CN114679370A - Server hosting method, device, system and storage medium - Google Patents

Server hosting method, device, system and storage medium Download PDF

Info

Publication number
CN114679370A
CN114679370A CN202110555356.1A CN202110555356A CN114679370A CN 114679370 A CN114679370 A CN 114679370A CN 202110555356 A CN202110555356 A CN 202110555356A CN 114679370 A CN114679370 A CN 114679370A
Authority
CN
China
Prior art keywords
network
gateway device
server
communication information
hosting
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN202110555356.1A
Other languages
Chinese (zh)
Other versions
CN114679370B (en
Inventor
杨志华
刘稚洁
陆素建
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Tencent Cloud Computing Beijing Co Ltd
Original Assignee
Tencent Cloud Computing Beijing Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Tencent Cloud Computing Beijing Co Ltd filed Critical Tencent Cloud Computing Beijing Co Ltd
Priority to CN202110555356.1A priority Critical patent/CN114679370B/en
Publication of CN114679370A publication Critical patent/CN114679370A/en
Application granted granted Critical
Publication of CN114679370B publication Critical patent/CN114679370B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L41/00Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
    • H04L41/04Network management architectures or arrangements
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L12/00Data switching networks
    • H04L12/66Arrangements for connecting between networks having differing types of switching systems, e.g. gateways
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/02Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
    • H04L63/0272Virtual private networks

Abstract

The application discloses a server hosting method, a server hosting device, a server hosting system and a storage medium. The server hosting method comprises the following steps: receiving first communication information sent by a hosting server, wherein the first communication information carries a first internet protocol address of first network equipment used for receiving the first communication information, the hosting server is hosted to a first virtual private network of a first tenant, and the first network equipment corresponds to a second virtual private network of a second tenant; searching a second internet protocol address of a second gateway device corresponding to the first network device identified by the first internet protocol address, wherein the second gateway device is located in a second virtual private network of a second tenant; and sending the first communication information to the first network equipment through the second gateway equipment identified by the second internet protocol address. By the method, multi-tenant isolation can be realized on the basis of reducing cost.

Description

Server hosting method, device, system and storage medium
Technical Field
The present application relates to the field of communications technologies, and in particular, to a server hosting method, apparatus, system, and storage medium.
Background
The server hosting is a service form provided by an Internet Data Center (Internet Data Center, abbreviated as IDC) service provider or a cloud service provider, and a tenant can host a self-owned server in a machine room of the IDC service provider or the cloud service provider. If the tenant has an isolation requirement, multi-tenant isolation needs to be realized in a mode of monopolizing network equipment, so that the cost is high.
Disclosure of Invention
The application discloses a server hosting method, a server hosting device, a server hosting system and a storage medium, which can realize multi-tenant isolation on the basis of reducing cost.
In a first aspect, an embodiment of the present application provides a server hosting method, where the method is applied to a first gateway device, a server hosting system to which the first gateway device belongs at least includes a hosting server, the first gateway device, a second gateway device, and a first network device, the hosting server is hosted to a first virtual private network of a first tenant, the first virtual private network at least includes the first gateway device, the first network device corresponds to a second virtual private network of a second tenant, and the second virtual private network at least includes the second gateway device, and the method includes:
receiving first communication information sent by a hosting server, wherein the first communication information carries a first internet protocol address of first network equipment used for receiving the first communication information;
Searching a second internet protocol address of a second gateway device corresponding to the first network device identified by the first internet protocol address;
and sending the first communication information to the first network equipment through the second gateway equipment identified by the second internet protocol address.
In a second aspect, an embodiment of the present application provides a server hosting method, where the method is applied to a first gateway device, a server hosting system to which the first gateway device belongs at least includes a hosting server, the first gateway device, and a second network device, the hosting server is hosted to a first virtual private network of a first tenant, the first virtual private network at least includes the first gateway device, and the second network device corresponds to the first virtual private network, and the method includes:
receiving second communication information sent by the hosting server, wherein the second communication information carries a third internet protocol address of second network equipment used for receiving the second communication information;
and sending the second communication information to the second network equipment.
In a third aspect, an embodiment of the present application provides a server hosting method, where the method is applied to a first gateway device, a server hosting system to which the first gateway device belongs at least includes a hosting server and the first gateway device, the hosting server is hosted to a first virtual private network of a first tenant, and the first virtual private network at least includes the first gateway device, and the method includes:
Receiving third communication information sent by the hosting server, wherein the third communication information carries a network address of the internet;
and sending the third communication information to each network device in the internet identified by the network address.
In a fourth aspect, an embodiment of the present application provides a server hosting system, which at least includes a hosting server, a first gateway device, a second gateway device, and a first network device, where the hosting server is hosted to a first virtual private network of a first tenant, the first virtual private network at least includes the first gateway device, the first network device corresponds to a second virtual private network of a second tenant, and the second virtual private network at least includes the second gateway device, where:
the method comprises the steps that a hosting server sends first communication information to first gateway equipment, wherein the first communication information carries a first internet protocol address of first network equipment;
the first gateway device searches a second internet protocol address of a second gateway device corresponding to the first network device identified by the first internet protocol address;
the first gateway equipment sends the first communication information to second gateway equipment identified by a second Internet protocol address;
The second gateway device sends the first communication to the first network device identified by the first internet protocol address.
In a fifth aspect, an embodiment of the present application provides a server hosting apparatus, where the server hosting apparatus may be a first gateway device, and may also be an apparatus in the first gateway device. The server hosting system to which the first gateway device belongs at least comprises a hosting server, a first gateway device, a second gateway device and a first network device, wherein the hosting server is hosted to a first virtual private network of a first tenant, the first virtual private network at least comprises the first gateway device, the first network device corresponds to a second virtual private network of a second tenant, and the second virtual private network at least comprises the second gateway device. The device includes:
the receiving unit is used for receiving first communication information sent by the hosting server, wherein the first communication information carries a first internet protocol address of first network equipment used for receiving the first communication information;
the processing unit is used for searching a second internet protocol address of a second gateway device corresponding to the first network device identified by the first internet protocol address;
And the sending unit is used for sending the first communication information to the first network equipment through the second gateway equipment identified by the second internet protocol address.
In a sixth aspect, an embodiment of the present application provides a server hosting apparatus, where the server hosting apparatus may be a first gateway device, or an apparatus in the first gateway device. The server hosting system to which the first gateway device belongs at least comprises a hosting server, the first gateway device and a second network device, wherein the hosting server is hosted to a first virtual private network of a first tenant, the first virtual private network at least comprises the first gateway device, and the second network device corresponds to the first virtual private network. The device includes:
the receiving unit is used for receiving second communication information sent by the hosting server, wherein the second communication information carries a third internet protocol address of second network equipment used for receiving the second communication information;
and the sending unit is used for sending the second communication information to the second network equipment.
In a seventh aspect, an embodiment of the present application provides a server hosting apparatus, where the server hosting apparatus may be a first gateway device, and may also be an apparatus in the first gateway device. The server hosting system to which the first gateway device belongs at least comprises a hosting server and the first gateway device, wherein the hosting server is hosted to a first virtual private network of the first tenant, and the first virtual private network at least comprises the first gateway device. The device includes:
The receiving unit is used for receiving third communication information sent by the hosting server, wherein the third communication information carries a network address of the internet;
and the sending unit is used for sending the third communication information to each network device in the internet identified by the network address.
In an eighth aspect, an embodiment of the present application provides a gateway device, including a processor and a memory, where the memory is used to store a computer program, and when the computer program is executed by the processor, the server hosting method as described in the first aspect is implemented.
In a ninth aspect, an embodiment of the present application provides a gateway device, including a processor and a memory, where the memory is used to store a computer program, and when the computer program is executed by the processor, the server hosting method as described in the second aspect is implemented.
In a tenth aspect, an embodiment of the present application provides a gateway device, including a processor and a memory, where the memory is used to store a computer program, and when the computer program is executed by the processor, the server hosting method as described in the third aspect is implemented.
In an eleventh aspect, embodiments of the present application provide a computer-readable storage medium storing one or more instructions that, when executed by a processor, implement a server hosting method as described in the first aspect.
In a twelfth aspect, embodiments of the present application provide a computer-readable storage medium storing one or more instructions that, when executed by a processor, implement the server hosting method as described in the second aspect.
In a thirteenth aspect, embodiments of the present application provide a computer-readable storage medium storing one or more instructions that, when executed by a processor, implement a server hosting method as described in the third aspect.
In this embodiment of the present application, a server hosting system to which a first gateway device belongs at least includes a hosting server, a first gateway device, a second gateway device, and a first network device, where the hosting server is hosted to a first virtual private network of a first tenant, the first virtual private network at least includes the first gateway device, the first network device corresponds to a second virtual private network of a second tenant, and the second virtual private network at least includes the second gateway device. The first gateway device may receive first communication information sent by the hosting server, where the first communication information carries a first internet protocol address of a first network device used for receiving the first communication information; searching a second internet protocol address of a second gateway device corresponding to the first network device identified by the first internet protocol address; and sending the first communication information to the first network equipment through the second gateway equipment identified by the second internet protocol address. By the method, multi-tenant isolation can be achieved based on the gateway device in the virtual private network, exclusive network devices are not required, the hosting server can interact with the first network device corresponding to the second virtual private network through the first gateway device in the first virtual private network and the second gateway device in the second virtual private network, and cost can be reduced. That is to say, the embodiment of the application can realize multi-tenant isolation on the basis of reducing cost.
Drawings
In order to more clearly illustrate the technical solutions of the embodiments of the present application, the drawings needed to be used in the description of the embodiments are briefly introduced below, and it is obvious that the drawings in the following description are some embodiments of the present application, and it is obvious for those skilled in the art to obtain other drawings based on these drawings without creative efforts.
Fig. 1 is a schematic diagram of a server hosting system according to an embodiment of the present application;
fig. 2 is a schematic flowchart of a server hosting method according to an embodiment of the present application;
fig. 3 is a schematic diagram of another server hosting system provided in an embodiment of the present application;
fig. 4 is a schematic diagram of another server hosting system provided in an embodiment of the present application;
fig. 5 is a schematic flowchart of another server hosting method according to an embodiment of the present application;
fig. 6 is a schematic diagram of another server hosting system provided in an embodiment of the present application;
fig. 7 is a schematic flowchart of another server hosting method according to an embodiment of the present application;
fig. 8 is a schematic diagram of a unit of a server hosting device according to an embodiment of the present application;
fig. 9 is a simplified schematic diagram of an entity structure of a gateway device according to an embodiment of the present application.
Detailed Description
Referring to fig. 1, fig. 1 is a schematic diagram of a server hosting system according to an embodiment of the present disclosure. As shown in fig. 1, the server hosting system at least includes a hosting server 113, a first gateway device 111, a second gateway device 121, and a first network device, which may be a network device corresponding to a second Virtual Private network (VPC) 120 such as a hosting server 124. Hosting server 113 is hosted to first virtual private network 110, first virtual private network 110 including at least first gateway device 111, and second virtual private network 120 including at least second gateway device 121.
The virtual private network can be an exclusive network space constructed by the tenant on the cloud, network service is provided for the tenant on resources on the cloud, and the property of complete logic isolation exists between different virtual private networks. As shown in fig. 1, the first vpn 110 is a vpn constructed by a first tenant on a public cloud, the second vpn 120 is a vpn constructed by a second tenant on the public cloud, and the first vpn 110 is completely logically isolated from the second vpn 120. The first gateway device 111 may be a designated gateway device of the hosted server 113, and the hosted server 113 corresponding to the first virtual private network 110 may access the first network device corresponding to the second virtual private network 120 through the first gateway device 111, that is, the hosted server 113 may access the hosted server 124 through the first gateway device 111.
As shown in fig. 1, the first network device may be a hosting server 124 that is hosted to the second vpn 120, and during a process that the hosting server 113 accesses the hosting server 124, the hosting server 113 may send first communication information to the first gateway device 111, where the first communication information carries a first Internet Protocol Address (IP Address) of the hosting server 124. Then first gateway device 111 may look up the second internet protocol address of second gateway device 121 corresponding to escrow server 124 identified by the first internet protocol address. Next, the first gateway device 111 may send the first communication to the second gateway device 121 identified by the second internet protocol address. Finally, the second gateway device 121 may send the first communication to the hosted server 124 identified by the first internet protocol address.
In this embodiment, the second gateway device in the server hosting system may be a gateway device similar to the first gateway device in the first vpn, and the hosting server in the second vpn may be hosted to the second gateway device. Optionally, the first network device may be a Virtual Machine in a second Virtual private network, and then the second gateway device in the server hosting system may be a Virtual Machine management device of a Virtual Machine (VM), where the Virtual Machine may be a Cloud Virtual Machine (CVM), and the Virtual Machine management device may be a parent Machine corresponding to the Cloud Virtual Machine.
The server may be an independent physical server, a server cluster or a distributed system formed by a plurality of physical servers, or a cloud server providing basic cloud computing services such as cloud service, a cloud database, cloud computing, a cloud function, cloud storage, network service, cloud communication, middleware service, domain name service, security service, CDN, big data and artificial intelligence platform. The terminal may be, but is not limited to, a smart phone, a tablet computer, a laptop computer, a desktop computer, a smart speaker, a smart watch, and the like. The terminal and the server may be directly or indirectly connected through wired or wireless communication, and the application is not limited herein.
The server hosting method provided by the embodiment of the application can be applied to a server hosting device, and the server hosting device can be a first gateway device running in a server hosting system, and can also be a device in the first gateway device. The first gateway device may be implemented in various forms, for example, the first gateway device described in this application may include an internetworking device such as a data gateway, a security gateway, and the like.
Referring to fig. 2, fig. 2 is a schematic flowchart of a server hosting method provided in an embodiment of the present application, where the method may be applied to a first gateway device, a server hosting system to which the first gateway device belongs at least includes a hosting server, the first gateway device, a second gateway device, and a first network device, the hosting server is hosted to a first virtual private network of a first tenant, the first virtual private network at least includes the first gateway device, the first network device corresponds to a second virtual private network of a second tenant, and the second private network at least includes the second gateway device. As shown in fig. 2, the server hosting method includes:
210. the hosting server sends the first communication information to the first gateway device.
The hosting server may send the first communication information to the first gateway device, where the first communication information carries a first internet protocol address of the first network device for receiving the first communication information. The first network device may be a network device corresponding to the second virtual private network, such as a hosting server hosted to the second virtual private network or a virtual machine in the second virtual private network. If the first tenant has a server hosting requirement for the hosting server, the first tenant may host the hosting server to an IDC facilitator or a cloud facilitator. The first gateway device may be a designated gateway device of the hosted server, and the hosted server may access the first virtual private network of the first tenant through the first gateway device, that is, the hosted server may be hosted to the first virtual private network, so that the hosted server may be linked to the public cloud network. Similarly, when the first network device is a hosting server of the second tenant, the second tenant may host the first network device to an IDC facilitator or a cloud facilitator, and then the first network device may be hosted to a second virtual private network of the second tenant, so that the first network device may be connected to the public cloud network in a first key.
For example, as shown in fig. 1, if a first tenant has a server hosting requirement for the hosting server 113, the first tenant may host the hosting server 113 to an IDC server or a cloud server. Hosting server 113 may access first virtual private network 110 of the first tenant through first gateway device 111, that is, hosting server 113 may be hosted to first virtual private network 110, such that hosting server 113 may be brought into a key access to the public cloud network. When the first network device is the hosting server 124, if the second tenant has a server hosting requirement for the hosting server 124, the second tenant may host the hosting server 124 to an IDC facilitator or a cloud facilitator, and the hosting server 124 may access the second virtual private network 120 of the second tenant through the second gateway device 121, that is, the hosting server 124 may be hosted to the second virtual private network 120, so that the hosting server 124 may be connected to the public cloud network in a first key. The hosting server 113 may transmit first communication information to the first gateway device 111, where the first communication information carries a first internet protocol address of a first network device for receiving the first communication information, that is, when the first network device is the hosting server 124, the first communication information carries the first internet protocol address of the hosting server 124 for receiving the first communication information.
220. The first gateway device looks up the second internet protocol address of the second gateway device.
After the first gateway device receives the first communication information sent by the hosting server, the first gateway device may search, in the control plane information, a second internet protocol address of a second gateway device corresponding to the first network device identified by the first internet protocol address. When the first network device is a hosted server hosted to a second virtual private network, the second gateway device corresponding to the first network device may be a designated gateway device of the hosted server of the second tenant, and the designated gateway device may be a gateway device similar to the first gateway device. When the first network device is a virtual machine in the second virtual private network, the second gateway device corresponding to the first network device may be a virtual machine management device, where the virtual machine may be a cloud virtual machine, and the virtual machine management device may be a parent machine of the cloud virtual machine. For example, as shown in fig. 1, taking a first network device as the hosting server 124 as an example, after the first gateway device 111 receives the first communication information sent by the hosting server 113, the first gateway device 111 may search for a second internet protocol address of a second gateway device 121 corresponding to the hosting server 124, where the second gateway device 121 is located in the second virtual private network 120.
Optionally, before the first gateway device searches for the second internet protocol address of the second gateway device, the first gateway device may receive control plane information sent by the controller in the first vpn. The controller may be a VPC Object Storage Service (VPC OSS) and is responsible for sending control plane information to each gateway device in the affiliated vpns, for example, the VPC OSS in the first vpns may send the control plane information to the first gateway device in the first vpns. The control plane information includes a network identifier of each virtual private network, an internet protocol address of a gateway device in each virtual private network, an internet protocol address of a network device corresponding to each virtual private network, and the like. As shown in fig. 1, the first gateway device 111 may receive control plane information sent by the VPC OSS112 in the first vpn 110, where the control plane information includes a network identifier of a vpn corresponding to the first network device, a gateway device corresponding to the first network device, and the like, and the network identifiers of the first vpn 110 and the second vpn 120 may be VPC-a and VPC-B, respectively. When the first network device is the hosting server 124, the control plane information includes the network identifier VPC-A, VPC-B and the corresponding relationship between the hosting server 124 and the second gateway device 121. As shown in table 1, table 1 is a one-to-one correspondence relationship between each network device and each gateway device, where the network device may be a hosting server hosted in a virtual private network or a virtual machine in the virtual private network, and then the gateway device may be a designated gateway device of the hosting server or a virtual machine management device, where the virtual machine may be a cloud virtual machine, and the virtual machine management device may be a parent machine of the cloud virtual machine.
TABLE 1
Figure BDA0003076217590000081
Figure BDA0003076217590000091
In a possible implementation manner, the first gateway device may search, in the control plane information, a network identifier of the virtual private network corresponding to the first network device identified by the first internet protocol address, and obtain, in the control plane information, a second internet protocol address of the second gateway device in the virtual private network identified by the searched network identifier. As shown in table 1, the network identity of the first vpn may be VPC-a and the network identity of the second vpn may be VPC-B. When the first internet protocol address of the first network device is 192.168.254.22, the first gateway device may find, in the control plane information, that the network identifier corresponding to the first internet protocol address 192.168.255.22 is VPC-B, that is, the first gateway device may find, according to the control plane information, that the network identifier of the virtual private network corresponding to the first network device identified by the first internet protocol address is VPC-B. The first gateway device may obtain, according to the network identifier VPC-B of the second vpn, a one-to-one correspondence between each network device and each gateway device corresponding to the second vpn, as shown in table 1, an IP of the gateway device corresponding to the first internet protocol address 192.168.255.22 of the first network device is 172.30.254.21, and then the first gateway device may obtain, in the control plane information, that the second internet protocol address of the second gateway device in the vpn identified by the network identifier VPC-B is 172.30.254.21.
230. The first gateway device sends the first communication information to the second gateway device.
The first gateway device may send the first communication information to the second gateway device according to a second internet protocol address of the second gateway device corresponding to the first network device identified by the first internet protocol address. As shown in fig. 1, the first gateway device 111 may transmit the first communication information to the second gateway device 121 through the second internet protocol address of the second gateway device 121.
Optionally, before the first gateway device sends the first communication information, the first gateway device may encapsulate the first communication information, where the encapsulation may be Overlay encapsulation (Overlay) encapsulation, that is, the first gateway device may increase information carried by the first communication information, so that the first communication information carries the second internet protocol address of the second gateway device.
240. The second gateway device sends the first communication information to the first network device.
After receiving the first communication information sent by the first gateway device, the second gateway device may send the first communication information to the first network device according to the control plane information. For example, as shown in fig. 1, when the first network device is the hosting server 124, the second gateway device 121 may send the first communication information to the hosting server 124 after receiving the first communication information sent by the first gateway device 111.
Optionally, the first network device may send the fourth communication information to the second gateway device, the second gateway device may send the fourth communication information to the first gateway device according to the control plane information, and then the first gateway device may send the fourth communication information to the hosting server, so as to finally realize interaction between the hosting server and the first network device, where the fourth communication information carries a sixth internet protocol address of the hosting server for receiving the fourth communication information. It can be understood that the access process of the first network device to the hosting server is similar to the access process of the hosting server to the first network device in the foregoing embodiment, and specific implementation processes may refer to the relevant description of the foregoing embodiment, and are not described herein again.
By the method, multi-tenant isolation can be achieved based on the first gateway device, exclusive network devices are not required, the hosting server corresponding to the first virtual private network can interact with the first network devices corresponding to the second virtual private network through the first gateway device in the first virtual private network and the second gateway device in the second virtual private network, and cost can be reduced. That is to say, the embodiment of the application can realize multi-tenant isolation on the basis of reducing cost.
Referring to fig. 3, fig. 3 is a schematic diagram of another server hosting system provided in the embodiment of the present application, and as shown in fig. 3, the server hosting system includes at least a hosting server 313, a first gateway device 311, a second network device, and the like, where the second network device may be a network device corresponding to a first virtual private network, such as a hosting server 314, and other than the hosting server 313, and the hosting server 313 is hosted to a first virtual private network 310. Optionally, the server hosting system may further include an access Switch (Switch)315, where the access Switch 315 may implement Virtual Local Area Network (VLAN) isolation, that is, when the hosting server 313 interacts with the hosting server 314 through the first gateway device, the server hosting method may implement interaction between Network devices belonging to different VLANs.
Optionally, the second network device may also be a virtual machine, and when the second network device is a virtual machine, the hosting server system may further include a virtual machine management device, where the virtual machine may be a cloud virtual machine, and then the virtual machine management device may be a parent machine corresponding to the cloud virtual machine. For example, fig. 4 is a schematic view of another server hosting system provided in the embodiment of the present application, and as shown in fig. 4, when the second network device is a cloud virtual machine 416, the server hosting system at least includes a hosting server 413, a first gateway device 411, the cloud virtual machine 416, a mother machine 415 corresponding to the cloud virtual machine 416, and the like. Where cloud virtual machine 416 is located in first virtual private network 410, hosting server 413 is hosted to first virtual private network device 410. The hosting server 413 may interact with the cloud virtual machine 416 through the first gateway device 411 and the mother machine 415 corresponding to the cloud virtual machine 416, that is, the server hosting method may implement that the hosting server accesses a public cloud network and the like through one key.
Referring to fig. 5, fig. 5 is a schematic flowchart of another server hosting method provided in an embodiment of the present application, where the method may be applied to a first gateway device, a server hosting system to which the first gateway device belongs at least includes a hosting server, the first gateway device, and a second network device, the hosting server is hosted to a first virtual private network of a first tenant, the first virtual private network at least includes the first gateway device, and the second network device corresponds to the first virtual private network. As shown in fig. 5, the server hosting method includes:
510. and the hosting server sends the second communication information to the first gateway equipment.
The hosting server may send the second communication information to the first gateway device, where the second communication information carries a third internet protocol address of a second network device used to receive the second communication information. The second network device may be a network device accessing the first gateway device, except for the hosting server, as shown in fig. 3, the second network device may be a hosting server 314 accessing the first gateway device, and the hosting server 313 may send the second communication information to the first gateway device 311, where the second communication information carries a third internet protocol address of the hosting server 314 for receiving the second communication information.
In one possible implementation, as shown in fig. 3, the second network device may be a host server 314, and before the host server 313 sends the second communication information to the first gateway device, the host server 313 may send an Address Resolution Protocol (ARP) request for a physical Address (MAC Address) of the host server 314. Since different ports on the access switch 315 belong to different virtual lans, the hosting server 314 does not receive the ARP request of the hosting server 313, and the first gateway device 311 may perform ARP reply, that is, the first gateway device 311 may reply its MAC address to the hosting server 313. Then, hosting server 313 may send the second communication information encapsulated with the MAC address of first gateway device 311 to first gateway device 311, that is, the second communication information sent by hosting server 313 to first gateway device 311 may also carry the MAC address of first gateway device 311.
In one possible implementation manner, the second network device may be a virtual machine, where the virtual machine may be a cloud virtual machine, as shown in fig. 4, the second network device may be a cloud virtual machine 416, and the hosting server 413 may send the second communication information to the first gateway device 411, where the second communication information carries a third internet protocol address of the cloud virtual machine 416 for receiving the second communication information.
520. And the first gateway equipment sends the second communication information to the second network equipment.
After receiving the second communication information sent by the hosting server, the first gateway device may send the second communication information to the second network device. As shown in fig. 3, the second network device may be hosting server 314, and first gateway device 311 may send the second communication information to hosting server 314.
In a possible implementation manner, before the first gateway device sends the second communication information to the second network device, the first gateway device may further obtain, through the ARP command, the MAC address corresponding to the third internet protocol address of the host server 314, and encapsulate the second communication information, so that the second communication information may carry the MAC address of the host server 314.
In a possible implementation manner, the second network device may be a virtual machine, and then the first gateway device may obtain, in the control plane information, a fourth internet protocol address of a virtual machine management device corresponding to the virtual machine, and send the second communication information to the second network device through the virtual machine management device identified by the fourth internet protocol address. When the virtual machine is a cloud virtual machine, the virtual machine management device corresponding to the virtual machine may be a parent machine of the cloud virtual machine. As shown in fig. 4, the second network device may be a cloud virtual machine 416, and then the first gateway device 411 may obtain, in the control plane information, a fourth internet protocol address of a parent machine 415 corresponding to the cloud virtual machine 416. For example, as shown in table 1, the internet protocol address of the cloud virtual machine 416 may be 10.1.1.1, and then according to the network identifier of the virtual private network in the control plane information and the corresponding relationship between each network device and each gateway device, that is, according to the one-to-one corresponding relationship between the network identifier of the first virtual private network corresponding to the second network device in the control plane information being VPC-a and the internet protocol address 10.1.1.1 matched with the network identifier VPC-a and the internet protocol address 172.16.20.1, the first gateway device may obtain, in the control plane information, that the fourth internet protocol address of the parent machine 415 corresponding to the cloud virtual machine 416 is 172.16.20.1, and send the second communication information to the cloud virtual machine 416 through the parent machine 415 identified by the fourth internet protocol address.
Optionally, before the first gateway device obtains the fourth internet protocol address of the virtual machine management device corresponding to the virtual machine from the control plane information, the first gateway device may further receive the control plane information sent by the VPC OSS 412.
In a possible implementation manner, after the first gateway device obtains the fourth internet protocol address of the virtual machine management device corresponding to the virtual machine from the control plane information, Overlay encapsulation may be performed on the second communication information, that is, the first gateway device may enable the second communication information to carry the fourth internet protocol address of the virtual machine management device corresponding to the virtual machine, and send the second communication information to the virtual machine management device identified by the fourth internet protocol address. Then, the virtual machine management device may perform decapsulation processing on the received second communication information, and send the second communication information to the virtual machine. As shown in fig. 4, the virtual machine may be a cloud virtual machine 416, and the virtual machine management device may be a parent machine 415 corresponding to the cloud virtual machine 416. The second network device 411 may perform Overlay encapsulation on the second communication information sent by the host server 413, that is, the first gateway device 411 may enable the second communication information to carry a fourth internet protocol address of the parent machine 415 corresponding to the cloud virtual machine 416, and send the second communication information to the parent machine 415 identified by the fourth internet protocol address. Then, the parent machine 415 may perform decapsulation processing on the received second communication information, and send the second communication information to the cloud virtual machine 416 according to the control plane information.
Optionally, the second network device may send the fifth communication information to the first gateway device, and then the second gateway device may send the fifth communication information to the escrow server, so as to finally implement mutual access between the escrow server and the second network device, where the fifth communication information carries a sixth internet protocol address of the escrow server for receiving the fifth communication information. As shown in fig. 3, the second network device may be a hosting server 314, and then the hosting server 314 may transmit fifth communication information to the first gateway device 311, and then the first gateway device 311 may transmit the fifth communication information to the hosting server 313. As shown in fig. 4, the second network device may be a cloud virtual machine 416, and then the cloud virtual machine 416 may send fifth communication information to a mother machine 416 corresponding to the cloud virtual machine 416, and then the mother machine may send the fifth communication information to the first gateway device 411 according to the control plane information sent by the VPC OSS412, and then the first gateway device 411 may send the fifth communication information to the hosting server 413. It can be understood that the access process of the second network device to the hosting server is similar to the access process of the hosting server to the second network device, and specific implementation processes may refer to the related description of the foregoing embodiments, and are not described herein again.
By the method, interaction between the hosting server and the second network device can be realized based on the first gateway device, and the second network device can be a network device, except the hosting server, accessed to the first gateway device, and can also be a cloud virtual machine and the like. By the method, interaction between the hosting server and network equipment in the VLAN except the VLAN to which the hosting server belongs can be realized. The method can also ensure that the escrow server is connected into the public cloud network through one key without being connected into a cloud service provider through a special line, so that the cost of the escrow server for being connected into the public cloud network is lower, and the escrow server has the product function of the public cloud CVM through the interaction of the escrow server and the cloud virtual machine, so that the escrow server is more convenient and efficient. In the process of cloud-going of the tenant, the tenant can be enabled to use the hosting server to be familiar with public cloud products quickly, and the cloud-going speed of the tenant is increased. The cloud on the tenant can be understood as: hosting the tenant's server to a virtual private network.
Referring to fig. 6, fig. 6 is a schematic diagram of another server hosting system provided in the embodiment of the present application, and as shown in fig. 6, the server hosting system at least includes a hosting server 613, a first gateway device 611, and the like. Wherein, the hosting server 613 is hosted to the first virtual private network 610, and the first gateway device 611 is located in the first virtual private network 610. The hosting server 613 may interact with the internet 616 through the first gateway device 611, that is, the server hosting method may implement the interaction of the hosting server with the internet.
Referring to fig. 7, fig. 7 is a flowchart illustrating another server hosting method provided by the embodiment of the present application, where the method may be applied to a first gateway device, a server hosting system to which the first gateway device belongs at least includes a hosting server and the first gateway device, the hosting server is hosted to a first vpn of a first tenant, and the first vpn includes at least the first gateway device. As shown in fig. 7, the server hosting method includes:
710. and the hosting server sends the third communication information to the first gateway device.
The hosting server may send third communication information to the first gateway device, where the third communication information carries a network address of the internet. As shown in fig. 6, the hosting server 613 may send third communication information to the first gateway device 611, the third communication information carrying a network address of the internet 616.
720. And the first gateway equipment sends the third communication information to each network equipment in the internet identified by the network address.
After receiving the third communication information sent by the hosting server, the first gateway device may send the third communication information to each network device in the internet identified by the network address. As shown in fig. 6, the first gateway device 611 may send the third communication information to each network device in the internet 616 identified by the network address.
In a possible implementation manner, the first Gateway device may obtain a fifth internet protocol Address of the Address Translation device in the control plane information, and send the third communication information to each Network device in the internet identified by the Network Address through the Address Translation device identified by the fifth internet protocol Address, where the Address Translation device may be an Elastic public internet protocol Address (EIP) cluster, a Load balancing (CLB), or a Network Address Translation Gateway (NATGW), and the like. As shown in fig. 6, the first gateway device 611 may obtain a fifth internet protocol address of the address conversion device 615 from the control plane information sent by the VPC OSS612 and send the third communication information to the address conversion device 615, and then the address conversion device 615 may send the third communication information to each network device in the internet 616.
In a possible implementation manner, the third communication information carries a sixth internet protocol address of the escrow server, and the sixth internet protocol address is a private IP address. After the address translation device receives the third communication information sent by the first gateway device, the address translation device may translate a private network IP address carried by the third communication information into a public network IP address, that is, the address translation device may translate a sixth internet protocol address of the escrow server carried by the third communication information into a public network IP address. Then, the address translation device may send the third communication information to each network device in the internet identified by the network address through a correspondence between the public network IP address and the public network IP address of each network device in the internet identified by the network address. For example, as shown in fig. 6, the third communication information carries a sixth internet protocol address of the hosting server 613, that is, the third communication information carries a private network IP address of the hosting server 613. After the address translation device 615 receives the third communication information sent by the first gateway device 611, the address translation device 615 may translate a private network IP address carried by the third communication information into a public network IP address, that is, the address translation device may translate a sixth internet protocol address of the escrow server 613 carried by the third communication information into a public network IP address. Then, the address conversion device 615 may send the third communication information to each network device in the internet 616 identified by the network address through the corresponding relationship between the public network IP address and the public network IP address of each network device in the internet 616.
Optionally, the address translation device may translate the private network IP address into the public network IP address according to a translation rule, where the translation rule is sent to the address translation device by the VPC OSS in advance. For example, as shown in fig. 6, the VPC OSS612 may send the conversion rule to the address conversion device 615 in advance, and after the address conversion device receives the third communication information sent by the first gateway device 611, the address conversion device 615 may convert the private network IP address carried by the third communication information into the public network IP address according to the conversion rule.
Optionally, each Network device in the internet may send the sixth communication information to the Address Translation device, and the Address Translation device may perform Destination Address Translation (DNAT) from the public Network IP Address to the private Network IP Address on the public Network IP Address carried in the sixth communication information, and send the sixth communication information to the first gateway device. After receiving the sixth communication information sent by the address translation device, the first gateway device may send the sixth communication information to the hosting server. It can be understood that the access process of each network device in the internet identified by the network address to the hosting server is similar to the access process of each network device in the internet identified by the network address by the hosting server, and specific implementation processes may refer to the relevant description of the above embodiments, and are not described herein again.
Through the method, the hosting server can realize interaction with the Internet through the first gateway device.
Referring to fig. 8, fig. 8 is a schematic diagram illustrating a unit of a server hosting device according to an embodiment of the present disclosure. The server hosting device shown in fig. 8 may be used to perform some or all of the functions in the method embodiment described above in fig. 2. The server hosting apparatus may be the first gateway device, or may be an apparatus in the first gateway device. The server hosting system to which the first gateway device belongs at least comprises a hosting server, a first gateway device, a second gateway device and a first network device, wherein the hosting server is hosted to a first virtual private network of a first tenant, the first virtual private network at least comprises the first gateway device, the first network device corresponds to a second virtual private network of a second tenant, and the second virtual private network at least comprises the second gateway device. The logical structure of the apparatus may include: a receiving unit 810, a processing unit 820 and a transmitting unit 830. Wherein:
a receiving unit 810, configured to receive first communication information sent by a hosting server, where the first communication information carries a first internet protocol address of a first network device used for receiving the first communication information;
A processing unit 820, configured to search for a second internet protocol address of a second gateway device corresponding to the first network device identified by the first internet protocol address;
the sending unit 830 is configured to send the first communication information to the first network device through the second gateway device identified by the second internet protocol address.
In a possible implementation manner, the receiving unit 810 is further configured to receive control plane information sent by a controller in a first vpn, where the control plane information includes a network identifier of each vpn, an internet protocol address of a gateway device in each vpn, and an internet protocol address of a network device corresponding to each vpn; when searching for the second internet protocol address of the second gateway device corresponding to the first network device identified by the first internet protocol address, the processing unit 820 is configured to: searching a network identifier of a virtual private network corresponding to the first network equipment identified by the first internet protocol address in the control plane information; and acquiring the second internet protocol address of the second gateway equipment in the virtual private network identified by the searched network identification from the control plane information.
In another embodiment, the server hosting device shown in fig. 8 may be used to perform some or all of the functions in the method embodiment described above in fig. 5. The server hosting apparatus may be the first gateway device, or may be an apparatus in the first gateway device. The server hosting system to which the first gateway device belongs at least comprises a hosting server, the first gateway device and a second network device, wherein the hosting server is hosted to a first virtual private network of a first tenant, the first virtual private network at least comprises the first gateway device, and the second network device corresponds to the first virtual private network. The logical structure of the apparatus may include: a receiving unit 810 and a transmitting unit 830. Wherein:
a receiving unit 810, configured to receive second communication information sent by a hosting server, where the second communication information carries a third internet protocol address of a second network device used for receiving the second communication information;
the sending unit 830 is configured to send the second communication information to the second network device.
In one possible implementation, the apparatus may further include a processing unit 820; the second network equipment is a virtual machine; the processing unit 820 is configured to obtain, in the control plane information, a fourth internet protocol address of a virtual machine management device corresponding to the virtual machine; the sending unit 830, when sending the second communication information to the second network device, is configured to: and sending the second communication information to the second network equipment through the virtual machine management equipment identified by the fourth internet protocol address.
In another embodiment, the server hosting device shown in fig. 8 may be used to perform some or all of the functions in the method embodiment described above in fig. 7. The server hosting apparatus may be the first gateway device, or may be an apparatus in the first gateway device. The server hosting system to which the first gateway device belongs at least comprises a hosting server and the first gateway device, wherein the hosting server is hosted to a first virtual private network of the first tenant, and the first virtual private network at least comprises the first gateway device. The logical structure of the apparatus may include: a receiving unit 810 and a transmitting unit 830. Wherein:
a receiving unit 810, configured to receive third communication information sent by the hosting server, where the third communication information carries a network address of the internet;
the sending unit 830 is configured to send the third communication information to each network device in the internet identified by the network address.
In one possible implementation, the apparatus may further include a processing unit 820; the processing unit 820 is configured to obtain a fifth internet protocol address of the address translation device in the control plane information; the sending unit 830, when sending the third communication information to each network device in the internet identified by the network address, is configured to: and sending the third communication information to each network device in the internet through the address translation device identified by the fifth internet protocol address.
It can be understood that the functions of each functional unit of the server hosting device in the embodiment of the present application may be specifically implemented according to the method in the foregoing method embodiment, and the specific implementation process may refer to the relevant description of the foregoing method embodiment, which is not described herein again.
Referring to fig. 9, fig. 9 is a simplified schematic diagram of an entity structure of a gateway device 900 according to an embodiment of the present application, where the gateway device 900 includes a processor 910, a memory 920, an input interface 930, and an output interface 940, and the processor 910, the memory 920, the input interface 930, and the output interface 940 are connected by one or more communication buses.
The processor 910 is configured to support the execution of the corresponding functions of the first gateway device in the method embodiment in fig. 2. The processor 910 may be a Central Processing Unit (CPU), a Network Processor (NP), a hardware chip, or any combination thereof.
The memory 920 is used to store program codes and the like. Memory 920 may include volatile memory (volatile memory), such as Random Access Memory (RAM); the memory 920 may also include a non-volatile memory (non-volatile memory), such as a read-only memory (ROM), a flash memory (flash memory), a Hard Disk Drive (HDD), or a solid-state drive (SSD); the memory 920 may also include a combination of memories of the sort described above.
Input interface 930 is used to receive data, information, messages, etc., and may also be described as a receiver, receiving circuitry, etc. Input interface 930 may include a standard wired or wireless interface, etc., which may be used to receive data under the control of processor 910; for example, the input interface 930 is used to receive first communication information sent by the hosting server, and the like.
Output interface 940 is used to transmit data, information, messages, etc., and may be used to transmit information under the control of processor 910; for example, the output interface 940 is configured to send the first communication to the first network device through the second gateway device identified by the second internet protocol address.
In this embodiment, the server hosting system to which the gateway device 900 belongs includes at least a hosting server, a gateway device 900, a second gateway device, and a first network device, where the hosting server is hosted to a first virtual private network of a first tenant, the first virtual private network includes at least the gateway device 900, the first network device corresponds to a second virtual private network of a second tenant, and the second virtual private network includes at least the second gateway device, and the processor 910 may call the program code stored in the memory 920 to perform the following operations:
Receiving first communication information sent by the hosting server through the input interface 930, wherein the first communication information carries a first internet protocol address of a first network device for receiving the first communication information;
searching a second internet protocol address of a second gateway device corresponding to the first network device identified by the first internet protocol address;
the first communication is sent to the first network device through the second gateway device identified by the second internet protocol address via the output interface 940.
In one possible implementation, the processor 910 may also call the program code stored in the memory 920 to perform the following operations:
receiving control plane information sent by a controller in a first vpn through the input interface 910, where the control plane information includes a network identifier of each vpn, an internet protocol address of a gateway device in each vpn, and an internet protocol address of a network device corresponding to each vpn;
when the processor 910 searches for the second internet protocol address of the second gateway device corresponding to the first network device identified by the first internet protocol address, the following operations may be specifically performed:
Searching a network identifier of a virtual private network corresponding to the first network equipment identified by the first internet protocol address in the control plane information; and acquiring the second internet protocol address of the second gateway equipment in the virtual private network identified by the searched network identification from the control plane information.
In another embodiment, the processor 910 in the gateway device 900 shown in fig. 9 is configured to support the corresponding functions of the first gateway device in the method embodiment shown in fig. 5. The server hosting system to which the gateway device 900 belongs at least includes a hosting server, the gateway device 900, and a second network device, where the hosting server is hosted to a first virtual private network of a first tenant, the first virtual private network includes at least the gateway device 900, and the second network device corresponds to the first virtual private network. The processor 910 may also call the program code stored in the memory 920 to perform the following operations:
receiving second communication information sent by the hosting server through the input interface 930, wherein the second communication information carries a third internet protocol address of a second network device for receiving the second communication information;
the second communication information is sent to the second network device through the output interface 940.
In one possible implementation, the second network device is a virtual machine; the processor 910 may also call the program code stored in the memory 920 to perform the following operations:
acquiring a fourth internet protocol address of the virtual machine management equipment corresponding to the virtual machine from the control plane information;
when the processor 910 sends the second communication information to the second network device through the output interface 940, the following operations may be specifically performed: and sending the second communication information to the second network equipment through the virtual machine management equipment identified by the fourth internet protocol address.
In another embodiment, the processor 910 in the gateway device 900 shown in fig. 9 is configured to support the corresponding functions of the first gateway device in the method embodiment shown in fig. 7. The server hosting system to which the gateway device 900 belongs at least includes a hosting server and the gateway device 900, the hosting server is hosted to a first virtual private network of a first tenant, the first virtual private network includes at least the gateway device 900, and the processor 910 may further call the program code stored in the memory 920 to perform the following operations:
receiving third communication information sent by the hosting server through the input interface 930, wherein the third communication information carries a network address of the internet;
The third communication information is sent to each network device in the internet identified by the network address through the output interface 940.
In one possible implementation, the processor 910 may also call the program code stored in the memory 920 to perform the following operations: acquiring a fifth internet protocol address of the address translation device in the control plane information; when the third communication information is sent to each network device in the internet identified by the network address through the output interface 940, the third communication information is sent to each network device in the internet through the address translation device identified by the fifth internet protocol address.
It should be noted that, in the foregoing embodiments, the descriptions of the respective embodiments have respective emphasis, and reference may be made to relevant descriptions of other embodiments for parts that are not described in detail in a certain embodiment.
The steps in the method of the embodiment of the application can be sequentially adjusted, combined and deleted according to actual needs.
The units in the processing equipment in the embodiment of the application can be merged, divided and deleted according to actual needs.
In the above embodiments, the implementation may be wholly or partially realized by software, hardware, firmware, or any combination thereof. When implemented in software, may be implemented in whole or in part in the form of a computer program product. The computer program product includes one or more computer instructions. The procedures or functions according to the embodiments of the present application are all or partially generated when the computer program instructions are loaded and executed on a computer. The computer may be a general purpose computer, a special purpose computer, a network of computers, or other programmable device. The computer instructions may be stored on a computer readable storage medium or transmitted from one computer readable storage medium to another, for example, the computer instructions may be transmitted from one website, computer, server, or data center to another website, computer, server, or data center by wire (e.g., coaxial cable, fiber optic, digital subscriber line) or wirelessly (e.g., infrared, wireless, microwave, etc.). The computer-readable storage medium can be any available medium that can be accessed by a computer or a data storage device, such as a server, a data center, etc., that incorporates one or more of the available media. The usable medium may be a magnetic medium (e.g., floppy Disk, memory Disk, magnetic tape), an optical medium (e.g., DVD), or a semiconductor medium (e.g., Solid State Disk (SSD)), among others.
The present application also provides a computer storage medium having stored thereon a computer program which, when executed by a processor, performs the steps of the method as described above.
Embodiments of the present application also provide a computer program product, which includes computer program code, when the computer program code runs on a computer, the computer is caused to execute the method as described in the above various possible embodiments.
An embodiment of the present application further provides a chip, which includes a memory and a processor, where the memory is used to store a computer program, and the processor is used to call and run the computer program from the memory, so that a device in which the chip is installed executes the method described in the above various possible embodiments.
Other embodiments of the present application will be apparent to those skilled in the art from consideration of the specification and practice of the application disclosed herein. The embodiments of the present application are intended to cover any variations, uses, or adaptations of the application following, in general, the principles of the application and including such departures from the present disclosure as come within known or customary practice within the art to which the application pertains. It is intended that the specification and examples be considered as exemplary only, with a true scope and spirit of the application being indicated by the following claims.
It will be understood that the present application is not limited to the precise arrangements described above and shown in the drawings and that various modifications and changes may be made without departing from the scope thereof. The scope of the application is limited only by the appended claims.
Finally, it should be noted that: the above embodiments are only used to illustrate the technical solutions of the present application, and not to limit the same; although the present application has been described in detail with reference to the foregoing embodiments, it should be understood by those of ordinary skill in the art that: the technical solutions described in the foregoing embodiments may still be modified, or some or all of the technical features may be equivalently replaced; and the modifications or the substitutions do not make the essence of the corresponding technical solutions depart from the scope of the technical solutions of the embodiments of the present application.

Claims (10)

1. A server hosting method applied to a first gateway device, wherein a server hosting system to which the first gateway device belongs at least includes a hosting server, the first gateway device, a second gateway device, and a first network device, the hosting server is hosted to a first virtual private network of a first tenant, the first virtual private network includes at least the first gateway device, the first network device corresponds to a second virtual private network of a second tenant, and the second virtual private network includes at least the second gateway device, the method comprising:
Receiving first communication information sent by a hosting server, wherein the first communication information carries a first internet protocol address of first network equipment used for receiving the first communication information;
searching a second internet protocol address of a second gateway device corresponding to the first network device identified by the first internet protocol address;
and sending the first communication information to the first network equipment through the second gateway equipment identified by the second internet protocol address.
2. The method of claim 1, further comprising:
receiving control plane information sent by a controller in the first virtual private network, wherein the control plane information includes a network identifier of each virtual private network, an internet protocol address of a gateway device in each virtual private network, and an internet protocol address of a network device corresponding to each virtual private network;
the searching for the second internet protocol address of the second gateway device corresponding to the first network device identified by the first internet protocol address includes:
searching the network identification of the virtual private network corresponding to the first network equipment identified by the first internet protocol address in the control plane information;
And acquiring the second internet protocol address of the second gateway equipment in the virtual private network identified by the searched network identification from the control plane information.
3. A server hosting method is applied to a first gateway device, a server hosting system to which the first gateway device belongs at least comprises a hosting server, the first gateway device and a second network device, the hosting server is hosted to a first virtual private network of a first tenant, the first virtual private network at least comprises the first gateway device, and the second network device corresponds to the first virtual private network, and the method comprises the following steps:
receiving second communication information sent by the hosting server, wherein the second communication information carries a third internet protocol address of second network equipment used for receiving the second communication information;
and sending the second communication information to the second network equipment.
4. The method of claim 3, wherein the second network device is a virtual machine; the method further comprises the following steps:
acquiring a fourth internet protocol address of the virtual machine management equipment corresponding to the virtual machine from the control plane information;
The sending the second communication information to the second network device includes:
and sending the second communication information to the second network equipment through the virtual machine management equipment identified by the fourth internet protocol address.
5. A server hosting method applied to a first gateway device, wherein a server hosting system to which the first gateway device belongs at least includes a hosting server and the first gateway device, wherein the hosting server is hosted to a first virtual private network of a first tenant, and wherein the first virtual private network includes at least the first gateway device, the method comprising:
receiving third communication information sent by the hosting server, wherein the third communication information carries a network address of the internet;
and sending the third communication information to each network device in the internet identified by the network address.
6. The method of claim 5, further comprising:
acquiring a fifth internet protocol address of the address translation device in the control plane information;
the sending the third communication information to each network device in the internet identified by the network address includes:
And sending the third communication information to each network device in the internet through the address translation device identified by the fifth internet protocol address.
7. A server hosting system, characterized in that the system includes at least a hosting server, a first gateway device, a second gateway device, and a first network device, the hosting server being hosted to a first virtual private network of a first tenant, the first virtual private network including at least the first gateway device, the first network device corresponding to a second virtual private network of a second tenant, the second virtual private network including at least the second gateway device, wherein:
the hosting server sends first communication information to the first gateway device, wherein the first communication information carries a first internet protocol address of the first network device;
the first gateway device searches for a second internet protocol address of a second gateway device corresponding to the first network device identified by the first internet protocol address;
the first gateway device sends the first communication information to a second gateway device identified by the second internet protocol address;
And the second gateway equipment sends the first communication information to the first network equipment identified by the first internet protocol address.
8. A server hosting apparatus comprising means for performing the method of claim 1 or 2, or means for performing the method of claim 3 or 4, or means for performing the method of claim 5 or 6.
9. A gateway device, characterized in that it comprises a processor, a memory, wherein the memory is adapted to store a computer program which, when executed by the processor, implements the method of claim 1 or 2, or implements the method of claim 3 or 4, or implements the method of claim 5 or 6.
10. A computer-readable storage medium, characterized in that it stores one or more instructions which, when executed by a processor, implement the method of claim 1 or 2, or implement the method of claim 3 or 4, or implement the method of claim 5 or 6.
CN202110555356.1A 2021-05-20 2021-05-20 Server hosting method, device, system and storage medium Active CN114679370B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202110555356.1A CN114679370B (en) 2021-05-20 2021-05-20 Server hosting method, device, system and storage medium

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202110555356.1A CN114679370B (en) 2021-05-20 2021-05-20 Server hosting method, device, system and storage medium

Publications (2)

Publication Number Publication Date
CN114679370A true CN114679370A (en) 2022-06-28
CN114679370B CN114679370B (en) 2024-01-12

Family

ID=82070774

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202110555356.1A Active CN114679370B (en) 2021-05-20 2021-05-20 Server hosting method, device, system and storage medium

Country Status (1)

Country Link
CN (1) CN114679370B (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2024078427A1 (en) * 2022-10-09 2024-04-18 华为云计算技术有限公司 Serverless function configuration system, method and apparatus

Citations (14)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2011103840A2 (en) * 2011-04-19 2011-09-01 华为技术有限公司 Virtual private cloud connection method and tunnel proxy server
US20130054763A1 (en) * 2011-08-31 2013-02-28 Jacobus Van Der Merwe Methods and apparatus to configure virtual private mobile networks with virtual private networks
CN103563329A (en) * 2011-06-07 2014-02-05 惠普发展公司,有限责任合伙企业 Scalable multi-tenant network architecture for virtualized datacenters
CN103581277A (en) * 2012-08-09 2014-02-12 中兴通讯股份有限公司 Distributing method and system of data center virtualization network address and directory server
CN103916492A (en) * 2014-04-11 2014-07-09 深信服网络科技(深圳)有限公司 Network device access control method and device
WO2014186957A1 (en) * 2013-05-22 2014-11-27 运软网络科技(上海)有限公司 Multi-tenant network system
US9813303B1 (en) * 2017-03-30 2017-11-07 IP Company 8, LLC Enabling cross-realm authentication between tenant and cloud service provider
CN107342895A (en) * 2017-06-26 2017-11-10 网宿科技股份有限公司 A kind of network optimized approach of multi-tenant, system, computing device and storage medium
CN107872542A (en) * 2016-09-27 2018-04-03 阿里巴巴集团控股有限公司 The method and the network equipment of a kind of data transfer
CN108566445A (en) * 2018-03-15 2018-09-21 华为技术有限公司 A kind of message transmitting method and device
CN108933702A (en) * 2018-08-01 2018-12-04 长沙龙生光启新材料科技有限公司 A method of remote service is provided
CN109245984A (en) * 2018-07-13 2019-01-18 华为技术有限公司 A kind of message transmitting method, a kind of information processing method and its relevant device
CN109412924A (en) * 2009-11-06 2019-03-01 微软技术许可有限责任公司 Using the covering for protecting the connection of across a network
CN110336730A (en) * 2019-07-09 2019-10-15 腾讯科技(深圳)有限公司 A kind of network system and data transmission method

Patent Citations (14)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN109412924A (en) * 2009-11-06 2019-03-01 微软技术许可有限责任公司 Using the covering for protecting the connection of across a network
WO2011103840A2 (en) * 2011-04-19 2011-09-01 华为技术有限公司 Virtual private cloud connection method and tunnel proxy server
CN103563329A (en) * 2011-06-07 2014-02-05 惠普发展公司,有限责任合伙企业 Scalable multi-tenant network architecture for virtualized datacenters
US20130054763A1 (en) * 2011-08-31 2013-02-28 Jacobus Van Der Merwe Methods and apparatus to configure virtual private mobile networks with virtual private networks
CN103581277A (en) * 2012-08-09 2014-02-12 中兴通讯股份有限公司 Distributing method and system of data center virtualization network address and directory server
WO2014186957A1 (en) * 2013-05-22 2014-11-27 运软网络科技(上海)有限公司 Multi-tenant network system
CN103916492A (en) * 2014-04-11 2014-07-09 深信服网络科技(深圳)有限公司 Network device access control method and device
CN107872542A (en) * 2016-09-27 2018-04-03 阿里巴巴集团控股有限公司 The method and the network equipment of a kind of data transfer
US9813303B1 (en) * 2017-03-30 2017-11-07 IP Company 8, LLC Enabling cross-realm authentication between tenant and cloud service provider
CN107342895A (en) * 2017-06-26 2017-11-10 网宿科技股份有限公司 A kind of network optimized approach of multi-tenant, system, computing device and storage medium
CN108566445A (en) * 2018-03-15 2018-09-21 华为技术有限公司 A kind of message transmitting method and device
CN109245984A (en) * 2018-07-13 2019-01-18 华为技术有限公司 A kind of message transmitting method, a kind of information processing method and its relevant device
CN108933702A (en) * 2018-08-01 2018-12-04 长沙龙生光启新材料科技有限公司 A method of remote service is provided
CN110336730A (en) * 2019-07-09 2019-10-15 腾讯科技(深圳)有限公司 A kind of network system and data transmission method

Non-Patent Citations (4)

* Cited by examiner, † Cited by third party
Title
LIN SHAOFENG: "Design and Implementation of an Enhanced VPN Isolation Gateway", 《2017 INTERNATIONAL CONFERENCE ON ROBOTS & INTELLIGENT SYSTEM (ICRIS)》 *
卿斯汉;: "Windows中的网络连接和数据传输管理研究", 信息网络安全, no. 05 *
庄子睿;王敬宇;徐童;: "面向租户的虚拟机定制化组网技术", 电信科学, no. 10 *
苗壮;王亚平;: "基于私有云计算的信息交互模型研究", 电子设计工程, no. 18 *

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2024078427A1 (en) * 2022-10-09 2024-04-18 华为云计算技术有限公司 Serverless function configuration system, method and apparatus

Also Published As

Publication number Publication date
CN114679370B (en) 2024-01-12

Similar Documents

Publication Publication Date Title
US10547463B2 (en) Multicast helper to link virtual extensible LANs
US10541836B2 (en) Virtual gateways and implicit routing in distributed overlay virtual environments
US10778532B2 (en) Overlay network movement operations
CN108449282B (en) Load balancing method and device
US9602307B2 (en) Tagging virtual overlay packets in a virtual networking system
US10038665B2 (en) Reducing broadcast flooding in a software defined network of a cloud
KR101840904B1 (en) Virtualization gateway between virtualized and non-virtualized networks
CN109245984B (en) Message transmission method, information processing method and related equipment thereof
US20180069787A1 (en) Exposing a subset of hosts on an overlay network to components external to the overlay network without exposing another subset of hosts on the overlay network
US10182125B2 (en) Server, physical switch and communication system
US10516544B2 (en) Extranet connectivity in LISP networks
CN110012118B (en) Method and controller for providing Network Address Translation (NAT) service
CN109936641B (en) Domain name resolution method, virtual switch and distributed DNS system
CN109474713B (en) Message forwarding method and device
CN114679370B (en) Server hosting method, device, system and storage medium
CN112583655B (en) Data transmission method and device, electronic equipment and readable storage medium
CN114025009A (en) Method, system, proxy server and device for forwarding request
CN104426816A (en) Virtual machine communication method and device
CN112019492A (en) Access control method, device and storage medium
CN116582516B (en) Data transmission method, device, system, medium and program product
CN116915585B (en) Software-defined wide area network networking method, device, electronic equipment and storage medium
CN115643169A (en) Cloud computing resource expansion method, intelligent local computing cluster and storage medium

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant