CN115022126B - Implementation method and system of distributed edge gateway - Google Patents
Implementation method and system of distributed edge gateway Download PDFInfo
- Publication number
- CN115022126B CN115022126B CN202210560237.XA CN202210560237A CN115022126B CN 115022126 B CN115022126 B CN 115022126B CN 202210560237 A CN202210560237 A CN 202210560237A CN 115022126 B CN115022126 B CN 115022126B
- Authority
- CN
- China
- Prior art keywords
- entity
- gateway
- network
- forwarding
- edge
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L12/00—Data switching networks
- H04L12/66—Arrangements for connecting between networks having differing types of switching systems, e.g. gateways
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L61/00—Network arrangements, protocols or services for addressing or naming
- H04L61/09—Mapping addresses
- H04L61/10—Mapping addresses of different types
- H04L61/103—Mapping addresses of different types across network layers, e.g. resolution of network layer into physical layer addresses or address resolution protocol [ARP]
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L61/00—Network arrangements, protocols or services for addressing or naming
- H04L61/09—Mapping addresses
- H04L61/25—Mapping addresses of the same type
- H04L61/2596—Translation of addresses of the same type other than IP, e.g. translation from MAC to MAC addresses
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/01—Protocols
- H04L67/10—Protocols in which an application is distributed across nodes in the network
-
- Y—GENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
- Y02—TECHNOLOGIES OR APPLICATIONS FOR MITIGATION OR ADAPTATION AGAINST CLIMATE CHANGE
- Y02D—CLIMATE CHANGE MITIGATION TECHNOLOGIES IN INFORMATION AND COMMUNICATION TECHNOLOGIES [ICT], I.E. INFORMATION AND COMMUNICATION TECHNOLOGIES AIMING AT THE REDUCTION OF THEIR OWN ENERGY USE
- Y02D30/00—Reducing energy consumption in communication networks
- Y02D30/50—Reducing energy consumption in communication networks in wire-line communication networks, e.g. low power modes or reduced link rate
Abstract
The invention discloses a realization method and a system of a distributed edge gateway, which belong to the technical field of edge computing, and the invention aims to solve the technical problem of realizing a low-cost, lightweight and high-efficiency unified edge gateway, meeting the requirements of light edge business on cloud edge end cooperation, and adopts the following technical scheme: at least one controller entity is deployed at each edge cloud node to serve as a control plane, at least one network switching entity and at least one gateway entity are deployed at each edge cloud node to serve as a forwarding plane, and the controller entities respectively control the forwarding planes located at the same edge cloud node; the main controller entity realizes the main selection through a consistency algorithm and determines the nodes of the main entity and the slave entity; and the main controller entity controls the gateway entity at the same node to configure the gateway address of the service network inside the edge cloud.
Description
Technical Field
The invention relates to the technical field of edge computing, in particular to a method and a system for realizing a distributed edge gateway.
Background
With the rapid increase of the service required by the edge, the edge computing is a new development trend in the cloud computing field. For the edge cloud service, the cloud edge end cooperation requirement of intercommunication with the center cloud and the end side is met, and the edge cloud is required to have unified edge gateway capability, so that functions of network traffic aggregation, unified address mapping and the like are realized. For IoT light edge computing service scenarios, the edge cloud node is usually smaller in scale, and a server and a switch are fused into a lightweight integrated machine to support a lightweight container cloud platform, so that if the lightweight integrated machine realizes an edge cloud unified edge gateway through additional NAT equipment, on one hand, the VRF capacity of hardware is limited, on the other hand, the cost overhead is increased, and if the unified edge gateway is realized through an IaaS platform such as openstack, the edge cloud platform is excessively heavy, and the overhead of limited basic resources such as cpu memory is further increased.
Therefore, how to realize a unified edge gateway with low cost, lightweight and high performance, and meet the requirements of light edge service on cloud edge end coordination are technical problems to be solved.
Patent document CN104468775B discloses a distributed router implementation method suitable for cloud computing. 1, each computing node creates three network bridges; 2. the compute node creates an isolated virtual network space for each network and adds a network interface to connect to the internal bridge, starting the dhcp service in the virtual network space. 3. Each computing node creates a new network space for a plurality of networks of the same tenant needing communication, is named as a routing network space, and adds a network port to the routing network space for each network to serve as a gateway; the gateways of the same network are set to the same mac and ip. 4. When the virtual machine is created, the arp table of the routing network space is updated correspondingly and connected to the internal bridge. 5. And setting flow rules in the internal network bridge and the internal network bridge. The invention solves the problems of single-point fault and heavy load of the virtual machine network; distributed router implementations that can be used for cloud computing. According to the technical scheme, the problems of single-point faults and heavy loads of a virtual machine network of a cloud platform are solved, but a unified edge gateway with low cost, light weight and high efficiency cannot be realized, the requirement of light edge service on cloud edge end coordination is met, and the capability of the edge cloud platform for the north-south distributed gateway service cannot be realized.
Disclosure of Invention
The technical task of the invention is to provide a method and a system for realizing a distributed edge gateway, which are used for solving the problem of how to realize a low-cost, lightweight and high-efficiency unified edge gateway and meeting the requirements of light edge business on cloud edge end coordination.
The technical task of the invention is realized in the following way, namely, the realization method of the distributed edge gateway is realized by deploying at least one controller entity as a control plane at each edge cloud node, deploying at least one network switching entity and at least one gateway entity as a forwarding plane at each edge cloud node, wherein the controller entities respectively control the forwarding planes at the same edge cloud node; the main controller entity realizes the main selection through a consistency algorithm and determines the nodes of the main entity and the slave entity; and the main controller entity controls the gateway entity at the same node to configure the gateway address of the service network inside the edge cloud.
Preferably, the controller entity is used as an edge gateway control layer entity to realize edge gateway business process control and convert abstract edge gateway business functions into specific forwarding surface control capability; the method comprises the following steps:
(1) the north open API and the configuration command provide the business process arrangement capability of the edge gateway for the third party;
(2) according to north direction arrangement logic and south direction configuration gateway entity, realizing distributed address mapping, routing and network security edge gateway service capability aiming at an internal service network;
(3) the gateway entity configures the network switching entity through the south direction and realizes the network traffic forwarding capability of the distributed gateway through the forwarding table.
Preferably, the gateway entity, as a forwarding plane entity for implementing the service capability of the edge gateway, has the following characteristics:
(1) the gateway entity is used as an inside east-west direction and north-south direction three-layer network traffic converging point of the edge cloud node;
(2) the gateway entity comprises an internal service network interface, and is connected with an edge cloud internal network through the internal service network interface; the internal service network interface configures an internal service network gateway address if and only if it is the master node entity (master gateway entity);
(3) the gateway entity is a distributed architecture, a main node entity (main gateway entity) is determined by a main controller entity, and the main node entity and the main-slave switching of the main gateway entity are consistent;
(4) when master-slave switching occurs, the gateway address configured on the internal service network interface is moved forward to a new master node entity (master gateway entity);
(5) the gateway entity comprises a mapping network interface, the gateway entity is connected with an edge cloud mapping network through the mapping network interface, the mapping network interface is configured with mapping addresses, the mapping addresses are mapped one-to-one with the edge cloud internal service network addresses, and the external network is communicated with the edge cloud internal service network through the mapping addresses of the mapping network;
(6) and the gateway entity configures east-west and north-south routing table information to realize network intercommunication between the service networks in the edge cloud and between the service networks and the external networks.
Preferably, the gateway switching entity is used as a forwarding plane entity for implementing network traffic forwarding capability, and has the following characteristics:
(1) the network switching entity is connected with the gateway entity through a gateway entity interface and serves as an east-west and north-south three-layer network traffic converging point inside the edge cloud node;
(2) the network switching entity is a distributed architecture, and the master controller entity determines the master node entity (master network switching entity) and keeps consistent with the master-slave switching of the controller entity.
More preferably, the forwarding of the data traffic of the gateway switching entity is specifically as follows:
s1, a main network switching entity comprises a two-layer forwarding table, and a slave network switching entity comprises a classified forwarding table, a broadcast forwarding table, a unicast forwarding table, a distributed forwarding table and a two-layer forwarding table, so that data traffic is forwarded;
s2, the data message enters a classified forwarding table and is used for distinguishing a broadcast message from a unicast message; forwarding the broadcast message to a broadcast forwarding table for processing, and forwarding the unicast message to a unicast forwarding table for processing;
s3, the broadcast forwarding table processes broadcast messages, such as ARP and DHCP messages, and performs flooding forwarding according to Ethernet protocol standards;
s4, the unicast forwarding table processes unicast messages;
s5, the distributed forwarding table processes the distributed north-south flow message;
s6, the two-layer forwarding table processes the two-layer data message, and forwards the data message according to the VLAN and the destination MAC address.
More preferably, the processing logic of the unicast forwarding table for processing the unicast message is as follows:
s401, judging whether the IP address of the message destination belongs to an internal service network:
(1) if yes, forwarding the business message to a two-layer forwarding table for processing;
(2) if not, executing step S402;
s402, judging whether the message destination MAC address is an internal service network gateway MAC address:
(1) if yes, forwarding the service message to a distributed forwarding table for processing;
(2) if not, the service message is other service messages, such as service traffic between the gateway entity and the external network, and is forwarded to a two-layer forwarding table for processing.
More preferably, the distributed forwarding table processes distributed north-south traffic messages as follows:
s501, converting a destination MAC address into an interface MAC address of the same service network in a gateway entity according to an internal service network gateway MAC address;
s502, the message is sent to a gateway entity through a gateway entity interface to be processed in the next step.
A distributed edge gateway system comprising a controller entity, a gateway switching entity and a gateway entity deployed on the same edge cloud node;
the controller entity is used as an edge gateway control layer entity for realizing the control of the edge gateway business process and converting the abstract edge gateway business function into a specific forwarding surface control capability;
the gateway entity is used as a forwarding plane entity for realizing the service capability of the edge gateway and is used as a traffic convergence point of three layers of networks in east-west direction and in north-south direction in the edge cloud node, and is configured with east-west direction and in north-south direction routing table information to realize network intercommunication between service networks in the edge cloud and between the service networks and external networks;
the network switching entity is used as a forwarding plane entity for realizing network traffic forwarding capability, and is used for being connected with the gateway entity through a gateway entity interface and used as an east-west and north-south three-layer network traffic converging point inside the edge cloud node.
Preferably, the controller entity converts the abstract edge gateway service function into a specific forwarding plane control capability as follows:
(1) the north open API and the configuration command provide the business process arrangement capability of the edge gateway for the third party;
(2) according to north direction arrangement logic and south direction configuration gateway entity, realizing distributed address mapping, routing and network security edge gateway service capability aiming at an internal service network;
(3) the gateway entity configures a network switching entity through the south direction and realizes the network traffic forwarding capability of the distributed gateway through a forwarding table;
the gateway entity comprises an internal service network interface, and is connected with an edge cloud internal network through the internal service network interface; the internal service network interface configures an internal service network gateway address if and only if it is the master node entity (master gateway entity); the gateway entity comprises a mapping network interface, the gateway entity is connected with an edge cloud mapping network through the mapping network interface, the mapping network interface is configured with mapping addresses, the mapping addresses are mapped one-to-one with the edge cloud internal service network addresses, and the external network is communicated with the edge cloud internal service network through the mapping addresses of the mapping network; the gateway entity is a distributed architecture, a main node entity (main gateway entity) is determined by a main controller entity, and the main node entity and the main-slave switching of the main gateway entity are consistent; when a master-slave switching occurs, a gateway address configured on an internal service network interface is moved forward to a new master node entity (master gateway entity);
the network switching entity is a distributed architecture, and a master controller entity determines a master node entity (master network switching entity) and maintains consistent master-slave switching with the controller entity.
Preferably, the forwarding of the data traffic of the network switching entity is specifically as follows:
s1, a main network switching entity comprises a two-layer forwarding table, and a slave network switching entity comprises a classified forwarding table, a broadcast forwarding table, a unicast forwarding table, a distributed forwarding table and a two-layer forwarding table, so that data traffic is forwarded;
s2, the data message enters a classified forwarding table and is used for distinguishing a broadcast message from a unicast message; forwarding the broadcast message to a broadcast forwarding table for processing, and forwarding the unicast message to a unicast forwarding table for processing;
s3, the broadcast forwarding table processes broadcast messages, such as ARP and DHCP messages, and performs flooding forwarding according to Ethernet protocol standards;
s4, the unicast forwarding table processes unicast messages; the processing logic is as follows:
s401, judging whether the IP address of the message destination belongs to an internal service network:
(1) if yes, forwarding the business message to a two-layer forwarding table for processing;
(2) if not, executing step S402;
s402, judging whether the message destination MAC address is an internal service network gateway MAC address:
(1) if yes, forwarding the service message to a distributed forwarding table for processing;
(2) if not, forwarding other service messages, such as service traffic between a gateway entity and an external network, to a two-layer forwarding table for processing;
s5, the distributed forwarding table processes the distributed north-south flow message; the method comprises the following steps:
s501, converting a destination MAC address into an interface MAC address of the same service network in a gateway entity according to an internal service network gateway MAC address;
s502, the message is sent to a gateway entity through a gateway entity interface to be processed in the next step;
s6, the two-layer forwarding table processes the two-layer data message, and forwards the data message according to the VLAN and the destination MAC address.
The realization method and the system of the distributed edge gateway have the following advantages:
the invention realizes the unified edge gateway capability with low cost, light weight and high efficiency, meets the requirements of light edge business on cloud edge end coordination, and is suitable for the field of edge calculation, especially in light edge calculation scenes;
the invention does not need extra NAT gateway equipment, and reduces the cost of edge cloud deployment;
thirdly, for the edge cloud all-in-one machine, the edge gateway can be directly communicated with the two layers of the peripheral network through the switch, the switch does not need three-layer routing configuration and gateway address configuration, policy routing configuration is also not needed, and the complexity of edge cloud deployment is reduced;
the invention realizes the distributed north-south business: distributed address mapping, distributed routing, distributed network security and the like, so that the flow detour is effectively reduced, and the network bandwidth resources of the edge cloud nodes are fully utilized;
the container cloud platform is fully integrated, micro-service is realized, less resource expenditure is occupied, and the weight is enough;
the sixth step, the invention forwards ARP request data packets according to broadcast messages;
and (seventh) the invention adds filtering to the data packet with the destination MAC address being the service gateway MAC address, and directly transmits the data packet to two layers for the destination IP address belonging to the east-west internal service network, then filters out the south-north service data packet and transmits the data packet to the distributed transmission table for processing.
Drawings
The invention is further described below with reference to the accompanying drawings.
FIG. 1 is an architecture diagram of a distributed edge gateway system;
fig. 2 is a schematic diagram of connection between a gateway entity and a network switching entity;
fig. 3 is a schematic diagram of a data forwarding plane architecture & forwarding table processing flow from a network switching entity.
Detailed Description
The implementation method and system of the distributed edge gateway of the present invention are described in detail below with reference to the drawings and specific embodiments of the specification.
Example 1:
as shown in fig. 1, this embodiment provides a method for implementing a distributed edge gateway, where at least one controller entity is deployed as a control plane at each edge cloud node, and at least one network switching entity and at least one gateway entity are deployed as a forwarding plane at each edge cloud node, where the controller entities respectively control the forwarding planes located at the same edge cloud node; the main controller entity realizes the main selection through a consistency algorithm and determines the nodes of the main entity and the slave entity; and the main controller entity controls the gateway entity at the same node to configure the gateway address of the service network inside the edge cloud.
The controller entity in the embodiment is used as an edge gateway control layer entity to realize the control of the edge gateway business process and convert the abstract edge gateway business function into a specific forwarding surface control capability; the method comprises the following steps:
(1) the north open API and the configuration command provide the business process arrangement capability of the edge gateway for the third party;
(2) according to north direction arrangement logic and south direction configuration gateway entity, realizing distributed address mapping, routing and network security edge gateway service capability aiming at an internal service network;
(3) the gateway entity configures the network switching entity through the south direction and realizes the network traffic forwarding capability of the distributed gateway through the forwarding table.
As shown in fig. 2, the gateway entity in this embodiment, as a forwarding plane entity for implementing the service capability of the edge gateway, has the following features:
(1) the gateway entity is used as an inside east-west direction and north-south direction three-layer network traffic converging point of the edge cloud node;
(2) the gateway entity comprises an internal service network interface, and is connected with an edge cloud internal network through the internal service network interface; the internal service network interface configures an internal service network gateway address if and only if it is the master node entity (master gateway entity);
(3) the gateway entity is a distributed architecture, a main node entity (main gateway entity) is determined by a main controller entity, and the main node entity and the main-slave switching of the main gateway entity are consistent;
(4) when master-slave switching occurs, the gateway address configured on the internal service network interface is moved forward to a new master node entity (master gateway entity);
(5) the gateway entity comprises a mapping network interface, the gateway entity is connected with an edge cloud mapping network through the mapping network interface, the mapping network interface is configured with mapping addresses, the mapping addresses are mapped one-to-one with the edge cloud internal service network addresses, and the external network is communicated with the edge cloud internal service network through the mapping addresses of the mapping network;
(6) and the gateway entity configures east-west and north-south routing table information to realize network intercommunication between the service networks in the edge cloud and between the service networks and the external networks.
The gateway switching entity in this embodiment, as a forwarding plane entity for implementing network traffic forwarding capability, has the following characteristics:
(1) the network switching entity is connected with the gateway entity through a gateway entity interface and serves as an east-west and north-south three-layer network traffic converging point inside the edge cloud node;
(2) the network switching entity is a distributed architecture, and the master controller entity determines the master node entity (master network switching entity) and keeps consistent with the master-slave switching of the controller entity.
As shown in fig. 3, the forwarding of the data traffic of the gateway switching entity in this embodiment is specifically as follows:
s1, a main network switching entity comprises a two-layer forwarding table, and a slave network switching entity comprises a classified forwarding table, a broadcast forwarding table, a unicast forwarding table, a distributed forwarding table and a two-layer forwarding table, so that data traffic is forwarded;
s2, the data message enters a classified forwarding table and is used for distinguishing a broadcast message from a unicast message; forwarding the broadcast message to a broadcast forwarding table for processing, and forwarding the unicast message to a unicast forwarding table for processing;
s3, the broadcast forwarding table processes broadcast messages, such as ARP and DHCP messages, and performs flooding forwarding according to Ethernet protocol standards;
s4, the unicast forwarding table processes unicast messages;
s5, the distributed forwarding table processes the distributed north-south flow message;
s6, the two-layer forwarding table processes the two-layer data message, and forwards the data message according to the VLAN and the destination MAC address.
The processing logic for processing the unicast message by the unicast forwarding table in step S4 of this embodiment is as follows:
s401, judging whether the IP address of the message destination belongs to an internal service network:
(1) if yes, forwarding the business message to a two-layer forwarding table for processing;
(2) if not, executing step S402;
s402, judging whether the message destination MAC address is an internal service network gateway MAC address:
(1) if yes, forwarding the service message to a distributed forwarding table for processing;
(2) if not, the service message is other service messages, such as service traffic between the gateway entity and the external network, and is forwarded to a two-layer forwarding table for processing.
The processing of the distributed north-south flow report by the distributed forwarding table in step S5 in this embodiment is specifically as follows:
s501, converting a destination MAC address into an interface MAC address of the same service network in a gateway entity according to an internal service network gateway MAC address;
s502, the message is sent to a gateway entity through a gateway entity interface to be processed in the next step.
Example 2:
as shown in fig. 1, the present embodiment provides a distributed edge gateway system, where the system includes a controller entity, a gateway switching entity, and a gateway entity deployed on the same edge cloud node;
the controller entity is used as an edge gateway control layer entity for realizing the control of the edge gateway business process and converting the abstract edge gateway business function into a specific forwarding surface control capability;
the gateway entity is used as a forwarding plane entity for realizing the service capability of the edge gateway and is used as a traffic convergence point of three layers of networks in east-west direction and in north-south direction in the edge cloud node, and is configured with east-west direction and in north-south direction routing table information to realize network intercommunication between service networks in the edge cloud and between the service networks and external networks;
the network switching entity is used as a forwarding plane entity for realizing network traffic forwarding capability, and is used for being connected with the gateway entity through a gateway entity interface and used as an east-west and north-south three-layer network traffic converging point inside the edge cloud node.
The controller entity in this embodiment converts the abstract edge gateway service function into a specific forwarding plane control capability as follows:
(1) the north open API and the configuration command provide the business process arrangement capability of the edge gateway for the third party;
(2) according to north direction arrangement logic and south direction configuration gateway entity, realizing distributed address mapping, routing and network security edge gateway service capability aiming at an internal service network;
(3) the gateway entity configures a network switching entity through the south direction and realizes the network traffic forwarding capability of the distributed gateway through a forwarding table;
as shown in fig. 2, the gateway entity in this embodiment includes an internal service network interface, and the gateway entity is connected to an edge cloud internal network through the internal service network interface; the internal service network interface configures an internal service network gateway address if and only if it is the master node entity (master gateway entity); the gateway entity comprises a mapping network interface, the gateway entity is connected with an edge cloud mapping network through the mapping network interface, the mapping network interface is configured with mapping addresses, the mapping addresses are mapped one-to-one with the edge cloud internal service network addresses, and the external network is communicated with the edge cloud internal service network through the mapping addresses of the mapping network; the gateway entity is a distributed architecture, a main node entity (main gateway entity) is determined by a main controller entity, and the main node entity and the main-slave switching of the main gateway entity are consistent; when a master-slave switching occurs, a gateway address configured on an internal service network interface is moved forward to a new master node entity (master gateway entity);
the network switching entity itself in this embodiment is a distributed architecture, and the master controller entity determines the master node entity (master network switching entity) and maintains consistency with the master-slave switching of the controller entity.
As shown in fig. 3, the forwarding of data traffic of the network switching entity in this embodiment is specifically as follows:
s1, a main network switching entity comprises a two-layer forwarding table, and a slave network switching entity comprises a classified forwarding table, a broadcast forwarding table, a unicast forwarding table, a distributed forwarding table and a two-layer forwarding table, so that data traffic is forwarded;
s2, the data message enters a classified forwarding table and is used for distinguishing a broadcast message from a unicast message; forwarding the broadcast message to a broadcast forwarding table for processing, and forwarding the unicast message to a unicast forwarding table for processing;
s3, the broadcast forwarding table processes broadcast messages, such as ARP and DHCP messages, and performs flooding forwarding according to Ethernet protocol standards;
s4, the unicast forwarding table processes unicast messages; the processing logic is as follows:
s401, judging whether the IP address of the message destination belongs to an internal service network:
(1) if yes, forwarding the business message to a two-layer forwarding table for processing;
(2) if not, executing step S402;
s402, judging whether the message destination MAC address is an internal service network gateway MAC address:
(1) if yes, forwarding the service message to a distributed forwarding table for processing;
(2) if not, forwarding other service messages, such as service traffic between a gateway entity and an external network, to a two-layer forwarding table for processing;
s5, the distributed forwarding table processes the distributed north-south flow message; the method comprises the following steps:
s501, converting a destination MAC address into an interface MAC address of the same service network in a gateway entity according to an internal service network gateway MAC address;
s502, the message is sent to a gateway entity through a gateway entity interface to be processed in the next step;
s6, the two-layer forwarding table processes the two-layer data message, and forwards the data message according to the VLAN and the destination MAC address.
Finally, it should be noted that: the above embodiments are only for illustrating the technical solution of the present invention, and not for limiting the same; although the invention has been described in detail with reference to the foregoing embodiments, it will be understood by those of ordinary skill in the art that: the technical scheme described in the foregoing embodiments can be modified or some or all of the technical features thereof can be replaced by equivalents; such modifications and substitutions do not depart from the spirit of the invention.
Claims (9)
1. The method is characterized in that at least one controller entity is deployed at each edge cloud node as a control plane, and at least one network switching entity and at least one gateway entity are deployed at each edge cloud node as a forwarding plane, wherein the controller entities respectively control the forwarding planes of the same edge cloud node; the main controller entity realizes the main selection through a consistency algorithm and determines the nodes of the main entity and the slave entity; the main controller entity controls the gateway entity at the same node to configure the gateway address of the service network inside the edge cloud;
the controller entity is used as an edge gateway control layer entity to realize the control of the edge gateway business flow and convert the abstract edge gateway business function into specific forwarding surface control capability; the method comprises the following steps:
(1) the north open API and the configuration command provide the business process arrangement capability of the edge gateway for the third party;
(2) according to north direction arrangement logic and south direction configuration gateway entity, realizing distributed address mapping, routing and network security edge gateway service capability aiming at an internal service network;
(3) the gateway entity configures the network switching entity through the south direction and realizes the network traffic forwarding capability of the distributed gateway through the forwarding table.
2. The method for implementing a distributed edge gateway according to claim 1, wherein the gateway entity, as a forwarding plane entity for implementing edge gateway service capabilities, has the following characteristics:
(1) the gateway entity is used as an inside east-west direction and north-south direction three-layer network traffic converging point of the edge cloud node;
(2) the gateway entity comprises an internal service network interface, and is connected with an edge cloud internal network through the internal service network interface; the internal service network interface configures an internal service network gateway address if and only if it is acting as a master node entity;
(3) the gateway entity is a distributed architecture, a main controller entity determines a main node entity and keeps consistent with the master-slave switching of the controller entity;
(4) when the master-slave switching occurs, the gateway address configured on the internal service network interface moves forward to a new master node entity;
(5) the gateway entity comprises a mapping network interface, the gateway entity is connected with an edge cloud mapping network through the mapping network interface, the mapping network interface is configured with mapping addresses, the mapping addresses are mapped one-to-one with the edge cloud internal service network addresses, and the external network is communicated with the edge cloud internal service network through the mapping addresses of the mapping network;
(6) and the gateway entity configures east-west and north-south routing table information to realize network intercommunication between the service networks in the edge cloud and between the service networks and the external networks.
3. The method for implementing a distributed edge gateway according to claim 1, wherein the network switching entity is a forwarding plane entity for implementing network traffic forwarding capability, and has the following characteristics:
(1) the network switching entity is connected with the gateway entity through a gateway entity interface and serves as an east-west and north-south three-layer network traffic converging point inside the edge cloud node;
(2) the network switching entity is a distributed architecture, and the master controller entity determines the master node entity and keeps consistent with the master-slave switching of the controller entity.
4. A method for implementing a distributed edge gateway according to claim 3, wherein the forwarding of data traffic by the network switching entity is specifically as follows:
s1, a main network switching entity comprises a two-layer forwarding table, and a slave network switching entity comprises a classified forwarding table, a broadcast forwarding table, a unicast forwarding table, a distributed forwarding table and a two-layer forwarding table, so that data traffic is forwarded;
s2, the data message enters a classified forwarding table and is used for distinguishing a broadcast message from a unicast message; forwarding the broadcast message to a broadcast forwarding table for processing, and forwarding the unicast message to a unicast forwarding table for processing;
s3, the broadcast forwarding table processes the broadcast message and performs flooding forwarding according to the Ethernet protocol standard;
s4, the unicast forwarding table processes unicast messages;
s5, the distributed forwarding table processes the distributed north-south flow message;
s6, the two-layer forwarding table processes the two-layer data message, and forwards the data message according to the VLAN and the destination MAC address.
5. The method for implementing a distributed edge gateway according to claim 4, wherein processing logic for processing a unicast message by a unicast forwarding table is:
s401, judging whether the IP address of the message destination belongs to an internal service network:
(1) if yes, forwarding the business message to a two-layer forwarding table for processing;
(2) if not, executing step S402;
s402, judging whether the message destination MAC address is an internal service network gateway MAC address:
(1) if yes, forwarding the service message to a distributed forwarding table for processing;
(2) if not, then other service messages are obtained.
6. The method for implementing a distributed edge gateway according to claim 4, wherein the distributed forwarding table processes the distributed north-south traffic messages as follows:
s501, converting a destination MAC address into an interface MAC address of the same service network in a gateway entity according to an internal service network gateway MAC address;
s502, the message is sent to a gateway entity through a gateway entity interface to be processed in the next step.
7. A distributed edge gateway system, comprising a controller entity, a network switching entity and a gateway entity deployed on the same edge cloud node;
the controller entity is used as an edge gateway control layer entity for realizing the control of the edge gateway business process and converting the abstract edge gateway business function into a specific forwarding surface control capability;
the gateway entity is used as a forwarding plane entity for realizing the service capability of the edge gateway and is used as a traffic convergence point of three layers of networks in east-west direction and in north-south direction in the edge cloud node, and is configured with east-west direction and in north-south direction routing table information to realize network intercommunication between service networks in the edge cloud and between the service networks and external networks;
the network switching entity is used as a forwarding plane entity for realizing network traffic forwarding capability, and is connected with the gateway entity through a gateway entity interface to serve as a three-layer network traffic converging point in east-west direction and south-north direction inside the edge cloud node;
the controller entity converts the abstract edge gateway service function into a specific forwarding plane control capability as follows:
(1) the north open API and the configuration command provide the business process arrangement capability of the edge gateway for the third party;
(2) according to north direction arrangement logic and south direction configuration gateway entity, realizing distributed address mapping, routing and network security edge gateway service capability aiming at an internal service network;
(3) the gateway entity configures the network switching entity through the south direction and realizes the network traffic forwarding capability of the distributed gateway through the forwarding table.
8. The distributed edge gateway system of claim 7, wherein the gateway entity comprises an internal business network interface through which the gateway entity connects to an edge cloud internal network; the internal service network interface configures an internal service network gateway address if and only if it is acting as a master node entity; the gateway entity comprises a mapping network interface, the gateway entity is connected with an edge cloud mapping network through the mapping network interface, the mapping network interface is configured with mapping addresses, the mapping addresses are mapped one-to-one with the edge cloud internal service network addresses, and the external network is communicated with the edge cloud internal service network through the mapping addresses of the mapping network; the gateway entity is a distributed architecture, a main controller entity determines a main node entity and keeps consistent with the master-slave switching of the controller entity; when the master-slave switching occurs, the gateway address configured on the internal service network interface moves forward to a new master node entity;
the network switching entity is a distributed architecture, and a master controller entity determines a master node entity and keeps consistent with master-slave switching of the controller entity.
9. The distributed edge gateway system of claim 7, wherein the forwarding of data traffic by the network switching entity is specifically as follows:
s1, a main network switching entity comprises a two-layer forwarding table, and a slave network switching entity comprises a classified forwarding table, a broadcast forwarding table, a unicast forwarding table, a distributed forwarding table and a two-layer forwarding table, so that data traffic is forwarded;
s2, the data message enters a classified forwarding table and is used for distinguishing a broadcast message from a unicast message; forwarding the broadcast message to a broadcast forwarding table for processing, and forwarding the unicast message to a unicast forwarding table for processing;
s3, the broadcast forwarding table processes the broadcast message and performs flooding forwarding according to the Ethernet protocol standard;
s4, the unicast forwarding table processes unicast messages; the processing logic is as follows:
s401, judging whether the IP address of the message destination belongs to an internal service network:
(1) if yes, forwarding the business message to a two-layer forwarding table for processing;
(2) if not, executing step S402;
s402, judging whether the message destination MAC address is an internal service network gateway MAC address:
(1) if yes, forwarding the service message to a distributed forwarding table for processing;
(2) if not, other service messages are obtained;
s5, the distributed forwarding table processes the distributed north-south flow message; the method comprises the following steps:
s501, converting a destination MAC address into an interface MAC address of the same service network in a gateway entity according to an internal service network gateway MAC address;
s502, the message is sent to a gateway entity through a gateway entity interface to be processed in the next step;
s6, the two-layer forwarding table processes the two-layer data message, and forwards the data message according to the VLAN and the destination MAC address.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202210560237.XA CN115022126B (en) | 2022-05-23 | 2022-05-23 | Implementation method and system of distributed edge gateway |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202210560237.XA CN115022126B (en) | 2022-05-23 | 2022-05-23 | Implementation method and system of distributed edge gateway |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN115022126A CN115022126A (en) | 2022-09-06 |
| CN115022126B true CN115022126B (en) | 2023-09-01 |
Family
ID=83069158
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202210560237.XA Active CN115022126B (en) | 2022-05-23 | 2022-05-23 | Implementation method and system of distributed edge gateway |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN115022126B (en) |
Citations (14)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN105262667A (en) * | 2015-09-17 | 2016-01-20 | 杭州数梦工场科技有限公司 | Method and device for controlling multicast transmission in Overlay network |
| CN105515978A (en) * | 2016-01-08 | 2016-04-20 | 盛科网络(苏州)有限公司 | Method and device for realizing distributed routing and physical host access |
| CN106130900A (en) * | 2016-08-05 | 2016-11-16 | 浪潮(北京)电子信息产业有限公司 | A kind of virtualization network distribution type route implementation method and system |
| CN106789667A (en) * | 2016-11-21 | 2017-05-31 | 华为技术有限公司 | A kind of data forwarding method, relevant device and system |
| CN106936680A (en) * | 2015-12-29 | 2017-07-07 | 中移(苏州)软件技术有限公司 | The system and method for intercommunication between cloud computing platform heterogeneous network |
| CN107147509A (en) * | 2016-03-01 | 2017-09-08 | 中兴通讯股份有限公司 | Centrex service implementation method, device and communication system |
| CN108833166A (en) * | 2018-06-19 | 2018-11-16 | 中国联合网络通信集团有限公司 | Edge cloud message forwarding method and system, network message retransmission method and system |
| CN110572448A (en) * | 2019-08-30 | 2019-12-13 | 烽火通信科技股份有限公司 | distributed edge cloud system architecture |
| CN112003924A (en) * | 2020-08-20 | 2020-11-27 | 浪潮云信息技术股份公司 | Industrial internet-oriented edge cloud platform building method and system |
| CN112333774A (en) * | 2020-10-30 | 2021-02-05 | 南京邮电大学 | Edge network control system and control method |
| CN112637105A (en) * | 2019-09-24 | 2021-04-09 | 中国电信股份有限公司 | Method, system, device and computer readable storage medium for switching firewall |
| CN113176948A (en) * | 2021-06-29 | 2021-07-27 | 深圳智造谷工业互联网创新中心有限公司 | Edge gateway, edge computing system and configuration method thereof |
| US11171878B1 (en) * | 2020-09-21 | 2021-11-09 | Vmware, Inc. | Allocating additional bandwidth to resources in a datacenter through deployment of dedicated gateways |
| WO2021230915A1 (en) * | 2020-05-12 | 2021-11-18 | Assia Spe, Llc | Systems and methods for closed loop automation between wireless network nodes |
Family Cites Families (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US11611507B2 (en) * | 2019-10-28 | 2023-03-21 | Vmware, Inc. | Managing forwarding elements at edge nodes connected to a virtual network |
-
2022
- 2022-05-23 CN CN202210560237.XA patent/CN115022126B/en active Active
Patent Citations (14)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN105262667A (en) * | 2015-09-17 | 2016-01-20 | 杭州数梦工场科技有限公司 | Method and device for controlling multicast transmission in Overlay network |
| CN106936680A (en) * | 2015-12-29 | 2017-07-07 | 中移(苏州)软件技术有限公司 | The system and method for intercommunication between cloud computing platform heterogeneous network |
| CN105515978A (en) * | 2016-01-08 | 2016-04-20 | 盛科网络(苏州)有限公司 | Method and device for realizing distributed routing and physical host access |
| CN107147509A (en) * | 2016-03-01 | 2017-09-08 | 中兴通讯股份有限公司 | Centrex service implementation method, device and communication system |
| CN106130900A (en) * | 2016-08-05 | 2016-11-16 | 浪潮(北京)电子信息产业有限公司 | A kind of virtualization network distribution type route implementation method and system |
| CN106789667A (en) * | 2016-11-21 | 2017-05-31 | 华为技术有限公司 | A kind of data forwarding method, relevant device and system |
| CN108833166A (en) * | 2018-06-19 | 2018-11-16 | 中国联合网络通信集团有限公司 | Edge cloud message forwarding method and system, network message retransmission method and system |
| CN110572448A (en) * | 2019-08-30 | 2019-12-13 | 烽火通信科技股份有限公司 | distributed edge cloud system architecture |
| CN112637105A (en) * | 2019-09-24 | 2021-04-09 | 中国电信股份有限公司 | Method, system, device and computer readable storage medium for switching firewall |
| WO2021230915A1 (en) * | 2020-05-12 | 2021-11-18 | Assia Spe, Llc | Systems and methods for closed loop automation between wireless network nodes |
| CN112003924A (en) * | 2020-08-20 | 2020-11-27 | 浪潮云信息技术股份公司 | Industrial internet-oriented edge cloud platform building method and system |
| US11171878B1 (en) * | 2020-09-21 | 2021-11-09 | Vmware, Inc. | Allocating additional bandwidth to resources in a datacenter through deployment of dedicated gateways |
| CN112333774A (en) * | 2020-10-30 | 2021-02-05 | 南京邮电大学 | Edge network control system and control method |
| CN113176948A (en) * | 2021-06-29 | 2021-07-27 | 深圳智造谷工业互联网创新中心有限公司 | Edge gateway, edge computing system and configuration method thereof |
Non-Patent Citations (1)
| Title |
|---|
| "An Edge Computing Based Gateway for WIA-PA Networks";Heng Wang等;《 2019 Chinese Automation Congress (CAC)》;全文 * |
Also Published As
| Publication number | Publication date |
|---|---|
| CN115022126A (en) | 2022-09-06 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN108476160B (en) | switch interconnect based on layered overlay tunneling | |
| JP4060378B2 (en) | Multi-layer distributed network element | |
| JP5661929B2 (en) | System and method for multi-chassis link aggregation | |
| JP2019518393A (en) | Packet processing method and device | |
| CN105099848B (en) | Network extension group | |
| US10075394B2 (en) | Virtual link aggregations across multiple fabric switches | |
| CN103095600B (en) | A kind of method of the load balancing based on Trill network and routing device | |
| US20130232492A1 (en) | Method and system for realizing virtual machine mobility | |
| JP2002508123A (en) | System and method for a multilayer network element | |
| GB2485024A (en) | Providing failover for a Point to Point tunnel for Wireless Local Area Network (WLAN) split-plane environments | |
| WO2011032472A1 (en) | Virtual private network implemaentation method and system | |
| WO1999000944A1 (en) | Mechanism for packet field replacement in a multi-layer distributed network element | |
| CN113872845B (en) | Method for establishing VXLAN tunnel and related equipment | |
| CN101060533B (en) | A method, system and device for improving the reliability of VGMP protocol | |
| WO2014087591A1 (en) | Communication system, control apparatus, communication control method, transfer control method, and transfer control program | |
| US8861339B2 (en) | Packet forwarding function of a mobility switch deployed as routed SMLT (RSMLT) node | |
| US8446818B2 (en) | Routed split multi-link trunking resiliency for wireless local area network split-plane environments | |
| US8437357B2 (en) | Method of connecting VLAN systems to other networks via a router | |
| CN105490937A (en) | Ethernet virtual network gateway switching method and service provider edge node equipment | |
| CN102891903A (en) | NAT (Network Address Translation) converting method and equipment | |
| US20060050681A1 (en) | Method for the automatic configuration of a ip telephony device and/or data, system and device implementing same | |
| CN115022126B (en) | Implementation method and system of distributed edge gateway | |
| RU2310994C2 (en) | Traffic division filter | |
| CN115914116A (en) | Method and equipment for forwarding Resilient Packet Ring (RPR) message | |
| Cisco | Internetworking Design Basics |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |