TW201931828A - Flow table-based data transfer method - Google Patents

Flow table-based data transfer method Download PDF

Info

Publication number
TW201931828A
TW201931828A TW107145030A TW107145030A TW201931828A TW 201931828 A TW201931828 A TW 201931828A TW 107145030 A TW107145030 A TW 107145030A TW 107145030 A TW107145030 A TW 107145030A TW 201931828 A TW201931828 A TW 201931828A
Authority
TW
Taiwan
Prior art keywords
node
virtual switch
flow table
virtual
physical machine
Prior art date
Application number
TW107145030A
Other languages
Chinese (zh)
Other versions
TWI759571B (en
Inventor
袁航
周雍愷
吳金壇
祖立軍
何東傑
Original Assignee
大陸商中國銀聯股份有限公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 大陸商中國銀聯股份有限公司 filed Critical 大陸商中國銀聯股份有限公司
Publication of TW201931828A publication Critical patent/TW201931828A/en
Application granted granted Critical
Publication of TWI759571B publication Critical patent/TWI759571B/en

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L45/00Routing or path finding of packets in data switching networks
    • H04L45/44Distributed routing
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L47/00Traffic control in data switching networks
    • H04L47/70Admission control; Resource allocation
    • H04L47/82Miscellaneous aspects
    • H04L47/825Involving tunnels, e.g. MPLS
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L61/00Network arrangements, protocols or services for addressing or naming
    • H04L61/09Mapping addresses
    • H04L61/10Mapping addresses of different types
    • H04L61/103Mapping addresses of different types across network layers, e.g. resolution of network layer into physical layer addresses or address resolution protocol [ARP]

Abstract

The present invention relates to a flow table-based data transfer method, comprising: issuing a flow table to a first virtual switch, such that an external interface that corresponds to the first virtual switch is configured to accept an ARP request from an external device; the first virtual switch generating, on the basis of the flow table, a corresponding ARP response of the ARP request; the external interface receiving a data package from the external device; determining whether a destination virtual machine of the data package is a physical machine that corresponds to a first node; if the destination virtual machine is a physical machine corresponding to a second node that is different from the first node, then the first virtual switch forwards the data package to a second virtual switch. According to the method, bi-directional transmission of a data package between each terminal and the external device may be reliably and highly efficiently achieved, and the distributed routing communication solution may function to the greatest extent.

Description

基於流表的資料傳送方法Data transmission method based on flow table

本發明涉及資料傳輸技術領域,更具體地說,涉及一種基於流表的資料傳送方法。The present invention relates to the technical field of data transmission, and more particularly, to a method for transmitting data based on a flow table.

路由器(Router)是用於連接多個邏輯上分開的網路,所謂邏輯網路是代表一個單獨的網路或者一個子網。當資料從一個子網傳輸到另一個子網時,可通過路由器的路由功能來完成。如圖1所示。Router is used to connect multiple logically separated networks. The so-called logical network represents a single network or a subnet. When data is transmitted from one subnet to another, it can be done through the routing function of the router. As shown in Figure 1.

不同子網下的電腦通信都必須通過路由器完成。在軟體SDN的網路實現中,路由功能是通過軟體的機制來實現的,具體可以分為集中式路由和分散式路由兩種形式。 (1)集中式路由Computer communication under different subnets must be completed through a router. In the network implementation of software SDN, the routing function is implemented through software mechanisms, which can be divided into two forms: centralized routing and decentralized routing. (1) Centralized routing

在集中式路由機制中東西向流量(不同network之間的流量)以及南北向流量(內部network與外部網路之間的流量)都要通過路由器。路由器的核心位置使其成為了網路中的一個瓶頸。為了解決這一問題,提出了分散式路由機制。 (2)分散式路由In a centralized routing mechanism, east-west traffic (traffic between different networks) and north-south traffic (traffic between the internal network and the external network) both pass through the router. The core location of the router makes it a bottleneck in the network. To solve this problem, a decentralized routing mechanism is proposed. (2) Decentralized routing

分散式路由機制則在每個節點上都使能一個路由器。對於東西向的流量,流量會直接在計算節點之間傳遞。對於南北向的流量,如果有浮動 IP,流量就直接走計算節點。如果沒有浮動 IP,則會走網路節點。分散式路由在處理沒有浮動 IP的流量時,還是會走集中的網路節點,在本質上還是集中式路由模式。The decentralized routing mechanism enables a router on each node. For east-west traffic, traffic is passed directly between compute nodes. For north-south traffic, if there is a floating IP, the traffic goes directly to the compute node. If there is no floating IP, it will go to the network node. Decentralized routing still uses centralized network nodes when handling traffic without floating IPs, and is still a centralized routing mode in essence.

在軟體SDN方案中,分散式路由的功能實現都是基於流表來實現的。下面就以openflow流表和執行該流表的虛擬交換機為例,概述一下傳統基於openflow流表的分散式路由的問題。軟體SDN南北向流量通信的邏輯圖如圖2所示。In software SDN solutions, the implementation of distributed routing functions is based on flow tables. The following uses the openflow flow table and the virtual switch that executes the flow table as an example to outline the problem of traditional distributed routing based on the openflow flow table. The logic diagram of software SDN north-south traffic communication is shown in Figure 2.

一個網路內的虛擬機器(例如,相當於網路終端)與外部網路通信的資料流程都需要通過路由器。而在軟體SDN方案中,將該邏輯圖映射為物理結構圖,如圖3所示。可以看出,同網段的虛擬機器可能會分佈于不同的路由器下。虛擬機器在與外部網路通信時,資料包走到虛擬交換機上時,虛擬交換機會將資料包的源IP位址轉換為唯一與該虛擬機器對應的浮動 IP。如v1在與外部網路通信時,從v1中出來的資料包的源IP位址還是v1的IP位址,即10.0.0.1,那麼資料包到了虛擬交換機上之後,虛擬交換機根據該資料包的目的IP位址判斷出這是v1與外部網路通信的資料包,這時虛擬交換機中就會有相應的流表對該資料包的源IP位址欄位進行轉換,將10.0.0.1轉換為172.16.1.1,也就是v1的浮動 IP。那麼對於外部網路來說,v1的IP位址也就變為了172.16.1.1。A virtual machine (for example, equivalent to a network terminal) in a network communicates with the external network for data flow through a router. In the software SDN solution, the logical diagram is mapped to a physical structure diagram, as shown in FIG. 3. It can be seen that virtual machines on the same network segment may be distributed under different routers. When the virtual machine communicates with the external network, when the data packet goes to the virtual switch, the virtual switch will convert the source IP address of the data packet into the only floating IP corresponding to the virtual machine. For example, when v1 communicates with the external network, the source IP address of the data packet coming out of v1 is still the IP address of v1, that is, 10.0.0.1. After the data packet arrives on the virtual switch, the virtual switch The destination IP address determines that this is a data packet that v1 communicates with the external network. At this time, a corresponding flow table in the virtual switch will convert the source IP address field of the packet, converting 10.0.0.1 to 172.16. .1.1, which is the floating IP of v1. Then for the external network, the IP address of v1 also becomes 172.16.1.1.

因為浮動 IP與虛擬機器之間是一一對應的,所以外部網路在進行回包的時候,就可以通過浮動 IP找到v1所在的位置,從而將返回資料包送回至v1。但是如果v1沒有浮動 IP ,它主動向發佈網路發送的資料是能夠送至對方,但是對方的返回包無法送至v1,這是因為v1的資料包是以其內網位址10.0.0.1作為源IP位址的,而其內網位址不為外部網路所認知。所以只能通過外部網路配置靜態路由的方式將回程流量引導到外部介面,然後通過該介面送至平臺內部。Because there is a one-to-one correspondence between the floating IP and the virtual machine, the external network can find the location of v1 through the floating IP when returning packets, and then return the returned packet to v1. However, if v1 does not have a floating IP, the data it actively sends to the publishing network can be sent to the other party, but the return packet of the other party cannot be sent to v1, because the data packet of v1 is based on its intranet address 10.0.0.1 The source IP address is not recognized by the external network. Therefore, you can only use the external network to configure static routing to direct backhaul traffic to the external interface, and then send it to the platform through the interface.

然而,在現有分散式路由架構設計中,該外部介面甚至可能沒有接收外部網路資料的功能。如圖3所示,路由器與外網的介面在映射到物理架構中時其實已經分佈於每個節點上,也就是說,每個節點都會有一個IP位址為172.16.1.100的外部介面。從而,將外部的資料包經由節點(節點1,2)再經由子網(Net1,Net2)準確地送回相應的、不具有浮動IP的本地端虛擬機器(V1-V6)仍存在困難。However, in the existing distributed routing architecture design, the external interface may not even have the function of receiving external network data. As shown in Figure 3, the interface between the router and the external network is actually distributed on each node when it is mapped into the physical architecture, that is, each node will have an external interface with an IP address of 172.16.1.100. Therefore, it is still difficult to accurately return external data packets to the corresponding local virtual machines (V1-V6) without floating IPs via the nodes (nodes 1, 2) and then through the subnets (Net1, Net2).

本發明的目的在於提供一種基於流表的資料傳送方法,其使得即使在沒有應用浮動IP的情況下也能夠實現資料包的雙向傳遞。An object of the present invention is to provide a flow table-based data transmission method, which enables bidirectional transmission of data packets even when a floating IP is not applied.

為實現上述目的,本發明提供一種技術方案如下:To achieve the above objective, the present invention provides a technical solution as follows:

一種基於流表的資料傳送方法,用於將資料包提供至多個網路節點中的一個節點,其中,各節點分別部署一物理機,物理機配置有一虛擬交換機和至少一虛擬機器,虛擬機器由虛擬交換機來路由,該方法包括:a)、將流表下發到第一虛擬交換機,以使得第一虛擬交換機對應的外部介面配置成接收來自外部裝置的ARP請求;其中,第一虛擬交換機處於第一節點對應的物理機;b)、第一虛擬交換機基於流表生成對ARP請求的相應ARP回應;c)、外部介面接收來自外部裝置的資料包;其中,資料包由外部裝置在接收到ARP回應後提供;d)、確定資料包的目的虛擬機器是否處於第一節點對應的物理機;以及e)、若目的虛擬機器處於不同於第一節點的第二節點對應的物理機,則第一虛擬交換機將資料包轉發至第二虛擬交換機;其中,第二虛擬交換機處於第二節點對應的物理機。A flow table-based data transmission method is used to provide a data packet to one of a plurality of network nodes, wherein each node is respectively deployed with a physical machine, and the physical machine is configured with a virtual switch and at least one virtual machine. The method includes routing: a) sending a flow table to the first virtual switch, so that an external interface corresponding to the first virtual switch is configured to receive an ARP request from an external device; wherein the first virtual switch is located at The physical machine corresponding to the first node; b) the first virtual switch generates a corresponding ARP response to the ARP request based on the flow table; c) the external interface receives a data packet from an external device; wherein the data packet is received by the external device Provided after the ARP response; d) determining whether the destination virtual machine of the data packet is on the physical machine corresponding to the first node; and e) if the destination virtual machine is on a physical machine corresponding to the second node different from the first node, the first A virtual switch forwards the data packet to the second virtual switch; wherein the second virtual switch is located at the object corresponding to the second node. Management.

優選地,流表由SDN控制器生成。Preferably, the flow table is generated by an SDN controller.

優選地,ARP回應至少包括第一虛擬交換機對應的物理機的MAC位址。Preferably, the ARP response includes at least the MAC address of the physical machine corresponding to the first virtual switch.

優選地,步驟e)中,利用SDN控制器獲取第二虛擬交換機所在的物理機的IP位址,使用隧道技術將資料包轉發至第二虛擬交換機。Preferably, in step e), the SDN controller is used to obtain the IP address of the physical machine where the second virtual switch is located, and the data packet is forwarded to the second virtual switch using a tunnel technology.

優選地,目的虛擬機器不設置浮動IP。Preferably, the destination virtual machine is not provided with a floating IP.

本發明進一步提供一種用於接收資料包的物理機,部署於一網路節點處,其中,物理機配置有一虛擬交換機和至少一虛擬機器,虛擬機器由虛擬交換機路由,虛擬交換機基於流表配置成:以外部介面接收來自外部裝置的ARP請求,以及,生成對ARP請求的相應ARP回應;以外部介面接收來自外部裝置的資料包;其中,資料包由外部裝置在接收到ARP回應後提供;確定資料包的目的虛擬機器是否處於第一節點對應的物理機;其中,第一節點為當前網路節點;以及若確定目的虛擬機器處於第二節點對應的物理機,則將資料包轉發至處於第二節點對應的物理機中的虛擬交換機;其中,第二節點為不同於第一節點的網路節點。The invention further provides a physical machine for receiving data packets, which is deployed at a network node, wherein the physical machine is configured with a virtual switch and at least one virtual machine, the virtual machine is routed by the virtual switch, and the virtual switch is configured based on a flow table to : Receiving an ARP request from an external device through an external interface, and generating a corresponding ARP response to the ARP request; receiving a packet from the external device through an external interface; wherein the packet is provided by the external device after receiving the ARP response; confirm Whether the destination virtual machine of the data packet is on the physical machine corresponding to the first node; wherein the first node is the current network node; and if it is determined that the destination virtual machine is on the physical machine corresponding to the second node, the data packet is forwarded to the A virtual switch in the physical machine corresponding to the two nodes; wherein the second node is a network node different from the first node.

優選地,物理機與SDN控制器耦合,並從SDN控制器獲取流表。Preferably, the physical machine is coupled to the SDN controller and obtains a flow table from the SDN controller.

本發明各實施例提供的基於流表的資料傳送方法,在各網路節點或其中的虛擬機器不具有浮動IP的情況下,仍能夠可靠而高效地實現資料包在各虛擬機器與外部裝置之間的雙向傳遞。該方法使得分散式路由通信方案能夠最大程度地發揮其功效,並能夠克服現有技術中集中式路由及分散式路由可能存在的流量瓶頸問題。本發明另外提供的物理機能夠在虛擬機器不具有浮動IP的情況下實現資料包的雙向傳遞,進而促進分散式路由通信方案的功效最大化。The flow table-based data transmission method provided by the embodiments of the present invention can reliably and efficiently implement data packets between each virtual machine and an external device in the case that each network node or a virtual machine therein does not have a floating IP. Between two-way. This method enables the distributed routing communication scheme to maximize its effectiveness and overcome the traffic bottleneck problem that may exist in centralized routing and distributed routing in the prior art. The physical machine provided by the present invention can realize bidirectional transmission of data packets without a virtual machine having a floating IP, thereby promoting the maximum efficiency of the distributed routing communication scheme.

在以下描述中提出具體細節,以便提供對本發明的透徹理解。然而,本領域的技術人員將清楚地知道,即使沒有這些具體細節也可實施本發明的實施例。在本發明中,可進行具體的數位引用,例如“第一元件”、“第二裝置”等。但是,具體數字引用不應當被理解為必須服從於其字面順序,而是應被理解為“第一元件”與“第二元件”不同。Specific details are set forth in the following description in order to provide a thorough understanding of the present invention. However, it will be apparent to those skilled in the art that embodiments of the present invention can be implemented without these specific details. In the present invention, specific digital references may be made, such as "first element", "second device", and the like. However, specific numerical references should not be understood as having to obey their literal order, but should be understood as different from "first element" and "second element".

本發明所提出的具體細節只是示範性的,具體細節可以變化,但仍然落入本發明的精神和範圍之內。術語“耦合”定義為表示直接連接到元件或者經由另一個元件而間接連接到元件。The specific details provided by the present invention are merely exemplary, and the specific details may vary, but still fall within the spirit and scope of the present invention. The term "coupled" is defined to mean directly connected to an element or indirectly connected to an element via another element.

以下通過參照附圖來描述適於實現本發明的方法、系統和裝置的優選實施例。雖然各實施例是針對元件的單個組合來描述,但是應理解,本發明包括所公開元件的所有可能組合。因此,如果一個實施例包括元件A、B和C,而第二實施例包括元件B和D,則本發明也應被認為包括A、B、C或D的其他剩餘組合,即使沒有明確公開。Preferred embodiments of the method, system, and device suitable for implementing the present invention are described below with reference to the drawings. Although the embodiments are described for a single combination of elements, it should be understood that the invention includes all possible combinations of the disclosed elements. Therefore, if one embodiment includes elements A, B, and C and the second embodiment includes elements B and D, the invention should also be considered to include other remaining combinations of A, B, C, or D, even if not explicitly disclosed.

如圖4所示,本發明第一實施例提供一種資料傳送方法,其基於流表來實現,具體包括如下各個步驟。As shown in FIG. 4, a first embodiment of the present invention provides a data transmission method, which is implemented based on a flow table, and specifically includes the following steps.

步驟S10、將流表下發到第一虛擬交換機,以使得第一虛擬交換機對應的外部介面配置成接收來自外部裝置的ARP請求。Step S10: Deliver the flow table to the first virtual switch, so that the external interface corresponding to the first virtual switch is configured to receive an ARP request from an external device.

其中,第一虛擬交換機處於第一節點對應的物理機,而第一節點可以為多個網路節點中的任一個節點。在本申請通篇中,網路為按照SDN技術來定義的一個具體網路,其包括多個網路節點,各節點可以分別部署一物理機,物理機中配置有一個虛擬交換機和至少一個虛擬機器,各虛擬機器由處於同一物理機中的虛擬交換機來路由。換言之,各虛擬機器與外部網路之間的通信是經由虛擬交換機來實現的。應理解,在網路之下可以存在一層或多層的子網,子網之下再接入網路節點。The first virtual switch is located on a physical machine corresponding to the first node, and the first node may be any one of multiple network nodes. Throughout this application, a network is a specific network defined in accordance with SDN technology. It includes multiple network nodes. Each node can be deployed with a physical machine. A virtual switch and at least one virtual machine are configured in the physical machine. Machines, each virtual machine is routed by a virtual switch in the same physical machine. In other words, the communication between each virtual machine and the external network is realized via a virtual switch. It should be understood that there may be one or more subnets under the network, and the network nodes are connected under the subnet.

根據本發明的實施例,每個網路節點和/或其對應的物理機中的各虛擬機器可以不具有浮動IP,將仍可以實現虛擬機器與網路外部裝置之間的雙向通信,以下將具體說明。According to the embodiment of the present invention, each virtual machine in each network node and / or its corresponding physical machine may not have a floating IP, and two-way communication between the virtual machine and an external device on the network may still be achieved. Specific instructions.

通過將openflow流表下發至第一虛擬交換機,可以將openflow流表配置並應用於第一節點,從而使得第一虛擬交換機對應的外部介面配置成接收來自外部裝置的ARP(位址解析通訊協定)請求,進而,還能夠生成對該ARP請求的回應(在步驟S11中說明)。By sending the openflow flow table to the first virtual switch, the openflow flow table can be configured and applied to the first node, so that the external interface corresponding to the first virtual switch is configured to receive ARP (Address Resolution Protocol) from an external device. ) Request, and further, it is possible to generate a response to the ARP request (explained in step S11).

作為示例,流表由接入當前網路的SDN控制器生成,並由SDN控制器下發至當前網路中的全部或部分網路節點。通過下發至相應網路節點,流表將能夠實現相應網路節點的功能性,尤其是在該網路節點或其下屬的虛擬機器不具有浮動IP的情況下,仍能夠高效地實現資料包在虛擬機器與網路外部裝置之間的雙向傳輸。As an example, the flow table is generated by the SDN controller connected to the current network, and is delivered by the SDN controller to all or part of the network nodes in the current network. By sending to the corresponding network node, the flow table will be able to achieve the functionality of the corresponding network node, especially if the network node or its subordinate virtual machine does not have a floating IP, it can still efficiently implement the data packet Two-way transmission between virtual machines and devices external to the network.

在分散式路由模式下,外部介面分佈在網路中各個網路節點上,即,每個虛擬交換機都設有外部介面,所以在實現中可採用全量下發(流表)的方式,即每個網路節點都獲取該流表,這樣作為節點集群的當前網路就有了具備高分佈性和高可用性的路由架構。備選地,可採用一定的優化策略,比如,配置用於ARP響應的流表只下發到有當前租戶的網路終端所從屬的網路節點上,或者使用其他策略挑選出若干個網路節點來下發流表,這樣能夠更快速地接收到外來流量並進行網路終端定位,而且,流表內容更少,更便於維護。In the distributed routing mode, the external interface is distributed on each network node in the network, that is, each virtual switch is provided with an external interface, so in the implementation, a full-volume delivery (flow table) method can be used, that is, each Each network node obtains the flow table, so that the current network as a node cluster has a highly distributed and highly available routing architecture. Alternatively, a certain optimization strategy may be adopted, for example, the flow table used for ARP response is configured to be delivered only to the network node to which the network terminal of the current tenant belongs, or several networks are selected using other strategies The node sends the flow table, which can more quickly receive the external traffic and locate the network terminal. Moreover, the flow table contains less content and is easier to maintain.

流表在其表項中整合了當前網路各層次(包括子網)的網路配置資訊,使得在進行資料轉發(與外網通信)時有具體規則可以依照,甚至能夠定義更複雜、更豐富的規則。具體來說,流表的匹配域能夠用於與虛擬交換機接收到的資料包進行匹配,其涵蓋ISO網路模型中第二至第四層的網路配置資訊。流表的動作域用於指示虛擬交換機在收到匹配的資料包時應該如何處理,動作域中可以定義多組動作。流表還可以包括計算器,用於統計關於資料流程量的資訊。The flow table integrates the network configuration information of the current network levels (including subnets) in its entries, so that specific rules can be followed when data is forwarded (communication with the external network), and it can even define more complex and more Rich rules. Specifically, the matching field of the flow table can be used for matching with the data packet received by the virtual switch, which covers the network configuration information of the second to fourth layers in the ISO network model. The action field of the flow table is used to indicate how the virtual switch should handle when it receives a matching packet. The action field can define multiple sets of actions. The flow meter may also include a calculator for counting information about the amount of data flow.

根據本發明的優選實施方式,在流表首次下發之後,還可以根據實際情況或應用場合對流表進行改動。例如,如修改流表的Table值、優先順序等,或者改變openflow流表中執行動作的步驟,或者簡化流表中的步驟(如不經過三層轉發步驟),直接進行port轉發操作等。According to a preferred embodiment of the present invention, after the flow table is first issued, the flow table may also be modified according to actual conditions or applications. For example, you can modify the Table value and priority order of the flow table, or change the steps of performing actions in the openflow flow table, or simplify the steps in the flow table (such as without going through the Layer 3 forwarding step), and directly perform port forwarding operations.

步驟S11、第一虛擬交換機基於流表生成對ARP請求的相應ARP回應。Step S11: The first virtual switch generates a corresponding ARP response to the ARP request based on the flow table.

應理解,對於各網路節點所對應的物理機而言,均可以通過虛擬交換機獲取流表並利用流表配置自身,進而由虛擬交換機生成對該ARP請求的相應ARP回應,而各ARP回應是內容不同的。具體來說,通過接收ARP回應,網路外部裝置應至少能夠區分各物理機並確定其在網路中的位置,以便於隨後發送資料包。It should be understood that for the physical machine corresponding to each network node, a virtual switch can obtain a flow table and configure itself using the flow table, and then the virtual switch generates a corresponding ARP response to the ARP request, and each ARP response is The content is different. Specifically, by receiving the ARP response, the external device of the network should be able to distinguish at least each physical machine and determine its location in the network, so as to facilitate the subsequent sending of data packets.

為了實現網路路由的分散式架構,流表也一併下發至當前網路中的其他網路節點(具體地,下發至相應的虛擬交換機),這些其他網路節點所對應的物理機分別通過虛擬交換機來回送一個ARP回應包,其中包含該物理機的MAC位址,以便獲取到MAC位址的網路外部裝置能夠準確識別出該物理機。In order to implement the decentralized architecture of network routing, the flow table is also issued to other network nodes in the current network (specifically, to the corresponding virtual switches), and the physical machines corresponding to these other network nodes An ARP response packet is sent back and forth through the virtual switch, which contains the MAC address of the physical machine, so that external devices that obtain the MAC address can accurately identify the physical machine.

作為示例,這時流表可以按如下格式設計(僅示出流表內容的一部分): As an example, the flow table can be designed as follows (only a part of the flow table content is shown):

以上流表的主要作用就是為外部介面構造了一個針對ARP請求的回應包,外部介面將該回應包發回給ARP請求方(網路外部裝置)。當請求方接收到該ARP回包後,可以進一步將需要傳輸的資料包發送到該外部介面。可以理解,以上流表作為一種示例僅示出實際流表的一部分,為了實現虛擬交換機和/或虛擬機器的完整功能性,實際流表將更加複雜。在實際應用場合,還可以對流表格式作出各種改進,例如對動作域中包含的動作進行省略和/或組合,限定各動作的執行次數等。The main function of the above flow table is to construct a response packet for the ARP request for the external interface, and the external interface sends the response packet back to the ARP requester (network external device). After the requester receives the ARP reply packet, it can further send the data packet to be transmitted to the external interface. It can be understood that the above flow table only shows a part of the actual flow table as an example. In order to realize the complete functionality of the virtual switch and / or virtual machine, the actual flow table will be more complicated. In practical applications, various improvements can be made to the flow table format, such as omitting and / or combining the actions contained in the action domain, limiting the number of executions of each action, and the like.

在該步驟中,ARP請求的作用是為了獲取資料發送目標的MAC位址,每個ARP回應至少包括準備接收待傳輸資料包的相應網路節點的對應物理機的MAC位址。應理解,ARP請求和ARP回應僅僅是發送資料包之前的準備,兩者不涉及待傳輸資料包。In this step, the role of the ARP request is to obtain the MAC address of the data sending destination. Each ARP response includes at least the MAC address of the corresponding physical machine of the corresponding network node that is ready to receive the data packet to be transmitted. It should be understood that the ARP request and the ARP response are only preparations before sending the data packet, and the two do not involve the data packet to be transmitted.

步驟S12、外部介面接收來自外部裝置的資料包。Step S12: The external interface receives a data packet from an external device.

在該步驟中,具體地,在外部裝置獲得ARP回應之後,其能夠知曉準備接收資料包的各網路節點對應的物理機的MAC位址。就第一節點及其相應的第一虛擬交換機而言,在外部裝置接收到來自第一虛擬交換機的ARP回應後,資料包將被發送至第一虛擬交換機的外部介面。該外部介面接收到該資料包之後,視目的終端的位置而定,可以直接交付至第一節點下屬的任何一個虛擬機器,或再進行轉發。In this step, specifically, after the external device obtains the ARP response, it can know the MAC address of the physical machine corresponding to each network node that is preparing to receive the data packet. As for the first node and its corresponding first virtual switch, after the external device receives the ARP response from the first virtual switch, the data packet will be sent to the external interface of the first virtual switch. After the external interface receives the data packet, it can be directly delivered to any virtual machine under the first node, or forwarded, depending on the location of the destination terminal.

步驟S13、確定資料包的目的虛擬機器是否處於第一節點對應的物理機。In step S13, it is determined whether the destination virtual machine of the data package is a physical machine corresponding to the first node.

具體來說,步驟S13是由第一節點相應的第一虛擬交換機來執行,虛擬交換機從資料包可以直接獲知其目的終端(目的虛擬機器),進而根據SDN控制器下發的流表來確定網路裝置所發送的資料包的目的終端是否處於第一節點對應的物理機。Specifically, step S13 is performed by the first virtual switch corresponding to the first node. The virtual switch can directly learn its destination terminal (destination virtual machine) from the data packet, and then determine the network based on the flow table issued by the SDN controller. Whether the destination terminal of the data packet sent by the network device is in a physical machine corresponding to the first node.

若資料包的目的終端處於第一節點對應的物理機,則可由第一虛擬交換機將該資料包直接交付於目的終端,在這種情況下,能夠以最高效的方式實現關於該資料包的完整通信,但通常這種情況具有不確定性和隨機性。If the destination terminal of the data packet is on the physical machine corresponding to the first node, the data packet can be directly delivered to the destination terminal by the first virtual switch. In this case, the completeness of the data packet can be achieved in the most efficient way. Communication, but often this situation is uncertain and random.

作為示例,這時流表可採用如下格式(示出流表的一部分): As an example, the flow table can be in the following format (showing a part of the flow table):

步驟S14、若目的終端(目的虛擬機器)處於不同於第一節點的第二節點對應的物理機,則將資料包轉發至第二虛擬交換機。Step S14: If the destination terminal (destination virtual machine) is on a physical machine corresponding to a second node different from the first node, forward the data packet to the second virtual switch.

其中,第二虛擬交換機處於第二節點對應的物理機,與第二節點相對應。The second virtual switch is located on a physical machine corresponding to the second node, and corresponds to the second node.

作為更一般的情況,在目的終端並非位於第一節點對應的物理機,而是位於第二節點對應的物理機時,可以基於流表或者利用SDN控制器,來獲取第二節點對應物理機的IP位址,再使用隧道技術,例如點對點通道通訊協定(Point to Point Tunneling Protocol,簡稱為PPTP),來將資料包從第一節點(具體地,第一虛擬交換機)轉發至第二節點(具體地,第二虛擬交換機)。As a more general case, when the destination terminal is not located on the physical machine corresponding to the first node, but is located on the physical machine corresponding to the second node, the physical machine corresponding to the second node can be obtained based on the flow table or using an SDN controller. IP address, and then use tunnel technology, such as Point to Point Tunneling Protocol (PPTP), to forward the data packet from the first node (specifically, the first virtual switch) to the second node (specifically Ground, the second virtual switch).

作為示例,這種情況下流表格式如下(示出流表的一部分): As an example, the flow table format in this case is as follows (showing a part of the flow table):

在步驟S14之後,還可以執行以下步驟:第二虛擬交換機將資料包直接交付給目的虛擬機器(因為目的虛擬機器處於第二節點對應的物理機,並由第二虛擬交換機來路由),從而,目的虛擬機器最終獲得來自外部裝置的資料包。After step S14, the following steps can also be performed: the second virtual switch directly delivers the data packet to the destination virtual machine (because the destination virtual machine is located on the physical machine corresponding to the second node and routed by the second virtual switch), The destination virtual machine finally obtains the data package from the external device.

資料包到達第二節點以待下發至目的虛擬機器時,示例流表可採用如下格式: When the data packet arrives at the second node to be delivered to the destination virtual machine, the example flow table can use the following format:

上述第一實施例提供的基於流表的資料傳送方法,通過利用SDN技術來定義網路,以及利用流表來配置網路,在各網路節點或各虛擬機器不具有浮動IP的情況下,仍能夠可靠而高效地實現資料包在虛擬機器與外部裝置之間的雙向傳輸。The flow table-based data transmission method provided by the first embodiment described above uses SDN technology to define the network and uses the flow table to configure the network. In the case where each network node or each virtual machine does not have a floating IP, The two-way transmission of data packets between the virtual machine and the external device can still be achieved reliably and efficiently.

此外,上述方法能夠克服現有技術中集中式路由及分散式路由可能存在的流量瓶頸問題,使得分散式路由的通信方案能夠在最大程度上發揮功效。In addition, the above method can overcome the traffic bottleneck problem that may exist in centralized routing and decentralized routing in the prior art, so that the communication scheme of decentralized routing can maximize its effectiveness.

本發明第二實施例提供一種物理機,其部署於網路中的一個或多個網路節點處,物理機配置有一個虛擬交換機和多個虛擬機器,各虛擬機器由相應的虛擬交換機來路由。A second embodiment of the present invention provides a physical machine that is deployed at one or more network nodes in a network. The physical machine is configured with a virtual switch and multiple virtual machines, and each virtual machine is routed by a corresponding virtual switch. .

其中,虛擬交換機基於流表來配置,並執行以下各種操作:   一、以外部介面接收來自外部裝置的ARP請求,以及,進而生成對ARP請求的相應ARP回應。   二、以外部介面接收來自外部裝置的資料包。其中,資料包由外部裝置在接收到ARP回應後提供。   三、確定資料包的目的虛擬機器是否處於第一節點對應的物理機。其中,第一節點為當前網路節點。   四、若確定目的虛擬機器處於第二節點對應的物理機,則將資料包轉發至處於第二節點對應的物理機中的虛擬交換機。   其中,第二節點為不同於第一節點的另一網路節點。The virtual switch is configured based on the flow table and performs the following operations: (1) receiving an ARP request from an external device through an external interface, and then generating a corresponding ARP response to the ARP request. 2. Receive data packets from external devices through an external interface. The data packet is provided by the external device after receiving the ARP response. (3) Determine whether the destination virtual machine of the data package is the physical machine corresponding to the first node. The first node is a current network node. 24. If it is determined that the destination virtual machine is on the physical machine corresponding to the second node, the data packet is forwarded to the virtual switch on the physical machine corresponding to the second node. For example, the second node is another network node different from the first node.

具體來說,SDN控制器首先能夠網路,還能夠生成流表以用於配置網路中的各網路節點,包括但不限於對物理機、虛擬交換機、以及虛擬機器的配置。SDN控制器還可進一步提供流表更改單元,使得設計人員能夠對流表進行更改,並將修改完成的流表重新下發至當前網路對應的虛擬交換機。Specifically, the SDN controller can first network, and can also generate a flow table for configuring each network node in the network, including but not limited to the configuration of a physical machine, a virtual switch, and a virtual machine. The SDN controller can further provide a flow table change unit, so that the designer can change the flow table and redistribute the modified flow table to the virtual switch corresponding to the current network.

按照流表,第一節點相應的虛擬交換機(第一虛擬交換機)的外部介面接收來自外部裝置的ARP請求。According to the flow table, the external interface of the corresponding virtual switch (first virtual switch) of the first node receives the ARP request from the external device.

按照流表,第一虛擬交換機生成對ARP請求的相應ARP回應,將ARP回應封裝為回應包並發送回外部裝置。ARP回應包括第一虛擬交換機所在的物理機的MAC位址。According to the flow table, the first virtual switch generates a corresponding ARP response to the ARP request, encapsulates the ARP response into a response packet and sends it back to the external device. The ARP response includes the MAC address of the physical machine where the first virtual switch is located.

按照流表,第一虛擬交換機通過其外部介面從外部裝置接收資料包。According to the flow table, the first virtual switch receives a data packet from an external device through its external interface.

按照流表,第一虛擬交換機能夠確定資料包的目的終端(目的虛擬機器)是否處於第一節點對應的物理機。According to the flow table, the first virtual switch can determine whether the destination terminal (destination virtual machine) of the data packet is on the physical machine corresponding to the first node.

在目的終端處於第二節點(而不是第一節點)對應的物理機時,按照流表,第一虛擬交換機能夠將資料包轉發至第二虛擬交換機,這可以通過點對點通道通訊協定來實現,最終由第二虛擬交換機將資料包直接交付目的虛擬機器。其中,第二虛擬交換機為處於第二節點對應的物理機中的虛擬交換機,其提供了對目的虛擬機器的路由。When the destination terminal is on the physical machine corresponding to the second node (not the first node), according to the flow table, the first virtual switch can forward the data packet to the second virtual switch. This can be achieved through the point-to-point channel communication protocol. The second virtual switch delivers the data packet directly to the destination virtual machine. The second virtual switch is a virtual switch in a physical machine corresponding to the second node, and provides a route to a destination virtual machine.

基於流表來配置物理機中的虛擬交換機,使得物理機具有以下有益效果:無論其下屬的虛擬機器是否具有浮動IP,該物理機都能夠實現資料包在虛擬機器和外部裝置之間的雙向傳遞,進而有助於分散式路由在最大程度上的實現。The virtual switch in the physical machine is configured based on the flow table, so that the physical machine has the following beneficial effects: The physical machine can realize the two-way transfer of data packets between the virtual machine and the external device regardless of whether the virtual machine under the virtual machine has a floating IP. , Which in turn helps the implementation of distributed routing to the maximum extent.

如圖5所示,本發明第三實施例提供一種基於流表的資料傳送系統,用於在多個網路節點之間傳送資料包,其中,每個網路節點部署有上述第二實施例所公開的物理機,這些物理機均可選用SDN控制器所下發的流表來配置,使得其中設置的虛擬交換機能夠接收來自外部裝置的ARP請求,以及生成相應的ARP回應。外部裝置在收到ARP響應,能夠將資料包發送至所期望的目的終端。As shown in FIG. 5, a third embodiment of the present invention provides a flow table-based data transmission system for transmitting data packets between multiple network nodes, where each network node is deployed with the second embodiment described above. The disclosed physical machines can be configured using a flow table issued by the SDN controller, so that the virtual switch set therein can receive ARP requests from external devices and generate corresponding ARP responses. After receiving the ARP response, the external device can send the data packet to the desired destination terminal.

具體來說,第一節點11設置有第一虛擬交換機110,第二節點12設置有第二虛擬交換機120,第一、第二虛擬交換機110,120分別提供對虛擬機器V1,V2,V3以及虛擬機器V4,V5,V6的路由。Specifically, the first node 11 is provided with a first virtual switch 110, and the second node 12 is provided with a second virtual switch 120. The first and second virtual switches 110 and 120 respectively provide virtual machines V1, V2, V3, and virtual machines. Routing of machines V4, V5, V6.

在利用流表配置物理機中設置的虛擬交換機之後,這種資料傳送系統能夠促進資料包在虛擬機器和外部裝置之間的雙向傳輸,而不管這些虛擬機器是否具有浮動IP。After using a flow table to configure a virtual switch set in a physical machine, this data transfer system can facilitate bidirectional transmission of data packets between virtual machines and external devices, regardless of whether these virtual machines have floating IPs.

作為示例,若資料包1的目的終端指向第一節點11中的虛擬機器V1,第一虛擬交換機110能夠將資料包1直接交付至虛擬機器V1;若資料包的目的終端指向第二節點12中的虛擬機器V5,第一虛擬交換機110通過隧道技術將資料包轉發至第二虛擬交換機120,再由第二虛擬交換機120將數據包交付虛擬機器V5。As an example, if the destination terminal of the data package 1 is directed to the virtual machine V1 in the first node 11, the first virtual switch 110 can directly deliver the data package 1 to the virtual machine V1; if the destination terminal of the data package is directed to the second node 12 For the virtual machine V5, the first virtual switch 110 forwards the data packet to the second virtual switch 120 through a tunnel technology, and the second virtual switch 120 delivers the data packet to the virtual machine V5.

在本發明的一些實施例中,上述系統的至少一部分可採用通信網路所連接的一組分散式運算裝置來實現,或,基於“雲”來實現。在這種系統中,多個計算裝置共同操作,以通過使用其共用資源來提供服務。In some embodiments of the present invention, at least a part of the above-mentioned system may be implemented using a group of decentralized computing devices connected to a communication network, or based on a "cloud". In such a system, multiple computing devices operate together to provide services by using their shared resources.

基於“雲”的實現可提供一個或多個優點,包括:開放性、靈活性和可擴展性、可中心管理、可靠性、可縮放性、對計算資源所優化、具有聚合和分析跨多個使用者的資訊的能力、跨多個地理區域進行連接、以及將多個移動或資料網路運營商用於網路連通性的能力。"Cloud" -based implementations can provide one or more advantages, including: openness, flexibility and scalability, central management, reliability, scalability, optimization of computing resources, aggregation and analysis across multiple The ability of users' information, connectivity across multiple geographic areas, and the ability to use multiple mobile or data network operators for network connectivity.

根據本發明另一實施例,提供一種電腦存儲介質,其上存儲有電腦可執行指令,該電腦可執行指令在由處理器執行時,將實現上述第一實施例中的方法。According to another embodiment of the present invention, a computer storage medium is provided on which computer-executable instructions are stored. When the computer-executable instructions are executed by a processor, the method in the first embodiment described above will be implemented.

根據本發明又一實施例,提供一種電腦程式,其包括一批電腦可執行指令,這些電腦可執行指令在由處理器執行時,有序執行第一實施例中的方法中的各步驟。According to another embodiment of the present invention, a computer program is provided, which includes a batch of computer-executable instructions. When these computer-executable instructions are executed by a processor, each step in the method in the first embodiment is performed in an orderly manner.

上述說明僅針對于本發明的優選實施例,並不在於限制本發明的保護範圍。本領域技術人員可能作出各種變形設計,而不脫離本發明的思想及附隨的權利要求。The above description is only directed to the preferred embodiments of the present invention, and is not intended to limit the protection scope of the present invention. Those skilled in the art may make various modified designs without departing from the idea of the present invention and the accompanying claims.

Net1‧‧‧子網Net1‧‧‧ Subnet

Net2‧‧‧子網Net2‧‧‧ Subnet

S10‧‧‧步驟S10‧‧‧step

S11‧‧‧步驟S11‧‧‧step

S12‧‧‧步驟S12‧‧‧step

S13‧‧‧步驟S13‧‧‧step

S14‧‧‧步驟S14‧‧‧step

V1‧‧‧虛擬機器V1‧‧‧ Virtual Machine

V2‧‧‧虛擬機器V2‧‧‧ Virtual Machine

V3‧‧‧虛擬機器V3‧‧‧ Virtual Machine

V4‧‧‧虛擬機器V4‧‧‧ Virtual Machine

V5‧‧‧虛擬機器V5‧‧‧ Virtual Machine

V6‧‧‧虛擬機器V6‧‧‧Virtual Machine

圖1示出路由器與不同子網之間的網路拓撲結構示意圖。Figure 1 shows a schematic diagram of the network topology between a router and different subnets.

圖2示出軟體SDN南北向流量通信的邏輯圖。Figure 2 shows a logic diagram of software SDN north-south traffic communication.

圖3示出路由器與外網的介面映射到物理架構的示意圖。FIG. 3 is a schematic diagram showing the mapping of the interface between the router and the external network to the physical architecture.

圖4示出根據本發明一實施例的傳輸傳送方法的流程示意圖。FIG. 4 is a schematic flowchart of a transmission method according to an embodiment of the present invention.

圖5示出根據本發明一實施例的資料傳送系統的網路拓撲結構。FIG. 5 illustrates a network topology of a data transmission system according to an embodiment of the present invention.

Claims (12)

一種基於流表的資料傳送方法,用於將資料包提供至多個網路節點中的一個節點,其中,各所述節點分別部署一物理機,所述物理機配置有一虛擬交換機和至少一虛擬機器,所述虛擬機器由所述虛擬交換機來路由,所述方法包括:   a)、將流表下發到第一虛擬交換機,以使得所述第一虛擬交換機對應的外部介面配置成接收來自外部裝置的ARP請求;其中,所述第一虛擬交換機處於第一節點對應的所述物理機;   b)、所述第一虛擬交換機基於所述流表生成對所述ARP請求的相應ARP回應;   c)、所述外部介面接收來自所述外部裝置的資料包;其中,所述資料包由所述外部裝置在接收到所述ARP回應後提供;   d)、確定所述資料包的目的虛擬機器是否處於所述第一節點對應的所述物理機;以及   e)、若所述目的虛擬機器處於不同於所述第一節點的第二節點對應的所述物理機,則所述第一虛擬交換機將所述資料包轉發至第二虛擬交換機;其中,所述第二虛擬交換機處於所述第二節點對應的所述物理機。A flow table-based data transmission method for providing a data packet to one of a plurality of network nodes, wherein each of the nodes is respectively deployed with a physical machine configured with a virtual switch and at least one virtual machine. The virtual machine is routed by the virtual switch, and the method includes: a) sending a flow table to the first virtual switch, so that an external interface corresponding to the first virtual switch is configured to receive an external device ARP request; wherein the first virtual switch is located on the physical machine corresponding to the first node; b), the first virtual switch generates a corresponding ARP response to the ARP request based on the flow table; c) 2. The external interface receives a data packet from the external device; wherein the data packet is provided by the external device after receiving the ARP response; d) determining whether a destination virtual machine of the data packet is located The physical machine corresponding to the first node; and e) if the destination virtual machine is different from the first virtual machine, The physical machine corresponding to the second node of the node, the first virtual switch forwards the data packet to the second virtual switch; wherein the second virtual switch is located in the physical corresponding to the second node machine. 根據請求項1所述的方法,其中,所述流表由SDN控制器生成。The method according to claim 1, wherein the flow table is generated by an SDN controller. 根據請求項2所述的方法,其中,所述ARP回應至少包括所述第一虛擬交換機對應的所述物理機的MAC位址。The method according to claim 2, wherein the ARP response includes at least a MAC address of the physical machine corresponding to the first virtual switch. 根據請求項2所述的方法,其中,步驟e)中,利用所述SDN控制器獲取所述第二虛擬交換機所在的所述物理機的IP位址,使用隧道技術將所述資料包轉發至所述第二虛擬交換機。The method according to claim 2, wherein in step e), the SDN controller is used to obtain the IP address of the physical machine where the second virtual switch is located, and the tunnel is used to forward the data packet to The second virtual switch. 根據請求項1所述的方法,其中,所述方法還包括:   所述第二虛擬交換機將所述資料包交付所述目的虛擬機器。The method according to claim 1, wherein the method further comprises: the second virtual switch delivers the data packet to the destination virtual machine. 根據請求項1至5中任一項所述的方法,其中,所述目的虛擬機器不設置浮動IP。The method according to any one of claims 1 to 5, wherein the destination virtual machine is not provided with a floating IP. 一種電腦存儲介質,其上存儲有電腦可執行指令,其特徵在於,所述電腦可執行指令在由處理器執行時,將實現請求項1至6中任一項所述的方法。A computer storage medium having computer-executable instructions stored therein is characterized in that, when the computer-executable instructions are executed by a processor, the method according to any one of claims 1 to 6 will be implemented. 一種電腦程式,包括一批電腦可執行指令,所述電腦可執行指令在由處理器執行時,執行請求項1至6中任一項所述的方法的步驟。A computer program includes a batch of computer-executable instructions. When the computer-executable instructions are executed by a processor, the steps of the method according to any one of claims 1 to 6 are performed. 一種用於接收資料包的物理機,部署於一網路節點處,其中,所述物理機配置有一虛擬交換機和至少一虛擬機器,所述虛擬機器由所述虛擬交換機路由,所述虛擬交換機基於流表配置成:   以外部介面接收來自外部裝置的ARP請求,以及,生成對所述ARP請求的相應ARP回應;   以所述外部介面接收來自所述外部裝置的資料包;其中,所述資料包由所述外部裝置在接收到所述ARP回應後提供;   確定所述資料包的目的虛擬機器是否處於第一節點對應的所述物理機;其中,所述第一節點為當前所述網路節點;以及   若確定所述目的虛擬機器處於第二節點對應的所述物理機,則將所述資料包轉發至處於所述第二節點對應的所述物理機中的所述虛擬交換機;其中,所述第二節點為不同於所述第一節點的所述網路節點。A physical machine for receiving data packets is deployed at a network node, wherein the physical machine is configured with a virtual switch and at least one virtual machine, the virtual machine is routed by the virtual switch, and the virtual switch is based on The flow table is configured to: 接收 receive an ARP request from an external device through an external interface, and generate a corresponding ARP response to the ARP request; 接收 receive a data packet from the external device through the external interface; wherein the data packet Provided by the external device after receiving the ARP response; determining whether the destination virtual machine of the data packet is the physical machine corresponding to the first node; wherein the first node is the current network node And if it is determined that the destination virtual machine is in the physical machine corresponding to the second node, forwarding the data packet to the virtual switch in the physical machine corresponding to the second node; The second node is a network node different from the first node. 根據請求項9所述的物理機,其中,所述物理機與SDN控制器耦合,並從所述SDN控制器獲取所述流表。The physical machine according to claim 9, wherein the physical machine is coupled to an SDN controller and obtains the flow table from the SDN controller. 一種基於流表的資料傳送系統,用於在多個網路節點之間傳送資料包,其特徵在於,每個所述網路節點部署有如請求項9或10所述的物理機。A flow table-based data transmission system is used to transmit data packets between multiple network nodes, and is characterized in that each of the network nodes is deployed with the physical machine according to claim 9 or 10. 根據請求項11所述的系統,其中,所述系統基於雲計算來部署。The system according to claim 11, wherein the system is deployed based on cloud computing.
TW107145030A 2017-12-29 2018-12-13 Data transfer method based on flow table TWI759571B (en)

Applications Claiming Priority (3)

Application Number Priority Date Filing Date Title
CN201711481899.3 2017-12-29
??201711481899.3 2017-12-29
CN201711481899.3A CN108322391B (en) 2017-12-29 2017-12-29 Data transmission method based on flow table

Publications (2)

Publication Number Publication Date
TW201931828A true TW201931828A (en) 2019-08-01
TWI759571B TWI759571B (en) 2022-04-01

Family

ID=62892777

Family Applications (1)

Application Number Title Priority Date Filing Date
TW107145030A TWI759571B (en) 2017-12-29 2018-12-13 Data transfer method based on flow table

Country Status (3)

Country Link
CN (1) CN108322391B (en)
TW (1) TWI759571B (en)
WO (1) WO2019128699A1 (en)

Families Citing this family (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN108322391B (en) * 2017-12-29 2020-08-25 中国银联股份有限公司 Data transmission method based on flow table
CN109547342B (en) * 2018-11-30 2021-03-09 新华三技术有限公司 Strategy routing issuing method and network node
CN110035012B (en) 2018-12-25 2021-09-14 中国银联股份有限公司 SDN-based VPN flow scheduling method and SDN-based VPN flow scheduling system
CN115150106B (en) * 2021-03-16 2023-03-14 中国科学技术大学 Safety protection method of physical machine and network node equipment
CN114172789B (en) * 2021-12-07 2023-11-10 北京天融信网络安全技术有限公司 Virtual equipment link detection method, device, equipment and storage medium

Family Cites Families (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US8300525B1 (en) * 2009-01-30 2012-10-30 Juniper Networks, Inc. Managing a flow table
WO2015074182A1 (en) * 2013-11-19 2015-05-28 华为技术有限公司 Table items addressing method, switch, and controller based on flow table
CN104660506B (en) * 2013-11-22 2018-12-25 华为技术有限公司 A kind of method, apparatus and system of data packet forwarding
CN104869058B (en) * 2015-06-04 2018-10-19 北京京东尚科信息技术有限公司 A kind of data message forwarding method and device
CN105099779B (en) * 2015-07-29 2018-10-12 北京京东尚科信息技术有限公司 Multi-tenant cloud platform framework
CN107306215B (en) * 2016-04-18 2020-07-17 中国移动通信集团江西有限公司 Data processing method, system and node
CN107124364B (en) * 2017-06-30 2019-09-13 广州市品高软件股份有限公司 The complete Proxy Method of network A RP and system based on software defined network controller
CN108322391B (en) * 2017-12-29 2020-08-25 中国银联股份有限公司 Data transmission method based on flow table

Also Published As

Publication number Publication date
TWI759571B (en) 2022-04-01
CN108322391A (en) 2018-07-24
WO2019128699A1 (en) 2019-07-04
CN108322391B (en) 2020-08-25

Similar Documents

Publication Publication Date Title
TW201931828A (en) Flow table-based data transfer method
TWI543566B (en) Data center network system based on software-defined network and packet forwarding method, address resolution method, routing controller thereof
CN104335537B (en) For the system and method for the multicast multipath of layer 2 transmission
JP5377770B2 (en) Name address mapping system, data transmission method, and name address mapping maintenance method
CN108574616A (en) A kind of method, equipment and the system of processing routing
CN113411243B (en) Data transmission method and device
US10079694B2 (en) Scalable virtual networks in SDN-based ethernet networks using VLANs
JP6544401B2 (en) PACKET TRANSFER DEVICE, CONTROL DEVICE, COMMUNICATION SYSTEM, COMMUNICATION METHOD, AND PROGRAM
KR20160056191A (en) System and method for virtual network-based distributed multi-domain routing
CN104954265B (en) Send the method and interchanger of multicast message
JPWO2014136864A1 (en) Packet rewriting device, control device, communication system, packet transmission method and program
KR102025680B1 (en) SDN based ARP implementation method and device
CN103220215B (en) The retransmission method of FCoE message and device in TRILL network
CN103795623A (en) Method and device for realizing traffic interflow between virtual devices
CN106209689B (en) Multicast data packet forwarding method and apparatus from VXLAN to VLAN
WO2013026384A1 (en) Service data transmission method, network node and system
WO2016095201A1 (en) Service link deployment method and device
CN112134776B (en) Method for generating multicast forwarding table item and access gateway
WO2020093871A1 (en) Downlink message sending method and apparatus and downlink message forwarding method and apparatus
WO2017185780A1 (en) Forwarding table entry establishment method and apparatus
CN108111413A (en) Method for routing, system and the equipment of stacking network
CN102281204B (en) Method and routing equipment for implementing rendezvous point (RP) load sharing of multicast group and routing equipment
TW202025813A (en) SDN-based VPN traffic scheduling method and SDN-based VPN traffic scheduling system
WO2022121707A1 (en) Packet transmission method, device, and system
US11523443B2 (en) Extraction, conversion, and transmission of user packet from encapsulated packet