CN113194020B - Virtual network interaction method and virtual network architecture - Google Patents
Virtual network interaction method and virtual network architecture Download PDFInfo
- Publication number
- CN113194020B CN113194020B CN202110567487.1A CN202110567487A CN113194020B CN 113194020 B CN113194020 B CN 113194020B CN 202110567487 A CN202110567487 A CN 202110567487A CN 113194020 B CN113194020 B CN 113194020B
- Authority
- CN
- China
- Prior art keywords
- switch
- virtual
- data
- network
- virtual switch
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L12/00—Data switching networks
- H04L12/28—Data switching networks characterised by path configuration, e.g. LAN [Local Area Networks] or WAN [Wide Area Networks]
- H04L12/46—Interconnection of networks
- H04L12/4641—Virtual LANs, VLANs, e.g. virtual private networks [VPN]
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L47/00—Traffic control in data switching networks
- H04L47/10—Flow control; Congestion control
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L49/00—Packet switching elements
- H04L49/35—Switches specially adapted for specific applications
- H04L49/354—Switches specially adapted for specific applications for supporting virtual local area networks [VLAN]
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L49/00—Packet switching elements
- H04L49/70—Virtual switches
Landscapes
- Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Security & Cryptography (AREA)
- Data Exchanges In Wide-Area Networks (AREA)
Abstract
The invention discloses a virtual network interaction method and a virtual network architecture.A controller respectively sends different control data to a public network switch, a management port and an interface switch, the interface switch sends public network data or private line data to a first virtual switch through a first network port, the first virtual switch sends the received public network data to a virtual router, and the virtual router receives the public network data and sends the public network data to a second virtual switch. The public network data and the private line data are respectively sent to the private line virtual switch and the public network switch through the first virtual switch, data interaction of a public network and a private network can be conveniently realized, different numbers of the first virtual switch, the second virtual switch, the private line virtual switch and the public network switch can be matched according to specific requirements, the use is more convenient, the forwarding and control are separated, disaster tolerance automatic switching is realized through self-contained separation, and the continuity of service is kept.
Description
Technical Field
The invention belongs to the technical field of computer networks, and particularly relates to a virtual network interaction method and a virtual network architecture.
Background
At present, the traditional network adopts a hardware switch as a switching device, and the specific data forwarding mode is as follows:
an intranet three-layer data forwarding mode:
1. data flows from the bare metal server;
2. different tenants forward to the subordinate nuclear distribution switch through the TOR switch VLAN;
3. the flow enters an vrf interface configuration gateway of the core switch, and the gateway forwards the flow according to the target IP and performs mac learning;
4. bare metal traffic is forwarded to the corresponding other server through the vrf gateway.
The public network traffic forwarding mode:
1. data flows from the bare metal server;
2. different tenants forward to the subordinate nuclear distribution switch through the TOR switch VLAN;
3. the flow enters an vrf interface configuration gateway of the core switch, and the gateway forwards the flow according to a target IP and performs mac learning;
and 4, forwarding the gateway vrf to a corresponding NAT gateway, and forwarding the gateway to the public network through the NAT gateway (the hardware switch has no NAT gateway function and can be realized only by adopting a third-party device).
The switch used by the existing virtual network architecture needs to support the virtualization function and needs the superposition of multiple switch firewall gateway devices to support the requirement of multi-tenant virtualization. The control capability and the programmability are poor, the native direction programmability of hardware is poor, a system function list cannot meet changeable service requirements, and continuous upgrading along with the change of hardware internal firmware requires service interruption to realize upgrading. The flexibility of the service is poor, if nat is adopted to connect a public network, specific nat software equipment is needed to realize forwarding, the network flow charging mode is single, if separation quantity is needed, special flow software/equipment is needed to realize accurate flow of the service, and the complexity of the whole operation is improved.
Disclosure of Invention
1. Technical problem to be solved by the invention
The invention aims to solve the problems that the existing virtual network is complex in architecture and not comprehensive in function.
2. Technical scheme
In order to achieve the purpose, the technical scheme provided by the invention is as follows:
the invention discloses a virtual network interaction method.A controller respectively sends different control data to a public network switch, a management port and an interface switch, the interface switch sends public network data or private line data to a first virtual switch through a first network port, the first virtual switch sends the received public network data to a virtual router, the virtual router receives the public network data and sends the public network data to a second virtual switch, and the second virtual switch sends the public network data to the public network switch through a second network port to complete data transmission; and the first virtual switch sends the received private line data to the private line virtual switch, and the private line virtual switch sends the private line data through the private line network port to complete data transmission.
Preferably, the method further comprises switching between a main server and a standby server, and the data stored in the main server and the standby server are the same.
Preferably, the control signal sent by the controller is a parameter configuration signal.
A virtual network architecture is used for executing the method and comprises a controller, a public network switch, a management port and an interface switch, wherein the public network switch is in communication connection with the controller, the interface switch is connected with a first virtual switch through a network port, the first virtual switch is in communication connection with a second special line virtual switch and a virtual switch, the first special line virtual switch transmits data through a special line network port, and the second virtual switch transmits data with the public network switch through a network port.
Preferably, a virtual router is arranged between the first virtual switch and the second virtual switch for forwarding data.
Preferably, the private line virtual switch is provided with a plurality of private line virtual switches, and the plurality of private line virtual switches correspond to a plurality of different private line network ports.
Preferably, the data sent by the interface switch is internally provided with identification information, and the first virtual switch recognizes the identification information and sends the corresponding data to the matched private line virtual switch or the second virtual switch.
Preferably, the first network port and the second network port are both provided with a flow detection module and a flow limiting module, the flow detection module is used for detecting the size of flow data transmitted by the first network port and the second network port, and the flow limiting module is used for limiting the flow transmitted by the first network port and the second network port.
3. Advantageous effects
Compared with the prior art, the technical scheme provided by the invention has the following beneficial effects:
the invention discloses a virtual network interaction method.A controller respectively sends different control data to a public network switch, a management port and an interface switch, the interface switch sends public network data or private line data to a first virtual switch through a first network port, the first virtual switch sends the received public network data to a virtual router, the virtual router receives the public network data and sends the public network data to a second virtual switch, and the second virtual switch sends the public network data to the public network switch through a second network port to complete data transmission; and the first virtual switch sends the received private line data to the private line virtual switch, and the private line virtual switch sends the private line data through the private line network port to complete data transmission. According to the method, the public network data and the private line data are respectively sent to the private line virtual switch and the public network switch through the virtual switch I, so that data interaction between a public network and a private network can be conveniently realized, different numbers of the virtual switch I, the virtual switch II, the private line virtual switch and the public network switch can be matched according to specific requirements, the use is more convenient, the forwarding and control are separated, the self-supply separation is realized, the disaster tolerance automatic switching is realized, and the continuity of service is kept. .
Drawings
Fig. 1 is a schematic structural diagram of a virtual network architecture according to the present invention.
Detailed Description
In order that the invention may be readily understood, a more complete description of the invention briefly described below will be rendered by reference to the appended drawings, which are specific to certain embodiments of the invention, however, the invention may be embodied in many different forms and is disclosed herein.
It will be understood that when an element is referred to as being "secured to" another element, it can be directly on the other element or intervening elements may also be present; when an element is referred to as being "connected" to another element, it can be directly connected to the other element or intervening elements may also be present; the terms "vertical," "horizontal," "left," "right," and the like are used herein for purposes of illustration only.
Unless defined otherwise, all technical and scientific terms used herein have the same meaning as commonly understood by one of ordinary skill in the art to which this invention belongs; the terminology used herein in the description of the invention is for the purpose of describing particular embodiments only and is not intended to be limiting of the invention; as used herein, the term "and/or" includes any and all combinations of one or more of the associated listed items.
Example 1
Referring to fig. 1, in a virtual network interaction method according to this embodiment, a controller sends different control data to a public network switch, a management port, and an interface switch, respectively, where the interface switch sends public network data or private line data to a first virtual switch through a first network port, the first virtual switch sends the received public network data to a virtual router, the virtual router receives the public network data and sends the public network data to a second virtual switch, and the second virtual switch sends the public network data to the public network switch through a second network port to complete data transmission; and the first virtual switch sends the received private line data to the private line virtual switch, and the private line virtual switch sends the private line data through the private line network port to complete data transmission. According to the method, the public network data and the private line data are respectively sent to the private line virtual switch and the public network switch through the virtual switch I, so that data interaction between a public network and a private network can be conveniently realized, different numbers of the virtual switch I, the virtual switch II, the private line virtual switch and the public network switch can be matched according to specific requirements, the use is more convenient, the forwarding and control are separated, the self-supply separation is realized, the disaster tolerance automatic switching is realized, and the continuity of service is kept.
The method also comprises the step of switching by adopting the main server and the standby server, wherein the data stored by the main server and the standby server are the same, and the function switching is realized by adopting a VRRP protocol, so that when the main server fails, the main server can be quickly switched to the standby server, and the normal operation is ensured.
The control signal sent by the controller is a parameter configuration signal.
A virtual network architecture is used for executing the method and comprises a controller, a public network switch, a management port and an interface switch, wherein the public network switch is in communication connection with the controller, the interface switch is connected with a first virtual switch through a network port, the first virtual switch is in communication connection with a second virtual switch and a special line virtual switch, the special line virtual switch transmits data through the special line network port, and the second virtual switch transmits data with the public network switch through the network port.
And a virtual router is arranged between the first virtual switch and the second virtual switch and is used for forwarding data. The special line virtual switch is provided with a plurality of special line ports, and the special line virtual switch corresponds to a plurality of different special line ports. And identification information is arranged in the data sent by the interface switch, and the first virtual switch recognizes the identification information and sends the corresponding data to the matched special line virtual switch or the second virtual switch. The method can realize the butt joint of different private networks and public networks, and has wider application scenes.
The first network port and the second network port are both provided with a flow detection module and a flow limiting module, the flow detection module is used for detecting the size of flow data transmitted by the first network port and the second network port, and the flow limiting module is used for limiting the flow transmitted by the first network port and the second network port, monitoring and charging the flow of a user and limiting the flow.
The above-mentioned embodiments only express a certain implementation mode of the present invention, and the description thereof is specific and detailed, but not construed as limiting the scope of the present invention; it should be noted that, for those skilled in the art, without departing from the concept of the present invention, several variations and modifications can be made, which are within the protection scope of the present invention; therefore, the protection scope of the present patent shall be subject to the appended claims.
Claims (6)
1. A virtual network system interaction method is characterized in that: the controller respectively sends different control data to the public network switch, the management port and the interface switch, the interface switch sends public network data or special line data to the first virtual switch through the first network port, the first virtual switch sends the received public network data to the second virtual router, the second virtual switch sends the public network data to the public network switch through the second network port to complete data transmission; the first virtual switch sends the received private line data to a private line virtual switch, and the private line virtual switch sends the private line data through a private line network port to complete data transmission;
the method also comprises the steps that a main server and a standby server are adopted for switching, and the data stored by the main server and the standby server are the same;
the virtual network system interaction method is applied to a virtual network system, the virtual network system comprises a controller, a public network switch, a management port and an interface switch, the public network switch is in communication connection with the controller, the interface switch is connected with a first virtual switch through a network port, the first virtual switch is in communication connection with a second private line virtual switch and a second virtual switch, the private line virtual switch transmits data through a private line network port, and the second virtual switch transmits data with the public network switch through the network port.
2. The virtual network system interaction method according to claim 1, wherein: the control signal sent by the controller is a parameter configuration signal.
3. A virtual network system, characterized by: for performing the virtual network system interaction method of any one of claims 1-2; and a virtual router is arranged between the first virtual switch and the second virtual switch and is used for forwarding data.
4. A virtual network system according to claim 3, wherein: the special line virtual switch is provided with a plurality of special line ports, and the special line virtual switch corresponds to a plurality of different special line ports.
5. A virtual network system according to claim 3, wherein: and identification information is arranged in the data sent by the interface switch, and the first virtual switch recognizes the identification information and sends the corresponding data to the matched special line virtual switch or the second virtual switch.
6. A virtual network system according to claim 3, wherein: the network port I and the network port II are both provided with a flow detection module and a flow limiting module, the flow detection module is used for detecting the size of flow data transmitted by the network port I and the network port II, and the flow limiting module is used for limiting the flow transmitted by the network port I and the network port II.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202110567487.1A CN113194020B (en) | 2021-05-24 | 2021-05-24 | Virtual network interaction method and virtual network architecture |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202110567487.1A CN113194020B (en) | 2021-05-24 | 2021-05-24 | Virtual network interaction method and virtual network architecture |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN113194020A CN113194020A (en) | 2021-07-30 |
| CN113194020B true CN113194020B (en) | 2022-09-09 |
Family
ID=76985026
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202110567487.1A Active CN113194020B (en) | 2021-05-24 | 2021-05-24 | Virtual network interaction method and virtual network architecture |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN113194020B (en) |
Families Citing this family (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN113873455A (en) * | 2021-11-02 | 2021-12-31 | 中国电信股份有限公司 | Flow statistical method and system, computer readable storage medium |
| CN114244787B (en) * | 2021-12-08 | 2023-04-11 | 四川安迪科技实业有限公司 | Method and device for realizing high-reliability management port |
| CN114884876B (en) * | 2022-04-14 | 2023-06-30 | 烽火通信科技股份有限公司 | Cross-network plane communication method, device and readable storage medium |
Citations (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN103746997A (en) * | 2014-01-10 | 2014-04-23 | 浪潮电子信息产业股份有限公司 | Network security solution for cloud computing center |
| CN111866761A (en) * | 2020-07-15 | 2020-10-30 | 广州德亨信息技术有限公司 | Method, gateway equipment and system for fusing intercommunication of private network talkback and public network talkback |
Family Cites Families (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN100399767C (en) * | 2003-09-26 | 2008-07-02 | 华为技术有限公司 | Method for access of IP public net of virtual exchanger system |
| CN101699798A (en) * | 2009-10-17 | 2010-04-28 | 中兴通讯股份有限公司 | Data forwarding method and service single board |
| CN103595772A (en) * | 2013-11-01 | 2014-02-19 | 浪潮电子信息产业股份有限公司 | Cloud data center network deployment scheme based on virtual router |
| CN103795622B (en) * | 2014-01-22 | 2017-02-15 | 杭州华三通信技术有限公司 | Message forwarding method and device using same |
| CN105391771B (en) * | 2015-10-16 | 2018-11-02 | 北京云启志新科技股份有限公司 | A kind of cloud network system towards multi-tenant |
| CN105530259B (en) * | 2015-12-22 | 2019-01-18 | 华为技术有限公司 | Message filtering method and equipment |
| CN107770010B (en) * | 2017-09-29 | 2020-05-12 | 烽火通信科技股份有限公司 | OpenFlow-based home networking method and system |
-
2021
- 2021-05-24 CN CN202110567487.1A patent/CN113194020B/en active Active
Patent Citations (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN103746997A (en) * | 2014-01-10 | 2014-04-23 | 浪潮电子信息产业股份有限公司 | Network security solution for cloud computing center |
| CN111866761A (en) * | 2020-07-15 | 2020-10-30 | 广州德亨信息技术有限公司 | Method, gateway equipment and system for fusing intercommunication of private network talkback and public network talkback |
Non-Patent Citations (3)
| Title |
|---|
| Design and Implementation of an IPSec Virtual Private Network: A Case Study at the University of Namibia;Valerianus HASHIYANA;《2020 IST-Africa Conference (IST-Africa)》;20200720;全文 * |
| 电网IMS网络与公网互通技术方案研究;巩锐等;《供用电》;20180505(第05期);全文 * |
| 高校网络学习空间的设计应用;骆海玉;《数字技术与应用》;20150315(第03期);全文 * |
Also Published As
| Publication number | Publication date |
|---|---|
| CN113194020A (en) | 2021-07-30 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN113194020B (en) | Virtual network interaction method and virtual network architecture | |
| EP3681110B1 (en) | A region interconnect control using vrf tables across heterogeneous networks | |
| CN102984057B (en) | A kind of Multi-service integration dual-redundancy network system | |
| CN101534198B (en) | Communication system | |
| CN105024836B (en) | Method and device for switching primary Service Router (SR) and standby SR and SR | |
| CN102104532B (en) | Fault switching method and system and hub provider edge (Hub PE) router | |
| CN103795623A (en) | Method and device for realizing traffic interflow between virtual devices | |
| CN102148677A (en) | Method for updating address resolution protocol table entries and core switch | |
| US10873527B2 (en) | Link protection method in SDN, switching device, and network controller | |
| US9590815B2 (en) | Relay system and switching device | |
| EP2696542A1 (en) | Method, ToR switch, and system for implementing protection switchover based on TRILL network | |
| EP2833579A1 (en) | Control device, physical node, terminal device, communication system, port state display method, and program | |
| CN103259685A (en) | Method for detecting link failures and network equipment | |
| CN101345686B (en) | Processing method, apparatus and system of virtual special local area network service loop | |
| CN102281165A (en) | Fault detection method based on QoS, system and apparatus thereof | |
| CN110365578A (en) | Network interface control and link switch-over method, device, the network equipment and medium | |
| US20120224488A1 (en) | Method of connectivity monitoring by subscriber line terminating apparatus | |
| CN107547347B (en) | VNI-based path adjustment method and device | |
| US9225667B2 (en) | Communication system and network relay apparatus | |
| US20180198708A1 (en) | Data center linking system and method therefor | |
| CN103312579A (en) | Line switching method and device | |
| EP4221117A1 (en) | Broadband connection method and device | |
| US20110051598A1 (en) | Loss Link Forwarding | |
| CN1297106C (en) | Method of isolating user's ports of Ethernet exchanger | |
| US7852753B2 (en) | Method and apparatus for centralized selection of a control network |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| TA01 | Transfer of patent application right |
Effective date of registration: 20220124 Address after: 200072 room 607, No. 1256 and 1258, Wanrong Road, Jing'an District, Shanghai Applicant after: Zhenle Technology Service (Shanghai) Co.,Ltd. Address before: Room 702-2, No. 56 and 58, JIANGCHANG Third Road, Jing'an District, Shanghai 200040 Applicant before: Shanghai layer peak Network Technology Co.,Ltd. |
|
| TA01 | Transfer of patent application right | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |