CN110401588B - Method and system for realizing VPC (virtual private network) peer-to-peer connection in public cloud platform based on openstack - Google Patents
Method and system for realizing VPC (virtual private network) peer-to-peer connection in public cloud platform based on openstack Download PDFInfo
- Publication number
- CN110401588B CN110401588B CN201910635495.8A CN201910635495A CN110401588B CN 110401588 B CN110401588 B CN 110401588B CN 201910635495 A CN201910635495 A CN 201910635495A CN 110401588 B CN110401588 B CN 110401588B
- Authority
- CN
- China
- Prior art keywords
- vpc
- connector
- subnet
- network
- interconnection
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
- 238000000034 method Methods 0.000 title claims abstract description 24
- 206010047289 Ventricular extrasystoles Diseases 0.000 claims abstract description 103
- 238000005129 volume perturbation calorimetry Methods 0.000 claims abstract description 101
- 230000003068 static effect Effects 0.000 claims abstract description 22
- 238000010586 diagram Methods 0.000 description 2
- 238000002955 isolation Methods 0.000 description 2
- 238000004891 communication Methods 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
- 238000006467 substitution reaction Methods 0.000 description 1
- 238000012795 verification Methods 0.000 description 1
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L12/00—Data switching networks
- H04L12/28—Data switching networks characterised by path configuration, e.g. LAN [Local Area Networks] or WAN [Wide Area Networks]
- H04L12/46—Interconnection of networks
- H04L12/4641—Virtual LANs, VLANs, e.g. virtual private networks [VPN]
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L45/00—Routing or path finding of packets in data switching networks
- H04L45/74—Address processing for routing
Abstract
The invention discloses a method and a system for realizing VPC peer-to-peer connection in a public cloud platform based on openstack, belonging to the field of cloud computing and computer networks, aiming at solving the technical problem of realizing peer-to-peer connection of designated subnets in different VPCs and adopting the technical scheme that: the method comprises the following steps: s1, establishing two VPCs to be connected; s2, establishing a VPC connector to realize interconnection of two VPCs: the VPC connector comprises two networks and a connector of the connector, wherein the connector of the connector is a vrouter, and routing forwarding is realized; the two networks are respectively marked as network C and network D, both the network C and the network D are large two-layer networks, and data packets under the same network realize two-layer forwarding; s3, establishing a subnet of the network C; s4, establishing a subnet of the network D; s5, adding static routes; s6, interconnection and intercommunication of the two VPC subnets. The system comprises a northbound interface module, a VPC connector management module, a routing table management module, a VPC interconnection database and an openstack cloud computing management platform.
Description
Technical Field
The invention relates to the field of cloud computing and computer networks, in particular to a method and a system for realizing VPC (virtual private network) peer-to-peer connection in an openstack-based public cloud platform.
Background
Cloud computing is one of the most popular topics in the field of IT infrastructure in recent years, and provides users with extremely convenient resource use modes and flexible resource expansion capability by virtualizing and abstracting various resources such as computing, networks and storage. VPC (virtual Private cloud) is a logic isolation network space customized on a public cloud and is a network space which can be customized by us. VPC is completely isolated from VPC, so that the logic isolation of I2 is ensured. The tenants can flexibly customize the network environment and customize subnet segments, routing tables and the like. Multiple subnets can be established in the VPC, tenant virtual machines in the same VPC can communicate with each other, while tenant virtual machines in different VPCs cannot communicate. However, in a public cloud scenario, virtual machine communication needs exist between different VPCs, for example, a subnet a under one VPC communicates with a subnet B under another VPC. Therefore, how to realize peer-to-peer connection of designated subnets in different VPCs is a technical problem to be solved urgently in the prior art.
Patent document CN102387061B discloses a method, device and system for virtual private cloud access to virtual private network. The method comprises the steps that a data center outlet gateway receives first configuration information, wherein the first configuration information comprises parameter information of a Virtual Private Cloud (VPC), Virtual Private Network (VPN) identification information and address information of network side operator edge equipment (PE); creating a first VPN instance according to the VPN identification information; determining the VPC according to the parameter information of the VPC, and binding the VPC and the first VPN instance; and sending second configuration information to the network side PE according to the address information of the network side PE, wherein the second configuration information comprises the VPN identification information, so that the network side PE configures an upper layer VPN instance of the first VPN instance on the network side PE according to the VPN identification information. The technical scheme solves the problem that the virtual private cloud is automatically accessed to the virtual private network, but the peer-to-peer connection of designated subnets in different VPCs cannot be realized.
Patent document No. CN107733766A discloses a method, an apparatus, a device and a storage medium for secure interconnection between private networks of cloud platforms, and the method includes: the method comprises the steps that a first proprietary network receives a request for establishing a tunnel, wherein the request comprises a public key, and the request is initiated by a second proprietary network; the first private network verifying the public key with a private key; if the public key passes the verification of the private key, the first private network responds to the request and establishes a tunnel with the second private network; the safety interconnection system detects that a first proprietary network and a second proprietary network establish a tunnel, and detects whether the second proprietary network has the authority of using the public key; if the second private network does not have the authority of using the public key, the safety interconnection system sends a first prompt message to the first private network to prompt that the public key of the first private network is illegally used. The technical scheme solves the problem that the security is improved by encrypting the public key and the private key when the private network of the cloud platform establishes the connection through the tunnel, but the peer-to-peer connection of the designated subnets in different VPCs cannot be realized.
Disclosure of Invention
The technical task of the invention is to provide a method and a system for realizing VPC peer-to-peer connection in a public cloud platform based on openstack, so as to solve the problem of how to realize peer-to-peer connection of specified subnets in different VPCs.
The technical task of the invention is realized in the following way, a method for realizing VPC peer-to-peer connection in a public cloud platform based on openstack comprises the following steps:
s1, establishing two VPCs to be connected: two VPCs establishing connection are respectively marked as VPC A and VPC B, and subnet addresses of the VPC A and the VPC B are not overlapped;
s2, establishing a VPC connector to realize interconnection of two VPCs: the VPC connector comprises two networks and a connector of the connector, wherein the connector of the connector is a vrouter, and routing forwarding is realized; the two networks are respectively marked as network C and network D, both the network C and the network D are large two-layer networks, and data packets under the same network realize two-layer forwarding;
s3, establishing a subnet of the network C: establishing a subnet in the network C, and hanging the subnet on a qrounter of the VPC A and a connector vrounter;
s4, establishing a subnet of the network D: newly building a subnet in D, and hanging the subnet on the qrouter of VPC B and the connector vrouter;
s5, adding static routes: adding static routes to the connetcor connectors at the VPC a and VPC B's qrouter routing tables; adding static routes to the opposite end VPC B and VPC A respectively in a route table of a connector;
s6, interconnection and intercommunication of two VPC subnets: and through the static route forwarding of the step S5, the interconnection and intercommunication of the designated subnets in the VPC A and the VPC B are realized.
Preferably, the step S6 of implementing interconnection and interworking between the VPC a and the designated subnets in the VPC B includes sending a request message and a response message between the VPC a and the VPC B, where the path of the response message is reverse symmetric to the path of the request message.
Preferably, the path of the request message is as follows:
the method comprises the following steps that (I) a VPC A virtual machine sends a request to a VPC B virtual machine, the VPC A message destination address is the VPC B virtual machine address, and the message is sent to a gateway qorauterA of the VPC A;
(II) inquiring a routing table on the qrouuterA, finding a next-hop virtual machine address of the VPC B virtual machine address, namely on a VPC connector vrounter, and forwarding the message to the vrounter;
(III) when the message reaches the vrouter, inquiring a routing table, finding a virtual machine address of the next hop of the VPC B virtual machine address, namely on a gateway qrouterB of the VPC B, and forwarding the message to the qrouterB from the virtual machine address of the next hop of the VPC B virtual machine address;
and (IV) after the message reaches the qrouuterB, if the destination virtual machine address is found in the subnet virtual machine in the associated VPC B, forwarding the message to the virtual machine.
A VPC peer-to-peer connection system is realized in a public cloud platform based on openstack, and comprises a northbound interface module, a VPC connector management module, a routing table management module, a VPC interconnection database and an openstack cloud computing management platform; the northbound interface module is respectively connected with the VPC connector management module and the routing table management module, the VPC connector management module is respectively connected with the VPC interconnection database and the openstack cloud computing management platform, and the routing table management module is respectively connected with the VPC interconnection database and the openstack cloud computing management platform.
Preferably, the northbound interface module is used for providing an interface (i.e. a rest api interface) for interconnection of the transportation and management platform management VPCs, so as to provide for tenants to establish and delete connections of different VPC-specified subnets.
Preferably, the VPC interconnection database module is used for storing VPC interconnection information, and all VPC interconnection information established by a user through the northbound interface module is stored in the VPC interconnection database.
Preferably, the VPC interconnection information includes the number of interconnected VPC entries, VPC id to be interconnected, subnet id, subnet Ip, static routing entry on VPC qrounter, subnet information of VPC connector, and static routing entry on VPC connector.
Preferably, the VPC connector management module is configured to manage a VPC connector; the content of managing the VPC connector comprises establishing a subnet of a network in the VPC connector, hanging a sub-network on a qrounter of a VPC to be connected and a connectitor connector vrouter, deleting the subnet of the VPC connector and deleting interfaces of the subnet on the VPC qrounter and the connectitor connector vrouter.
Preferably, the routing table management module is configured to maintain routing table information of the VPC qrouter and the VPC connector that need to be connected.
Preferably, the specific steps of the routing table management module for maintaining the routing table information of the qrouter and the VPC connector of the VPC to be connected are as follows:
(1) when a user establishes VPC interconnection information, a routing table reaching an opposite end is sent up and down at a qrounter of a VPC to be connected, and a next hop points to an interface of a subnet in a VPC connector associated with the next hop on a VPC connector vrounter;
(2) the route reaching the VPC subnet at the opposite end is issued on a connector vrouter of the VPC connector, and the next hop is directed to a qrouter associated with the VPC at the opposite end;
(3) the rule for the reverse route is the same as the step (1) and the step (2); and the flow of one VPC is guided to the opposite VPC through static routing, so that the peer-to-peer connection of the two VPCs is realized.
The method and the system for realizing VPC peer-to-peer connection in the public cloud platform based on openstack have the following advantages that:
the invention adopts VPC peer-to-peer connection, can realize interconnection and intercommunication of designated subnets in two isolated VPCs, has flexible scene, can ensure safety and can meet user requirements;
the invention realizes the three-layer route forwarding of the designated subnet by means of the VPC connector, completes the interconnection and intercommunication between the two VPCs, is neither a gateway nor a VPN connection, does not depend on a certain single physical hardware, and has high safety.
Drawings
The invention is further described below with reference to the accompanying drawings.
FIG. 1 is a flow chart of a method for realizing VPC peer-to-peer connection in an openstack-based public cloud platform;
FIG. 2 is a structural block diagram of a VPC peer-to-peer connection system implemented in an openstack-based public cloud platform;
FIG. 3 is a block diagram of the flow of completing VPC peer-to-peer connection in embodiment 3;
fig. 4 is a flow chart of a request message.
Detailed Description
The method and system for implementing VPC peer-to-peer connection in an openstack-based public cloud platform according to the present invention are described in detail below with reference to the drawings and specific embodiments of the specification.
Example 1
As shown in fig. 1, the method and system for realizing VPC peer-to-peer connection in an openstack-based public cloud platform of the present invention includes the following steps:
s1, establishing two VPCs to be connected: two VPCs establishing connection are respectively marked as VPC A and VPC B, and subnet addresses of the VPC A and the VPC B are not overlapped;
s2, establishing a VPC connector to realize interconnection of two VPCs: the VPC connector comprises two networks and a connector of the connector, wherein the connector of the connector is a vrouter, and routing forwarding is realized; the two networks are respectively marked as network C and network D, both the network C and the network D are large two-layer networks, and data packets under the same network realize two-layer forwarding;
s3, establishing a subnet of the network C: establishing a subnet in the network C, and hanging the subnet on a qrounter of the VPC A and a connector vrounter;
s4, establishing a subnet of the network D: newly building a subnet in D, and hanging the subnet on the qrouter of VPC B and the connector vrouter;
s5, adding static routes: adding static routes to the connetcor connectors at the VPC a and VPC B's qrouter routing tables; adding static routes to the opposite end VPC B and VPC A respectively in a route table of a connector;
s6, interconnection and intercommunication of two VPC subnets: through the static route forwarding of the step S5, the interconnection and intercommunication of the designated subnets in the VPC A and the VPC B are realized; the method for realizing interconnection and intercommunication of the designated subnets in the VPC A and the VPC B comprises the steps of sending a request message and a response message between the VPC A and the VPC B, wherein the paths of the response message and the request message are in reverse symmetry. The path of the request message is as follows:
the method comprises the following steps that (I) a VPC A virtual machine sends a request to a VPC B virtual machine, the VPC A message destination address is the VPC B virtual machine address, and the message is sent to a gateway qorauterA of the VPC A;
(II) inquiring a routing table on the qrouuterA, finding a next-hop virtual machine address of the VPC B virtual machine address, namely on a VPC connector vrounter, and forwarding the message to the vrounter;
(III) when the message reaches the vrouter, inquiring a routing table, finding a virtual machine address of the next hop of the VPC B virtual machine address, namely on a gateway qrouterB of the VPC B, and forwarding the message to the qrouterB from the virtual machine address of the next hop of the VPC B virtual machine address;
and (IV) after the message reaches the qrouuterB, if the destination virtual machine address is found in the subnet virtual machine in the associated VPC B, forwarding the message to the virtual machine.
Example 2:
as shown in fig. 2, the VPC peer-to-peer connection system implemented in the public cloud platform based on openstack of the present invention includes a northbound interface module, a VPC connector management module, a routing table management module, a VPC interconnection database, and an openstack cloud computing management platform; the northbound interface module is respectively connected with the VPC connector management module and the routing table management module, the VPC connector management module is respectively connected with the VPC interconnection database and the openstack cloud computing management platform, and the routing table management module is respectively connected with the VPC interconnection database and the openstack cloud computing management platform. The northbound interface module is used for providing an interface (namely a rest api interface) for interconnection of the VPCs (virtual private network) of the administration and management platform, so that tenants can establish different VPC-specified subnet connections and delete the connections. And the VPC interconnection database module is used for storing VPC interconnection information, and all the VPC interconnection information established by the user through the northbound interface module is stored in the VPC interconnection database. The VPC interconnection information comprises the number of interconnected VPC entries, VPC id to be interconnected, subnet id, subnet Ip, static routing entry on VPC qrounter, subnet information of VPC connector and static routing entry on VPC connector. The VPC connector management module is used for managing the VPC connector; the content of managing the VPC connector comprises establishing a subnet of a network in the VPC connector, hanging a sub-network on a qrounter of a VPC to be connected and a connectitor connector vrouter, deleting the subnet of the VPC connector and deleting interfaces of the subnet on the VPC qrounter and the connectitor connector vrouter. When a user establishes a VPC interconnection, a subnet is established in each of two networks of a VPC connector, and the subnet is simultaneously hung on a QRouter of a VPC to be connected and a connector vRouter of the VPC connector. And when the connection is deleted, deleting the interfaces of the subnet on the qrouter and the vrouter. The routing table management module is used for maintaining the routing table information of the QRouter and the VPC connector of the VPC needing connection. The specific steps of the routing table management module for maintaining the routing table information of the required connected VPC qrouter and VPC connector are as follows:
(1) when a user establishes VPC interconnection information, a routing table reaching an opposite end is sent up and down at a qrounter of a VPC to be connected, and a next hop points to an interface of a subnet in a VPC connector associated with the next hop on a VPC connector vrounter;
(2) the route reaching the VPC subnet at the opposite end is issued on a connector vrouter of the VPC connector, and the next hop is directed to a qrouter associated with the VPC at the opposite end;
(3) the rule for the reverse route is the same as the step (1) and the step (2); and the flow of one VPC is guided to the opposite VPC through static routing, so that the peer-to-peer connection of the two VPCs is realized.
Example 3:
the preconditions are as follows:
currently, there are two subnets, subnet A (10.10.10.0/24) and subnet B (20.20.20.0/24) in VPC A and VPC B, respectively. VPC A's router is qrouterA, VPC B's router is qrouterB. The VPC connector comprises two networks (network1, network2) and a connector vrouter; as shown in FIG. 3, the specific steps of peer-to-peer connection between VPC A and VPC B are as follows:
(A) calling a northbound interface to create a VPC peer-to-peer connection, and establishing a connection between a subnet A and a subnet B;
(B) and the northbound interface management module verifies whether the subnet A and the subnet B have overlapped addresses:
if not, writing the relevant information of the peer-to-peer connection into a VPC interconnection database, and executing the step C) next;
if the data are overlapped, returning error information;
(C) the VPC connector management module establishes a subnet1(100.0.0.0/24) in the network1, and the address of the subnet1 is not overlapped with subnet A and subnet B; subnet1 is hung on qrouterA and vrouter, and the interface addresses are 100.0.0.1 and 100.0.0.100 respectively; establishing a subnet2(200.0.0.0/24) in the network2, wherein the address of the subnet2 has no overlap with subnet A and subnet B; subnet2 is hung on qrouterB and vrouter, and the interface addresses are 200.0.0.1 and 200.0.0.100 respectively;
(D) the routing table management module issues routing entries on the qrouterA, the qrouterB and the vrouter; the routing table on qrouterA is: the destination address is 20.20.20.0/24, and the next hop is 100.0.0.100. The routing entry on qrouterB is: the destination address is 10.10.10.0/24, and the next hop is 200.0.0.100; the routing entry on vrouter is: the destination address is 20.20.20.0/24, and the next hop is 200.0.0.1; the destination address is 10.10.10.0/24, and the next hop is 100.0.0.1;
at this point, the VPC peer connection establishment is complete. The detailed path of message forwarding is described below by taking the example that a virtual machine in VPC A sends a message to an opposite end; the VPC A internal virtual machine address is 10.10.10.10, and the opposite end address is 20.20.20.20; as shown in fig. 4, the request message process:
(a) the VPC A inner virtual machine 10.10.10.10 sends a request to the VPC B inner virtual machine, the destination address of the message is 20.20.20.20, and the message is sent to a gateway qorauterA of the VPC A; .
(b) Inquiring a routing table on the qrouuter A, and finding that the next hop of 20.20.20.20 is 10.0.0.100, namely, on a VPC connector vrounter, the message is forwarded to the vrounter;
(c) when the message reaches vrouter, inquiring a routing table, finding that the next hop of 20.20.20.20 is 200.0.0.1, namely the next hop is on a gateway qrouterB of a VPC B, and forwarding the message to the qrouterB from 200.0.0.100;
(d) and after the message reaches the qrouuterB, if the destination address is found to be in a certain subnet virtual machine in the associated VPC B, forwarding the message to the virtual machine.
The response message is in reverse symmetry with the path of the request message.
Finally, it should be noted that: the above embodiments are only used to illustrate the technical solution of the present invention, and not to limit the same; while the invention has been described in detail and with reference to the foregoing embodiments, it will be understood by those skilled in the art that: the technical solutions described in the foregoing embodiments may still be modified, or some or all of the technical features may be equivalently replaced; and the modifications or the substitutions do not make the essence of the corresponding technical solutions depart from the scope of the technical solutions of the embodiments of the present invention.
Claims (2)
1. A method for realizing VPC peer-to-peer connection in an openstack-based public cloud platform is characterized by comprising the following steps:
s1, establishing two VPCs to be connected: two VPCs establishing connection are respectively marked as VPC A and VPC B, and subnet addresses of the VPC A and the VPC B are not overlapped;
s2, establishing a VPC connector to realize interconnection of two VPCs: the VPC connector comprises two networks and a connector of the connector, wherein the connector of the connector is a vrouter, and routing forwarding is realized; the two networks are respectively marked as network C and network D, both the network C and the network D are large two-layer networks, and data packets under the same network realize two-layer forwarding;
s3, establishing a subnet of the network C: establishing a subnet in the network C, and hanging the subnet on a qrounter of the VPC A and a connector vrounter;
s4, establishing a subnet of the network D: newly building a subnet in D, and hanging the subnet on the qrouter of VPC B and the connector vrouter;
s5, adding static routes: adding static routes to the connetcor connectors at the VPC a and VPC B's qrouter routing tables; adding static routes to the opposite end VPC B and VPC A respectively in a route table of a connector;
s6, interconnection and intercommunication of two VPC subnets: through the static route forwarding of the step S5, the interconnection and intercommunication of the designated subnets in the VPC A and the VPC B are realized; the method comprises the steps that a VPC A and a VPC B are connected with each other through a network, wherein the step of realizing interconnection and intercommunication of designated subnets in the VPC A and the VPC B comprises the step of sending a request message and a response message between the VPC A and the VPC B, and the paths of the response message and the request message are in reverse symmetry; the path of the request message is as follows:
the method comprises the following steps that (I) a VPC A virtual machine sends a request to a VPC B virtual machine, the VPC A message destination address is the VPC B virtual machine address, and the message is sent to a gateway qorauterA of the VPC A;
(II) inquiring a routing table on the qrouuterA, finding a next-hop virtual machine address of the VPC B virtual machine address, namely on a VPC connector vrounter, and forwarding the message to the vrounter;
(III) when the message reaches the vrouter, inquiring a routing table, finding a virtual machine address of the next hop of the VPC B virtual machine address, namely on a gateway qrouterB of the VPC B, and forwarding the message to the qrouterB from the virtual machine address of the next hop of the VPC B virtual machine address;
and (IV) after the message reaches the qrouuterB, if the destination virtual machine address is found in the subnet virtual machine in the associated VPC B, forwarding the message to the virtual machine.
2. A VPC peer-to-peer connection system is realized in a public cloud platform based on openstack, and is characterized by comprising a northbound interface module, a VPC connector management module, a routing table management module, a VPC interconnection database and an openstack cloud computing management platform; the northbound interface module is respectively connected with a VPC connector management module and a routing table management module, the VPC connector management module is respectively connected with a VPC interconnection database and an openstack cloud computing management platform, and the routing table management module is respectively connected with the VPC interconnection database and the openstack cloud computing management platform;
the routing table management module is used for maintaining the routing table information of the required connected VPC qrouter and the VPC connector; the method comprises the following specific steps:
(1) when a user establishes VPC interconnection information, a routing table reaching an opposite end is sent up and down at a qrounter of a VPC to be connected, and a next hop points to an interface of a subnet in a VPC connector associated with the next hop on a VPC connector vrounter;
(2) the route reaching the VPC subnet at the opposite end is issued on a connector vrouter of the VPC connector, and the next hop is directed to a qrouter associated with the VPC at the opposite end;
(3) the rule for the reverse route is the same as the step (1) and the step (2); guiding the flow of one VPC to an opposite VPC through a static route to realize the peer-to-peer connection of the two VPCs;
the northbound interface module is used for providing an interface for managing VPC interconnection of the operation and management platform so as to provide tenants to establish different VPC designated subnet connections and delete connections;
the VPC interconnection database module is used for storing VPC interconnection information, and all VPC interconnection information established by a user through the northbound interface module is stored in the VPC interconnection database; the VPC interconnection information comprises the number of interconnected VPC entries, VPC id to be interconnected, subnet id, subnet Ip, static routing entries on VPC qrounter, subnet information of VPC connector and static routing entries on VPC connector;
the VPC connector management module is used for managing the VPC connector; the content of managing the VPC connector comprises establishing a subnet of a network in the VPC connector, hanging a sub-network on a qrounter of a VPC to be connected and a connectitor connector vrouter, deleting the subnet of the VPC connector and deleting interfaces of the subnet on the VPC qrounter and the connectitor connector vrouter.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201910635495.8A CN110401588B (en) | 2019-07-15 | 2019-07-15 | Method and system for realizing VPC (virtual private network) peer-to-peer connection in public cloud platform based on openstack |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201910635495.8A CN110401588B (en) | 2019-07-15 | 2019-07-15 | Method and system for realizing VPC (virtual private network) peer-to-peer connection in public cloud platform based on openstack |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN110401588A CN110401588A (en) | 2019-11-01 |
| CN110401588B true CN110401588B (en) | 2021-09-07 |
Family
ID=68325495
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201910635495.8A Active CN110401588B (en) | 2019-07-15 | 2019-07-15 | Method and system for realizing VPC (virtual private network) peer-to-peer connection in public cloud platform based on openstack |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN110401588B (en) |
Families Citing this family (17)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN112953884B (en) * | 2019-12-10 | 2023-03-24 | 阿里巴巴集团控股有限公司 | Method and device for establishing access channel |
| CN113132201B (en) * | 2019-12-30 | 2022-11-25 | 华为云计算技术有限公司 | Communication method and device between VPCs |
| CN113162779B (en) * | 2020-01-07 | 2024-03-05 | 华为云计算技术有限公司 | Multi-cloud interconnection method and equipment |
| CN111510367A (en) * | 2020-04-17 | 2020-08-07 | 上海思询信息科技有限公司 | VPC network cross-cluster intercommunication realization method and system based on VX L AN tunnel |
| CN111654443B (en) * | 2020-06-05 | 2022-08-23 | 浪潮云信息技术股份公司 | Method for directly accessing public network by virtual machine IPv6 address in cloud environment |
| CN111614541B (en) * | 2020-06-09 | 2022-02-18 | 浪潮云信息技术股份公司 | Method for adding public cloud network physical host into VPC |
| CN112688847A (en) * | 2020-08-17 | 2021-04-20 | 紫光云技术有限公司 | Method for realizing VPC (virtual private network) peer-to-peer connection in cloud network environment |
| CN112565048B (en) * | 2020-11-20 | 2022-06-07 | 华云数据控股集团有限公司 | Three-layer VPN (virtual private network) network creation method, three-layer VPN network data transmission method, three-layer VPN network creation device, three-layer VPN network data transmission device and electronic equipment |
| CN112671826A (en) * | 2020-11-25 | 2021-04-16 | 紫光云技术有限公司 | Method for realizing issuing of virtual private cloud intercommunication configuration |
| CN113783781A (en) * | 2021-08-13 | 2021-12-10 | 济南浪潮数据技术有限公司 | Method and device for interworking between virtual private clouds |
| CN113965505A (en) * | 2021-09-27 | 2022-01-21 | 浪潮云信息技术股份公司 | Method for cloud host intercommunication among different virtual private networks and implementation architecture |
| CN113923115B (en) * | 2021-10-09 | 2023-08-25 | 紫光云技术有限公司 | VPC configuration issuing method based on RocketMq |
| CN114024886B (en) * | 2021-10-25 | 2023-04-21 | 济南浪潮数据技术有限公司 | Cross-resource-pool network intercommunication method, electronic equipment and readable storage medium |
| CN114866467A (en) * | 2022-05-27 | 2022-08-05 | 济南浪潮数据技术有限公司 | Cluster communication method, device, system, equipment and readable storage medium |
| CN115102903A (en) * | 2022-06-17 | 2022-09-23 | 济南浪潮数据技术有限公司 | VPC equipment connection method, system, equipment and medium based on cloud platform |
| CN115460127A (en) * | 2022-08-16 | 2022-12-09 | 度小满科技(北京)有限公司 | Virtual routing method and device for different regional networks |
| CN115842664A (en) * | 2022-11-23 | 2023-03-24 | 紫光云技术有限公司 | Public cloud network flow security implementation method |
Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN106789367A (en) * | 2017-02-23 | 2017-05-31 | 郑州云海信息技术有限公司 | The construction method and device of a kind of network system |
| CN108833251A (en) * | 2018-08-01 | 2018-11-16 | 北京百度网讯科技有限公司 | Method and apparatus for controlling the network interconnection |
| CN108900637A (en) * | 2018-08-08 | 2018-11-27 | 北京百度网讯科技有限公司 | Method for transmitting information and device |
| CN109936629A (en) * | 2019-02-27 | 2019-06-25 | 山东浪潮云信息技术有限公司 | A kind of mixed cloud network interconnecting method and system |
Family Cites Families (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US10764169B2 (en) * | 2017-10-09 | 2020-09-01 | Keysight Technologies, Inc. | Methods, systems, and computer readable media for testing virtual network components deployed in virtual private clouds (VPCs) |
-
2019
- 2019-07-15 CN CN201910635495.8A patent/CN110401588B/en active Active
Patent Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN106789367A (en) * | 2017-02-23 | 2017-05-31 | 郑州云海信息技术有限公司 | The construction method and device of a kind of network system |
| CN108833251A (en) * | 2018-08-01 | 2018-11-16 | 北京百度网讯科技有限公司 | Method and apparatus for controlling the network interconnection |
| CN108900637A (en) * | 2018-08-08 | 2018-11-27 | 北京百度网讯科技有限公司 | Method for transmitting information and device |
| CN109936629A (en) * | 2019-02-27 | 2019-06-25 | 山东浪潮云信息技术有限公司 | A kind of mixed cloud network interconnecting method and system |
Non-Patent Citations (2)
| Title |
|---|
| 如何设置规划 AWS VPC 对等连接;wzlinux;《blog.51cto.com/wzlinux/2417154》;20190704;第1-3页,附图1 * |
| 深入浅出新一代云网络-VPC中的那些功能与基于Openstack Neutron的实现(三)-路由与隧道;C0rnSo;《cnblogs.com/opsec/p/7016631.html》;20170615;第1-3页,附图2 * |
Also Published As
| Publication number | Publication date |
|---|---|
| CN110401588A (en) | 2019-11-01 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN110401588B (en) | Method and system for realizing VPC (virtual private network) peer-to-peer connection in public cloud platform based on openstack | |
| EP3509256B1 (en) | Determining routing decisions in a software-defined wide area network | |
| CN102812671B (en) | Methods, systems, and computer readable media for inter-diameter-message processor routing | |
| CN108471397B (en) | Firewall configuration, message sending method and device | |
| US20140230044A1 (en) | Method and Related Apparatus for Authenticating Access of Virtual Private Cloud | |
| EP2901630B1 (en) | Method operating in a fixed access network and user equipments | |
| US8611358B2 (en) | Mobile network traffic management | |
| CN109450905B (en) | Method, device and system for transmitting data | |
| CN113965505A (en) | Method for cloud host intercommunication among different virtual private networks and implementation architecture | |
| CN112751767B (en) | Routing information transmission method and device and data center internet | |
| CN111556110B (en) | Automatic adaptation method for different physical service networks of private cloud system | |
| CN105163062B (en) | A kind of system and method that social resources are linked into common platform | |
| JP2019519146A (en) | Routing establishment, packet transmission | |
| CN103684958A (en) | Method and system for providing flexible VPN (virtual private network) service and VPN service center | |
| CN114401274B (en) | Communication line creation method, device, equipment and readable storage medium | |
| CN103227822B (en) | A kind of P2P communication connection method for building up and equipment | |
| CN112671629A (en) | Method for realizing private line access under cloud network | |
| CN105791432A (en) | Point to point (P2P) communication method and system | |
| CN111884863B (en) | VPC service chain implementation method and system for cloud computing environment | |
| CN101170502B (en) | A method and system for realizing mutual access between stacking members | |
| CN115883256B (en) | Data transmission method, device and storage medium based on encryption tunnel | |
| KR20180007898A (en) | Method for separating groups within tenent in virtual private cloud network | |
| CN108259292B (en) | Method and device for establishing tunnel | |
| CN112769670B (en) | VPN data security access control method and system | |
| KR102246290B1 (en) | Method, apparatus and computer program for network separation of software defined network |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| CB02 | Change of applicant information | ||
| CB02 | Change of applicant information |
Address after: 250100 No. 1036 Tidal Road, Jinan High-tech Zone, Shandong Province, S01 Building, Tidal Science Park Applicant after: Inspur cloud Information Technology Co., Ltd Address before: 250100 No. 1036 Tidal Road, Jinan High-tech Zone, Shandong Province, S01 Building, Tidal Science Park Applicant before: Tidal Cloud Information Technology Co.,Ltd. |
|
| GR01 | Patent grant | ||
| GR01 | Patent grant |