CN109995637B - S-VXLAN construction method, data forwarding method and system - Google Patents
S-VXLAN construction method, data forwarding method and system Download PDFInfo
- Publication number
- CN109995637B CN109995637B CN201810000832.1A CN201810000832A CN109995637B CN 109995637 B CN109995637 B CN 109995637B CN 201810000832 A CN201810000832 A CN 201810000832A CN 109995637 B CN109995637 B CN 109995637B
- Authority
- CN
- China
- Prior art keywords
- vxlan
- svdi
- tid
- user
- sips
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L12/00—Data switching networks
- H04L12/28—Data switching networks characterised by path configuration, e.g. LAN [Local Area Networks] or WAN [Wide Area Networks]
- H04L12/46—Interconnection of networks
- H04L12/4641—Virtual LANs, VLANs, e.g. virtual private networks [VPN]
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L41/00—Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
- H04L41/50—Network service management, e.g. ensuring proper service fulfilment according to agreements
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/01—Protocols
- H04L67/10—Protocols in which an application is distributed across nodes in the network
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/50—Network services
- H04L67/51—Discovery or management thereof, e.g. service location protocol [SLP] or web services
Abstract
The invention provides a method for constructing an S-VXLAN (virtual extensible local area network), a method for forwarding data and a system, and belongs to the technical field of wireless. The S-VXLAN control node distributes TID for each user; registering cloud services, and distributing corresponding VXLAN for each cloud service; constructing service-oriented VXLAN control information, wherein the VXLAN control information comprises (TID, SIPs and/or SPORTs, SVDI) relation tuples; and the S-VXLAN control node distributes the VXLAN control information to S-VXLAN user equipment on the user side and S-VXLAN user equipment on the cloud service provider side, and the S-VXLAN user equipment generates corresponding VXLAN according to the received VXLAN control information. The technical scheme of the invention is oriented to multi-user multi-service, and can distribute the data of different users accessing specific services to the corresponding virtual networks for transmission.
Description
Technical Field
The present invention relates to the field of wireless technologies, and in particular, to a method for constructing an S-VXLAN, a method and a system for forwarding data.
Background
The development of cloud computing and SDN (Software Defined Network) technology promotes the invention and popularization of VXLAN (virtual Extensible local area Network) technology, and provides a more efficient way for user Network virtualization across wide area networks.
With the development and increasing popularity of cloud services and edge computing, home, mobile and enterprise applications will rely more on and access cloud computing infrastructure and cloud services and/or applications, and the traditional internet-based access mode has been unable to meet the access requirements of cloud services and/or cloud computing infrastructure. For example, in addition to ensuring the access quality of the internal network of the enterprise by adopting a private line and/or MPLS (Multi-Protocol Label Switching) mode between the internal and/or enterprise branches or between the enterprise branches and the private cloud of the enterprise, the access to the public cloud infrastructure, services or applications is based on internet, and the access quality of the enterprise to the public cloud cannot be ensured. How to better access subscribed video services, such as Content Delivery Network (CDN), by a mobile terminal user. How to better improve the experience of a user for accessing the cloud service, especially, network delay, jitter, bandwidth and the like become problems to be solved. VXLAN provides a virtual service pipeline for cloud service providers to better enable users to access cloud services, and simultaneously combines SDN technology, so that the modes of network on-demand use and dynamic expansion of the users accessing public cloud services can be better achieved, peak access quality requirements are met, and the use cost of network services is reduced.
The VXLAN technology is an overlay network technology, and uses a MAC (Media Access Control ) in UDP (User Datagram Protocol) method to perform encapsulation. The Network Virtualization Edge (NVE) is a functional entity for implementing Network virtualization, and after a message in a Virtual Machine (VM) is encapsulated by the NVE, an L2 virtual Network can be established between the NVEs on the basis of a Network based on L3. A network device entity and a VSwitch (Virtual Switch) on the server entity can both act as NVEs. The VTEP (VXLAN Tunnel End Point ) is an End Point of the VXLAN Tunnel, encapsulated in the NVE, and used for encapsulation and decapsulation of the VXLAN packet. The VTEP is connected with a physical network, and the allocated address is a physical network IP address. The source IP address in the VXLAN message is the VTEP address of the node, the destination IP address in the VXLAN message is the VTEP address of the opposite node, and a pair of VTEP addresses corresponds to a VXLAN tunnel. VNI (VXLAN Network Identifier ) is a VXLAN Network Identifier, and VNI is similar to VLAN ID and is used to distinguish VXLAN segments, and virtual machines of different VXLAN segments cannot directly communicate with each other in two layers. A VNI represents a user, even if multiple end users belong to the same VNI.
The invention has the common point that the virtualization of a multi-user network is realized, an independent and fixed VXLAN identifier is distributed to a certain user network through a static configuration mode, data of all nodes in the VXLAN are statically forwarded in the designated VXLAN, namely VNI of a data stream is unchanged when the data stream is forwarded by VTEP. That is, existing VXLANs are based on subscriber identity, and all terminal data streams within a user can only be transmitted in one virtual network.
Disclosure of Invention
The technical problem to be solved by the invention is to provide a method for constructing an S-VXLAN (multi-user multi-service VXLAN), a method and a system for forwarding data, which are oriented to multi-user multi-service and can distribute data of different users accessing specific services to corresponding virtual networks for transmission.
To solve the above technical problem, embodiments of the present invention provide the following technical solutions:
in one aspect, a method for constructing an S-VXLAN is provided, comprising:
the S-VXLAN control node distributes TID (Tenant ID, Tenant identification) for each user;
the S-VXLAN control node registers cloud services, each cloud service comprises a server node IP address SIPs and service port numbers SPORTs, and a corresponding VXLAN is distributed for each cloud service;
the S-VXLAN control node constructs service-oriented VXLAN control information, the VXLAN control information comprises (TID, SIPs and/or SPORTs, SVDI) relation tuples, and the (TID, SIPs and/or SPORTs, SVDI) relation tuples are corresponding relations among the TID, SIPs or SPORTs and VXLAN identification SVDI;
and the S-VXLAN control node distributes the VXLAN control information to S-VXLAN user equipment on the user side and S-VXLAN user equipment on the cloud service provider side, so that the S-VXLAN user equipment generates corresponding VXLAN according to the received VXLAN control information.
Further, each subscriber can join one or more VXLANs.
Further, the S-VXLAN control node constructing service-oriented VXLAN control information includes:
the S-VXLAN control node generates one VXLAN or SVDI for each pair (TID, SIPs and/or SPORTs);
the S-VXLAN control node establishes a corresponding relation between each pair (TID, SIPs and/or SPORTs) and the corresponding SVDI, and generates a (TID, SIPs and/or SPORTs, SVDI) relation tuple.
Further, the method further comprises:
when a user subscribes or unsubscribes to a cloud service, the S-VXLAN control node adds or deletes (TID, SIPs and/or SPORTs, SVDI) relationship tuples corresponding to the user and the cloud service.
Further, the method further comprises:
the S-VXLAN user equipment on the user side associates the MAC addresses of all local terminals with all local VNIs and adds the MAC addresses to all local VXLAN address lists; and the S-VXLAN user equipment on the cloud service provider side associates the MAC address corresponding to the service node with all local VNIs and adds the MAC address corresponding to the service node to a local VXLAN address list.
The embodiment of the invention also provides an S-VXLAN data forwarding method, which is applied to the S-VXLAN system created by adopting the method and comprises the following steps:
the S-VXLAN user equipment receives a set of relation tuples (TID, SIPs and/or SPORTs, SVDI) distributed by the S-VXLAN control node;
and when the S-VXLAN user equipment receives the data stream, obtaining the SVDI corresponding to the data stream according to the set, and forwarding the data stream by using the corresponding SVDI.
Further, the obtaining, when the S-VXLAN user equipment receives a data stream, an SVDI corresponding to the data stream according to the set, and forwarding the data stream using the corresponding SVDI includes:
when S-VXLAN user equipment at a user side receives a user access data stream, according to a data packet VLAN or port number or a source IP address or MAC address, identifying TID of a user, acquiring a target IP address DIP and a port number DP of the data packet, comparing the (TID, DIP and/or DP) with the (TID, SIPs and/or SPORTs) in a relation tuple (TID, SIPs and/or SPORTs, SVDI) in the set, acquiring a corresponding SVDI, and forwarding the data packet by using the selected SVDI through a VXLAN module.
Further, the obtaining, when the S-VXLAN user equipment receives a data stream, an SVDI corresponding to the data stream according to the set, and forwarding the data stream using the corresponding SVDI includes:
when the S-VXLAN user equipment receives the service node response data stream, the source IP address of the response data packet in the service node response data stream is obtained, the source IP address is matched with (TID, SIPs and/or SPORTs, SVDI) in the relation tuples (TID, SIPs and/or SPORTs, SVDI) in the set, all SVDI is found, the MAC address and the corresponding VNI are searched in the address table corresponding to all SVDI, and the VNI is selected as the VNI of the response data packet to be forwarded.
An embodiment of the present invention further provides an S-VXLAN system, including:
the system comprises an S-VXLAN control node, a cloud service provider and a service provider, wherein the S-VXLAN control node is used for allocating a TID for each user, registering the cloud service, each cloud service comprises a server node IP address SIPs and a service port number SPORTs, allocating a corresponding VXLAN for each cloud service, and constructing service-oriented VXLAN control information, the VXLAN control information comprises a (TID, SIPs and/or SPORTs, SVDI) relation tuple, and the (TID, SIPs and/or SPORTs, SVDI) relation tuple is a corresponding relation between the TID, SIPs or SPORTs and the SVDI, and distributing the VXLAN control information to S-VXLAN user equipment on the user side and S-VXLAN user equipment on the cloud service provider side;
and the S-VXLAN user equipment on the user side and the S-VXLAN user equipment on the cloud service provider side are used for generating corresponding VXLAN according to the received VXLAN control information.
Further, the S-VXLAN control node is specifically configured to generate a VXLAN or SVDI for each pair (TID, SIPs and/or SPORTs), establish a correspondence between each pair (TID, SIPs and/or SPORTs) and the corresponding SVDI, and generate a (TID, SIPs and/or SPORTs, SVDI) relationship tuple.
Further, when a user subscribes or unsubscribes to a cloud service, the S-VXLAN control node is specifically configured to add or delete (TID, SIPs and/or SPORTs, SVDI) relationship tuples corresponding to the user and the cloud service.
Further, the S-VXLAN user equipment on the user side is further configured to associate MAC addresses of all local terminals with all local VNIs, and add the MAC addresses to a list of all local VXLAN addresses;
and the S-VXLAN user equipment on the cloud service provider side is also used for associating the MAC address corresponding to the service node with all local VNIs and adding the MAC address corresponding to the service node into a local VXLAN address list.
Further, the S-VXLAN user equipment is further configured to receive a set of relation tuples (TIDs, SIPs and/or SPORTs, SVDI) distributed by the S-VXLAN control node, and when receiving a data stream, obtain an SVDI corresponding to the data stream according to the set, and forward the data stream using the corresponding SVDI.
Further, the S-VXLAN user device on the user side is specifically configured to, when receiving a user access data stream, identify a TID of the user according to a VLAN or a port number of the data packet, or a source IP address, or a MAC address, obtain a destination IP address DIP and a port number DP of the data packet, compare the (TID, DIP, and/or DP) with (TID, SIPs, and/or SPORTs) in a relation tuple (TID, SIPs, and/or SPORTs, SVDI) in the set, obtain a corresponding SVDI, and forward the data packet through the VXLAN module using the selected SVDI.
Further, the S-VXLAN user equipment is specifically configured to, when receiving a service node response data stream, obtain a source IP address of a response data packet therein, match the source IP address with (TID, SIPs and/or SPORTs, SVDI) in a relationship tuple (TID, SIPs and/or SPORTs, SVDI) in the set, find all SVDI, search for a MAC address and a corresponding VNI in an address table corresponding to all SVDI, and select the VNI as a VNI of the response data packet for forwarding.
Further, the S-VXLAN control node comprises:
the S-VXLAN control module is used for creating, deleting and managing the S-VXLAN, creating and managing the mapping relation among the cloud service data center, the cloud service, the user and the VXLAN which form the S-VXLAN, constructing a corresponding relation tuple (TID, SIPs and/or SPORTs, SVDI) aiming at each S-VXLAN, and distributing the relation tuple to corresponding S-VXLAN user side equipment:
the user management module is used for managing the S-VXLAN users, and managing and distributing, adding and/or deleting the user identity data;
and the service management module is used for managing the S-VXLAN service, including managing cloud service data center addresses, managing service data and adding and/or deleting services.
Further, the S-VXLAN user side device includes:
the data forwarding module is used for receiving an S-VXLAN access control table sent by the S-VXLAN control node, identifying the data stream user identity, the service stream type and the VXLAN corresponding to dynamic adaptation, realizing the dynamic forwarding of the user data stream and forwarding the data stream accessing different cloud services to the corresponding VXLAN;
and the VXLAN management module is used for creating, deleting and managing VXLAN and addressing and forwarding VXLAN data.
The embodiment of the invention has the following beneficial effects:
in the above scheme, a network virtualization method and system facing multiple users and multiple services based on VXLAN are provided, a respective virtual network is constructed for each or multiple services of a cloud service, and identification and dynamic forwarding of user data streams are realized simultaneously based on user identities, service and/or application providers and service access types, so that data of different users (family individuals, enterprises and mobile users) accessing specific services and/or application streams are guaranteed to be distributed to corresponding virtual networks for transmission, and a system for realizing the technical scheme is provided based on an SDN architecture.
Drawings
FIG. 1 is a schematic flow chart of a method for constructing S-VXLAN according to an embodiment of the present invention;
fig. 2 is a flowchart illustrating an S-VXLAN data forwarding method according to an embodiment of the present invention;
fig. 3 is a schematic structural diagram of an S-VXLAN system according to an embodiment of the present invention.
Detailed Description
In order to make the technical problems, technical solutions and advantages to be solved by the embodiments of the present invention clearer, the following detailed description will be given with reference to the accompanying drawings and specific embodiments.
The embodiment of the invention provides a method for constructing an S-VXLAN, a method and a system for forwarding data, which are oriented to multi-user multi-service and can distribute data of different users accessing specific services to corresponding virtual networks for transmission.
An embodiment of the present invention provides a method for constructing an S-VXLAN, as shown in fig. 1, including:
step 101: the S-VXLAN control node distributes TID for each user;
step 102: the S-VXLAN control node registers cloud services, each cloud service comprises a server node IP address SIPs and service port numbers SPORTs, and a corresponding VXLAN is distributed for each cloud service;
step 103: the S-VXLAN control node constructs service-oriented VXLAN control information, the VXLAN control information comprises (TID, SIPs and/or SPORTs, SVDI) relation tuples, and the (TID, SIPs and/or SPORTs, SVDI) relation tuples are corresponding relations among the TID, SIPs or SPORTs and VXLAN identification SVDI;
step 104: and the S-VXLAN control node distributes the VXLAN control information to S-VXLAN user equipment on the user side and S-VXLAN user equipment on the cloud service provider side, so that the S-VXLAN user equipment generates corresponding VXLAN according to the received VXLAN control information.
In this embodiment, a network virtualization method facing multiple users and multiple services based on VXLAN is provided, where a virtual network is established for each or multiple services of a cloud service, and identification and dynamic forwarding of user data streams are implemented based on a user identity, a service and/or application provider, and a service access type, so that data of different users (family individuals, enterprises, and mobile users) accessing a specific service and/or application stream is guaranteed to be distributed to a corresponding virtual network for transmission, and a system implementing the technical scheme is provided based on an SDN architecture.
Further, each subscriber can join one or more VXLANs.
Further, the S-VXLAN control node constructing service-oriented VXLAN control information includes:
the S-VXLAN control node generates one VXLAN or SVDI for each pair (TID, SIPs and/or SPORTs);
the S-VXLAN control node establishes a corresponding relation between each pair (TID, SIPs and/or SPORTs) and the corresponding SVDI, and generates a (TID, SIPs and/or SPORTs, SVDI) relation tuple.
Further, the method further comprises:
when a user subscribes or unsubscribes to a cloud service, the S-VXLAN control node adds or deletes (TID, SIPs and/or SPORTs, SVDI) relationship tuples corresponding to the user and the cloud service.
Further, the method further comprises:
the S-VXLAN user equipment on the user side associates the MAC addresses of all local terminals with all local VNIs and adds the MAC addresses to all local VXLAN address lists; and the S-VXLAN user equipment on the cloud service provider side associates the MAC address corresponding to the service node with all local VNIs and adds the MAC address corresponding to the service node to a local VXLAN address list.
An embodiment of the present invention further provides an S-VXLAN data forwarding method, which is applied to an S-VXLAN system created by using the foregoing method, and as shown in fig. 2, the data forwarding method includes:
step 201: the S-VXLAN user equipment receives a set of relation tuples (TID, SIPs and/or SPORTs, SVDI) distributed by the S-VXLAN control node;
step 202: and when the S-VXLAN user equipment receives the data stream, obtaining the SVDI corresponding to the data stream according to the set, and forwarding the data stream by using the corresponding SVDI.
Further, the obtaining, when the S-VXLAN user equipment receives a data stream, an SVDI corresponding to the data stream according to the set, and forwarding the data stream using the corresponding SVDI includes:
when S-VXLAN user equipment at a user side receives a user access data stream, according to a data packet VLAN or port number or a source IP address or MAC address, identifying TID of a user, acquiring a target IP address DIP and a port number DP of the data packet, comparing the (TID, DIP and/or DP) with the (TID, SIPs and/or SPORTs) in a relation tuple (TID, SIPs and/or SPORTs, SVDI) in the set, acquiring a corresponding SVDI, and forwarding the data packet by using the selected SVDI through a VXLAN module.
Further, the obtaining, when the S-VXLAN user equipment receives a data stream, an SVDI corresponding to the data stream according to the set, and forwarding the data stream using the corresponding SVDI includes:
when the S-VXLAN user equipment receives the service node response data stream, the source IP address of the response data packet in the service node response data stream is obtained, the source IP address is matched with (TID, SIPs and/or SPORTs, SVDI) in the relation tuples (TID, SIPs and/or SPORTs, SVDI) in the set, all SVDI is found, the MAC address and the corresponding VNI are searched in the address table corresponding to all SVDI, and the VNI is selected as the VNI of the response data packet to be forwarded.
An embodiment of the present invention further provides an S-VXLAN system, as shown in fig. 3, including:
the system comprises an S-VXLAN control node 11, a cloud service registration node and a service provider registration node, wherein the S-VXLAN control node 11 is used for allocating a TID for each user, registering the cloud service, each cloud service comprises a server node IP address SIPs and a service port number SPORTs, allocating a corresponding VXLAN for each cloud service, and constructing service-oriented VXLAN control information, the VXLAN control information comprises a (TID, SIPs and/or SPORTs, SVDI) relation tuple, and the (TID, SIPs and/or SPORTs, SVDI) relation tuple is a corresponding relation between the TID, SIPs or SPORTs and the SVDI, and distributing the LAN VXcontrol information to S-VXLAN user equipment on a user side and S-VXLAN user equipment on a cloud service provider side;
and the S-VXLAN user equipment 12 comprises S-VXLAN user equipment on the user side and S-VXLAN user equipment on the cloud service provider side and is used for generating corresponding VXLAN according to the received VXLAN control information.
In this embodiment, a network virtualization system facing multiple users and multiple services based on VXLAN is provided, a virtual network is established for each or multiple services of a cloud service, and identification and dynamic forwarding of user data streams are realized based on a user identity, a service and/or application provider, and a service access type, so that data of different users (family individuals, enterprises, and mobile users) accessing a specific service and/or application stream are guaranteed to be distributed to a corresponding virtual network for transmission, and a system for implementing the technical scheme is provided based on an SDN architecture.
The invention realizes a virtual network construction and data forwarding scheme facing to multiple users and multiple services based on VXLAN. The S-VXLAN system identifies the user access data flow of the user terminal based on the user identity and the accessed service, and forwards the user data flow to the corresponding VXLAN virtual network based on the user identity, the service and/or application provider and the service access type of the specific data flow, thereby ensuring the end-to-end network service quality of the accessed cloud service.
Fig. 3 shows an S-VXLAN virtual network, where user 1, user 2, and cloud services DC1 are S-VXLAN1, user 1, user 2, user 3, and cloud services DC2 are S-VXLAN2, and user 1, user 3, and cloud services DC3 are S-VXLAN 3. The user 1 simultaneously subscribes to cloud services DC1, DC2 and DC3, so that the user simultaneously joins three virtual networks of S-VXLAN1, S-VXLAN2 and S-VXLAN 3; similarly, user 2 subscribes to cloud services of cloud services DC1 and DC2, so that it joins two virtual networks of S-VXLAN1 and S-VXLAN2 at the same time; user 3 subscribes to the cloud services of cloud services DC2, DC3, so it joins both S-VXLAN2 and S-VXLAN3 virtual networks.
Taking the example that the user 1 accesses the cloud service, when the user 1 has a terminal to access the application on the cloud service DC1, the S-VXLAN access device (also referred to as a module) on the user side identifies the user identity, then determines the address of the cloud data service center and the service type accessed by the data stream, confirms that the accessed service belongs to the specified S-VXLAN, and the S-VXLAN access device adds the terminal device to the corresponding VXLAN and accesses the corresponding service through the VXLAN.
As shown in fig. 3, the S-VXLAN system mainly includes an S-VXLAN control node 11 and an S-VXLAN user side device 12.
The S-VXLAN control node 11 may operate on a network controller platform as an application, and the S-VXLAN control node 11 mainly includes the following functions and modules:
and the S-VXLAN control module is responsible for the creation, deletion and management of the S-VXLAN. Creating and managing mapping relations among cloud service data centers, cloud services, users and VXLANs forming the S-VXLANs, constructing a (TID, SIPs and/or SPORTs, SVDI) relation tuple aiming at each S-VXLAN, and distributing the relation tuple to corresponding user side S-VXLAN equipment;
the user management module is responsible for S-VXLAN user management, including user identity data unified management and distribution, user addition and deletion and the like;
and the service management module is responsible for S-VXLAN service management, including cloud service data center addresses, service data (including port numbers and the like), service addition and deletion and the like.
The S-VXLAN subscriber-side device 12 includes:
and the data forwarding module is used for receiving an S-VXLAN access control table sent by the S-VXLAN control node, identifying the data stream user identity, the service stream type and the VXLAN corresponding to dynamic adaptation, and realizing dynamic forwarding of the user data stream, namely forwarding the data stream accessing different cloud service DCs to the corresponding VXLAN.
The VXLAN management module is responsible for specific VXLAN control functions, including creation, deletion, management and the like of VXLAN; the VXLAN data addressing and forwarding module is responsible for addressing and forwarding VXLAN data, and the existing standard function module can be called.
In the technical scheme of the invention, an S-VXLAN control node 11 constructs one or more VXLANs, wherein each VXLAN comprises a user and one or more cloud services, and S-VXLAN user side equipment 12 distributes terminal data streams of different users to the VXLAN where the accessed cloud service is located. Wherein, an S-VXLAN component comprises a user and one or more cloud services.
The S-VXLAN creation process mainly comprises the following steps:
1. each user is assigned a user ID, and a user may include multiple branches, where the user ID may be a designated VLAN number, a corresponding port number, or a specific IP address, and is denoted as TID.
2. Registering cloud service:
each cloud service comprises a server node IP address or an IP address and a service port number, and the control node collects all server node IP addresses or service port numbers directly accessed by external users and related to the accessed service and records the server node IP addresses or the service port numbers as SIPs and/or SPORTs;
the service or set of services is assigned a corresponding VXLAN, denoted as SVDI.
One user can join a plurality of VXLANs, and one user can access a plurality of different cloud services, so that the user can join the VXLAN where the different cloud services are located, that is, the MAC of one user terminal can appear in forwarding address tables of the plurality of VXLANs.
3. Constructing service-oriented VXLAN control information
For each pair (TID, SIPs and/or SPORTs) a VXLAN or a SVDI is generated, i.e. a (TID, SIPs and/or SPORTs, SVDI) tuple is generated, e.g. for users T1, T2 and T3, which all subscribe to cloud services S1, S2, S3, so that 9 VXLANs are generated (T1, S1, SVDI1), (T1, S2, SVDI2), (T1, S3, SVDI3), …, (T3, S3, SVDI 3).
And the S-VXLAN control node simultaneously distributes the set of the relation tuples to S-VXLAN user side equipment on two sides of the user and the cloud service provider.
4. Creating VXLAN
And the S-VXLAN user side equipment generates a corresponding VXLAN according to the received VXLAN control information, and the VXLAN generates a VXLAN forwarding control table through ARP and address learning or inquiry. The user side S-VXLAN associates the MAC addresses of all local terminals with all local VNIs and adds the MAC addresses to all local VXLAN address lists; and the S-VXLAN user equipment on the cloud service provider side associates the MAC addresses corresponding to the service nodes with all local VNIs and adds the MAC addresses to a local VXLAN address list.
Wherein, when a user subscribes or unsubscribes to a cloud service, the S-VXLAN can add or delete the related tuples.
The S-VXLAN data flow mainly comprises the following steps:
1. receiving forwarding control data: the S-VXLAN user equipment receives a set of VXLAN relation tuples (TID, SIPs and/or SPORTs, SVDI) distributed by the S-VXLAN control node;
2. user access data stream forwarding: when S-VXLAN user equipment at a user side receives a user access data stream, identifying a user identity TID according to a data packet VLAN or port number or a source IP address or an MAC address, acquiring a data packet target IP address DIP and a port number DP, comparing the TID, DIP and/or DP with the TID, SIPs and/or SPORTs in a relation tuple (TID, SIPs and/or SPORTs, SVDI), acquiring a corresponding SVDI, and forwarding the data packet by using the selected SVDI through a VXLAN module;
3. service response data flow forwarding: when the S-VXLAN user equipment receives the service node response data stream, the source IP address of the response data packet is obtained and matched with (TID, SIPs and/or SPORTs, SVDI), all SVDI is found, the MAC address is searched in the address table corresponding to all SVDI, the corresponding VNI is searched, and the VNI is selected as the VNI of the response data packet to be forwarded.
In the embodiment, the VXLAN oriented to multiple users and multiple services is realized, data streams of different services accessed by the same user terminal are transmitted in different virtual networks, a QoS (Quality of Service) guarantee mode is provided for different services, and especially the experience of accessing cloud services by the user is improved. The invention adopts the SDN open architecture, has low realization cost and is easy to upgrade and expand.
While the foregoing is directed to the preferred embodiment of the present invention, it will be understood by those skilled in the art that various changes and modifications may be made without departing from the spirit and scope of the invention as defined in the appended claims.
Claims (17)
1. A multi-user multi-service virtual extensible local area network (S-VXLAN) construction method is characterized by comprising the following steps:
the S-VXLAN control node distributes TID for each user;
the S-VXLAN control node registers cloud services, each cloud service comprises a server node IP address SIPs and service port numbers SPORTs, and a corresponding VXLAN is distributed for each cloud service;
the S-VXLAN control node constructs service-oriented VXLAN control information, the VXLAN control information comprises (TID, SIPs and/or SPORTs, SVDI) relation tuples, and the (TID, SIPs and/or SPORTs, SVDI) relation tuples are corresponding relations among the TID, SIPs or SPORTs and VXLAN identification SVDI;
and the S-VXLAN control node distributes the VXLAN control information to S-VXLAN user equipment on the user side and S-VXLAN user equipment on the cloud service provider side, so that the S-VXLAN user equipment generates corresponding VXLAN according to the received VXLAN control information.
2. The S-VXLAN construction method of claim 1, wherein each subscriber can join one or more VXLAN.
3. The S-VXLAN construction method of claim 1, wherein the S-VXLAN control node constructing service oriented VXLAN control information comprises:
the S-VXLAN control node generates one VXLAN or SVDI for each pair (TID, SIPs and/or SPORTs);
the S-VXLAN control node establishes a corresponding relation between each pair (TID, SIPs and/or SPORTs) and the corresponding SVDI, and generates a (TID, SIPs and/or SPORTs, SVDI) relation tuple.
4. The method of constructing according to claim 3, further comprising:
when a user subscribes or unsubscribes to a cloud service, the S-VXLAN control node adds or deletes (TID, SIPs and/or SPORTs, SVDI) relationship tuples corresponding to the user and the cloud service.
5. The S-VXLAN construction method of claim 1, wherein the method further comprises:
the S-VXLAN user equipment on the user side associates the MAC addresses of all local terminals with all local VNIs and adds the MAC addresses to all local VXLAN address lists; and the S-VXLAN user equipment on the cloud service provider side associates the MAC address corresponding to the service node with all local VNIs and adds the MAC address corresponding to the service node to a local VXLAN address list.
6. An S-VXLAN data forwarding method applied to an S-VXLAN system created by the method of any one of claims 1-5, the data forwarding method comprising:
the S-VXLAN user equipment receives a set of relation tuples (TID, SIPs and/or SPORTs, SVDI) distributed by the S-VXLAN control node;
and when the S-VXLAN user equipment receives the data stream, obtaining the SVDI corresponding to the data stream according to the set, and forwarding the data stream by using the corresponding SVDI.
7. The S-VXLAN data forwarding method of claim 6, wherein the obtaining the SVDI corresponding to the data stream according to the set and forwarding the data stream using the corresponding SVDI when the S-VXLAN user equipment receives the data stream comprises:
when S-VXLAN user equipment at a user side receives a user access data stream, according to a data packet VLAN or port number or a source IP address or MAC address, identifying TID of a user, acquiring a target IP address DIP and a port number DP of the data packet, comparing the (TID, DIP and/or DP) with the (TID, SIPs and/or SPORTs) in a relation tuple (TID, SIPs and/or SPORTs, SVDI) in the set, acquiring a corresponding SVDI, and forwarding the data packet by using the selected SVDI through a VXLAN module.
8. The S-VXLAN data forwarding method of claim 6, wherein the obtaining the SVDI corresponding to the data stream according to the set and forwarding the data stream using the corresponding SVDI when the S-VXLAN user equipment receives the data stream comprises:
when the S-VXLAN user equipment receives the service node response data stream, the source IP address of the response data packet in the service node response data stream is obtained, the source IP address is matched with (TID, SIPs and/or SPORTs, SVDI) in the relation tuples (TID, SIPs and/or SPORTs, SVDI) in the set, all SVDI is found, the MAC address and the corresponding VNI are searched in the address table corresponding to all SVDI, and the VNI is selected as the VNI of the response data packet to be forwarded.
9. A multi-user, multi-service virtual extensible local area network, S-VXLAN, system, comprising:
the system comprises an S-VXLAN control node, a cloud service provider and a service provider, wherein the S-VXLAN control node is used for allocating a TID for each user, registering the cloud service, each cloud service comprises a server node IP address SIPs and a service port number SPORTs, allocating a corresponding VXLAN for each cloud service, and constructing service-oriented VXLAN control information, the VXLAN control information comprises a (TID, SIPs and/or SPORTs, SVDI) relation tuple, and the (TID, SIPs and/or SPORTs, SVDI) relation tuple is a corresponding relation between the TID, SIPs or SPORTs and the SVDI, and distributing the VXLAN control information to S-VXLAN user equipment on the user side and S-VXLAN user equipment on the cloud service provider side;
and the S-VXLAN user equipment on the user side and the S-VXLAN user equipment on the cloud service provider side are used for generating corresponding VXLAN according to the received VXLAN control information.
10. The S-VXLAN system according to claim 9,
the S-VXLAN control node is specifically configured to generate a VXLAN or SVDI for each pair (TID, SIPs and/or SPORTs), establish a correspondence between each pair (TID, SIPs and/or SPORTs) and the corresponding SVDI, and generate a (TID, SIPs and/or SPORTs, SVDI) relationship tuple.
11. The S-VXLAN system according to claim 9,
when a user subscribes or unsubscribes to a cloud service, the S-VXLAN control node is specifically configured to add or delete (TID, SIPs and/or SPORTs, SVDI) relationship tuples corresponding to the user and the cloud service.
12. The S-VXLAN system according to claim 9,
the S-VXLAN user equipment at the user side is also used for associating the MAC addresses of all local terminals with all local VNIs and adding the MAC addresses to all local VXLAN address lists;
and the S-VXLAN user equipment on the cloud service provider side is also used for associating the MAC address corresponding to the service node with all local VNIs and adding the MAC address corresponding to the service node into a local VXLAN address list.
13. The S-VXLAN system according to claim 9,
the S-VXLAN user equipment is also used for receiving a set of relation tuples (TID, SIPs and/or SPORTs, SVDI) distributed by the S-VXLAN control node, acquiring SVDI corresponding to the data stream according to the set when receiving the data stream, and forwarding the data stream by using the corresponding SVDI.
14. The S-VXLAN system according to claim 13,
the S-VXLAN user equipment at the user side is specifically configured to, when receiving a user access data stream, identify a TID of the user according to a VLAN or a port number of a data packet or a source IP address or a MAC address of the data packet, obtain a target IP address DIP and a port number DP of the data packet, compare the (TID, DIP and/or DP) with (TID, SIPs and/or SPORTs) in a relation tuple (TID, SIPs and/or SPORTs and SVDI) in the set, obtain a corresponding SVDI, and forward the data packet through a VXLAN module using the selected SVDI.
15. The S-VXLAN system according to claim 13,
the S-VXLAN user equipment is specifically configured to, when receiving a service node response data stream, obtain a source IP address of a response data packet therein, match the source IP address with (TID, SIPs and/or SPORTs, SVDI) in a relation tuple (TID, SIPs and/or SPORTs, SVDI) in the set, find all SVDI, search for a MAC address and a corresponding VNI in an address table corresponding to all SVDI, and select the VNI as a VNI of the response data packet for forwarding.
16. The S-VXLAN system of any of claims 9-15, wherein the S-VXLAN control node comprises:
the S-VXLAN control module is used for creating, deleting and managing the S-VXLAN, creating and managing the mapping relation among the cloud service data center, the cloud service, the user and the VXLAN which form the S-VXLAN, constructing a corresponding relation tuple (TID, SIPs and/or SPORTs, SVDI) aiming at each S-VXLAN, and distributing the relation tuple to corresponding S-VXLAN user side equipment:
the user management module is used for managing the S-VXLAN users, and managing and distributing, adding and/or deleting the user identity data;
and the service management module is used for managing the S-VXLAN service, including managing cloud service data center addresses, managing service data and adding and/or deleting services.
17. The S-VXLAN system of any of claims 9-15, wherein the S-VXLAN subscriber-side device comprises:
the data forwarding module is used for receiving an S-VXLAN access control table sent by the S-VXLAN control node, identifying the data stream user identity, the service stream type and the VXLAN corresponding to dynamic adaptation, realizing the dynamic forwarding of the user data stream and forwarding the data stream accessing different cloud services to the corresponding VXLAN;
and the VXLAN management module is used for creating, deleting and managing VXLAN and addressing and forwarding VXLAN data.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201810000832.1A CN109995637B (en) | 2018-01-02 | 2018-01-02 | S-VXLAN construction method, data forwarding method and system |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201810000832.1A CN109995637B (en) | 2018-01-02 | 2018-01-02 | S-VXLAN construction method, data forwarding method and system |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN109995637A CN109995637A (en) | 2019-07-09 |
| CN109995637B true CN109995637B (en) | 2021-06-04 |
Family
ID=67128330
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201810000832.1A Active CN109995637B (en) | 2018-01-02 | 2018-01-02 | S-VXLAN construction method, data forwarding method and system |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN109995637B (en) |
Families Citing this family (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN112422397B (en) * | 2020-11-05 | 2022-04-08 | 中国联合网络通信集团有限公司 | Service forwarding method and communication device |
Family Cites Families (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| WO2015085523A1 (en) * | 2013-12-11 | 2015-06-18 | 华为技术有限公司 | Communication method, device and system for virtual extensible local area network |
| US9948552B2 (en) * | 2015-04-17 | 2018-04-17 | Equinix, Inc. | Cloud-based services exchange |
| CN105871676B (en) * | 2016-03-17 | 2019-02-12 | 广东微云科技股份有限公司 | The method for connecting network and system of distal end virtual machine in a kind of desktop cloud |
| CN107204942A (en) * | 2016-03-18 | 2017-09-26 | 上海有云信息技术有限公司 | A kind of implementation method that service chaining transparent transmission is realized based on five-tuple |
| CN106230740A (en) * | 2016-08-23 | 2016-12-14 | 杭州华三通信技术有限公司 | Message forwarding method in a kind of VXLAN and device |
-
2018
- 2018-01-02 CN CN201810000832.1A patent/CN109995637B/en active Active
Also Published As
| Publication number | Publication date |
|---|---|
| CN109995637A (en) | 2019-07-09 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US9900263B2 (en) | Non-overlay resource access in datacenters using overlay networks | |
| US7706265B2 (en) | Decentralized node, access edge node, and access node for aggregating data traffic over an access domain, and method thereof | |
| US8638788B2 (en) | Replication management for remote multicast replication network | |
| US10103978B2 (en) | Service processing method, device, and system | |
| US8681779B2 (en) | Triple play subscriber and policy management system and method of providing same | |
| US20110064077A1 (en) | Method and apparatus for sending and receiving multicast packets | |
| US20150222446A1 (en) | Discovering IP Multicast Group Memberships in Software Defined Networks | |
| EP2928118B1 (en) | System and method for dynamic name configuration in content-centric networks | |
| CN111092863B (en) | Method, client, server, device and medium for accessing internet website | |
| CN102577257A (en) | Virtual local area network identity transformation method and apparatus | |
| US8619777B2 (en) | Admission control for receiving traffic at hosts | |
| US8559353B2 (en) | Multicast quality of service module and method | |
| CN110602039A (en) | Data acquisition method and system | |
| CN109995637B (en) | S-VXLAN construction method, data forwarding method and system | |
| US20230171673A1 (en) | Method and system for routing an internet protocol data packet between wireless computer devices connected to a cellular network | |
| CN111935336B (en) | IPv 6-based network governance method and system | |
| CN110120937B (en) | Resource acquisition method, system, device and computer readable storage medium | |
| CN109561080B (en) | Dynamic network access communication method and device | |
| US10630635B2 (en) | Internet protocol endpoints database in a telecommunications network | |
| US6816479B1 (en) | Method and system for pre-loading in an NBBS network the local directory database of network nodes with the location of the more frequently requested resources | |
| Braun et al. | UP2P: a peer-to-peer overlay architecture for ubiquitous communications and networking | |
| US11956302B1 (en) | Internet protocol version 4-to-version 6 redirect for application function-specific user endpoint identifiers | |
| CN110474813B (en) | Network management method and video networking system | |
| CN110730154B (en) | Service processing method and device for video network | |
| CN117156197A (en) | Channel switching method, system, device, communication equipment and storage medium |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |