CN109842692B - VxLAN switch, system and method for obtaining host information in physical network - Google Patents
VxLAN switch, system and method for obtaining host information in physical network Download PDFInfo
- Publication number
- CN109842692B CN109842692B CN201811347670.5A CN201811347670A CN109842692B CN 109842692 B CN109842692 B CN 109842692B CN 201811347670 A CN201811347670 A CN 201811347670A CN 109842692 B CN109842692 B CN 109842692B
- Authority
- CN
- China
- Prior art keywords
- host
- packet
- information
- vxlan switch
- physical network
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1441—Countermeasures against malicious traffic
- H04L63/1466—Active attacks involving interception, injection, modification, spoofing of data unit addresses, e.g. hijacking, packet injection or TCP sequence number attacks
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1408—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
- H04L63/1425—Traffic logging, e.g. anomaly detection
Abstract
The invention discloses a method for a VxLAN switch, which is used for obtaining information of a host in a physical network connected to the VxLAN switch, and comprises the following steps: sending a discovery packet through a physical network; receiving an information data packet which is sent by a host and replies to the discovery data packet; and collecting information of the host from the information data packet through the VxLAN switch. By actively sending discovery packets by the network, the present invention achieves rapid convergence through the virtual network host learning process and suppresses broadcast packets as much as possible.
Description
Technical Field
The present invention relates to computer networks, and more particularly to discovering hosts for endpoints of virtual networks.
Background
Virtual extensible lan (vxlan) is an overlay technology for network virtualization. It provides layer 2 extensions over a shared layer 3 underlying infrastructure network through User Datagram Protocol (UDP) tunneling. To overcome the limitations of flood-and-learn (VxLAN) as defined in RFC 7348, various organizations may use the multi-protocol border gateway protocol ethernet virtual private network (MP-BGP EVPN) as the control plane for the VxLAN.
A Virtual Tunnel Endpoint (VTEP) in an MP-BGP EVPN needs to quickly learn the Media Access Control (MAC) address and IP address of locally connected hosts through local learning and synchronize this information through the MP-BGP of other VTEPs. The slow host information synchronization will cause a large amount of overflow traffic on all networks through tunneling. In particular, slow convergence will result in high load in the network when VTEP restarts.
Existing solutions for host learning include local data plane based solutions by monitoring all Address Resolution Protocol (ARP) packets including ARP requests and replies in the local LAN. However, there may be silent hosts in an actual network environment, which may not automatically send any ARP packets. Alternatively, the host may send ARP packets only when needed to connect to other components, in which case the VTEP cannot passively and timely discover all local hosts from ARP learning. Furthermore, when the entire network has just started, the VTEP needs an active method to scan the local network to discover all possible hosts at once.
Disclosure of Invention
Accordingly, in one aspect, the present invention is a method for a VxLAN switch for obtaining information of a host in a physical network connected to the VxLAN switch, comprising the steps of: sending a discovery packet through a physical network; receiving an information data packet which is sent by a host and replies to the discovery data packet; and collecting information of the host from the information data packet through the VxLAN switch.
According to another aspect of the present invention, there is disclosed a VxLAN switch for obtaining information of a host in a physical network connected to the VxLAN switch, the VxLAN switch comprising: a receiver configured to receive an information packet for replying to a discovery packet issued by a host; wherein the VxLAN switch is further adapted to collect information from the host of the information packet.
In accordance with another aspect of the invention, a system configured to obtain information for hosts in a physical network connected to a VxLAN switch is disclosed. The system includes a VxLAN switch that includes a receiver configured to receive an information packet sent out for a host in reply to a discovery packet. The VxLAN switch is also adapted to collect host information from information packets. The VxLAN switch is connected to the host.
Thus, the present invention provides an improved host learning mechanism for virtual networks. By actively sending discovery packets over the network, the present invention achieves fast convergence of host learning on a virtual network and suppresses broadcast packets as much as possible. Some embodiments of the present invention also reduce potential swings caused by the update mechanism of the ARP table. Finally, the present invention reduces the system pressure of the VTEP switch, and the VTEP switch does not need to capture all ARP packets for its processor to analyze in order to learn all the time.
Drawings
The above and further features of the present invention will become apparent from the following description of preferred embodiments thereof, which are provided by way of example only, with reference to the accompanying drawings, in which:
fig. 1 illustrates a typical virtual network that includes a plurality of VTEPs to which hosts are connected.
Fig. 2 illustrates a system including a VTEP and a Dynamic Host Configuration Protocol (DHCP) server connected thereto according to an embodiment of the present invention.
Fig. 3 is a flow chart showing steps for obtaining host information through a DHCP packet in the system of fig. 2.
Fig. 4 illustrates a system including a VTEP and hosts connected to the VTEP under different subnets according to another embodiment of the invention.
FIG. 5 is a flowchart showing steps for obtaining host information through ARP scanning of VTEPs in the system of FIG. 4, an
FIG. 6 is a flowchart showing steps for maintaining a host information table by the VTEP in the system of FIG. 4, an
In the drawings, like reference numerals designate like parts throughout the several embodiments described herein.
Detailed Description
Turning now to FIG. 1, a typical computer network 18 on which a virtual network may be implemented is shown. The host learning mechanism proposed by the present invention to be described later can be applied to the network shown in fig. 1. In contrast to virtual networks in which devices are interconnected using Virtual Network Interface Controllers (VNICs), a computer as shown in fig. 1 is represented by physical devices connected through a physical Network Interface Controller (NIC). In fig. 1, the computer network 18 includes a core 26 that allows a plurality of separate physical networks to be connected thereto. The core 26, which is centrally located in the network 18, represents any one or more backbone networks for connecting physical networks. An example of the core 26 is the internet. Each physical network is defined by a router 22 and a corresponding VTEP 20. The VTEPs 20 shown in fig. 1 are a virtual network endpoint. Each VTEP20 is adapted to perform VXLAN encapsulation and decapsulation of data packets sent from another VTEP 20/to VTEP 20. In other words, the data packets transmitted between two or more VTEPs 20 are physical network packets, but on the other side of each VTEP20 are virtual network packets, and VTEPs 20 are adapted to perform the conversion of physical network packets and virtual network packets. The router 22 is used for relay devices in the network 18 to forward data packets. The three routers 22 shown in fig. 1 are connected to each other through the core 26, and data packets from any one of them can be transmitted to the rest. Behind each router 22 is connected a physical network that can only communicate with the core 26 through a particular router 22. In other words, the three physical networks shown in fig. 1 are logically isolated from each other. Within each physical network, there are one or more computing devices 24 (also referred to as hosts in this embodiment) connected to respective routers 22 through respective VTEPs 20. The computing device 24 may be any electronic device with a network connection including, but not limited to, a desktop computer, a smart phone, a laptop computer, a tablet computer, and the like. It should be noted that through VTEP20, computing devices 24 distributed in different physical networks may be placed in the same virtual network, as is well known to those skilled in the art.
Turning now to fig. 2, an embodiment of the present invention is shown that illustrates how VTEP 120 learns of hosts within a physical network associated with VTEP 120 when DHCP is enabled for the physical network. The procedure in this embodiment may be applied to the network shown in fig. 1 as long as DHCP is enabled. As shown in fig. 2, connected to VTEP 120 are a plurality of hosts 124 that form at least a portion of the physical network associated with VTEP 120. In other words, multiple hosts 124 rely on VTEP 120 to enable connection with other hosts in different physical networks connected to different VTEPs (not shown). The DHCP server 130 is also connected to the VTEP 120. The DHCP server 130 may be any node of a network that provides DHCP functionality for automatically assigning IP addresses. For example, DHCP server 130 may be implemented by a router similar to that shown in fig. 1.
Turning now to the operation of VTEP 120 in the virtual network of fig. 2 described above, it is used to discover information for multiple hosts 124. The steps of this operation are shown in figure 3. First, in step 132, VTEP 120 boots up to turn on its functionality as a virtual network endpoint. VTEP 120 enables its DHCP snooping function and then builds the DHCP snoop table, but at the time of step 132, the DHCP snoop table is empty. VTEP 120 fills out the DHCP snooping table by monitoring all DHCP packets that pass through VTEP 120 and learns MAC and IP information from the DHCP packets.
For example, assuming that the host 124a in fig. 2 is about to request an IP address from the DHCP server 130, in step 134, the host 124a broadcasts a DHCP discover (discover) packet to the physical network in order to discover any available DHCP servers. The DHCP discover packet will go through VTEP 120 to all possible DHCP servers in the physical network including DHCP server 130. Then, since in the embodiment of fig. 2, the DHCP server 130 is the only DHCP server available to the host 124a, the DHCP server 130 replies to the DHCP discover packet in step 136 by broadcasting a DHCP offer packet that includes the network configuration information for the host 124 a. Next, the host 124a, upon receiving the DHCP offer (offer) packet, broadcasts a DHCP request (request) packet in step 138 that will reach the DHCP server 130 to confirm that the host 124a selected the DHCP server 130 for its offer. Finally, after DHCP server 130 receives the DHCP request packet, it broadcasts a DHCP Acknowledge (ACK) packet with all network configuration information for host 124a, including the IP address assigned for host 124a, in step 140. Thus, the DHCP ACK packet is referred to as an information packet in this embodiment because it includes the network address of the host 124a, including the IP address and the MAC address, although it is a direct reply to the DHCP request packet, it may be considered that the DHCP ACK packet is eventually a reply to the first initial DHCP packet, which is the DHCP discover packet sent by the host 124 a. The DHCP ACK packet is an address provisioning packet that includes an acknowledged address provided to host 124a, and in contrast, the DHCP provisioning packet is only temporary, requiring an acknowledgement by host 124 a. The host 124a then uses the provided network configuration information to configure its network interface to access the physical network.
It should be noted that the above-described DHCP configuration procedure is well known to those skilled in the art. However, the difference is that VTEP 120 is able to monitor all DHCP-related packets that pass through VTEP 120 to obtain information for the hosts connected to VTEP 120. In the above example, once the DHCP ACK packet is broadcast to host 124a, VTEP 120 will identify the DHCP ACK packet in step 142 that includes not only the IP address assigned for host 124a, but also the MAC address included in the DHCP ACK packet. VTEP 120 then uses the MAC address and IP address of host 124a to update the DHCP snoop table in step 144. Thus, VTEP 120 collects host information for host 124a from DHCP ACK packets. VTEP 120 repeats the above process for each host in the physical network and may then form a complete DHCP snoop table for all hosts in the physical network. Table 1 below shows an example of a DHCP intercept table maintained by VTEP 120.
| Main unit | MAC | |
| Main unit | ||
| 1 | 00:AA:00:BB:00::11 | 10.10.10.5/24 |
| |
00:AA:00:FF:00::11 | 10.10.10.2/24 |
| |
00:AA:00:FF:AA:40 | 10.10.20.55/24 |
| Host 4 | 00:AA:00:FF:12:55 | 10.10.30.66/24 |
Table 1
After obtaining the host information for its physical network, VTEP 120 then updates the host information to multi-protocol border gateway protocol (MP-BGP) and MP-BGP then updates the host information to other VTEPs (not shown) in the virtual network in step 143. When VTEP 120 is running, any new host joining the physical network will also have the information obtained by VTEP 120 because the new host must also obtain an IP address from DHCP server 130. On the other hand, even if VTEP 120 needs to be restarted, all host information included in the DHCP snoop table will be saved in a flash memory (not shown) of VTEP 120. When VTEP 120 later recovers, VTEP 120 may then read the contents from the flash memory and directly retrieve the host information without having to perform DHCP snooping again.
Turning now to fig. 4, an embodiment of the present invention is shown that illustrates how VTEP 220 learns of information for hosts within a physical network associated with VTEP 220 without providing DHCP services for the physical network. In this embodiment, the procedure may be applied to the network shown in fig. 1 if there is no DHCP service in the network. As shown in fig. 4, a plurality of hosts 224a and 224b are connected to VTEP 220, which form at least a portion of a physical network. In other words, multiple hosts 224a and 224b rely on VTEP 220 to enable connection with other hosts in different physical networks connected to different VTEPs (not shown). Note that hosts 224a and 224b belong to different subnets 225a and 225b, respectively. In this example, hosts 224a and 224b belong to different VXLANs having different VXLAN Network Identifiers (VNIs) such that each subnet corresponds to one VXLAN. Table 2 below shows the relationship between the different subnets, VNIs and VLAN IDs (VIDs) in the network shown in fig. 4. VTEP 220 is adapted to perform ARP scanning using different types of ARP related packets, as will be described in detail below.
| VNI | Sub-network | VID |
| 10001 | 10.10.10.1/24 | 100 |
| 10002 | 10.10.20.1/24 | 200 |
Table 2
Turning now to the operation of VTEP 220 associated with the two different virtual networks of fig. 4 above, information for multiple hosts 224a and 224b is discovered. The steps of this operation are shown in fig. 5. First, in step 232, VTEP 120 boots up to turn on its functionality as a virtual network endpoint. VTEP 220 builds an ARP table, but at the time of step 232, the ARP table is empty. After performing an ARP scan for each host 224a and 224b in the physical network, VTEP 220 populates the ARP table.
For example, assuming that VTEP 220 wants to obtain information for unknown hosts in the subnet 225a network that may have an IP address of 10.10.10.2 (as shown in fig. 4), VTEP 220 broadcasts an ARP request packet in step 234 that targets the IP address of 10.10.10.2 as a discovery packet. Host 224a, using IP address 10.10.10.2, will then respond to the ARP request (request) packet by sending an ARP reply packet to its MAC address to VTEP 220 in step 236. An ARP reply packet is an information packet that provides an acknowledgement of host 224 a's information to VTEP 220. It should be noted that for other hosts that do not have an IP address of 10.10.10.2, these hosts will directly drop the ARP request packet they receive. Then, at step 238, VTEP 220 updates its ARP table after receiving an ARP reply (reply) packet with an IP address of 10.10.10.2 from host 224 a.
It should be noted that the ARP scanning process described above is well known to those skilled in the art, but is limited only to the extent of the host or hosts in the network that do such ARP scanning. In an embodiment of the present invention, the difference is that VTEP 220 is able to actively perform ARP scanning by broadcasting ARP request packets, thereby obtaining information of all hosts connected to VTEP 220. It should be noted that, as described above, an ARP request packet can only detect the presence of a host. In the above example, similar to the described process for obtaining information for host 224a having an IP address of 10.10.10.2, VTEP 220 repeats the similar process for each IP address, which may belong to a different subnet in the physical network. As a result, the ARP table may be populated with the most likely information of the hosts in the network. Table 3 below shows an example of an ARP table maintained by VTEP 220. After obtaining host information for its physical network, VTEP 220 then sends BGP updates to other VTEPs in the virtual network (not shown).
| VID | IP | Exist of | |
|
| 100 | 10.10.10.3 | N | N/ |
|
| 100 | 10.10.10.5 | | 000abb180a1c | |
| 100 | 10.10.10.7 | Y | 00aabb11011b | |
| …… | ||||
| 200 | 10.10.20.3 | | ff0abb180a1f | |
| 200 | 10.10.20.5 | N | N/ |
|
| 200 | 10.10.20.7 | N | N/ |
|
| 200 | 10.10.20.9 | | a1cabb11011b | |
| 200 | 10.10.20.253 | N | N/A |
Table 3
In this embodiment, to avoid the heartbeat effect, the IP address that VTEP 220 attempts to probe is divided into two different groups, odd or even, in the last bit of the IP address. Table 3 shows a portion of the ARP table after the first ARP scan that points to an IP address with an odd number. Table 4 below shows a portion of the ARP table after the second ARP scan for IP addresses with even numbers.
| VID | IP | Exist of | |
|
| 100 | 10.10.10.2 | | 00aabb110156 | |
| 100 | 10.10.10.4 | N | N/ |
|
| 100 | 10.10.10.6 | N | N/A | |
| …… | ||||
| 200 | 10.10.20.2 | | 1233bb180a1c | |
| 200 | 10.10.20.4 | N | N/ |
|
| 200 | 10.10.20.6 | N | N/ |
|
| 200 | 10.10.20.8 | | 00aabb110188 | |
| 200 | 10.10.20.254 | N | N/A |
Table 4
It should be noted that if an ARP request packet sent for that IP address does not return any acknowledgement, not all hosts are present for that particular IP address. For example, in table 3, without host acknowledgement: an ARP request packet with IP address 10.10.10.3, therefore it indicates that it is not present in table 3 and therefore cannot obtain a MAC address for the host. VTEP 220, on the other hand, may periodically initiate ARP scans to detect any new hosts or remove offline hosts. The period of time is determined based on the size of the physical network connected to VTEP 220.
Fig. 6 shows steps performed by VTEP 220 to maintain an ARP table to add new hosts or remove offline hosts. VTEP 220 does not immediately remove the ARP table entry from the ARP table when it is updated. Instead, VTEP 220 sends a UNICAST (UNICAST) ARP request packet with the destination MAC address being the current MAC address of the host in the ARP entry in step 240. VTEP 220 then determines whether an ARP reply is replied after sending the UNICAST ARP request in step 242. If an ARP reply is indeed received, VTEP 220 confirms that the host is still online and VTEP 220 will update the host's ARP entry in the ARP table with the new timestamp in step 243, thereby updating the host's status. This ARP entry is then checked only if it is updated the next time.
If an ARP reply is not returned after step 242, VTEP 220 resends reverse ARP (reversed ARP) query packets to check if the IP address is changed for that particular host, at step 244. VTEP 220 then determines whether a reply is received after the RARP query packet in step 246. If there is no reply, VTEP 220 removes the entry in the ARP table in step 250 because VTEP 220 confirms that the host associated with the ARP entry has indeed gone offline. Alternatively, if a reply is received after the RARP query packet, VTEP 220 knows that the particular host has changed its IP address and, in step 248, VTEP 220 updates the ARP table with the address information included in the reply to the RARP query packet.
In the above embodiment, UNICAST ARP requests are used instead of normal ARP requests to avoid broadcast traffic in the network. VTEP 220, on the other hand, uses RARP queries to detect whether the IP address of a host has changed. UNICAST ARP requests and RARP queries are well known to those skilled in the art, but next to the extent that hosts send UNICAST ARP requests and RARP queries, not VTEPs.
Thus, exemplary embodiments of the present invention have been fully described. Although the description refers to particular embodiments, it will be apparent to those skilled in the art that the present invention may be practiced with modification of these specific details. Accordingly, the present invention should not be construed as limited to the embodiments set forth herein.
While the invention has been illustrated and described in detail in the drawings and foregoing description, the same is to be considered as illustrative and not restrictive in character, it being understood that only exemplary embodiments have been shown and described and do not limit the scope of the invention in any way. It is to be understood that any feature described herein may be used with any embodiment. The exemplary embodiments do not exclude other embodiments from each other or from the list herein. Accordingly, the present invention also provides embodiments that include combinations of one or more of the exemplary embodiments described above. Modifications and variations may be made to the invention described herein without departing from the spirit and scope of the invention, and, therefore, such limitations should be imposed as are indicated by the appended claims.
For example, in the embodiments shown in fig. 2-3, the VTEP recognizes the DHCP ACK packet and obtains host information included in the DHCP ACK packet to fill the DHCP snoop table. However, in other variations of information, other DHCP packets may also be used to obtain host information, such as DHCP offer packets. However, the address included in the DHCP offer packet is not the final acknowledgement address of the requesting host, so further acknowledgement is required and the DHCP snoop table may be updated if necessary.
In the embodiment shown in fig. 4, the hosts on the virtual network are divided into two groups based on the last bit of their IP address for ARP scanning at different times. However, those skilled in the art will recognize that other criteria may be used to group hosts, such as grouping by VLAN or subnet.
In the embodiments shown in fig. 2-3, the DHCP discover packet and the DHCP ACK packet are described as broadcast. However, those skilled in the art will recognize that these packets may be transmitted in other ways in other variations of the invention. For example, the packets may also be unicast.
Claims (23)
1. A method for a VxLAN switch for obtaining information of a host in a physical network connected to the VxLAN switch, comprising the steps of:
sending a discovery packet by a host over a physical network to request a network address;
receiving an information data packet which is sent to the host and replies to the discovery data packet; wherein the information packet is an acknowledgement packet and includes a network address provided to the host; and
collecting information of the host from the information data packet through a VxLAN switch;
wherein said VxLAN switch constructs and maintains an intercept table that includes said information for said host collected after receipt of said information packet in said collecting step.
2. The method of claim 1, wherein the information data packet is an address provisioning packet that includes the network address provisioned to the host.
3. The method of claim 2, wherein the receiving step is performed at the VxLAN switch.
4. A method according to claim 2 or 3, wherein the discovery packet is a dynamic host configuration protocol, DHCP, discovery packet; the information packet is a DHCP acknowledge packet.
5. The method of any of claims 1-3, wherein the VxLAN switch is a VxLAN channel endpoint, VTEP; the VxLAN channel endpoint VTEP is adapted to encapsulate physical network packets sent from the host, or to decapsulate virtual network packets of the host.
6. A method for a VxLAN switch for obtaining information of a host in a physical network connected to the VxLAN switch, comprising the steps of:
sending, by the VxLAN switch, a discovery packet over a physical network to detect the presence of the host on the physical network;
receiving an information data packet which is sent by the host and replies to the discovery data packet; the information data packet is an acknowledgement data packet sent by the host to the VxLAN switch so as to reply to the discovery data packet;
collecting information of the host from the information data packet through the VxLAN switch; and
monitoring the status of the host by periodically sending the discovery packets on the physical network after the collecting step; wherein the monitoring step further comprises:
triggering a unicast request data packet to the host after the information of the host expires;
sending a reverse request to the host if no reply is received therefrom after said triggering step; and
marking the host offline if no reply is received therefrom after the sending step.
7. The method of claim 6, wherein the discovery packet is broadcast to the physical network and includes an expected network address of the host.
8. The method of claim 7, wherein the physical network comprises a plurality of hosts connected to a VxLAN switch, the plurality of hosts belonging to a plurality of virtual networks; in the transmitting step, the discovery packet is broadcast to only a subnet corresponding to one of the plurality of virtual networks at a time.
9. The method of claim 6, wherein in the step of collecting, the VxLAN switch builds and maintains a table that includes the information of the host.
10. The method according to any of claims 6-9, wherein the discovery packet is an address resolution protocol, ARP, request packet; the information packet is an ARP reply packet.
11. The method of any of claims 6-9, wherein the VxLAN switch is a VxLAN channel endpoint, VTEP; the VXLAN channel endpoint VTEP is adapted to encapsulate physical network packets sent from the host or to decapsulate virtual network packets of the host.
12. A VxLAN switch for obtaining information for a host in a physical network connected to the VxLAN switch, comprising:
a receiver configured to receive an information packet for replying to a discovery packet, which is issued to a host; the discovery packet is sent by the host over a physical network to request a network address; the information packet is an acknowledgement packet and includes a network address provided to the host;
wherein said VxLAN switch is further adapted to collect information from said host of said information packet; the VxLAN switch builds and maintains an intercept table that includes the collected information for the host.
13. The VxLAN switch of claim 12, wherein the information packet is an address-providing packet comprising an address provided to the host.
14. The VxLAN switch of claim 13, wherein the information packet is a DHCP offer packet.
15. The VxLAN switch of any of claims 12-14, wherein the VxLAN switch is a virtual channel endpoint, VTEP; the virtual channel endpoint VTEP is adapted to encapsulate physical network packets sent from the host or to decapsulate virtual network packets of the host.
16. The VxLAN switch of any of claims 12-14, wherein the discovery packet is a dynamic host configuration protocol, DHCP, discovery packet; the information data packet is a DHCP acknowledgement ACK data packet.
17. A VxLAN switch for obtaining information for a host in a physical network connected to the VxLAN switch, comprising:
a transmitter adapted to transmit a discovery packet over the physical network to discover the presence of the host;
a receiver configured to receive an information packet sent by the host in reply to the discovery packet; the information data packet is an acknowledgement data packet sent by the host to the VxLAN switch so as to reply the discovery data packet;
the VxLAN switch is suitable for receiving the information of the host from the information data packet;
wherein the transmitter is further configured to periodically transmit the discovery packet over the physical network such that the VxLAN switch is adapted to monitor a status of the host; the transmitter is further configured to transmit a unicast request packet to the host after expiration of the information of the host stored by the VxLAN switch; the transmitter is further configured to transmit a reverse request to the host if no reply is received from the host.
18. The VxLAN switch of claim 17, wherein the transmitter is adapted to broadcast the discovery packet to the physical network; the discovery packet includes an expected network address of the host.
19. The VxLAN switch of claim 18, wherein the transmitter is adapted to broadcast the discovery packet to only a subnet corresponding to one of a plurality of virtual networks associated with a plurality of hosts in the physical network at a time.
20. The VxLAN switch of claim 17, wherein the VxLAN switch is adapted to build and maintain a table that includes the information for the host.
21. The VxLAN switch of any of claims 17-20, wherein the discovery packet is an address resolution protocol, ARP, request packet; the information packet is an ARP reply packet.
22. The VxLAN switch of any of claims 17-20, wherein the VxLAN switch is a virtual channel endpoint, VTEP; the virtual channel endpoint VTEP is adapted to encapsulate physical network packets sent from the host or to decapsulate virtual network packets of the host.
23. A system configured for obtaining information of hosts in a physical network connected to a VxLAN switch; the system includes a VxLAN switch according to any of claims 12-22 connected to the host.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201811347670.5A CN109842692B (en) | 2018-11-13 | 2018-11-13 | VxLAN switch, system and method for obtaining host information in physical network |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201811347670.5A CN109842692B (en) | 2018-11-13 | 2018-11-13 | VxLAN switch, system and method for obtaining host information in physical network |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN109842692A CN109842692A (en) | 2019-06-04 |
| CN109842692B true CN109842692B (en) | 2022-06-14 |
Family
ID=66883116
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201811347670.5A Active CN109842692B (en) | 2018-11-13 | 2018-11-13 | VxLAN switch, system and method for obtaining host information in physical network |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN109842692B (en) |
Families Citing this family (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20210211404A1 (en) * | 2020-01-08 | 2021-07-08 | Cisco Technology, Inc. | Dhcp snooping with host mobility |
| CN111431911B (en) * | 2020-03-30 | 2022-08-12 | 绿盟科技集团股份有限公司 | Method for collecting basic information of equipment in network, network edge equipment and network equipment |
Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101039176A (en) * | 2007-04-25 | 2007-09-19 | 华为技术有限公司 | DHCP monitoring method and apparatus thereof |
| CN102546307A (en) * | 2012-02-08 | 2012-07-04 | 神州数码网络(北京)有限公司 | Method and system for realizing proxy ARP (Address Resolution Protocol) function based on DHCP (Dynamic Host Configuration Protocol) interception |
| CN102710439A (en) * | 2012-05-29 | 2012-10-03 | 南京邮电大学 | Obtaining method of user terminal parameter information |
| CN102857588A (en) * | 2012-09-17 | 2013-01-02 | 杭州华三通信技术有限公司 | Processing method and apparatus for address resolution protocol ARP information |
Family Cites Families (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US8923133B2 (en) * | 2010-12-27 | 2014-12-30 | Symbol Technologies, Inc. | Detection of unauthorized changes to an address resolution protocol cache in a communication network |
| CN102821023B (en) * | 2012-08-07 | 2016-12-21 | 杭州华三通信技术有限公司 | A kind of method and device of VLAN configuration dynamic migration |
| CN105812502A (en) * | 2016-03-07 | 2016-07-27 | 北京工业大学 | OpenFlow-based implementation method for address resolution protocol proxy technology |
| US10320838B2 (en) * | 2016-07-20 | 2019-06-11 | Cisco Technology, Inc. | Technologies for preventing man-in-the-middle attacks in software defined networks |
-
2018
- 2018-11-13 CN CN201811347670.5A patent/CN109842692B/en active Active
Patent Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101039176A (en) * | 2007-04-25 | 2007-09-19 | 华为技术有限公司 | DHCP monitoring method and apparatus thereof |
| CN102546307A (en) * | 2012-02-08 | 2012-07-04 | 神州数码网络(北京)有限公司 | Method and system for realizing proxy ARP (Address Resolution Protocol) function based on DHCP (Dynamic Host Configuration Protocol) interception |
| CN102710439A (en) * | 2012-05-29 | 2012-10-03 | 南京邮电大学 | Obtaining method of user terminal parameter information |
| CN102857588A (en) * | 2012-09-17 | 2013-01-02 | 杭州华三通信技术有限公司 | Processing method and apparatus for address resolution protocol ARP information |
Also Published As
| Publication number | Publication date |
|---|---|
| CN109842692A (en) | 2019-06-04 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US9774563B2 (en) | Packet transmission method, apparatus, and system in multicast domain name system | |
| US8543669B2 (en) | Network switch and method of preventing IP address collision | |
| US7046666B1 (en) | Method and apparatus for communicating between divergent networks using media access control communications | |
| US7181503B2 (en) | Apparatus and method of searching for DNS server in outernet | |
| CN106412142B (en) | Resource equipment address obtaining method and device | |
| EP2897347B1 (en) | Method for transmitting addresses correspondence relationship in second-layer protocol using link status routing | |
| US9825859B2 (en) | Item aggregation in shortest path bridging mac-in-mac mode (SPBM) network | |
| US10298724B2 (en) | Communication device and method for transmitting data within an industrial automation system | |
| US8189580B2 (en) | Method for blocking host in IPv6 network | |
| US9184930B2 (en) | Detection and support of a dual-stack capable host | |
| US9641417B2 (en) | Proactive detection of host status in a communications network | |
| US20070223494A1 (en) | Method for the resolution of addresses in a communication system | |
| WO2018214809A1 (en) | Message transmission method and device, and storage medium | |
| CN107094110B (en) | DHCP message forwarding method and device | |
| CN110493366B (en) | Method and device for adding access point into network management | |
| US11523324B2 (en) | Method for configuring a wireless communication coverage extension system and a wireless communication coverage extension system implementing said method | |
| CN102025799A (en) | Method for discovery and automatic configuration for IP address of device | |
| US20160119186A1 (en) | Zero-configuration networking protocol | |
| CN117083843A (en) | Discovering hosts using multicast listener discovery | |
| CN109842692B (en) | VxLAN switch, system and method for obtaining host information in physical network | |
| JP2004357016A (en) | Apparatus for restricting use of specific address | |
| CN100493073C (en) | Method for implementing neighbor discovery of different link layer separated domain | |
| US20150229520A1 (en) | Network monitoring system, communication device, network management method | |
| CN112953858A (en) | Message transmission method in virtual network, electronic device and storage medium | |
| JPH08237285A (en) | Automatic setting method for inter-net protocol address |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |