CN113194033A - Message forwarding method and device based on SDN (software defined network) segment routing networking and storage medium - Google Patents

Message forwarding method and device based on SDN (software defined network) segment routing networking and storage medium Download PDF

Info

Publication number
CN113194033A
CN113194033A CN202110334569.1A CN202110334569A CN113194033A CN 113194033 A CN113194033 A CN 113194033A CN 202110334569 A CN202110334569 A CN 202110334569A CN 113194033 A CN113194033 A CN 113194033A
Authority
CN
China
Prior art keywords
message
srv6
destination
forwarding
port
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN202110334569.1A
Other languages
Chinese (zh)
Other versions
CN113194033B (en
Inventor
赵晶晶
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
New H3C Big Data Technologies Co Ltd
Original Assignee
New H3C Big Data Technologies Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by New H3C Big Data Technologies Co Ltd filed Critical New H3C Big Data Technologies Co Ltd
Priority to CN202110334569.1A priority Critical patent/CN113194033B/en
Publication of CN113194033A publication Critical patent/CN113194033A/en
Application granted granted Critical
Publication of CN113194033B publication Critical patent/CN113194033B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L45/00Routing or path finding of packets in data switching networks
    • H04L45/34Source routing
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L12/00Data switching networks
    • H04L12/28Data switching networks characterised by path configuration, e.g. LAN [Local Area Networks] or WAN [Wide Area Networks]
    • H04L12/46Interconnection of networks
    • H04L12/4633Interconnection of networks using encapsulation techniques, e.g. tunneling
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L45/00Routing or path finding of packets in data switching networks
    • H04L45/32Flooding
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L45/00Routing or path finding of packets in data switching networks
    • H04L45/74Address processing for routing
    • H04L45/745Address table lookup; Address filtering
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L49/00Packet switching elements
    • H04L49/70Virtual switches
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L2101/00Indexing scheme associated with group H04L61/00
    • H04L2101/60Types of network addresses
    • H04L2101/618Details of network addresses
    • H04L2101/622Layer-2 addresses, e.g. medium access control [MAC] addresses

Abstract

The disclosure provides a message forwarding method, a message forwarding device and a storage medium based on SDN segment routing networking, which are used for solving the technical problem that an SDN supports SRv6 segment routing protocols. According to the technical scheme, SRv6 protocol stacks are added on the OVS, SRv6 protocol Function field distribution functions of an Overlay network are added on the SDN controller, and the Openflow protocol is used for solving the problem of SRv6 forwarding under the SDN network architecture. The technical scheme disclosed by the invention can support SRv6 protocol to carry Overlay service in the SDN network of the Openflow protocol and Open VSwitch combined networking.

Description

Message forwarding method and device based on SDN (software defined network) segment routing networking and storage medium
Technical Field
The present disclosure relates to the field of communications technologies, and in particular, to a method and an apparatus for forwarding a packet based on SDN segment routing networking, and a storage medium.
Background
Internet Protocol Version 6(Internet Protocol Version 6, IPv6) Segment Routing Protocol (Segment Routing IPv6, SRv6) is a combination of Segment Routing (Segment Routing) and IPv6, SRv6 uses a Routing Extension Header (Routing Extension Header) defined in the IPv6 Protocol standard to carry a newly defined Segment Routing Header (SRH), and the SRH type number is defined as 4. The Segment list is contained in SRH. The Segment Identifier (SID) is a 128-bit IPv6 address, and mainly consists of a Locator and a Function. The Locator specifies the prefix length of the corresponding address at the high order, and the subsequent bits are used by the Function. Function is an ID value assigned to a local forwarding instruction, which can be used to express a forwarding action that needs to be performed by a device, and optionally carries a parameter restrictions. The Locator is used for IPv6 routing, and the Function is used for specifying various SRv6 operations which need to be applied to the data packet by the node, so that the programmability of the network is realized.
SRv6 the path to be taken by the data packet is predefined in the source node, the path is converted into an ordered segment list and encapsulated into the message header, and the SRv6 device information that the message will pass through is listed in the route extension header of the IPv6 message. After receiving the message, the destination SRv6 node processes the message according to the Function field in the IPv6 address of the message, and after each SRv6 node processes the message according to the Function, the destination IP of the message is updated to the Segment of the next SRv6 node. If a node in the network only supports conventional IPv6 but not SRv6, when the node receives SRv6 data packets, according to the specification of IPv6 RFC, the node does not process the extension header but only carries out IPv6 forwarding according to the destination address of the data packet, because the destination address of the data packet is not the network segment address of the node. This means SRv6 can interoperate seamlessly with existing IPv6 networks, i.e., SRv6 can enable incremental deployment over IPv6 networks without replacing all devices of the existing network.
With the development of services such as 5G, internet of things, cloud and the like, new requirements are put forward on network programming, and the requirements of access of more network devices on address expansion are also increased. SRv6, the intelligent and simple network is realized based on All IPv6, new information is encapsulated on the forwarding plane, resources of the forwarding plane are guaranteed, and the unique advantages of the intelligent and simple network in the aspect of network programming capability are fully embodied.
In a traditional IT architecture, after deployment and on-line according to business requirements, if the business requirements change, IT is a very tedious matter to re-modify the configuration on the corresponding network device. The SRv6 technology is fused with a Software Defined Network (SDN), so that a user can define any Network routing and transmission rule strategy to be realized, and the high programmability and the end-to-end traffic engineering capability are provided while the Network is simplified.
For a VSwitch virtual switch in an SDN network, a forwarding principle needs to be matched with a corresponding forwarding table entry for forwarding as with a hardware switch, and when the virtual switch is normally connected with an SDN controller, an Openflow flow table issued by the SDN controller to the virtual switch is matched for forwarding.
At present, an Openflow protocol + Open VSwitch (OVS for short) combined mode adopted by an SDN networking does not support SRv 6-based protocol to carry Overlay service, and cannot meet service requirements in many scenarios.
Disclosure of Invention
In view of this, the present disclosure provides a method, an apparatus, and a storage medium for forwarding a packet based on SDN segment routing networking, which are used to solve the technical problem that an SDN network supports SRv6 segment routing protocols.
Fig. 1 is a flowchart illustrating steps of a packet forwarding method based on SDN segment routing networking according to the present disclosure, where the method includes:
a first virtual switch supporting a segment routing SRv6 protocol is managed by a Software Defined Network (SDN) controller, and a virtual link layer network and a virtual router where the first virtual switch is located are created by the SDN controller;
102, after the first virtual switch receives a first message sent by a source virtual machine through a downlink port, performing flow table matching on the first message, and judging whether a destination MAC address of the first message is a gateway MAC address or not based on a matching result;
103, when the destination MAC address is a gateway MAC address, the first message is forwarded through the matching of the three-layer forwarding table; when the destination MAC address is a non-gateway MAC address, the first message is forwarded in a matching way through a two-layer forwarding table;
when the first message is forwarded in a matching manner through a three-layer or two-layer forwarding table, if a target virtual machine is not directly connected to the first virtual machine switch, after SRv6 protocol encapsulation is carried out on the first message at a port SRv6, the first message is forwarded outwards through an Internal type virtual port; the internal type virtual port is configured with SRv6 node IP address, namely SRv6 segment identification SID.
Further, the method for forwarding the first packet by matching the two-layer forwarding table includes:
step 21, judging whether the virtual machine to which the destination MAC of the first message belongs is connected with the source virtual machine on the same virtual switch;
step 22, when the connection is judged to be connected to the same virtual switch, directly sending the first message to the access port of the target virtual machine on the first virtual switch;
step 23, when judging that the first message is not connected to the same virtual switch, setting an IPv6 tunnel destination field tun _ IPv6_ dst in a flow table matched with the first message as the SRv6SID of the virtual switch to which the MAC of the first message destination belongs, and sending the first message to a SRv6 port;
step 24, at port SRv6, performing SRv6 protocol encapsulation on the first packet, where an outer layer source address of the packet is SRv6SID of a virtual switch to which the source virtual machine belongs, and a destination address is a tun _ ipv6_ dst field value in a flow table matched with the first packet; and sending the first message out from the uplink port after encapsulation.
Further, the method for forwarding the first packet by matching the three-layer forwarding table includes:
step 31, judging whether the virtual machine to which the destination IP of the first message belongs is connected with the source virtual machine on the same virtual switch;
step 32, when the connection is judged to be connected on the same virtual switch, directly sending the first message to an access port of a virtual machine to which the destination IP of the first message belongs on the first virtual switch;
step 33, when the virtual switch is not connected to the same virtual switch, according to the flow table matched with the first message, setting the tun _ ipv6_ dst field in the flow table as SRv6SID of the virtual switch to which the IP of the first message belongs, and sending the first message to the SRv6 port;
step 34, at port SRv6, performing SRv6 protocol encapsulation on the first packet, where an outer layer source address of the packet is SRv6SID of a virtual switch to which the source virtual machine belongs, and a destination address is a tun _ ipv6_ dst field value in a flow table matched with the first packet; and sending the first message out from the uplink port after encapsulation.
Further, when the first virtual switch receives a second packet sent by the source virtual machine through the upstream port, the method further includes:
step 41, judging whether an outer layer destination IPv6 address, namely a destination SRv6SID, of the second message falls within a locator network segment of the first virtual switch;
step 42, when the message is judged to be in the locator network segment of the first virtual switch, recording the target SRv6SID of the second message into the tun _ ipv6_ dst field, and sending the message to the SRv6 port;
step 43, in the TABLE of segment address classification TABLE _ SID _ CLASSIFY flow TABLE, matching and shunting are performed according to the destination SRv6SID of the second message, and when the destination SRv6SID is SRv6SID of end.dt2u type, forwarding is performed according to the inner-layer destination MAC of the second message by a two-layer forwarding TABLE; and when the destination SRv6SID is the SRv6SID of the END.DT4 or END.DT6 type, forwarding the message through a three-layer forwarding table according to the inner-layer destination IP of the second message.
Further, when the destination SRv6SID of the second message is the SRv6SID of end.dt2m type, performing two-layer flooding to forward the second message.
Fig. 2 is a schematic structural diagram of a packet forwarding device based on SDN segment routing networking according to the present disclosure, and each functional module in the device 200 may be implemented by software, hardware, or a combination of software and hardware. The modules can be deployed on one hardware device to implement all the steps of the method, and can also be deployed on different hardware devices to implement one or several steps of the method by multiple hardware devices respectively so as to achieve the purpose of the invention disclosed by the disclosure. When the method is implemented by a plurality of hardware devices, the mutual cooperation among the hardware devices aims to realize the aim of the invention together, and the action and the processing result of one party determine the execution timing of the action of the other party and the possible obtained result, so that the modules can be logically regarded as having mutual command and control relation among each other.
The apparatus 200 is applied to a first virtual switch supporting a segment routing SRv6 protocol, the first virtual switch is hosted by a Software Defined Network (SDN) controller, and a virtual link layer network and a virtual router in which the first virtual switch is located are created by the SDN controller; the apparatus 200 comprises:
the first determining module 210 is configured to, after the first virtual switch receives a first packet sent by a source virtual machine through a downstream port, perform flow table matching on the first packet, and determine whether a destination MAC address of the first packet is a gateway MAC address based on a matching result;
a message forwarding module 220, configured to, when the destination MAC address is a gateway MAC address, match and forward the first message through a three-layer forwarding table; when the destination MAC address is a non-gateway MAC address, the first message is forwarded in a matching way through a two-layer forwarding table; when the first message is forwarded in a matching manner through a three-layer or two-layer forwarding table, if a target virtual machine is not directly connected to the first virtual machine switch, after SRv6 protocol encapsulation is carried out on the first message at a port SRv6, the first message is forwarded outwards through an Internal type virtual port; the internal type virtual port is configured with SRv6 node IP address, namely SRv6 segment identification SID.
Further, the packet forwarding module 220 includes a source-side two-layer forwarding sub-module 221, configured to forward the first packet through a two-layer forwarding table in a matching manner, where the two-layer forwarding sub-module 221 includes:
the first sub-judgment module is used for judging whether the virtual machine to which the destination MAC of the first message belongs is connected with the source virtual machine on the same virtual switch or not;
the first sub-forwarding module is used for directly sending a first message to an access port of a target virtual machine on a first virtual switch when judging that the first sub-forwarding module is connected to the same virtual switch;
the second sub-forwarding module is used for setting an IPv6 tunnel destination field tun _ IPv6_ dst in a flow table matched with the first message as the SRv6SID of the virtual switch to which the MAC of the first message destination belongs and sending the first message to the SRv6 port when judging that the first message is not connected to the same virtual switch;
a third sub-forwarding module, configured to perform SRv6 protocol encapsulation on the first packet at an SRv6 port, where an outer source address of the packet is SRv6SID of a virtual switch to which the source virtual machine belongs, and a destination address is a tun _ ipv6_ dst field value in a flow table matched with the first packet; and sending the first message out from the uplink port after encapsulation.
Further, the packet forwarding module 220 includes a source-side three-layer forwarding sub-module 222, configured to forward the first packet through a three-layer forwarding table in a matching manner, where the three-layer forwarding sub-module 222 includes:
the second sub-judgment module is used for judging whether the virtual machine to which the destination IP of the first message belongs is connected with the source virtual machine on the same virtual switch or not;
the fourth sub-forwarding module is used for directly sending the first message to an access port of a virtual machine to which the destination IP of the first message belongs on the first virtual switch when judging that the first message is connected to the same virtual switch;
the fifth sub-forwarding module is used for setting a tun _ ipv6_ dst field in the flow table to be SRv6SID of the virtual switch to which the IP of the first message belongs according to the flow table matched with the first message when the first message is judged not to be connected to the same virtual switch, and sending the first message to the SRv6 port;
a sixth sub-forwarding module, configured to perform SRv6 protocol encapsulation on the first packet at an SRv6 port, where an outer source address of the packet is SRv6SID of a virtual switch to which the source virtual machine belongs, and a destination address is a tun _ ipv6_ dst field value in a flow table matched with the first packet; and sending the first message out from the uplink port after encapsulation.
Further, the apparatus 200 further comprises: the second determining module 230 is configured to determine whether an outer layer destination IPv6 address of the second packet, that is, a destination SRv6SID, falls within a locator segment of the first virtual switch, if so, the packet forwarding module 220 is instructed to process the second packet, otherwise, the packet is discarded.
The message forwarding module 220 includes a destination message forwarding sub-module 225, configured to process a second message sent by the source virtual machine when the first virtual switch receives the second message through the upstream port, where the message forwarding module 220 includes:
the extraction submodule is used for recording the target SRv6SID of the second message into the tun _ ipv6_ dst field and sending the message to the SRv6 port when the judgment is that the target segment is in the locator segment of the first virtual switch;
the flow distribution forwarding module is used for matching and flow distribution according to the destination SRv6SID of the second message in the segment address classification TABLE _ SID _ CLASSIFY flow TABLE, and forwarding according to the inner-layer destination MAC of the second message through the two-layer forwarding TABLE when the destination SRv6SID is the SRv6SID of the END.DT2U type; and when the destination SRv6SID is the SRv6SID of the END.DT4 or END.DT6 type, forwarding the message through a three-layer forwarding table according to the inner-layer destination IP of the second message.
Further, when the destination SRv6SID of the second packet is the SRv6SID of end.dt2m type, the offloading and forwarding module performs two-layer flooding to forward the second packet.
Fig. 3 is a schematic structural diagram of an electronic device provided in the present disclosure, where the device 300 includes: a processor 310, such as a Central Processing Unit (CPU), a communication bus 320, a communication interface 340, and a storage medium 330. Wherein the processor 310 and the storage medium 330 may communicate with each other through a communication bus 320. The storage medium 330 stores therein a computer program that, when executed by the processor 310, performs the steps of the methods provided by the present disclosure.
The storage medium may include a Random Access Memory (RAM) or a Non-Volatile Memory (NVM), such as at least one disk Memory. In addition, the storage medium may be at least one memory device located remotely from the processor. The Processor may be a general-purpose Processor including a Central Processing Unit (CPU), a Network Processor (NP), etc.; but also Digital Signal Processors (DSPs), Application Specific Integrated Circuits (ASICs), Field Programmable Gate Arrays (FPGAs) or other Programmable logic devices, discrete Gate or transistor logic devices, discrete hardware components.
The technical scheme disclosed by the invention can support SRv6 protocol to carry Overlay service in the SDN network of the Openflow protocol and Open VSwitch combined networking. According to the technical scheme, SRv6 protocol stacks are added on the OVS, SRv6 protocol Function field distribution functions of an Overlay network are added on the SDN controller, and the Openflow protocol is used for solving the problem of SRv6 forwarding under the SDN network architecture.
Drawings
In order to more clearly illustrate the embodiments of the present disclosure or the technical solutions in the prior art, the drawings needed to be used in the description of the embodiments of the present disclosure or the prior art will be briefly described below, it is obvious that the drawings in the following description are only some embodiments described in the present disclosure, and other drawings can be obtained by those skilled in the art according to the drawings of the embodiments of the present disclosure.
Fig. 1 is a flowchart illustrating steps of a packet forwarding method based on SDN segment routing networking according to the present disclosure;
fig. 2 is a schematic structural diagram of a packet forwarding device based on SDN segment routing networking according to the present disclosure;
fig. 3 is a schematic structural diagram of an electronic device provided in the present disclosure;
fig. 4 is a schematic diagram illustrating forwarding of SRv6 messages inside an OVS according to an embodiment of the present disclosure;
fig. 5 is a schematic flow chart of forwarding a packet through an OVS downlink port in an SDN SRv6 networking according to an embodiment of the present disclosure;
fig. 6 is a processing step of two-layer forwarding, which is required when the downlink port performs a message destination MAC that is a non-gateway MAC in the embodiment of the present disclosure;
fig. 7 is a processing step in which a message destination MAC is a gateway MAC and three-layer forwarding is required at a downlink port in the embodiment of the present disclosure;
fig. 8 is a processing step after an OVS uplink port in an SDN network receives a packet in an embodiment of the present disclosure;
fig. 9 is a flowchart illustrating a step of performing service offloading by the SDN SRv6 network virtual switch according to the SID type in an embodiment of the present disclosure.
Detailed Description
The terminology used in the embodiments of the present disclosure is for the purpose of describing particular embodiments only and is not intended to be limiting of the embodiments of the present disclosure. As used in the embodiments of the present disclosure, the singular forms "a," "an," and "the" are intended to include the plural forms as well, unless the context clearly indicates otherwise. The term "and/or" as used in this disclosure is meant to encompass any and all possible combinations of one or more of the associated listed items.
It is to be understood that although the terms first, second, third, etc. may be used herein to describe various information in the embodiments of the present disclosure, such information should not be limited by these terms. These terms are only used to distinguish one type of information from another. For example, first information may also be referred to as second information, and similarly, second information may also be referred to as first information, without departing from the scope of embodiments of the present disclosure. Depending on the context, moreover, the word "if" as used may be interpreted as "at … …" or "when … …" or "in response to a determination".
The purpose of the disclosure is to support SRv6 protocol to carry Overlay service in an SDN network formed by combining an Openflow protocol and an Open VSwitch (OVS for short). The basic idea of the technical scheme of the disclosure is as follows: an SRv6 protocol stack is added on an OVS, a SRv6 protocol Function field distribution Function of an Overlay network is added on an SDN controller, and an Openflow protocol is used for solving the problem of SRv6 forwarding under an SDN network architecture.
Fig. 4 is a schematic diagram illustrating forwarding of SRv6 messages within an OVS according to an embodiment of the present disclosure, in this embodiment, a virtual machine 1 and a virtual machine 2 are connected to the same OVS, and a curve with an arrow in the diagram is a forwarding path of SRv6 messages in which the virtual machine 2 and a device other than a server where the OVS is located perform information communication. The OVS in the embodiment of the present disclosure supports newly added SRv6 ports, and the OVS protocol stack supports identification of SRv6 messages, so that SRv6 messages can be encapsulated and decapsulated at a SRv6 port.
In order to support SRv6 protocol to carry Overlay service in an SDN network, the message processing steps on the OVS where the source virtual machine is located and the OVS where the destination virtual machine is located need to be improved. The message processing steps on the source OVS are as follows:
the method comprises the following steps that 1, the OVS is connected with the SDN controller through an Openflow protocol, and the SDN controller manages an OVS virtual switch supporting SRv6 protocol.
Step 2, the SDN controller creates a virtual link layer network and a virtual router (abbreviated as network/router), and allocates SRv6SID to the created network/router;
network/router refers to a virtual link layer network and a virtual router in Openstack. Virtual machines in the same Virtual link layer Network can be intercommunicated in two layers (corresponding to Virtual Switch Instance, VSI), and Virtual machines in the same Virtual router can be intercommunicated in three layers (corresponding to Virtual Private Network, VPN).
SRv6 Segment SRv6 address is in the form of IPv6 address, and can be also called SRv6SID (Segment identifier) generally, SRv6SID is composed of Locator and Function. The Locator is used for determining the subnet where the next hop node is located, and each subnet is provided with a default router, so that the next hop router can be determined according to the subnet address. The Function represents device instructions, which are preset by the device, and the Function part is used for instructing SRv6SID generating nodes to perform corresponding Function operations, such as forwarding packets, executing specific services, and the like.
SRv6 SIDs are of many types, with different types of SRv6 SIDs representing different functions. For example, the SRv6SID type of the virtual link layer network may be end.dt2u or end.dt2m type, and the SRv6SID type of the virtual router may be end.dt4 or end.dt6, etc. The definition and distinction of different SID types are referred to SRv6 protocol, and this disclosure will not be described in detail.
In the embodiment of the disclosure, the OVS supports configuration of SRv6 node IP address, that is, SRv6SID, on the internal type virtual port, SRv6SID is configured to indicate that this node is a SRv6 node, and the network segment to which SRv6SID belongs represents the Locator of the OVS.
And 3, after detecting that the virtual port is online, the SDN controller issues a flow table to the OVS where the online virtual port is located.
Step 4, after the downlink port of the OVS1 receives the message sent by the local virtual machine (such as the virtual machine 1), performing flow table matching on the message, and performing two-layer or three-layer forwarding according to the target MAC address of the matched message;
in this step, it is assumed that the virtual machine 1 sends a message to the OVS1 through the virtual port 1, the sent message may be subjected to flow table matching according to the destination MAC of the message, and if a two-layer MAC forwarding table entry is matched, the message is directly forwarded. If the two-layer MAC forwarding table entry is not matched, but the MAC of the gateway is matched, the three-layer forwarding table is subjected to three-layer forwarding based on the destination IP.
Fig. 5 is a schematic flow chart of forwarding a packet through an OVS downlink port in an SDN SRv6 networking in an embodiment of the present disclosure, where the forwarding step is as follows:
step 501, after receiving the message 1 sent by the virtual machine 1, the downlink port of the OVS1 matches the flow table;
step 502, judging whether the destination MAC address of the message 1 is a gateway MAC address or not based on the flow table matching result, if so, executing step 503, otherwise, executing step 504;
step 503, matching the destination IP address of the message in the three-layer forwarding table for forwarding.
And step 504, the destination MAC address of the message is matched in the two-layer forwarding table for forwarding.
Fig. 6 is a processing step of two-layer forwarding, which is required when the downlink port performs a non-gateway MAC on the MAC of the message destination in the embodiment of the present disclosure, specifically including the following steps:
step 5041, judging whether the virtual machine to which the destination MAC of the message 1 belongs is connected to the same OVS as the virtual machine which sends the message 1, if so, executing step 5042, otherwise, executing step 5043;
step 5042, directly sending the message 1 to an access port of the virtual machine to which the destination MAC of the message 1 belongs on the OVS, without performing outer layer SRv6 protocol encapsulation;
when the virtual machine to which the destination MAC address of the message belongs is also connected to the OVS1 connected to the virtual machine that sends the message 1, for example, when the virtual machine 1 in fig. 4 sends the message to the virtual machine 2 connected to the same OVS, the two-layer forwarding may be directly performed without the processing of SRv6 encapsulation. Although both virtual machines are connected to the same OVS, the ports of the two virtual machines are different, and therefore, the flows need to be matched and transferred on the OVS.
Step 5043, setting tun _ ipv6_ dst in the flow table matched with the message 1 as SRv6SID to which the MAC of the message 1 belongs, and sending the message 1 to a SRv6 port;
this step corresponds to a scenario where the virtual machine to which the destination MAC of the packet 1 belongs is located on another OVS in the local two-tier network, and since the packet is forwarded across OVSs, SRv6 encapsulation is required. The value of the IPv6 tunnel destination field, namely, tun _ IPv6_ dst address field in the Openflow flow table is set by the SDN controller, and is the SRv6SID of the OVS where the destination virtual machine is located, and the value is composed of: the Locator of the OVS where the destination virtual machine is located and the end.DT2U of the network to which the destination virtual machine belongs.
Step 5044, at port SRv6, performing SRv6 protocol encapsulation on the message 1, where the source address of the message is SRv6SID of SRv6 node of OVS to which the source virtual machine belongs, and the destination address is tun _ ipv6_ dst field value in the Openflow flow table matched with the message 1, and sending the message 1 out from the upstream port;
in this step, after receiving the message 1, the SRv6 port performs SRv6 outer layer encapsulation on the message 1 according to the tun _ ipv6_ dst set in the Openflow flow table. And encapsulating the destination address of the outer layer of the message into tun _ ipv6_ dst specified by Openflow, wherein the source IP of the outer layer encapsulation is the node SRv6SID (IP address of SRv6 port) of the OVS. The SRv6 message after being packaged is transmitted from the up port after being packaged from the Internal port to the protocol stack.
Fig. 7 is a processing step in which a destination MAC of a message in the embodiment of the present disclosure is a gateway MAC and three-layer forwarding is required at a downlink port, where the processing step specifically includes:
step 5031, judging whether the virtual machine to which the destination IP of the message 1 belongs is connected to the same OVS as the virtual machine sending the message 1, if so, executing step 5032, otherwise, executing step 5033;
the step is used for judging whether a source virtual machine sending the message 1 and a destination virtual machine receiving the message 1 are connected to the same OVS, if the source virtual machine and the destination virtual machine are on the same OVS, local three-layer forwarding is carried out, and if the source virtual machine and the destination virtual machine are not on the same OVS, three-layer SRv6 protocol encapsulation forwarding across the OVS is carried out.
Step 5032, directly sending the message 1 to an access port of the virtual machine to which the destination IP of the message 1 belongs on the OVS without performing external SRv6 protocol encapsulation;
the step corresponds to a scene of three-layer forwarding on the same OVS, and the matching forwarding can be carried out on a three-layer forwarding table by using the message 1 destination IP, and the SRv6 protocol encapsulation forwarding is not needed.
Step 5033, according to the Openflow flow table matched with the message 1, setting the tun _ ipv6_ dst field in the flow table as SRv6SID (end.dt4/DT 6 of destination OVS Locator + router) of the OVS to which the destination IP of the message 1 belongs, and sending the message 1 to the SRv6 port.
This step corresponds to a forwarding scenario of a three-layer SRv6 message across the OVS, and the message needs to be forwarded after SRv6 encapsulation. The SDN controller sets a value of a tun _ IPv6_ dst address field of an IPv6 tunnel in an Openflow flow table according to an OVS of a destination virtual machine corresponding to an IP of a message destination and router information (that is, which VPN each VPN corresponds to a Function of end.dt4 or end.dt6 type) of the destination virtual machine belongs to, and the value is composed of a Locator of the OVS of the destination virtual machine corresponding to the IP destination and an end.dt4/DT 6Function of the VPN.
Step 5034, SRv6 message encapsulation is performed, the source address of the message is SRv6 node IP of the OVS where the source virtual machine is located, that is, SRv6SID of the source OVS, and the destination address is the field value of tun _ ipv6_ dst specified in the Openflow flow table, and the message 1 is sent out from the upstream port.
Fig. 8 is a processing step after an OVS uplink port in the SDN network receives a message in an embodiment of the present disclosure, for example, an OVS where a target virtual machine is located is OVS2, and a processing flow of an OVS2 uplink port receiving a message 1 sent by OVS1 is as follows:
step 801: after an uplink port of an OVS where a target virtual machine is located receives a message 1 sent by a source virtual machine, sending the message 1 to a protocol stack;
step 802: judging whether the outer layer destination IPv6 address of the message 1 falls within the locator network segment of the OVS, if so, executing the step 803, otherwise, discarding;
step 803: analyzing the message 1, recording an SRv6 outer layer destination IP address of the message 1 into a tun _ ipv6_ dst field of an Openflow protocol, and sending the message to a SRv6 port;
the tun _ ipv6_ dst field is an Openflow protocol field for subsequent packet forwarding. The standard Openflow protocol will resolve whether there is this field in the subsequent flow table or not, because the OVS does not know whether the subsequent controller will issue the flow table carrying this field or not.
And the flow table used for guiding the message forwarding is issued to the OVS by the controller. All ports of the OVS are added to a bridge of the OVS, and port access messages added to the bridge are matched with an Openflow flow table of the OVS.
Step 804: in the TABLE of TABLE _ SID _ CLASSIFY flow TABLE of segment address classification, matching and shunting are performed according to tun _ ipv6_ dst field of message 1, and when SRv6SID of end.dt2u type is matched, step 805 is executed; when SRv6 SIDs of END.DT4 or END.DT6 type are matched, execute step 806;
the message 1 sends the message to a forwarding TABLE corresponding to the SID type according to the SID type of the matched TABLE _ SID _ CLASSIFY flow TABLE, for example, the end.dt4 or end.dt6 type corresponds to a three-layer forwarding TABLE, and the end.dt2u type corresponds to a two-layer forwarding TABLE.
Step 805: directly matching the destination MAC address of the inner layer of the message 1 in a two-layer forwarding table, and sending the destination MAC address to a port where a virtual machine to which the destination MAC belongs is located;
step 806: directly matching the destination IP address of the inner layer of the message in the three-layer forwarding table, and sending the destination IP address to the port of the virtual machine to which the destination IP belongs;
fig. 9 is a flowchart of a step of performing traffic offload by the SDN SRv6 network virtual switch according to SID type in an embodiment of the present disclosure, and in step 804, in the TABLE _ SID _ CLASSIFY flow TABLE, an example of performing traffic offload according to the tu _ ipv6_ dst field of the packet is as follows:
example of splitting according to SRv6SID
table=TABLE_SID_CLASSIFY,tun_ipv6_dst=2001:0:1:2::1,goto_table:TABLE_MAC_FORWARD
The SRv6 outer layer destination IP address of the message 1 is SRv6SID actually, after it is written into the tun _ ipv6_ dst field, matching is performed in the TABLE _ SID _ CLASSIFY flow TABLE according to the field, for example, when the tun _ ipv6_ dst is 2001:0:1:2::1, the Locator of the SID is 2001:0:1, the Function is "2: 1", which corresponds to the SID of the END.DT2U type, so the message 1 is sent to the corresponding two-layer forwarding TABLE according to the flow TABLE for forwarding.
table=TABLE_SID_CLASSIFY,tun_ipv6_dst=2001:0:1:2::2,goto_table:Table_Flood
Similarly, the Function is "2:: 2" corresponding to the SID of end.dt2m type, so that the message 1 is flooded by L2 layer according to the flow table.
table=TABLE_SID_CLASSIFY,tun_ipv6_dst=2001:0:1:3::1,goto_table:Table_IP_FORWARD
Similarly, the Function is "3: 1" corresponding to SID of END.DT4 or END.DT6 type, so that the message 1 is sent to an L3 layer IP forwarding table for forwarding according to the flow table.
An example of a two-layer forwarding table is as follows:
table=TABLE_MAC_FORWARD,dl_dst=“00:04:23:e4:97:20”,actions=set_field:2001:0:1::1->tun_ipv6_src,set_field:2001:0:3:2::1->tun_ipv6_dst,output:“srv6-port”.
decapsulate the packet 1 at the port SRv6, expose the inner packet, extract the destination MAC address of the inner packet, perform corresponding forwarding actions after matching in the forwarding table, for example, in the above two-layer forwarding table entry, the destination MAC of the inner packet is "00: 04:23: e4:97: 20", when matching the entry, perform actions of setting the packet outer source SRv6SID to "2001: 0: 1", setting the packet outer destination SRv6SID to "2001: 0:3:2: 1", and then forward the entry through the port SRv6, where the entry corresponds to the situation that the destination virtual machine is not in the local OVS.
table=TABLE_MAC_FORWARD,dl_dst="00:04:23:b7:17:be",actions:output:”tapvm2”
The above table entry example corresponds to the case that the destination virtual machine is on the local OVS, and the message is forwarded from the port tapvm2 connected to the virtual machine.
Example of three-tier forwarding:
table=Table_IP_FORWARD eth_type=ipv6,ipv6_dst=“2::1”,actions=set_field:2001:0:1::1->tun_ipv6_src,set_field:2001:0:3:3::2->tun_ipv6_dst,output:“srv6-port”
in the above example, when the virtual machine to which the destination IP address in the inner layer of the message belongs is not connected to the local OVS, the message needs to be encapsulated by the SRv6 protocol and then forwarded to the OVS in which the destination virtual machine is located from the SRv6 port.
table=Table_IP_FORWARD,eth_type=ipv6,ipv6_dst="2001::204:23ff:feb7:17be",actions:output:”tapvm2”
The above example corresponds to a case where a virtual machine to which a destination IP address in an inner layer of a message belongs is connected on a local OVS, and the message is directly forwarded to the destination virtual machine through a port where the destination virtual machine is located.
According to the method, SRv6 protocol stacks are added on the OVS, SRv6Function distribution of an Overlay network is added to the SDN controller, and SRv6 forwarding under an SDN pure soft architecture is achieved by using a standard Openflow protocol. The deployed IPv6 hardware equipment does not need to be replaced by hardware equipment supporting SRv6, and only the version of the virtual switch vSwitch and the controller software needs to be upgraded on the original network, so that SRv6 can be supported.
It should be recognized that embodiments of the present disclosure can be realized and implemented by computer hardware, a combination of hardware and software, or by computer instructions stored in a non-transitory memory. The method may be implemented in a computer program using standard programming techniques, including a non-transitory storage medium configured with the computer program, where the storage medium so configured causes a computer to operate in a specific and predefined manner. Each program may be implemented in a high level procedural or object oriented programming language to communicate with a computer system. However, the program(s) can be implemented in assembly or machine language, if desired. In any case, the language may be a compiled or interpreted language. Furthermore, the program can be run on a programmed application specific integrated circuit for this purpose. Further, operations of processes described by the present disclosure may be performed in any suitable order unless otherwise indicated herein or otherwise clearly contradicted by context. The processes described in this disclosure (or variations and/or combinations thereof) may be performed under the control of one or more computer systems configured with executable instructions and may be implemented as code (e.g., executable instructions, one or more computer programs, or one or more applications) executing collectively on one or more processors, by hardware, or combinations thereof. The computer program includes a plurality of instructions executable by one or more processors.
Further, the method may be implemented in any type of computing platform operatively connected to a suitable interface, including but not limited to a personal computer, mini computer, mainframe, workstation, networked or distributed computing environment, separate or integrated computer platform, or in communication with a charged particle tool or other imaging device, and the like. Aspects of the disclosure may be embodied in machine-readable code stored on a non-transitory storage medium or device, whether removable or integrated into a computing platform, such as a hard disk, optically read and/or write storage medium, RAM, ROM, or the like, such that it may be read by a programmable computer, which when read by the storage medium or device, is operative to configure and operate the computer to perform the procedures described herein. Further, the machine-readable code, or portions thereof, may be transmitted over a wired or wireless network. The invention described in this disclosure includes these and other different types of non-transitory computer-readable storage media when such media include instructions or programs that implement the steps described above in conjunction with a microprocessor or other data processor. The disclosure also includes the computer itself when programmed according to the methods and techniques described in this disclosure.
The above description is only an example of the present disclosure and is not intended to limit the present disclosure. Various modifications and variations of this disclosure will be apparent to those skilled in the art. Any modification, equivalent replacement, improvement, etc. made within the spirit and principle of the present disclosure should be included in the protection scope of the present disclosure.

Claims (10)

1. A message forwarding method based on SDN segment routing networking is characterized by comprising the following steps:
a first virtual switch supporting a segment routing SRv6 protocol is hosted by a Software Defined Network (SDN) controller, and a virtual link layer network and a virtual router in which the first virtual switch is located are created by the SDN controller;
after the first virtual switch receives a first message sent by a source virtual machine through a downlink port, flow table matching is carried out on the first message, and whether a destination MAC address of the first message is a gateway MAC address or not is judged based on a matching result;
when the destination MAC address is a gateway MAC address, the first message is forwarded in a matching way through a three-layer forwarding table; when the destination MAC address is a non-gateway MAC address, the first message is forwarded in a matching way through a two-layer forwarding table;
when the first message is forwarded in a matching manner through a three-layer or two-layer forwarding table, if a target virtual machine is not directly connected to the first virtual machine switch, after SRv6 protocol encapsulation is carried out on the first message at a port SRv6, the first message is forwarded outwards through an Internal type virtual port; and the internal type virtual port is configured with SRv6 node IP addresses, namely SRv6 segment identification SIDs.
2. The method of claim 1, wherein the forwarding the first packet through the two-layer forwarding table matching comprises:
judging whether a virtual machine to which the destination MAC of the first message belongs is connected with the source virtual machine on the same virtual switch or not;
when judging that the virtual machines are connected to the same virtual switch, directly sending a first message to an access port of a target virtual machine on the first virtual switch;
when judging that the first message is not connected to the same virtual switch, setting an IPv6 tunnel destination field tun _ IPv6_ dst in a flow table matched with the first message as a SRv6SID of the virtual switch to which the MAC of the first message destination belongs, and sending the first message to a SRv6 port;
performing SRv6 protocol encapsulation on the first message at an SRv6 port, wherein an outer layer source address of the message is SRv6SID of a virtual switch to which the source virtual machine belongs, and a destination address is a tun _ ipv6_ dst field value in a flow table matched with the first message; and sending the first message out from the uplink port after encapsulation.
3. The method of claim 1, wherein the forwarding the first packet through the three-layer forwarding table matching comprises:
judging whether the virtual machine to which the destination IP of the first message belongs is connected with the source virtual machine on the same virtual switch or not;
when judging that the connection is carried out on the same virtual switch, directly sending the first message to an access port of a virtual machine to which a target IP of the first message belongs on the first virtual switch;
when judging that the virtual switches are not connected to the same virtual switch, according to the flow table matched with the first message, setting a tun _ ipv6_ dst field in the flow table to be SRv6SID of the virtual switch to which the IP of the first message belongs, and sending the first message to a SRv6 port;
performing SRv6 protocol encapsulation on the first message at an SRv6 port, wherein an outer layer source address of the message is SRv6SID of a virtual switch to which the source virtual machine belongs, and a destination address is a tun _ ipv6_ dst field value in a flow table matched with the first message; and sending the first message out from the uplink port after encapsulation.
4. The method of claim 1, wherein when the first virtual switch receives a second packet sent by a source virtual machine through an upstream port, the method further comprises:
judging whether an outer layer destination IPv6 address, namely a destination SRv6SID of the second message falls into a locator network segment of the first virtual switch;
when the message is judged to be in the locator network segment of the first virtual switch, recording the destination SRv6SID of the second message into the tun _ ipv6_ dst field, and sending the message to the SRv6 port;
in the segment address classification TABLE _ SID _ CLASSIFY flow TABLE, matching and shunting are carried out according to the target SRv6SID of the second message, and when the target SRv6SID is SRv6SID of an end.DT2U type, forwarding is carried out through a two-layer forwarding TABLE according to the inner-layer target MAC of the second message; and when the destination SRv6SID is the SRv6SID of the END.DT4 or END.DT6 type, forwarding the message through a three-layer forwarding table according to the inner-layer destination IP of the second message.
5. The method of claim 4,
and when the destination SRv6SID of the second message is the SRv6SID of the END.DT2M type, performing two-layer flooding to forward the second message.
6. A message forwarding device based on SDN segment routing networking is characterized in that the device is applied to a first virtual switch supporting a segment routing SRv6 protocol, the first virtual switch is managed by a Software Defined Network (SDN) controller, and a virtual link layer network where the first virtual switch is located and a virtual router are created by the SDN controller; the device includes:
the first judging module is used for performing flow table matching on a first message after the first virtual switch receives the first message sent by the source virtual machine through the downlink port, and judging whether a destination MAC address of the first message is a gateway MAC address or not based on a matching result;
the message forwarding module is used for matching and forwarding the first message through a three-layer forwarding table when the destination MAC address is a gateway MAC address; when the destination MAC address is a non-gateway MAC address, the first message is forwarded in a matching way through a two-layer forwarding table; when the first message is forwarded in a matching manner through a three-layer or two-layer forwarding table, if a target virtual machine is not directly connected to the first virtual machine switch, after SRv6 protocol encapsulation is carried out on the first message at a port SRv6, the first message is forwarded outwards through an Internal type virtual port; and the internal type virtual port is configured with SRv6 node IP addresses, namely SRv6 segment identification SIDs.
7. The apparatus of claim 6, wherein the packet forwarding module comprises a source-side two-layer forwarding sub-module, configured to forward the first packet through a two-layer forwarding table matching, and wherein the two-layer forwarding sub-module comprises:
the first sub-judgment module is used for judging whether the virtual machine to which the destination MAC of the first message belongs is connected with the source virtual machine on the same virtual switch or not;
the first sub-forwarding module is used for directly sending a first message to an access port of a target virtual machine on a first virtual switch when judging that the first sub-forwarding module is connected to the same virtual switch;
the second sub-forwarding module is used for setting an IPv6 tunnel destination field tun _ IPv6_ dst in a flow table matched with the first message as the SRv6SID of the virtual switch to which the MAC of the first message destination belongs and sending the first message to the SRv6 port when judging that the first message is not connected to the same virtual switch;
a third sub-forwarding module, configured to perform SRv6 protocol encapsulation on the first packet at an SRv6 port, where an outer source address of the packet is SRv6SID of a virtual switch to which the source virtual machine belongs, and a destination address is a tun _ ipv6_ dst field value in a flow table matched with the first packet; and sending the first message out from the uplink port after encapsulation.
8. The apparatus of claim 6, wherein the packet forwarding module comprises a source-side three-layer forwarding sub-module, configured to forward the first packet through a three-layer forwarding table matching, and wherein the three-layer forwarding sub-module comprises:
the second sub-judgment module is used for judging whether the virtual machine to which the destination IP of the first message belongs is connected with the source virtual machine on the same virtual switch or not;
the fourth sub-forwarding module is used for directly sending the first message to an access port of a virtual machine to which the destination IP of the first message belongs on the first virtual switch when judging that the first message is connected to the same virtual switch;
the fifth sub-forwarding module is used for setting a tun _ ipv6_ dst field in the flow table to be SRv6SID of the virtual switch to which the IP of the first message belongs according to the flow table matched with the first message when the first message is judged not to be connected to the same virtual switch, and sending the first message to the SRv6 port;
a sixth sub-forwarding module, configured to perform SRv6 protocol encapsulation on the first packet at an SRv6 port, where an outer source address of the packet is SRv6SID of a virtual switch to which the source virtual machine belongs, and a destination address is a tun _ ipv6_ dst field value in a flow table matched with the first packet; and sending the first message out from the uplink port after encapsulation.
9. An electronic device is characterized by comprising a processor, a communication interface, a storage medium and a communication bus, wherein the processor, the communication interface and the storage medium are communicated with each other through the communication bus;
a storage medium for storing a computer program;
a processor for performing the method steps of any one of claims 1 to 5 when executing a computer program stored on a storage medium.
10. A storage medium on which a computer program is stored which, when being executed by a processor, carries out the method steps of any one of claims 1 to 5.
CN202110334569.1A 2021-03-29 2021-03-29 Message forwarding method and device based on SDN (software defined network) segment routing networking and storage medium Active CN113194033B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202110334569.1A CN113194033B (en) 2021-03-29 2021-03-29 Message forwarding method and device based on SDN (software defined network) segment routing networking and storage medium

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202110334569.1A CN113194033B (en) 2021-03-29 2021-03-29 Message forwarding method and device based on SDN (software defined network) segment routing networking and storage medium

Publications (2)

Publication Number Publication Date
CN113194033A true CN113194033A (en) 2021-07-30
CN113194033B CN113194033B (en) 2022-04-01

Family

ID=76974154

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202110334569.1A Active CN113194033B (en) 2021-03-29 2021-03-29 Message forwarding method and device based on SDN (software defined network) segment routing networking and storage medium

Country Status (1)

Country Link
CN (1) CN113194033B (en)

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN114640555A (en) * 2022-02-24 2022-06-17 联想(北京)有限公司 Information processing method, virtual machine cluster and system
CN115412512A (en) * 2022-10-31 2022-11-29 浙江九州云信息科技有限公司 IPv 6-based multi-cloud cross-network intercommunication method and device

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103139077A (en) * 2011-11-28 2013-06-05 百度在线网络技术(北京)有限公司 Method and system and device for expanding IPv6 virtual router
CN106713137A (en) * 2015-11-13 2017-05-24 中国电信股份有限公司 VPN method based on segment routing and SDN technology and device and system thereof
CN109257372A (en) * 2018-10-29 2019-01-22 深信服科技股份有限公司 Message forwarding method, equipment, storage medium and device based on the network integration
US20190280960A1 (en) * 2016-05-20 2019-09-12 Telefonaktiebolaget Lm Ericsson (Publ) Method And Apparatus For Segment Routing And RSVP-TE Routing In Transport SDN Networks
CN111713079A (en) * 2018-10-22 2020-09-25 思科技术公司 Packet network interworking including segment routing

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103139077A (en) * 2011-11-28 2013-06-05 百度在线网络技术(北京)有限公司 Method and system and device for expanding IPv6 virtual router
CN106713137A (en) * 2015-11-13 2017-05-24 中国电信股份有限公司 VPN method based on segment routing and SDN technology and device and system thereof
US20190280960A1 (en) * 2016-05-20 2019-09-12 Telefonaktiebolaget Lm Ericsson (Publ) Method And Apparatus For Segment Routing And RSVP-TE Routing In Transport SDN Networks
CN111713079A (en) * 2018-10-22 2020-09-25 思科技术公司 Packet network interworking including segment routing
CN109257372A (en) * 2018-10-29 2019-01-22 深信服科技股份有限公司 Message forwarding method, equipment, storage medium and device based on the network integration

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN114640555A (en) * 2022-02-24 2022-06-17 联想(北京)有限公司 Information processing method, virtual machine cluster and system
CN115412512A (en) * 2022-10-31 2022-11-29 浙江九州云信息科技有限公司 IPv 6-based multi-cloud cross-network intercommunication method and device

Also Published As

Publication number Publication date
CN113194033B (en) 2022-04-01

Similar Documents

Publication Publication Date Title
CN109873760B (en) Method and device for processing route, and method and device for data transmission
CN110784411B (en) Method, device and system for establishing BIER forwarding table item
CN113055290B (en) Message forwarding method, device and system based on Service Function Chain (SFC)
CN106330714B (en) Method and device for realizing service function chain
EP3070895B1 (en) Encapsulation method and system for flow identifier
CN113207192B (en) Message forwarding method and device
US7082140B1 (en) System, device and method for supporting a label switched path across a non-MPLS compliant segment
CN113259238B (en) Method and device for processing segment identifiers
CN112019433B (en) Message forwarding method and device
CN113194033B (en) Message forwarding method and device based on SDN (software defined network) segment routing networking and storage medium
CN111953604A (en) Method and device for providing service for service flow
EP4207685A1 (en) Message header processing method and apparatus, storage medium and electronic device
CN112511431B (en) Routing flow fusion method for virtual network simulation
US10454882B2 (en) DHCP in layer-3 overlay with anycast address support and network address transparency
EP3920512A1 (en) Transmission method and device for message
CN112737954B (en) Message processing method, device, system, equipment and storage medium
EP4030698A1 (en) Packet processing method, device, system and apparatus as well as storage medium
CN112910771B (en) Connection establishment method, device, equipment and storage medium
CN113055268A (en) Method, device, equipment and medium for tunnel traffic load balancing
CN114006860B (en) User access method, system and device
CN114915580B (en) Data packet routing method and system
CN114915591B (en) End-to-end service guarantee method and system
CN114785725B (en) Micro-segmentation strategy route learning method, message forwarding method and device
CN110995623B (en) Method for controlling flooding between data centers and first switch
US20230164073A1 (en) Systems and Methods for Tunneling Network Traffic to Apply Network Functions

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant