WO2013029440A1 - Method and apparatus for implementing layer-2 interconnection of data centers - Google Patents

Method and apparatus for implementing layer-2 interconnection of data centers Download PDF

Info

Publication number
WO2013029440A1
WO2013029440A1 PCT/CN2012/078869 CN2012078869W WO2013029440A1 WO 2013029440 A1 WO2013029440 A1 WO 2013029440A1 CN 2012078869 W CN2012078869 W CN 2012078869W WO 2013029440 A1 WO2013029440 A1 WO 2013029440A1
Authority
WO
WIPO (PCT)
Prior art keywords
packet
ethernet
ethernet packet
ports
port
Prior art date
Application number
PCT/CN2012/078869
Other languages
French (fr)
Inventor
Wan ZHOU
Original Assignee
Hangzhou H3C Technologies Co., Ltd.
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Hangzhou H3C Technologies Co., Ltd. filed Critical Hangzhou H3C Technologies Co., Ltd.
Publication of WO2013029440A1 publication Critical patent/WO2013029440A1/en

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L12/00Data switching networks
    • H04L12/28Data switching networks characterised by path configuration, e.g. LAN [Local Area Networks] or WAN [Wide Area Networks]
    • H04L12/46Interconnection of networks
    • H04L12/4633Interconnection of networks using encapsulation techniques, e.g. tunneling

Definitions

  • Data centers provide various kinds of services.
  • a data center is a center in which data processing, data storage and data exchange is performed.
  • service providers usually deploy multiple data centers in different locations, so as to implement load balancing and achieve high availability.
  • the deployment of multiple data centers in different locations may involve random migration of virtual machines between the data centers. Since the migration of virtual machines is transparent to users, IP addresses and MAC addresses of the virtual machines should not change. Therefore, implementation of layer-2 interconnection between data centers located in different locations is desirable.
  • FIG. 1 is a schematic diagram illustrating a network structure of layer-2 interconnection of data centers according to an example of the present disclosure.
  • FIG. 2 is a schematic diagram illustrating a functional structure of an edge device according to an example of the present disclosure.
  • FIG. 3 is a schematic diagram illustrating a network structure of layer-2 interconnection of data centers according to an example of the present disclosure.
  • FIG. 4 is a flowchart illustrating a method for implementing layer-2 interconnection of data centers according to an example of the present disclosure.
  • FIG. 5 is a schematic diagram illustrating a structure of an edge device according to an example of the present disclosure.
  • the present disclosure is described by referring mainly to an example thereof.
  • numerous specific details are set forth in order to provide a thorough understanding of the present disclosure. It will be readily apparent however, that the present disclosure may be practiced without limitation to these specific details. In other instances, some methods and structures have not been described in detail so as not to unnecessarily obscure the present disclosure.
  • the term “includes” means includes but not limited to, the term “including” means including but not limited to.
  • the term “based on” means based at least in part on.
  • the terms "a” and “an” are intended to denote at least one of a particular element.
  • Layer-2 interconnection of data centers is mainly realized through an edge device of each data center.
  • an existing Overlay Transport Virtualization (OTV) technique is utilized to realize the layer-2 interconnection of data centers and it is required to support broadcast
  • An Any Source Multicast (ASM)/Bidir IP multicast group assigned by a core network may be configured on the edge device of each data center.
  • the edge device When receiving a broadcast packet from an internal port, the edge device encapsulates the broadcast packet according to the OTV technique and transmits the encapsulated packet to a multicast tree in the core network.
  • the core network multicasts the encapsulated packet to a remote OTV device.
  • the remote OTV device decapsulates the encapsulated packet and broadcasts the packet in a data center network where the remote OTV device is located.
  • the data center may run an Internet Group Management Protocol/Multicast Listener Discover (IGMP/MLD) protocol. Under this protocol, multicast information is recorded to a multicast forwarding table on the edge device.
  • IGMP/MLD Internet Group Management Protocol/Multicast Listener Discover
  • SSM Specific Source Multicast
  • the core network in order to provide layer-2 interconnection of data centers using the OTV technique, should support multicast. Otherwise, broadcast and multicast requirements cannot be met and the layer-2 interconnection of the data centers cannot be realized.
  • examples of the present disclosure provide a method for implementing layer-2 interconnection of data centers, which does not necessarily require that the core network support multicast.
  • a method for implementing layer-2 interconnection of data centers is provided.
  • a virtual bridge port is generated for each remote site in advance;
  • a tunnel encapsulation mapping table item corresponding to the virtual bridge port of each remote site is configured in a tunnel encapsulation mapping table;
  • the tunnel encapsulation mapping table item includes: when an Ethernet packet is received from an internal Ethernet port, determining, by the edge device of the local site, all output ports of the Ethernet packet, for each virtual bridge port in the output ports of the Ethernet packet, encapsulating the Ethernet packet according to the tunnel encapsulation mapping table item corresponding to the virtual bridge port and transmitting the encapsulated packet to the remote site; for each internal Ethernet port in the output ports of the Ethernet packet, forwarding the Ethernet packet via the internal Ethernet port;
  • FIG. 1 is a schematic diagram illustrating a network structure for implementing layer-2 interconnection of data centers according to an example of the present disclosure. Only edge devices of respective sites are shown in FIG. 1 . The internal topology of each site is not the emphasis of the present disclosure and thus is not shown in FIG. 1 .
  • sites A, B, C, D, E respectively access a core network through their respective edge devices 1 , 2, 3, 4, 5.
  • 'sites' mentioned in the present disclosure may be referred to as data centers.
  • the edge device of a local site generates a virtual bridge port for each remote site.
  • a virtual bridge port is a virtual layer-2 port which is not permanently tied to a particular physical layer-2 port. It may for example be a virtual Ethernet port.
  • FIG. 1 is taken as an example.
  • Edge device 1 of site A generates four virtual bridge ports with respect to remote sites B, C, D, E.
  • Edge device 2 of site B generates four virtual bridge ports with respect to remote sites A, C, D, E, and so on.
  • a point-to-point tunnel is established between each of the pairs of sites through the generated virtual bridge ports. Packets are transmitted through the tunnel to realize the layer-2 interconnection of the data centers.
  • FIG. 2 is a schematic diagram illustrating a functional structure of an edge device according to an example of the present disclosure.
  • the edge device includes 3 functional parts: P (Provider), O (Over), and C (Customer).
  • P mainly functions as a virtual core network device and provides a tunnel for the edge device to access to the core network.
  • O mainly functions as a virtual edge device and provides a tunnel for interconnection of data centers.
  • C mainly functions as a virtual private network device and provides a tunnel for an internal device to connect to the edge device.
  • Each part corresponds to a logical device and is composed of a Management Plane (MP), a Control Plane (CP) and a Data Plane (DP).
  • MP Management Plane
  • CP Control Plane
  • DP Data Plane
  • the MP is not the emphasis of the present disclosure and thus will not be described in detail.
  • the CP and the DP will be described in further detail.
  • the CP of the edge device includes 3 parts: P-CP, O-CP and C-CP.
  • the P-CP is mainly used for controlling exchange of protocol packets with a public network, e.g., controlling exchange of layer-3 routing information with the public network.
  • the O-CP is mainly used for controlling establishment of the point-to-point tunnel with the remote site, exchanging MAC address information and sensing whether the tunnel of the remote site is reachable.
  • the C-CP is mainly used for controlling exchange of layer-2 protocol information between sites, e.g., IGMP Snooping, distributing unicast MAC address to the O-CP and further to other sites through the O-CP.
  • the DP of the edge device includes 3 parts: P-DP, O-DP and C-DP.
  • the C-DP is mainly used for performing layer-2 forwarding processing to packets received from an internal location of the site, performing layer-2 forwarding processing to packets incoming from the O-DP, triggering MAC address determinations, and transmitting the determined MAC address information to the O-DP.
  • the O-DP is mainly used for performing tunnel encapsulation and tunnel decapsulation of the packets, and triggering MAC address information exchange with the remote site with respect to the MAC address information from the C-DP.
  • the P-DP is mainly used for layer-3 protocol exchange with the public network.
  • FIG. 3 is a schematic diagram illustrating a network structure for implementing layer-2 interconnection of data centers according to an example of the present disclosure.
  • the network includes sites A, B, C, wherein IP addresses of sites A, B, C accessing the core network are respectively listed as I PA, IPB and IPC.
  • FIG. 3 also shows an internal structure of edge device 3 in site C.
  • Edge device 3 mainly includes a processor, an internal Ethernet port E1 connected with host H3 in the site, an internal Ethernet port E2 connected with host H4 in the site, a virtual bridge port vEthl generated with respect to remote site A, and virtual bridge port vEth2 generated with respect to remote site B.
  • the processor is mainly used for processing Ethernet packets received from the internal Ethernet ports and packets received from the core network.
  • the processor implements two functional modules: a tunnel encapsulation/decapsulation module and a layer-2 exchanging and processing module.
  • These modules may be implemented by software (e.g. machine readable instructions stored in a memory and executable by a processor), hardware (e.g. the processor of an ASIC), or a combination thereof.
  • the edge device In order to realize transmission of packets between sites through the tunnel, the edge device maintains a tunnel encapsulation mapping table (e.g., the tunnel encapsulation mapping table shown in FIG. 3).
  • a tunnel encapsulation mapping table item is configured corresponding to the virtual bridge port generated for each remote site.
  • the tunnel encapsulation mapping table item includes the virtual bridge port generated with respect to the remote site, an IP address of the edge device of the remote site and an IP address of the edge device of the local site.
  • the edge device of the local site When transmitting a packet to the remote site, the edge device of the local site encapsulates the packet according to the tunnel encapsulation mapping table item corresponding to the remote site, and then transmits the encapsulated packet to the core network according to a routing table.
  • the edge device When receiving from the core network an encapsulated IP packet whose destination IP address is the IP address of the edge device, the edge device first decapsulates the IP packet to obtain a source IP address and a destination IP address of the IP packet and an original Ethernet packet, obtains the virtual bridge port receiving the original Ethernet packet, then determines Ethernet output ports of the original Ethernet packet, and forwards the Ethernet packet through each determined internal Ethernet output port, wherein the virtual bridge port receiving the original Ethernet packet is determined by searching the tunnel encapsulation mapping table according to the source IP address and destination IP address of the IP packet.
  • the edge device further maintains a MAC address mapping table (e.g., the MAC address mapping table shown in FIG. 3).
  • the MAC address mapping table may be similar to conventional MAC address mapping tables. However, the difference lies in that, the MAC address mapping table of the present disclosure further includes a MAC address mapping table item corresponding to the virtual bridge port, i.e., includes a MAC address mapping table item that takes the virtual bridge port as an output port.
  • FIG. 4 is a flowchart illustrating a method for implementing layer-2 interconnection of data centers according to an example of the present disclosure. The method includes the following operations.
  • Block 401 a virtual bridge port is generated with respect to each remote site, and a tunnel encapsulation mapping table item corresponding to the virtual bridge port is configured in a tunnel encapsulation mapping table.
  • the virtual bridge port is a virtual Ethernet port generated with respect to each remote site.
  • the virtual bridge port is not permanently tied to a particular physical entity.
  • the virtual bridge port has the same function as a physical Ethernet port.
  • a point-to-point tunnel is established between each of the sites through the virtual bridge ports to realize layer-2 interconnection of the data centers.
  • the virtual bridge port is generated by the edge device of the local site with respect to each remote site.
  • the IP address of the edge device accessing the core network is the public IP address of the site where the edge device is located, i.e., the IP address of the edge device.
  • the relationship is stored in the tunnel encapsulation mapping table.
  • Each relationship is called a tunnel encapsulation mapping table item, which includes the virtual bridge port, the IP address of the edge device of the remote site, and the IP address of the edge device of the local site.
  • the tunnel encapsulation mapping table item is used for tunnel encapsulation and tunnel decapsulation of packets during communications between the edge device and the remote site.
  • Block 402 when an Ethernet packet is received from an internal Ethernet port, the edge device determines all of the output ports of the Ethernet packet. For each virtual bridge port in the output ports of the Ethernet packet, the edge device encapsulates the Ethernet packet according to the tunnel encapsulation mapping table item corresponding to the virtual bridge port and transmits the encapsulated packet to the remote site. For each internal Ethernet port in the output ports of the Ethernet packet, the edge device transmits the Ethernet packet out via the internal Ethernet port.
  • the edge device when the edge device receives the Ethernet packet from the internal Ethernet port, the edge device determines a corresponding output port according to a destination MAC address of the Ethernet packet and transmits the Ethernet packet according to the output port. If the output port is the virtual bridge port, the destination of the Ethernet packet is the remote site corresponding to the virtual bridge port. Therefore, the Ethernet packet is encapsulated according to the tunnel encapsulation mapping table item corresponding to the virtual bridge port, and the encapsulated packet is transmitted out. If the output port is the internal Ethernet port, in conventional systems, the Ethernet packet need only be transmitted out via a corresponding internal Ethernet port.
  • the encapsulation of the Ethernet packet according to the tunnel encapsulation mapping table item corresponding to the virtual bridge port includes: the Ethernet packet is encapsulated by respectively taking the IP address of the edge device of the local site and the IP address of the edge device of the remote site in the tunnel encapsulation mapping table item as a source address and a destination address.
  • Block 403 when an encapsulated IP packet whose destination address is the IP address of the edge device is received, the edge device decapsulates the IP packet to obtain a source IP address and a destination IP address of the IP packet and obtain an original Ethernet packet.
  • a virtual bridge port receiving the original Ethernet packet is obtained by searching the tunnel encapsulation mapping table according to the source IP address and the destination IP address. All internal Ethernet output ports of the original Ethernet packet are determined and the original Ethernet packet is transmitted out via each determined internal Ethernet port.
  • the edge device receives an encapsulated IP packet whose destination IP address is the IP address of the edge device, the IP packet has been transmitted by the remote site through the point-to-point tunnel between the remote site and the local site. The edge device therefore decapsulates the IP packet to obtain the original Ethernet packet and determines the output port of the Ethernet packet according to the destination MAC address of the original Ethernet packet.
  • the determination of the corresponding virtual bridge port through searching the tunnel encapsulation mapping table according to the source IP address and the destination IP address of the IP packet includes: the source IP address and the destination IP address of the IP packet are compared with the IP address of the edge device of the remote site and the IP address of the edge device of the local site in each tunnel encapsulation mapping table item, if they are the same, it is determined that the virtual bridge port in the tunnel encapsulation mapping table item is the corresponding virtual bridge port.
  • the edge device when the edge device receives the encapsulated IP packet whose destination I P address is the IP address of the edge device, the original Ethernet packet encapsulated in the IP packet is transmitted towards the local site and is not allowed to be transmitted back to the core network.
  • the edge device decapsulates the IP packet to obtain the original Ethernet packet, and determines that the output ports of the original Ethernet packet are restricted to the internal Ethernet ports according to the split-horizon attribute. Through configuring the split-horizon attribute, it is ensured that the original Ethernet packet will not be transmitted back to the core network.
  • the above split-horizon attribute may be implemented by a source ID of the port.
  • each port is assigned a source ID.
  • the port configures the same source ID for the Ethernet packets.
  • the port compares the source ID of the output port of the Ethernet packet and the source ID of the Ethernet packet. If they are the same, the Ethernet packet is not allowed to be forwarded from the port. Thus, transmission of the Ethernet packet via the Ethernet port receiving the Ethernet packet is avoided, i.e., transmission loop is avoided.
  • the split-horizon attribute implemented by the source ID of the port may specifically include: different source ID values are configured for different internal Ethernet ports; the source IDs of all of the virtual bridge ports are configured with the same value, and the source ID of the virtual bridge ports is different from the source ID of every internal Ethernet port.
  • the method for the edge device to determine all of the internal Ethernet output ports of the original Ethernet packet includes: among all the output ports, the output ports whose source IDs are different from the source ID of the virtual bridge port are determined as the internal Ethernet output ports of the original Ethernet packet.
  • the original Ethernet packet received from the virtual bridge port will not be transmitted via other virtual bridge ports.
  • the Ethernet packet may only be transmitted inside the local site.
  • the edge device may determine a source MAC address of the packet. If what is determined is a new MAC address, the edge device may notify each remote site of the new MAC address.
  • a following operation may be further included: the source MAC address of the Ethernet packet is learnt, if the source MAC address is a new MAC address, each remote site is notified of the new MAC address information.
  • the new MAC address information may further include, besides the source MAC address, the VLAN that the Ethernet packet belongs to, which is similar with those in conventional systems.
  • the determination of whether the learnt source MAC address is a new MAC address includes: searching a corresponding MAC address mapping table for a corresponding MAC address mapping table item corresponding to the source MAC address, if the corresponding MAC address mapping table item is found, determining that the source MAC address is not a new MAC address; otherwise, determining that the source MAC address is a new MAC address.
  • the edge device may notify each remote site of the new source MAC address through the point-to-point tunnel established with each of the remote sites. Therefore, the method for notifying each of the remote sites of the new source MAC address includes: inserting the new source MAC address in an Interior Gateway Protocol (IGP) packet, encapsulating the IGP packet according to the tunnel encapsulation mapping table item corresponding to the remote site and then transmitting the encapsulated IGP packet to the core network.
  • IGP Interior Gateway Protocol
  • the edge device may also be notified of new MAC address information from a remote site. Therefore, after the virtual bridge port through which the original Ethernet packet was received is obtained, the method further includes: determining a protocol type of the original Ethernet packet, if the original Ethernet packet is an IGP packet, MAC address information carried in the IGP packet and the virtual bridge port through which the original Ethernet packet was received are respectively taken as MAC address information and an output port of the MAC address mapping table item and written into the MAC address mapping table.
  • the source MAC address of the original Ethernet packet encapsulated in the IP packet may also be determined according to the method for determining the MAC address of the packet received from the internal Ethernet port. Therefore, in block 403, after the virtual bridge port through which the original Ethernet packet was received is determined and before all of the internal Ethernet output ports of the original Ethernet packet are determined, the following operation may be also be performed: learning a corresponding relationship between the source MAC address of the original Ethernet packet and the virtual bridge port through which the original Ethernet packet was received.
  • an output port of the packet may be determined through searching a MAC address mapping table. If the packet is a broadcast packet, the packet is flooded on all other physical ports of the switch, i.e., all of the other physical ports are the output ports of the packet. If the packet is a multicast packet, the packet is forwarded according to an output port list of a multicast group of the packet.
  • the virtual bridge port has the same function as the physical Ethernet port and thus is also able to forward unicast, multicast and broadcast packets. For example, when the edge device receives a broadcast packet and the edge device is to flood the packet on all of the ports, the ports include the virtual bridge ports.
  • the method for determining all of the output ports of the Ethernet packet received from the internal Ethernet port in block 402 includes:
  • the MAC address mapping table is searched according to a destination MAC address of the Ethernet packet for a corresponding output port. If the output port is not found, it is determined that the output port of the Ethernet packet is all of the other internal Ethernet ports.
  • the Ethernet packet is only flooded inside the local site and will not be flooded to the virtual bridge ports. Therefore, the output ports of the Ethernet packet are identified as all of the other internal Ethernet ports except for the internal Ethernet port receiving the Ethernet packet.
  • the output ports of the packet are identified as all of the virtual bridge ports and all of the other internal Ethernet ports.
  • the Ethernet packet received by the internal Ethernet port is a broadcast packet, according to conventional systems, the Ethernet packet needs to be flooded on all of the ports. Therefore, the output ports of the Ethernet packet include all of the virtual bridge ports and all of the other internal Ethernet ports except for the internal Ethernet port receiving the Ethernet packet.
  • the Ethernet packet is a multicast packet
  • all of the output ports of the Ethernet packet are determined by searching a multicast group corresponding to the Ethernet packet according to the destination MAC address of the Ethernet packet. If no output port is found, the output ports of the Ethernet packet are identified as all of the other internal Ethernet ports.
  • the output ports of the Ethernet packet include all of the member ports of the multicast group corresponding to the Ethernet packet, i.e., all of the output ports in an output port list of the multicast group corresponding to the Ethernet packet.
  • the method for determining all of the output ports of the original Ethernet packet that is decapsulated from the IP packet and received from the virtual bridge port includes the following.
  • the MAC address mapping table is searched according to a destination MAC address of the original Ethernet packet for a corresponding output port. If no corresponding output port is found, it is determined that the output port of the original Ethernet packet includes all of the internal Ethernet ports and all of the other virtual bridge ports.
  • the MAC address mapping table item of the original Ethernet packet is not found in the MAC address mapping table, similar as in conventional systems, the original Ethernet packet should be flooded on all the ports. Therefore, the output port of the original Ethernet packet includes all of the internal Ethernet ports and all of the other virtual bridge ports except for the virtual bridge port through which the original Ethernet packet was received.
  • the original Ethernet packet is transmitted by the remote site towards the local site, the original Ethernet packet is not allowed to be transmitted back to the core network even if the output ports of the original Ethernet packet include the virtual bridge port. Therefore, when the original Ethernet packet is forwarded, according to the split-horizon attribute configured on the edge device, the original Ethernet packet is only transmitted via all of the internal Ethernet ports in the output ports.
  • the output ports of the original Ethernet packet include all of the internal Ethernet ports and all of the other virtual bridge ports.
  • the original Ethernet packet should be flooded on all ports. Therefore, the output ports of the original Ethernet packet include all of the internal Ethernet ports and all of the other virtual bridge ports except for the virtual bridge port through which the original Ethernet packet was received.
  • the original Ethernet packet since the original Ethernet packet is transmitted by the remote site towards the local site, the original Ethernet packet is not allowed to be transmitted back to the core network even if the output ports include the virtual bridge port. Therefore, when the original Ethernet packet is forwarded, according to the split-horizon attribute configured on the edge device, the original Ethernet packet is only transmitted via all the internal Ethernet ports in the output ports.
  • the output ports of the original Ethernet packet are determined by searching a multicast group corresponding to the original Ethernet packet according to the destination MAC address of the original Ethernet packet. If no output port is found, it is determined that the output ports of the original Ethernet packet include all of the internal Ethernet ports and all the other virtual bridge ports.
  • the original Ethernet packet is a multicast packet, according to conventional systems, the original Ethernet packet should be duplicated and transmitted on all member ports of the multicast group corresponding to the original Ethernet packet. Therefore, the output ports of the original Ethernet packet include the member ports of the multicast group corresponding to the original Ethernet packet.
  • the original Ethernet packet is transmitted by the remote site towards the local site, the original Ethernet packet is not allowed to be transmitted back to the core network even if the output ports include the virtual bridge port. Therefore, when the original Ethernet packet is forwarded, according to the split-horizon attribute configured on the edge device, the original Ethernet packet is only transmitted on the internal Ethernet ports in the output ports.
  • VLAN when the virtual bridge port is generated with respect to each remote site, VLAN may be further configured on the virtual bridge port. After the VLAN is configured on the virtual bridge port of the edge device, the packet is only forwarded within its VLAN when being transmitted between data centers. In case that the VLAN is configured on the virtual bridge port, the transmission area of the packet may be controlled and the broadcast range may be reduced to some extent.
  • the method for determining the output port of the Ethernet packet received from the internal Ethernet port includes the following.
  • the MAC address mapping table is searched according to a destination MAC address of the Ethernet packet and the VLAN of the Ethernet packet for the output port. It no output port is found, it is determined that the output port of the Ethernet packet includes all of the other internal Ethernet ports in the VLAN of the Ethernet packet.
  • the output ports of the Ethernet packet include all of the virtual bridge ports and all of the other internal Ethernet ports in the VLAN of the Ethernet packet.
  • Ethernet packet is a multicast packet
  • a multicast group corresponding to the Ethernet packet is searched according to the destination MAC address of the Ethernet packet and the VLAN of the Ethernet packet to obtain all of the output ports of the Ethernet packet. If the corresponding multicast group is not found, it is determined that the output ports of the Ethernet packet include all of the other internal Ethernet ports in the VLAN of the Ethernet packet.
  • the method for determining all the output ports of the original Ethernet packet that is decapsulated from the IP packet and received from the virtual bridge port includes the following.
  • the MAC address mapping table is searched according to a destination MAC address of the original Ethernet packet and the VLAN of the original Ethernet packet for the corresponding output port. If no corresponding output port is found, the output port of the original Ethernet packet is identified as all of the internal Ethernet ports and all of the other virtual bridge ports in the VLAN of the original Ethernet packet.
  • the output ports of the original Ethernet packet are identified as all of the internal Ethernet ports and all of the other virtual bridge ports in the VLAN of the original Ethernet packet.
  • the original Ethernet packet is a multicast packet
  • a multicast group corresponding to the original Ethernet packet is searched according to the destination MAC address of the original Ethernet packet and the VLAN of the original Ethernet packet for all of the output ports. If no output port is found, the output ports of the original Ethernet packet are identified as all of the internal Ethernet ports and all of the other virtual bridge ports in the VLAN of the original Ethernet packet.
  • a multicast group router may periodically multicast a query packet, e.g., an Internet Group Management Protocol (IGMP) query packet.
  • IGMP Internet Group Management Protocol
  • a switch configures a port receiving the multicast query packet as a route port of a multicast group corresponding to the multicast query packet and forwards the multicast query packet from all of the ports of the switch.
  • a host needs to join in a multicast group, the host transmits a multicast join packet, e.g., an IGMP join packet.
  • the switch running multicast listening protocol determines a corresponding multicast group according to a destination MAC address of the multicast join packet and takes the port receiving the multicast join packet as a member port of the multicast group.
  • the switch adds the port in an output list of the multicast group and forwards the multicast join packet via a route port of the multicast group.
  • the switch determines the multicast group according to a destination MAC address of the multicast data packet, duplicates and transmits the multicast data packet on all of the output ports in the output port list of the multicast group.
  • the edge device may run the multicast listening protocol to obtain member port information of each multicast group.
  • the multicast listening protocol may include IGMP, Protocol Independent Multicast (PIM) and Multicast Listener Discover (MLD).
  • the edge device determines that the Ethernet packet received from the internal Ethernet packet is a multicast packet
  • the following operation may be further included: a determination is made as to whether the Ethernet packet is a multicast query packet or a multicast join packet. If the Ethernet packet is a multicast query packet, the internal Ethernet port through which the multicast query packet is received is configured as a route port of the multicast group corresponding to the multicast query packet and the output ports of the multicast query packet are identified as all of the other internal Ethernet ports.
  • Ethernet packet is a multicast join packet
  • the internal Ethernet port through which the multicast join packet is received is added to the output port list of the multicast group corresponding to the Ethernet packet and the output port of the multicast join packet is identified as the route port of the multicast group corresponding to the multicast join packet.
  • the edge device decapsulates the IP packet received from the core network to obtain the original Ethernet packet and determines that the original Ethernet packet is a multicast packet
  • a following operation may be further included: a determination is made as to whether the original Ethernet packet is a multicast query packet or a multicast join packet; if the original Ethernet packet is a multicast query packet, the virtual bridge port through which the multicast query packet was received is configured as a route port of the multicast group corresponding to the multicast query packet and the output ports of the multicast query packet are identified as all of the internal Ethernet ports.
  • the virtual bridge port through which the multicast join packet was received is added to the output port list of the multicast group corresponding to the Ethernet packet and the output port of the multicast join packet is identified as the route port of the multicast group corresponding to the multicast join packet.
  • Another example of the present disclosure further provides an edge device for implementing layer-2 interconnection of data centers, which does not require the core network supporting multicast.
  • FIG. 5 is a schematic diagram illustrating a structure of an edge device according to an example of the present disclosure.
  • the edge device includes: a processor 501 , a memory 502, a plurality of internal Ethernet ports 503, a public network port 504 and a tunnel encapsulation mapping table 505.
  • the tunnel encapsulation mapping table 505 includes a tunnel encapsulation mapping table item corresponding to a virtual bridge port, in which each virtual bridge port corresponds to a remote site.
  • the tunnel encapsulation mapping table includes: the virtual bridge port, an IP address of the edge device, an IP address of an edge device of a remote site corresponding to the virtual bridge port.
  • the memory 502 stores machine readable instructions executable by the processor 501 to:
  • the memory 502 further stores machine readable instructions to: configure a split-horizon attribute of the edge device
  • the split-horizon attribute is implemented through a source ID of the port.
  • Each internal Ethernet port 503 is configured with a different source ID and all the virtual bridge ports are configured with the same source ID.
  • the source ID of the virtual bridge ports is different from the source ID of every internal Ethernet port 503.
  • the output ports whose source IDs are different from the source ID of the virtual bridge ports are determined as the internal Ethernet ports of the original Ethernet packet.
  • the edge device further includes a MAC address mapping table 506.
  • the memory 502 further stores machine readable instructions to: after the Ethernet packet is received from the internal Ethernet port 503 and before the output ports of the Ethernet packet are determined, determine a MAC address and inserting the newly-determined MAC address in an IGP packet, with respect to each remote site, encapsulate the IGP packet according to the tunnel encapsulation mapping table item corresponding to the remote site and transmit the encapsulated IGP packet to the public network port 504;
  • the virtual bridge port receiving the original Ethernet packet determines a protocol type of the original Ethernet packet, if the original Ethernet packet is an IGP packet, take the MAC address information inserted in the IGP packet determined by the remote site and the virtual bridge port through which the original Ethernet packet was received as MAC address information and an output port of the MAC address mapping table item and writing in the MAC address mapping table.
  • the memory 502 further includes machine readable instructions to: when the output port of the Ethernet packet received from the internal Ethernet port 502 is determined,
  • Ethernet packet if the Ethernet packet is a unicast packet, search the MAC address mapping table according to a destination MAC address of the Ethernet packet for a corresponding output port, if no corresponding output port is found, identify all of the other internal Ethernet ports as the output ports of the Ethernet packet;
  • Ethernet packet is a broadcast packet, identify all of the other internal Ethernet ports and all of the virtual bridge ports as the output ports of the Ethernet packet;
  • Ethernet packet is a multicast packet
  • the original Ethernet packet is a unicast packet, search the MAC address mapping table according to a destination MAC address of the original Ethernet packet for a corresponding output port, if no corresponding output port is found, identify all of the internal Ethernet ports and all of the other virtual bridge ports as the output ports of the original Ethernet packet;
  • the original Ethernet packet is a broadcast packet, identify all of the internal Ethernet ports and all of the other virtual bridge ports as the output ports of the original Ethernet packet;
  • the original Ethernet packet is a multicast packet
  • the memory 502 further stores machine readable instructions to: configure a VLAN on the virtual bridge port;
  • Ethernet packet is a unicast packet, search the MAC address mapping table according to the destination MAC address of the Ethernet packet and the VLAN of the Ethernet packet for a corresponding output port, if no corresponding output port is found, identify all of the other internal Ethernet ports in the VLAN of the Ethernet packet as the output ports of the Ethernet packet;
  • Ethernet packet is a broadcast packet, identify all of the virtual bridge ports and all of the other internal Ethernet packets in the VLAN of the Ethernet packet as the output ports of the Ethernet packet;
  • Ethernet packet is a multicast packet
  • the original Ethernet packet is a unicast packet, search the MAC address mapping table according to the destination MAC address of the original Ethernet packet and the VLAN of the original Ethernet packet for the corresponding output port, if no output port is found, identify all of the internal Ethernet ports and all of the other virtual bridge ports in the VLAN of the original Ethernet packet as the output ports of the original Ethernet packet;
  • the original Ethernet packet is a broadcast packet, identify all of the internal Ethernet ports and all of the other virtual bridge ports in the VLAN of the original Ethernet packet as the output ports of the original Ethernet packet;
  • the original Ethernet packet is a multicast packet
  • the memory 502 further stores machine readable instructions to:
  • the Ethernet packet received from the internal Ethernet port 503 is a multicast packet, determine whether the Ethernet packet is a multicast query packet or a multicast join packet, if the Ethernet packet is a multicast query packet, configure the internal Ethernet port through which the multicast query packet was received as a route port of the multicast group corresponding to the multicast query packet, and identify all of the other internal Ethernet ports as the output ports of the multicast query packet; if the Ethernet packet is a multicast join packet, add the internal Ethernet port through which the multicast join packet was received in an output port list of the multicast group corresponding to the multicast join packet, and identify the route port of the multicast group corresponding to the multicast join packet as the output port of the multicast join packet;
  • the original Ethernet packet decapsulated from the IP packet is a multicast packet, determine whether the original Ethernet packet is a multicast query packet or a multicast join packet, if the original Ethernet packet is a multicast query packet, configure the virtual bridge port corresponding to the multicast query port as the route port of the multicast group corresponding to the multicast query packet and identify all of the internal Ethernet ports as the output ports of the multicast query packet; if the original Ethernet packet is a multicast join packet, add the virtual bridge port corresponding to the multicast join packet to an output port list of the multicast group corresponding to the multicast join packet and identify the route port of the multicast group corresponding to the multicast join packet as the output port of the multicast join packet.
  • the above examples can be implemented by hardware, software or firmware or a combination thereof.
  • the various methods, processes and functional modules described herein may be implemented by a processor (the term processor is to be interpreted broadly to include a CPU, processing unit, ASIC, logic unit, or programmable gate array etc.).
  • the processes, methods and functional modules may all be performed by a single processor or split between several processors; reference in this disclosure or the claims to a 'processor' should thus be interpreted to mean 'one or more processors'.
  • the processes, methods and functional modules be implemented as machine readable instructions executable by one or more processors, hardware logic circuitry of the one or more processors or a combination thereof. Further the teachings herein may be implemented in the form of a software product.
  • the computer software product is stored in a non-transitory storage medium and comprises a plurality of instructions for making a computer device (which can be a personal computer, a server or a network device such as a router, switch, access point etc.) implement the method recited in the examples of the present disclosure.
  • a computer device which can be a personal computer, a server or a network device such as a router, switch, access point etc.

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)

Abstract

In a method and an apparatus for implementing layer-2 interconnection of data centers, a virtual bridge port is generated with respect to each remote site and a corresponding tunnel encapsulation mapping table item is configured. The method includes: when transmitting an Ethernet packet to the remote site, encapsulating the Ethernet packet according to the tunnel encapsulation mapping table item corresponding to the remote site and transmitting the encapsulated packet to a core network; when receiving an IP packet from the core network, the IP packet is decapsulated to obtain an original Ethernet packet and the original Ethernet packet is forwarded within the local site.

Description

METHOD AND APPARATUS FOR IMPLEMENTING LAYER-2
INTERCONNECTION OF DATA CENTERS
BACKGROUND
[0001 ] Data centers provide various kinds of services. A data center is a center in which data processing, data storage and data exchange is performed. In order to provide better services, service providers usually deploy multiple data centers in different locations, so as to implement load balancing and achieve high availability. The deployment of multiple data centers in different locations may involve random migration of virtual machines between the data centers. Since the migration of virtual machines is transparent to users, IP addresses and MAC addresses of the virtual machines should not change. Therefore, implementation of layer-2 interconnection between data centers located in different locations is desirable.
BRIEF DESCRIPTION OF THE DRAWINGS
[0002] Features of the present disclosure are illustrated by way of example and not limited in the following figure(s), in which like numerals indicate like elements, in which:
[0003] FIG. 1 is a schematic diagram illustrating a network structure of layer-2 interconnection of data centers according to an example of the present disclosure.
[0004] FIG. 2 is a schematic diagram illustrating a functional structure of an edge device according to an example of the present disclosure.
[0005] FIG. 3 is a schematic diagram illustrating a network structure of layer-2 interconnection of data centers according to an example of the present disclosure.
[0006] FIG. 4 is a flowchart illustrating a method for implementing layer-2 interconnection of data centers according to an example of the present disclosure.
[0007] FIG. 5 is a schematic diagram illustrating a structure of an edge device according to an example of the present disclosure.
DETAILED DESCRIPTION
[0008] Hereinafter, the present disclosure will be described in further detail with reference to the accompanying drawings and examples to make the technical solution and merits therein clearer.
[0009] For simplicity and illustrative purposes, the present disclosure is described by referring mainly to an example thereof. In the following description, numerous specific details are set forth in order to provide a thorough understanding of the present disclosure. It will be readily apparent however, that the present disclosure may be practiced without limitation to these specific details. In other instances, some methods and structures have not been described in detail so as not to unnecessarily obscure the present disclosure. As used herein, the term "includes" means includes but not limited to, the term "including" means including but not limited to. The term "based on" means based at least in part on. In addition, the terms "a" and "an" are intended to denote at least one of a particular element.
[0010] Layer-2 interconnection of data centers is mainly realized through an edge device of each data center. When an existing Overlay Transport Virtualization (OTV) technique is utilized to realize the layer-2 interconnection of data centers and it is required to support broadcast, an Any Source Multicast (ASM)/Bidir IP multicast group assigned by a core network may be configured on the edge device of each data center. When receiving a broadcast packet from an internal port, the edge device encapsulates the broadcast packet according to the OTV technique and transmits the encapsulated packet to a multicast tree in the core network. The core network multicasts the encapsulated packet to a remote OTV device. The remote OTV device decapsulates the encapsulated packet and broadcasts the packet in a data center network where the remote OTV device is located. In order to support multicast, the data center may run an Internet Group Management Protocol/Multicast Listener Discover (IGMP/MLD) protocol. Under this protocol, multicast information is recorded to a multicast forwarding table on the edge device. A Specific Source Multicast (SSM) tree of a multicast group is established in the core network and multicast packets are forwarded between data centers according to the multicast tree.
[0011 ] In the above described configurations, in order to provide layer-2 interconnection of data centers using the OTV technique, the core network should support multicast. Otherwise, broadcast and multicast requirements cannot be met and the layer-2 interconnection of the data centers cannot be realized.
[0012] In contrast to the above, examples of the present disclosure provide a method for implementing layer-2 interconnection of data centers, which does not necessarily require that the core network support multicast.
[0013] According to an example of the present disclosure, a method for implementing layer-2 interconnection of data centers is provided. In the method, a virtual bridge port is generated for each remote site in advance; a tunnel encapsulation mapping table item corresponding to the virtual bridge port of each remote site is configured in a tunnel encapsulation mapping table; wherein the tunnel encapsulation mapping table item includes: when an Ethernet packet is received from an internal Ethernet port, determining, by the edge device of the local site, all output ports of the Ethernet packet, for each virtual bridge port in the output ports of the Ethernet packet, encapsulating the Ethernet packet according to the tunnel encapsulation mapping table item corresponding to the virtual bridge port and transmitting the encapsulated packet to the remote site; for each internal Ethernet port in the output ports of the Ethernet packet, forwarding the Ethernet packet via the internal Ethernet port;
when an encapsulated IP packet is received whose destination IP address is the IP address of the edge device of the local site, decapsulating, by the edge device of the local site, the IP packet to obtain a source IP address and a destination IP address of the IP packet and to obtain an original Ethernet packet, obtaining the virtual bridge port through which the original Ethernet packet was received, determining all internal Ethernet output ports of the original Ethernet packet and transmitting the original Ethernet packet via each determined internal Ethernet output port.
[0014] FIG. 1 is a schematic diagram illustrating a network structure for implementing layer-2 interconnection of data centers according to an example of the present disclosure. Only edge devices of respective sites are shown in FIG. 1 . The internal topology of each site is not the emphasis of the present disclosure and thus is not shown in FIG. 1 . In FIG. 1 , sites A, B, C, D, E respectively access a core network through their respective edge devices 1 , 2, 3, 4, 5. Herein, it should be noted that, 'sites' mentioned in the present disclosure may be referred to as data centers.
[0015] In one example of the present disclosure, the edge device of a local site generates a virtual bridge port for each remote site. A virtual bridge port is a virtual layer-2 port which is not permanently tied to a particular physical layer-2 port. It may for example be a virtual Ethernet port. FIG. 1 is taken as an example. Edge device 1 of site A generates four virtual bridge ports with respect to remote sites B, C, D, E. Edge device 2 of site B generates four virtual bridge ports with respect to remote sites A, C, D, E, and so on. A point-to-point tunnel is established between each of the pairs of sites through the generated virtual bridge ports. Packets are transmitted through the tunnel to realize the layer-2 interconnection of the data centers.
[001 6] FIG. 2 is a schematic diagram illustrating a functional structure of an edge device according to an example of the present disclosure. As shown in FIG. 2, the edge device includes 3 functional parts: P (Provider), O (Over), and C (Customer). P mainly functions as a virtual core network device and provides a tunnel for the edge device to access to the core network. O mainly functions as a virtual edge device and provides a tunnel for interconnection of data centers. C mainly functions as a virtual private network device and provides a tunnel for an internal device to connect to the edge device. Each part corresponds to a logical device and is composed of a Management Plane (MP), a Control Plane (CP) and a Data Plane (DP).
[0017] Herein, the MP is not the emphasis of the present disclosure and thus will not be described in detail. Hereinafter, the CP and the DP will be described in further detail.
[0018] The CP of the edge device includes 3 parts: P-CP, O-CP and C-CP. The P-CP is mainly used for controlling exchange of protocol packets with a public network, e.g., controlling exchange of layer-3 routing information with the public network. The O-CP is mainly used for controlling establishment of the point-to-point tunnel with the remote site, exchanging MAC address information and sensing whether the tunnel of the remote site is reachable. The C-CP is mainly used for controlling exchange of layer-2 protocol information between sites, e.g., IGMP Snooping, distributing unicast MAC address to the O-CP and further to other sites through the O-CP.
[0019] The DP of the edge device includes 3 parts: P-DP, O-DP and C-DP. The C-DP is mainly used for performing layer-2 forwarding processing to packets received from an internal location of the site, performing layer-2 forwarding processing to packets incoming from the O-DP, triggering MAC address determinations, and transmitting the determined MAC address information to the O-DP. The O-DP is mainly used for performing tunnel encapsulation and tunnel decapsulation of the packets, and triggering MAC address information exchange with the remote site with respect to the MAC address information from the C-DP. The P-DP is mainly used for layer-3 protocol exchange with the public network.
[0020] FIG. 3 is a schematic diagram illustrating a network structure for implementing layer-2 interconnection of data centers according to an example of the present disclosure. As shown in FIG. 3, the network includes sites A, B, C, wherein IP addresses of sites A, B, C accessing the core network are respectively listed as I PA, IPB and IPC. FIG. 3 also shows an internal structure of edge device 3 in site C. Edge device 3 mainly includes a processor, an internal Ethernet port E1 connected with host H3 in the site, an internal Ethernet port E2 connected with host H4 in the site, a virtual bridge port vEthl generated with respect to remote site A, and virtual bridge port vEth2 generated with respect to remote site B. The processor is mainly used for processing Ethernet packets received from the internal Ethernet ports and packets received from the core network. According to an example, the processor implements two functional modules: a tunnel encapsulation/decapsulation module and a layer-2 exchanging and processing module. These modules may be implemented by software (e.g. machine readable instructions stored in a memory and executable by a processor), hardware (e.g. the processor of an ASIC), or a combination thereof.
[0021 ] In order to realize transmission of packets between sites through the tunnel, the edge device maintains a tunnel encapsulation mapping table (e.g., the tunnel encapsulation mapping table shown in FIG. 3). In the tunnel encapsulation mapping table, a tunnel encapsulation mapping table item is configured corresponding to the virtual bridge port generated for each remote site. The tunnel encapsulation mapping table item includes the virtual bridge port generated with respect to the remote site, an IP address of the edge device of the remote site and an IP address of the edge device of the local site. When transmitting a packet to the remote site, the edge device of the local site encapsulates the packet according to the tunnel encapsulation mapping table item corresponding to the remote site, and then transmits the encapsulated packet to the core network according to a routing table. When receiving from the core network an encapsulated IP packet whose destination IP address is the IP address of the edge device, the edge device first decapsulates the IP packet to obtain a source IP address and a destination IP address of the IP packet and an original Ethernet packet, obtains the virtual bridge port receiving the original Ethernet packet, then determines Ethernet output ports of the original Ethernet packet, and forwards the Ethernet packet through each determined internal Ethernet output port, wherein the virtual bridge port receiving the original Ethernet packet is determined by searching the tunnel encapsulation mapping table according to the source IP address and destination IP address of the IP packet.
[0022] In addition, in order to realize layer-2 forwarding, the edge device further maintains a MAC address mapping table (e.g., the MAC address mapping table shown in FIG. 3). The MAC address mapping table may be similar to conventional MAC address mapping tables. However, the difference lies in that, the MAC address mapping table of the present disclosure further includes a MAC address mapping table item corresponding to the virtual bridge port, i.e., includes a MAC address mapping table item that takes the virtual bridge port as an output port. There are two methods to obtain the MAC address mapping table item corresponding to the virtual bridge port. One is to determine a MAC address of the Ethernet packet received by the virtual bridge port following the existing method. Another method includes: the edge device notifies each remote site of the new MAC address information of the site through the tunnel; when new MAC address information notified by the remote site is received, the edge device writes the new MAC address information into the MAC address mapping table.
[0023] The above briefly describes an example of the present disclosure. Hereinafter, a more detailed example of the present disclosure will be described.
[0024] FIG. 4 is a flowchart illustrating a method for implementing layer-2 interconnection of data centers according to an example of the present disclosure. The method includes the following operations.
[0025] Block 401 , a virtual bridge port is generated with respect to each remote site, and a tunnel encapsulation mapping table item corresponding to the virtual bridge port is configured in a tunnel encapsulation mapping table.
[0026] Herein, the virtual bridge port is a virtual Ethernet port generated with respect to each remote site. The virtual bridge port is not permanently tied to a particular physical entity. However, the virtual bridge port has the same function as a physical Ethernet port. A point-to-point tunnel is established between each of the sites through the virtual bridge ports to realize layer-2 interconnection of the data centers.
[0027] The virtual bridge port is generated by the edge device of the local site with respect to each remote site. There exists a relationship between the public IP address of the local site, the public IP address of the remote site and the virtual bridge port generated by the local site with respect to the remote site. In fact, since each site accesses the core network through a respective edge device, the IP address of the edge device accessing the core network is the public IP address of the site where the edge device is located, i.e., the IP address of the edge device. In an example of the present disclosure, the relationship is stored in the tunnel encapsulation mapping table. Each relationship is called a tunnel encapsulation mapping table item, which includes the virtual bridge port, the IP address of the edge device of the remote site, and the IP address of the edge device of the local site. The tunnel encapsulation mapping table item is used for tunnel encapsulation and tunnel decapsulation of packets during communications between the edge device and the remote site.
[0028] Block 402, when an Ethernet packet is received from an internal Ethernet port, the edge device determines all of the output ports of the Ethernet packet. For each virtual bridge port in the output ports of the Ethernet packet, the edge device encapsulates the Ethernet packet according to the tunnel encapsulation mapping table item corresponding to the virtual bridge port and transmits the encapsulated packet to the remote site. For each internal Ethernet port in the output ports of the Ethernet packet, the edge device transmits the Ethernet packet out via the internal Ethernet port.
[0029] In this block, when the edge device receives the Ethernet packet from the internal Ethernet port, the edge device determines a corresponding output port according to a destination MAC address of the Ethernet packet and transmits the Ethernet packet according to the output port. If the output port is the virtual bridge port, the destination of the Ethernet packet is the remote site corresponding to the virtual bridge port. Therefore, the Ethernet packet is encapsulated according to the tunnel encapsulation mapping table item corresponding to the virtual bridge port, and the encapsulated packet is transmitted out. If the output port is the internal Ethernet port, in conventional systems, the Ethernet packet need only be transmitted out via a corresponding internal Ethernet port.
[0030] Herein, the encapsulation of the Ethernet packet according to the tunnel encapsulation mapping table item corresponding to the virtual bridge port includes: the Ethernet packet is encapsulated by respectively taking the IP address of the edge device of the local site and the IP address of the edge device of the remote site in the tunnel encapsulation mapping table item as a source address and a destination address.
[0031 ] Block 403, when an encapsulated IP packet whose destination address is the IP address of the edge device is received, the edge device decapsulates the IP packet to obtain a source IP address and a destination IP address of the IP packet and obtain an original Ethernet packet. A virtual bridge port receiving the original Ethernet packet is obtained by searching the tunnel encapsulation mapping table according to the source IP address and the destination IP address. All internal Ethernet output ports of the original Ethernet packet are determined and the original Ethernet packet is transmitted out via each determined internal Ethernet port. [0032] In this block, when the edge device receives an encapsulated IP packet whose destination IP address is the IP address of the edge device, the IP packet has been transmitted by the remote site through the point-to-point tunnel between the remote site and the local site. The edge device therefore decapsulates the IP packet to obtain the original Ethernet packet and determines the output port of the Ethernet packet according to the destination MAC address of the original Ethernet packet.
[0033] Herein, the determination of the corresponding virtual bridge port through searching the tunnel encapsulation mapping table according to the source IP address and the destination IP address of the IP packet includes: the source IP address and the destination IP address of the IP packet are compared with the IP address of the edge device of the remote site and the IP address of the edge device of the local site in each tunnel encapsulation mapping table item, if they are the same, it is determined that the virtual bridge port in the tunnel encapsulation mapping table item is the corresponding virtual bridge port.
[0034] In the example shown in FIG. 4, when the edge device receives the encapsulated IP packet whose destination I P address is the IP address of the edge device, the original Ethernet packet encapsulated in the IP packet is transmitted towards the local site and is not allowed to be transmitted back to the core network. Thus, it is possible to configure a split-horizon attribute on the edge device. In this example, the edge device decapsulates the IP packet to obtain the original Ethernet packet, and determines that the output ports of the original Ethernet packet are restricted to the internal Ethernet ports according to the split-horizon attribute. Through configuring the split-horizon attribute, it is ensured that the original Ethernet packet will not be transmitted back to the core network.
[0035] The above split-horizon attribute may be implemented by a source ID of the port. In conventional systems, each port is assigned a source ID. When receiving Ethernet packets, the port configures the same source ID for the Ethernet packets. When forwarding an Ethernet packet, the port compares the source ID of the output port of the Ethernet packet and the source ID of the Ethernet packet. If they are the same, the Ethernet packet is not allowed to be forwarded from the port. Thus, transmission of the Ethernet packet via the Ethernet port receiving the Ethernet packet is avoided, i.e., transmission loop is avoided.
[0036] In this example, in order to realize that the original Ethernet packet from other sites are transmitted only inside the local site, the split-horizon attribute implemented by the source ID of the port may specifically include: different source ID values are configured for different internal Ethernet ports; the source IDs of all of the virtual bridge ports are configured with the same value, and the source ID of the virtual bridge ports is different from the source ID of every internal Ethernet port.
[0037] As such, the method for the edge device to determine all of the internal Ethernet output ports of the original Ethernet packet includes: among all the output ports, the output ports whose source IDs are different from the source ID of the virtual bridge port are determined as the internal Ethernet output ports of the original Ethernet packet.
[0038] Thus, since all of the virtual bridge ports have the same source ID, the original Ethernet packet received from the virtual bridge port will not be transmitted via other virtual bridge ports. Whether the original Ethernet packet is a unicast packet, a broadcast packet or a multicast packet, the Ethernet packet may only be transmitted inside the local site.
[0039] In the example shown in FIG. 4, when a packet is received from the internal Ethernet port, the edge device may determine a source MAC address of the packet. If what is determined is a new MAC address, the edge device may notify each remote site of the new MAC address. Thus, in block 402, after the edge device receives the Ethernet packet from the internal Ethernet port and before the edge device determines all of the output ports of the Ethernet packet, a following operation may be further included: the source MAC address of the Ethernet packet is learnt, if the source MAC address is a new MAC address, each remote site is notified of the new MAC address information. Herein, if the Ethernet packet belongs to a certain VLAN, the new MAC address information may further include, besides the source MAC address, the VLAN that the Ethernet packet belongs to, which is similar with those in conventional systems.
[0040] The determination of whether the learnt source MAC address is a new MAC address includes: searching a corresponding MAC address mapping table for a corresponding MAC address mapping table item corresponding to the source MAC address, if the corresponding MAC address mapping table item is found, determining that the source MAC address is not a new MAC address; otherwise, determining that the source MAC address is a new MAC address.
[0041 ] The edge device may notify each remote site of the new source MAC address through the point-to-point tunnel established with each of the remote sites. Therefore, the method for notifying each of the remote sites of the new source MAC address includes: inserting the new source MAC address in an Interior Gateway Protocol (IGP) packet, encapsulating the IGP packet according to the tunnel encapsulation mapping table item corresponding to the remote site and then transmitting the encapsulated IGP packet to the core network.
[0042] On the other hand, the edge device may also be notified of new MAC address information from a remote site. Therefore, after the virtual bridge port through which the original Ethernet packet was received is obtained, the method further includes: determining a protocol type of the original Ethernet packet, if the original Ethernet packet is an IGP packet, MAC address information carried in the IGP packet and the virtual bridge port through which the original Ethernet packet was received are respectively taken as MAC address information and an output port of the MAC address mapping table item and written into the MAC address mapping table.
[0043] In addition, after the edge device receives the encapsulated IP packet whose destination address is the IP address of the edge device, the source MAC address of the original Ethernet packet encapsulated in the IP packet may also be determined according to the method for determining the MAC address of the packet received from the internal Ethernet port. Therefore, in block 403, after the virtual bridge port through which the original Ethernet packet was received is determined and before all of the internal Ethernet output ports of the original Ethernet packet are determined, the following operation may be also be performed: learning a corresponding relationship between the source MAC address of the original Ethernet packet and the virtual bridge port through which the original Ethernet packet was received. [0044] In conventional systems, when a switch receives a packet from a physical Ethernet port, if the packet is a unicast packet, an output port of the packet may be determined through searching a MAC address mapping table. If the packet is a broadcast packet, the packet is flooded on all other physical ports of the switch, i.e., all of the other physical ports are the output ports of the packet. If the packet is a multicast packet, the packet is forwarded according to an output port list of a multicast group of the packet. In an example of the present disclosure, the virtual bridge port has the same function as the physical Ethernet port and thus is also able to forward unicast, multicast and broadcast packets. For example, when the edge device receives a broadcast packet and the edge device is to flood the packet on all of the ports, the ports include the virtual bridge ports.
[0045] Therefore, the method for determining all of the output ports of the Ethernet packet received from the internal Ethernet port in block 402 includes:
If the Ethernet packet is a unicast packet, the MAC address mapping table is searched according to a destination MAC address of the Ethernet packet for a corresponding output port. If the output port is not found, it is determined that the output port of the Ethernet packet is all of the other internal Ethernet ports. Herein, when the output port corresponding to the Ethernet packet is not found in the MAC address mapping table, in order to reduce traffic, the Ethernet packet is only flooded inside the local site and will not be flooded to the virtual bridge ports. Therefore, the output ports of the Ethernet packet are identified as all of the other internal Ethernet ports except for the internal Ethernet port receiving the Ethernet packet.
[0046] If the Ethernet packet is a broadcast packet, the output ports of the packet are identified as all of the virtual bridge ports and all of the other internal Ethernet ports. Herein, if the Ethernet packet received by the internal Ethernet port is a broadcast packet, according to conventional systems, the Ethernet packet needs to be flooded on all of the ports. Therefore, the output ports of the Ethernet packet include all of the virtual bridge ports and all of the other internal Ethernet ports except for the internal Ethernet port receiving the Ethernet packet.
[0047] If the Ethernet packet is a multicast packet, all of the output ports of the Ethernet packet are determined by searching a multicast group corresponding to the Ethernet packet according to the destination MAC address of the Ethernet packet. If no output port is found, the output ports of the Ethernet packet are identified as all of the other internal Ethernet ports. Herein, if the Ethernet packet received by the internal Ethernet port is a multicast packet, according to conventional systems, the packet should be duplicated and transmitted on all of the member ports of the multicast group corresponding to the Ethernet packet. Therefore, the output ports of the Ethernet packet include all of the member ports of the multicast group corresponding to the Ethernet packet, i.e., all of the output ports in an output port list of the multicast group corresponding to the Ethernet packet.
[0048] In block 403, the method for determining all of the output ports of the original Ethernet packet that is decapsulated from the IP packet and received from the virtual bridge port includes the following.
[0049] If the original Ethernet packet is a unicast packet, the MAC address mapping table is searched according to a destination MAC address of the original Ethernet packet for a corresponding output port. If no corresponding output port is found, it is determined that the output port of the original Ethernet packet includes all of the internal Ethernet ports and all of the other virtual bridge ports. Herein, if the MAC address mapping table item of the original Ethernet packet is not found in the MAC address mapping table, similar as in conventional systems, the original Ethernet packet should be flooded on all the ports. Therefore, the output port of the original Ethernet packet includes all of the internal Ethernet ports and all of the other virtual bridge ports except for the virtual bridge port through which the original Ethernet packet was received. In addition, since the original Ethernet packet is transmitted by the remote site towards the local site, the original Ethernet packet is not allowed to be transmitted back to the core network even if the output ports of the original Ethernet packet include the virtual bridge port. Therefore, when the original Ethernet packet is forwarded, according to the split-horizon attribute configured on the edge device, the original Ethernet packet is only transmitted via all of the internal Ethernet ports in the output ports.
[0050] If the original Ethernet packet is a broadcast packet, the output ports of the original Ethernet packet include all of the internal Ethernet ports and all of the other virtual bridge ports. Herein, when the original Ethernet packet is a broadcast packet, according to conventional systems, the original Ethernet packet should be flooded on all ports. Therefore, the output ports of the original Ethernet packet include all of the internal Ethernet ports and all of the other virtual bridge ports except for the virtual bridge port through which the original Ethernet packet was received. In addition, since the original Ethernet packet is transmitted by the remote site towards the local site, the original Ethernet packet is not allowed to be transmitted back to the core network even if the output ports include the virtual bridge port. Therefore, when the original Ethernet packet is forwarded, according to the split-horizon attribute configured on the edge device, the original Ethernet packet is only transmitted via all the internal Ethernet ports in the output ports.
[0051 ] If the original Ethernet packet is a multicast packet, the output ports of the original Ethernet packet are determined by searching a multicast group corresponding to the original Ethernet packet according to the destination MAC address of the original Ethernet packet. If no output port is found, it is determined that the output ports of the original Ethernet packet include all of the internal Ethernet ports and all the other virtual bridge ports. Herein, if the original Ethernet packet is a multicast packet, according to conventional systems, the original Ethernet packet should be duplicated and transmitted on all member ports of the multicast group corresponding to the original Ethernet packet. Therefore, the output ports of the original Ethernet packet include the member ports of the multicast group corresponding to the original Ethernet packet. In addition, since the original Ethernet packet is transmitted by the remote site towards the local site, the original Ethernet packet is not allowed to be transmitted back to the core network even if the output ports include the virtual bridge port. Therefore, when the original Ethernet packet is forwarded, according to the split-horizon attribute configured on the edge device, the original Ethernet packet is only transmitted on the internal Ethernet ports in the output ports.
[0052] The above describes the method for determining the output port of the packet when the edge device does not support VLAN. Since most current devices support VLAN, the method for determining the output port of the packet when the edge device supports VLAN will be described hereinafter.
[0053] In the example shown in FIG. 4, when the virtual bridge port is generated with respect to each remote site, VLAN may be further configured on the virtual bridge port. After the VLAN is configured on the virtual bridge port of the edge device, the packet is only forwarded within its VLAN when being transmitted between data centers. In case that the VLAN is configured on the virtual bridge port, the transmission area of the packet may be controlled and the broadcast range may be reduced to some extent.
[0054] In block 402, the method for determining the output port of the Ethernet packet received from the internal Ethernet port includes the following.
[0055] If the Ethernet packet is a unicast packet, the MAC address mapping table is searched according to a destination MAC address of the Ethernet packet and the VLAN of the Ethernet packet for the output port. It no output port is found, it is determined that the output port of the Ethernet packet includes all of the other internal Ethernet ports in the VLAN of the Ethernet packet.
[0056] If the Ethernet packet is a broadcast packet, the output ports of the Ethernet packet include all of the virtual bridge ports and all of the other internal Ethernet ports in the VLAN of the Ethernet packet.
[0057] If the Ethernet packet is a multicast packet, a multicast group corresponding to the Ethernet packet is searched according to the destination MAC address of the Ethernet packet and the VLAN of the Ethernet packet to obtain all of the output ports of the Ethernet packet. If the corresponding multicast group is not found, it is determined that the output ports of the Ethernet packet include all of the other internal Ethernet ports in the VLAN of the Ethernet packet.
[0058] In block 403, the method for determining all the output ports of the original Ethernet packet that is decapsulated from the IP packet and received from the virtual bridge port includes the following.
[0059] If the original Ethernet packet is a unicast packet, the MAC address mapping table is searched according to a destination MAC address of the original Ethernet packet and the VLAN of the original Ethernet packet for the corresponding output port. If no corresponding output port is found, the output port of the original Ethernet packet is identified as all of the internal Ethernet ports and all of the other virtual bridge ports in the VLAN of the original Ethernet packet.
[0060] If the original Ethernet packet is a broadcast packet, the output ports of the original Ethernet packet are identified as all of the internal Ethernet ports and all of the other virtual bridge ports in the VLAN of the original Ethernet packet.
[0061 ] If the original Ethernet packet is a multicast packet, a multicast group corresponding to the original Ethernet packet is searched according to the destination MAC address of the original Ethernet packet and the VLAN of the original Ethernet packet for all of the output ports. If no output port is found, the output ports of the original Ethernet packet are identified as all of the internal Ethernet ports and all of the other virtual bridge ports in the VLAN of the original Ethernet packet.
[0062] In a practical application, a multicast group router may periodically multicast a query packet, e.g., an Internet Group Management Protocol (IGMP) query packet. When multicast query packet is received, a switch configures a port receiving the multicast query packet as a route port of a multicast group corresponding to the multicast query packet and forwards the multicast query packet from all of the ports of the switch. When a host needs to join in a multicast group, the host transmits a multicast join packet, e.g., an IGMP join packet. After receiving the multicast join packet, the switch running multicast listening protocol determines a corresponding multicast group according to a destination MAC address of the multicast join packet and takes the port receiving the multicast join packet as a member port of the multicast group. The switch adds the port in an output list of the multicast group and forwards the multicast join packet via a route port of the multicast group. When a multicast data packet is received, the switch determines the multicast group according to a destination MAC address of the multicast data packet, duplicates and transmits the multicast data packet on all of the output ports in the output port list of the multicast group.
[0063] In the example shown in FIG. 4, the edge device may run the multicast listening protocol to obtain member port information of each multicast group. Herein, the multicast listening protocol may include IGMP, Protocol Independent Multicast (PIM) and Multicast Listener Discover (MLD).
[0064] Thus, after the edge device determines that the Ethernet packet received from the internal Ethernet packet is a multicast packet, the following operation may be further included: a determination is made as to whether the Ethernet packet is a multicast query packet or a multicast join packet. If the Ethernet packet is a multicast query packet, the internal Ethernet port through which the multicast query packet is received is configured as a route port of the multicast group corresponding to the multicast query packet and the output ports of the multicast query packet are identified as all of the other internal Ethernet ports. If the Ethernet packet is a multicast join packet, the internal Ethernet port through which the multicast join packet is received is added to the output port list of the multicast group corresponding to the Ethernet packet and the output port of the multicast join packet is identified as the route port of the multicast group corresponding to the multicast join packet.
[0065] After the edge device decapsulates the IP packet received from the core network to obtain the original Ethernet packet and determines that the original Ethernet packet is a multicast packet, a following operation may be further included: a determination is made as to whether the original Ethernet packet is a multicast query packet or a multicast join packet; if the original Ethernet packet is a multicast query packet, the virtual bridge port through which the multicast query packet was received is configured as a route port of the multicast group corresponding to the multicast query packet and the output ports of the multicast query packet are identified as all of the internal Ethernet ports. If the original Ethernet packet is a multicast join packet, the virtual bridge port through which the multicast join packet was received is added to the output port list of the multicast group corresponding to the Ethernet packet and the output port of the multicast join packet is identified as the route port of the multicast group corresponding to the multicast join packet.
[0066] The above describes the method of an example of the present disclosure. Another example of the present disclosure further provides an edge device for implementing layer-2 interconnection of data centers, which does not require the core network supporting multicast.
[0067] FIG. 5 is a schematic diagram illustrating a structure of an edge device according to an example of the present disclosure. As shown in FIG. 5, the edge device includes: a processor 501 , a memory 502, a plurality of internal Ethernet ports 503, a public network port 504 and a tunnel encapsulation mapping table 505.
[0068] The tunnel encapsulation mapping table 505 includes a tunnel encapsulation mapping table item corresponding to a virtual bridge port, in which each virtual bridge port corresponds to a remote site. The tunnel encapsulation mapping table includes: the virtual bridge port, an IP address of the edge device, an IP address of an edge device of a remote site corresponding to the virtual bridge port.
[0069] The memory 502 stores machine readable instructions executable by the processor 501 to:
when an Ethernet packet is received by an internal Ethernet port 503, determine all the output ports of the Ethernet packet, for each virtual bridge port in the output ports of the Ethernet packet, encapsulate the Ethernet packet according to the tunnel encapsulation mapping table item corresponding to the virtual bridge port and transmit the encapsulated packet to the public network port 504; for each internal Ethernet port in the output ports of the Ethernet packet, forward the Ethernet packet via the internal Ethernet port 503;
when an encapsulated IP packet whose destination IP address is the IP address of the edge device is received by the public network port 504, decapsulate the IP packet to obtain a source IP address and a destination IP address of the IP packet and obtain an original Ethernet packet, obtain a virtual bridge port through which the original Ethernet packet was received, determine all the internal Ethernet output ports 503 of the original Ethernet packet, and transmit the original Ethernet packet via each determined internal Ethernet output port 503.
[0070] The memory 502 further stores machine readable instructions to: configure a split-horizon attribute of the edge device;
after the original Ethernet packet which is decapsulated from the IP packet received via the public network port 504 is received, determine that the output ports of the original Ethernet packet are restricted to all of the internal Ethernet ports according to the split-horizon attribute. [0071 ] The split-horizon attribute is implemented through a source ID of the port. Each internal Ethernet port 503 is configured with a different source ID and all the virtual bridge ports are configured with the same source ID. The source ID of the virtual bridge ports is different from the source ID of every internal Ethernet port 503.
[0072] When determining the internal Ethernet output ports of the original Ethernet packet, the output ports whose source IDs are different from the source ID of the virtual bridge ports are determined as the internal Ethernet ports of the original Ethernet packet.
[0073] The edge device further includes a MAC address mapping table 506.
[0074] The memory 502 further stores machine readable instructions to: after the Ethernet packet is received from the internal Ethernet port 503 and before the output ports of the Ethernet packet are determined, determine a MAC address and inserting the newly-determined MAC address in an IGP packet, with respect to each remote site, encapsulate the IGP packet according to the tunnel encapsulation mapping table item corresponding to the remote site and transmit the encapsulated IGP packet to the public network port 504;
after the virtual bridge port receiving the original Ethernet packet is obtained, determine a protocol type of the original Ethernet packet, if the original Ethernet packet is an IGP packet, take the MAC address information inserted in the IGP packet determined by the remote site and the virtual bridge port through which the original Ethernet packet was received as MAC address information and an output port of the MAC address mapping table item and writing in the MAC address mapping table.
[0075] The memory 502 further includes machine readable instructions to: when the output port of the Ethernet packet received from the internal Ethernet port 502 is determined,
if the Ethernet packet is a unicast packet, search the MAC address mapping table according to a destination MAC address of the Ethernet packet for a corresponding output port, if no corresponding output port is found, identify all of the other internal Ethernet ports as the output ports of the Ethernet packet;
if the Ethernet packet is a broadcast packet, identify all of the other internal Ethernet ports and all of the virtual bridge ports as the output ports of the Ethernet packet;
if the Ethernet packet is a multicast packet, search a multicast group corresponding to the Ethernet packet according to a destination MAC address of the Ethernet packet for all the output ports, if no corresponding multicast group is found, identify all of the other internal Ethernet ports as the output ports of the Ethernet packet;
when the output port of the original Ethernet packet decapsulated from the IP packet is determined,
if the original Ethernet packet is a unicast packet, search the MAC address mapping table according to a destination MAC address of the original Ethernet packet for a corresponding output port, if no corresponding output port is found, identify all of the internal Ethernet ports and all of the other virtual bridge ports as the output ports of the original Ethernet packet;
if the original Ethernet packet is a broadcast packet, identify all of the internal Ethernet ports and all of the other virtual bridge ports as the output ports of the original Ethernet packet;
if the original Ethernet packet is a multicast packet, search a multicast group corresponding to the original Ethernet packet according to the destination MAC address of the original Ethernet packet for all of the output ports, if no output port is found, identify all of the internal Ethernet ports and all of the other virtual bridge ports as the output ports of the original Ethernet packet.
[0076] The memory 502 further stores machine readable instructions to: configure a VLAN on the virtual bridge port;
when the output port of the Ethernet packet received by the internal Ethernet port 503 is determined,
if the Ethernet packet is a unicast packet, search the MAC address mapping table according to the destination MAC address of the Ethernet packet and the VLAN of the Ethernet packet for a corresponding output port, if no corresponding output port is found, identify all of the other internal Ethernet ports in the VLAN of the Ethernet packet as the output ports of the Ethernet packet;
if the Ethernet packet is a broadcast packet, identify all of the virtual bridge ports and all of the other internal Ethernet packets in the VLAN of the Ethernet packet as the output ports of the Ethernet packet;
if the Ethernet packet is a multicast packet, search a multicast group corresponding to the Ethernet packet according to the destination MAC address of the Ethernet packet and the VLAN of the Ethernet packet for all of the output ports of the Ethernet packet, if no corresponding multicast group is found, identify all of the other internal Ethernet ports in the VLAN of the Ethernet packet as the output ports of the Ethernet packet;
when the output port of the original Ethernet packet decapsulated from the IP packet is determined,
if the original Ethernet packet is a unicast packet, search the MAC address mapping table according to the destination MAC address of the original Ethernet packet and the VLAN of the original Ethernet packet for the corresponding output port, if no output port is found, identify all of the internal Ethernet ports and all of the other virtual bridge ports in the VLAN of the original Ethernet packet as the output ports of the original Ethernet packet;
if the original Ethernet packet is a broadcast packet, identify all of the internal Ethernet ports and all of the other virtual bridge ports in the VLAN of the original Ethernet packet as the output ports of the original Ethernet packet;
if the original Ethernet packet is a multicast packet, search a multicast group corresponding to the original Ethernet packet according to the destination MAC address of the original Ethernet packet and the VLAN of the original Ethernet packet for all of the output ports of the original Ethernet packet, if no output port is found, identify all of the internal Ethernet ports and all of the other virtual bridge ports in the VLAN of the original Ethernet packet as the output ports of the original Ethernet packet.
[0077] When the edge device runs the multicast listening protocol, the memory 502 further stores machine readable instructions to:
after a determination is made that the Ethernet packet received from the internal Ethernet port 503 is a multicast packet, determine whether the Ethernet packet is a multicast query packet or a multicast join packet, if the Ethernet packet is a multicast query packet, configure the internal Ethernet port through which the multicast query packet was received as a route port of the multicast group corresponding to the multicast query packet, and identify all of the other internal Ethernet ports as the output ports of the multicast query packet; if the Ethernet packet is a multicast join packet, add the internal Ethernet port through which the multicast join packet was received in an output port list of the multicast group corresponding to the multicast join packet, and identify the route port of the multicast group corresponding to the multicast join packet as the output port of the multicast join packet;
after a determination is made that the original Ethernet packet decapsulated from the IP packet is a multicast packet, determine whether the original Ethernet packet is a multicast query packet or a multicast join packet, if the original Ethernet packet is a multicast query packet, configure the virtual bridge port corresponding to the multicast query port as the route port of the multicast group corresponding to the multicast query packet and identify all of the internal Ethernet ports as the output ports of the multicast query packet; if the original Ethernet packet is a multicast join packet, add the virtual bridge port corresponding to the multicast join packet to an output port list of the multicast group corresponding to the multicast join packet and identify the route port of the multicast group corresponding to the multicast join packet as the output port of the multicast join packet.
[0078] What has been described and illustrated herein is an example of the disclosure along with some of its variations. The terms, descriptions and figures used herein are set forth by way of illustration only and are not meant as limitations. Many variations are possible within the spirit and scope of the disclosure, which is intended to be defined by the following claims - and their equivalents - in which all terms are meant in their broadest reasonable sense unless otherwise indicated.
[0079] The above examples can be implemented by hardware, software or firmware or a combination thereof. For example the various methods, processes and functional modules described herein may be implemented by a processor (the term processor is to be interpreted broadly to include a CPU, processing unit, ASIC, logic unit, or programmable gate array etc.). The processes, methods and functional modules may all be performed by a single processor or split between several processors; reference in this disclosure or the claims to a 'processor' should thus be interpreted to mean 'one or more processors'. The processes, methods and functional modules be implemented as machine readable instructions executable by one or more processors, hardware logic circuitry of the one or more processors or a combination thereof. Further the teachings herein may be implemented in the form of a software product. The computer software product is stored in a non-transitory storage medium and comprises a plurality of instructions for making a computer device (which can be a personal computer, a server or a network device such as a router, switch, access point etc.) implement the method recited in the examples of the present disclosure.
[0080] The figures are only illustrations of an example, wherein the modules or procedure shown in the figures are not necessarily essential for implementing the present disclosure. The modules in the aforesaid examples can be combined into one module or further divided into a plurality of sub-modules.

Claims

What is claimed is:
1 . A method for implementing layer-2 interconnection of data centers, wherein a virtual bridge port is generated with respect to each remote site, a tunnel encapsulation mapping table item corresponding to the virtual bridge port of each remote site is comprised in a tunnel encapsulation mapping table, the tunnel encapsulation mapping table item comprises: the virtual bridge port of each remote site, an IP address of an edge device of each remote site, and an IP address of an edge device of a local site, the method comprising:
when an Ethernet packet is received from an internal Ethernet port, determining, by the edge device of the local site, all output ports of the Ethernet packet, for each virtual bridge port in the output ports of the Ethernet packet, encapsulating the Ethernet packet according to the tunnel encapsulation mapping table item corresponding to the virtual bridge port and transmitting the encapsulated packet to the remote site; for each internal Ethernet port in the output ports of the Ethernet packet, forwarding the Ethernet packet via the internal Ethernet port;
when an encapsulated IP packet is received whose destination IP address is the IP address of the edge device of the local site, decapsulating, by the edge device of the local site, the IP packet to obtain a source IP address and a destination IP address of the IP packet and to obtain an original Ethernet packet, obtaining the virtual bridge port through which the original Ethernet packet was received, determining all internal Ethernet output ports of the original Ethernet packet and transmitting the original Ethernet packet via each determined internal Ethernet output port.
2. The method of claim 1 , wherein the edge device of the local site comprises a split-horizon attribute, when obtaining the original Ethernet packet by decapsulating the IP packet, the edge device determining that the output ports of the original Ethernet packet are all of the internal Ethernet ports according to the split-horizon attribute.
3. The method of claim 2, wherein the split-horizon attribute is implemented by source IDs of ports, each internal Ethernet port including a different source ID, all the virtual bridge ports have the same source ID, and the source ID of the virtual bridge ports is different from the source ID of every internal Ethernet port; wherein determining all of the internal Ethernet output ports of the original
Ethernet packet further comprises: determining, among all of the output ports of the original Ethernet packet, output ports whose source IDs are different from the source ID of the virtual bridge ports as the internal Ethernet output ports of the original Ethernet packet.
4. The method of claim 2, further comprising:
after the edge device receives the Ethernet packet from the internal Ethernet port and before the edge device determines the output ports of the Ethernet packet, determining, by the edge device of the local site, a MAC address of the Ethernet packet, and notifying the edge device of the remote site of the determined MAC address.
5. The method of claim 4, wherein notifying the edge device of the remote site of the determined MAC address comprises: inserting the determined MAC address in an Interior Gateway Protocol (IGP) packet, encapsulating the IGP packet according to a tunnel encapsulation mapping table item corresponding to the remote site and transmitting the encapsulated IGP packet to a core network; after obtaining the virtual bridge port through which the original Ethernet packet was received, the method further comprising: determining a protocol type of the original Ethernet packet, if the original Ethernet packet is an IGP packet, taking MAC address information determined by the remote site carried in the IGP packet and the virtual bridge port through which the original Ethernet packet was received as MAC address information and an output port of a MAC address information table item and writing into a MAC address mapping table.
6. The method of claim 5, further comprising:
after obtaining the virtual bridge port of the original Ethernet packet and before determining all of the internal Ethernet output ports of the original Ethernet packet, learning a corresponding relationship between source MAC address information of the original Ethernet packet and the virtual bridge port through which the original Ethernet packet was received.
7. The method of claim 6, wherein the determining all of the output ports of the Ethernet packet received from the internal Ethernet port comprises:
if the Ethernet packet is a unicast packet, searching the MAC address mapping table according to a destination MAC address of the Ethernet packet for a corresponding output port, if no corresponding output port is found, identifying all of the other internal Ethernet ports as the output ports of the Ethernet packet; if the Ethernet packet is a broadcast packet, identifying all of the virtual bridge ports and all of the other internal Ethernet ports as the output ports of the Ethernet packet; and
if the Ethernet packet is a multicast packet, searching a multicast group corresponding to the Ethernet packet according to a destination MAC address of the Ethernet packet for all of the output ports of the Ethernet packet, if no output port is found, identifying all of the other internal Ethernet ports as the output ports of the Ethernet packet.
8. The method of claim 7, wherein the identifying all of the internal Ethernet ports of the original Ethernet packet which is decapsulated from the IP packet and received by the virtual bridge port comprises:
if the original Ethernet packet is a unicast packet, searching the MAC address mapping table according to a destination MAC address of the original Ethernet packet for a corresponding output port, if no corresponding output port is found, identifying all of the internal Ethernet ports and all of the other virtual bridge ports as the output ports of the original Ethernet packet;
if the original Ethernet packet is a broadcast packet, identifying all of the internal Ethernet ports and all of the other virtual bridge ports as the output ports of the original Ethernet packet; and
if the original Ethernet packet is a multicast packet, searching a multicast group corresponding to the original Ethernet packet according to a destination MAC address of the original Ethernet packet for all of the output ports, if no output port is found, identifying all of the internal Ethernet ports and all of the other virtual bridge ports as the output ports of the original Ethernet packet.
9. The method of claim 6, further comprising:
when the virtual bridge port is generated with respect to each remote site, configuring a Virtual Local Area Network (VLAN) on the virtual bridge port;
wherein determining all of the output ports of the Ethernet packet received from the internal Ethernet packet further comprises:
if the Ethernet packet is a unicast packet, searching the MAC address mapping table according to a destination MAC address of the Ethernet packet and the VLAN of the Ethernet packet for a corresponding output port, if no corresponding output port is found, identifying all of the other internal Ethernet ports in the VLAN of the Ethernet packet as the output ports of the Ethernet packet;
if the Ethernet packet is a broadcast packet, identifying all of the virtual bridge ports and all of the other internal Ethernet ports in the VLAN of the Ethernet packet as the output ports of the Ethernet packet;
if the Ethernet packet is a multicast packet, searching a multicast group corresponding to the Ethernet packet according to a destination MAC address of the Ethernet packet and the VLAN of the Ethernet packet for all of the output ports, if no output port is found, identifying all of the other internal Ethernet ports in the VLAN of the Ethernet packet as the output ports of the Ethernet packet.
10. The method of claim 9, wherein determining all of the output ports of the original Ethernet packet which is decapsulated from the IP packet and received by the virtual bridge port further comprises:
if the original Ethernet packet is a unicast packet, searching the MAC address mapping table according to a destination MAC address of the original Ethernet packet and the VLAN of the original Ethernet packet for a corresponding output port, if no corresponding output port is found, identifying all of the internal Ethernet ports and all of the other virtual bridge ports in the VLAN of the original Ethernet packet as the output ports of the original Ethernet packet;
if the original Ethernet packet is a broadcast packet, identifying all of the internal Ethernet ports and all of the other virtual bridge ports in the VLAN of the original Ethernet packet as the output ports of the original Ethernet packet;
if the original Ethernet packet is a multicast packet, searching a multicast group corresponding to the original Ethernet packet according to a destination MAC address of the original Ethernet packet and the VLAN of the original Ethernet packet for all of the output ports, if no output port is found, identifying all of the internal Ethernet ports and all of the other virtual bridge ports in the VLAN of the original Ethernet packet as the output ports of the original Ethernet packet.
11 . An edge device for implementing layer-2 interconnection of data centers, comprising: a processor, a memory, a plurality of internal Ethernet ports, a public network port and a tunnel encapsulation mapping table; wherein
the tunnel encapsulation mapping table comprises a tunnel encapsulation mapping table item corresponding to at least one virtual bridge port, each of the at least one virtual bridge port corresponds to a remote site, and the tunnel encapsulation mapping table item comprises: the virtual bridge port of each remote site, an IP address of the edge device, an IP address of an edge device of each remote site corresponding to the at least one virtual bridge port;
wherein the memory stores machine readable instructions executable by the processor to:
when an Ethernet packet is received by an internal Ethernet port, determine all output ports of the Ethernet packet, for each virtual bridge port in the output ports of the Ethernet packet, encapsulate the Ethernet packet according to the tunnel encapsulation mapping table item corresponding to the virtual bridge port and transmit the encapsulated packet to the public network port; for each internal Ethernet port in the output ports of the Ethernet packet, forward the Ethernet packet via the internal Ethernet port;
when an encapsulated IP packet whose destination IP address is the IP address of the edge device is received by the public network port, decapsulate the IP packet to obtain a source IP address and a destination IP address of the IP packet and obtain an original Ethernet packet, obtain the virtual bridge port through which the original Ethernet packet was received, determine all internal Ethernet output ports of the original Ethernet packet, and transmit the original Ethernet packet via each determined internal Ethernet output port.
12. The edge device of claim 11 , wherein the memory further stores machine readable instructions to:
configure a split-horizon attribute of the edge device;
after the original Ethernet packet which is decapsulated from the IP packet received via the public network port is received, determine that the output ports of the original Ethernet packet are all of the internal Ethernet ports according to the split-horizon attribute.
13. The edge device of claim 12, wherein the split-horizon attribute is implemented through source IDs of ports, each internal Ethernet port is configured with a different source ID and all the virtual bridge ports are configured with the same source ID, and the source ID of the virtual bridge ports is different from the source ID of every internal Ethernet port;
when the internal Ethernet output ports of the original Ethernet packet are determined, the output ports whose source IDs are different from the source ID of the virtual bridge ports are determined as the internal Ethernet output ports of the original Ethernet packet.
14. The edge device of claim 12, wherein the edge device further comprises a MAC address mapping table;
the memory further stores machine readable instructions to: after the Ethernet packet is received from the internal Ethernet port and before the output ports of the Ethernet packet are determined, determine a MAC address of the Ethernet packet and insert the determined MAC address in an Interior Gateway Protocol (IGP) packet, with respect to each remote site, encapsulate the IGP packet according to the tunnel encapsulation mapping table item corresponding to the remote site and transmit the encapsulated IGP packet to the public network port;
after the virtual bridge port receiving the original Ethernet packet is obtained, determine a protocol type of the original Ethernet packet, if the original Ethernet packet is an IGP packet, take MAC address information inserted in the IGP packet determined by the remote site and the virtual bridge port through which the original Ethernet packet was received as MAC address information and an output port of the MAC address mapping table item and write in the MAC address mapping table.
15. The edge device of claim 14, wherein the memory further comprises machine readable instructions to: after the virtual bridge port through which the original Ethernet packet was received is obtained, learn a corresponding relationship between source MAC address information of the original Ethernet packet and the virtual bridge port through which the original Ethernet packet was received.
16. The edge device of claim 15, wherein the memory further comprises machine readable instructions to:
when the output ports of the Ethernet packet received from the internal
Ethernet port are determined,
if the Ethernet packet is a unicast packet, search the MAC address mapping table according to a destination MAC address of the Ethernet packet for a corresponding output port, if no corresponding output port is found, identify all of the other internal Ethernet ports as the output ports of the Ethernet packet;
if the Ethernet packet is a broadcast packet, identify all of the other internal Ethernet ports and all of the virtual bridge ports as the output ports of the Ethernet packet;
if the Ethernet packet is a multicast packet, search a multicast group corresponding to the Ethernet packet according to a destination MAC address of the Ethernet packet for all of the output ports, if no corresponding multicast group is found, identify all of the other internal Ethernet ports as the output ports of the Ethernet packet;
17. The edge device of claim 1 6, wherein the memory further comprises machine readable instructions to:
when the output ports of the original Ethernet packet decapsulated from the
IP packet are determined,
if the original Ethernet packet is a unicast packet, search the MAC address mapping table according to a destination MAC address of the original Ethernet packet for a corresponding output port, if no corresponding output port is found, identify all of the internal Ethernet ports and all of the other virtual bridge ports as the output ports of the original Ethernet packet;
if the original Ethernet packet is a broadcast packet, identify all of the internal
Ethernet ports and all of the other virtual bridge ports as the output ports of the original Ethernet packet;
if the original Ethernet packet is a multicast packet, search a multicast group corresponding to the original Ethernet packet according to a destination MAC address of the original Ethernet packet for all of the output ports, if no output port is found, identify all of the internal Ethernet ports and all of the other virtual bridge ports as the output ports of the original Ethernet packet.
18. The edge device of claim 15, wherein the memory further stores machine readable instructions to: configure a Virtual Local Area Network (VLAN) on the virtual bridge port;
when the output ports of the Ethernet packet received by the internal Ethernet port are determined,
if the Ethernet packet is a unicast packet, search the MAC address mapping table according to a destination MAC address of the Ethernet packet and the VLAN of the Ethernet packet for a corresponding output port, if no corresponding output port is found, identify all of the other internal Ethernet ports in the VLAN of the Ethernet packet as the output ports of the Ethernet packet;
if the Ethernet packet is a broadcast packet, identify all of the virtual bridge ports and all of the other internal Ethernet ports in the VLAN of the Ethernet packet as the output ports of the Ethernet packet;
if the Ethernet packet is a multicast packet, search a multicast group corresponding to the Ethernet packet according to a destination MAC address of the Ethernet packet and the VLAN of the Ethernet packet for all of the output ports of the Ethernet packet, if no corresponding multicast group is found, identify all of the other internal Ethernet ports in the VLAN of the Ethernet packet as the output ports of the Ethernet packet;
19. The edge device of claim 18, wherein the memory further comprises machine readable instructions to:
when the output ports of the original Ethernet packet decapsulated from the IP packet are determined,
if the original Ethernet packet is a unicast packet, search the MAC address mapping table according to a destination MAC address of the original Ethernet packet and the VLAN of the original Ethernet packet for a corresponding output port, if no corresponding output port is found, identify all of the internal Ethernet ports and all of the other virtual bridge ports in the VLAN of the original Ethernet packet as the output ports of the original Ethernet packet;
if the original Ethernet packet is a broadcast packet, identify all of the internal Ethernet ports and all of the other virtual bridge ports in the VLAN of the original Ethernet packet as the output ports of the original Ethernet packet;
if the original Ethernet packet is a multicast packet, search a multicast group corresponding to the original Ethernet packet according to a destination MAC address of the original Ethernet packet and the VLAN of the original Ethernet packet for all of the output ports of the original Ethernet packet, if no output port is found, identify all of the internal Ethernet ports and all of the other virtual bridge ports in the VLAN of the original Ethernet packet as the output ports of the original Ethernet packet.
20. The edge device of claim 17, wherein the edge device runs a multicast listening protocol, the memory further stores machine readable instructions to: after a determination is made that the Ethernet packet received from the internal Ethernet port is a multicast packet, determine whether the Ethernet packet is a multicast query packet or a multicast join packet, if the Ethernet packet is a multicast query packet, configure the internal Ethernet port through which the multicast query packet was received as a route port of a multicast group corresponding to the multicast query packet, and identify all of the other internal Ethernet ports as the output ports of the multicast query packet; if the Ethernet packet is a multicast join packet, add the internal Ethernet port receiving the multicast join packet in an output port list of a multicast group corresponding to the multicast join packet, and identify a route port of the multicast group corresponding to the multicast join packet as the output port of the multicast join packet;
after a determination is made that the original Ethernet packet decapsulated from the IP packet is a multicast packet, determine whether the original Ethernet packet is a multicast query packet or a multicast join packet, if the original Ethernet packet is a multicast query packet, configure the virtual bridge port corresponding to the multicast query port as a route port of a multicast group corresponding to the multicast query packet and determine all the internal Ethernet ports as the output ports of the multicast query packet; if the original Ethernet packet is a multicast join packet, add the virtual bridge port corresponding to the multicast join packet to an output port list of a multicast group corresponding to the multicast join packet and identify a route port of the multicast group corresponding to the multicast join packet as the output port of the multicast join packet.
PCT/CN2012/078869 2011-09-01 2012-07-19 Method and apparatus for implementing layer-2 interconnection of data centers WO2013029440A1 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
CN201110257124.4A CN102316030B (en) 2011-09-01 2011-09-01 Method for realizing two-layer internetworking of data center and device
CN201110257124.4 2011-09-01

Publications (1)

Publication Number Publication Date
WO2013029440A1 true WO2013029440A1 (en) 2013-03-07

Family

ID=45428862

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2012/078869 WO2013029440A1 (en) 2011-09-01 2012-07-19 Method and apparatus for implementing layer-2 interconnection of data centers

Country Status (2)

Country Link
CN (1) CN102316030B (en)
WO (1) WO2013029440A1 (en)

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103607347A (en) * 2013-11-15 2014-02-26 华为技术有限公司 A method and a controller for establishing a transmission channel
EP2713552A1 (en) * 2012-09-29 2014-04-02 Huawei Technologies Co., Ltd. Method for processing a multicast group, a data center interconnect router, and system
US11477048B2 (en) * 2021-01-15 2022-10-18 BlackBear (Taiwan) Industrial Networking Security Ltd. Communication method for one-way transmission based on VLAN ID and switch device using the same

Families Citing this family (11)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102316030B (en) * 2011-09-01 2014-04-09 杭州华三通信技术有限公司 Method for realizing two-layer internetworking of data center and device
CN102594711B (en) 2012-03-28 2014-11-26 杭州华三通信技术有限公司 Message forwarding method and edge device therefor
CN102710509B (en) * 2012-05-18 2015-04-15 杭州华三通信技术有限公司 Automatic data center configuration method and method
CN102752210B (en) * 2012-07-09 2015-10-14 瑞斯康达科技发展股份有限公司 The method and system of message transmission between a kind of local area network (LAN)
CN104022954B (en) * 2013-03-01 2017-05-10 新华三技术有限公司 Message forwarding method and device
CN109660442B (en) * 2015-09-28 2021-04-27 杭州数梦工场科技有限公司 Method and device for multicast replication in Overlay network
CN107204907B (en) * 2016-03-16 2021-03-26 中兴通讯股份有限公司 Cloud data center interconnection method and device
CN108574613B (en) * 2017-03-07 2022-05-10 中兴通讯股份有限公司 Two-layer intercommunication method and device for SDN data center
CN108494656A (en) * 2018-03-29 2018-09-04 盛科网络(苏州)有限公司 The method that virtual gateway is flexibly supported in exchange chip
CN115696490A (en) * 2021-07-23 2023-02-03 中兴通讯股份有限公司 Local area network communication method, device, terminal, electronic equipment and storage medium
CN113923076A (en) * 2021-09-06 2022-01-11 长沙市同迅计算机科技有限公司 SD-WAN-based Ethernet two-layer data exchange method

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1870588A (en) * 2005-12-31 2006-11-29 华为技术有限公司 Implementing method and system for support VPLS service on IP skeletal network
CN101702665A (en) * 2009-11-13 2010-05-05 中兴通讯股份有限公司 Method of Ethernet service accessing bearing tunnel, operator edge device and system
CN102316030A (en) * 2011-09-01 2012-01-11 杭州华三通信技术有限公司 Method for realizing two-layer internetworking of data center and device

Family Cites Families (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20080095155A1 (en) * 2006-10-24 2008-04-24 Broadcom Corporation Programmable communications system
US8005095B2 (en) * 2008-04-29 2011-08-23 Arris Group, Inc. Carrier ethernet over DOCSIS
CN101272403B (en) * 2008-05-27 2011-02-09 华为技术有限公司 Method, system and device for implementing DHCP user service wholesale

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1870588A (en) * 2005-12-31 2006-11-29 华为技术有限公司 Implementing method and system for support VPLS service on IP skeletal network
CN101702665A (en) * 2009-11-13 2010-05-05 中兴通讯股份有限公司 Method of Ethernet service accessing bearing tunnel, operator edge device and system
CN102316030A (en) * 2011-09-01 2012-01-11 杭州华三通信技术有限公司 Method for realizing two-layer internetworking of data center and device

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP2713552A1 (en) * 2012-09-29 2014-04-02 Huawei Technologies Co., Ltd. Method for processing a multicast group, a data center interconnect router, and system
CN103607347A (en) * 2013-11-15 2014-02-26 华为技术有限公司 A method and a controller for establishing a transmission channel
US11477048B2 (en) * 2021-01-15 2022-10-18 BlackBear (Taiwan) Industrial Networking Security Ltd. Communication method for one-way transmission based on VLAN ID and switch device using the same

Also Published As

Publication number Publication date
CN102316030A (en) 2012-01-11
CN102316030B (en) 2014-04-09

Similar Documents

Publication Publication Date Title
US11398921B2 (en) SDN facilitated multicast in data center
WO2013029440A1 (en) Method and apparatus for implementing layer-2 interconnection of data centers
US9397943B2 (en) Configuring virtual media access control addresses for virtual machines
US10193707B2 (en) Packet transmission method and apparatus
US9853897B2 (en) Forward packet with edge device
US9525563B2 (en) Forwarding packets in an edge device
US9300524B2 (en) Message forwarding between geographically dispersed network sites
US9504016B2 (en) Optimized multicast routing in a Clos-like network
WO2018214809A1 (en) Message transmission method and device, and storage medium
GB2497202A (en) Transmitting frames between, possibly different, local VLANs by encapsulating frames for global VLAN tunnel
WO2019137355A1 (en) Method and device for transmitting data, and network system
CN108306806B (en) Message forwarding method and device
CN108259304B (en) Forwarding table item synchronization method and device
US10757066B2 (en) Active-active access to transparent interconnection of lots of links (TRILL) edges
US10057386B1 (en) Summarizing and flood suppressing messages
JP7314219B2 (en) DATA TRANSMISSION METHOD, APPARATUS AND NETWORK DEVICE
US9548887B2 (en) Proactive creation of multicast state in an overlay transport network to achieve fast convergence on failover
WO2017036384A1 (en) Provider edge device and data forwarding method

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 12828818

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 12828818

Country of ref document: EP

Kind code of ref document: A1