CN110519075A - The communication system and method for physical host and virtual cloud host based on SDN - Google Patents
The communication system and method for physical host and virtual cloud host based on SDN Download PDFInfo
- Publication number
- CN110519075A CN110519075A CN201910674065.7A CN201910674065A CN110519075A CN 110519075 A CN110519075 A CN 110519075A CN 201910674065 A CN201910674065 A CN 201910674065A CN 110519075 A CN110519075 A CN 110519075A
- Authority
- CN
- China
- Prior art keywords
- host
- virtual
- physical
- cloud
- tunnel
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
- 230000006854 communication Effects 0.000 title claims abstract description 56
- 238000004891 communication Methods 0.000 title claims abstract description 48
- 238000000034 method Methods 0.000 title claims abstract description 19
- 238000012544 monitoring process Methods 0.000 claims description 13
- 238000005538 encapsulation Methods 0.000 claims description 8
- 238000013507 mapping Methods 0.000 claims description 7
- 230000008569 process Effects 0.000 claims description 4
- 230000003068 static effect Effects 0.000 claims description 4
- 230000001360 synchronised effect Effects 0.000 claims 1
- 238000013461 design Methods 0.000 description 4
- 238000010586 diagram Methods 0.000 description 4
- 230000006855 networking Effects 0.000 description 3
- 230000005540 biological transmission Effects 0.000 description 2
- 238000004364 calculation method Methods 0.000 description 2
- 238000005516 engineering process Methods 0.000 description 2
- 238000012986 modification Methods 0.000 description 2
- 230000004048 modification Effects 0.000 description 2
- 230000004044 response Effects 0.000 description 2
- 230000000712 assembly Effects 0.000 description 1
- 238000000429 assembly Methods 0.000 description 1
- 230000009286 beneficial effect Effects 0.000 description 1
- 230000007812 deficiency Effects 0.000 description 1
- 238000011161 development Methods 0.000 description 1
- 238000003032 molecular docking Methods 0.000 description 1
- 238000012856 packing Methods 0.000 description 1
- 230000005641 tunneling Effects 0.000 description 1
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L12/00—Data switching networks
- H04L12/28—Data switching networks characterised by path configuration, e.g. LAN [Local Area Networks] or WAN [Wide Area Networks]
- H04L12/46—Interconnection of networks
- H04L12/4633—Interconnection of networks using encapsulation techniques, e.g. tunneling
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L12/00—Data switching networks
- H04L12/28—Data switching networks characterised by path configuration, e.g. LAN [Local Area Networks] or WAN [Wide Area Networks]
- H04L12/46—Interconnection of networks
- H04L12/4641—Virtual LANs, VLANs, e.g. virtual private networks [VPN]
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L41/00—Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
- H04L41/08—Configuration management of networks or network elements
- H04L41/0803—Configuration setting
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L41/00—Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
- H04L41/12—Discovery or management of network topologies
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L41/00—Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
- H04L41/14—Network analysis or design
- H04L41/145—Network analysis or design involving simulating, designing, planning or modelling of a network
Landscapes
- Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Security & Cryptography (AREA)
- Data Exchanges In Wide-Area Networks (AREA)
Abstract
The invention discloses the communication systems and method of a kind of physical host based on SDN and virtual cloud host, in systems, physical host is connect with physical switches, physical switches and virtual cloud host access Underlay network, and cloud computing management platform is connect with Underlay network and SDN controller respectively;The virtual cloud host includes cloud platform calculate node and cloud platform network node, and physical switches and virtual cloud host establish outer tunnel, and cloud platform calculate node and cloud platform network node are provided with virtual switch and constitute loop network by internal tunnel.The present invention has not only broken the mode that intrinsic VXLAN can only be established between pure hardware or pure software, realizes the network communication between physical host and virtual cloud host;And the automatic management of physical host access of virtual network is realized, reduce manually dispose bring hidden danger.
Description
Technical field
The present invention relates to the communication systems and method of a kind of physical host based on SDN and virtual cloud host, belong to communication
Technical field.
Background technique
With the high speed development of cloud computing application, the upper cloud of user may have the computing resource of variform, certain feelings
Virtual machine is unable to satisfy complicated application scenarios, the scene that may just need cloud host and physical host to combine at this time under condition.
Based on the two in cloud computing service irreplaceable role and convergence, provide the network interconnection for physical host and cloud host
Become a new project.
VXLAN (Virtual Extensible LAN) is an emerging SDN standard, is a kind of network virtualization skill
Art, IP based network and the two-layer VPN technology using " MAC in UDP " packing forms, it defines a kind of new overlay
Network, its main creator is VMware, Cisco and Arista.It is designed to eliminate in virtualization network world
The limitation of VLAN number.Two main concepts of VXLAN are the (tunnels VXLAN Tunneling End Point, VXLAN VTEP
Terminal) and VXLAN ID.Wherein, VTEP is responsible for unpacking and package, and the transmission of packet.It can realize by hardware, can also
To use pure software to realize.
Application No. is 201811603193 " physical equipment and virtual network communication method and system based on SDN " patents
A kind of physical equipment based on SDN and virtual network communication method and system are disclosed, by the way that physical equipment is accessed SDN exchange
Equipment is simultaneously established the tunnel VXLAN and is connect in SDN switching equipment with the switching equipment of carrying virtual network.Then by under controller
Flow table is sent out to physical network SDN switch and virtual network switch, instructs physical equipment to communicate with virtual machine, so that physics is set
It is standby to be in same subnet with virtual machine, final two, three layers of network communication for realizing physical host and virtual network.But
The technical solution of the patent relies on SDN switching equipment and does not support to lead since conventional physical interchanger does not support openflow agreement
The application scenarios of machine overlay, therefore, when VTEP is established in virtual switch, which can not provide communication
It supports.
Summary of the invention
For deficiency existing for above method, the invention proposes a kind of physical hosts based on SDN and virtual cloud host
Communication system and method, can not only realize the network communication between physical host and virtual cloud host, and pass through SDN
Controller system realizes the automatic management of physical host access of virtual network, can reduce manually dispose bring hidden danger.
The present invention solves its technical problem and adopts the technical scheme that:
On the one hand, the communication system of a kind of physical host based on SDN provided in an embodiment of the present invention and virtual cloud host,
Including physical host, physical switches, virtual cloud host, Underlay network, cloud computing management platform and SDN controller, institute
It states physical host to connect with physical switches, the physical switches and virtual cloud host access Underlay network, described
Cloud computing management platform is connect with Underlay network and SDN controller respectively;The virtual cloud host includes that cloud platform calculates
Node and cloud platform network node, the physical switches and virtual cloud host establish outer tunnel, and the cloud platform calculates
Node and cloud platform network node are provided with virtual switch and constitute loop network by internal tunnel.
It is combined as a kind of possible implementation of the present embodiment, the physical host passes through a physical switches or more
Platform physical switches access Underlay network.
It is combined as a kind of possible implementation of the present embodiment, the more physical switches constitute tree topology net
Network, the root node and virtual cloud host of the tree-shaped topology network establish outer tunnel.
It is combined as a kind of possible implementation of the present embodiment, the cloud platform calculate node and cloud platform network section
Point is forwarded communication according to internal tunnel flow table matching rule.
It is combined as a kind of possible implementation of the present embodiment, the SDN controller includes:
Platform monitoring module, the REST interface for providing standard dock the network service interface of cloud computing management platform,
For synchronizing the data of cloud platform to SDN controller;
Port monitoring module, for providing the registering functional of physical host port, the registration information packet of physical host port
Include IP, MAC, access device, access interface and the access of virtual network information;
Tunnel monitoring module, for managing the outer tunnel and outer tunnel flow table of physical switches and virtual cloud host
With rule.
It is combined as a kind of possible implementation of the present embodiment, the physical switches pass through with cloud platform network node
The mode that the specified address opposite end VTEP is peer-ip establishes outer tunnel.
It is combined as a kind of possible implementation of the present embodiment, the physical switches and all cloud platform calculate nodes
Outer tunnel is established in such a way that the specified address opposite end VTEP is peer-ip.
On the other hand, the communication party of a kind of physical host based on SDN provided in an embodiment of the present invention and virtual cloud host
Method, comprising the following steps:
Physical host and virtual cloud host are accessed into physical switches, bottom connection is established with this;
A covering tunnel is established between physical switches and virtual cloud host;
Internal tunnel is established between virtual cloud host, and configures internal tunnel flow table matching rule;
Physical host is communicated with virtual cloud host.
It is combined as a kind of possible implementation of the present embodiment, the establishment process in the covering tunnel are as follows:
An outer tunnel is established between physical switches and virtual cloud host;
Configuration physical switches issue the access port of physical host and its static VXLAN of belonging network;
Outer tunnel configuration and outer tunnel flow table matching rule are issued to virtual cloud host.
It is combined as a kind of possible implementation of the present embodiment, between physical switches and cloud platform network node
When establishing outer tunnel, the physical host and virtual cloud host carry out communication process the following steps are included:
Physical switches receive the ARP request message of physical host sending, and destination address is is asked in ARP request message
The IP address for the virtual cloud host asked, physical switches stamp VLAN TAG in access port for data packet, and according to the VLAN
Data envelope is attached to the tunnel VXLAN and broadcasted in tunnel neighbours by the mapping relations of TAG and VXLANID;
After the virtual switch of cloud platform network node receives the data packet of physical switches broadcast by outer tunnel
It is decapsulated, and the flow table matching rule issued according to SDN controller is matched and turned inside virtual switch
Hair;
If the virtual switch of cloud platform network node is not matched to mesh in the flow table matching rule of local node
IP address by request virtual cloud host IP address flow entry, then arp request message is encapsulated into VXLAN tunnel for the second time
Road is simultaneously broadcasted and is exited in tunnel exit, is otherwise entered in next step;
The virtual switch of cloud platform calculate node is asked by the arp that internal tunnel receives cloud platform target node
Message is sought, to progress flow table rule match and forwarding after the decapsulation of arp request message;
It is the corresponding interface IP of purpose virtual cloud host that the virtual switch of cloud platform calculate node, which is matched to destination IP, then
It forwards the packet to the virtual cloud host;
Virtual cloud host sends arp and replys unicast message, by two layers of VXLAN of cloud platform calculate node and physical switches
Arp reply unicast message data packet is sent to physical host after the encapsulation and decapsulation in tunnel.
It is combined as a kind of possible implementation of the present embodiment, when in physical switches and all cloud platform calculate nodes
Between when establishing outer tunnel, the physical host and virtual cloud host carry out communication process the following steps are included:
Physical switches receive the ARP request message of physical host sending, and destination address is is asked in ARP request message
The IP address for the virtual cloud host asked, physical switches stamp VLAN TAG in access port for data packet, and according to the VLAN
Data envelope is attached to the tunnel VXLAN and broadcasted in tunnel neighbours by the mapping relations of TAG and VXLANID;
The virtual switch of cloud platform calculate node is asked by the arp that internal tunnel receives cloud platform target node
Message is sought, to progress flow table rule match and forwarding after the decapsulation of arp request message;
If the virtual switch of cloud platform calculate node is not matched to mesh in the flow table matching rule of local node
IP address by request virtual cloud host IP address flow entry, then arp request message is encapsulated into VXLAN tunnel for the second time
Road is simultaneously broadcasted and is exited in tunnel exit, is otherwise entered in next step;
It is the corresponding interface IP of purpose virtual cloud host that the virtual switch of cloud platform calculate node, which is matched to destination IP, then
It forwards the packet to the virtual cloud host;
Virtual cloud host sends arp and replys unicast message, by two layers of VXLAN of cloud platform calculate node and physical switches
Arp reply unicast message data packet is sent to physical host after the encapsulation and decapsulation in tunnel.
What the technical solution of the embodiment of the present invention can have has the beneficial effect that:
A kind of physical host based on SDN of the embodiment of the present invention and the communication system of virtual cloud host, it passes through foundation
The tunnel VXLAN between virtual switch and physical switches, broken intrinsic VXLAN can only pure hardware or pure software it
Between the mode established, realize the network communication between physical host and virtual cloud host;SDN controller dynamic response accesses object
Manage host port tunnel configuration and flow table matching rule issue and the forwarding of flow, realize physical host access of virtual
The automatic management of network reduces manually dispose bring hidden danger.
The communication means of a kind of physical host based on SDN of the embodiment of the present invention and virtual cloud host, by by physics
Host and virtual cloud host are linked into same physical switches, pass through a physical switches ServerLeaf connection physics
Host and cloud platform network node or cloud platform calculate node, then do flow forwarding;The physical switches that physical host is accessed
As a VTEP, the virtual switch OpenvSwitch of virtual cloud host is as a VTEP, by specified opposite end VTEP
Location is that the mode of peer-ip establishes an ExternalTunnel between physical switches and virtual switch;Virtually
It is to be forwarded communication by InternalTunnel and according to corresponding flow table matching rule between cloud host, physical host connects
Entering design is extended in this mode, carries out matching flow table matching rule for the flow that independent physical host port issues
Then, issuing by controller management flow table rule, finally realizes the communication between physical host and virtual cloud host.
The present invention provides the VXLAN tunnel establishing method of a kind of traditional physical switches and virtual switch, networkings
Mode flexibility and changeability, the plurality of application scenes of the interchanger suitable for all support VXLAN configurations.
Detailed description of the invention:
Fig. 1 is the communication of a kind of physical host based on SDN shown according to an exemplary embodiment Yu virtual cloud host
The schematic diagram of system;
Fig. 2 is the communication of a kind of physical host based on SDN shown according to an exemplary embodiment Yu virtual cloud host
Schematic diagram when system establishes outer tunnel between physical switches and cloud platform network node;
Fig. 3 is the communication of a kind of physical host based on SDN shown according to an exemplary embodiment Yu virtual cloud host
Schematic diagram when system establishes outer tunnel between physical switches and all cloud platform calculate nodes;
Fig. 4 is the communication of a kind of physical host based on SDN shown according to an exemplary embodiment Yu virtual cloud host
The flow chart of method;
When Fig. 5 is that virtual cloud host is made of a cloud platform network node and two cloud platform calculate nodes in Fig. 2
A kind of architecture design figure of the communication system of physical host based on SDN and virtual cloud host;
When Fig. 6 is that virtual cloud host is made of a cloud platform network node and two cloud platform calculate nodes in Fig. 3
A kind of architecture design figure of the communication system of physical host based on SDN and virtual cloud host.
Specific embodiment
The present invention will be further described with embodiment with reference to the accompanying drawing:
In order to clarify the technical characteristics of the invention, below by specific embodiment, and its attached drawing is combined, to this hair
It is bright to be described in detail.Following disclosure provides many different embodiments or example is used to realize different knots of the invention
Structure.In order to simplify disclosure of the invention, hereinafter the component of specific examples and setting are described.In addition, the present invention can be with
Repeat reference numerals and/or letter in different examples.This repetition is that for purposes of simplicity and clarity, itself is not indicated
Relationship between various embodiments and/or setting is discussed.It should be noted that illustrated component is not necessarily to scale in the accompanying drawings
It draws.Present invention omits the descriptions to known assemblies and treatment technology and process to avoid the present invention is unnecessarily limiting.
Fig. 1 is the communication of a kind of physical host based on SDN shown according to an exemplary embodiment Yu virtual cloud host
The schematic diagram of system.As shown in Figure 1, a kind of physical host based on SDN provided in an embodiment of the present invention and virtual cloud host
Communication system, including physical host, physical switches, virtual cloud host, Underlay network, cloud computing management platform and SDN
Controller, the physical host are connect with physical switches, and the physical switches and virtual cloud host access Underlay
Network, the cloud computing management platform are connect with Underlay network and SDN controller respectively;The virtual cloud host includes cloud
Platform calculate node and cloud platform network node, the physical switches and virtual cloud host establish outer tunnel, the cloud
Platform calculate node and cloud platform network node are provided with virtual switch and constitute loop network by internal tunnel.
It is combined as a kind of possible implementation of the present embodiment, the physical host passes through a physical switches or more
Platform physical switches access Underlay network.
It is combined as a kind of possible implementation of the present embodiment, the more physical switches constitute tree topology net
Network, the root node and virtual cloud host of the tree-shaped topology network establish outer tunnel.
It is combined as a kind of possible implementation of the present embodiment, the cloud platform calculate node and cloud platform network section
Point is forwarded communication according to internal tunnel flow table matching rule.
It is combined as a kind of possible implementation of the present embodiment, the SDN controller includes:
Platform monitoring module, the REST interface for providing standard dock the network service interface of cloud computing management platform,
For synchronizing the data of cloud platform to SDN controller;
Port monitoring module, for providing the registering functional of physical host port, the registration information packet of physical host port
Include IP, MAC, access device, access interface and the access of virtual network information;
Tunnel monitoring module, for managing the outer tunnel and outer tunnel flow table of physical switches and virtual cloud host
With rule.
It is combined as a kind of possible implementation of the present embodiment, as shown in Fig. 2, the physical switches and cloud platform net
Network node establishes outer tunnel in such a way that the specified address opposite end VTEP is peer-ip.
It is combined as a kind of possible implementation of the present embodiment, as shown in figure 3, the physical switches and all clouds are flat
Platform calculate node establishes outer tunnel in such a way that the specified address opposite end VTEP is peer-ip.
The present embodiment has been broken inherently by the tunnel VXLAN established between virtual switch and physical switches
The mode that VXLAN can only be established between pure hardware or pure software, realizes the network between physical host and virtual cloud host
Communication;SDN controller dynamic response access physical host port tunnel configuration and flow table matching rule issue and flow
Forwarding, realize the automatic management of physical host access of virtual network, reduce manually dispose bring hidden danger.
Fig. 4 is the communication of a kind of physical host based on SDN shown according to an exemplary embodiment Yu virtual cloud host
The flow chart of method.As shown in figure 4, the communication of a kind of physical host based on SDN provided in this embodiment and virtual cloud host
Method, comprising the following steps:
Physical host and virtual cloud host are accessed into physical switches, bottom connection is established with this;
A covering tunnel is established between physical switches and virtual cloud host;
Internal tunnel is established between virtual cloud host, and configures internal tunnel flow table matching rule;
Physical host is communicated with virtual cloud host.
It is combined as a kind of possible implementation of the present embodiment, an object is accessed between physical host and virtual cloud host
Manage interchanger or more physical switches.The more physical switches constitute tree-shaped topology network, the tree-shaped topology network
Root node and virtual cloud host establish outer tunnel.
It is combined as a kind of possible implementation of the present embodiment, the establishment process in the covering tunnel are as follows:
An outer tunnel is established between physical switches and virtual cloud host;
Configuration physical switches issue the access port of physical host and its static VXLAN of belonging network;
Outer tunnel configuration and outer tunnel flow table matching rule are issued to virtual cloud host.
It is combined as a kind of possible implementation of the present embodiment, between physical switches and cloud platform network node
When establishing outer tunnel, the physical host and virtual cloud host carry out communication process the following steps are included:
Physical switches receive the ARP request message of physical host sending, and destination address is is asked in ARP request message
The IP address for the virtual cloud host asked, physical switches stamp VLAN TAG in access port for data packet, and according to the VLAN
Data envelope is attached to the tunnel VXLAN and broadcasted in tunnel neighbours by the mapping relations of TAG and VXLANID;
After the virtual switch of cloud platform network node receives the data packet of physical switches broadcast by outer tunnel
It is decapsulated, and the flow table matching rule issued according to SDN controller is matched and turned inside virtual switch
Hair;
If the virtual switch of cloud platform network node is not matched to mesh in the flow table matching rule of local node
IP address by request virtual cloud host IP address flow entry, then arp request message is encapsulated into VXLAN tunnel for the second time
Road is simultaneously broadcasted and is exited in tunnel exit, is otherwise entered in next step;
The virtual switch of cloud platform calculate node is asked by the arp that internal tunnel receives cloud platform target node
Message is sought, to progress flow table rule match and forwarding after the decapsulation of arp request message;
It is the corresponding interface IP of purpose virtual cloud host that the virtual switch of cloud platform calculate node, which is matched to destination IP, then
It forwards the packet to the virtual cloud host;
Virtual cloud host sends arp and replys unicast message, by two layers of VXLAN of cloud platform calculate node and physical switches
Arp reply unicast message data packet is sent to physical host after the encapsulation and decapsulation in tunnel.
It is combined as a kind of possible implementation of the present embodiment, when in physical switches and all cloud platform calculate nodes
Between when establishing outer tunnel, the physical host and virtual cloud host carry out communication process the following steps are included:
Physical switches receive the ARP request message of physical host sending, and destination address is is asked in ARP request message
The IP address for the virtual cloud host asked, physical switches stamp VLAN TAG in access port for data packet, and according to the VLAN
Data envelope is attached to the tunnel VXLAN and broadcasted in tunnel neighbours by the mapping relations of TAG and VXLANID;
The virtual switch of cloud platform calculate node is asked by the arp that internal tunnel receives cloud platform target node
Message is sought, to progress flow table rule match and forwarding after the decapsulation of arp request message;
If the virtual switch of cloud platform calculate node is not matched to mesh in the flow table matching rule of local node
IP address by request virtual cloud host IP address flow entry, then arp request message is encapsulated into VXLAN tunnel for the second time
Road is simultaneously broadcasted and is exited in tunnel exit, is otherwise entered in next step;
It is the corresponding interface IP of purpose virtual cloud host that the virtual switch of cloud platform calculate node, which is matched to destination IP, then
It forwards the packet to the virtual cloud host;
Virtual cloud host sends arp and replys unicast message, by two layers of VXLAN of cloud platform calculate node and physical switches
Arp reply unicast message data packet is sent to physical host after the encapsulation and decapsulation in tunnel.
The present embodiment passes through an object by the way that physical host and virtual cloud host to be linked into same physical switches
Interchanger ServerLeaf connection physical host and cloud platform network node or cloud platform calculate node are managed, then does flow forwarding;
Using the physical switches of physical host access as a VTEP, the virtual switch OpenvSwitch conduct of virtual cloud host
One VTEP is established between physical switches and virtual switch in such a way that the specified address opposite end VTEP is peer-ip
An ExternalTunnel is played;It is to pass through InternalTunnel and match according to corresponding flow table to advise between virtual cloud host
It is then forwarded communication, the access design of physical host is extended in this mode, for independent physical host port
The flow of sending, which carries out matching flow table matching rule, finally realizes physics master by issuing for controller management flow table rule
Communication between machine and virtual cloud host.
The present invention provides the VXLAN tunnel establishing method of a kind of traditional physical switches and virtual switch, networkings
Mode flexibility and changeability, the plurality of application scenes of the interchanger suitable for all support VXLAN configurations.
It is right below for when virtual cloud host is made of a cloud platform network node and two cloud platform calculate nodes
Communication means of the invention is described in detail.
As shown in Figure 5 and Figure 6, top is cloud computing management platform and the SDN controller for docking cloud computing management platform, cloud
Management of computing platform management virtual machine, SDN controller management virtual network;Middle part is Underlay network and for accessing physics
The hardware switch (being a part of underlay) of host;Lower part is the host node i.e. virtual cloud host for carrying cloud service
(containing basic service unit, a network node and two calculate nodes in Fig. 5 and Fig. 6) and the physics master independently accessed
Machine.
As shown in Figure 5 and Figure 6, SDN controller includes:
Platform monitoring module, the REST interface for providing standard dock the network service interface of cloud computing management platform,
For synchronizing the data of cloud platform to SDN controller;
Port monitoring module, for providing the registering functional of physical host port, the registration information packet of physical host port
Include IP, MAC, access device, access interface and the access of virtual network information;
Tunnel monitoring module, for managing the outer tunnel and outer tunnel flow table of physical switches and virtual cloud host
With rule.
As shown in figure 5, the communication process of a kind of physical host and virtual cloud host is as follows:
Physical host is connected directly to physical switches ServerLeaf, and the physical switches and carrying cloud platform network node
Underlay network physical switches double layer intercommunication or overlapping;
SDN controller monitoring is online to physical host port, reads VXLANID according to the VXLAN network of its specified access
And unique VLANID is distributed for it, one is established between the virtual switch and physical switches of carrying cloud platform network node
ExternalTunnel;
Physical switches receive the ARP request message of physical host sending, destination in the access port of physical host
Location is the IP address of requested virtual cloud host, and physical switches in access port are that data packet stamps VLAN TAG, and according to
Data envelope is attached to the tunnel VXLAN and broadcasted in tunnel neighbours by the mapping relations of the VLAN TAG and VXLANID;
The virtual switch of bearer network node receives above-mentioned physical switches by ExternalTunnel and sends out
Data packet, it is carried out to decapsulate and the flow table rule that is issued according to SDN controller matches inside virtual switch
And forwarding;
The virtual switch of bearer network node is not matched to purpose IP address in the flow table rule of local node
The flow entry of the IP address of requested cloud host, then arp request message is encapsulated into VXLAN tunnel by the virtual switch for the second time
Road is broadcasted in the tunnel exit of the virtual switch;
The virtual switch of load capacity calculation node receives the arp request report of above-mentioned transmission by InternalTunnel
Text enters after local node is decapsulated and carries out rule match and forwarding in flow table;
It is the corresponding interface of purpose cloud host that the virtual switch of load capacity calculation node, which is matched to destination IP in local node,
IP is forwarded the packet to cloud host;
Cloud host sends arp and replys unicast message, sends the packet within by the encapsulation and decapsulation in two layers tunnel VXLAN
To physical host.
As shown in fig. 6, Principle of Communication corresponding with Fig. 5 is consistent, but the difference is that mode is established in tunnel, physical host is connect
The physical switches entered can directly establish External between the virtual switch of carrying cloud platform computer point
Tunnel;Corresponding communication process does not pass through network node and does transit node, it is only necessary to which the encapsulation and decapsulation of level-one VTEP be
The network communication of physical host and fictitious host computer can be achieved, user can flexible configuration according to demand.
The present invention by the network node of physical host and cloud platform access one or more (actual conditions based on networking plan
Flexibly build) interchanger with this establish bottom connection;It is the access port configuration that interchanger issues physical host by SDN controller
And the static VXLAN configuration of physical host corresponding network, it issues for the network node of cloud platform based on virtual switch
The External_Tunnel of OpenvSwitch is configured and flow table, in the physical switches of physical host access and carries cloud with this
Overlay (covering) tunnel is established between the virtual switch of platform network node;Last network node by with its
The Internal_Tunnel established between his calculate node carries out flow forwarding, and then realizes physical host and virtual network
Flow between cloud host is exchanged visits.
The above is the preferred embodiment of the present invention, for those skilled in the art, In
Without departing from the principles of the invention, several improvements and modifications can also be made, these improvements and modifications are also regarded as this
The protection scope of invention.
Claims (10)
1. the communication system of a kind of physical host based on SDN and virtual cloud host, characterized in that including physical host, physics
Interchanger, virtual cloud host, Underlay network, cloud computing management platform and SDN controller, the physical host and physics are handed over
It changes planes connection, the physical switches and virtual cloud host access Underlay network, the cloud computing management platform difference
It is connect with Underlay network and SDN controller;The virtual cloud host includes cloud platform calculate node and cloud platform network section
Point, the physical switches and virtual cloud host establish outer tunnel, the cloud platform calculate node and cloud platform network section
Point is provided with virtual switch and constitutes loop network by internal tunnel.
2. the communication system of the physical host according to claim 1 based on SDN and virtual cloud host, characterized in that institute
It states physical host and accesses Underlay network by a physical switches or more physical switches.
3. the communication system of the physical host according to claim 1 based on SDN and virtual cloud host, characterized in that institute
It states more physical switches and constitutes tree-shaped topology network, the root node and virtual cloud host of the tree-shaped topology network are established external
Tunnel.
4. the communication system of the physical host according to claim 1 based on SDN and virtual cloud host, characterized in that institute
The cloud platform calculate node and cloud platform network node stated are forwarded communication according to internal tunnel flow table matching rule.
5. the communication system of the physical host according to claim 1 based on SDN and virtual cloud host, characterized in that institute
Stating SDN controller includes:
Platform monitoring module, the REST interface for providing standard dock the network service interface of cloud computing management platform, are used for
The data of synchronous cloud platform are to SDN controller;
Port monitoring module, for providing the registering functional of physical host port, the registration information of physical host port include IP,
MAC, access device, access interface and the access of virtual network information;
Tunnel monitoring module matches rule with the outer tunnel of virtual cloud host and outer tunnel flow table for managing physical switches
Then.
6. the communication system of the physical host described in -5 any one based on SDN and virtual cloud host according to claim 1,
It is characterized in, the physical switches and cloud platform network node or all cloud platform calculate nodes are by specifying the address opposite end VTEP
Outer tunnel is established for the mode of peer-ip.
7. the communication means of a kind of physical host based on SDN and virtual cloud host, characterized in that the following steps are included:
Physical host and virtual cloud host are accessed into physical switches, bottom connection is established with this;
A covering tunnel is established between physical switches and virtual cloud host;
Internal tunnel is established between virtual cloud host, and configures internal tunnel flow table matching rule;
Physical host is communicated with virtual cloud host.
8. the communication means of the physical host according to claim 7 based on SDN and virtual cloud host, characterized in that institute
State the establishment process in covering tunnel are as follows:
An outer tunnel is established between physical switches and virtual cloud host;
Configuration physical switches issue the access port of physical host and its static VXLAN of belonging network;
Outer tunnel configuration and outer tunnel flow table matching rule are issued to virtual cloud host.
9. the communication means of the physical host according to claim 7 or 8 based on SDN and virtual cloud host, characterized in that
When establishing outer tunnel between physical switches and cloud platform network node, the physical host and virtual cloud host are carried out
Communication process the following steps are included:
Physical switches receive the ARP request message of physical host sending, and destination address is requested in ARP request message
The IP address of virtual cloud host, physical switches in access port are that data packet stamps VLAN TAG, and according to the VLAN TAG with
Data envelope is attached to the tunnel VXLAN and broadcasted in tunnel neighbours by the mapping relations of VXLANID;
The virtual switch of cloud platform network node by outer tunnel receive physical switches broadcast data packet after to it
It is decapsulated, and the flow table matching rule issued according to SDN controller is matched and forwarded inside virtual switch;
If the virtual switch of cloud platform network node is not matched to destination IP in the flow table matching rule of local node
Address by request virtual cloud host IP address flow entry, then arp request message is encapsulated into the tunnel VXLAN simultaneously for the second time
It is broadcasted and is exited in tunnel exit, otherwise entered in next step;
The virtual switch of cloud platform calculate node receives the arp request report of cloud platform target node by internal tunnel
Text, to progress flow table rule match and forwarding after the decapsulation of arp request message;
It is the corresponding interface IP of purpose virtual cloud host that the virtual switch of cloud platform calculate node, which is matched to destination IP, then will report
Text is forwarded to the virtual cloud host;
Virtual cloud host sends arp and replys unicast message, by two layers of tunnel VXLAN of cloud platform calculate node and physical switches
Encapsulation and decapsulation after by arp reply unicast message data packet be sent to physical host.
10. the communication means of the physical host according to claim 7 or 8 based on SDN and virtual cloud host, feature
It is, when establishing outer tunnel between physical switches and all cloud platform calculate nodes, the physical host and virtual
Cloud host carry out communication process the following steps are included:
Physical switches receive the ARP request message of physical host sending, and destination address is requested in ARP request message
The IP address of virtual cloud host, physical switches in access port are that data packet stamps VLAN TAG, and according to the VLAN TAG with
Data envelope is attached to the tunnel VXLAN and broadcasted in tunnel neighbours by the mapping relations of VXLANID;
The virtual switch of cloud platform calculate node receives the arp request report of cloud platform target node by internal tunnel
Text, to progress flow table rule match and forwarding after the decapsulation of arp request message;
If the virtual switch of cloud platform calculate node is not matched to destination IP in the flow table matching rule of local node
Address by request virtual cloud host IP address flow entry, then arp request message is encapsulated into the tunnel VXLAN simultaneously for the second time
It is broadcasted and is exited in tunnel exit, otherwise entered in next step;
It is the corresponding interface IP of purpose virtual cloud host that the virtual switch of cloud platform calculate node, which is matched to destination IP, then will report
Text is forwarded to the virtual cloud host;
Virtual cloud host sends arp and replys unicast message, by two layers of tunnel VXLAN of cloud platform calculate node and physical switches
Encapsulation and decapsulation after by arp reply unicast message data packet be sent to physical host.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201910674065.7A CN110519075B (en) | 2019-07-24 | 2019-07-24 | SDN-based communication system and method for physical host and virtual cloud host |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201910674065.7A CN110519075B (en) | 2019-07-24 | 2019-07-24 | SDN-based communication system and method for physical host and virtual cloud host |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN110519075A true CN110519075A (en) | 2019-11-29 |
| CN110519075B CN110519075B (en) | 2022-05-27 |
Family
ID=68622865
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201910674065.7A Active CN110519075B (en) | 2019-07-24 | 2019-07-24 | SDN-based communication system and method for physical host and virtual cloud host |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN110519075B (en) |
Cited By (8)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN111327509A (en) * | 2020-01-21 | 2020-06-23 | 新华三信息安全技术有限公司 | Information updating method and device |
| CN111404801A (en) * | 2020-03-27 | 2020-07-10 | 四川虹美智能科技有限公司 | Data processing method, device and system for cross-cloud manufacturer |
| CN111416732A (en) * | 2020-02-25 | 2020-07-14 | 浪潮思科网络科技有限公司 | Method and device for automatically configuring service for capacity expansion of network equipment in SDN |
| CN111614541A (en) * | 2020-06-09 | 2020-09-01 | 山东汇贸电子口岸有限公司 | Method for adding public cloud network physical host into VPC |
| CN113395328A (en) * | 2021-05-24 | 2021-09-14 | 浪潮思科网络科技有限公司 | Cloud virtual machine and cloud physical machine communication method and system based on hybrid Overlay |
| WO2022142905A1 (en) * | 2020-12-29 | 2022-07-07 | 华为技术有限公司 | Packet forwarding method and apparatus, and network system |
| CN114884771A (en) * | 2022-04-29 | 2022-08-09 | 北京绎云科技有限公司 | Identity network construction method, device and system based on zero trust concept |
| CN115134194A (en) * | 2022-06-22 | 2022-09-30 | 北京百度网讯科技有限公司 | Method, system, device and program product for implementing network virtualization |
Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20140092907A1 (en) * | 2012-08-14 | 2014-04-03 | Vmware, Inc. | Method and system for virtual and physical network integration |
| CN105049358A (en) * | 2015-06-25 | 2015-11-11 | 清华大学 | Virtual forwarding platform of SDN (Software Defined Network) and communication method thereof |
| CN105763512A (en) * | 2014-12-17 | 2016-07-13 | 杭州华三通信技术有限公司 | SDN virtual network communication method and device |
| CN109218053A (en) * | 2017-07-03 | 2019-01-15 | 中兴通讯股份有限公司 | Implementation method, system and the storage medium of virtual data center |
| CN109660443A (en) * | 2018-12-26 | 2019-04-19 | 江苏省未来网络创新研究院 | Physical equipment and virtual network communication method and system based on SDN |
-
2019
- 2019-07-24 CN CN201910674065.7A patent/CN110519075B/en active Active
Patent Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20140092907A1 (en) * | 2012-08-14 | 2014-04-03 | Vmware, Inc. | Method and system for virtual and physical network integration |
| CN105763512A (en) * | 2014-12-17 | 2016-07-13 | 杭州华三通信技术有限公司 | SDN virtual network communication method and device |
| CN105049358A (en) * | 2015-06-25 | 2015-11-11 | 清华大学 | Virtual forwarding platform of SDN (Software Defined Network) and communication method thereof |
| CN109218053A (en) * | 2017-07-03 | 2019-01-15 | 中兴通讯股份有限公司 | Implementation method, system and the storage medium of virtual data center |
| CN109660443A (en) * | 2018-12-26 | 2019-04-19 | 江苏省未来网络创新研究院 | Physical equipment and virtual network communication method and system based on SDN |
Cited By (10)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN111327509A (en) * | 2020-01-21 | 2020-06-23 | 新华三信息安全技术有限公司 | Information updating method and device |
| CN111416732A (en) * | 2020-02-25 | 2020-07-14 | 浪潮思科网络科技有限公司 | Method and device for automatically configuring service for capacity expansion of network equipment in SDN |
| CN111416732B (en) * | 2020-02-25 | 2021-05-28 | 浪潮思科网络科技有限公司 | Method and device for automatically configuring service for capacity expansion of network equipment in SDN |
| CN111404801A (en) * | 2020-03-27 | 2020-07-10 | 四川虹美智能科技有限公司 | Data processing method, device and system for cross-cloud manufacturer |
| CN111614541A (en) * | 2020-06-09 | 2020-09-01 | 山东汇贸电子口岸有限公司 | Method for adding public cloud network physical host into VPC |
| WO2022142905A1 (en) * | 2020-12-29 | 2022-07-07 | 华为技术有限公司 | Packet forwarding method and apparatus, and network system |
| CN113395328A (en) * | 2021-05-24 | 2021-09-14 | 浪潮思科网络科技有限公司 | Cloud virtual machine and cloud physical machine communication method and system based on hybrid Overlay |
| CN113395328B (en) * | 2021-05-24 | 2022-11-11 | 浪潮思科网络科技有限公司 | Cloud virtual machine and cloud physical machine communication method and system based on hybrid Overlay |
| CN114884771A (en) * | 2022-04-29 | 2022-08-09 | 北京绎云科技有限公司 | Identity network construction method, device and system based on zero trust concept |
| CN115134194A (en) * | 2022-06-22 | 2022-09-30 | 北京百度网讯科技有限公司 | Method, system, device and program product for implementing network virtualization |
Also Published As
| Publication number | Publication date |
|---|---|
| CN110519075B (en) | 2022-05-27 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN110519075A (en) | The communication system and method for physical host and virtual cloud host based on SDN | |
| CN109660443B (en) | SDN-based physical device and virtual network communication method and system | |
| CN106936777B (en) | Cloud computing distributed network implementation method and system based on OpenFlow | |
| US11831551B2 (en) | Cloud computing data center system, gateway, server, and packet processing method | |
| US10205657B2 (en) | Packet forwarding in data center network | |
| CN103259727B (en) | A kind of message forwarding method and equipment | |
| CN107370642B (en) | Multi-tenant network stability monitoring system and method based on cloud platform | |
| WO2016034014A1 (en) | Gateway control method, device and system based on virtual machine migration | |
| CN108199963B (en) | Message forwarding method and device | |
| CN108768817A (en) | A kind of virtualization network constructing system, data packet sending method | |
| CN107342941B (en) | A kind of optimization method and device of VXLAN control plane | |
| EP3069471B1 (en) | Optimized multicast routing in a clos-like network | |
| CN102316030B (en) | Method for realizing two-layer internetworking of data center and device | |
| CN104780088A (en) | Service message transmission method and equipment | |
| CN106603550B (en) | A kind of Network Isolation method and device | |
| CN107306215B (en) | Data processing method, system and node | |
| WO2015113410A1 (en) | Data packet processing method and apparatus | |
| CN106899478B (en) | Method for realizing resource elastic expansion of power test service through cloud platform | |
| CN113746717B (en) | Network equipment communication method and network equipment communication device | |
| CN111614541A (en) | Method for adding public cloud network physical host into VPC | |
| CN107317768A (en) | Traffic scheduling method and device | |
| WO2022017099A1 (en) | Communication method, cp device, and nat device | |
| CN108683523A (en) | A kind of SDN frameworks based on network virtualization | |
| CN104767685A (en) | Flow forwarding method and device | |
| CN108574613A (en) | The double layer intercommunication method and device of SDN data centers |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |