virtual Local Area Network) IDs (Identifiers) and network protocol addresses | |
US20120198091A1 (en) | Network system, control apparatus and network apparatus | |
CN112654049B (en) | Method, system, node and medium for configuring a wireless communication coverage extension system | |
CN102025799A (en) | Method for discovery and automatic configuration for IP address of device | |
RU2019113321A (en) | SYSTEMS AND METHODS FOR AUXILIARY NETWORK DETECTION FOR CLUSTER SYSTEMS BASED ON ZERO CONFIGURATION | |
CN103026692A (en) | PV6 address generation to trigger a virtual leased line service | |
CN102201963B (en) | Media access control-forced forwarding method and functional unit | |
CN109842692A (en) | VxLAN switch, system and method for obtaining host information in physical network | |
CN113938427A (en) | Communication method and system, and routing node | |
US11683275B2 (en) | Device and method for interconnecting two subnetworks | |
CN103780494A (en) | User information obtaining method and device | |
CN100493073C (en) | Method for implementing neighbor discovery of different link layer separated domain | |
CN107547691B (en) | Address resolution protocol message proxy method and device |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
GR01 | Patent grant | ||
GR01 | Patent grant |