CN113162836A - Virtual local area network communication method and device, cloud server, medium and electronic equipment - Google Patents

Virtual local area network communication method and device, cloud server, medium and electronic equipment Download PDF

Info

Publication number
CN113162836A
CN113162836A CN202110450168.2A CN202110450168A CN113162836A CN 113162836 A CN113162836 A CN 113162836A CN 202110450168 A CN202110450168 A CN 202110450168A CN 113162836 A CN113162836 A CN 113162836A
Authority
CN
China
Prior art keywords
message
vni
vpc
user
virtual machine
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN202110450168.2A
Other languages
Chinese (zh)
Other versions
CN113162836B (en
Inventor
苏赛
董君
贾乘
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Beijing Volcano Engine Technology Co Ltd
Original Assignee
Beijing ByteDance Network Technology Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Beijing ByteDance Network Technology Co Ltd filed Critical Beijing ByteDance Network Technology Co Ltd
Priority to CN202110450168.2A priority Critical patent/CN113162836B/en
Publication of CN113162836A publication Critical patent/CN113162836A/en
Application granted granted Critical
Publication of CN113162836B publication Critical patent/CN113162836B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L12/00Data switching networks
    • H04L12/28Data switching networks characterised by path configuration, e.g. LAN [Local Area Networks] or WAN [Wide Area Networks]
    • H04L12/46Interconnection of networks
    • H04L12/4641Virtual LANs, VLANs, e.g. virtual private networks [VPN]
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F9/00Arrangements for program control, e.g. control units
    • G06F9/06Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
    • G06F9/44Arrangements for executing specific programs
    • G06F9/455Emulation; Interpretation; Software simulation, e.g. virtualisation or emulation of application or operating system execution engines
    • G06F9/45533Hypervisors; Virtual machine monitors
    • G06F9/45558Hypervisor-specific management and integration aspects
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/10Protocols in which an application is distributed across nodes in the network
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F9/00Arrangements for program control, e.g. control units
    • G06F9/06Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
    • G06F9/44Arrangements for executing specific programs
    • G06F9/455Emulation; Interpretation; Software simulation, e.g. virtualisation or emulation of application or operating system execution engines
    • G06F9/45533Hypervisors; Virtual machine monitors
    • G06F9/45558Hypervisor-specific management and integration aspects
    • G06F2009/45595Network integration; Enabling network access in virtual machine instances

Abstract

The disclosure relates to a method and a device for virtual local area network communication, a cloud server, a medium and electronic equipment, which belong to the technical field of computers, can simply and conveniently realize communication between public services and different user VPCs, and keep isolation of user VPC networks. A method for virtual local area network connectivity, comprising: receiving a message from a virtual machine of a cloud server or a virtual machine of a Virtual Private Cloud (VPC) of a user; acquiring a virtual extensible local area network (VNI) of the VPC from the message; and sending the message to a corresponding destination based on the VNI of the user VPC.

Description

Virtual local area network communication method and device, cloud server, medium and electronic equipment
Technical Field
The present disclosure relates to the field of computer technologies, and in particular, to a method and an apparatus for communicating virtual local area networks, a cloud server, a medium, and an electronic device.
Background
In a cloud service scenario, public services typically provide services to the outside through 100.64.0.0/10. One common implementation is that the segment 100.64.0.0/10 exists as a subnet, created by default in each user Virtual Private Cloud (VPC). When it is desired to provide a certain public service, it is necessary to apply for a logical port at each user VPC, thereby assigning a 100.64 Internet Protocol (IP) address. When a new user VPC is added, a new application for the logical port is required. This mode increases the complexity of the system. When the number of the user VPCs is large, the maintenance complexity is greatly increased.
Disclosure of Invention
This summary is provided to introduce a selection of concepts in a simplified form that are further described below in the detailed description. This summary is not intended to identify key features or essential features of the claimed subject matter, nor is it intended to be used to limit the scope of the claimed subject matter.
In a first aspect, the present disclosure provides a method for vlan traffic, including: receiving a message from a virtual machine of a cloud server or a virtual machine of a Virtual Private Cloud (VPC) of a user; acquiring a virtual extensible local area network (VNI) of the VPC from the message; and sending the message to a corresponding destination based on the VNI of the user VPC.
In a second aspect, an apparatus for vlan is provided, including: the receiving module is used for receiving messages from a virtual machine of a cloud server or a virtual machine of a Virtual Private Cloud (VPC) of a user; an obtaining module, configured to obtain, from the packet, a virtual extended local area network identifier VNI of the user VPC; and the sending module is used for sending the message to a corresponding destination based on the VNI of the user VPC.
In a third aspect, a cloud server is provided, including: means for virtual local area network connectivity configured to perform the method steps according to a first embodiment of the present disclosure; and the MAC address of the network card sub-interface of each virtual machine is respectively distributed to each user VPC according to the VNI of each user VPC.
In a fourth aspect, the present disclosure provides a computer readable medium having stored thereon a computer program which, when executed by a processing apparatus, performs the steps of the method of the first aspect of the present disclosure.
In a fifth aspect, the present disclosure provides an electronic device comprising: a storage device having a computer program stored thereon; processing means for executing the computer program in the storage means to implement the steps of the method of the first aspect of the present disclosure.
By adopting the technical scheme, the VNI of the VPC of the user is firstly obtained from the received message, and then the message is sent to the corresponding destination based on the obtained VNI of the VPC of the user, so that the communication between the public service and the VPCs of different users can be simply and conveniently realized (namely, the one-to-many interconnection and intercommunication capability of the VPCs is realized), the network communication requirement of the public resource on the cloud for providing services for the VPCs of different users is met, the isolation of the VPC network of the user can be kept, and the maintenance complexity can be greatly reduced in the scene of more VPCs of the user.
Additional features and advantages of the disclosure will be set forth in the detailed description which follows.
Drawings
The above and other features, advantages and aspects of various embodiments of the present disclosure will become more apparent by referring to the following detailed description when taken in conjunction with the accompanying drawings. Throughout the drawings, the same or similar reference numbers refer to the same or similar elements. It should be understood that the drawings are schematic and that elements and features are not necessarily drawn to scale. In the drawings:
fig. 1 is a flow chart of a method for vlan connectivity according to one embodiment of the present disclosure.
Fig. 2 shows a flow of a method for virtual local area network connectivity in the form of a flow table.
Fig. 3 is a schematic block diagram of an apparatus for vlan connectivity according to an embodiment of the present disclosure.
Fig. 4 is a schematic block diagram of a cloud server according to an embodiment of the present disclosure.
Fig. 5 is a schematic structural diagram of an electronic device according to an embodiment of the present disclosure.
Detailed Description
Embodiments of the present disclosure will be described in more detail below with reference to the accompanying drawings. While certain embodiments of the present disclosure are shown in the drawings, it is to be understood that the present disclosure may be embodied in various forms and should not be construed as limited to the embodiments set forth herein, but rather are provided for a more thorough and complete understanding of the present disclosure. It should be understood that the drawings and embodiments of the disclosure are for illustration purposes only and are not intended to limit the scope of the disclosure.
It should be understood that the various steps recited in the method embodiments of the present disclosure may be performed in a different order, and/or performed in parallel. Moreover, method embodiments may include additional steps and/or omit performing the illustrated steps. The scope of the present disclosure is not limited in this respect.
The term "include" and variations thereof as used herein are open-ended, i.e., "including but not limited to". The term "based on" is "based, at least in part, on". The term "one embodiment" means "at least one embodiment"; the term "another embodiment" means "at least one additional embodiment"; the term "some embodiments" means "at least some embodiments". Relevant definitions for other terms will be given in the following description.
It should be noted that the terms "first", "second", and the like in the present disclosure are only used for distinguishing different devices, modules or units, and are not used for limiting the order or interdependence relationship of the functions performed by the devices, modules or units.
It is noted that references to "a", "an", and "the" modifications in this disclosure are intended to be illustrative rather than limiting, and that those skilled in the art will recognize that "one or more" may be used unless the context clearly dictates otherwise.
The names of messages or information exchanged between devices in the embodiments of the present disclosure are for illustrative purposes only, and are not intended to limit the scope of the messages or information.
Fig. 1 is a flow chart of a method for vlan connectivity according to one embodiment of the present disclosure. As shown in fig. 1, the method includes the following steps S11 to S13.
In step S11, a message from the virtual machine of the cloud server or the virtual machine of the user VPC is received.
Generally, in a cloud service scenario, if a user VPC wishes to obtain a certain cloud service from a cloud server, the user VPC sends a message to the cloud server to request to provide the cloud service, and the cloud server provides the requested cloud service by a corresponding virtual machine on the cloud server after receiving the request message.
In step S12, a Virtual Extensible Local Area Network (VXLAN) Network Identifier (VXLAN Network Identifier, VNI) of the user VPC is obtained from the message.
A plurality of virtual machines are typically deployed on a cloud server. The Network card in the Virtual machine is in a trunk form, and Network card sub-interfaces are established on the Network card, and the Network card sub-interfaces are Media Access Control (MAC) - (Virtual Local Area Network, VLAN) type interfaces.
These network card sub-interfaces are allocated to the respective user VPCs according to the VNI of the respective user VPC. For example, a first network card subinterface may be assigned to a first user VPC having a first VNI, a second network card subinterface may be assigned to a second user VPC having a second VNI, and so on. The corresponding relation between the network card sub-interface and the user VPC is established based on the VNI of the user VPC, so that the request message of the first user VPC is transmitted to the first network card sub-interface, the request message of the second user VPC is transmitted to the second network card sub-interface, and the like, namely, the one-to-many interconnection and intercommunication capability of the VPC can be provided on the premise of keeping the VPC network isolation.
In an embodiment, in the case that the packet is sent from the virtual machine of the cloud server to the virtual machine of the user VPC, then, acquiring the VNI of the user VPC from the packet may be implemented by acquiring the VNI of the user VPC from a source MAC address in the packet, where the source MAC address is a MAC address constructed by the VNI of the user VPC. For example, the source MAC address may be of the form: 00 … 00(24bits) + VNI (24bits) - > MAC (48 bits).
In one embodiment, in the case that the message is sent from the virtual machine of the user VPC to the virtual machine of the cloud server, the VNI of the user VPC may be obtained from a vxlan message from the user VPC.
In step S13, based on the obtained VNI of the user VPC, the message is sent to the corresponding destination.
In an embodiment, when the packet is sent from the virtual machine of the user VPC to the virtual machine of the cloud server, the packet may be forwarded to the network card sub-interface corresponding to the VNI of the user VPC according to the obtained VNI of the user VPC based on a correspondence between the network card sub-interface of the virtual machine of the cloud server and the VNI of each user VPC, and the forwarded packet carries the obtained VNI of the user VPC.
For example, assuming that a first network card subinterface is assigned to a first user VPC having a first VNI and a second network card subinterface is assigned to a second user VPC having a second VNI, if the VNI of the user VPC acquired in step S12 is the VNI of the first user VPC, the message is forwarded to the first network card subinterface in step S13, and the acquired VNI of the first user VPC is carried in the forwarded message.
In another embodiment, in the case that the packet is sent from the virtual machine of the cloud server to the virtual machine of the user VPC, the VNI of the user VPC may be obtained from the source MAC of the packet, and it is determined to which user VPC the packet needs to be sent according to the VNI.
By adopting the technical scheme, the VNI of the VPC of the user is firstly obtained from the received message, and then the message is sent to the corresponding destination based on the obtained VNI of the VPC of the user, so that the communication between the public service and the VPCs of different users can be simply and conveniently realized (namely, the one-to-many interconnection and intercommunication capability of the VPCs is realized), the network communication requirement that the public resource on the cloud provides services for the VPCs of different users is met, the isolation of the VPC network of the user can be kept, and the maintenance complexity can be greatly reduced under the scene that the VPCs of the users are large in number.
Next, the method for virtual local area network connectivity according to the embodiment of the present disclosure is described in detail in terms of two processes of sending a message from a virtual machine of a user VPC to a virtual machine of a cloud server and sending a message from a virtual machine of a cloud server to a virtual machine of a user VPC.
First, a process of sending a message from a virtual machine of a user VPC to a virtual machine of a cloud server is described. The flow may be implemented in the form of a flow table or other form. Fig. 2 shows the flow in the form of a flow table.
When a user VPC wants a cloud server to provide a certain cloud service, a virtual machine of the user VPC sends a message (for example, a message in the form of vxlan) to a virtual machine of the cloud server, where the message carries a VNI of the user VPC.
Then, after receiving the packet, the device for vlan connectivity on the cloud server (e.g., a vtep interface in fig. 2) forwards the packet to the flow table 0, after determining that the packet needs to be forwarded to the virtual machine of the cloud server, the flow table 0 forwards the packet to the flow table 100, then the flow table 100 determines whether the destination IP in the packet belongs to the public service network segment, for example, determines whether the destination IP belongs to the range of 100.64.0.0/10 subnet, and further determines whether the source IP in the packet is not in the public service network segment, that is, not in the range of 100.64.0.0/10 subnet, if both are yes, it indicates that the packet is originated from the user VPC and needs to be sent to the virtual machine of the cloud server, and then the flow table 100 obtains the VNI of the user VPC that sent the packet.
Then, after acquiring the VNI of the user VPC, the flow table 100 determines, based on a correspondence between the VNI of the user VPC and a network card subinterface of a virtual machine of the cloud server, to which network card subinterface the message is sent, forwards the message to the network card subinterface corresponding to the VNI of the user VPC based on the determination, and carries the VNI of the user VPC sending the message in the forwarded message, for example, forwards the message after modifying a destination MAC address in the message to a MAC address constructed by the VNI of the user VPC.
Then, after receiving the message through the corresponding network card sub-interface, the corresponding virtual machine on the cloud server determines whether the message is from the user VPC or from another virtual machine on the cloud server according to whether the message carries the VNI of the user VPC, if the message carries the VNI of the user VPC, the message is from the user VPC and can determine which user VPC the message comes from based on the carried VNI, and if the message does not carry the VNI, the message is from another virtual machine on the cloud server.
Through the process, the communication between the public service and different user VPCs is simply and conveniently realized, the isolation of the user VPC network is kept, and the maintenance complexity can be greatly reduced under the scene that the number of the user VPCs is large.
Next, a flow of sending a packet from a virtual machine on a cloud server to a virtual machine of a user VPC is described, with reference to the flow table flow of fig. 2 as well.
Under the condition that a virtual machine on a cloud server needs to send a message to a virtual machine of a user VPC, the virtual machine on the cloud server uses a VNI of the user VPC to construct a source MAC address, carries the source MAC address in the message, and sends the message to a device for virtual local area network communication on the cloud server through a network card sub-interface corresponding to the VNI of the user VPC.
Then, after receiving the message (e.g., received by the flow table 0 in fig. 2), the apparatus for vlan traffic determines that the message is from the virtual machine of the cloud server, and forwards the message to the flow table 59. Then, the flow table 59 will determine whether the source IP in the message is located in the public service network segment, that is, whether the source IP is located in the 100.64.0.0/10 subnet range, and will also determine whether the source MAC address in the message is a MAC address constructed by using the VNI of the user VPC, if the source IP is located in a common service network segment and the source MAC address is a MAC address constructed using the VNI of the user VPC, it is stated that the message is sent from the virtual machine of the cloud server and needs to be sent to the virtual machine of the user VPC, flow table 60 will continue to determine whether the destination IP in the message is located within the common service network segment, if so, flow table 65 will modify the destination MAC address in the message to the MAC address of the destination virtual machine of the destination user VPC, the flow table 75 will then modify the VNI of the packet to the VNI of the user VPC and send the modified packet to the destination virtual machine of the destination user VPC through the vtep port.
Through the process, by means of the corresponding relation between the network card sub-interface of the virtual machine of the cloud server and the VNI of the VPC of the user, communication between the public service and different VPCs is simply and conveniently achieved, isolation of the VPC network of the user is kept, and the complexity of maintenance can be greatly reduced under the condition that the VPC number of the user is large.
Fig. 3 is a schematic block diagram of an apparatus for vlan connectivity according to an embodiment of the present disclosure. As shown in fig. 3, the apparatus includes: a receiving module 21, configured to receive a message from a virtual machine of a cloud server or from a virtual private cloud VPC of a user; an obtaining module 22, configured to obtain a VNI of the user VPC from the packet; and a sending module 23, configured to send the packet to a corresponding destination based on the obtained VNI of the user VPC.
By adopting the technical scheme, the VNI of the VPC of the user is firstly obtained from the received message, and then the message is sent to the corresponding destination based on the obtained VNI of the VPC of the user, so that the communication between the public service and the VPCs of different users can be simply and conveniently realized (namely, the one-to-many interconnection and intercommunication capability of the VPCs is realized), the network communication requirement of the public resource on the cloud for providing services for the VPCs of different users is met, the isolation of the VPC network of the user can be kept, and the maintenance complexity can be greatly reduced in the scene of more VPCs of the user.
Optionally, in a case that the packet is from a virtual machine of a cloud server, the obtaining module 22 is further configured to: judging whether a source IP in the message is positioned in a public service network segment and whether a source MAC address in the message is a MAC address constructed by the VNI; and extracting the VNI of the user VPC from the source MAC address if the source IP in the message is located in the public service network segment and the source MAC address in the message is a MAC address constructed by the VNI of the user VPC.
Optionally, the sending the packet to a corresponding destination based on the VNI of the user VPC includes: judging whether the destination IP in the message is positioned in the public service network segment; under the condition that the destination IP is positioned in the public service network segment, modifying the destination MAC address in the message into the MAC address of a destination virtual machine of a destination user VPC; and modifying the VNI of the message into the VNI of the user VPC and sending the modified message to the target virtual machine of the user VPC.
Optionally, when the packet is from a virtual machine of a user VPC, acquiring a virtual extension local area network identifier VNI of the user VPC from the packet includes: judging whether the destination IP in the message is positioned in a public service network segment or not and whether the source IP in the message is not positioned in the public service network segment or not; and under the condition that the destination IP in the message is positioned in a public service network segment and the source IP in the message is not positioned in the public service network segment, extracting the VNI of the VPC of the user from the message.
Optionally, the sending the packet to a corresponding destination based on the VNI of the user VPC includes: modifying the destination MAC address in the message into a MAC address constructed by the VNI of the user VPC based on the VNI of the user VPC; and sending the message to a virtual machine of the cloud server corresponding to the VNI of the user VPC based on the constructed MAC address.
Optionally, the first 24bits of the MAC address constructed by the VNI of the user VPC are 0, and the second 24bits are the VNI of the user VPC.
Fig. 4 is a schematic block diagram of a cloud server according to an embodiment of the present disclosure. As shown in fig. 4, the cloud server includes: multiple virtual machines 311~31nThe MAC address of the network card sub-interface of each virtual machine is respectively allocated to each user VPC according to the VNI of each user VPC; the apparatus 32 for vlan connectivity is configured to perform the steps of the method for vlan connectivity according to the embodiments of the present disclosure.
By adopting the technical scheme, the VNI of the VPC of the user is obtained from the received message, the network card sub-interfaces of the network cards of the virtual machines are respectively distributed to the VPCs of the users according to the VNI of the VPCs of the users, and then the message is sent to the corresponding destination based on the obtained VNI of the VPCs of the users, so that the communication between the public service and the VPCs of different users can be simply and conveniently realized (namely, the one-to-many interconnection and intercommunication capability of the VPCs is realized), the network communication method is suitable for the network communication requirement of the public resources on the cloud for providing services for the VPCs of different users, and the isolation of the VPC networks of the users can be kept, so that the complexity of maintenance can be greatly reduced under the scene that the VPCs of the users are more.
Optionally, the network card sub-interface is located on a network card, and the network card is in a trunk form.
Optionally, the network card sub-interface is an MAC-VLAN type interface.
Referring now to FIG. 5, a block diagram of an electronic device 600 suitable for use in implementing embodiments of the present disclosure is shown. The terminal device in the embodiments of the present disclosure may include, but is not limited to, a mobile terminal such as a mobile phone, a notebook computer, a digital broadcast receiver, a PDA (personal digital assistant), a PAD (tablet computer), a PMP (portable multimedia player), a vehicle terminal (e.g., a car navigation terminal), and the like, and a stationary terminal such as a digital TV, a desktop computer, and the like. The electronic device shown in fig. 5 is only an example, and should not bring any limitation to the functions and the scope of use of the embodiments of the present disclosure.
As shown in fig. 5, electronic device 600 may include a processing means (e.g., central processing unit, graphics processor, etc.) 601 that may perform various appropriate actions and processes in accordance with a program stored in a Read Only Memory (ROM)602 or a program loaded from a storage means 608 into a Random Access Memory (RAM) 603. In the RAM 603, various programs and data necessary for the operation of the electronic apparatus 600 are also stored. The processing device 601, the ROM 602, and the RAM 603 are connected to each other via a bus 604. An input/output (I/O) interface 605 is also connected to bus 604.
Generally, the following devices may be connected to the I/O interface 605: input devices 606 including, for example, a touch screen, touch pad, keyboard, mouse, camera, microphone, accelerometer, gyroscope, etc.; output devices 607 including, for example, a Liquid Crystal Display (LCD), a speaker, a vibrator, and the like; storage 608 including, for example, tape, hard disk, etc.; and a communication device 609. The communication means 609 may allow the electronic device 600 to communicate with other devices wirelessly or by wire to exchange data. While fig. 5 illustrates an electronic device 600 having various means, it is to be understood that not all illustrated means are required to be implemented or provided. More or fewer devices may alternatively be implemented or provided.
In particular, according to an embodiment of the present disclosure, the processes described above with reference to the flowcharts may be implemented as computer software programs. For example, embodiments of the present disclosure include a computer program product comprising a computer program carried on a non-transitory computer readable medium, the computer program containing program code for performing the method illustrated by the flow chart. In such an embodiment, the computer program may be downloaded and installed from a network via the communication means 609, or may be installed from the storage means 608, or may be installed from the ROM 602. The computer program, when executed by the processing device 601, performs the above-described functions defined in the methods of the embodiments of the present disclosure.
It should be noted that the computer readable medium in the present disclosure can be a computer readable signal medium or a computer readable storage medium or any combination of the two. A computer readable storage medium may be, for example, but not limited to, an electronic, magnetic, optical, electromagnetic, infrared, or semiconductor system, apparatus, or device, or any combination of the foregoing. More specific examples of the computer readable storage medium may include, but are not limited to: an electrical connection having one or more wires, a portable computer diskette, a hard disk, a Random Access Memory (RAM), a read-only memory (ROM), an erasable programmable read-only memory (EPROM or flash memory), an optical fiber, a portable compact disc read-only memory (CD-ROM), an optical storage device, a magnetic storage device, or any suitable combination of the foregoing. In the present disclosure, a computer readable storage medium may be any tangible medium that can contain, or store a program for use by or in connection with an instruction execution system, apparatus, or device. In contrast, in the present disclosure, a computer readable signal medium may comprise a propagated data signal with computer readable program code embodied therein, either in baseband or as part of a carrier wave. Such a propagated data signal may take many forms, including, but not limited to, electro-magnetic, optical, or any suitable combination thereof. A computer readable signal medium may also be any computer readable medium that is not a computer readable storage medium and that can communicate, propagate, or transport a program for use by or in connection with an instruction execution system, apparatus, or device. Program code embodied on a computer readable medium may be transmitted using any appropriate medium, including but not limited to: electrical wires, optical cables, RF (radio frequency), etc., or any suitable combination of the foregoing.
In some embodiments, the clients, servers may communicate using any currently known or future developed network Protocol, such as HTTP (HyperText Transfer Protocol), and may interconnect with any form or medium of digital data communication (e.g., a communications network). Examples of communication networks include a local area network ("LAN"), a wide area network ("WAN"), the Internet (e.g., the Internet), and peer-to-peer networks (e.g., ad hoc peer-to-peer networks), as well as any currently known or future developed network.
The computer readable medium may be embodied in the electronic device; or may exist separately without being assembled into the electronic device.
The computer readable medium carries one or more programs which, when executed by the electronic device, cause the electronic device to: receiving a message from a virtual machine of a cloud server or a virtual machine of a Virtual Private Cloud (VPC) of a user; acquiring a virtual extensible local area network (VNI) of the VPC from the message; and sending the message to a corresponding destination based on the VNI of the user VPC.
Computer program code for carrying out operations for the present disclosure may be written in any combination of one or more programming languages, including but not limited to an object oriented programming language such as Java, Smalltalk, C + +, and conventional procedural programming languages, such as the "C" programming language or similar programming languages. The program code may execute entirely on the user's computer, partly on the user's computer, as a stand-alone software package, partly on the user's computer and partly on a remote computer or entirely on the remote computer or server. In the case of a remote computer, the remote computer may be connected to the user's computer through any type of network, including a Local Area Network (LAN) or a Wide Area Network (WAN), or the connection may be made to an external computer (for example, through the Internet using an Internet service provider).
The flowchart and block diagrams in the figures illustrate the architecture, functionality, and operation of possible implementations of systems, methods and computer program products according to various embodiments of the present disclosure. In this regard, each block in the flowchart or block diagrams may represent a module, segment, or portion of code, which comprises one or more executable instructions for implementing the specified logical function(s). It should also be noted that, in some alternative implementations, the functions noted in the block may occur out of the order noted in the figures. For example, two blocks shown in succession may, in fact, be executed substantially concurrently, or the blocks may sometimes be executed in the reverse order, depending upon the functionality involved. It will also be noted that each block of the block diagrams and/or flowchart illustration, and combinations of blocks in the block diagrams and/or flowchart illustration, can be implemented by special purpose hardware-based systems which perform the specified functions or acts, or combinations of special purpose hardware and computer instructions.
The modules described in the embodiments of the present disclosure may be implemented by software or hardware. Wherein the name of a module in some cases does not constitute a limitation on the module itself.
The functions described herein above may be performed, at least in part, by one or more hardware logic components. For example, without limitation, exemplary types of hardware logic components that may be used include: field Programmable Gate Arrays (FPGAs), Application Specific Integrated Circuits (ASICs), Application Specific Standard Products (ASSPs), systems on a chip (SOCs), Complex Programmable Logic Devices (CPLDs), and the like.
In the context of this disclosure, a machine-readable medium may be a tangible medium that can contain, or store a program for use by or in connection with an instruction execution system, apparatus, or device. The machine-readable medium may be a machine-readable signal medium or a machine-readable storage medium. A machine-readable medium may include, but is not limited to, an electronic, magnetic, optical, electromagnetic, infrared, or semiconductor system, apparatus, or device, or any suitable combination of the foregoing. More specific examples of a machine-readable storage medium would include an electrical connection based on one or more wires, a portable computer diskette, a hard disk, a Random Access Memory (RAM), a read-only memory (ROM), an erasable programmable read-only memory (EPROM or flash memory), an optical fiber, a portable compact disc read-only memory (CD-ROM), an optical storage device, a magnetic storage device, or any suitable combination of the foregoing.
Example 1 provides, in accordance with one or more embodiments of the present disclosure, a method for virtual local area network connectivity, comprising: receiving a message from a virtual machine of a cloud server or a virtual machine of a Virtual Private Cloud (VPC) of a user; acquiring a virtual extensible local area network (VNI) of the VPC from the message; and sending the message to a corresponding destination based on the VNI of the user VPC.
In accordance with one or more embodiments of the present disclosure, example 2 provides the method of example 1, where in a case that the packet is from a virtual machine of the cloud server, the obtaining, from the packet, a virtual extended local area network identity (VNI) of the user VPC includes: judging whether a source IP in the message is positioned in a public service network segment and whether a source MAC address in the message is a MAC address constructed by the VNI; and extracting the VNI of the user VPC from the source MAC address if the source IP in the message is located in the public service network segment and the source MAC address in the message is a MAC address constructed by the VNI of the user VPC.
Example 3 provides the method of example 2, wherein the sending the message to a corresponding destination based on the VNI of the user VPC, includes: judging whether the destination IP in the message is positioned in the public service network segment; under the condition that the destination IP is positioned in the public service network segment, modifying the destination MAC address in the message into the MAC address of a destination virtual machine of a destination user VPC; and modifying the VNI of the message into the VNI of the user VPC and sending the modified message to the target virtual machine of the user VPC.
Example 4 provides the method of example 1, wherein, in a case that the packet is from a virtual machine of the user VPC, acquiring a virtual extended local area network identity VNI of the user VPC from the packet, includes: judging whether the destination IP in the message is positioned in a public service network segment or not and whether the source IP in the message is not positioned in the public service network segment or not; and under the condition that the destination IP in the message is positioned in a public service network segment and the source IP in the message is not positioned in the public service network segment, extracting the VNI of the VPC of the user from the message.
Example 5 provides the method of example 4, wherein the sending the message to a corresponding destination based on the VNI of the user VPC, includes: modifying the destination MAC address in the message into a MAC address constructed by the VNI of the user VPC based on the VNI of the user VPC; and sending the message to a virtual machine of the cloud server corresponding to the VNI of the user VPC based on the constructed MAC address.
Example 6 provides the method of example 2 or 5, wherein the first 24bits of the MAC address constructed with the VNI of the subscriber VPC are 0, and the last 24bits are the VNI of the subscriber VPC.
The foregoing description is only exemplary of the preferred embodiments of the disclosure and is illustrative of the principles of the technology employed. It will be appreciated by those skilled in the art that the scope of the disclosure herein is not limited to the particular combination of features described above, but also encompasses other embodiments in which any combination of the features described above or their equivalents does not depart from the spirit of the disclosure. For example, the above features and (but not limited to) the features disclosed in this disclosure having similar functions are replaced with each other to form the technical solution.
Further, while operations are depicted in a particular order, this should not be understood as requiring that such operations be performed in the particular order shown or in sequential order. Under certain circumstances, multitasking and parallel processing may be advantageous. Likewise, while several specific implementation details are included in the above discussion, these should not be construed as limitations on the scope of the disclosure. Certain features that are described in the context of separate embodiments can also be implemented in combination in a single embodiment. Conversely, various features that are described in the context of a single embodiment can also be implemented in multiple embodiments separately or in any suitable subcombination.
Although the subject matter has been described in language specific to structural features and/or methodological acts, it is to be understood that the subject matter defined in the appended claims is not necessarily limited to the specific features or acts described above. Rather, the specific features and acts described above are disclosed as example forms of implementing the claims. With regard to the apparatus in the above-described embodiment, the specific manner in which each module performs the operation has been described in detail in the embodiment related to the method, and will not be elaborated here.

Claims (12)

1. A method for virtual local area network connectivity, comprising:
receiving a message from a virtual machine of a cloud server or a virtual machine of a Virtual Private Cloud (VPC) of a user;
acquiring a virtual extensible local area network (VNI) of the VPC from the message;
and sending the message to a corresponding destination based on the VNI of the user VPC.
2. The method according to claim 1, wherein, in a case that the packet is from a virtual machine of the cloud server, the obtaining, from the packet, a virtual extended local area network identity (VNI) of the user VPC comprises:
judging whether a source IP in the message is positioned in a public service network segment and whether a source MAC address in the message is a MAC address constructed by the VNI;
and extracting the VNI of the user VPC from the source MAC address if the source IP in the message is located in the public service network segment and the source MAC address in the message is a MAC address constructed by the VNI of the user VPC.
3. The method of claim 2, wherein the sending the message to the corresponding destination based on the VNI of the user VPC comprises:
judging whether the destination IP in the message is positioned in the public service network segment;
under the condition that the destination IP is positioned in the public service network segment, modifying the destination MAC address in the message into the MAC address of a destination virtual machine of a destination user VPC;
and modifying the VNI of the message into the VNI of the user VPC and sending the modified message to the target virtual machine of the user VPC.
4. The method according to claim 1, wherein, in a case that the packet is from a virtual machine of the user VPC, acquiring a virtual extended local area network identity VNI of the user VPC from the packet, comprises:
judging whether the destination IP in the message is positioned in a public service network segment or not and whether the source IP in the message is not positioned in the public service network segment or not;
and under the condition that the destination IP in the message is positioned in a public service network segment and the source IP in the message is not positioned in the public service network segment, extracting the VNI of the VPC of the user from the message.
5. The method of claim 4, wherein the sending the message to the corresponding destination based on the VNI of the user VPC comprises:
modifying the destination MAC address in the message into a MAC address constructed by the VNI of the user VPC based on the VNI of the user VPC;
and sending the message to a virtual machine of the cloud server corresponding to the VNI of the user VPC based on the constructed MAC address.
6. Method according to claim 2 or 5, characterized in that the first 24bits of the MAC address constructed with the VNI of the subscriber VPC are 0 and the last 24bits are the VNI of the subscriber VPC.
7. An apparatus for virtual local area network connectivity, comprising:
the receiving module is used for receiving messages from a virtual machine of a cloud server or a virtual machine of a Virtual Private Cloud (VPC) of a user;
an obtaining module, configured to obtain, from the packet, a virtual extended local area network identifier VNI of the user VPC;
and the sending module is used for sending the message to a corresponding destination based on the VNI of the user VPC.
8. A cloud server, comprising:
means for virtual local area network connectivity configured to perform the method steps of any of claims 1 to 6;
and the MAC address of the network card sub-interface of each virtual machine is respectively distributed to each user VPC according to the VNI of each user VPC.
9. The cloud server of claim 8, wherein the network card clip interface is located on a network card, and the network card is in a trunk format.
10. The cloud server of claim 8, wherein said network checkpost interface is a MAC-VLAN type interface.
11. A computer-readable medium, on which a computer program is stored, characterized in that the program, when being executed by processing means, carries out the steps of the method of any one of claims 1 to 6.
12. An electronic device, comprising:
a storage device having a computer program stored thereon;
processing means for executing the computer program in the storage means to carry out the steps of the method according to any one of claims 1 to 6.
CN202110450168.2A 2021-04-25 2021-04-25 Virtual local area network communication method and device, cloud server, medium and electronic equipment Active CN113162836B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202110450168.2A CN113162836B (en) 2021-04-25 2021-04-25 Virtual local area network communication method and device, cloud server, medium and electronic equipment

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202110450168.2A CN113162836B (en) 2021-04-25 2021-04-25 Virtual local area network communication method and device, cloud server, medium and electronic equipment

Publications (2)

Publication Number Publication Date
CN113162836A true CN113162836A (en) 2021-07-23
CN113162836B CN113162836B (en) 2023-01-24

Family

ID=76870480

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202110450168.2A Active CN113162836B (en) 2021-04-25 2021-04-25 Virtual local area network communication method and device, cloud server, medium and electronic equipment

Country Status (1)

Country Link
CN (1) CN113162836B (en)

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN113886019A (en) * 2021-10-20 2022-01-04 北京字节跳动网络技术有限公司 Virtual machine creation method, device, system, medium and equipment
CN114285661A (en) * 2021-12-28 2022-04-05 中国银联股份有限公司 Private network access method, device, equipment and storage medium
CN113886019B (en) * 2021-10-20 2024-04-30 北京字节跳动网络技术有限公司 Virtual machine creation method, device, system, medium and equipment

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20130339949A1 (en) * 2012-06-19 2013-12-19 Bank Of America Corporation Provisioning of a Virtual Machine by Using a Secured Zone of a Cloud Environment
CN107959654A (en) * 2016-10-14 2018-04-24 北京金山云网络技术有限公司 A kind of data transmission method, device and mixing cloud system
CN108768817A (en) * 2018-05-22 2018-11-06 腾讯科技(深圳)有限公司 A kind of virtualization network constructing system, data packet sending method

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20130339949A1 (en) * 2012-06-19 2013-12-19 Bank Of America Corporation Provisioning of a Virtual Machine by Using a Secured Zone of a Cloud Environment
CN107959654A (en) * 2016-10-14 2018-04-24 北京金山云网络技术有限公司 A kind of data transmission method, device and mixing cloud system
CN108768817A (en) * 2018-05-22 2018-11-06 腾讯科技(深圳)有限公司 A kind of virtualization network constructing system, data packet sending method

Cited By (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN113886019A (en) * 2021-10-20 2022-01-04 北京字节跳动网络技术有限公司 Virtual machine creation method, device, system, medium and equipment
CN113886019B (en) * 2021-10-20 2024-04-30 北京字节跳动网络技术有限公司 Virtual machine creation method, device, system, medium and equipment
CN114285661A (en) * 2021-12-28 2022-04-05 中国银联股份有限公司 Private network access method, device, equipment and storage medium
CN114285661B (en) * 2021-12-28 2023-06-30 中国银联股份有限公司 Private network access method, device, equipment and storage medium

Also Published As

Publication number Publication date
CN113162836B (en) 2023-01-24

Similar Documents

Publication Publication Date Title
CN110177047B (en) Message sending method, device, electronic equipment and computer readable storage medium
CN114745724B (en) Access processing method and device, electronic equipment and computer readable medium
CN112311656B (en) Message aggregation and display method and device, electronic equipment and computer readable medium
US11758087B2 (en) Multimedia conference data processing method and apparatus, and electronic device
WO2023000888A1 (en) Cloud application implementing method and apparatus, electronic device, and storage medium
CN110996372B (en) Message routing method, device and system and electronic equipment
WO2021254168A1 (en) Conference control method and apparatus, readable medium and electronic device
CN110674481B (en) Account registration method, device, equipment and storage medium of application program
CN110489474B (en) Data processing method, device, medium and electronic equipment
CN113162836B (en) Virtual local area network communication method and device, cloud server, medium and electronic equipment
CN112968871A (en) Login method and device of application program, readable medium and electronic equipment
CN112306685A (en) Task isolation method and device, electronic equipment and computer readable medium
CN112995005B (en) Virtual network data exchange method and device
CN111212296B (en) Live broadcast room gift list configuration method, device, medium and electronic equipment
CN114513552A (en) Data processing method, device, equipment and storage medium
CN114979128A (en) Cross-region communication method and device and electronic equipment
CN113518183A (en) Camera calling method and device and electronic equipment
CN112947880A (en) Screen projection method and device and electronic equipment
CN111399730A (en) Image processing method, image processing device, electronic equipment and computer readable storage medium
CN112448878B (en) PPPoE transparent transmission method, PPPoE server and electronic equipment
CN117499318B (en) Cloud computing virtual network system, and use method, device, equipment and medium thereof
CN113518314B (en) Quick connection method for low-power-consumption Bluetooth and low-power-consumption Bluetooth communication system
CN113157365B (en) Program running method, program running device, electronic equipment and computer readable medium
CN111953804B (en) Network data transmission method, device, medium and electronic equipment
CN115914389A (en) Cloud service control system, method and device, electronic equipment and storage medium

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
TA01 Transfer of patent application right

Effective date of registration: 20220718

Address after: 100190 1309, 13th floor, building 4, Zijin Digital Park, Haidian District, Beijing

Applicant after: Beijing volcano Engine Technology Co.,Ltd.

Address before: 100041 B-0035, 2 floor, 3 building, 30 Shixing street, Shijingshan District, Beijing.

Applicant before: BEIJING BYTEDANCE NETWORK TECHNOLOGY Co.,Ltd.

TA01 Transfer of patent application right
GR01 Patent grant
GR01 Patent grant