CN111970199A - Implementation method for improving virtual machine network performance in openstack dvr mode - Google Patents
Implementation method for improving virtual machine network performance in openstack dvr mode Download PDFInfo
- Publication number
- CN111970199A CN111970199A CN202010856949.7A CN202010856949A CN111970199A CN 111970199 A CN111970199 A CN 111970199A CN 202010856949 A CN202010856949 A CN 202010856949A CN 111970199 A CN111970199 A CN 111970199A
- Authority
- CN
- China
- Prior art keywords
- flow
- virtual machine
- int
- flooding
- sent
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L45/00—Routing or path finding of packets in data switching networks
- H04L45/32—Flooding
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L45/00—Routing or path finding of packets in data switching networks
- H04L45/54—Organization of routing tables
Abstract
The invention provides a realization method for improving the performance of a virtual machine network under an openstack dvr mode, which belongs to the technical field of cloud computing and computer networks and comprises two-layer flow flooding repair on a br-int bridge and three-layer flow flooding repair on the br-int bridge; the two-layer traffic flooding repair is responsible for repairing the traffic flooding problem among virtual machines of the same subnet across the computing nodes in the dvr mode; the three-layer traffic flooding repair is responsible for repairing the traffic flooding problem among virtual machines of different subnets across the computing nodes in the dvr mode. The invention can effectively avoid invalid flow and greatly improve the virtual machine performance.
Description
Technical Field
The invention relates to a cloud computing and computer network technology, in particular to an implementation method for improving virtual machine network performance in an openstack dvr mode.
Background
In the dvr mode of the current openstack, when the virtual machines of the same subnet cross the computing node communicate with each other, the traffic sent by the virtual machine on the current node to the virtual machine of the remote node can flood on the local br-int bridge, and the flooding of the two-layer traffic on the br-int bridge seriously consumes the resources of the system, greatly weakens the communication efficiency between the virtual machines, so that when the number of the virtual machines increases, the PPS performance between the virtual machines of the same subnet greatly reduces: when different subnetworks communicate across virtual machines of computing nodes, traffic is sent to a router on a node where a sender is located, and when the traffic is sent to a br-int bridge from a gateway in the router, a problem of two-layer communication exists, the traffic still floods the br-int bridge, system resources are consumed, and performance is reduced.
As the number of virtual machines increases, network performance decreases proportionally.
Disclosure of Invention
In order to solve the technical problems, the invention provides a realization method for improving the network performance of a virtual machine in an openstack dvr mode, which solves the problem of traffic flooding of the virtual machine traffic on a br-int bridge in the dvr mode and improves the network performance of the virtual machine.
The technical scheme of the invention is as follows:
the implementation method for improving the virtual machine network performance in the openstack dvr mode comprises the following steps: two-layer flow flooding repair on the br-int bridge and three-layer flow flooding repair on the br-int bridge;
the two-layer traffic flooding repair is responsible for repairing the traffic flooding problem among virtual machines of the same subnet across the computing nodes in the dvr mode; the three-layer traffic flooding repair is responsible for repairing the traffic flooding problem among virtual machines of different subnets across the computing nodes in the dvr mode.
By modifying the br-int flow table, the br-int knows which port the destination mac is on.
Further, in the above-mentioned case,
and (3) restoring the flooding of the two layers of flow on the br-int bridge, namely modifying the two layers of return flow to walk a normal flow table, and ensuring that the br-int bridge learns the remote mac.
And modifying the return path of the two-layer flow, so that the returned flow and the outgoing flow are matched with the normal flow table on the br-int bridge as well, that the mac learned by the br-int to the remote virtual machine is at the patch-tun port, and the subsequent flow can be directly sent to the patch-tun port without flooding.
The method comprises the following steps:
step one, adding br-int flow table number 59, wherein the 59 table is specially used for processing flow related to the dvr mode;
secondly, putting a flow table which is native in a 60 th table on br-int and accurately leads to a local virtual machine port into a 59 th table;
third, let the flow of the model table of the matching table 60 of the return flow.
Further, in the above-mentioned case,
and (3) performing flood repair on the three-layer flow on the br-int bridge, namely adding a specified table 59 for processing dvr related flow, and adding a flow table to enable the flow sent from the qrouter to be sent to a table 59 for processing.
The destination of the newly added processing from the remote node is a local flow table in the table No. 59, the destination of the newly added processing from the qrouter to the local flow table in the table No. 59, and the destination of the newly added processing from the qrouter to the virtual machine in the table No. 59 is a flow table of the remote virtual machine.
The method specifically comprises the following steps:
firstly, on the basis of two-layer repair, a table 59 is newly added and is specially used for processing flow related to a dvr mode;
secondly, the data flow firstly matches the flow table of table 0 on br-int, and a flow table is added in the table 0 table, so that the flow sent from the qrouter gateway is sent to the table 59;
thirdly, modifying the flow table from the remote node in the table 1, and sending the flow from the remote node to the table 59;
fourthly, adding a flow table with high priority into a table 59 table to process three layers of flow sent to the virtual machine of the node from the remote node, and directly and accurately sending the flow to a port of the local virtual machine after stripping off a vlan tag during the processing method;
fifthly, adding a flow table with high priority to process three-layer flow of the same node in a table 59 table, and forwarding the flow table which is sent from a gateway and aims at the local virtual machine by using a normal mode, so that br-int can learn the mac of the local virtual machine;
sixthly, adding a low-priority flow table in the table 59 table to process the flow table sent from the qrouter gateway, wherein the purpose of the flow table is not the flow table of the local virtual machine, that is, three layers of flow sent to the remote node need to be sent to the patch-tun port.
The invention has the advantages that
The problem that the performance of the virtual machine network is reduced when the scale number of the virtual machines is increased in an openstack environment can be effectively solved, after the method is applied, the PPS is improved by 400% in UDP flow tests of virtual machines (8) of the same subnet of different computing nodes, the PPS is improved by 364% in UDP flow tests of virtual machines (8) of different subnets of different computing nodes, and the performance is obviously improved after the method is applied.
Detailed Description
In order to make the objects, technical solutions and advantages of the embodiments of the present invention clearer and more complete, the technical solutions in the embodiments of the present invention will be described below, it is obvious that the described embodiments are a part of the embodiments of the present invention, but not all embodiments, and all other embodiments obtained by a person of ordinary skill in the art without creative efforts based on the embodiments of the present invention belong to the protection scope of the present invention.
The method mainly comprises two-layer flow flooding repair and three-layer flow flooding repair, and is realized through the following technical scheme.
And the two-layer traffic flooding repair is responsible for repairing the traffic flooding problem among virtual machines of the same subnet across the computing nodes in the dvr mode. The reason for generating the two-layer traffic flooding is that the outgoing traffic is matched with the normal flow table of the table 60, and the incoming traffic is matched with the flow table of the actual table 60 which is accurate to the specific destination port, and the incoming and outgoing paths are different, so that the br-int bridge cannot learn which port the mac address of the remote virtual machine is on, and the subsequent traffic does not know which port to send, and the flooding needs to be performed all the time. Therefore, the idea of repair is to modify the return path of the two-layer flow, so that the returned flow and the outgoing flow are both matched with the normal flow table on the br-int bridge, so that br-int can learn that the mac of the remote virtual machine is at the patch-tun port, and the subsequent flow can be directly sent to the patch-tun port without flooding. The specific implementation method comprises the following steps:
in the first step, we add br-int flow table number 59, which 59 table will be used exclusively to handle the flow related to the dvr mode.
Second, place the native flow table that leads to the local virtual machine port exactly in table 60 on br-int into table 59.
Third, let the flow of the model table of the matching table 60 of the return flow.
And the three-layer traffic flooding repair is responsible for repairing the traffic flooding problem among virtual machines of different subnets across the computing nodes in the dvr mode. The reason why the three-layer traffic flooding is generated is that the sending virtual machine will first send the traffic of the cross-network segment to its gateway, the virtual router, that is, qrouter, in the dvr mode will be distributed at several points of calculation, after receiving the traffic, the qrouter on the sending node will send the traffic to br-int from the gateway, at this time, the source mac of the traffic is the gateway mac of the destination virtual machine network segment, and the destination mac is the destination virtual machine mac, and at this time, the situation can be understood as the situation of two-layer traffic communication, the traffic sent from the gateway matches the normal flow table of table 60, and the traffic returned from the receiving party matches the flow table of the accurate guide sending virtual machine port of table 60, which leads to br-int being unable to learn from which port of br-int the remote virtual machine should be sent out, resulting in that the subsequent traffic is flooded. The idea of repair is to modify the br-int flow table so that br-int knows which port the destination mac is on. The specific implementation method comprises the following steps:
firstly, on the basis of two-layer repair, a table 59 is newly added and is specially used for processing flow related to a dvr mode
In the second step, the data flow will first match the table 0 flow table on br-int, add a flow table in table 0 table, let the flow sent from the qrouter gateway send to table 59, if: table 0, priority 10, dl src fa 16:3e 5b 6c 61actions resibmit (59), where fa 16:3e 5b 6c 61 is a gateway mac.
Third, modifying the flow table from the remote node in table 1, and sending the traffic from the remote node to table 59, such as: table 1, priority 4, dl _ vlan 1, dl _ dst fa 16:3e aa 2, ee actions mod dl src 16:3e:5b:6c 61, resume (59), where dl _ dst is mac of the virtual machine on the node.
And fourthly, adding a high-priority flow table into a table 59 table to process three layers of flow sent from the remote node to the virtual machine of the node, and directly and accurately sending the flow to a port of the local virtual machine after stripping off a vlan tag during the processing method. Such as: table 59, priority 4, dl _ vlan 1, dl _ src fa 16:3e:5b:6c:61, dl _ dst fa 16:3e: aa: e2, ee actions strip _ vlan, output: "qvo352ac 079-26".
Fifthly, adding a high-priority flow table in a table 59 to process three-layer flow of the same node, and forwarding the flow table which is sent from a gateway and aims at the local virtual machine in a normal mode, so that br-int can learn the mac of the local virtual machine, such as: table 59, priority 4, dl _ src fa 16:3e:5b:6c:61, dl _ dst fa 16:3e: aa 2, ee actions NORMAL.
Sixthly, adding a low-priority flow table in the table 59 table to process the flow table sent from the qrouter gateway, wherein the purpose of the flow table is not the flow table of the local virtual machine, that is, three layers of flow sent to the remote node need to be sent to a patch-tun port, for example: table 59, priority 3, dl _ src fa 16:3e:5b:6c:61actions mod _ vlan _ vid:1, output: "patch-tun".
The above description is only a preferred embodiment of the present invention, and is only used to illustrate the technical solutions of the present invention, and not to limit the protection scope of the present invention. Any modification, equivalent replacement, or improvement made within the spirit and principle of the present invention shall fall within the protection scope of the present invention.
Claims (8)
1. A realization method for improving the virtual machine network performance under openstack dvr mode is characterized in that,
the method comprises the following steps: two-layer flow flooding repair on the br-int bridge and three-layer flow flooding repair on the br-int bridge;
the two-layer traffic flooding repair is responsible for repairing the traffic flooding problem among virtual machines of the same subnet across the computing nodes in the dvr mode; the three-layer traffic flooding repair is responsible for repairing the traffic flooding problem among virtual machines of different subnets across the computing nodes in the dvr mode.
2. The method of claim 1,
by modifying the br-int flow table, the br-int knows which port the destination mac is on.
3. The method of claim 2,
and (3) restoring the flooding of the two layers of flow on the br-int bridge, namely modifying the two layers of return flow to walk a normal flow table, and ensuring that the br-int bridge learns the remote mac.
4. The method of claim 3,
and modifying the return path of the two-layer flow, so that the returned flow and the outgoing flow are matched with the normal flow table on the br-int bridge as well, that the mac learned by the br-int to the remote virtual machine is at the patch-tun port, and the subsequent flow can be directly sent to the patch-tun port without flooding.
5. The method of claim 4,
the method comprises the following steps:
step one, adding br-int flow table number 59, wherein the 59 table is specially used for processing flow related to the dvr mode;
secondly, putting a flow table which is native in a 60 th table on br-int and accurately leads to a local virtual machine port into a 59 th table;
third, let the flow of the model table of the matching table 60 of the return flow.
6. The method of claim 2,
and (3) performing flood repair on the three-layer flow on the br-int bridge, namely adding a specified table 59 for processing dvr related flow, and adding a flow table to enable the flow sent from the qrouter to be sent to a table 59 for processing.
7. The method of claim 6,
the destination of the newly added processing from the remote node is a local flow table in the table No. 59, the destination of the newly added processing from the qrouter to the local flow table in the table No. 59, and the destination of the newly added processing from the qrouter to the virtual machine in the table No. 59 is a flow table of the remote virtual machine.
8. The method of claim 7,
the three-layer flow flooding restoration method specifically comprises the following steps:
firstly, on the basis of two-layer repair, a table 59 is newly added and is specially used for processing flow related to a dvr mode;
secondly, the data flow firstly matches the flow table of table 0 on br-int, and a flow table is added in the table 0 table, so that the flow sent from the qrouter gateway is sent to the table 59;
thirdly, modifying the flow table from the remote node in the table 1, and sending the flow from the remote node to the table 59;
fourthly, adding a flow table with high priority into a table 59 table to process three layers of flow sent to the virtual machine of the node from the remote node, and directly and accurately sending the flow to a port of the local virtual machine after stripping off a vlan tag during the processing method;
fifthly, adding a flow table with high priority to process three-layer flow of the same node in a table 59 table, and forwarding the flow table which is sent from a gateway and aims at the local virtual machine by using a normal mode, so that br-int can learn the mac of the local virtual machine;
sixthly, adding a low-priority flow table in the table 59 table to process the flow table sent from the qrouter gateway, wherein the purpose of the flow table is not the flow table of the local virtual machine, that is, three layers of flow sent to the remote node need to be sent to the patch-tun port.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202010856949.7A CN111970199A (en) | 2020-08-24 | 2020-08-24 | Implementation method for improving virtual machine network performance in openstack dvr mode |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202010856949.7A CN111970199A (en) | 2020-08-24 | 2020-08-24 | Implementation method for improving virtual machine network performance in openstack dvr mode |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN111970199A true CN111970199A (en) | 2020-11-20 |
Family
ID=73391197
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202010856949.7A Pending CN111970199A (en) | 2020-08-24 | 2020-08-24 | Implementation method for improving virtual machine network performance in openstack dvr mode |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN111970199A (en) |
Citations (10)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20100067374A1 (en) * | 2008-09-12 | 2010-03-18 | Cisco Technology, Inc., A Corporation Of California | Reducing Flooding in a Bridged Network |
| US20130058334A1 (en) * | 2010-07-06 | 2013-03-07 | Teemu Koponen | Packet processing in a network with hierarchical managed switching elements |
| CN104468746A (en) * | 2014-11-23 | 2015-03-25 | 国云科技股份有限公司 | Method for realizing distributed virtual networks applicable to cloud platform |
| US20160094364A1 (en) * | 2014-09-30 | 2016-03-31 | Nicira, Inc. | Virtual Distributed Bridging |
| CN106209563A (en) * | 2016-08-07 | 2016-12-07 | 付宏伟 | A kind of cloud computing platform network virtualization implementation method and accordingly plug-in unit and agency |
| CN106685787A (en) * | 2017-01-03 | 2017-05-17 | 华胜信泰信息产业发展有限公司 | Power VM virtualized network management method and device based on Open Stack |
| CN108471383A (en) * | 2018-02-08 | 2018-08-31 | 华为技术有限公司 | Message forwarding method, device and system |
| CN108494657A (en) * | 2018-04-08 | 2018-09-04 | 苏州云杉世纪网络科技有限公司 | OpenStack cloud platform virtual probe mirror methods based on Open vSwitch |
| CN110290045A (en) * | 2019-07-16 | 2019-09-27 | 北京计算机技术及应用研究所 | A kind of soft or hard binding model construction method in cloud framework lower network target range |
| CN110851238A (en) * | 2019-11-13 | 2020-02-28 | 浪潮云信息技术有限公司 | Implementation method of openstack fully-distributed dhcp service |
-
2020
- 2020-08-24 CN CN202010856949.7A patent/CN111970199A/en active Pending
Patent Citations (10)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20100067374A1 (en) * | 2008-09-12 | 2010-03-18 | Cisco Technology, Inc., A Corporation Of California | Reducing Flooding in a Bridged Network |
| US20130058334A1 (en) * | 2010-07-06 | 2013-03-07 | Teemu Koponen | Packet processing in a network with hierarchical managed switching elements |
| US20160094364A1 (en) * | 2014-09-30 | 2016-03-31 | Nicira, Inc. | Virtual Distributed Bridging |
| CN104468746A (en) * | 2014-11-23 | 2015-03-25 | 国云科技股份有限公司 | Method for realizing distributed virtual networks applicable to cloud platform |
| CN106209563A (en) * | 2016-08-07 | 2016-12-07 | 付宏伟 | A kind of cloud computing platform network virtualization implementation method and accordingly plug-in unit and agency |
| CN106685787A (en) * | 2017-01-03 | 2017-05-17 | 华胜信泰信息产业发展有限公司 | Power VM virtualized network management method and device based on Open Stack |
| CN108471383A (en) * | 2018-02-08 | 2018-08-31 | 华为技术有限公司 | Message forwarding method, device and system |
| CN108494657A (en) * | 2018-04-08 | 2018-09-04 | 苏州云杉世纪网络科技有限公司 | OpenStack cloud platform virtual probe mirror methods based on Open vSwitch |
| CN110290045A (en) * | 2019-07-16 | 2019-09-27 | 北京计算机技术及应用研究所 | A kind of soft or hard binding model construction method in cloud framework lower network target range |
| CN110851238A (en) * | 2019-11-13 | 2020-02-28 | 浪潮云信息技术有限公司 | Implementation method of openstack fully-distributed dhcp service |
Non-Patent Citations (1)
| Title |
|---|
| 胡章丰: ""Neutron的dvr模式下br-int桥二、三层流量泛洪问题分析"", 《CSDN》 * |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US11095558B2 (en) | ASIC for routing a packet | |
| WO2021063232A1 (en) | Method, apparatus and system for establishing bier forwarding table entry | |
| US9929940B2 (en) | Update of MAC routes in EVPN single-active topology | |
| EP3070895B1 (en) | Encapsulation method and system for flow identifier | |
| US10855584B2 (en) | Client-equipment-peering virtual route controller | |
| CN109474507B (en) | Message forwarding method and device | |
| US10305806B2 (en) | Data packet transmission method and border routing bridge device | |
| US7920464B2 (en) | Method of redundancy of ring network | |
| US8929366B2 (en) | Method and apparatus for transporting packets with specific traffic flows having strict packet ordering requirements over a network using multipath techniques | |
| CN115277305A (en) | Network management method, device, equipment and machine readable storage medium | |
| CN109286563B (en) | Data transmission control method and device | |
| US20210385158A1 (en) | Communication apparatus and communication method | |
| CN106911547B (en) | Message forwarding method and device | |
| CN115695279A (en) | Segment route SRv6 communication method based on version 6 internet protocol | |
| CN108512737B (en) | Data center IP layer interconnection method and SDN controller | |
| KR20220160639A (en) | Message interaction methods, devices, facilities and storage media | |
| CN114598635A (en) | Message transmission method and device | |
| CN107770061B (en) | Method and equipment for forwarding message | |
| US8634306B2 (en) | Systems and methods for implementing service operation, administration, and management for hairpinned ethernet services | |
| CN107579899B (en) | Access method and device for realizing VLAN (virtual local area network) isolation in VPLS (virtual private LAN service) | |
| CN111970199A (en) | Implementation method for improving virtual machine network performance in openstack dvr mode | |
| US20230081052A1 (en) | Method and apparatus for sending multicast packet | |
| CN101316239B (en) | Method for controlling access and forwarding in virtual special LAN service network | |
| CN102801618B (en) | A kind of method and device determining three layer data paths in ethernet ring network | |
| CN113366804A (en) | Method and system for preventing micro-loops during network topology changes |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| RJ01 | Rejection of invention patent application after publication |
Application publication date: 20201120 |
|
| RJ01 | Rejection of invention patent application after publication |