CN113194020A - Virtual network interaction method and virtual network architecture - Google Patents
Virtual network interaction method and virtual network architecture Download PDFInfo
- Publication number
- CN113194020A CN113194020A CN202110567487.1A CN202110567487A CN113194020A CN 113194020 A CN113194020 A CN 113194020A CN 202110567487 A CN202110567487 A CN 202110567487A CN 113194020 A CN113194020 A CN 113194020A
- Authority
- CN
- China
- Prior art keywords
- switch
- virtual
- data
- network
- virtual switch
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L12/00—Data switching networks
- H04L12/28—Data switching networks characterised by path configuration, e.g. LAN [Local Area Networks] or WAN [Wide Area Networks]
- H04L12/46—Interconnection of networks
- H04L12/4641—Virtual LANs, VLANs, e.g. virtual private networks [VPN]
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L47/00—Traffic control in data switching networks
- H04L47/10—Flow control; Congestion control
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L49/00—Packet switching elements
- H04L49/35—Switches specially adapted for specific applications
- H04L49/354—Switches specially adapted for specific applications for supporting virtual local area networks [VLAN]
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L49/00—Packet switching elements
- H04L49/70—Virtual switches
Landscapes
- Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Security & Cryptography (AREA)
- Data Exchanges In Wide-Area Networks (AREA)
Abstract
The invention discloses a virtual network interaction method and a virtual network architecture.A controller respectively sends different control data to a public network switch, a management port and an interface switch, the interface switch sends public network data or private line data to a first virtual switch through a first network port, the first virtual switch sends the received public network data to a virtual router, and the virtual router receives the public network data and sends the public network data to a second virtual switch. The public network data and the private line data are respectively sent to the private line virtual switch and the public network switch through the first virtual switch, data interaction of a public network and a private network can be conveniently realized, different numbers of the first virtual switch, the second virtual switch, the private line virtual switch and the public network switch can be matched according to specific requirements, the use is more convenient, the forwarding and control are separated, disaster tolerance automatic switching is realized through self-contained separation, and the continuity of service is kept.
Description
Technical Field
The invention belongs to the technical field of computer networks, and particularly relates to a virtual network interaction method and a virtual network architecture.
Background
At present, the traditional network adopts a hardware switch as a switching device, and the specific data forwarding mode is as follows:
an intranet three-layer data forwarding mode:
1. data flows from the bare metal server;
2. different tenants forward to the subordinate nuclear distribution switch through the TOR switch VLAN;
3. the flow enters an vrf interface configuration gateway of the core switch, and the gateway forwards the flow according to the target IP and performs mac learning;
4. bare metal traffic is forwarded to the corresponding other server through the vrf gateway.
The public network traffic forwarding mode:
1. data flows from the bare metal server;
2. different tenants forward to the subordinate nuclear distribution switch through the TOR switch VLAN;
3. the flow enters an vrf interface configuration gateway of the core switch, and the gateway forwards the flow according to the target IP and performs mac learning;
and 4, forwarding the gateway vrf to a corresponding NAT gateway, and forwarding the gateway to the public network through the NAT gateway (the hardware switch has no NAT gateway function and can be realized only by adopting a third-party device).
The switch used by the existing virtual network architecture needs to support the virtualization function and needs the superposition of multiple switch firewall gateway devices to support the multi-tenant virtualization requirement. The control capability and the programmability are poor, the native direction programmability of hardware is poor, a system function list cannot meet changeable service requirements, and continuous upgrading along with the change of hardware internal firmware requires service interruption to realize upgrading. The flexibility of the service is poor, if nat is adopted to connect a public network, specific nat software equipment is needed to realize forwarding, the network flow charging mode is single, if separation quantity is needed, special flow software/equipment is needed to realize accurate flow of the service, and the complexity of the whole operation is improved.
Disclosure of Invention
1. Technical problem to be solved by the invention
The invention aims to solve the problems that the existing virtual network is complex in architecture and not comprehensive in function.
2. Technical scheme
In order to achieve the purpose, the technical scheme provided by the invention is as follows:
the invention discloses a virtual network interaction method.A controller respectively sends different control data to a public network switch, a management port and an interface switch, the interface switch sends public network data or private line data to a first virtual switch through a first network port, the first virtual switch sends the received public network data to a virtual router, the virtual router receives the public network data and sends the public network data to a second virtual switch, and the second virtual switch sends the public network data to the public network switch through a second network port to complete data transmission; and the first virtual switch sends the received private line data to the private line virtual switch, and the private line virtual switch sends the private line data through the private line network port to complete data transmission.
Preferably, the method further comprises switching between a main server and a standby server, and the data stored in the main server and the standby server are the same.
Preferably, the control signal sent by the controller is a parameter configuration signal.
A virtual network architecture is used for executing the method and comprises a controller, a public network switch, a management port and an interface switch, wherein the public network switch is in communication connection with the controller, the interface switch is connected with a first virtual switch through a network port, the first virtual switch is in communication connection with a second virtual switch and a special line virtual switch, the special line virtual switch transmits data through the special line network port, and the second virtual switch transmits data with the public network switch through the network port.
Preferably, a virtual router is arranged between the first virtual switch and the second virtual switch for forwarding data.
Preferably, the private line virtual switch is provided with a plurality of private line virtual switches, and the plurality of private line virtual switches correspond to a plurality of different private line network ports.
Preferably, the data sent by the interface switch is internally provided with identification information, and the first virtual switch recognizes the identification information and sends the corresponding data to the matched private line virtual switch or the second virtual switch.
Preferably, the first network port and the second network port are both provided with a flow detection module and a flow limiting module, the flow detection module is used for detecting the size of flow data transmitted by the first network port and the second network port, and the flow limiting module is used for limiting the flow transmitted by the first network port and the second network port.
3. Advantageous effects
Compared with the prior art, the technical scheme provided by the invention has the following beneficial effects:
the invention discloses a virtual network interaction method.A controller respectively sends different control data to a public network switch, a management port and an interface switch, the interface switch sends public network data or private line data to a first virtual switch through a first network port, the first virtual switch sends the received public network data to a virtual router, the virtual router receives the public network data and sends the public network data to a second virtual switch, and the second virtual switch sends the public network data to the public network switch through a second network port to complete data transmission; and the first virtual switch sends the received private line data to the private line virtual switch, and the private line virtual switch sends the private line data through the private line network port to complete data transmission. According to the method, the public network data and the private line data are respectively sent to the private line virtual switch and the public network switch through the virtual switch I, so that data interaction between a public network and a private network can be conveniently realized, different numbers of the virtual switch I, the virtual switch II, the private line virtual switch and the public network switch can be matched according to specific requirements, the use is more convenient, the forwarding and control are separated, the self-supply separation is realized, the disaster tolerance automatic switching is realized, and the continuity of service is kept. .
Drawings
Fig. 1 is a schematic structural diagram of a virtual network architecture according to the present invention.
Detailed Description
In order that the invention may be readily understood, a more complete description of the invention briefly described below will be rendered by reference to the appended drawings, which are specific to certain embodiments of the invention, however, the invention may be embodied in many different forms and is disclosed herein.
It will be understood that when an element is referred to as being "secured to" another element, it can be directly on the other element or intervening elements may also be present; when an element is referred to as being "connected" to another element, it can be directly connected to the other element or intervening elements may also be present; the terms "vertical," "horizontal," "left," "right," and the like as used herein are for illustrative purposes only.
Unless defined otherwise, all technical and scientific terms used herein have the same meaning as commonly understood by one of ordinary skill in the art to which this invention belongs; the terminology used herein in the description of the invention is for the purpose of describing particular embodiments only and is not intended to be limiting of the invention; as used herein, the term "and/or" includes any and all combinations of one or more of the associated listed items.
Example 1
Referring to fig. 1, in the virtual network interaction method according to this embodiment, a controller sends different control data to a public network switch, a management port, and an interface switch, respectively, where the interface switch sends public network data or private line data to a first virtual switch through a first network port, the first virtual switch sends the received public network data to a virtual router, the virtual router receives the public network data and sends the public network data to a second virtual switch, and the second virtual switch sends the public network data to the public network switch through a second network port to complete data transmission; and the first virtual switch sends the received private line data to the private line virtual switch, and the private line virtual switch sends the private line data through the private line network port to complete data transmission. According to the method, the public network data and the private line data are respectively sent to the private line virtual switch and the public network switch through the virtual switch I, so that data interaction between a public network and a private network can be conveniently realized, different numbers of the virtual switch I, the virtual switch II, the private line virtual switch and the public network switch can be matched according to specific requirements, the use is more convenient, the forwarding and control are separated, the self-supply separation is realized, the disaster tolerance automatic switching is realized, and the continuity of service is kept.
The method also comprises the step of switching by adopting the main server and the standby server, wherein the data stored by the main server and the standby server are the same, and the function switching is realized by adopting a VRRP protocol, so that when the main server fails, the main server can be quickly switched to the standby server, and the normal operation is ensured.
The control signal sent by the controller is a parameter configuration signal.
A virtual network architecture is used for executing the method and comprises a controller, a public network switch, a management port and an interface switch, wherein the public network switch is in communication connection with the controller, the interface switch is connected with a first virtual switch through a network port, the first virtual switch is in communication connection with a second virtual switch and a special line virtual switch, the special line virtual switch transmits data through the special line network port, and the second virtual switch transmits data with the public network switch through the network port.
And a virtual router is arranged between the first virtual switch and the second virtual switch and is used for forwarding data. The special line virtual switch is provided with a plurality of special line ports, and the special line virtual switch corresponds to a plurality of different special line ports. And identification information is arranged in the data sent by the interface switch, and the first virtual switch recognizes the identification information and sends the corresponding data to the matched special line virtual switch or the second virtual switch. The method can realize the butt joint of different private networks and public networks, and has wider application scenes.
The first network port and the second network port are both provided with a flow detection module and a flow limiting module, the flow detection module is used for detecting the size of flow data transmitted by the first network port and the second network port, and the flow limiting module is used for limiting the flow transmitted by the first network port and the second network port, monitoring and charging the flow of a user and limiting the flow.
The above-mentioned embodiments only express a certain implementation mode of the present invention, and the description thereof is specific and detailed, but not construed as limiting the scope of the present invention; it should be noted that, for those skilled in the art, without departing from the concept of the present invention, several variations and modifications can be made, which are within the protection scope of the present invention; therefore, the protection scope of the present patent shall be subject to the appended claims.
Claims (8)
1. A virtual network interaction method is characterized in that: the controller respectively sends different control data to a public network switch, a management port and an interface switch, the interface switch sends public network data or private line data to a first virtual switch through a first network port, the first virtual switch sends the received public network data to a second virtual router, the second virtual switch sends the public network data to the public network switch through a second network port to complete data transmission; and the first virtual switch sends the received private line data to the private line virtual switch, and the private line virtual switch sends the private line data through the private line network port to complete data transmission.
2. The virtual network interaction method of claim 1, wherein: the method further comprises the step of switching by adopting a main server and a standby server, wherein the data stored by the main server and the standby server are the same.
3. The virtual network interaction method of claim 1, wherein: the control signal sent by the controller is a parameter configuration signal.
4. A virtual network architecture for performing the method of any of the preceding claims 1-3, characterized by: including the controller, with controller communication connection's public network switch, management mouth and interface switch, the interface switch passes through net gape and is connected with virtual switch one, virtual switch a communication is connected with special line virtual switch and virtual switch two, special line virtual switch passes through special line net gape transmission data, virtual switch two passes through net gape two and public network switch transmission data.
5. A virtual network architecture according to claim 4, characterized in that: and a virtual router is arranged between the first virtual switch and the second virtual switch and is used for forwarding data.
6. A virtual network architecture according to claim 4, characterized in that: the special line virtual switch is provided with a plurality of special line ports, and the special line virtual switch corresponds to a plurality of different special line ports.
7. A virtual network architecture according to claim 4, characterized in that: and identification information is arranged in the data sent by the interface switch, and the first virtual switch recognizes the identification information and sends the corresponding data to the matched special line virtual switch or the second virtual switch.
8. A virtual network architecture according to claim 4, characterized in that: the network port I and the network port II are both provided with a flow detection module and a flow limiting module, the flow detection module is used for detecting the size of flow data transmitted by the network port I and the network port II, and the flow limiting module is used for limiting the flow transmitted by the network port I and the network port II.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202110567487.1A CN113194020B (en) | 2021-05-24 | 2021-05-24 | Virtual network interaction method and virtual network architecture |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202110567487.1A CN113194020B (en) | 2021-05-24 | 2021-05-24 | Virtual network interaction method and virtual network architecture |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN113194020A true CN113194020A (en) | 2021-07-30 |
| CN113194020B CN113194020B (en) | 2022-09-09 |
Family
ID=76985026
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202110567487.1A Active CN113194020B (en) | 2021-05-24 | 2021-05-24 | Virtual network interaction method and virtual network architecture |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN113194020B (en) |
Cited By (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN113873455A (en) * | 2021-11-02 | 2021-12-31 | 中国电信股份有限公司 | Flow statistical method and system, computer readable storage medium |
| CN114244787A (en) * | 2021-12-08 | 2022-03-25 | 四川安迪科技实业有限公司 | Method and device for realizing high-reliability management port |
| CN114884876A (en) * | 2022-04-14 | 2022-08-09 | 烽火通信科技股份有限公司 | Cross-network plane communication method, device and readable storage medium |
Citations (9)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1601996A (en) * | 2003-09-26 | 2005-03-30 | 华为技术有限公司 | Method for access of IP public net of virtual exchanger system |
| CN101699798A (en) * | 2009-10-17 | 2010-04-28 | 中兴通讯股份有限公司 | Data forwarding method and service single board |
| CN103595772A (en) * | 2013-11-01 | 2014-02-19 | 浪潮电子信息产业股份有限公司 | Cloud data center network deployment scheme based on virtual router |
| CN103746997A (en) * | 2014-01-10 | 2014-04-23 | 浪潮电子信息产业股份有限公司 | Network security solution for cloud computing center |
| CN103795622A (en) * | 2014-01-22 | 2014-05-14 | 杭州华三通信技术有限公司 | Message forwarding method and device using same |
| CN105391771A (en) * | 2015-10-16 | 2016-03-09 | 张陵 | Multi-tenant-oriented cloud network architecture |
| CN105530259A (en) * | 2015-12-22 | 2016-04-27 | 华为技术有限公司 | Message filtering method and equipment |
| CN107770010A (en) * | 2017-09-29 | 2018-03-06 | 烽火通信科技股份有限公司 | A kind of home intranet method and home networking system based on OpenFlow |
| CN111866761A (en) * | 2020-07-15 | 2020-10-30 | 广州德亨信息技术有限公司 | Method, gateway equipment and system for fusing intercommunication of private network talkback and public network talkback |
-
2021
- 2021-05-24 CN CN202110567487.1A patent/CN113194020B/en active Active
Patent Citations (9)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1601996A (en) * | 2003-09-26 | 2005-03-30 | 华为技术有限公司 | Method for access of IP public net of virtual exchanger system |
| CN101699798A (en) * | 2009-10-17 | 2010-04-28 | 中兴通讯股份有限公司 | Data forwarding method and service single board |
| CN103595772A (en) * | 2013-11-01 | 2014-02-19 | 浪潮电子信息产业股份有限公司 | Cloud data center network deployment scheme based on virtual router |
| CN103746997A (en) * | 2014-01-10 | 2014-04-23 | 浪潮电子信息产业股份有限公司 | Network security solution for cloud computing center |
| CN103795622A (en) * | 2014-01-22 | 2014-05-14 | 杭州华三通信技术有限公司 | Message forwarding method and device using same |
| CN105391771A (en) * | 2015-10-16 | 2016-03-09 | 张陵 | Multi-tenant-oriented cloud network architecture |
| CN105530259A (en) * | 2015-12-22 | 2016-04-27 | 华为技术有限公司 | Message filtering method and equipment |
| CN107770010A (en) * | 2017-09-29 | 2018-03-06 | 烽火通信科技股份有限公司 | A kind of home intranet method and home networking system based on OpenFlow |
| CN111866761A (en) * | 2020-07-15 | 2020-10-30 | 广州德亨信息技术有限公司 | Method, gateway equipment and system for fusing intercommunication of private network talkback and public network talkback |
Non-Patent Citations (3)
| Title |
|---|
| VALERIANUS HASHIYANA: "Design and Implementation of an IPSec Virtual Private Network: A Case Study at the University of Namibia", 《2020 IST-AFRICA CONFERENCE (IST-AFRICA)》 * |
| 巩锐等: "电网IMS网络与公网互通技术方案研究", 《供用电》 * |
| 骆海玉: "高校网络学习空间的设计应用", 《数字技术与应用》 * |
Cited By (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN113873455A (en) * | 2021-11-02 | 2021-12-31 | 中国电信股份有限公司 | Flow statistical method and system, computer readable storage medium |
| CN113873455B (en) * | 2021-11-02 | 2024-08-27 | 中国电信股份有限公司 | Flow statistics method and system and computer readable storage medium |
| CN114244787A (en) * | 2021-12-08 | 2022-03-25 | 四川安迪科技实业有限公司 | Method and device for realizing high-reliability management port |
| CN114244787B (en) * | 2021-12-08 | 2023-04-11 | 四川安迪科技实业有限公司 | Method and device for realizing high-reliability management port |
| CN114884876A (en) * | 2022-04-14 | 2022-08-09 | 烽火通信科技股份有限公司 | Cross-network plane communication method, device and readable storage medium |
| CN114884876B (en) * | 2022-04-14 | 2023-06-30 | 烽火通信科技股份有限公司 | Cross-network plane communication method, device and readable storage medium |
Also Published As
| Publication number | Publication date |
|---|---|
| CN113194020B (en) | 2022-09-09 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN113194020B (en) | Virtual network interaction method and virtual network architecture | |
| EP3681110B1 (en) | A region interconnect control using vrf tables across heterogeneous networks | |
| US9794194B2 (en) | Relay system and switching device | |
| US8169895B2 (en) | Network system and node | |
| KR101495242B1 (en) | Multicast data forwarding method and device supporting virtual terminal | |
| CN102984057B (en) | A kind of Multi-service integration dual-redundancy network system | |
| CN101534198B (en) | Communication system | |
| CN102273138A (en) | Inter-network carrier Ethernet service protection | |
| CN102104532B (en) | Fault switching method and system and hub provider edge (Hub PE) router | |
| CN101014035A (en) | Reliability processing method and system of multi-service networking provided by metro Ethernet | |
| EP2696542A1 (en) | Method, ToR switch, and system for implementing protection switchover based on TRILL network | |
| EP2833579A1 (en) | Control device, physical node, terminal device, communication system, port state display method, and program | |
| US10873527B2 (en) | Link protection method in SDN, switching device, and network controller | |
| CN101345686B (en) | Processing method, apparatus and system of virtual special local area network service loop | |
| CN104144130B (en) | Method, system and the access switch of virtual machine system interconnection | |
| CN108833232A (en) | A kind of pppoe client implementation method and pppoe client based on VPP | |
| CN102281165A (en) | Fault detection method based on QoS, system and apparatus thereof | |
| CN106341249A (en) | Redundant port switching method and device | |
| CN110365578A (en) | Network interface control and link switching method, device, network equipment and medium | |
| US20120224488A1 (en) | Method of connectivity monitoring by subscriber line terminating apparatus | |
| CN109756400A (en) | The flow rate test method and system of 10G POE interchanger | |
| US9225667B2 (en) | Communication system and network relay apparatus | |
| CN103684831B (en) | The guard method of L2TP network, apparatus and system | |
| US20180198708A1 (en) | Data center linking system and method therefor | |
| CN103312579A (en) | Line switching method and device |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| TA01 | Transfer of patent application right | ||
| TA01 | Transfer of patent application right |
Effective date of registration: 20220124 Address after: 200072 room 607, No. 1256 and 1258, Wanrong Road, Jing'an District, Shanghai Applicant after: Zhenle Technology Service (Shanghai) Co.,Ltd. Address before: Room 702-2, No. 56 and 58, JIANGCHANG Third Road, Jing'an District, Shanghai 200040 Applicant before: Shanghai layer peak Network Technology Co.,Ltd. |
|
| GR01 | Patent grant | ||
| GR01 | Patent grant |