WO2014032624A1 - Packet forwarding - Google Patents

Packet forwarding Download PDF

Info

Publication number
WO2014032624A1
WO2014032624A1 PCT/CN2013/082788 CN2013082788W WO2014032624A1 WO 2014032624 A1 WO2014032624 A1 WO 2014032624A1 CN 2013082788 W CN2013082788 W CN 2013082788W WO 2014032624 A1 WO2014032624 A1 WO 2014032624A1
Authority
WO
WIPO (PCT)
Prior art keywords
mac address
packet
layer
ethernet packet
egress port
Prior art date
Application number
PCT/CN2013/082788
Other languages
French (fr)
Inventor
Yubing Song
Original Assignee
Hangzhou H3C Technologies Co., Ltd.
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Hangzhou H3C Technologies Co., Ltd. filed Critical Hangzhou H3C Technologies Co., Ltd.
Priority to US14/405,367 priority Critical patent/US9397942B2/en
Priority to EP13833309.1A priority patent/EP2891284A4/en
Publication of WO2014032624A1 publication Critical patent/WO2014032624A1/en

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L12/00Data switching networks
    • H04L12/28Data switching networks characterised by path configuration, e.g. LAN [Local Area Networks] or WAN [Wide Area Networks]
    • H04L12/46Interconnection of networks
    • H04L12/4633Interconnection of networks using encapsulation techniques, e.g. tunneling
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L45/00Routing or path finding of packets in data switching networks
    • H04L45/74Address processing for routing
    • H04L45/745Address table lookup; Address filtering
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F9/00Arrangements for program control, e.g. control units
    • G06F9/06Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
    • G06F9/44Arrangements for executing specific programs
    • G06F9/455Emulation; Interpretation; Software simulation, e.g. virtualisation or emulation of application or operating system execution engines
    • G06F9/45533Hypervisors; Virtual machine monitors
    • G06F9/45558Hypervisor-specific management and integration aspects
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L12/00Data switching networks
    • H04L12/02Details
    • H04L12/16Arrangements for providing special services to substations
    • H04L12/18Arrangements for providing special services to substations for broadcast or conference, e.g. multicast
    • H04L12/1886Arrangements for providing special services to substations for broadcast or conference, e.g. multicast with traffic restrictions for efficiency improvement, e.g. involving subnets or subdomains
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L12/00Data switching networks
    • H04L12/28Data switching networks characterised by path configuration, e.g. LAN [Local Area Networks] or WAN [Wide Area Networks]
    • H04L12/46Interconnection of networks
    • H04L12/4641Virtual LANs, VLANs, e.g. virtual private networks [VPN]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L45/00Routing or path finding of packets in data switching networks
    • H04L45/12Shortest path evaluation
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L45/00Routing or path finding of packets in data switching networks
    • H04L45/66Layer 2 routing, e.g. in Ethernet based MAN's
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L45/00Routing or path finding of packets in data switching networks
    • H04L45/72Routing based on the source address
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L61/00Network arrangements, protocols or services for addressing or naming
    • H04L61/09Mapping addresses
    • H04L61/10Mapping addresses of different types
    • H04L61/103Mapping addresses of different types across network layers, e.g. resolution of network layer into physical layer addresses or address resolution protocol [ARP]
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F9/00Arrangements for program control, e.g. control units
    • G06F9/06Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
    • G06F9/44Arrangements for executing specific programs
    • G06F9/455Emulation; Interpretation; Software simulation, e.g. virtualisation or emulation of application or operating system execution engines
    • G06F9/45533Hypervisors; Virtual machine monitors
    • G06F9/45558Hypervisor-specific management and integration aspects
    • G06F2009/4557Distribution of virtual machine instances; Migration and load balancing
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F9/00Arrangements for program control, e.g. control units
    • G06F9/06Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
    • G06F9/44Arrangements for executing specific programs
    • G06F9/455Emulation; Interpretation; Software simulation, e.g. virtualisation or emulation of application or operating system execution engines
    • G06F9/45533Hypervisors; Virtual machine monitors
    • G06F9/45558Hypervisor-specific management and integration aspects
    • G06F2009/45595Network integration; Enabling network access in virtual machine instances
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L12/00Data switching networks
    • H04L12/02Details
    • H04L12/14Charging, metering or billing arrangements for data wireline or wireless communications
    • H04L12/1485Tariff-related aspects
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L2101/00Indexing scheme associated with group H04L61/00
    • H04L2101/60Types of network addresses
    • H04L2101/618Details of network addresses
    • H04L2101/622Layer-2 addresses, e.g. medium access control [MAC] addresses
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L45/00Routing or path finding of packets in data switching networks
    • H04L45/02Topology update or discovery
    • H04L45/04Interdomain routing, e.g. hierarchical routing
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L45/00Routing or path finding of packets in data switching networks
    • H04L45/34Source routing
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L45/00Routing or path finding of packets in data switching networks
    • H04L45/50Routing or path finding of packets in data switching networks using label swapping, e.g. multi-protocol label switch [MPLS]
    • H04L45/505Cell based

Definitions

  • VMs Virtual Machines
  • SBA Shortest Path Bridging
  • the VLL2 networking technologies include VLL2 network technologies within a DC and VLL2 network technologies interconnecting DCs.
  • the former can achieve the VM migration between different ports of an individual access layer device and the VM migration between different access layer devices within an individual DC.
  • the later can achieve the VM migration between access layer devices belonging to different DCs.
  • FIG. 1 is a schematic diagram illustrating a Trill network according to an example of the present disclosure.
  • FIG. 2 is a schematic diagram illustrating VM migration according to an example of the present disclosure.
  • FIG. 3 is a flowchart illustrating a method for forwarding a packet according to an example of the present disclosure.
  • FIG. 4A is a schematic diagram illustrating Layer 2 forwarding within a data center according to an example of the present disclosure.
  • FIG. 4B is a schematic diagram illustrating a proprietary ARP request packet according to an example of the present disclosure.
  • FIG. 5 is a schematic diagram illustrating forwarding a multicast packet according to an example of the present disclosure.
  • FIG. 6 is a schematic diagram illustrating forwarding a packet in a data center to an outer network according to an example of the present disclosure.
  • FIG. 7 is a schematic diagram illustrating Layer 3 forwarding within a data center according to an example of the present disclosure.
  • FIG. 8 is a schematic diagram illustrating Layer 2 forwarding between data centers according to an example of the present disclosure.
  • FIG. 9A is a schematic diagram illustrating a structure of a routing switch device according to an example of the present disclosure.
  • FIG. 9B is a schematic diagram illustrating a structure of a routing switch device according to an example of the present disclosure.
  • FIG. 10A is a schematic diagram illustrating a hardware structure of a routing switch device according to an example of the present disclosure.
  • FIG. 10B is a schematic diagram illustrating a hardware structure of a routing switch device according to an example of the present disclosure.
  • An access layer device connects computers to a network.
  • the computers may include end user devices, servers or any type of computer that may include a network interface to connect to the network.
  • an access layer device can connect a physical server hosting a VM to a core layer device.
  • Virtual Local Area Networks (VLANs) may be used to separate traffic in an access layer in the network.
  • An access layer device may include a network switch.
  • the network switch may be layer 2, layer 3 or layer 2/3, where the layers refer to layers in the Open Systems Interconnection (OSI) model.
  • Core layer devices may include network switches for backbone switching and routing and also may include layer 2, layer 3 or layer 2/3 network switches.
  • a layer 2/3 network switch may perform Layer 2 switching and Layer 3 routing.
  • the access layer devices in a VLL2 network within a DC may together provide a large number of ports, for example more than 12,000 10-Gigabit Ethernet ports for connecting 12,000 10-Gigabit physical servers. In some cases more than 200 VMs may be hosted on an individual 10-Gigabit physical server. In some cases the VMs may be large, e.g. more than 2.4 megabytes (M) each, and when many VMs are hosted on 12,000 10-Gigabit physical servers of a VLL2 network within a DC, this can leads to the number of Media Access Control (MAC) addresses used by the VMs in the VLL2 network within an individual DC being very large, e.g. up to 2.4 million.
  • M Media Access Control
  • a DC may include a group of networked computer systems, which may include servers, that are housed at a facility. The computer systems are connected via a network in the DC and may host VMs, and the DC may be connected to other DCs via a network.
  • the DC may include support systems such as redundant or backup power supplies, redundant data communications connections, environmental controls, security devices, etc.
  • an access layer device learns a large number of MAC addresses in a Layer 2 forwarding table to perform forwarding.
  • VLL2 network technologies like Trill, SPB, etc., may be employed within an individual DC.
  • VLL2 network technologies like the MAC over IP (e.g., Overlay Transport Virtualization, OTV) protocol, the Ethernet Virtualization Interconnection (EVI) protocol, the Virtual Private LAN Service (VPLS) protocol, etc., may be applied to the interconnection of DCs.
  • MAC over IP e.g., Overlay Transport Virtualization, OTV
  • EVI Ethernet Virtualization Interconnection
  • VPLS Virtual Private LAN Service
  • the present disclosure describes the architecture of a VLL2 network formed by the interconnection of four DCs but more or less DCs may be interconnected in the architecture.
  • the VLL2 network also includes a network management apparatus (i.e., a network management plane) connected to the four DCs, and a server management apparatus (i.e., a VM management apparatus or a VM management plane).
  • a VLL2 network within each DC employs the Trill technology
  • a VLL2 network among DCs employs the MAC over IP technology.
  • FIG. 1 is a schematic diagram illustrating the architecture of a VLL2 network within DC1 built with the Trill technology.
  • the architecture of the VLL2 networks within other DCs is similar to that of the VLL2 network within DC1 shown in FIG. 1
  • the VLL2 network within DC1 includes a core layer and an access layer.
  • Leafl , Ieaf2, Ieaf3 and Ieaf4 are access layer devices.
  • Corel and core2 are core layer devices.
  • the Trill protocol is run on leafl , Ieaf2, Ieaf3 and Ieaf4 which are in the access layer of DC1 and the Trill protocol is also run on corel and core2 which are in the core layer of DC1 .
  • These devices running the Trill protocol are called Routing Bridges (RBridges).
  • the RBridges together form a Trill network.
  • RBridges obtain Trill network topologies between each other through a link state protocol.
  • Each RBridge generates a routing forwarding table (referred to as a Trill routing table) from itself to another RBridge in the Trill network using the Shortest Path Tree algorithm.
  • the network management apparatus configures a virtual MAC address for each VM in each DC according to a virtual MAC encoding rule.
  • the virtual MAC address may include fields, as specified below, that are different than a traditional MAC address (also referred to as actual MAC address) assigned to network interfaces for communications on the physical network segment.
  • Each virtual MAC address is a binary number of 6 bytes, and includes identifiers including: a Uniqueness identifier (1 byte), which does not conflict with an existing assigned Organizationally Unique Identifier (OUI), and may use an identifier that is not assigned by the OUI, such as ED, 22, etc.
  • UUI Organizationally Unique Identifier
  • Host IDs of VMs hosted on a plurality of physical servers which are connected to a same access layer device cannot be identical.
  • Host IDs of VMs hosted on physical servers which are connected to different access layer devices can be identical. For example, if five physical servers are connected to switch-! , then Host IDs of VMs hosted on the five physical servers cannot be identical. However, a Host ID of a VM hosted on a physical server connected to switch2 may be identical with a Host ID of a VM hosted on a physical server connected to switchl .
  • a Host mask ff-ff-ff-ff-ff-ff
  • an access device mask ff-ff-ff-ff-00-00
  • a data center mask ff-ff-00-00-00-00.
  • the network management apparatus may configure virtual MAC addresses for VMs. Configuring may include determining the virtual MAC addresses. In some cases configuring may include sending the virtual MAC addresses to access layer devices. Also, as described below, the network management apparatus can configure entries in tables of devices, such as access devices or core devices etc. The configuring of entries may include determining information for the entries and sending the information to the devices for storage in the devices. The network management apparatus may configure the virtual MAC addresses in the whole network by running a batch configuration tool. During the process of configuring the virtual MAC addresses, the network management apparatus obtains from the VM management apparatus an information table including the VMs in the whole network and connections of physical devices.
  • the virtual MAC addresses are added to the information table based on the information table and according to the above virtual MAC address encoding rule, and the information table is maintained.
  • the information table about the devices and the VMs in the whole network maintained by the network management apparatus at least include information as follows (configuration information of DC1 is shown in Table 1 ).
  • Device is an access layer device connecting a physical server where a VM is hosted on and a core layer device in a DC to which the physical server where the VM is hosted on belongs.
  • Nickname is a forwarding identifier of the access layer device connecting the physical server where the VM is hosted on within the Trill network and a forwarding identifier of the core layer device in the DC to which the physical server where the VM is hosted on belongs within the Trill network.
  • Port is a port of the access layer device through which the access layer device connects the physical server where the VM is hosted on.
  • VLAN ID (an identifier of a VLAN) is an identifier of a VLAN where the VM locates.
  • IP address of VM is an IP address of each VM.
  • MAC address of VM is an actual MAC address of the VM.
  • Virtual MAC address of VM is a virtual MAC address of the VM.
  • VLAN gateway addresses configured on Layer 3 (L3) interfaces of corel and core2 respectively are OO-EO-FC-11 -11 -11 , OO-EO-FC-22-22-22 and OO-EO-FC-33-33-33.
  • 00-E0-FC-11 -11 -11 is a MAC address of a gateway of VLAN1
  • OO-EO-FC-22-22-22 is a MAC address of a gateway of VLAN2
  • OO-EO-FC-33- 33-33 is a MAC address of a gateway of VLAN3.
  • a logical "AND" operation is performed to the virtual MAC address of each VM and the access device mask ff-ff-ff-ff-00-00.
  • An operation result is ED-01 -00-01 -00-00, which is a 48-bit aggregated MAC address. Therefore, virtual MAC addresses of VMs accessing the same access layer device are aggregated into an access device, mask-based, virtual MAC address. That is, virtual MAC addresses of VMs accessing leafl may be aggregated into ED-01 -00-01 -00-00.
  • Virtual MAC addresses of VMs accessing Ieaf2 may be aggregated into ED-01 -00-02-00-00
  • virtual MAC addresses of VMs accessing leaf 3 may be aggregated into ED-01 -00-03-00-00
  • virtual MAC addresses of VMs accessing leaf 4 may be aggregated into ED-01 -00-04-00-00.
  • Virtual MAC addresses of VMs within other DCs may be aggregated based on the access device mask in accordance with the same virtual MAC address encoding rule, the example of the present disclosure does not enumerate herein.
  • the logical "AND" operation is performed to the virtual MAC address of each VM and the DC mask ff-ff-00-00-00-00.
  • An operation result is ED-01 -00-00-00-00, which is a 48-bit aggregated MAC address. Therefore, virtual MAC addresses of VMs in the same DC can be aggregated into a DC, mask-based, virtual MAC address. That is, virtual MAC addresses of VMs in DC1 may be aggregated into ED-01 -00-00-00-00.
  • virtual MAC addresses of VMs in DC2 may be aggregated into ED-02-00-00-00-00
  • virtual MAC addresses of VMs in DC3 may be aggregated into ED-03-00-00-00-00
  • virtual MAC addresses of VMs in DC4 may be aggregated into ED-04-00-00-00-00.
  • Uniqueness IDs and Data Center IDs of VMs in different DCs may be identical or different. According to an example, to ensure that Uniqueness IDs and Data Center IDs of VMs within a same DC are identical, an aggregation relationship of the VMs within the same DC is not destroyed, and an aggregation relationship of VMs accessing a same access layer device is not destroyed.
  • the network management apparatus configures a Layer 2 forwarding table on access layer RBridges and core layer RBridges in each DC according to the information about the VMs and the devices in the whole network maintained by the network management apparatus.
  • Table 2.1 illustrates a Layer 2 forwarding table configured on the access layer RBridge leafl within DC1 .
  • Port 1 , Port 2 and Port 3 respectively are ports through which leafl connects servers where VMs are hosted on.
  • DC1_leaf2, DC1_leaf3 and DC1_leaf4 respectively are nicknames of corresponding access layer RBridges in DC1 .
  • DC1_core1 is a nickname of corel in DC1
  • DC1_core2 is a nickname of core2 in DC1 .
  • 00-E0-FC-11 -11 -11 -11 , OO-EO-FC-22-22-22 and OO-EO-FC-33-33-33 are gateway MAC addresses of VLAN1 , VLAN2 and VLAN3, respectively.
  • corel is configured for forwarding traffics among DC1 and other DCs (e.g., DC2, DC3 and DC4).
  • Egress ports in three entries i.e., three entries of which initial MAC addresses respectively are ED-02-00-00-00-00, ED-03-00-00-00-00 and ED-04-00-00-00-00) of a DC, mask-based, virtual MAC address are configured as the nickname of corel (i.e., DC1_core1 ).
  • the egress ports in the two entries of which the initial MAC addresses respectively are ED-02-00-00-00-00 and ED-03-00-00-00-00 are configured as the nickname of corel (i.e., DC1_core1 ).
  • the egress port in the entry of which the initial MAC address is ED-04-00-00-00-00 is configured as the nickname of core2 (i.e., DC1_core2).
  • corel and core2 form a virtual apparatus in a manner of stacking, wherein the virtual apparatus is configured for transmitting traffics among DC1 and the other three DCs, the egress ports in the three entries of which the initial MAC address respectively are ED-02-00-00-00-00, ED-03-00-00-00-00 and ED-04-00-00-00-00 are configured as a nickname of the virtual apparatus.
  • a corresponding multicast forwarding entry is configured on an access layer device for a multicast service.
  • a root of a multicast tree of a multicast group within DC1 is corel (the nickname of corel is DC1_core1 ).
  • a physical server where a VM that is configured as a multicast source of multicast group 1 is hosted on is connected to leafl
  • a physical server where another VM configured as a multicast receiver of multicast group 1 is hosted on is connected to Portl of Ieaf3
  • a physical server where a third VM configured as the multicast receiver of multicast group 1 is hosted on is connected to Portl of Ieaf4.
  • Corresponding multicast forwarding entries in Layer 2 forwarding tables configured on leafl , Ieaf3 and Ieaf4 respectively include:
  • a VM configured as the receiver of the multicast group 1 is connected to leafl via Port2, and then Port 2 is added to the egress port in the multicast forwarding entry shown in Table 2.2.
  • a way for configuring multicast forwarding entries of Layer 2 forwarding tables of access layer devices in DC2, DC3 and DC4 is the same as the way for configuring the multicast forwarding entries of the Layer 2 forwarding tables of access layer devices in DC1 , the example of the present disclosure does not describe in detail herein.
  • a Layer 2 forwarding table of corel may for example include entries shown in Table 2.5
  • a Layer 2 forwarding table of core2 may for example include entries shown in Table 2.6
  • DC1_leaf1 , DC1_leaf2, DC1_leaf3 and DC1_leaf4 are the nicknames of leafl , Ieaf2, Ieaf3 and Ieaf4 in DC1 , respectively.
  • IP2, IP3 and IP4 respectively are IP addresses of DC2, DC3 and DC4 which are defined according to the protocol. These IP addresses may be used as a destination IP address of a MAC over IP tunnel when corel of DC1 sends data to these three DCs.
  • IP1 is an IP address of DC1 , and may be used as the destination IP address of the MAC over IP tunnel when the other three DCs send data to DC1 .
  • L3 is a Layer 3 forwarding identifier, and is used to indicate that Layer 3 forwarding is performed to an Ethernet packet with a matched destination MAC address.
  • a way for configuring Layer 2 forwarding tables of core layer RBridges on DC2, DC3 and DC4 is the same as the way for configuring the Layer 2 forwarding tables shown in Table 2.5 or Table 2.6, which is not described in detail herein.
  • a corresponding entry shown in the last row of Table 2.5 is included in the Layer 2 forwarding table of corel shown in Table 2.5, wherein the entry includes an identifier m which is the identifier of VLAN m, a next-hop MAC which is a MAC address of a next-hop device from corel to VLAN m, and Port m which is the egress port.
  • Corel learns the MAC address of the next-hop device according to an Address Resolution Protocol (ARP) packet.
  • ARP Address Resolution Protocol
  • Next-hop devices of corel and core2 are different, so that a next-hop device entry (shown in the last row of Table 2.6) learnt by core2 includes an identifier n which is the identifier of VLAN n, a next-hop MAC which is a MAC address of a next-hop device from core2 to VLAN n, and Port n which is the egress port.
  • ARP Address Resolution Protocol
  • FIG. 2 is a schematic diagram illustrating VM migration according to an example of the present disclosure.
  • a VM is migrated from a physical server connected to Ieaf3 to a physical server connected to Ieaf4.
  • An actual MAC address and an IP address of the VM are not changed.
  • the physical server where the VM is hosted on before the migration is regarded as a source physical server, and Ieaf3 connecting the source physical server may be regarded as a source access layer device of a migrated host.
  • a physical server where the VM is hosted on after the migration is regarded as a target physical server, and Ieaf4 connecting the target physical server may be regarded as a target access layer device of the migrated host.
  • a VM migration event is notified by Ieaf3 to the network management apparatus (i.e., the network management plane).
  • the network management apparatus i.e., the network management plane.
  • a physical switch may detect a VM migration process, and notify the change information to the network management apparatus.
  • the network management apparatus deletes the migrated VM from the information of VMs accessing Ieaf3 according to the information notified by Ieaf3.
  • the network management apparatus configures a new virtual MAC address for the VM which is migrated to Ieaf4 in accordance with the virtual MAC address encoding rule, and add information about the migrated VM to the information of VMs accessing Ieaf4, so as to ensure that an outward aggregation relationship is not destroyed, i.e., virtual MAC addresses of VMs accessing Ieaf4 can still be aggregated into a virtual MAC address.
  • the network management apparatus adds to the Layer 2 forwarding table of Ieaf4 Layer 2 forwarding entries associated with the actual MAC address and the virtual MAC address of the migrated VM, and deletes from the Layer 2 forwarding table of Ieaf3 the Layer 2 forwarding entries associated with the actual MAC address and the virtual MAC address of the migrated VM.
  • This operation is to reduce the occupation of invalid entries.
  • This operation may also be implemented by other ways, e.g., the Layer 2 forwarding entry of the VM migrated from Ieaf3 is marked as an invalid entry.
  • the example of the present disclosure does not limit herein.
  • the migrated VM broadcasts a gratuitous ARP packet.
  • Ieaf4 After receiving the gratuitous ARP packet, Ieaf4 replaces a "source MAC address" and a "sender MAC address" of the gratuitous ARP packet with the virtual MAC address of the migrated VM based on the Layer 2 forwarding table, and broadcasts the received gratuitous ARP packet.
  • Leaf4 broadcasts the gratuitous ARP packet at another port which is in the same VLAN as a port receiving the gratuitous ARP packet, performs a Trill encapsulation to the gratuitous ARP packet and broadcasts the Trill-encapsulated gratuitous ARP packet in the Trill network.
  • a gateway and another VM which is in the same VLAN as the migrated VM learn an ARP entry according to the gratuitous ARP packet, and the original virtual MAC address corresponding to the IP address of the migrated VM is refreshed to the newly-assigned virtual MAC address.
  • an actual MAC address of a device is wrote to a sender MAC address when the device sends a gratuitous ARP packet, and another device learns an ARP entry according to a "sender IP address" and the "sender MAC address" when the other device receives the gratuitous ARP packet.
  • the MAC address in the ARP entry learnt by the gateway and the other VM belonging to the same VLAN as the migrated VM is the actual MAC address of the migrated VM.
  • the gateway and the other VM belonging to the same VLAN as the migrated VM send to the migrated VM an Ethernet packet, and the actual MAC address of the migrated VM is used as a destination MAC address.
  • the destination MAC address of the Ethernet packet received by Ieaf4 is the actual MAC address of the migrated VM
  • the destination MAC address of the packet is mapped to the virtual MAC address of the migrated VM according to the Layer 2 forwarding table and the packet is sent to the migrated VM.
  • the destination MAC address of the Ethernet packet received by the migrated VM is the virtual MAC address of the migrated VM itself
  • the migrated VM discards the packet, which causes the loss of the packet.
  • a VM of which an IP address is 1 .1 .1 .7 is migrated from a physical server connected to a source access layer device to a physical server connected to a target access layer device.
  • a virtual MAC address assigned by the network management apparatus for the migrated VM is ED-01 -01 -04-00-04.
  • the network management apparatus configures Ieaf4 forwarding entries associated with the migrated VM.
  • a source MAC address of an Ethernet header of the gratuitous ARP packet and a sender MAC address of the gratuitous ARP packet are replaced by Ieaf4 according to the configured forwarding entry.
  • a MAC address corresponding to the IP address 1 .1 .1 .7 is ED-01 -01 -04-00-04.
  • an access layer device notifies the network management apparatus of this VM event.
  • the network management apparatus deletes information about the deleted VM and a pair of Layer 2 forwarding entries associated with the deleted VM (not shown in FIG. 2) according to the notification of the access layer device.
  • the access layer device notifies the network management apparatus of this VM event.
  • the network management apparatus configures a virtual MAC address for the newly-added VM in accordance with the virtual MAC address encoding rule, and adds information about the newly-added VM into the VM information of the access layer device to ensure that an outward aggregation relationship is not destroyed.
  • the network management apparatus configures, in the Layer 2 forwarding table of the access layer device, a pair of Layer 2 forwarding entries associated with the newly-added VM.
  • the newly-added VM broadcasts a gratuitous ARP packet.
  • the access layer device replaces a source MAC address and a sender MAC address of the gratuitous ARP packet with the virtual MAC address of the newly-added VM according to the configured Layer 2 forwarding entries, and broadcasts the gratuitous ARP packet in a VLAN to which the newly-added VM belongs and in the Trill network, so that an IP address and the virtual MAC address of the newly-added VM (not shown in FIG. 2) is recorded in an ARP entry learnt by the gateway and the other VM belonging to the same VLAN as the newly-added VM.
  • Examples of the present disclosure may handle a packet forwarding mechanism of the VLL2 network, and may include one or more of the following aspects.
  • the first aspect is that a RBridge searches out a matched entry in the Layer 2 forwarding table according to a source MAC address of an Ethernet packet (the source MAC address is an inner source MAC address compared to a Trill-encapsulated packet), wherein a mapped MAC address is included in the matched entry, the source MAC address of the Ethernet packet is replaced with the mapped MAC address.
  • the RBridge searches out a matched entry in the Layer 2 forwarding table according to a destination MAC address of the Ethernet packet (the destination MAC address is an inner destination MAC address compared to the Trill-encapsulated packet), wherein a mapped MAC address is included in the matched entry, the destination MAC address of the Ethernet packet is replaced with the mapped MAC address.
  • the second aspect is that the RBridge supports a mask-based MAC address searching mode.
  • a logical "AND" operation is performed by the RBridge to the source MAC address/the destination MAC address of an Ethernet header (an inner Ethernet header of the Trill packet) and a "mask" of each entry.
  • An operation result is compared with an "Initial MAC address" in the corresponding entry. It is determined that the matched entry is found if the operation result is the same as the "Initial MAC address" in the corresponding entry.
  • the third aspect is that the RBridge supports VLAN aware forwarding and VLAN unaware forwarding.
  • the VLAN aware mode uses a VLAN ID and the MAC address of the Ethernet header to search for an entry recording the VLAN ID.
  • the VLAN unaware mode uses the source MAC address and the destination MAC address of the inner Ethernet header to search for an entry not recording the VLAN ID.
  • the fourth aspect is that the Layer 2 forwarding table of the access layer device is configured by the network management apparatus, and the Layer 2 forwarding table of the core layer device includes an entry configured by the network management apparatus and an entry dynamically generated according to an existing MAC address learning mechanism. For example, an outward interface of the core layer device enables the MAC address learning. In this case, a 48-bit host mask is configured in the Layer 2 forwarding table for the MAC address learnt by the core layer device.
  • the MAC address learning of the core layer device and the access layer device may flexibly enable and disable a port or a plurality of global ports.
  • the fifth aspect is that when a VM sends a packet towards multiple destinations (e.g., a broadcast packet, a group aware packet, a group unaware packet or a unicast unaware packet), the destination MAC addresses in the packet are not aggregated.
  • destinations e.g., a broadcast packet, a group aware packet, a group unaware packet or a unicast unaware packet
  • FIG. 3 is a flowchart illustrating a method for forwarding a packet in accordance with an example of the present disclosure. As shown in FIG. 3, the method may include operations as follows.
  • an access layer device receives an Ethernet packet.
  • the access layer device stores a Layer 2 forwarding table including entries for Layer 2 routing.
  • An example of the forwarding table is described below with respect to the description of FIG. 4A and other examples described below.
  • the access layer device searches its Layer 2 forwarding table according to a source MAC address of the received Ethernet packet. For example, the Layer 2 forwarding table is searched to find a matching entry. If a matching entry is found, the source MAC address of the Ethernet packet is replaced with a mapped virtual MAC address of the source MAC address specified in the entry. According to an example, to find a matching entry for the source MAC address in the Layer 2 forwarding table, an operation is performed on the source MAC address and a bit mask in an entry. If the result of the operation is the same as an initial MAC address of the entry, then the entry is considered a match. This operation may be performed on each entry until a match is found if a match exists in the table. The matching is further described with respect to FIG. 4A and other examples described below.
  • the access layer device searches in the Layer 2 forwarding table according to a destination MAC address of the Ethernet packet. For example, an operation is performed on the destination MAC address and a bitmask in an entry. If the result of the operation is the same as an initial MAC address of the entry, then the entry is considered a match. This operation may be performed on each entry until a match is found if a match exists in the table.
  • the access layer device determines an egress port specified in the matching entry and encapsulates the Ethernet packet in a VLL2 protocol header, such as a Trill header, and sends the encapsulated packet towards the destination via the egress port.
  • a VLL2 protocol header such as a Trill header
  • FIG. 4A is a schematic diagram illustrating Layer 2 forwarding within a DC according to an example of the present disclosure.
  • a source VM is hosted on a physical server connected to portl of leafl
  • a destination VM is hosted on a physical server connected to portl of Ieaf3.
  • IP addresses of the source VM and the destination VM respectively are 1 .1 .1 .1 and 1 .1 .1 .8.
  • a Layer 2 forwarding table of leafl at least includes entries shown in Table 3.1 .
  • a Layer 2 forwarding table of Ieaf3 at least includes entries shown in Table 3.2.
  • a Layer 2 forwarding table of corel at least includes entries shown in Table 3.3.
  • the source VM sends an Ethernet packet to leafi , wherein a source MAC address of the Ethernet packet is 00-11 -11 -11 -11 -11 , and a destination MAC address of the Ethernet packet is ED-01 -00-03-00-02. [0077] In this case, the source VM determines that the destination IP addressl .1 .1 .8 of an IP packet belongs to the same IP network segment as the IP address 1 .1 .1 .1 of its own source VM.
  • the source VM searches an ARP table based on the destination IP address 1 .1 .1 .8, and finds that a MAC address recorded in an ARP entry searched out and corresponding to the destination IP address 1 .1 .1 .8 is a virtual MAC address ED-01 -00-03-00-02.
  • the source VM encapsulates the IP packet into the Ethernet packet of which the source MAC address is 00-11 -11 -11 -11 -11 and the destination MAC address is ED-01 -00-03-00-02.
  • a logic "AND" operation is performed by leafl to the source MAC address 00-11 -11 -11 -11 -11 of the received Ethernet packet and a 48-bit mask ff-ff-ff-ff-ff-ff in a Layer 2 forwarding entry (shown in the second row of Table 3.1 ), and an operation result is 00-11 -11 -11 -11 -11 which is the same as an initial MAC address 00-11 -11 -11 -11 -11 -11 of the Layer 2 forwarding entry, and it is determined that the entry is searched out (i.e., a matching entry).
  • Leafl replaces the source MAC address of the Ethernet packet with a mapped MAC address ED-01 -00-01 -00-01 in the matching entry.
  • the logic "AND" operation is performed by leafl to the destination MAC address ED-01 -00-03-00-02 of the received Ethernet packet and a 32-bit access device mask ff-ff-ff-ff-00-OO in an entry (shown in the fourth row of Table 3.1 ), and an operation result is ED-01 -00-03-00-00 which is the same as an initial MAC address ED-01 -00-03-00-00 of the entry.
  • Leafl determines that the entry is searched out (i.e., a matching entry for the destination MAC address).
  • Leafl forwards the Ethernet packet to Ieaf3 via DC1_leaf3 which is an egress port in the entry searched out.
  • Leafl encapsulates a Trill header for the received Ethernet header based on DC1_leaf3.
  • an Ingress nickname is a nickname of leafl
  • an Egress nickname is DC1_leaf3 (i.e., the nickname of Ieaf3).
  • leafl encapsulates a next-hop header for the Ethernet packet.
  • a source MAC address is the MAC address of leafl
  • a destination MAC address is the MAC address of corel
  • a VLAN ID is an ID of a designated VLAN.
  • the next-hop header is a next-hop header changed hop by hop.
  • next-hop header encapsulated by leafl outside the Trill header is regarded as an outer Ethernet header.
  • Leafl may determine, according to a Trill routing table, that the next hop to Ieaf3 is corel , and then search out the MAC address of corel according to a Trill adjacent table.
  • the source MAC address and the destination MAC address of the next-hop header are used to identify a transmitting RBridge and a next-hop RBridge.
  • the Trill -encapsulated packet is forwarded by leafl to corel .
  • Corel receives the Trill-encapsulated packet, decapsulates the outer Ethernet header, and re-encapsulates a next-hop header based on the Egress Nickname of the Trill header.
  • the source MAC address is the MAC address of corel
  • the destination MAC address is the MAC address of leaf 3
  • the VLAN ID is the designated VLAN ID.
  • the re-encapsulated Trill packet is forwarded by corel to the next hop Ieaf3.
  • Ieaf3 After receiving the Trill packet, Ieaf3 detects that the destination MAC address of the next-hop header is the MAC address of Ieaf3 itself, then removes the next-hop header. Leaf3 determines that the Egress nickname of the Trill header is DC1_leaf3 of Ieaf3, and then removes the Trill header. The inner Ethernet packet is obtained by Ieaf3.
  • An entry (shown in the fourth row of Table 3.2) is searched out by Ieaf3 in the Layer 2 forwarding table shown in Table 3.2 according to the source MAC address ED-01 -00-01 -00-01 of the inner Ethernet packet.
  • leafl replaced the initial source MAC address with ED-01 -00-01 -00-01 in the inner Ethernet packet.
  • ED-01 -00-01 -00-01 was the mapped MAC address of the matching entry.
  • the source MAC address i.e., ED-01 -00-01 -00-01 ) of the Ethernet packet is not replaced.
  • An entry (shown in the third row of Table 3.2) including a mapped MAC address is searched out by Ieaf3 according to the destination MAC address ED-01 -00-03-00-02 of the Ethernet packet.
  • Leaf3 replaces the destination MAC address of the Ethernet packet with 00-1 D-A1 -75-28-70, and forwards the Ethernet packet received via portl that is the egress port of the entry searched out.
  • the logical "AND" operation is performed by leaf 3 to the source MAC address ED-01 -00-01 -00-01 and a 32-bit mask ff-ff-ff-ff-OO-OO in the entry shown in the fourth row of Table 3.2, and an operation result is ED-01 -00-01 -00-00 which is the same as the initial MAC address ED-01 -00-01 -00-00 in the entry, then it is determined that the entry is searched out.
  • the logical "AND" operation is performed by Ieaf3 to the destination MAC address ED-01 -00-03-00-02 and a 48-bit mask ff-ff-ff-ff-ff-ff in the entry shown in the third row of Table 3.2, and an operation result is ED-01 -00-03-00-02 which is the same as the initial MAC address ED-01 -00-03-00-02 in the entry, then it is determined that the entry is searched out.
  • the source VM if the source VM does not find the ARP entry corresponding to the destination IP address 1 .1 .1 .8 in the ARP table, the source VM sends an ARP request packet to request a MAC address corresponding to the destination IP address 1 .1 .1 .8.
  • a Sender IP address of the ARP request packet is 1 .1 .1 .1
  • a Sender MAC address is 00-11 -11 -11 -11 -11
  • a Target IP address is 1 .1 .1 .8
  • a Target MAC address is 00-00-00-00-00-00-00-000-00-00-00-00-000-0.
  • a source MAC address and a destination MAC address of an Ethernet header of the ARP request packet respectively are 00-11 -11 -11 -11 -11 -11 and a broadcast address ff-ff-ff-ff-ff.
  • leafl After receiving the ARP request packet, leafl does not broadcast the ARP request packet in the Trill network, but converts the received ARP request packet into a proprietary ARP request packet (as shown in FIG. 4B).
  • the proprietary ARP request packet is sent to the network management apparatus by leafl in a manner of unicast.
  • Leafl removes the Ethernet header of the received ARP request packet and encapsulates an IP header for the packet.
  • a source IP address is a local IP address 1 .1 .1 .30 of leafl
  • a destination IP address is the IP address 122.1 .2.1 of the network management apparatus. Then, leafl encapsulates a next-hop header changed hop-by-hop outside the IP header.
  • the next-hop header changed hop-by-hop is an Ethernet header.
  • a source MAC address is a local MAC address 00-5F-AA-95-82-07 corresponding to leafl (corresponding to the source IP address 1 .1 .1 .30 of the IP header), a destination MAC address is the MAC address of the gateway of VLAN1 , i.e., OO-EO-FC-11 -11 -11 .
  • Leafl does not search out a Layer 2 forwarding entry according to the source MAC address of the proprietary ARP request packet.
  • Leafl searches out a Layer 2 forwarding entry (shown in the fifth row of Table 3.1 ) not including a mapped MAC address according to the destination MAC address 00-E0-FC-11 -11 -11 , encapsulates the proprietary ARP request packet into a Trill-encapsulated proprietary ARP request packet based on DC1_core1 which is an egress port of the entry searched out and sends to corel the packet.
  • leafl encapsulates a Trill header and an Ethernet header (an outer Ethernet header) outside the proprietary ARP request packet.
  • the Ethernet header of the proprietary ARP request packet is positioned between the Trill header and the IP header, and can still be regarded as the inner Ethernet header.
  • the Ethernet header outside the Trill header can still be regarded as the outer Ethernet header.
  • Corel receives the Trill-encapsulated packet, removes the Trill encapsulation (the outer Ethernet header and the Trill header), removes the inner Ethernet header, and re-encapsulates an Ethernet header (a next-hop header changed hop-by-hop) based on the destination IP address of the IP header of the proprietary ARP request packet.
  • a destination MAC address is a MAC address of a next hop to the destination IP address
  • a VLAN ID is an identifier of a VLAN to which the next-hop device belongs
  • a source MAC address is a MAC address of a L3 interface of corel , wherein the L3 interface is in the same VLAN as the next-hop device.
  • the next-hop device After receiving the proprietary ARP request re-encapsulated by corel , the next-hop device performs Layer 3 forwarding according to the destination IP address of the IP header of the proprietary ARP request packet to forward the proprietary ARP request packet to the network management apparatus.
  • the way that the next-hop device forwards the packet is similar to the forwarding process of corel , the example of the present disclosure does not repeat herein.
  • the network management apparatus After receiving the proprietary ARP request packet, the network management apparatus searches the information table about the devices and VMs in the whole network as shown in Table 1 for the virtual MAC address ED-01 -00-03-00-02 corresponding to the IP addressl .1 .1 .8.
  • the IP address 1 .1 .1 .1 and the MAC address 00-11 -11 -11 -11 -11 -11 -11 corresponding to this IP address respectively are configured as a Target IP address and a Target MAC address of an ARP response packet (the IP address 1 .1 .1 .1 and the MAC address 00-11 -11 -11 -11 -11 respectively are the Sender IP address and the Sender MAC address of the ARP request packet received by the network management apparatus).
  • the IP address 1 .1 .1 .8 and the virtual MAC address ED-01 -00-03-00-02 of the destination VM respectively are configured as a Sender IP address and a Sender MAC address of the ARP response packet.
  • the ARP response packet is encapsulated into a unicast proprietary ARP response packet (as shown in FIG. 4B). That is, the network management apparatus encapsulates an IP header and an Ethernet header (a next-hop header changed hop-by-hop) for the ARP response packet.
  • a source IP address of the IP header of the proprietary ARP response packet is the IP address 122.1 .2.1 of the network management apparatus
  • a destination IP address is the IP address 1 .1 .1 .30 of leafl
  • a source MAC address of the Ethernet header of the proprietary ARP response packet is the MAC address of the network management apparatus
  • a destination MAC address is a MAC address of a next-hop device towards the destination IP address.
  • the source MAC address and the destination MAC address of the Ethernet header of the proprietary ARP response packet are changed hop-by-hop, but the destination IP address of the proprietary ARP response packet is not changed. Therefore, the proprietary ARP response packet is sent to corel hop-by-hop, wherein corel is used as the gateway of VLAN1 .
  • Corel receives the proprietary ARP response packet, performs Layer 3 forwarding according to the destination IP address of the IP header of the proprietary ARP response packet, and replaces the source MAC address and the destination MAC address of the Ethernet header of the proprietary ARP response packet with the MAC address OO-EO-FC-11 -11 -11 of the gateway of VLAN1 and the MAC address 00-5F-AA-95-82-07 of leaf 1 , respectively.
  • Corel searches out an entry (shown in the second row of Table 3.3) according to the destination MAC address 00-5F-AA-95-82-07 of the Ethernet header of the proprietary ARP response packet, performs Trill encapsulation to the proprietary ARP response packet, and sends to leafl the Trill-encapsulated proprietary ARP response packet within the Trill domain.
  • Leafl receives the Trill-encapsulated proprietary ARP response packet, removes the outer Ethernet header and the Trill header, removes the Ethernet header and the IP header of the proprietary ARP response packet, and configures an Ethernet header for the ARP response packet.
  • an entry shown in the fourth row of Table 3.1 ) searched out by leafl according to the Sender MAC address ED-01 -00-03-00-02 does not include a mapped virtual MAC address, the Sender MAC address is configured as the source MAC address of the ARP response packet.
  • the source MAC address is ED-01 -00-03-00-02
  • the destination MAC address is ED-01 -00-01 -00-01 .
  • An entry (shown in the fourth row of Table 3.1 ) searched out by leafl based on the source MAC address ED-01 -00-03-00-02 of the ARP response packet does not include a mapped MAC address.
  • An entry (shown in the third row of Table 3.1 ) searched out by leafl based on the destination MAC address ED-01 -00-01 -00-01 includes a mapped MAC address 00-11 -11 -11 -11 -11 , the destination MAC address ED-01 -00-01 -00-01 of the Ethernet header of the ARP response packet is replaced with the mapped MAC address 00-11 -11 -11 -11 -11 -11 , and the ARP response packet is sent to the source VM via Portl which is the egress port of the entry.
  • Leafl forwards the ARP response packet to the source VM.
  • the source VM learns an ARP entry according to the received ARP response packet, wherein the ARP entry records a mapping relationship between the IP address 1 .1 .1 .8 and the virtual MAC address ED-01 -00-03-00-02.
  • the network management apparatus may employ another way to configure a pair of sender addresses and a pair of target addresses of the proprietary ARP response packet.
  • the IP address 1 .1 .1 .1 and the MAC address ED-01 -00-01 -00-01 are configured by the network management apparatus as the Target IP address and the Target MAC address of the ARP response packet, respectively (the Target IP address 1 .1 .1 .1 is the Sender IP address of the received ARP request packet, and the Target MAC address ED-01 -00-01 -00-01 is a virtual MAC address mapped to the Sender MAC address of the received ARP request packet).
  • the IP address 1 .1 .1 .8 and the virtual MAC address ED-01 -00-03-00-02 of the destination VM are configured by the network management apparatus as the Sender IP address and the Sender MAC address of the ARP response packet, respectively.
  • the network management apparatus encapsulates the ARP response packet into a unicast proprietary ARP response packet.
  • the proprietary ARP response packet is sent to corel hop-by-hop.
  • Corel receives the proprietary ARP response packet, performs routing forwarding according to the destination IP address of the IP header of the proprietary ARP response packet, and modifies the source MAC address and the destination MAC address of the Ethernet header of the proprietary ARP response packet, wherein the source MAC address and the destination MAC address respectively are replaced with the MAC address OO-EO-FC-11 -11 -11 of the gateway of VLAN1 and the MAC address 00-5F-AA-95-82-07 of leaf 1 .
  • Corel searches out an entry (shown in the second row of Table 3.3) according to the destination MAC address 00-5F-AA-95-82-07 of the Ethernet header of the proprietary ARP response packet, performs Trill encapsulation for the proprietary ARP response packet, and sends to leafl the Trill-encapsulated proprietary ARP response packet within the Trill domain.
  • Leafl receives the Trill-encapsulated proprietary ARP response packet, removes the outer Ethernet header and the Trill header, removes the Ethernet header and the IP header of the proprietary ARP response packet, and configures the Sender MAC address ED-01 -00-03-00-02 and the Target MAC address ED-01 -00-01 -00-01 of the ARP response packet as the source MAC address and the destination MAC address of the ARP response packet, respectively.
  • leafl searches out an entry (shown in the fourth row of Table 3.1 ) that does not include a mapped MAC address based on the source MAC address ED-01 -00-03-00-02 of the ARP response packet.
  • Leafl replaces, according to a configured Layer 2 forwarding entry (shown in the third row of Table 3.1 ), the destination MAC address ED-01 -00-01 -00-01 of the Ethernet header of the ARP response packet with a mapped MAC address 00-11 -11 -11 -11 -11 corresponding to the destination MAC address, and sends the ARP response packet to the source VM via Portl .
  • Leafl forwards to the source VM the ARP response packet.
  • the source VM learns an ARP entry based on the received ARP response packet, wherein the ARP entry records a mapping relationship between the IP address 1 .1 .1 .8 and the virtual MAC address ED-01 -00-03-00-02.
  • an access layer RBridge intercepts an ARP request packet received from a common interface, but does not intercept an ARP request packet received from an interface enabling the Trill protocol.
  • the above ARP interception mechanism may also be used to control the flooding of the ARP request packet.
  • the corel a Layer 3 device in FIG. 1 , sends to the network management apparatus a unicast proprietary ARP request packet to request ARP information of all VMs in VLAN1 within the DC.
  • corel sends to the network management apparatus the unicast proprietary ARP request packet to request ARP information about a certain VM.
  • corel sends the proprietary ARP request packet.
  • the Sender IP address is the IP address of the gateway of VLAN1
  • the Sender MAC address is the MAC address OO-EO-FC-11 -11 -11 of the gateway of VLAN1
  • the Target IP address is 1 .1 .1 .8, and the Target MAC address is 00-00-00-00-00-00.
  • the source IP address of the proprietary ARP request packet is the IP address 1 .1 .1 .30 of the gateway of VLAN1
  • the destination IP address of the proprietary ARP request packet is the IP address 122.1 .2.1 of the network management apparatus.
  • Corel encapsulates an Ethernet header changed hop-by-hop outside the IP header.
  • the proprietary ARP request packet is sent to the network management apparatus hop-by-hop.
  • the network management apparatus searches out, in Table 1 , a virtual MAC address ED-01 -00-03-00-02 corresponding to the Target IP address 1 .1 .1 .8 of the proprietary ARP request packet, configures the IP address 1 .1 .1 .8 and the virtual MAC address ED-01 -00-03-00-02 as the Sender IP address and the Sender MAC address of the proprietary ARP response packet, respectively, and configures the Sender IP address and the Sender MAC address of the received proprietary ARP request packet as the Target IP address and the Target MAC address of the proprietary ARP response packet, respectively.
  • the network management apparatus configures the source IP address of the proprietary ARP response packet as the IP address 122.1 .2.1 of the network management apparatus its own, and configures the destination IP address of the proprietary ARP response packet as the IP address 1 .1 .1 .30 of the gateway of VLAN1 .
  • the source MAC address is the MAC address of the network management apparatus
  • the destination MAC address is a MAC address of a next-hop device to corel .
  • Corel receives the proprietary ARP response packet, and learns the ARP entry according to the Sender IP address and the Sender MAC address.
  • an outer VLAN e.g., VLAN m
  • VLAN m an outer VLAN
  • corl may still learn an ARP entry of a L3 interface of outer VLAN m in accordance with an ARP protocol mechanism.
  • FIG. 5 is a schematic diagram illustrating forwarding a multicast packet according to an example of the present disclosure.
  • a source VM is a VM connected to portl of leafl
  • a MAC address of the source VM is 00-11 -11 -11 -11 -11 .
  • a Layer 2 forwarding table of leafl at least includes entries shown in Table 4.1
  • a Layer 2 forwarding table of Ieaf3 at least includes entries shown in
  • a Layer 2 forwarding table of Ieaf4 at least includes entries shown in
  • the VM as a multicast source sends a multicast packet to leafl , wherein a source MAC address of the packet is an actual MAC address 00-11 -11 -11 -11 -11 of the source VM, a destination MAC address of the packet is a MAC address 01 -00-5E-XX-XX-XX of multicast group 1 .
  • Leafl receives the multicast packet, searches out an entry (shown in the second row of Table 4.1 ) based on the source MAC address 00-11 -11 -11 -11 -11 of the packet, and replaces the source MAC address with a mapped MAC address ED-01 -00-01 -00-01 in the entry searched out.
  • Leafl searches out an entry (shown in the fourth row of Table 4.1 ) according to the destination MAC address 01 -00-5E-XX-XX-XX of the Ethernet packet, encapsulates the multicast packet received into a Trill packet based on DC1_core1 which is an egress port in the entry searched out, and distributes the Trill-encapsulated packet to the Trill network.
  • a nickname of corel is a nickname of a root of a multicast tree to which the destination multicast group belongs.
  • leafl encapsulates a Trill header for the multicast packet by taking the nickname DC1_core1 of the egress port as the Egress nickname and taking the nickname DC1_leaf1 of leafl itself as the Ingress Nickname.
  • Leafl configures the MAC address of leafl and a specific multicast MAC address defined by the Trill as a source MAC address and a destination MAC address of a next-hop header, respectively.
  • Leafl forwards the Trill-encapsulated packet to corel which is the root of the multicast tree to which the multicast group belongs.
  • Corel receives the Trill-encapsulated multicast packet, removes the outer Ethernet header and the Trill header, and determines, in a Trill multicast table according to the Egress Nickname of the Trill header, that there are two downstream nodes Ieaf3 and Ieaf4 in a multicast forwarding tree of VLAN1 . Therefore, the multicast packet is duplicated to get two packets, which respectively are encapsulated into a Trill-encapsulated multicast packet and then sent to the two downstream RBridges Ieaf3 and Ieaf4.
  • Leaf3 and Ieaf4 respectively receive the Trill-encapsulated multicast packet, decapsulate the packet to obtain the inner multicast packet, and then search, respectively, in the Layer 2 forwarding tables shown in Table 4.2 and Table 4.3 according to the source MAC address ED-01 -00-01 -00-01 of the Ethernet header of the inner multicast packet.
  • Leaf3 and Ieaf4 respectively search out an entry (shown in the second row of Table 4.2 and the third row of Table 4.3). These entries do not include a mapped MAC address, so that Ieaf3 and Ieaf4 do not replace the source MAC address of the multicast packets.
  • Leaf3 and Ieaf4 search according to the multicast MAC address 01 -00-5E-XX-XX-XX, in the Layer 2 forwarding tables shown in Table 4.2 and Table 4.3 respectively to obtain corresponding entries (shown in the third row of Table 4.2 and the second row of Table 4.3), and then send the multicast packets via portl which is the egress port in the entries searched out.
  • FIG. 6 is a schematic diagram illustrating forwarding a packet in a DC to an outer network according to an example of the present disclosure.
  • a source VM accesses via portl of leafl in DC1 , and an IP address of the source VM is 1 .1 .1 .1 .
  • a destination IP address of a destination end is 172.1 .1 .1 , which is a service IP address of a user rather than IP addresses of tunnels used in the inter-DC Layer 2 connections.
  • a VLAN is VLAN m.
  • a virtual device formed by corel and core2 which are on the core layer of DC1 using the stack protocol is used as a gateway to achieve load balancing and backup.
  • the virtual device is a virtual core layer device.
  • Links of leafl used to connect corel and core2 are bundled by leafl into a link aggregation group.
  • Links of Ieaf2 used to connect corel and core2 are bundled by Ieaf2 into a link aggregation group. The same operation is performed by Ieaf3 and Ieaf4 also.
  • DCI core is a nickname of the virtual device in the example of the present disclosure.
  • Core2 is a master device of the virtual device.
  • a Layer 2 forwarding table of leafl in FIG. 6 at least includes entries shown in Table 5.2.
  • Layer 2 forwarding tables of corel and core2 at least include entries shown in Table 5.3.
  • the source VM sends an Ethernet packet to leafl , wherein a source MAC address of the packet is 00-11 -11 -11 -11 -11 which is an actual source MAC address of the source VM, a destination MAC address of the packet is OO-EO-FC-11 -11 -11 which is a MAC address of a gateway of VLAN1 .
  • the source VM determines that the IP address 1 .1 .1 .1 of its own is not in the same network segment as the IP address 172.1 .1 .1 of the destination end, and obtain an IP address 1 .1 .1 .100 of the gateway of VLAN1 through querying a local routing table of the source VM (the IP address of the gateway may be configured through a static configuration mode or through a dynamic host configuration protocol mode).
  • an ARP request packet is broadcasted to request a MAC address corresponding to the IP address 1 .1 .1 .100 of the gateway of VLAN1 .
  • the example of the present disclosure does not describe the specific process in further detail.
  • the MAC address corresponding to the IP address 1 .1 .1 .100 of the gateway of VLAN1 and searched out by the source VM in ARP entries is 00-E0-FC-11 -11 -11 , which is used as a destination MAC address of an Ethernet header.
  • leafl After receiving the Ethernet packet, leafl searches out an entry (shown in the second row of Table 5.2) in the Layer 2 forwarding table according to the source MAC address 00-11 -11 -11 -11 -11 of the Ethernet packet, replaces the source MAC address 00-11 -11 -11 -11 -11 of the received Ethernet packet with a mapped MAC address ED-01 -00-01 -00-01 in the entry searched out.
  • Leafl searches out an entry (shown in the fourth row of Table 5.2) in the Layer 2 forwarding table according to the destination MAC address 00-E0-FC-11 -11 -11 of the Ethernet packet, wherein the entry does not include a corresponding mapped MAC address.
  • Leafl encapsulates the received Ethernet packet into a Trill-encapsulated packet according to an Egress nickname (i.e., DCI core, which is a nickname of the logical node formed by corel and core2 in a manner of stacking) of an egress port of the entry searched out.
  • Egress nickname i.e., DCI core, which is a nickname of the logical node formed by corel and core2 in a manner of stacking
  • leafl encapsulate a Trill header by taking DC1_core (the nickname of the logical node formed by corel and core2 in a manner of stacking) as the Egress nickname and taking DC1_leaf1 which is the nickname of leafl itself as the Ingress nickname.
  • Leafl determines, according to the Till routing table, that a next hop to the Egress Nickname is DC1_core, searches out a MAC address of DC1_core in the Trill adjacency table, and encapsulates a next-hop header outside the Trill header.
  • a source MAC address is the MAC address of leafl
  • a destination MAC address is a MAC address of DCI core
  • a VLAN ID is an identifier of a designated VLAN.
  • Leafl forwards the Trill-encapsulated packet to DC1_core.
  • the core2 which is the master device of DCI core, receives the Trill-encapsulated Ethernet packet, removes the next-hop header and the Trill header, and searches out an entry (shown in the fifth row of Table 5.3) in the Layer 2 forwarding table according to the source MAC address ED-01 -00-01 -00-01 of the inner Ethernet packet, wherein the entry searched out does not include a mapped MAC address, so that core2 does not replace the source MAC address.
  • Core2 searches out an entry (shown in the second row of Table 5.3) in the Layer 2 forwarding table according to the destination MAC address 00-E0-FC-11 -11 -11 of the inner Ethernet packet header, wherein egress port information of the entry searched out is a L3 mark (which indicates the enabling of the Layer 3 forwarding), so that core2 performs the Layer 3 forwarding process including: searching in the routing table a routing entry of the destination IP address 172.1 .1 .1 to determine a next hop to the destination IP address, querying a MAC address of the next hop, configuring the source MAC address of the Trill-decapsulated Ethernet packet as a MAC address of an interface of VLAN m of the virtual device DCI core, and configuring the destination MAC address of the Ethernet packet as the MAC address of the next hop.
  • the packet is forwarded, hop-by-hop within the IP network based on routing, to the destination device of which the IP address is 172.1 .1 .1 .
  • an IP packet sent from the destination device of which the IP address is 172.1 .1 .1 to the source VM is forwarded hop-by-hop to the virtual device within the IP network.
  • the corel which is a member device of DC1_core, receives an Ethernet packet from the outside of the DC.
  • a source MAC address of the Ethernet packet is the MAC address of the next hop learnt by DC1_core
  • a destination MAC address of the Ethernet packet is the MAC address of a L3 interface of VLAN m of DCI core.
  • Corel searches in the Layer 2 forwarding table according to the destination MAC address, and determines to perform the Layer 3 forwarding.
  • Corel queries the ARP table based on the destination IP address 1 .1 .1 .1 to determine a corresponding MAC address is ED-01 -00-01 -00-01 , configures VLAN1 which is an identifier of a VLAN to which the destination IP address 1 .1 .1 .1 belongs as the VLAN ID of the received Ethernet packet, configures the MAC address searched out according to the ARP table as the destination MAC address of the received Ethernet packet, and configures the MAC address OO-EO-FC-11 -11 -11 of the gateway of VLAN1 as the source MAC address of the received Ethernet packet.
  • Corel searches in the Layer 2 forwarding table according to the source MAC address 00-E0-FC-11 -11 -11 and the destination MAC address ED-01 -00-01 -00-01 , respectively.
  • the entries searched out by corel (shown in the second row and the fifth row of Table 5.3) do not include a mapped MAC address.
  • Corel encapsulates the received Ethernet packet into a Trill packet according to an egress port in the Layer 2 forwarding entry matching the destination MAC address.
  • the Egress nickname is DC1_leaf1
  • the Ingress nickname is DCI core.
  • Corel determines, according to the Till routing table, that a next hop to the Egress Nickname is leafl , searches out the MAC address of leaf 1 in the Trill adjacency table, and encapsulates a next-hop header outside the Trill header.
  • a source MAC address is the MAC address of DC1_core1
  • a destination MAC address is the MAC address of leafl
  • a VLAN ID is an identifier of a designated VLAN.
  • Corel forwards the Trill-encapsulated packet to leafl .
  • FIG. 7 is a schematic diagram illustrating Layer 3 forwarding within a DC according to an example of the present disclosure.
  • a physical server where a source VM is hosted on is connected to portl of leafl , an IP address of the source VM is 1 .1 .1 .1 , and a VLAN to which the source VM belongs is VLAN1 .
  • a physical server where a destination VM is hosted on is connected to port2 of Ieaf3, an IP address of the destination VM is 2.2.2.7, and a VLAN to which the destination VM belongs is VLAN2.
  • corel and core2 which are on the core layer of DC1 form a virtual device in a manner of stacking to achieve load balancing and backup.
  • a nickname of the virtual device is DCI core.
  • Core2 is a master device of the virtual device. Links of leafl used to connect corel and core2 are bundled by leafl into a link aggregation group. The same operation is performed by Ieaf2, Ieaf3 and Ieaf4 also.
  • a Layer 2 forwarding table of leafl at least includes entries shown in Table 6.1 .
  • Layer 2 forwarding tables of corel and core2 at least include entries shown in Table 6.2.
  • a Layer 2 forwarding table of Ieaf3 at least includes entries shown in Table 6.3.
  • the source VM sends an Ethernet packet to leafl .
  • a source MAC address of the packet is 00-11 -11 -11 -11 -11 which is an actual MAC address of the source VM, and a destination MAC address of the packet is OO-EO-FC-11 -11 -11 which is a MAC address of a gateway of VLAN 1 .
  • leafi After receiving the Ethernet packet, leafi searches out an entry (shown in the second row of Table 6.1 ) including a mapped MAC address in the Layer 2 forwarding table according to the source MAC address 00-11 -11 -11 -11 -11 , and replaces the source MAC address 00-11 -11 -11 -11 -11 of the packet with the mapped MAC address ED-01 -00-01 -00-01 .
  • Leafi searches the Layer 2 forwarding table according to the destination MAC address 00-E0-FC-11 -11 -11 of the packet, and searches out an entry (shown in the fourth row of Table 6.1 ) that does not include a mapped MAC address.
  • Leafi encapsulates the received Ethernet packet into a Trill packet according to DC1_core which is an egress port of the entry searched out, and sends, according to the Trill routing table, the Trill packet to the Trill network for forwarding.
  • the core2 which is the master device of DCI core, receives the Trill-encapsulated packet, removes the next-hop header and the Trill header, and searches the Layer 2 forwarding table according to the source MAC address ED-01 -00-01 -00-01 of the inner Ethernet header.
  • An entry (shown in the fourth row of Table 6.2) searched out by core2 does not include a mapped MAC address.
  • Core2 does not replace the source MAC address of the inner Ethernet header.
  • the core2 searches the Layer 2 forwarding table according to the destination MAC address 00-E0-FC-11 -11 -11 of the inner Ethernet header.
  • An entry (shown in the second row of Table 6.2) searched out by core2 does not include a mapped MAC address, and egress port information of the entry searched out is L3 attribute.
  • a routing entry of the destination IP address 2.2.2.7 is searched in a routing table of core2, and then a virtual MAC address ED-01 -00-03-00-04 corresponding to an IP address of the routing entry is searched out in the ARP table.
  • the VLAN ID of the inner Ethernet packet is changed from VLAN1 to VLAN2, the source MAC address is configured as OO-EO-FC-22-22-22 which is a MAC address of a L3 interface of a gateway of VLAN2, and the destination MAC address of the inner Ethernet header is configured as ED-01 -00-03-00-04.
  • the core2 which is the master device of DC1_core, searches out, based on the destination MAC address ED-01 -00-03-00-04, an entry (shown in the sixth row of Table 6.2) which does not include a mapped MAC address, encapsulates the Ethernet packet into a Trill-encapsulated Ethernet packet according to DC1_leaf3 which is an egress port of the entry searched out, and sends to Ieaf3 the Trill-encapsulated Ethernet packet.
  • Ieaf3 After receiving the Trill-encapsulated Ethernet packet, Ieaf3 removes the Trill header and the next-hop header. Leaf3 searches the Layer 2 forwarding table according to the source MAC address OO-EO-FC-22-22-22 of the Ethernet packet. An entry (shown in the third row of Table 6.3) searched out by Ieaf3 does not included a mapped MAC address. Leaf3 does not replace the source MAC address. Leaf3 searches out an entry (shown in the last row of Table 6.3) according to the destination MAC address ED-01 -00-03-00-04 of the Ethernet packet, wherein the entry searched out includes a mapped MAC address.
  • Leaf3 replaces the destination MAC address ED-01 -00-03-00-04 of the Ethernet packet with the mapped MAC address 00-25-9C-2F-63-FE in the entry searched out.
  • Leaf3 forwards to the destination VM the Ethernet packet of which the destination MAC address is replaced through portl which is an egress port in the entry searched out.
  • FIG. 8 is a schematic diagram illustrating Layer 2 forwarding between DCs according to an example of the present disclosure.
  • the DC interconnection network employs the MAC over IP technology.
  • Devices of core layer of each DC device support the Trill technology and the MAC over IP technology simultaneously, and support two-way conversion between the Trill and the MAC over IP, i.e., a MAC over IP packet is encapsulated after the Trill is completed, and a Trill packet is encapsulated after the MAC over IP is completed.
  • corel and core2 on the core layer form a virtual device (i.e., a logical node) in a manner of stacking to achieve load balancing and backup.
  • a nickname of the virtual device formed by corel and core2 is DCI core.
  • Core2 is a master device of the logical node.
  • corel ' and core2' on the core layer form a virtual device in a manner of stacking to achieve load balancing and backup.
  • a nickname of the virtual device formed by corel ' and core2' is DC2_core.
  • Corel ' is a master device of the virtual device.
  • a physical server where a source VM is hosted on is connected to leafl of DC1 , an IP address of the source VM is 1 .1 .1 .1 , and a VLAN to which the source VM belongs is VLAN1 .
  • a physical server where a destination VM is hosted on is connected to leafl ' of DC2, an IP address of the destination VM is 1 .1 .1 .100, and a VLAN to which the destination VM belongs is VLAN1 .
  • a Layer 2 forwarding table of leafl at least includes entries shown in Table 7.1 .
  • Layer 2 forwarding tables of corel and core2 at least include entries shown in Table 7.2, respectively.
  • Layer 2 forwarding tables of corel ' and core2' at least include entries shown in Table 7.3, respectively.
  • a Layer 2 forwarding table of leafl ' at least includes entries shown in Table 7.4.
  • the source VM sends an Ethernet packet to leafl .
  • a source MAC address of the Ethernet packet is 00-11 -11 -11 -11 -11 which is an actual MAC address of the source VM, and a destination MAC address of the Ethernet packet is ED-02-00-01 -00-01 which is a virtual MAC address corresponding to the destination IP address.
  • Leafl receives the Ethernet packet, searches out an entry (shown in the second row of Table 7.1 ) including a mapped MAC address in the Layer 2 forwarding table according to the source MAC address 00-11 -11 -11 -11 -11 , and replaces the source MAC address of the packet with the mapped MAC address ED-01 -00-01 -00-01 .
  • Leafl searches out an entry (shown in the fourth row of Table 7.1 ) not including a mapped MAC address in the Layer 2 forwarding table according to the destination MAC address ED-02-00-01 -00-01 , encapsulates the received Ethernet packet into a Trill packet according to DC1_core which is an egress port of the entry searched out, and sends the Trill packet to an egress device DCI core within the Trill network.
  • the core2 which is the master device of DCI core, receives the Trill packet, decapsulates the Trill packet to get the Ethernet packet, and searches out an entry (shown in the second row of Table 7.2) not including a mapped MAC address according to the source MAC address ED-01 -00-01 -00-01 of the decapsulated Ethernet packet. Core2 does not replace the source MAC address. Core2 searches out an entry (shown in the third row of Table 7.2) not including a mapped MAC address according to the destination MAC address ED-02-00-01 -00-01 of the decapsulated Ethernet packet, and performs MAC over IP encapsulation to the decapsulated Ethernet packet based on IP2 which is an egress port in the entry searched out.
  • an outer source IP address is IP1
  • an outer destination IP address is IP2.
  • the core2 performs routing forwarding according to IP2, and encapsulates an Ethernet header changed hop-by-hop outside the outer IP header, so that the packet encapsulated with the MAC over IP is forwarded to DC2 hop-by-hop through the DC interconnecting (DCI) network.
  • DCI DC interconnecting
  • the corel ' which is the master device of DC2_core, receives the packet encapsulated with the MAC over IP, decapsulates the outer Ethernet header and the outer IP header to get the inner Ethernet packet, and searches out an entry (shown in the second row of Table 7.3) not including a mapped MAC address in the Layer 2 forwarding table according to the source MAC address ED-01 -00-01 -00-01 of the inner Ethernet header.
  • the corel ' does not replace the source MAC address.
  • the corel ' searches out an entry (shown in the third row of Table 7.3) not including a mapped MAC address according to the destination MAC address ED-02-00-01 -00-01 of the decapsulated Ethernet packet, encapsulates the inner Ethernet packet into a Trill-encapsulated Ethernet packet according to DC2_leaf1 which is an egress port in the entry, and sends to leaf 1 ' the Trill-encapsulated Ethernet packet within the Trill network of DC2.
  • Leafl ' receives the Trill-encapsulated packet, removes the next-hop header and the Trill header, searches out an entry (shown in the last row of Table 7.4) not including a mapped MAC address in the Layer 2 forwarding table according to the source MAC address ED-01 -00-01 -00-01 .
  • Leafl ' does not replace the source MAC address.
  • Leafl ' searches out an entry (shown in the second row of Table 7.4) including a mapped MAC address 00-20-00-20-20-20-20 in the Layer 2 forwarding table according to the destination MAC address ED-02-00-01 -00-01 , replaces the destination MAC address with the mapped MAC address 00-20-00-20-20-20, and sends to the destination VM the Ethernet packet of which the destination MAC address is replaced through Portl that is the egress port in the entry.
  • Another format of the virtual MAC address and corresponding MAC address masks in different hierarchies may be designed according to the principle provided by the examples of the present disclosure, and a mask-based Layer 2 forwarding table and packet forwarding processes based on the Layer 2 forwarding table under a variety of scenarios thereof can also be designed, which should be included in the protection scope of the present disclosure as long as virtual MAC addresses of VMs can be hierarchically aggregated through masks in different hierarchies.
  • an example of the present disclosure also provides a network management apparatus, applied to a VLL2 network.
  • FIG. 9A is a schematic diagram illustrating a structure of the routing switch device according to the example of the present disclosure.
  • An example of the routing switch device is an access layer device. Examples of modules in the routing switch device are shown in FIG. 9A. The modules represent functionalities of the routing switch device which may be implemented in hardware and/or by machine readable instructions executed by a processor or other type of processing circuit.
  • the routing switch device may include a receiving module 91 , a sending module 92, a forwarding module 93, and at least one port.
  • the routing switch device may further include an ARP processing module 94, as shown in FIG. 9B.
  • the receiving module 91 may receive a packet through the port 94 of the device, and the sending module 92 may send a packet through the port 94 of the device.
  • the receiving module 91 is configured to receive an Ethernet packet.
  • the forwarding module 92 is configured to search in a Layer 2 forwarding table according to a source Media Access Control (MAC) address of the Ethernet packet received, and replace, when it is determined that a Layer 2 forwarding entry searched out and matching the source MAC address of the Ethernet packet includes a MAC address mapped to the source MAC address, the source MAC address of the Ethernet packet with the MAC address mapped to the source MAC address; search in the Layer 2 forwarding table according to a destination MAC address of the Ethernet packet received; perform, when it is determined that a Layer 2 forwarding entry searched out and matching the destination MAC address of the Ethernet packet does not include a MAC address mapped to the destination MAC address, Very Large Layer 2 (VLL2) network protocol encapsulation to the Ethernet packet of which the source MAC address is replaced according to an egress port in the Layer 2 forwarding entry matching the destination MAC address.
  • VLL2 Very Large Layer 2
  • the forwarding module 93 is configured to perform the VLL2 network protocol encapsulation to the Ethernet packet of which the source MAC address is replaced taking an egress port in the access device entry and towards the other access layer device associated with the access device entry as egress port information in the VLL2 network protocol encapsulation.
  • the sending module 92 is configured to send to the other access layer device the Ethernet packet encapsulated with the VLL2 network protocol through the egress port in the access device entry and towards the other access layer device.
  • the forwarding module 93 is configured to perform the VLL2 network protocol encapsulation to the Ethernet packet of which the source MAC address is replaced taking an egress port in the data center entry and towards the other data center associated with the data center entry as egress port information in the VLL2 network protocol encapsulation.
  • the sending module 92 is configured to send to the other data center the Ethernet packet encapsulated with the VLL2 network protocol through the egress port in the data center entry and towards the other data center.
  • the forwarding module 93 is configured to perform the VLL2 network protocol encapsulation to the Ethernet packet of which the source MAC address is replaced taking an egress port in the gateway forwarding entry and towards a gateway as egress port information in the VLL2 network protocol encapsulation.
  • the sending module 92 is configured to send to the gateway the Ethernet packet encapsulated with the VLL2 network protocol through the egress port in the gateway forwarding entry and towards the gateway.
  • the Layer 2 forwarding entry matching the destination MAC address of the Ethernet packet received and searched out by the forwarding module 93 is a multicast forwarding entry (i.e., identifies a multicast address), and an egress port of the multicast forwarding entry includes an egress port towards a root of a multicast tree of a multicast group
  • the forwarding module 93 is configured to perform the VLL2 network protocol encapsulation to the Ethernet packet of which the source MAC address is replaced taking the egress port in the multicast forwarding entry and towards the root of the multicast tree of the multicast group as egress port information in the VLL2 network protocol encapsulation.
  • the sending module 92 is configured to send to the root of the multicast tree of the multicast group the multicast packet encapsulated with the VLL2 network protocol through the egress port in the multicast forwarding entry and towards the root of the multicast tree of the multicast group.
  • the sending module 92 is configured to send to the multicast receiver the multicast packet of which the source MAC address is replaced through the egress port in the multicast forwarding entry and towards the multicast receiver.
  • the forwarding module 93 is configured to replace the destination MAC address of the Ethernet packet with the MAC address mapped to the destination MAC address.
  • the sending module 92 is configured to send the Ethernet packet of which the source MAC address and the destination MAC address are replaced through the egress port in the Layer 2 forwarding entry matching the destination MAC address.
  • the receiving module 91 is configured to receive an Ethernet packet encapsulated with the VLL2 network protocol.
  • the forwarding module 93 is configured to decapsulate VLL2 network protocol encapsulation of the Ethernet packet received when it is determined, according to the VLL2 network protocol encapsulation of the Ethernet packet encapsulated with the VLL2 network protocol, that the routing switch device receiving the Ethernet packet encapsulated with the VLL2 network protocol is a destination device of the Ethernet packet encapsulated with the VLL2 network protocol; search in the Layer 2 forwarding table according to a destination MAC address of the decapsulated Ethernet packet; when it is determined that a Layer 2 forwarding entry searched out and matching the destination MAC address of the decapsulated Ethernet packet includes a MAC address mapped to the destination MAC address of the decapsulated Ethernet packet, replace the destination MAC address of the decapsulated Ethernet packet with the MAC address mapped to the destination MAC address of the decapsulated Ethernet packet.
  • the sending module 92 is configured to send the decapsulated
  • the receiving module 91 is configured to receive an Address Resolution Protocol (ARP) request packet.
  • ARP Address Resolution Protocol
  • the ARP processing module 94 is configured to transfer the ARP request packet received into a proprietary ARP request packet; search in the Layer 2 forwarding table according to a source MAC address and a destination MAC address of the proprietary ARP request packet, respectively; when it is determined that a Layer 2 forwarding entry searched out and matching the destination MAC address of the proprietary ARP request packet does not include a MAC address mapped to the destination MAC address of the proprietary ARP request packet, perform the VLL2 network protocol encapsulation to the proprietary ARP request packet according to an egress port in the Layer 2 forwarding entry matching the destination MAC address of the proprietary ARP request packet and towards a gateway within a VLL2 network.
  • the sending module 92 is configured to send the proprietary ARP request packet encapsulated with the VLL2 network protocol through the egress port in the Layer 2 forwarding entry matching the destination MAC address of the proprietary ARP request packet and towards
  • the receiving module 91 is configured to receive a proprietary ARP response packet encapsulated with the VLL2 network protocol.
  • the ARP processing module 94 is configured to decapsulate VLL2 network protocol encapsulation of the proprietary ARP response packet encapsulated with the VLL2 network protocol to obtain a decapsulated ARP response packet, transfer the decapsulated ARP response packet into an ARP response packet with an Ethernet header; search in the Layer 2 forwarding table according to a source MAC address and a destination MAC address of the decapsulated ARP response packet, respectively; when it is determined that a Layer 2 forwarding entry searched out and matching the destination MAC address of the decapsulated ARP response packet includes a MAC address mapped to the destination MAC address of the decapsulated ARP response packet, replace the destination MAC address of the decapsulated ARP response packet with the MAC address mapped to the destination MAC address of the decapsulated ARP response packet.
  • the sending module 92 is further configured to send the decapsulated ARP response packet of
  • the VLL2 network protocol may be the Transparent Interconnection of Lots of Links (Trill) protocol or the Shortest Path Bridging (SPB) protocol.
  • Trill Transparent Interconnection of Lots of Links
  • SPB Shortest Path Bridging
  • modules in the examples of the present disclosure may be deployed either in a centralized or a distributed configuration; and may be either merged into a single module, or further split into a plurality of sub-modules.
  • modules in the examples of the present disclosure may be implemented by software (e.g. machine readable instructions stored in a memory and executable by a processor), hardware (e.g. the processor of an Application Specific Integrated Circuit (ASIC)), or a combination thereof.
  • software e.g. machine readable instructions stored in a memory and executable by a processor
  • hardware e.g. the processor of an Application Specific Integrated Circuit (ASIC)
  • ASIC Application Specific Integrated Circuit
  • FIG. 10A is a schematic diagram illustrating a hardware structure of the routing switch device according to an example of the present disclosure.
  • the device may include a processor 101 , a first storage 102, a second storage 103, at least one port 104, and a bus 105.
  • the processor 101 , the first storage 102 and the second storage 103 are interconnected via the bus 105.
  • the routing switch device may receive and send a packet through the port 104.
  • the first storage 102 is configured to store machine readable instructions
  • the second storage 103 is configured to store a Layer 2 forwarding table
  • the processor 101 is configured to execute machine readable instructions to perform operations described above, including operations of receiving module 91 , sending module 92 and forwarding module 93 described with respect to FIGS. 9A-B.
  • FIG. 10B is the same as FIG. 10A except the processor 101 may further execute machine readable instructions for the ARP processing module 94.
  • the operations performed by processor 101 shown in FIGS. 10A-B may include receiving an Ethernet packet; searching in a Layer 2 forwarding table according to a source Media Access Control (MAC) address of the Ethernet packet received, and replacing the source MAC address with a mapped virtual MAC address in a Layer 2 forwarding entry matching the source MAC address of the Ethernet packet; and searching in the Layer 2 forwarding table according to a destination MAC address of the Ethernet packet received, performing, when it is determined that a Layer 2 forwarding entry matching the destination MAC address of the Ethernet packet does not include a MAC address mapped to the destination MAC address, Very Large Layer 2 (VLL2) network protocol encapsulation to the Ethernet packet of which the source MAC address is replaced according to an egress port in the Layer 2 forwarding entry matching the destination MAC address, and sending the Ethernet packet encapsulated with a VLL2 network protocol.
  • VLL2 Very Large Layer 2
  • the processor is further configured to execute the machine readable instructions to perform operations including: performing the VLL2 network protocol encapsulation to the Ethernet packet of which the source MAC address is replaced, taking an egress port in the access device entry and towards the other access layer device associated with the access device entry as egress port information in the VLL2 network protocol encapsulation, and sending to the other access layer device the Ethernet packet encapsulated with the VLL2 network protocol through the egress port in the access device entry and towards the other access layer device.
  • the processor is further configured to execute the machine readable instructions to perform operations including: performing the VLL2 network protocol encapsulation to the Ethernet packet of which the source MAC address is replaced taking an egress port in the data center entry and towards the other data center associated with the data center entry as egress port information in the VLL2 network protocol encapsulation, and sending to the other data center the Ethernet packet encapsulated with the VLL2 network protocol through the egress port in the data center entry and towards the other data center.
  • the processor is further configured to execute the machine readable instructions to perform operations including: performing the VLL2 network protocol encapsulation to the Ethernet packet of which the source MAC address is replaced taking an egress port in the gateway forwarding entry and towards a gateway as egress port information in the VLL2 network protocol encapsulation, and sending to the gateway the Ethernet packet encapsulated with the VLL2 network protocol through the egress port in the gateway forwarding entry and towards the gateway.
  • the processor is further configured to execute the machine readable instructions to perform operations including: performing the VLL2 network protocol encapsulation to the Ethernet packet of which the source MAC address is replaced taking the egress port in the multicast forwarding entry and towards the root of the multicast tree of the multicast group as egress port information in the VLL2 network protocol encapsulation, and sending to the root of the multicast tree of the multicast group the multicast packet encapsulated with the VLL2 network protocol through the egress port in the multicast forwarding entry and towards the root of the multicast tree of the multicast group.
  • the processor is further configured to execute the machine readable instructions to perform operations including: sending to the multicast receiver the multicast packet of which the source MAC address is replaced through the egress port in the multicast forwarding entry and towards the multicast receiver.
  • the processor is further configured to execute the machine readable instructions to perform operations including: when it is determined that the Layer 2 forwarding entry matching the destination MAC address of the Ethernet packet comprises a mapped actual MAC address, replacing the destination MAC address of the Ethernet packet with the mapped actual MAC address, and sending the Ethernet packet of which the source MAC address and the destination MAC address are replaced through the egress port in the Layer 2 forwarding entry matching the destination MAC address.
  • the processor is further configured to execute the machine readable instructions to perform operations including: receiving an Ethernet packet encapsulated with the VLL2 network protocol; decapsulating VLL2 network protocol encapsulation when it is determined, according to the VLL2 network protocol encapsulation of the Ethernet packet encapsulated with the VLL2 network protocol, that a device receiving the Ethernet packet encapsulated with the VLL2 network protocol is a destination device of the Ethernet packet encapsulated with the VLL2 network protocol; searching in the Layer 2 forwarding table according to a destination MAC address of the decapsulated Ethernet packet; and when it is determined that a Layer 2 forwarding entry matching the destination MAC address of the decapsulated Ethernet packet comprises a mapped actual MAC address, replacing the destination MAC address of the decapsulated Ethernet packet with the mapped actual MAC address in the Layer 2 forwarding entry matching the destination MAC address of the decapsulated Ethernet packet, and sending the decapsulated Ethernet packet of which the destination MAC address is replaced through an egress port in the Layer 2 forwarding entry matching
  • the processor is further configured to execute the machine readable instructions to perform operations including: receiving an Address Resolution Protocol (ARP) request packet; transferring the ARP request packet received into a proprietary ARP request packet; searching in the Layer 2 forwarding table according to a source MAC address and a destination MAC address of the proprietary ARP request packet; and when it is determined that a gateway forwarding entry matching the destination MAC address of the proprietary ARP request packet, performing the VLL2 network protocol encapsulation to the proprietary ARP request packet according to an egress port in the gateway forwarding entry matching the destination MAC address of the proprietary ARP request packet, and sending the proprietary ARP request packet encapsulated with the VLL2 network protocol towards the gateway.
  • ARP Address Resolution Protocol
  • the processor is further configured to execute the machine readable instructions to perform operations including: receiving a proprietary ARP response packet encapsulated with the VLL2 network protocol; decapsulating VLL2 network protocol encapsulation to obtain a decapsulated ARP response packet, transferring the decapsulated ARP response packet into an ARP response packet; searching in the Layer 2 forwarding table according to a source MAC address and a destination MAC address of the ARP response packet; when it is determined that a Layer 2 forwarding entry matching the destination MAC address of the ARP response packet comprises a mapped actual MAC address, replacing the destination MAC address of the ARP response packet with the mapped actual MAC address in the Layer 2 forwarding entry matching the destination MAC address of the ARP response packet; and sending the ARP response packet of which the destination MAC address is replaced through an egress port in the Layer 2 forwarding entry matching the destination MAC address of the ARP response packet.
  • the VLL2 network protocol may be the Transparent Interconnection of Lots of Links (Trill) protocol or the Shortest Path Bridging (SPB) protocol.
  • Trill Transparent Interconnection of Lots of Links
  • SPB Shortest Path Bridging
  • an access layer device within the VLL2 network matches, in accordance with a Layer 2 forwarding table based on MAC address masks, Layer 2 forwarding entries according to a source MAC address and a destination MAC address of the packet, respectively, replaces, when a virtual MAC address is included in the Layer 2 forwarding entry matched, the corresponding MAC address of the packet with the virtual MAC address; and forwards the packet according to an egress port in the Layer 2 forwarding entry matching the destination MAC address of the packet. Therefore, the packet is forwarded in accordance with the Layer 2 forwarding entry based on the MAC address mask.
  • the examples of the present disclosure may be implemented by a hardware ASIC for an Ethernet switch device which requires high processing performance, and may be implemented by machine readable instructions for devices like routers and vswitch which do not require the high processing performance.
  • the above examples can be implemented by hardware, software or firmware or a combination thereof.
  • the various methods, processes and functional units described herein may be implemented by a processor (the term processor is to be interpreted broadly to include a CPU, processing unit, ASIC, logic unit, or programmable gate array etc.).
  • the processes, methods and functional units may all be performed by a single processor or split between several processors; reference in this disclosure or the claims to a 'processor' should thus be interpreted to mean 'one or more processors'.
  • the processes, methods and functional units be implemented as machine readable instructions executable by one or more processors, hardware logic circuitry of the one or more processors or a combination thereof. Further the teachings herein may be implemented in the form of a software product.
  • the computer software product is stored in a non-transitory storage medium and comprises a plurality of instructions for making a computer apparatus (which can be a personal computer, a server or a network apparatus such as a router, switch, access point etc.) implement the method recited in the examples of the present disclosure.
  • a computer apparatus which can be a personal computer, a server or a network apparatus such as a router, switch, access point etc.
  • the machine readable instructions may be stored in a computer readable storage medium. When running, the machine readable instructions may provide the procedures of the method examples.
  • the storage medium may be diskette, CD, ROM (Read-Only Memory) or RAM (Random Access Memory), and etc.

Abstract

According to an example, to forward a packet, an access layer device searches a Layer 2 forwarding table according to a source Media Access Control (MAC) address of the packet, and replaces the source MAC address with a mapped virtual MAC address in a matching Layer 2 forwarding entry. The Layer 2 forwarding table is searched according to a destination MAC address of the Ethernet packet. In response to determining that a Layer 2 forwarding entry matching the destination MAC address of the Ethernet packet does not include a MAC address mapped to the destination MAC address, Very Large Layer 2 (VLL2) network protocol encapsulation is performed on the Ethernet packet of which the source MAC address is replaced according to an egress port in the Layer 2 forwarding entry matching the destination MAC address; and the Ethernet packet encapsulated with a VLL2 network protocol header is sent via the egress port.

Description

PACKET FORWARDING
BACKGROUND
[0001 ] There may be dozens or even hundreds of Virtual Machines (VMs) that are hosted on an individual physical server by employing the server virtualization technology, so that the utilization of the server is improved. In order to enhance the high availability of the server, VMs may be migrated between different ports of an access layer device or migrated between different access layer devices. Different standards organizations have developed different standardized protocols, such as the Transparent Interconnection of Lots of Links (Trill) protocol, the Shortest Path Bridging (SPB) protocol, etc., which can be used to build a Very Large Layer 2 (VLL2) network to achieve the migration of VMs.
[0002] Taking a VLL2 network including a plurality of Data Centers (DCs) as an example, the VLL2 networking technologies include VLL2 network technologies within a DC and VLL2 network technologies interconnecting DCs. The former can achieve the VM migration between different ports of an individual access layer device and the VM migration between different access layer devices within an individual DC. The later can achieve the VM migration between access layer devices belonging to different DCs. BRIEF DESCRIPTION OF THE DRAWINGS
[0003] Features of the present disclosure are illustrated by way of example and not limited in the following figure(s), in which like numerals indicate like elements, in which:
[0004] FIG. 1 is a schematic diagram illustrating a Trill network according to an example of the present disclosure.
[0005] FIG. 2 is a schematic diagram illustrating VM migration according to an example of the present disclosure.
[0006] FIG. 3 is a flowchart illustrating a method for forwarding a packet according to an example of the present disclosure.
[0007] FIG. 4A is a schematic diagram illustrating Layer 2 forwarding within a data center according to an example of the present disclosure.
[0008] FIG. 4B is a schematic diagram illustrating a proprietary ARP request packet according to an example of the present disclosure.
[0009] FIG. 5 is a schematic diagram illustrating forwarding a multicast packet according to an example of the present disclosure.
[0010] FIG. 6 is a schematic diagram illustrating forwarding a packet in a data center to an outer network according to an example of the present disclosure.
[0011 ] FIG. 7 is a schematic diagram illustrating Layer 3 forwarding within a data center according to an example of the present disclosure.
[0012] FIG. 8 is a schematic diagram illustrating Layer 2 forwarding between data centers according to an example of the present disclosure.
[0013] FIG. 9A is a schematic diagram illustrating a structure of a routing switch device according to an example of the present disclosure. [0014] FIG. 9B is a schematic diagram illustrating a structure of a routing switch device according to an example of the present disclosure.
[0015] FIG. 10A is a schematic diagram illustrating a hardware structure of a routing switch device according to an example of the present disclosure.
[0016] FIG. 10B is a schematic diagram illustrating a hardware structure of a routing switch device according to an example of the present disclosure.
DETAILED DESCRIPTION
[0008] Hereinafter, the present disclosure will be described in further detail with reference to the accompanying drawings and examples to make the technical solution and merits therein clearer.
[0009] In the following description, numerous specific details are set forth in order to provide a thorough understanding of the present disclosure. It will be readily apparent however, that the present disclosure may be practiced without limitation to these specific details. In other instances, some methods and structures have not been described in detail so as not to unnecessarily obscure the present disclosure. As used herein, the term "includes" means includes but not limited to, the term "including" means including but not limited to. The term "based on" means based at least in part on. In addition, the terms "a" and "an" are intended to denote at least one of a particular element.
[0017] An access layer device connects computers to a network. The computers may include end user devices, servers or any type of computer that may include a network interface to connect to the network. For example, an access layer device can connect a physical server hosting a VM to a core layer device. Also, Virtual Local Area Networks (VLANs) may be used to separate traffic in an access layer in the network. An access layer device may include a network switch. The network switch may be layer 2, layer 3 or layer 2/3, where the layers refer to layers in the Open Systems Interconnection (OSI) model. Core layer devices may include network switches for backbone switching and routing and also may include layer 2, layer 3 or layer 2/3 network switches. A layer 2/3 network switch may perform Layer 2 switching and Layer 3 routing. The access layer devices in a VLL2 network within a DC may together provide a large number of ports, for example more than 12,000 10-Gigabit Ethernet ports for connecting 12,000 10-Gigabit physical servers. In some cases more than 200 VMs may be hosted on an individual 10-Gigabit physical server. In some cases the VMs may be large, e.g. more than 2.4 megabytes (M) each, and when many VMs are hosted on 12,000 10-Gigabit physical servers of a VLL2 network within a DC, this can leads to the number of Media Access Control (MAC) addresses used by the VMs in the VLL2 network within an individual DC being very large, e.g. up to 2.4 million. The number of VMs within a DC based on a multi-tenant model is even greater, and even more MAC addresses are used. A DC may include a group of networked computer systems, which may include servers, that are housed at a facility. The computer systems are connected via a network in the DC and may host VMs, and the DC may be connected to other DCs via a network. The DC may include support systems such as redundant or backup power supplies, redundant data communications connections, environmental controls, security devices, etc.
[0018] Accordingly, in the VLL2 network within the DC, an access layer device learns a large number of MAC addresses in a Layer 2 forwarding table to perform forwarding.
[0019] Examples of the present disclosure do not limit what VLL2 network technologies are used within a DC or between DCs. VLL2 network technologies like Trill, SPB, etc., may be employed within an individual DC. VLL2 network technologies like the MAC over IP (e.g., Overlay Transport Virtualization, OTV) protocol, the Ethernet Virtualization Interconnection (EVI) protocol, the Virtual Private LAN Service (VPLS) protocol, etc., may be applied to the interconnection of DCs.
[0020] By way of example, the present disclosure describes the architecture of a VLL2 network formed by the interconnection of four DCs but more or less DCs may be interconnected in the architecture. The VLL2 network also includes a network management apparatus (i.e., a network management plane) connected to the four DCs, and a server management apparatus (i.e., a VM management apparatus or a VM management plane). In the architecture, a VLL2 network within each DC employs the Trill technology, and a VLL2 network among DCs employs the MAC over IP technology.
[0021 ] FIG. 1 is a schematic diagram illustrating the architecture of a VLL2 network within DC1 built with the Trill technology. The architecture of the VLL2 networks within other DCs is similar to that of the VLL2 network within DC1 shown in FIG. 1
[0022] As shown in FIG. 1 , the VLL2 network within DC1 includes a core layer and an access layer. Leafl , Ieaf2, Ieaf3 and Ieaf4 are access layer devices. Corel and core2 are core layer devices.
[0023] The Trill protocol is run on leafl , Ieaf2, Ieaf3 and Ieaf4 which are in the access layer of DC1 and the Trill protocol is also run on corel and core2 which are in the core layer of DC1 . These devices running the Trill protocol are called Routing Bridges (RBridges). The RBridges together form a Trill network. RBridges obtain Trill network topologies between each other through a link state protocol. Each RBridge generates a routing forwarding table (referred to as a Trill routing table) from itself to another RBridge in the Trill network using the Shortest Path Tree algorithm.
[0024] In the example of the present disclosure, the network management apparatus configures a virtual MAC address for each VM in each DC according to a virtual MAC encoding rule. The virtual MAC address may include fields, as specified below, that are different than a traditional MAC address (also referred to as actual MAC address) assigned to network interfaces for communications on the physical network segment. Each virtual MAC address is a binary number of 6 bytes, and includes identifiers including: a Uniqueness identifier (1 byte), which does not conflict with an existing assigned Organizationally Unique Identifier (OUI), and may use an identifier that is not assigned by the OUI, such as ED, 22, etc. ; a Data Center ID (1 byte), which is an identifier of a DC, also referred to as a network identifier; a Device ID (2 bytes), which is an identifier of an access layer device; and a Host ID (2 bytes), which is an identifier of a VM or a host. Host IDs of VMs hosted on a plurality of physical servers which are connected to a same access layer device cannot be identical. Host IDs of VMs hosted on physical servers which are connected to different access layer devices can be identical. For example, if five physical servers are connected to switch-! , then Host IDs of VMs hosted on the five physical servers cannot be identical. However, a Host ID of a VM hosted on a physical server connected to switch2 may be identical with a Host ID of a VM hosted on a physical server connected to switchl .
[0025] Based on the above virtual MAC address encoding rule of the VM, several masks are defined in the example of the present disclosure, including: a Host mask: ff-ff-ff-ff-ff-ff, an access device mask: ff-ff-ff-ff-00-00, and a data center mask: ff-ff-00-00-00-00.
[0026] The network management apparatus may configure virtual MAC addresses for VMs. Configuring may include determining the virtual MAC addresses. In some cases configuring may include sending the virtual MAC addresses to access layer devices. Also, as described below, the network management apparatus can configure entries in tables of devices, such as access devices or core devices etc. The configuring of entries may include determining information for the entries and sending the information to the devices for storage in the devices. The network management apparatus may configure the virtual MAC addresses in the whole network by running a batch configuration tool. During the process of configuring the virtual MAC addresses, the network management apparatus obtains from the VM management apparatus an information table including the VMs in the whole network and connections of physical devices. The virtual MAC addresses are added to the information table based on the information table and according to the above virtual MAC address encoding rule, and the information table is maintained. As shown in Table 1 , the information table about the devices and the VMs in the whole network maintained by the network management apparatus at least include information as follows (configuration information of DC1 is shown in Table 1 ).
Table 1 access
data center,
IP device,
Virtual MAC mask-base
Address VLAN IP address MAC address mask-base
Device Nickname Port address of d, virtual
(MAC ID of VM of VM d, virtual
VM MAC
over IP) MAC
address address
00-11-11- ED-01-00- ED-01-0 leafi DC1_leaf1 IP1 Portl 1 1.1.1.1
11-11-11 01-00-01 0-
00-00-00
00-EO-FC- ED-01-00-
DC1_leaf1 IP1 Portl 1 1.1.1.2
03-42-24 01-00-02
00-14-2A- ED-01-00-
DC1_leaf1 IP1 Portl 1 1.1.1.3
EB-74-2F 01-00-03
00-05-5B- ED-01-00-
DC1_leaf1 IP1 Port2 2 2.2.2.1
A4-6B-28 01-00-04
00-0f-e2- ED-01-00- ED-01-00-
DC1_leaf1 IP1 Port2 2 2.2.2.2
0f-9a-86 01-00-05 01-00-00
00-0C-76- ED-01-00-
DC1_leaf1 IP1 Port2 2 2.2.2.3
0A-17-2D 01-00-06
00-0D-88- ED-01-00-
DC1_leaf1 IP1 Port3 3 3.3.3.1
F6-44-C1 01-00-07
00-0D-88- ED-01-00-
DC1_leaf1 IP1 Port3 3 3.3.3.2
F7-9F-7D 01-00-08
00-0D-88- ED-01-00-
DC1_leaf1 IP1 Port3 3 3.3.3.3
F7-B0-90 01-00-09
00-22-22- ED-01-00-
Ieaf2 DC1_leaf2 IP1 Portl 1 1.1.1.4
22-22-22 02-00-01
00-6B-28- ED-01-00-
DC1_leaf2 IP1 Portl 1 1.1.1.5
07-44-3F 02-00-02
00-14-3A- ED-01-00-
DC1_leaf2 IP1 Portl 1 1.1.1.6
EB-84-2F 02-00-03
00-05-6B- ED-01-00-
DC1_leaf2 IP1 Port2 2 2.2.2.4
A4-6B-38 02-00-04
00-0D-88- ED-01-00- ED-01-00-
DC1_leaf2 IP1 Port2 2 2.2.2.5
F7-B0-94 02-00-05 02-00-00
00-0D-98- ED-01-00-
DC1_leaf2 IP1 Port2 2 2.2.2.6
F8-4E-88 02-00-06
04-37-1 A- ED-01-00-
DC1_leaf2 IP1 Port3 3 3.3.3.4
44-55-66 02-00-07
06-22-23- ED-01-00-
DC1_leaf2 IP1 Port3 3 3.3.3.5
AA-BB-CC 02-00-08
08-53-26- ED-01-00-
DC1_leaf2 IP1 Port3 3 3.3.3.6
3B-7C-FD 02-00-09
00-06-25- ED-01-00- ED-01-00-
Ieaf3 DC1_leaf 3 IP1 Portl 1 1.1.1.7
FD-32-EB 03-00-01 03-00-00
00-1D-A1- ED-01-00-
DC1_leaf 3 IP1 Portl 1 1.1.1.8
75-28-70 03-00-02 00- 09-92- ED-01-00-
DC1_leaf3 IP1 Port1 1 1.1.1.9
01- CA-D7 03-00-03
00-25-9C- ED-01-00-
DC1_leaf3 IP1 Port2 2 2.2.2.7
2F-63-FE 03-00-04
FC-FB-FB- ED-01-00-
DC1_leaf3 IP1 Port2 2 2.2.2.8
11-22-33 03-00-05
F8-83-88- ED-01-00-
DC1_leaf3 IP1 Port2 2 2.2.2.9
47-77-98 03-00-06
10-11-23- ED-01-00-
DC1_leaf3 IP1 Port3 3 3.3.3.7
5A-8B-CF 03-00-07
28-47-6C- ED-01-00-
DC1_leaf3 IP1 Port3 3 3.3.3.8
66-77-88 03-00-08
3C-4B-5A- ED-01-00-
DC1_leaf3 IP1 Port3 3 3.3.3.9
99-3D-57 03-00-09
20-47-FC- ED-01-00-
Ieaf4 DC1_leaf4 IP1 Port1 1 1.1.1.10
13-34-57 04-00-01
FC-FB-FB- ED-01-00-
DC1_leaf4 IP1 Port1 1 1.1.1.11
01-33-45 04-00-02
24-1A-8C- ED-01-00-
DC1_leaf4 IP1 Port1 1 1.1.1.12
05-55-FF 04-00-03
24-37-EF- ED-01-00-
DC1_leaf4 IP1 Port2 2 2.2.2.10
AA-97-A8 04-00-04
00-00-01- ED-01-00- ED-01-00-
DC1_leaf4 IP1 Port2 2 2.2.2.11
17-4d-F9 04-00-05 04-00-00
00-EO-FC- ED-01-00-
DC1_leaf4 IP1 Port2 2 2.2.2.12
37-45-98 04-00-06
58-66-BA- ED-01-00-
DC1_leaf4 IP1 Port3 3 3.3.3.10
03-27-99 04-00-07
C4-CA-D9- ED-01-00-
DC1_leaf4 IP1 Port3 3 3.3.3.11
70-90-58 04-00-08
00-OD-EF- ED-01-00-
DC1_leaf4 IP1 Port3 3 3.3.3.12
33-44-55 04-00-09
L3
1.1.1.10 00-EO-FC- interfa 1
0 11-11-11
core ce
DC1 corel
1
L3
2.2.2.
interfa o 10 00-EO-FC-
0 22-22-22
ce
L3
core 3.3.3.10 00-EO-FC-
DC1_core2 interfa 3
2 0 33-33-33
ce
[0027] In Table 1, "Device" is an access layer device connecting a physical server where a VM is hosted on and a core layer device in a DC to which the physical server where the VM is hosted on belongs. "Nickname" is a forwarding identifier of the access layer device connecting the physical server where the VM is hosted on within the Trill network and a forwarding identifier of the core layer device in the DC to which the physical server where the VM is hosted on belongs within the Trill network. "Port" is a port of the access layer device through which the access layer device connects the physical server where the VM is hosted on. "VLAN ID" (an identifier of a VLAN) is an identifier of a VLAN where the VM locates.
[0028] "IP address of VM" is an IP address of each VM. "MAC address of VM" is an actual MAC address of the VM. "Virtual MAC address of VM" is a virtual MAC address of the VM. VLAN gateway addresses configured on Layer 3 (L3) interfaces of corel and core2 respectively are OO-EO-FC-11 -11 -11 , OO-EO-FC-22-22-22 and OO-EO-FC-33-33-33. Among them, 00-E0-FC-11 -11 -11 is a MAC address of a gateway of VLAN1 , OO-EO-FC-22-22-22 is a MAC address of a gateway of VLAN2, and OO-EO-FC-33- 33-33 is a MAC address of a gateway of VLAN3.
[0029] A logical "AND" operation is performed to the virtual MAC address of each VM and the access device mask ff-ff-ff-ff-00-00. An operation result is ED-01 -00-01 -00-00, which is a 48-bit aggregated MAC address. Therefore, virtual MAC addresses of VMs accessing the same access layer device are aggregated into an access device, mask-based, virtual MAC address. That is, virtual MAC addresses of VMs accessing leafl may be aggregated into ED-01 -00-01 -00-00. Virtual MAC addresses of VMs accessing Ieaf2 may be aggregated into ED-01 -00-02-00-00, virtual MAC addresses of VMs accessing leaf 3 may be aggregated into ED-01 -00-03-00-00, and virtual MAC addresses of VMs accessing leaf 4 may be aggregated into ED-01 -00-04-00-00. Virtual MAC addresses of VMs within other DCs may be aggregated based on the access device mask in accordance with the same virtual MAC address encoding rule, the example of the present disclosure does not enumerate herein.
[0030] The logical "AND" operation is performed to the virtual MAC address of each VM and the DC mask ff-ff-00-00-00-00. An operation result is ED-01 -00-00-00-00, which is a 48-bit aggregated MAC address. Therefore, virtual MAC addresses of VMs in the same DC can be aggregated into a DC, mask-based, virtual MAC address. That is, virtual MAC addresses of VMs in DC1 may be aggregated into ED-01 -00-00-00-00. In accordance with the same virtual MAC address encoding rule and based on the DC mask, virtual MAC addresses of VMs in DC2 may be aggregated into ED-02-00-00-00-00, virtual MAC addresses of VMs in DC3 may be aggregated into ED-03-00-00-00-00, and virtual MAC addresses of VMs in DC4 may be aggregated into ED-04-00-00-00-00.
[0031 ] It should be noted that Uniqueness IDs and Data Center IDs of VMs in different DCs may be identical or different. According to an example, to ensure that Uniqueness IDs and Data Center IDs of VMs within a same DC are identical, an aggregation relationship of the VMs within the same DC is not destroyed, and an aggregation relationship of VMs accessing a same access layer device is not destroyed.
[0032] Before forwarding a packet, the network management apparatus configures a Layer 2 forwarding table on access layer RBridges and core layer RBridges in each DC according to the information about the VMs and the devices in the whole network maintained by the network management apparatus.
[0033] Table 2.1 illustrates a Layer 2 forwarding table configured on the access layer RBridge leafl within DC1 .
Table 2.1
Egress
VLAN Initial MAC address Mask Mapped MAC address
Port
1 00-11 -11 -11 -11 -11 ff-ff-ff-ff-ff-ff ED-01 -00-01 -00-01 Portl
1 ED-01 -00-01 -00-01 ff-ff-ff-ff-ff-ff 00-11 -11 -11 -11 -11 Portl
1 OO-EO-FC-03-42-24 ff-ff-ff-ff-ff-ff ED-01 -00-01 -00-02 Portl
1 ED-01 -00-01 -00-02 ff-ff-ff-ff-ff-ff OO-EO-FC-03-42-24 Portl
1 00-14-2A-EB-74-2F ff-ff-ff-ff-ff-ff ED-01 -00-01 -00-03 Portl
1 ED-01 -00-01 -00-03 ff-ff-ff-ff-ff-ff 00-14-2A-EB-74-2F Portl
2 00-05-5B-A4-6B-28 ff-ff-ff-ff-ff-ff ED-01 -00-01 -00-04 Port2
2 ED-01 -00-01 -00-04 ff-ff-ff-ff-ff-ff 00-05-5B-A4-6B-28 Port2
2 00-0F-E2-0F-9A-86 ff-ff-ff-ff-ff-ff ED-01 -00-01 -00-05 Port2
2 ED-01 -00-01 -00-05 ff-ff-ff-ff-ff-ff 00-0F-E2-0F-9A-86 Port2 2 00-0C-76-0A-17-2D ff-ff-ff-ff-ff-ff ED-01 -00-01 -00-06 Port2
2 ED-01 -00-01 -00-06 ff-ff-ff-ff-ff-ff 00-0C-76-0A-17-2D Port2
3 00-0D-88-F6-44-C1 ff-ff-ff-ff-ff-ff ED-01 -00-01 -00-07 Port3
3 ED-01 -00-01 -00-07 ff-ff-ff-ff-ff-ff 00-0D-88-F6-44-C1 Port3
3 00-0D-88-F7-9F-7D ff-ff-ff-ff-ff-ff ED-01 -00-01 -00-08 Port3
3 ED-01 -00-01 -00-08 ff-ff-ff-ff-ff-ff 00-0D-88-F7-9F-7D Port3
3 00-0D-88-F7-B0-90 ff-ff-ff-ff-ff-ff ED-01 -00-01 -00-09 Port3
3 ED-01 -00-01 -00-09 ff-ff-ff-ff-ff-ff 00-0D-88-F7-B0-90 Port3
VLAN
ED-01 -00-02-00-00 ff-ff-ff-ff-OO-00 DC1_leaf2 unaware
VLAN
ED-01 -00-03-00-00 ff-ff-ff-ff-OO-00 DC1_leaf3 unaware
VLAN
ED-01 -00-04-00-00 ff-ff-ff-ff-OO-00 DC1_leaf4 unaware
VLAN
ED-02-00-00-00-00 ff-ff-OO-00-00-00 DC1_core1 unaware
VLAN
ED-03-00-00-00-00 ff-ff-OO-00-00-00 DC1_core1 unaware
VLAN
ED-04-00-00-00-00 ff-ff-OO-00-00-00 DC1_core1 unaware
1 OO-EO-FC-11 -11 -11 ff-ff-ff-ff-ff-ff DC1_core1
2 OO-EO-FC-22-22-22 ff-ff-ff-ff-ff-ff DC1_core1
3 OO-EO-FC-33-33-33 ff-ff-ff-ff-ff-ff DC1_core2
[0034] In Table 2.1 , Port 1 , Port 2 and Port 3 respectively are ports through which leafl connects servers where VMs are hosted on. DC1_leaf2, DC1_leaf3 and DC1_leaf4 respectively are nicknames of corresponding access layer RBridges in DC1 . DC1_core1 is a nickname of corel in DC1 , and DC1_core2 is a nickname of core2 in DC1 . 00-E0-FC-11 -11 -11 , OO-EO-FC-22-22-22 and OO-EO-FC-33-33-33 are gateway MAC addresses of VLAN1 , VLAN2 and VLAN3, respectively.
[0035] In Table 2.1 , corel is configured for forwarding traffics among DC1 and other DCs (e.g., DC2, DC3 and DC4). Egress ports in three entries (i.e., three entries of which initial MAC addresses respectively are ED-02-00-00-00-00, ED-03-00-00-00-00 and ED-04-00-00-00-00) of a DC, mask-based, virtual MAC address are configured as the nickname of corel (i.e., DC1_core1 ). [0036] When corel is configured for forwarding traffics among DC1 and DC2 as well as DC3, the egress ports in the two entries of which the initial MAC addresses respectively are ED-02-00-00-00-00 and ED-03-00-00-00-00 are configured as the nickname of corel (i.e., DC1_core1 ). When core2 is configured for forwarding traffics between DC1 and DC4, the egress port in the entry of which the initial MAC address is ED-04-00-00-00-00 is configured as the nickname of core2 (i.e., DC1_core2).
[0037] When corel and core2 form a virtual apparatus in a manner of stacking, wherein the virtual apparatus is configured for transmitting traffics among DC1 and the other three DCs, the egress ports in the three entries of which the initial MAC address respectively are ED-02-00-00-00-00, ED-03-00-00-00-00 and ED-04-00-00-00-00 are configured as a nickname of the virtual apparatus.
[0038] Furthermore, a corresponding multicast forwarding entry is configured on an access layer device for a multicast service. For example, a root of a multicast tree of a multicast group within DC1 is corel (the nickname of corel is DC1_core1 ). For multicast group 1 (a multicast address is 01 -00-5E-XX-XX-XX) in VLAN1 , a physical server where a VM that is configured as a multicast source of multicast group 1 is hosted on is connected to leafl , and a physical server where another VM configured as a multicast receiver of multicast group 1 is hosted on is connected to Portl of Ieaf3, and a physical server where a third VM configured as the multicast receiver of multicast group 1 is hosted on is connected to Portl of Ieaf4. Corresponding multicast forwarding entries in Layer 2 forwarding tables configured on leafl , Ieaf3 and Ieaf4 respectively include:
Table 2.2 The multicast forwarding entry in the Layer 2 forwarding table on leafl
Figure imgf000015_0001
Table 2.3 The multicast forwarding entry in the Layer 2 forwarding table on Ieaf3 Egress
VLAN Initial MAC address Mask Mapped MAC address
Port
1 01 -00-5E-XX-XX-XX ff-ff-ff-ff-ff-ff Portl
Table 2.4 The multicast forwarding entry in the Layer 2 forwarding table on Ieaf4
Egress
VLAN Initial MAC address Mask Mapped MAC address
Port
1 01 -00-5E-XX-XX-XX ff-ff-ff-ff-ff-ff Portl
[0039] A VM configured as the receiver of the multicast group 1 is connected to leafl via Port2, and then Port 2 is added to the egress port in the multicast forwarding entry shown in Table 2.2.
[0040] A way for configuring multicast forwarding entries of Layer 2 forwarding tables of access layer devices in DC2, DC3 and DC4 is the same as the way for configuring the multicast forwarding entries of the Layer 2 forwarding tables of access layer devices in DC1 , the example of the present disclosure does not describe in detail herein.
[0041 ] A Layer 2 forwarding table of corel may for example include entries shown in Table 2.5
Table 2.5
Egress
VLAN Initial MAC address Mask Mapped MAC address
Port
VLAN
ED-01 -00-01 -00-00 ff-ff-ff-ff-00-00 DC1_leaf1 unaware
VLAN
ED-01 -00-02-00-00 ff-ff-ff-ff-00-00 DC1_leaf2 unaware
VLAN
ED-01 -00-03-00-00 ff-ff-ff-ff-00-00 DC1_leaf3 unaware
VLAN
ED-01 -00-04-00-00 ff-ff-ff-ff-00-00 DC1_leaf4 unaware
VLAN
ED-02-00-00-00-00 ff-ff-00-00-00-00 IP2 unaware
VLAN
ED-03-00-00-00-00 ff-ff-00-00-00-00 IP3 unaware
VLAN
ED-04-00-00-00-00 ff-ff-00-00-00-00 IP4 unaware 1 OO-EO-FC-11 -11 -11 ff-ff-ff-ff-ff-ff L3
2 OO-EO-FC-22-22-22 ff-ff-ff-ff-ff-ff L3 m Next-hop MAC ff-ff-ff-ff-ff-ff Port m
[0042] A Layer 2 forwarding table of core2 may for example include entries shown in Table 2.6
Table 2.6
Figure imgf000017_0001
[0043] Among them, DC1_leaf1 , DC1_leaf2, DC1_leaf3 and DC1_leaf4 are the nicknames of leafl , Ieaf2, Ieaf3 and Ieaf4 in DC1 , respectively. IP2, IP3 and IP4 respectively are IP addresses of DC2, DC3 and DC4 which are defined according to the protocol. These IP addresses may be used as a destination IP address of a MAC over IP tunnel when corel of DC1 sends data to these three DCs. Accordingly, IP1 is an IP address of DC1 , and may be used as the destination IP address of the MAC over IP tunnel when the other three DCs send data to DC1 . 00-E0-FC-11 -11 -11 , OO-EO-FC-22-22-22, and OO-EO-FC-33-33-33 are gateway MAC addresses of VLAN1 , VLAN2 and VLAN3, respectively. L3 is a Layer 3 forwarding identifier, and is used to indicate that Layer 3 forwarding is performed to an Ethernet packet with a matched destination MAC address.
[0044] A way for configuring Layer 2 forwarding tables of core layer RBridges on DC2, DC3 and DC4 is the same as the way for configuring the Layer 2 forwarding tables shown in Table 2.5 or Table 2.6, which is not described in detail herein. [0045] In order to support forwarding a packet to a VLAN of an external network (e.g., VLAN m), a corresponding entry (shown in the last row of Table 2.5) is included in the Layer 2 forwarding table of corel shown in Table 2.5, wherein the entry includes an identifier m which is the identifier of VLAN m, a next-hop MAC which is a MAC address of a next-hop device from corel to VLAN m, and Port m which is the egress port. Corel learns the MAC address of the next-hop device according to an Address Resolution Protocol (ARP) packet. Next-hop devices of corel and core2 are different, so that a next-hop device entry (shown in the last row of Table 2.6) learnt by core2 includes an identifier n which is the identifier of VLAN n, a next-hop MAC which is a MAC address of a next-hop device from core2 to VLAN n, and Port n which is the egress port.
[0046] Based on the networking structure shown in FIG. 1 , FIG. 2 is a schematic diagram illustrating VM migration according to an example of the present disclosure.
[0047] In this case, a VM is migrated from a physical server connected to Ieaf3 to a physical server connected to Ieaf4. An actual MAC address and an IP address of the VM are not changed.
[0048] The physical server where the VM is hosted on before the migration is regarded as a source physical server, and Ieaf3 connecting the source physical server may be regarded as a source access layer device of a migrated host. A physical server where the VM is hosted on after the migration is regarded as a target physical server, and Ieaf4 connecting the target physical server may be regarded as a target access layer device of the migrated host.
[0049] A VM migration event is notified by Ieaf3 to the network management apparatus (i.e., the network management plane). According to the Virtual Station Interface Discovery and Configuration Protocol (VSI Discovery and Configuration Protocol) defined in 802.1 Qbg, a physical switch may detect a VM migration process, and notify the change information to the network management apparatus.
[0050] The network management apparatus deletes the migrated VM from the information of VMs accessing Ieaf3 according to the information notified by Ieaf3. The network management apparatus configures a new virtual MAC address for the VM which is migrated to Ieaf4 in accordance with the virtual MAC address encoding rule, and add information about the migrated VM to the information of VMs accessing Ieaf4, so as to ensure that an outward aggregation relationship is not destroyed, i.e., virtual MAC addresses of VMs accessing Ieaf4 can still be aggregated into a virtual MAC address.
[0051 ] The network management apparatus adds to the Layer 2 forwarding table of Ieaf4 Layer 2 forwarding entries associated with the actual MAC address and the virtual MAC address of the migrated VM, and deletes from the Layer 2 forwarding table of Ieaf3 the Layer 2 forwarding entries associated with the actual MAC address and the virtual MAC address of the migrated VM.
[0052] The purpose of this operation is to reduce the occupation of invalid entries. This operation may also be implemented by other ways, e.g., the Layer 2 forwarding entry of the VM migrated from Ieaf3 is marked as an invalid entry. The example of the present disclosure does not limit herein.
[0053] The migrated VM broadcasts a gratuitous ARP packet. After receiving the gratuitous ARP packet, Ieaf4 replaces a "source MAC address" and a "sender MAC address" of the gratuitous ARP packet with the virtual MAC address of the migrated VM based on the Layer 2 forwarding table, and broadcasts the received gratuitous ARP packet. Leaf4 broadcasts the gratuitous ARP packet at another port which is in the same VLAN as a port receiving the gratuitous ARP packet, performs a Trill encapsulation to the gratuitous ARP packet and broadcasts the Trill-encapsulated gratuitous ARP packet in the Trill network. A gateway and another VM which is in the same VLAN as the migrated VM learn an ARP entry according to the gratuitous ARP packet, and the original virtual MAC address corresponding to the IP address of the migrated VM is refreshed to the newly-assigned virtual MAC address.
[0054] According to the ARP protocol, an actual MAC address of a device is wrote to a sender MAC address when the device sends a gratuitous ARP packet, and another device learns an ARP entry according to a "sender IP address" and the "sender MAC address" when the other device receives the gratuitous ARP packet.
[0055] If Ieaf4 does not modify the sender MAC address of the gratuitous ARP packet, the MAC address in the ARP entry learnt by the gateway and the other VM belonging to the same VLAN as the migrated VM is the actual MAC address of the migrated VM. The gateway and the other VM belonging to the same VLAN as the migrated VM send to the migrated VM an Ethernet packet, and the actual MAC address of the migrated VM is used as a destination MAC address. When the destination MAC address of the Ethernet packet received by Ieaf4 is the actual MAC address of the migrated VM, the destination MAC address of the packet is mapped to the virtual MAC address of the migrated VM according to the Layer 2 forwarding table and the packet is sent to the migrated VM. When the destination MAC address of the Ethernet packet received by the migrated VM is the virtual MAC address of the migrated VM itself, the migrated VM discards the packet, which causes the loss of the packet.
[0056] For example, as shown in FIG. 2, a VM of which an IP address is 1 .1 .1 .7 is migrated from a physical server connected to a source access layer device to a physical server connected to a target access layer device. A virtual MAC address assigned by the network management apparatus for the migrated VM is ED-01 -01 -04-00-04. The network management apparatus configures Ieaf4 forwarding entries associated with the migrated VM. When the migrated VM sends a gratuitous ARP packet, a source MAC address of an Ethernet header of the gratuitous ARP packet and a sender MAC address of the gratuitous ARP packet are replaced by Ieaf4 according to the configured forwarding entry. In the ARP entry learnt by the gateway and the other VM belonging to the same VLAN as the migrated VM, a MAC address corresponding to the IP address 1 .1 .1 .7 is ED-01 -01 -04-00-04.
[0057] In another scenario that a VM hosted on a physical server is deleted, an access layer device notifies the network management apparatus of this VM event. The network management apparatus deletes information about the deleted VM and a pair of Layer 2 forwarding entries associated with the deleted VM (not shown in FIG. 2) according to the notification of the access layer device.
[0058] Still in another scenario that a VM is added to the physical server, the access layer device notifies the network management apparatus of this VM event. The network management apparatus configures a virtual MAC address for the newly-added VM in accordance with the virtual MAC address encoding rule, and adds information about the newly-added VM into the VM information of the access layer device to ensure that an outward aggregation relationship is not destroyed.
[0059] The network management apparatus configures, in the Layer 2 forwarding table of the access layer device, a pair of Layer 2 forwarding entries associated with the newly-added VM. The newly-added VM broadcasts a gratuitous ARP packet. The access layer device replaces a source MAC address and a sender MAC address of the gratuitous ARP packet with the virtual MAC address of the newly-added VM according to the configured Layer 2 forwarding entries, and broadcasts the gratuitous ARP packet in a VLAN to which the newly-added VM belongs and in the Trill network, so that an IP address and the virtual MAC address of the newly-added VM (not shown in FIG. 2) is recorded in an ARP entry learnt by the gateway and the other VM belonging to the same VLAN as the newly-added VM.
[0060] Examples of the present disclosure may handle a packet forwarding mechanism of the VLL2 network, and may include one or more of the following aspects.
[0061 ] The first aspect is that a RBridge searches out a matched entry in the Layer 2 forwarding table according to a source MAC address of an Ethernet packet (the source MAC address is an inner source MAC address compared to a Trill-encapsulated packet), wherein a mapped MAC address is included in the matched entry, the source MAC address of the Ethernet packet is replaced with the mapped MAC address. Similarly, the RBridge searches out a matched entry in the Layer 2 forwarding table according to a destination MAC address of the Ethernet packet (the destination MAC address is an inner destination MAC address compared to the Trill-encapsulated packet), wherein a mapped MAC address is included in the matched entry, the destination MAC address of the Ethernet packet is replaced with the mapped MAC address.
[0062] The second aspect is that the RBridge supports a mask-based MAC address searching mode. A logical "AND" operation is performed by the RBridge to the source MAC address/the destination MAC address of an Ethernet header (an inner Ethernet header of the Trill packet) and a "mask" of each entry. An operation result is compared with an "Initial MAC address" in the corresponding entry. It is determined that the matched entry is found if the operation result is the same as the "Initial MAC address" in the corresponding entry.
[0063] The third aspect is that the RBridge supports VLAN aware forwarding and VLAN unaware forwarding. The VLAN aware mode uses a VLAN ID and the MAC address of the Ethernet header to search for an entry recording the VLAN ID. The VLAN unaware mode uses the source MAC address and the destination MAC address of the inner Ethernet header to search for an entry not recording the VLAN ID.
[0064] Through a VLAN unaware entry, virtual MAC addresses of VMs connected to a same access layer device and belonging to different VLANs are aggregated into one entry, and virtual MAC addresses of VMs in a same DC but belonging to different VLANs are aggregated into one entry. Therefore, the number of the Layer 2 forwarding entries of the access layer device and the core layer device is significantly reduced.
[0065] The fourth aspect is that the Layer 2 forwarding table of the access layer device is configured by the network management apparatus, and the Layer 2 forwarding table of the core layer device includes an entry configured by the network management apparatus and an entry dynamically generated according to an existing MAC address learning mechanism. For example, an outward interface of the core layer device enables the MAC address learning. In this case, a 48-bit host mask is configured in the Layer 2 forwarding table for the MAC address learnt by the core layer device. The MAC address learning of the core layer device and the access layer device may flexibly enable and disable a port or a plurality of global ports.
[0066] The fifth aspect is that when a VM sends a packet towards multiple destinations (e.g., a broadcast packet, a group aware packet, a group unaware packet or a unicast unaware packet), the destination MAC addresses in the packet are not aggregated.
[0067] FIG. 3 is a flowchart illustrating a method for forwarding a packet in accordance with an example of the present disclosure. As shown in FIG. 3, the method may include operations as follows.
[0068] In block 301 , an access layer device receives an Ethernet packet. The access layer device stores a Layer 2 forwarding table including entries for Layer 2 routing. An example of the forwarding table is described below with respect to the description of FIG. 4A and other examples described below.
[0069] In block 302, the access layer device searches its Layer 2 forwarding table according to a source MAC address of the received Ethernet packet. For example, the Layer 2 forwarding table is searched to find a matching entry. If a matching entry is found, the source MAC address of the Ethernet packet is replaced with a mapped virtual MAC address of the source MAC address specified in the entry. According to an example, to find a matching entry for the source MAC address in the Layer 2 forwarding table, an operation is performed on the source MAC address and a bit mask in an entry. If the result of the operation is the same as an initial MAC address of the entry, then the entry is considered a match. This operation may be performed on each entry until a match is found if a match exists in the table. The matching is further described with respect to FIG. 4A and other examples described below.
[0070] In block 303, the access layer device searches in the Layer 2 forwarding table according to a destination MAC address of the Ethernet packet. For example, an operation is performed on the destination MAC address and a bitmask in an entry. If the result of the operation is the same as an initial MAC address of the entry, then the entry is considered a match. This operation may be performed on each entry until a match is found if a match exists in the table. If a matching entry for the destination MAC address is found and the matching entry for the destination MAC address does not include a mapped virtual MAC address for the destination MAC address, the access layer device determines an egress port specified in the matching entry and encapsulates the Ethernet packet in a VLL2 protocol header, such as a Trill header, and sends the encapsulated packet towards the destination via the egress port.
[0071 ] In order to make the packet forwarding mechanism in the example of the present disclosure more clearly, packet forwarding processes under several typical scenarios are described hereinafter by taking the networking architecture shown in FIG. 1 and the foregoing virtual MAC address encoding rule as an example.
[0072] FIG. 4A is a schematic diagram illustrating Layer 2 forwarding within a DC according to an example of the present disclosure. In this case, a source VM is hosted on a physical server connected to portl of leafl , and a destination VM is hosted on a physical server connected to portl of Ieaf3. IP addresses of the source VM and the destination VM respectively are 1 .1 .1 .1 and 1 .1 .1 .8.
[0073] In FIG. 4A, a Layer 2 forwarding table of leafl at least includes entries shown in Table 3.1 .
Table 3.1
VLAN Egress
Initial MAC address Mask Mapped MAC address I D Port
1 00-11 -11 -11 -11 -11 ff-ff-ff-ff-ff-ff ED-01 -00-01 -00-01 Portl
1 ED-01 -00-01 -00-01 ff-ff-ff-ff-ff-ff 00-11 -11 -11 -11 -11 Portl
VLAN
ED-01 -00-03-00-00 ff-ff-ff-ff-00-00 DC1_leaf3 unaware
1 OO-EO-FC-11 -11 -11 ff-ff-ff-ff-ff-ff DC1_core1
2 OO-EO-FC-22-22-22 ff-ff-ff-ff-ff-ff DC1_core1
3 OO-EO-FC-33-33-33 ff-ff-ff-ff-ff-ff DC1_core2 [0074] A Layer 2 forwarding table of Ieaf3 at least includes entries shown in Table 3.2.
Table 3.2
Figure imgf000025_0001
[0075] A Layer 2 forwarding table of corel at least includes entries shown in Table 3.3.
Table 3.3
Figure imgf000025_0002
[0076] The source VM sends an Ethernet packet to leafi , wherein a source MAC address of the Ethernet packet is 00-11 -11 -11 -11 -11 , and a destination MAC address of the Ethernet packet is ED-01 -00-03-00-02. [0077] In this case, the source VM determines that the destination IP addressl .1 .1 .8 of an IP packet belongs to the same IP network segment as the IP address 1 .1 .1 .1 of its own source VM. The source VM searches an ARP table based on the destination IP address 1 .1 .1 .8, and finds that a MAC address recorded in an ARP entry searched out and corresponding to the destination IP address 1 .1 .1 .8 is a virtual MAC address ED-01 -00-03-00-02. The source VM encapsulates the IP packet into the Ethernet packet of which the source MAC address is 00-11 -11 -11 -11 -11 and the destination MAC address is ED-01 -00-03-00-02.
[0078] A logic "AND" operation is performed by leafl to the source MAC address 00-11 -11 -11 -11 -11 of the received Ethernet packet and a 48-bit mask ff-ff-ff-ff-ff-ff in a Layer 2 forwarding entry (shown in the second row of Table 3.1 ), and an operation result is 00-11 -11 -11 -11 -11 which is the same as an initial MAC address 00-11 -11 -11 -11 -11 of the Layer 2 forwarding entry, and it is determined that the entry is searched out (i.e., a matching entry). Leafl replaces the source MAC address of the Ethernet packet with a mapped MAC address ED-01 -00-01 -00-01 in the matching entry.
[0079] The logic "AND" operation is performed by leafl to the destination MAC address ED-01 -00-03-00-02 of the received Ethernet packet and a 32-bit access device mask ff-ff-ff-ff-00-OO in an entry (shown in the fourth row of Table 3.1 ), and an operation result is ED-01 -00-03-00-00 which is the same as an initial MAC address ED-01 -00-03-00-00 of the entry. Leafl determines that the entry is searched out (i.e., a matching entry for the destination MAC address). Leafl forwards the Ethernet packet to Ieaf3 via DC1_leaf3 which is an egress port in the entry searched out. Leafl encapsulates a Trill header for the received Ethernet header based on DC1_leaf3. In the Trill header, an Ingress nickname is a nickname of leafl , an Egress nickname is DC1_leaf3 (i.e., the nickname of Ieaf3). Then, leafl encapsulates a next-hop header for the Ethernet packet. In the next-hop header, a source MAC address is the MAC address of leafl , a destination MAC address is the MAC address of corel , and a VLAN ID is an ID of a designated VLAN. The next-hop header is a next-hop header changed hop by hop. There is an Ethernet link between RBridges in this example, therefore the next-hop header encapsulated by leafl outside the Trill header is regarded as an outer Ethernet header. Leafl may determine, according to a Trill routing table, that the next hop to Ieaf3 is corel , and then search out the MAC address of corel according to a Trill adjacent table. The source MAC address and the destination MAC address of the next-hop header are used to identify a transmitting RBridge and a next-hop RBridge. The Trill -encapsulated packet is forwarded by leafl to corel .
[0080] Corel receives the Trill-encapsulated packet, decapsulates the outer Ethernet header, and re-encapsulates a next-hop header based on the Egress Nickname of the Trill header. In the re-encapsulated next-hop header, the source MAC address is the MAC address of corel , the destination MAC address is the MAC address of leaf 3, and the VLAN ID is the designated VLAN ID. The re-encapsulated Trill packet is forwarded by corel to the next hop Ieaf3.
[0081 ] After receiving the Trill packet, Ieaf3 detects that the destination MAC address of the next-hop header is the MAC address of Ieaf3 itself, then removes the next-hop header. Leaf3 determines that the Egress nickname of the Trill header is DC1_leaf3 of Ieaf3, and then removes the Trill header. The inner Ethernet packet is obtained by Ieaf3.
[0082] An entry (shown in the fourth row of Table 3.2) is searched out by Ieaf3 in the Layer 2 forwarding table shown in Table 3.2 according to the source MAC address ED-01 -00-01 -00-01 of the inner Ethernet packet. As mentioned above, leafl replaced the initial source MAC address with ED-01 -00-01 -00-01 in the inner Ethernet packet. ED-01 -00-01 -00-01 was the mapped MAC address of the matching entry. In leaf 3, if the mapped MAC address is not included in the entry searched out, the source MAC address (i.e., ED-01 -00-01 -00-01 ) of the Ethernet packet is not replaced. An entry (shown in the third row of Table 3.2) including a mapped MAC address is searched out by Ieaf3 according to the destination MAC address ED-01 -00-03-00-02 of the Ethernet packet. Leaf3 replaces the destination MAC address of the Ethernet packet with 00-1 D-A1 -75-28-70, and forwards the Ethernet packet received via portl that is the egress port of the entry searched out. [0083] In the above operations, the logical "AND" operation is performed by leaf 3 to the source MAC address ED-01 -00-01 -00-01 and a 32-bit mask ff-ff-ff-ff-OO-OO in the entry shown in the fourth row of Table 3.2, and an operation result is ED-01 -00-01 -00-00 which is the same as the initial MAC address ED-01 -00-01 -00-00 in the entry, then it is determined that the entry is searched out. The logical "AND" operation is performed by Ieaf3 to the destination MAC address ED-01 -00-03-00-02 and a 48-bit mask ff-ff-ff-ff-ff-ff in the entry shown in the third row of Table 3.2, and an operation result is ED-01 -00-03-00-02 which is the same as the initial MAC address ED-01 -00-03-00-02 in the entry, then it is determined that the entry is searched out.
[0084] In FIG. 4A, if the source VM does not find the ARP entry corresponding to the destination IP address 1 .1 .1 .8 in the ARP table, the source VM sends an ARP request packet to request a MAC address corresponding to the destination IP address 1 .1 .1 .8. In this case, a Sender IP address of the ARP request packet is 1 .1 .1 .1 , a Sender MAC address is 00-11 -11 -11 -11 -11 , a Target IP address is 1 .1 .1 .8, and a Target MAC address is 00-00-00-00-00-00. A source MAC address and a destination MAC address of an Ethernet header of the ARP request packet respectively are 00-11 -11 -11 -11 -11 and a broadcast address ff-ff-ff-ff-ff-ff.
[0085] After receiving the ARP request packet, leafl does not broadcast the ARP request packet in the Trill network, but converts the received ARP request packet into a proprietary ARP request packet (as shown in FIG. 4B). The proprietary ARP request packet is sent to the network management apparatus by leafl in a manner of unicast.
[0086] Leafl removes the Ethernet header of the received ARP request packet and encapsulates an IP header for the packet. In the IP header, a source IP address is a local IP address 1 .1 .1 .30 of leafl , a destination IP address is the IP address 122.1 .2.1 of the network management apparatus. Then, leafl encapsulates a next-hop header changed hop-by-hop outside the IP header. In the example of the present disclosure, the next-hop header changed hop-by-hop is an Ethernet header. In the next-hop header changed hop-by-hop, a source MAC address is a local MAC address 00-5F-AA-95-82-07 corresponding to leafl (corresponding to the source IP address 1 .1 .1 .30 of the IP header), a destination MAC address is the MAC address of the gateway of VLAN1 , i.e., OO-EO-FC-11 -11 -11 .
[0087] Leafl does not search out a Layer 2 forwarding entry according to the source MAC address of the proprietary ARP request packet. Leafl searches out a Layer 2 forwarding entry (shown in the fifth row of Table 3.1 ) not including a mapped MAC address according to the destination MAC address 00-E0-FC-11 -11 -11 , encapsulates the proprietary ARP request packet into a Trill-encapsulated proprietary ARP request packet based on DC1_core1 which is an egress port of the entry searched out and sends to corel the packet. In this case, leafl encapsulates a Trill header and an Ethernet header (an outer Ethernet header) outside the proprietary ARP request packet. The Ethernet header of the proprietary ARP request packet is positioned between the Trill header and the IP header, and can still be regarded as the inner Ethernet header. The Ethernet header outside the Trill header can still be regarded as the outer Ethernet header.
[0088] Corel receives the Trill-encapsulated packet, removes the Trill encapsulation (the outer Ethernet header and the Trill header), removes the inner Ethernet header, and re-encapsulates an Ethernet header (a next-hop header changed hop-by-hop) based on the destination IP address of the IP header of the proprietary ARP request packet. In the next-hop header changed hop-by-hop, a destination MAC address is a MAC address of a next hop to the destination IP address, a VLAN ID is an identifier of a VLAN to which the next-hop device belongs, and a source MAC address is a MAC address of a L3 interface of corel , wherein the L3 interface is in the same VLAN as the next-hop device. After receiving the proprietary ARP request re-encapsulated by corel , the next-hop device performs Layer 3 forwarding according to the destination IP address of the IP header of the proprietary ARP request packet to forward the proprietary ARP request packet to the network management apparatus. The way that the next-hop device forwards the packet is similar to the forwarding process of corel , the example of the present disclosure does not repeat herein. [0089] After receiving the proprietary ARP request packet, the network management apparatus searches the information table about the devices and VMs in the whole network as shown in Table 1 for the virtual MAC address ED-01 -00-03-00-02 corresponding to the IP addressl .1 .1 .8. The IP address 1 .1 .1 .1 and the MAC address 00-11 -11 -11 -11 -11 corresponding to this IP address respectively are configured as a Target IP address and a Target MAC address of an ARP response packet (the IP address 1 .1 .1 .1 and the MAC address 00-11 -11 -11 -11 -11 respectively are the Sender IP address and the Sender MAC address of the ARP request packet received by the network management apparatus). The IP address 1 .1 .1 .8 and the virtual MAC address ED-01 -00-03-00-02 of the destination VM respectively are configured as a Sender IP address and a Sender MAC address of the ARP response packet. The ARP response packet is encapsulated into a unicast proprietary ARP response packet (as shown in FIG. 4B). That is, the network management apparatus encapsulates an IP header and an Ethernet header (a next-hop header changed hop-by-hop) for the ARP response packet. In this case, a source IP address of the IP header of the proprietary ARP response packet is the IP address 122.1 .2.1 of the network management apparatus, and a destination IP address is the IP address 1 .1 .1 .30 of leafl . A source MAC address of the Ethernet header of the proprietary ARP response packet is the MAC address of the network management apparatus, and a destination MAC address is a MAC address of a next-hop device towards the destination IP address. By this way, the source MAC address and the destination MAC address of the Ethernet header of the proprietary ARP response packet are changed hop-by-hop, but the destination IP address of the proprietary ARP response packet is not changed. Therefore, the proprietary ARP response packet is sent to corel hop-by-hop, wherein corel is used as the gateway of VLAN1 .
[0090] Corel receives the proprietary ARP response packet, performs Layer 3 forwarding according to the destination IP address of the IP header of the proprietary ARP response packet, and replaces the source MAC address and the destination MAC address of the Ethernet header of the proprietary ARP response packet with the MAC address OO-EO-FC-11 -11 -11 of the gateway of VLAN1 and the MAC address 00-5F-AA-95-82-07 of leaf 1 , respectively. Corel searches out an entry (shown in the second row of Table 3.3) according to the destination MAC address 00-5F-AA-95-82-07 of the Ethernet header of the proprietary ARP response packet, performs Trill encapsulation to the proprietary ARP response packet, and sends to leafl the Trill-encapsulated proprietary ARP response packet within the Trill domain.
[0091 ] Leafl receives the Trill-encapsulated proprietary ARP response packet, removes the outer Ethernet header and the Trill header, removes the Ethernet header and the IP header of the proprietary ARP response packet, and configures an Ethernet header for the ARP response packet. Specifically, an entry (shown in the fourth row of Table 3.1 ) searched out by leafl according to the Sender MAC address ED-01 -00-03-00-02 does not include a mapped virtual MAC address, the Sender MAC address is configured as the source MAC address of the ARP response packet. An entry (shown in the second row of Table 3.1 ) searched out by leafl according to the Target MAC address 00-11 -11 -11 -11 -11 includes a mapped virtual MAC address ED-01 -00-01 -00-01 , and the mapped virtual MAC address ED-01 -00-01 -00-01 is used as the destination MAC address of the ARP response packet. In the configured Ethernet header, the source MAC address is ED-01 -00-03-00-02, and the destination MAC address is ED-01 -00-01 -00-01 .
[0092] An entry (shown in the fourth row of Table 3.1 ) searched out by leafl based on the source MAC address ED-01 -00-03-00-02 of the ARP response packet does not include a mapped MAC address. An entry (shown in the third row of Table 3.1 ) searched out by leafl based on the destination MAC address ED-01 -00-01 -00-01 includes a mapped MAC address 00-11 -11 -11 -11 -11 , the destination MAC address ED-01 -00-01 -00-01 of the Ethernet header of the ARP response packet is replaced with the mapped MAC address 00-11 -11 -11 -11 -11 , and the ARP response packet is sent to the source VM via Portl which is the egress port of the entry. Leafl forwards the ARP response packet to the source VM. The source VM learns an ARP entry according to the received ARP response packet, wherein the ARP entry records a mapping relationship between the IP address 1 .1 .1 .8 and the virtual MAC address ED-01 -00-03-00-02. [0093] In the example of the present disclosure, the network management apparatus may employ another way to configure a pair of sender addresses and a pair of target addresses of the proprietary ARP response packet. The IP address 1 .1 .1 .1 and the MAC address ED-01 -00-01 -00-01 are configured by the network management apparatus as the Target IP address and the Target MAC address of the ARP response packet, respectively (the Target IP address 1 .1 .1 .1 is the Sender IP address of the received ARP request packet, and the Target MAC address ED-01 -00-01 -00-01 is a virtual MAC address mapped to the Sender MAC address of the received ARP request packet). The IP address 1 .1 .1 .8 and the virtual MAC address ED-01 -00-03-00-02 of the destination VM are configured by the network management apparatus as the Sender IP address and the Sender MAC address of the ARP response packet, respectively.
[0094] The network management apparatus encapsulates the ARP response packet into a unicast proprietary ARP response packet. The proprietary ARP response packet is sent to corel hop-by-hop. Corel receives the proprietary ARP response packet, performs routing forwarding according to the destination IP address of the IP header of the proprietary ARP response packet, and modifies the source MAC address and the destination MAC address of the Ethernet header of the proprietary ARP response packet, wherein the source MAC address and the destination MAC address respectively are replaced with the MAC address OO-EO-FC-11 -11 -11 of the gateway of VLAN1 and the MAC address 00-5F-AA-95-82-07 of leaf 1 . Corel searches out an entry (shown in the second row of Table 3.3) according to the destination MAC address 00-5F-AA-95-82-07 of the Ethernet header of the proprietary ARP response packet, performs Trill encapsulation for the proprietary ARP response packet, and sends to leafl the Trill-encapsulated proprietary ARP response packet within the Trill domain.
[0095] Leafl receives the Trill-encapsulated proprietary ARP response packet, removes the outer Ethernet header and the Trill header, removes the Ethernet header and the IP header of the proprietary ARP response packet, and configures the Sender MAC address ED-01 -00-03-00-02 and the Target MAC address ED-01 -00-01 -00-01 of the ARP response packet as the source MAC address and the destination MAC address of the ARP response packet, respectively.
[0096] In this case, leafl searches out an entry (shown in the fourth row of Table 3.1 ) that does not include a mapped MAC address based on the source MAC address ED-01 -00-03-00-02 of the ARP response packet. Leafl replaces, according to a configured Layer 2 forwarding entry (shown in the third row of Table 3.1 ), the destination MAC address ED-01 -00-01 -00-01 of the Ethernet header of the ARP response packet with a mapped MAC address 00-11 -11 -11 -11 -11 corresponding to the destination MAC address, and sends the ARP response packet to the source VM via Portl . Leafl forwards to the source VM the ARP response packet. The source VM learns an ARP entry based on the received ARP response packet, wherein the ARP entry records a mapping relationship between the IP address 1 .1 .1 .8 and the virtual MAC address ED-01 -00-03-00-02.
[0097] It should be noted that an access layer RBridge intercepts an ARP request packet received from a common interface, but does not intercept an ARP request packet received from an interface enabling the Trill protocol. In the VLL2 network, if a L3 interface of a core layer RBridge sends the ARP request packet in a manner of broadcasting to learn the ARP entry of the VM, the above ARP interception mechanism may also be used to control the flooding of the ARP request packet.
[0098] For example, the corel , a Layer 3 device in FIG. 1 , sends to the network management apparatus a unicast proprietary ARP request packet to request ARP information of all VMs in VLAN1 within the DC.
[0099] Alternatively, corel sends to the network management apparatus the unicast proprietary ARP request packet to request ARP information about a certain VM. Taking the destination VM as an example, corel sends the proprietary ARP request packet. In the proprietary ARP request packet, the Sender IP address is the IP address of the gateway of VLAN1 , the Sender MAC address is the MAC address OO-EO-FC-11 -11 -11 of the gateway of VLAN1 , the Target IP address is 1 .1 .1 .8, and the Target MAC address is 00-00-00-00-00-00. The source IP address of the proprietary ARP request packet is the IP address 1 .1 .1 .30 of the gateway of VLAN1 , and the destination IP address of the proprietary ARP request packet is the IP address 122.1 .2.1 of the network management apparatus. Corel encapsulates an Ethernet header changed hop-by-hop outside the IP header. Ultimately, the proprietary ARP request packet is sent to the network management apparatus hop-by-hop.
[0100] The network management apparatus searches out, in Table 1 , a virtual MAC address ED-01 -00-03-00-02 corresponding to the Target IP address 1 .1 .1 .8 of the proprietary ARP request packet, configures the IP address 1 .1 .1 .8 and the virtual MAC address ED-01 -00-03-00-02 as the Sender IP address and the Sender MAC address of the proprietary ARP response packet, respectively, and configures the Sender IP address and the Sender MAC address of the received proprietary ARP request packet as the Target IP address and the Target MAC address of the proprietary ARP response packet, respectively. The network management apparatus configures the source IP address of the proprietary ARP response packet as the IP address 122.1 .2.1 of the network management apparatus its own, and configures the destination IP address of the proprietary ARP response packet as the IP address 1 .1 .1 .30 of the gateway of VLAN1 . In the Ethernet header of the proprietary ARP response packet, the source MAC address is the MAC address of the network management apparatus, and the destination MAC address is a MAC address of a next-hop device to corel . By this way, the proprietary ARP response packet is sent to corel hop-by-hop, wherein corel is used as the gateway of VLAN 1 .
[0101 ] Corel receives the proprietary ARP response packet, and learns the ARP entry according to the Sender IP address and the Sender MAC address.
[0102] As an outer VLAN (e.g., VLAN m) is independent from the Trill network of the DC, corl may still learn an ARP entry of a L3 interface of outer VLAN m in accordance with an ARP protocol mechanism.
[0103] Therefore, whether the ARP request packet is intercepted or not may be distinguished through the configuration under a VLAN mode and a port mode of the device.
[0104] FIG. 5 is a schematic diagram illustrating forwarding a multicast packet according to an example of the present disclosure. In this case, a source VM is a VM connected to portl of leafl , and a MAC address of the source VM is 00-11 -11 -11 -11 -11 .
[0105] A Layer 2 forwarding table of leafl at least includes entries shown in Table 4.1
Table 4.1
Egress
VLAN Initial MAC address Mask Mapped MAC address
Port
1 00-11 -11 -11 -11 -11 ff-ff-ff-ff-ff-ff ED-01 -00-01 -00-01 Portl
1 ED-01 -00-01 -00-01 ff-ff-ff-ff-ff-ff 00-11 -11 -11 -11 -11 Portl
1 01 -00-5E-XX-XX-XX ff-ff-ff-ff-ff-ff DC1_core1
[0106] A Layer 2 forwarding table of Ieaf3 at least includes entries shown in
Table 4.2
Table 4.2
Egress
VLAN Initial MAC address Mask Mapped MAC address
Port
VLAN
ED-01 -00-01 -00-00 ff-ff-ff-ff-00-00 DC1_leaf1 unaware
1 01 -00-5E-XX-XX-XX ff-ff-ff-ff-ff-ff Portl
[0107] A Layer 2 forwarding table of Ieaf4 at least includes entries shown in
Table 4.3
Table 4.3
Egress
VLAN Initial MAC address Mask Mapped MAC address
Port
1 01 -00-5E-XX-XX-XX ff-ff-ff-ff-ff-ff Portl
VLAN
ED-01 -00-01 -00-00 ff-ff-ff-ff-00-00 DC1_leaf1 unaware [0108] As shown in FIG. 5, the VM as a multicast source sends a multicast packet to leafl , wherein a source MAC address of the packet is an actual MAC address 00-11 -11 -11 -11 -11 of the source VM, a destination MAC address of the packet is a MAC address 01 -00-5E-XX-XX-XX of multicast group 1 .
[0109] Leafl receives the multicast packet, searches out an entry (shown in the second row of Table 4.1 ) based on the source MAC address 00-11 -11 -11 -11 -11 of the packet, and replaces the source MAC address with a mapped MAC address ED-01 -00-01 -00-01 in the entry searched out.
[0110] Leafl searches out an entry (shown in the fourth row of Table 4.1 ) according to the destination MAC address 01 -00-5E-XX-XX-XX of the Ethernet packet, encapsulates the multicast packet received into a Trill packet based on DC1_core1 which is an egress port in the entry searched out, and distributes the Trill-encapsulated packet to the Trill network. In other words, a nickname of corel is a nickname of a root of a multicast tree to which the destination multicast group belongs.
[0111 ] In this operation, leafl encapsulates a Trill header for the multicast packet by taking the nickname DC1_core1 of the egress port as the Egress nickname and taking the nickname DC1_leaf1 of leafl itself as the Ingress Nickname. Leafl configures the MAC address of leafl and a specific multicast MAC address defined by the Trill as a source MAC address and a destination MAC address of a next-hop header, respectively. Leafl forwards the Trill-encapsulated packet to corel which is the root of the multicast tree to which the multicast group belongs.
[0112] Corel receives the Trill-encapsulated multicast packet, removes the outer Ethernet header and the Trill header, and determines, in a Trill multicast table according to the Egress Nickname of the Trill header, that there are two downstream nodes Ieaf3 and Ieaf4 in a multicast forwarding tree of VLAN1 . Therefore, the multicast packet is duplicated to get two packets, which respectively are encapsulated into a Trill-encapsulated multicast packet and then sent to the two downstream RBridges Ieaf3 and Ieaf4. [0113] Leaf3 and Ieaf4 respectively receive the Trill-encapsulated multicast packet, decapsulate the packet to obtain the inner multicast packet, and then search, respectively, in the Layer 2 forwarding tables shown in Table 4.2 and Table 4.3 according to the source MAC address ED-01 -00-01 -00-01 of the Ethernet header of the inner multicast packet. Leaf3 and Ieaf4 respectively search out an entry (shown in the second row of Table 4.2 and the third row of Table 4.3). These entries do not include a mapped MAC address, so that Ieaf3 and Ieaf4 do not replace the source MAC address of the multicast packets. Leaf3 and Ieaf4 search, according to the multicast MAC address 01 -00-5E-XX-XX-XX, in the Layer 2 forwarding tables shown in Table 4.2 and Table 4.3 respectively to obtain corresponding entries (shown in the third row of Table 4.2 and the second row of Table 4.3), and then send the multicast packets via portl which is the egress port in the entries searched out.
[0114] FIG. 6 is a schematic diagram illustrating forwarding a packet in a DC to an outer network according to an example of the present disclosure. In this case, a source VM accesses via portl of leafl in DC1 , and an IP address of the source VM is 1 .1 .1 .1 . A destination IP address of a destination end is 172.1 .1 .1 , which is a service IP address of a user rather than IP addresses of tunnels used in the inter-DC Layer 2 connections. A VLAN is VLAN m.
[0115] A virtual device formed by corel and core2 which are on the core layer of DC1 using the stack protocol is used as a gateway to achieve load balancing and backup. The virtual device is a virtual core layer device. Links of leafl used to connect corel and core2 are bundled by leafl into a link aggregation group. Links of Ieaf2 used to connect corel and core2 are bundled by Ieaf2 into a link aggregation group. The same operation is performed by Ieaf3 and Ieaf4 also.
[011 6] Configuration information of corel and core2 in DC1 shown in Table 1 is modified in accordance with Table 5.1 .
Table 5.1 Access
Data Center
IP Virtual device,
MAC Mask
Device Address IP address MAC mask-bas
Nickname Port VLAN address of Based
(MAC over of VM address of ed, virtual
VM virtual MAC IP) VM MAC
Address address
L3 OO-EO-FC-1
1 1.1.1.100
interface 1-11 -11
L3 OO-EO-FC-2 ED-01 -00- corel DC1_core 2 2.2.2.100
interface 2-22-22 00-00-00
L3 OO-EO-FC-3
3 3.3.3.100
interface 3-33-33
L3 00-E0-FC-1
1 1.1.1.100
interface 1-11 -11
L3 OO-EO-FC-2 ED-01 -00- core2 DC1_core 2 2.2.2.100
interface 2-22-22 00-00-00
L3 OO-EO-FC-3
3 3.3.3.100
interface 3-33-33
[0117] DCI core is a nickname of the virtual device in the example of the present disclosure. Core2 is a master device of the virtual device.
[0118] A Layer 2 forwarding table of leafl in FIG. 6 at least includes entries shown in Table 5.2.
Table 5.2
Figure imgf000038_0001
Layer 2 forwarding tables of corel and core2 at least include entries shown in Table 5.3.
Table 5.3
Figure imgf000039_0001
[0120] As shown in FIG. 6, the source VM sends an Ethernet packet to leafl , wherein a source MAC address of the packet is 00-11 -11 -11 -11 -11 which is an actual source MAC address of the source VM, a destination MAC address of the packet is OO-EO-FC-11 -11 -11 which is a MAC address of a gateway of VLAN1 .
[0121 ] In this operation, the source VM determines that the IP address 1 .1 .1 .1 of its own is not in the same network segment as the IP address 172.1 .1 .1 of the destination end, and obtain an IP address 1 .1 .1 .100 of the gateway of VLAN1 through querying a local routing table of the source VM (the IP address of the gateway may be configured through a static configuration mode or through a dynamic host configuration protocol mode).
[0122] If the source VM does not search out an ARP entry matching the IP address of the gateway of VLAN1 , an ARP request packet is broadcasted to request a MAC address corresponding to the IP address 1 .1 .1 .100 of the gateway of VLAN1 . The example of the present disclosure does not describe the specific process in further detail.
[0123] The MAC address corresponding to the IP address 1 .1 .1 .100 of the gateway of VLAN1 and searched out by the source VM in ARP entries is 00-E0-FC-11 -11 -11 , which is used as a destination MAC address of an Ethernet header. [0124] After receiving the Ethernet packet, leafl searches out an entry (shown in the second row of Table 5.2) in the Layer 2 forwarding table according to the source MAC address 00-11 -11 -11 -11 -11 of the Ethernet packet, replaces the source MAC address 00-11 -11 -11 -11 -11 of the received Ethernet packet with a mapped MAC address ED-01 -00-01 -00-01 in the entry searched out.
[0125] Leafl searches out an entry (shown in the fourth row of Table 5.2) in the Layer 2 forwarding table according to the destination MAC address 00-E0-FC-11 -11 -11 of the Ethernet packet, wherein the entry does not include a corresponding mapped MAC address. Leafl encapsulates the received Ethernet packet into a Trill-encapsulated packet according to an Egress nickname (i.e., DCI core, which is a nickname of the logical node formed by corel and core2 in a manner of stacking) of an egress port of the entry searched out.
[0126] In this case, leafl encapsulate a Trill header by taking DC1_core (the nickname of the logical node formed by corel and core2 in a manner of stacking) as the Egress nickname and taking DC1_leaf1 which is the nickname of leafl itself as the Ingress nickname. Leafl determines, according to the Till routing table, that a next hop to the Egress Nickname is DC1_core, searches out a MAC address of DC1_core in the Trill adjacency table, and encapsulates a next-hop header outside the Trill header. In the next-hop header, a source MAC address is the MAC address of leafl , a destination MAC address is a MAC address of DCI core, and a VLAN ID is an identifier of a designated VLAN. Leafl forwards the Trill-encapsulated packet to DC1_core.
[0127] The core2, which is the master device of DCI core, receives the Trill-encapsulated Ethernet packet, removes the next-hop header and the Trill header, and searches out an entry (shown in the fifth row of Table 5.3) in the Layer 2 forwarding table according to the source MAC address ED-01 -00-01 -00-01 of the inner Ethernet packet, wherein the entry searched out does not include a mapped MAC address, so that core2 does not replace the source MAC address. Core2 searches out an entry (shown in the second row of Table 5.3) in the Layer 2 forwarding table according to the destination MAC address 00-E0-FC-11 -11 -11 of the inner Ethernet packet header, wherein egress port information of the entry searched out is a L3 mark (which indicates the enabling of the Layer 3 forwarding), so that core2 performs the Layer 3 forwarding process including: searching in the routing table a routing entry of the destination IP address 172.1 .1 .1 to determine a next hop to the destination IP address, querying a MAC address of the next hop, configuring the source MAC address of the Trill-decapsulated Ethernet packet as a MAC address of an interface of VLAN m of the virtual device DCI core, and configuring the destination MAC address of the Ethernet packet as the MAC address of the next hop. The packet is forwarded, hop-by-hop within the IP network based on routing, to the destination device of which the IP address is 172.1 .1 .1 .
[0128] Similarly, an IP packet sent from the destination device of which the IP address is 172.1 .1 .1 to the source VM is forwarded hop-by-hop to the virtual device within the IP network.
[0129] Specifically, the corel , which is a member device of DC1_core, receives an Ethernet packet from the outside of the DC. A source MAC address of the Ethernet packet is the MAC address of the next hop learnt by DC1_core, and a destination MAC address of the Ethernet packet is the MAC address of a L3 interface of VLAN m of DCI core. Corel searches in the Layer 2 forwarding table according to the destination MAC address, and determines to perform the Layer 3 forwarding. Corel queries the ARP table based on the destination IP address 1 .1 .1 .1 to determine a corresponding MAC address is ED-01 -00-01 -00-01 , configures VLAN1 which is an identifier of a VLAN to which the destination IP address 1 .1 .1 .1 belongs as the VLAN ID of the received Ethernet packet, configures the MAC address searched out according to the ARP table as the destination MAC address of the received Ethernet packet, and configures the MAC address OO-EO-FC-11 -11 -11 of the gateway of VLAN1 as the source MAC address of the received Ethernet packet.
[0130] Corel searches in the Layer 2 forwarding table according to the source MAC address 00-E0-FC-11 -11 -11 and the destination MAC address ED-01 -00-01 -00-01 , respectively. The entries searched out by corel (shown in the second row and the fifth row of Table 5.3) do not include a mapped MAC address. Corel encapsulates the received Ethernet packet into a Trill packet according to an egress port in the Layer 2 forwarding entry matching the destination MAC address. Here, the Egress nickname is DC1_leaf1 , and the Ingress nickname is DCI core. Corel determines, according to the Till routing table, that a next hop to the Egress Nickname is leafl , searches out the MAC address of leaf 1 in the Trill adjacency table, and encapsulates a next-hop header outside the Trill header. In the next-hop header, a source MAC address is the MAC address of DC1_core1 , a destination MAC address is the MAC address of leafl , a VLAN ID is an identifier of a designated VLAN. Corel forwards the Trill-encapsulated packet to leafl .
[0131 ] FIG. 7 is a schematic diagram illustrating Layer 3 forwarding within a DC according to an example of the present disclosure. In this case, a physical server where a source VM is hosted on is connected to portl of leafl , an IP address of the source VM is 1 .1 .1 .1 , and a VLAN to which the source VM belongs is VLAN1 . A physical server where a destination VM is hosted on is connected to port2 of Ieaf3, an IP address of the destination VM is 2.2.2.7, and a VLAN to which the destination VM belongs is VLAN2.
[0132] In FIG. 7, corel and core2 which are on the core layer of DC1 form a virtual device in a manner of stacking to achieve load balancing and backup. A nickname of the virtual device is DCI core. Core2 is a master device of the virtual device. Links of leafl used to connect corel and core2 are bundled by leafl into a link aggregation group. The same operation is performed by Ieaf2, Ieaf3 and Ieaf4 also.
[0133] A Layer 2 forwarding table of leafl at least includes entries shown in Table 6.1 .
Table 6.1
Egress
VLAN Initial MAC address Mask Mapped MAC address
Port
1 00-11 -11 -11 -11 -11 ff-ff-ff-ff-ff-ff ED-01 -00-01 -00-01 Portl
1 ED-01 -00-01 -00-01 ff-ff-ff-ff-ff-ff 00-11 -11 -11 -11 -11 Portl 1 OO-EO-FC-11 -11 -11 ff-ff-ff-ff-ff-ff DC1_core
2 OO-EO-FC-22-22-22 ff-ff-ff-ff-ff-ff DC1_core
[0134] Layer 2 forwarding tables of corel and core2 at least include entries shown in Table 6.2.
Table 6.2
Egress
VLAN Initial MAC address Mask Mapped MAC address
Port
L3
1 OO-EO-FC-11 -11 -11 ff-ff-ff-ff-ff-ff
2 OO-EO-FC-22-22-22 ff-ff-ff-ff-ff-ff L3
VLAN DC1_leaf1
ED-01 -00-01 -00-00 ff-ff-ff-ff-00-00
unaware
VLAN DC1_leaf2
ED-01 -00-02-00-00 ff-ff-ff-ff-00-00
unaware
VLAN DC1_leaf3
ED-01 -00-03-00-00 ff-ff-ff-ff-00-00
unaware
VLAN DC1_leaf4
ED-01 -00-04-00-00 ff-ff-ff-ff-00-00
unaware
[0135] A Layer 2 forwarding table of Ieaf3 at least includes entries shown in Table 6.3.
Table 6.3
Egress
VLAN Initial MAC address Mask Mapped MAC address
Port
1 OO-EO-FC-11 -11 -11 ff-ff-ff-ff-ff-ff DC1_core
2 OO-EO-FC-22-22-22 ff-ff-ff-ff-ff-ff DC1_core
1 00-25-9C-2F-63-FE ff-ff-ff-ff-ff-ff ED-01 -00-03-00-04 Portl
1 ED-01 -00-03-00-04 ff-ff-ff-ff-ff-ff 00-25-9C-2F-63-FE Portl
[0136] As shown in FIG. 7, the source VM sends an Ethernet packet to leafl . A source MAC address of the packet is 00-11 -11 -11 -11 -11 which is an actual MAC address of the source VM, and a destination MAC address of the packet is OO-EO-FC-11 -11 -11 which is a MAC address of a gateway of VLAN 1 .
[0137] After receiving the Ethernet packet, leafi searches out an entry (shown in the second row of Table 6.1 ) including a mapped MAC address in the Layer 2 forwarding table according to the source MAC address 00-11 -11 -11 -11 -11 , and replaces the source MAC address 00-11 -11 -11 -11 -11 of the packet with the mapped MAC address ED-01 -00-01 -00-01 .
[0138] Leafi searches the Layer 2 forwarding table according to the destination MAC address 00-E0-FC-11 -11 -11 of the packet, and searches out an entry (shown in the fourth row of Table 6.1 ) that does not include a mapped MAC address. Leafi encapsulates the received Ethernet packet into a Trill packet according to DC1_core which is an egress port of the entry searched out, and sends, according to the Trill routing table, the Trill packet to the Trill network for forwarding.
[0139] The core2, which is the master device of DCI core, receives the Trill-encapsulated packet, removes the next-hop header and the Trill header, and searches the Layer 2 forwarding table according to the source MAC address ED-01 -00-01 -00-01 of the inner Ethernet header. An entry (shown in the fourth row of Table 6.2) searched out by core2 does not include a mapped MAC address. Core2 does not replace the source MAC address of the inner Ethernet header.
[0140] The core2 searches the Layer 2 forwarding table according to the destination MAC address 00-E0-FC-11 -11 -11 of the inner Ethernet header. An entry (shown in the second row of Table 6.2) searched out by core2 does not include a mapped MAC address, and egress port information of the entry searched out is L3 attribute. A routing entry of the destination IP address 2.2.2.7 is searched in a routing table of core2, and then a virtual MAC address ED-01 -00-03-00-04 corresponding to an IP address of the routing entry is searched out in the ARP table. The VLAN ID of the inner Ethernet packet is changed from VLAN1 to VLAN2, the source MAC address is configured as OO-EO-FC-22-22-22 which is a MAC address of a L3 interface of a gateway of VLAN2, and the destination MAC address of the inner Ethernet header is configured as ED-01 -00-03-00-04.
[0141 ] The core2, which is the master device of DC1_core, searches out, based on the destination MAC address ED-01 -00-03-00-04, an entry (shown in the sixth row of Table 6.2) which does not include a mapped MAC address, encapsulates the Ethernet packet into a Trill-encapsulated Ethernet packet according to DC1_leaf3 which is an egress port of the entry searched out, and sends to Ieaf3 the Trill-encapsulated Ethernet packet.
[0142] After receiving the Trill-encapsulated Ethernet packet, Ieaf3 removes the Trill header and the next-hop header. Leaf3 searches the Layer 2 forwarding table according to the source MAC address OO-EO-FC-22-22-22 of the Ethernet packet. An entry (shown in the third row of Table 6.3) searched out by Ieaf3 does not included a mapped MAC address. Leaf3 does not replace the source MAC address. Leaf3 searches out an entry (shown in the last row of Table 6.3) according to the destination MAC address ED-01 -00-03-00-04 of the Ethernet packet, wherein the entry searched out includes a mapped MAC address. Leaf3 replaces the destination MAC address ED-01 -00-03-00-04 of the Ethernet packet with the mapped MAC address 00-25-9C-2F-63-FE in the entry searched out. Leaf3 forwards to the destination VM the Ethernet packet of which the destination MAC address is replaced through portl which is an egress port in the entry searched out.
[0143] FIG. 8 is a schematic diagram illustrating Layer 2 forwarding between DCs according to an example of the present disclosure. In the networking, the DC interconnection network employs the MAC over IP technology. Devices of core layer of each DC device support the Trill technology and the MAC over IP technology simultaneously, and support two-way conversion between the Trill and the MAC over IP, i.e., a MAC over IP packet is encapsulated after the Trill is completed, and a Trill packet is encapsulated after the MAC over IP is completed.
[0144] In DC1 , corel and core2 on the core layer form a virtual device (i.e., a logical node) in a manner of stacking to achieve load balancing and backup. A nickname of the virtual device formed by corel and core2 is DCI core. Core2 is a master device of the logical node.
[0145] In DC2, corel ' and core2' on the core layer form a virtual device in a manner of stacking to achieve load balancing and backup. A nickname of the virtual device formed by corel ' and core2' is DC2_core. Corel ' is a master device of the virtual device.
[0146] In this process, a physical server where a source VM is hosted on is connected to leafl of DC1 , an IP address of the source VM is 1 .1 .1 .1 , and a VLAN to which the source VM belongs is VLAN1 . A physical server where a destination VM is hosted on is connected to leafl ' of DC2, an IP address of the destination VM is 1 .1 .1 .100, and a VLAN to which the destination VM belongs is VLAN1 .
[0147] A Layer 2 forwarding table of leafl at least includes entries shown in Table 7.1 .
Table 7.1
Figure imgf000046_0001
[0148] Layer 2 forwarding tables of corel and core2 at least include entries shown in Table 7.2, respectively.
Table 7.2
Egress
VLAN Initial MAC address Mask Mapped MAC address
Port
VLAN
ED-01 -00-01 -00-00 ff-ff-ff-ff-00-00 DC1_leaf1 unaware
VLAN
ED-02-00-00-00-00 ff-ff-00-00-00-00 I P2 unaware [0149] Layer 2 forwarding tables of corel ' and core2' at least include entries shown in Table 7.3, respectively.
Table 7.3
Figure imgf000047_0001
[0150] A Layer 2 forwarding table of leafl ' at least includes entries shown in Table 7.4.
Table 7.4
Figure imgf000047_0002
[0151 ] As shown in FIG. 8, the source VM sends an Ethernet packet to leafl . A source MAC address of the Ethernet packet is 00-11 -11 -11 -11 -11 which is an actual MAC address of the source VM, and a destination MAC address of the Ethernet packet is ED-02-00-01 -00-01 which is a virtual MAC address corresponding to the destination IP address.
[0152] Leafl receives the Ethernet packet, searches out an entry (shown in the second row of Table 7.1 ) including a mapped MAC address in the Layer 2 forwarding table according to the source MAC address 00-11 -11 -11 -11 -11 , and replaces the source MAC address of the packet with the mapped MAC address ED-01 -00-01 -00-01 . Leafl searches out an entry (shown in the fourth row of Table 7.1 ) not including a mapped MAC address in the Layer 2 forwarding table according to the destination MAC address ED-02-00-01 -00-01 , encapsulates the received Ethernet packet into a Trill packet according to DC1_core which is an egress port of the entry searched out, and sends the Trill packet to an egress device DCI core within the Trill network.
[0153] The core2, which is the master device of DCI core, receives the Trill packet, decapsulates the Trill packet to get the Ethernet packet, and searches out an entry (shown in the second row of Table 7.2) not including a mapped MAC address according to the source MAC address ED-01 -00-01 -00-01 of the decapsulated Ethernet packet. Core2 does not replace the source MAC address. Core2 searches out an entry (shown in the third row of Table 7.2) not including a mapped MAC address according to the destination MAC address ED-02-00-01 -00-01 of the decapsulated Ethernet packet, and performs MAC over IP encapsulation to the decapsulated Ethernet packet based on IP2 which is an egress port in the entry searched out. In the MAC over IP header encapsulated by the core2 for the packet (i.e., an outer IP header), an outer source IP address is IP1 , an outer destination IP address is IP2. The core2 performs routing forwarding according to IP2, and encapsulates an Ethernet header changed hop-by-hop outside the outer IP header, so that the packet encapsulated with the MAC over IP is forwarded to DC2 hop-by-hop through the DC interconnecting (DCI) network.
[0154] The corel ', which is the master device of DC2_core, receives the packet encapsulated with the MAC over IP, decapsulates the outer Ethernet header and the outer IP header to get the inner Ethernet packet, and searches out an entry (shown in the second row of Table 7.3) not including a mapped MAC address in the Layer 2 forwarding table according to the source MAC address ED-01 -00-01 -00-01 of the inner Ethernet header. The corel ' does not replace the source MAC address. The corel ' searches out an entry (shown in the third row of Table 7.3) not including a mapped MAC address according to the destination MAC address ED-02-00-01 -00-01 of the decapsulated Ethernet packet, encapsulates the inner Ethernet packet into a Trill-encapsulated Ethernet packet according to DC2_leaf1 which is an egress port in the entry, and sends to leaf 1 ' the Trill-encapsulated Ethernet packet within the Trill network of DC2. [0155] Leafl ' receives the Trill-encapsulated packet, removes the next-hop header and the Trill header, searches out an entry (shown in the last row of Table 7.4) not including a mapped MAC address in the Layer 2 forwarding table according to the source MAC address ED-01 -00-01 -00-01 . Leafl ' does not replace the source MAC address. Leafl ' searches out an entry (shown in the second row of Table 7.4) including a mapped MAC address 00-20-00-20-20-20 in the Layer 2 forwarding table according to the destination MAC address ED-02-00-01 -00-01 , replaces the destination MAC address with the mapped MAC address 00-20-00-20-20-20, and sends to the destination VM the Ethernet packet of which the destination MAC address is replaced through Portl that is the egress port in the entry.
[0156] In the above examples, a mechanism about address hierarchy and masks is introduced into the management of the Layer 2 forwarding table, so that a mask-based Layer 2 forwarding table is achieved, and the number of entries in the Layer 2 forwarding table is greatly reduced. A problem that the number of Layer 2 forwarding entries in a Very Large DC is too great can be effectively solved through reducing the number of the entries in the Layer 2 forwarding table. At the same time, it can be avoided that an actual number of the entries of the Layer 2 forwarding table cannot reach the maximum number of the entries supported by a device when learning MAC addresses.
[0157] It should be noted that the examples of the present disclosure are described in detail by taking a format of a virtual MAC address as 6 bytes which are OUI-DC ID-Device ID-host ID, and the masks as a 32-bit access device mask and a 1 6-bit data center mask. Based on this, a mode for configuring the mask-based Layer 2 forwarding table is described, and packet forwarding processes based on the Layer 2 forwarding table under a variety of scenarios are described also. Another format of the virtual MAC address and corresponding MAC address masks in different hierarchies may be designed according to the principle provided by the examples of the present disclosure, and a mask-based Layer 2 forwarding table and packet forwarding processes based on the Layer 2 forwarding table under a variety of scenarios thereof can also be designed, which should be included in the protection scope of the present disclosure as long as virtual MAC addresses of VMs can be hierarchically aggregated through masks in different hierarchies.
[0158] Based on the same technical concept, an example of the present disclosure also provides a network management apparatus, applied to a VLL2 network.
[0159] FIG. 9A is a schematic diagram illustrating a structure of the routing switch device according to the example of the present disclosure. An example of the routing switch device is an access layer device. Examples of modules in the routing switch device are shown in FIG. 9A. The modules represent functionalities of the routing switch device which may be implemented in hardware and/or by machine readable instructions executed by a processor or other type of processing circuit. As shown in FIG. 9A, the routing switch device may include a receiving module 91 , a sending module 92, a forwarding module 93, and at least one port. The routing switch device may further include an ARP processing module 94, as shown in FIG. 9B. Information communication among the receiving module 91 , the sending module 92, the forwarding module 93, and the ARP processing module 94 is performed through a bus 90. The receiving module 91 may receive a packet through the port 94 of the device, and the sending module 92 may send a packet through the port 94 of the device.
[01 60] Hereinafter, functions of the modules in the routing switch device are described in further detail.
[01 61 ] The receiving module 91 is configured to receive an Ethernet packet. The forwarding module 92 is configured to search in a Layer 2 forwarding table according to a source Media Access Control (MAC) address of the Ethernet packet received, and replace, when it is determined that a Layer 2 forwarding entry searched out and matching the source MAC address of the Ethernet packet includes a MAC address mapped to the source MAC address, the source MAC address of the Ethernet packet with the MAC address mapped to the source MAC address; search in the Layer 2 forwarding table according to a destination MAC address of the Ethernet packet received; perform, when it is determined that a Layer 2 forwarding entry searched out and matching the destination MAC address of the Ethernet packet does not include a MAC address mapped to the destination MAC address, Very Large Layer 2 (VLL2) network protocol encapsulation to the Ethernet packet of which the source MAC address is replaced according to an egress port in the Layer 2 forwarding entry matching the destination MAC address. The sending module 93 is configured to send the Ethernet packet encapsulated with a VLL2 network protocol.
[01 62] Specifically, when the Layer 2 forwarding entry matching the destination MAC address of the Ethernet packet received and searched out by the forwarding module 93 is an access device entry (i.e., identifies an access device) associated with another access layer device in a same data center where the routing switch device receiving the Ethernet packet locates, the forwarding module 93 is configured to perform the VLL2 network protocol encapsulation to the Ethernet packet of which the source MAC address is replaced taking an egress port in the access device entry and towards the other access layer device associated with the access device entry as egress port information in the VLL2 network protocol encapsulation. The sending module 92 is configured to send to the other access layer device the Ethernet packet encapsulated with the VLL2 network protocol through the egress port in the access device entry and towards the other access layer device.
[01 63] Specifically, when the Layer 2 forwarding entry matching the destination MAC address of the Ethernet packet received and searched out by the forwarding module 93 is a data center entry (i.e., identifies a data center) associated with another data center, the forwarding module 93 is configured to perform the VLL2 network protocol encapsulation to the Ethernet packet of which the source MAC address is replaced taking an egress port in the data center entry and towards the other data center associated with the data center entry as egress port information in the VLL2 network protocol encapsulation. The sending module 92 is configured to send to the other data center the Ethernet packet encapsulated with the VLL2 network protocol through the egress port in the data center entry and towards the other data center. [01 64] Specifically, when the Layer 2 forwarding entry matching the destination MAC address of the Ethernet packet received and searched out by the forwarding module 93 is a gateway forwarding entry (i.e., identifies a gateway), the forwarding module 93 is configured to perform the VLL2 network protocol encapsulation to the Ethernet packet of which the source MAC address is replaced taking an egress port in the gateway forwarding entry and towards a gateway as egress port information in the VLL2 network protocol encapsulation. The sending module 92 is configured to send to the gateway the Ethernet packet encapsulated with the VLL2 network protocol through the egress port in the gateway forwarding entry and towards the gateway.
[01 65] Specifically, when the Ethernet packet received by the receiving module 91 is a multicast packet, the Layer 2 forwarding entry matching the destination MAC address of the Ethernet packet received and searched out by the forwarding module 93 is a multicast forwarding entry (i.e., identifies a multicast address), and an egress port of the multicast forwarding entry includes an egress port towards a root of a multicast tree of a multicast group, the forwarding module 93 is configured to perform the VLL2 network protocol encapsulation to the Ethernet packet of which the source MAC address is replaced taking the egress port in the multicast forwarding entry and towards the root of the multicast tree of the multicast group as egress port information in the VLL2 network protocol encapsulation. The sending module 92 is configured to send to the root of the multicast tree of the multicast group the multicast packet encapsulated with the VLL2 network protocol through the egress port in the multicast forwarding entry and towards the root of the multicast tree of the multicast group.
[01 66] Specifically, when the Ethernet packet received by the receiving module 91 is a multicast packet, the Layer 2 forwarding entry matching the destination MAC address of the Ethernet packet received and searched out by the forwarding module 93 is a multicast forwarding entry, and an egress port of the multicast forwarding entry includes an egress port towards a multicast receiver, the sending module 92 is configured to send to the multicast receiver the multicast packet of which the source MAC address is replaced through the egress port in the multicast forwarding entry and towards the multicast receiver.
[01 67] Furthermore, when it is determined that the Layer 2 forwarding entry searched out by the forwarding module 93 and matching the destination MAC address of the Ethernet packet received includes the MAC address mapped to the destination MAC address, the forwarding module 93 is configured to replace the destination MAC address of the Ethernet packet with the MAC address mapped to the destination MAC address. Accordingly, the sending module 92 is configured to send the Ethernet packet of which the source MAC address and the destination MAC address are replaced through the egress port in the Layer 2 forwarding entry matching the destination MAC address.
[01 68] Furthermore, the receiving module 91 is configured to receive an Ethernet packet encapsulated with the VLL2 network protocol. Accordingly, the forwarding module 93 is configured to decapsulate VLL2 network protocol encapsulation of the Ethernet packet received when it is determined, according to the VLL2 network protocol encapsulation of the Ethernet packet encapsulated with the VLL2 network protocol, that the routing switch device receiving the Ethernet packet encapsulated with the VLL2 network protocol is a destination device of the Ethernet packet encapsulated with the VLL2 network protocol; search in the Layer 2 forwarding table according to a destination MAC address of the decapsulated Ethernet packet; when it is determined that a Layer 2 forwarding entry searched out and matching the destination MAC address of the decapsulated Ethernet packet includes a MAC address mapped to the destination MAC address of the decapsulated Ethernet packet, replace the destination MAC address of the decapsulated Ethernet packet with the MAC address mapped to the destination MAC address of the decapsulated Ethernet packet. The sending module 92 is configured to send the decapsulated Ethernet packet of which the destination MAC address is replaced through an egress port in the Layer 2 forwarding entry matching the destination MAC address of the decapsulated Ethernet packet.
[01 69] Furthermore, the receiving module 91 is configured to receive an Address Resolution Protocol (ARP) request packet. Accordingly, the ARP processing module 94 is configured to transfer the ARP request packet received into a proprietary ARP request packet; search in the Layer 2 forwarding table according to a source MAC address and a destination MAC address of the proprietary ARP request packet, respectively; when it is determined that a Layer 2 forwarding entry searched out and matching the destination MAC address of the proprietary ARP request packet does not include a MAC address mapped to the destination MAC address of the proprietary ARP request packet, perform the VLL2 network protocol encapsulation to the proprietary ARP request packet according to an egress port in the Layer 2 forwarding entry matching the destination MAC address of the proprietary ARP request packet and towards a gateway within a VLL2 network. The sending module 92 is configured to send the proprietary ARP request packet encapsulated with the VLL2 network protocol through the egress port in the Layer 2 forwarding entry matching the destination MAC address of the proprietary ARP request packet and towards the gateway.
[0170] Furthermore, the receiving module 91 is configured to receive a proprietary ARP response packet encapsulated with the VLL2 network protocol. Accordingly, the ARP processing module 94 is configured to decapsulate VLL2 network protocol encapsulation of the proprietary ARP response packet encapsulated with the VLL2 network protocol to obtain a decapsulated ARP response packet, transfer the decapsulated ARP response packet into an ARP response packet with an Ethernet header; search in the Layer 2 forwarding table according to a source MAC address and a destination MAC address of the decapsulated ARP response packet, respectively; when it is determined that a Layer 2 forwarding entry searched out and matching the destination MAC address of the decapsulated ARP response packet includes a MAC address mapped to the destination MAC address of the decapsulated ARP response packet, replace the destination MAC address of the decapsulated ARP response packet with the MAC address mapped to the destination MAC address of the decapsulated ARP response packet. The sending module 92 is further configured to send the decapsulated ARP response packet of which the destination MAC address is replaced through an egress port in the Layer 2 forwarding entry matching the destination MAC address of the decapsulated ARP response packet.
[0171 ] In the above examples, the VLL2 network protocol may be the Transparent Interconnection of Lots of Links (Trill) protocol or the Shortest Path Bridging (SPB) protocol.
[0172] The above-mentioned modules in the examples of the present disclosure may be deployed either in a centralized or a distributed configuration; and may be either merged into a single module, or further split into a plurality of sub-modules.
[0173] The above-mentioned modules in the examples of the present disclosure may be implemented by software (e.g. machine readable instructions stored in a memory and executable by a processor), hardware (e.g. the processor of an Application Specific Integrated Circuit (ASIC)), or a combination thereof.
[0174] FIG. 10A is a schematic diagram illustrating a hardware structure of the routing switch device according to an example of the present disclosure. As shown in FIG. 10A, the device may include a processor 101 , a first storage 102, a second storage 103, at least one port 104, and a bus 105. The processor 101 , the first storage 102 and the second storage 103 are interconnected via the bus 105. The routing switch device may receive and send a packet through the port 104. In this case, the first storage 102 is configured to store machine readable instructions; the second storage 103 is configured to store a Layer 2 forwarding table; and the processor 101 is configured to execute machine readable instructions to perform operations described above, including operations of receiving module 91 , sending module 92 and forwarding module 93 described with respect to FIGS. 9A-B. FIG. 10B is the same as FIG. 10A except the processor 101 may further execute machine readable instructions for the ARP processing module 94.
[0175] The operations performed by processor 101 shown in FIGS. 10A-B may include receiving an Ethernet packet; searching in a Layer 2 forwarding table according to a source Media Access Control (MAC) address of the Ethernet packet received, and replacing the source MAC address with a mapped virtual MAC address in a Layer 2 forwarding entry matching the source MAC address of the Ethernet packet; and searching in the Layer 2 forwarding table according to a destination MAC address of the Ethernet packet received, performing, when it is determined that a Layer 2 forwarding entry matching the destination MAC address of the Ethernet packet does not include a MAC address mapped to the destination MAC address, Very Large Layer 2 (VLL2) network protocol encapsulation to the Ethernet packet of which the source MAC address is replaced according to an egress port in the Layer 2 forwarding entry matching the destination MAC address, and sending the Ethernet packet encapsulated with a VLL2 network protocol.
[0176] When the Layer 2 forwarding entry matching the destination MAC address is an access device entry associated with another access layer device in a same data center, the processor is further configured to execute the machine readable instructions to perform operations including: performing the VLL2 network protocol encapsulation to the Ethernet packet of which the source MAC address is replaced, taking an egress port in the access device entry and towards the other access layer device associated with the access device entry as egress port information in the VLL2 network protocol encapsulation, and sending to the other access layer device the Ethernet packet encapsulated with the VLL2 network protocol through the egress port in the access device entry and towards the other access layer device.
[0177] When the Layer 2 forwarding entry matching the destination MAC address is a data center entry associated with another data center, the processor is further configured to execute the machine readable instructions to perform operations including: performing the VLL2 network protocol encapsulation to the Ethernet packet of which the source MAC address is replaced taking an egress port in the data center entry and towards the other data center associated with the data center entry as egress port information in the VLL2 network protocol encapsulation, and sending to the other data center the Ethernet packet encapsulated with the VLL2 network protocol through the egress port in the data center entry and towards the other data center.
[0178] When the Layer 2 forwarding entry matching the destination MAC address is a gateway forwarding entry, the processor is further configured to execute the machine readable instructions to perform operations including: performing the VLL2 network protocol encapsulation to the Ethernet packet of which the source MAC address is replaced taking an egress port in the gateway forwarding entry and towards a gateway as egress port information in the VLL2 network protocol encapsulation, and sending to the gateway the Ethernet packet encapsulated with the VLL2 network protocol through the egress port in the gateway forwarding entry and towards the gateway.
[0179] When the Ethernet packet is a multicast packet, the Layer 2 forwarding entry matching the destination MAC address is a multicast forwarding entry, and an egress port of the multicast forwarding entry includes an egress port towards a root of a multicast tree of a multicast group, the processor is further configured to execute the machine readable instructions to perform operations including: performing the VLL2 network protocol encapsulation to the Ethernet packet of which the source MAC address is replaced taking the egress port in the multicast forwarding entry and towards the root of the multicast tree of the multicast group as egress port information in the VLL2 network protocol encapsulation, and sending to the root of the multicast tree of the multicast group the multicast packet encapsulated with the VLL2 network protocol through the egress port in the multicast forwarding entry and towards the root of the multicast tree of the multicast group.
[0180] When the Ethernet packet is a multicast packet, the Layer 2 forwarding entry matching the destination MAC address is a multicast forwarding entry, and an egress port of the multicast forwarding entry includes an egress port towards a multicast receiver, the processor is further configured to execute the machine readable instructions to perform operations including: sending to the multicast receiver the multicast packet of which the source MAC address is replaced through the egress port in the multicast forwarding entry and towards the multicast receiver.
[0181 ] The processor is further configured to execute the machine readable instructions to perform operations including: when it is determined that the Layer 2 forwarding entry matching the destination MAC address of the Ethernet packet comprises a mapped actual MAC address, replacing the destination MAC address of the Ethernet packet with the mapped actual MAC address, and sending the Ethernet packet of which the source MAC address and the destination MAC address are replaced through the egress port in the Layer 2 forwarding entry matching the destination MAC address.
[0182] The processor is further configured to execute the machine readable instructions to perform operations including: receiving an Ethernet packet encapsulated with the VLL2 network protocol; decapsulating VLL2 network protocol encapsulation when it is determined, according to the VLL2 network protocol encapsulation of the Ethernet packet encapsulated with the VLL2 network protocol, that a device receiving the Ethernet packet encapsulated with the VLL2 network protocol is a destination device of the Ethernet packet encapsulated with the VLL2 network protocol; searching in the Layer 2 forwarding table according to a destination MAC address of the decapsulated Ethernet packet; and when it is determined that a Layer 2 forwarding entry matching the destination MAC address of the decapsulated Ethernet packet comprises a mapped actual MAC address, replacing the destination MAC address of the decapsulated Ethernet packet with the mapped actual MAC address in the Layer 2 forwarding entry matching the destination MAC address of the decapsulated Ethernet packet, and sending the decapsulated Ethernet packet of which the destination MAC address is replaced through an egress port in the Layer 2 forwarding entry matching the destination MAC address of the decapsulated Ethernet packet.
[0183] The processor is further configured to execute the machine readable instructions to perform operations including: receiving an Address Resolution Protocol (ARP) request packet; transferring the ARP request packet received into a proprietary ARP request packet; searching in the Layer 2 forwarding table according to a source MAC address and a destination MAC address of the proprietary ARP request packet; and when it is determined that a gateway forwarding entry matching the destination MAC address of the proprietary ARP request packet, performing the VLL2 network protocol encapsulation to the proprietary ARP request packet according to an egress port in the gateway forwarding entry matching the destination MAC address of the proprietary ARP request packet, and sending the proprietary ARP request packet encapsulated with the VLL2 network protocol towards the gateway.
[0184] The processor is further configured to execute the machine readable instructions to perform operations including: receiving a proprietary ARP response packet encapsulated with the VLL2 network protocol; decapsulating VLL2 network protocol encapsulation to obtain a decapsulated ARP response packet, transferring the decapsulated ARP response packet into an ARP response packet; searching in the Layer 2 forwarding table according to a source MAC address and a destination MAC address of the ARP response packet; when it is determined that a Layer 2 forwarding entry matching the destination MAC address of the ARP response packet comprises a mapped actual MAC address, replacing the destination MAC address of the ARP response packet with the mapped actual MAC address in the Layer 2 forwarding entry matching the destination MAC address of the ARP response packet; and sending the ARP response packet of which the destination MAC address is replaced through an egress port in the Layer 2 forwarding entry matching the destination MAC address of the ARP response packet.
[0185] In the example of the present disclosure, the VLL2 network protocol may be the Transparent Interconnection of Lots of Links (Trill) protocol or the Shortest Path Bridging (SPB) protocol.
[0186] As can be seen from the above description, when the machine readable instructions stored in the first storage 102 are executed by the processor 101 , functions of the foregoing receiving module 91 , the sending module 92, the forwarding module 93, and the ARP processing module 94 are achieved, as shown in FIG. 10B.
[0187] As can be seen from the above description, in the examples of the present disclosure, when forwarding a packet, an access layer device within the VLL2 network matches, in accordance with a Layer 2 forwarding table based on MAC address masks, Layer 2 forwarding entries according to a source MAC address and a destination MAC address of the packet, respectively, replaces, when a virtual MAC address is included in the Layer 2 forwarding entry matched, the corresponding MAC address of the packet with the virtual MAC address; and forwards the packet according to an egress port in the Layer 2 forwarding entry matching the destination MAC address of the packet. Therefore, the packet is forwarded in accordance with the Layer 2 forwarding entry based on the MAC address mask.
[0188] In practice, the examples of the present disclosure may be implemented by a hardware ASIC for an Ethernet switch device which requires high processing performance, and may be implemented by machine readable instructions for devices like routers and vswitch which do not require the high processing performance.
[0189] The above examples can be implemented by hardware, software or firmware or a combination thereof. For example the various methods, processes and functional units described herein may be implemented by a processor (the term processor is to be interpreted broadly to include a CPU, processing unit, ASIC, logic unit, or programmable gate array etc.). The processes, methods and functional units may all be performed by a single processor or split between several processors; reference in this disclosure or the claims to a 'processor' should thus be interpreted to mean 'one or more processors'. The processes, methods and functional units be implemented as machine readable instructions executable by one or more processors, hardware logic circuitry of the one or more processors or a combination thereof. Further the teachings herein may be implemented in the form of a software product. The computer software product is stored in a non-transitory storage medium and comprises a plurality of instructions for making a computer apparatus (which can be a personal computer, a server or a network apparatus such as a router, switch, access point etc.) implement the method recited in the examples of the present disclosure.
[0190] Those skilled in the art may understand that all or part of the procedures of the methods of the above examples may be implemented by hardware modules following machine readable instructions. The machine readable instructions may be stored in a computer readable storage medium. When running, the machine readable instructions may provide the procedures of the method examples. The storage medium may be diskette, CD, ROM (Read-Only Memory) or RAM (Random Access Memory), and etc.
[0191 ] The figures are only illustrations of examples, wherein the modules or procedure shown in the figures are not necessarily essential for implementing the present disclosure. The modules in the aforesaid examples can be combined into one module or further divided into a plurality of sub-modules.
[0192] The above are just several examples of the present disclosure, and are not used for limiting the protection scope of the present disclosure. Any modifications, equivalents, improvements, etc., made under the principle of the present disclosure should be included in the protection scope of the present disclosure.

Claims

What is claimed is:
1 . A method for forwarding a packet, comprising:
receiving an Ethernet packet;
searching Layer 2 forwarding entries in a Layer 2 forwarding table according to a source Media Access Control (MAC) address of the Ethernet packet;
replacing the source MAC address of the Ethernet packet with a mapped virtual MAC address obtained from a Layer 2 forwarding entry matching the source MAC address of the Ethernet packet;
searching in the Layer 2 forwarding table according to a destination MAC address of the Ethernet packet received,
in response to determining that a Layer 2 forwarding entry matching the destination MAC address of the Ethernet packet does not include a MAC address mapped to the destination MAC address, performing Very Large Layer 2 (VLL2) network protocol encapsulation on the Ethernet packet according to an egress port in the Layer 2 forwarding entry matching the destination MAC address, and sending the Ethernet packet encapsulated with a VLL2 network protocol header via the egress port.
2. The method of claim 1 , wherein when the Layer 2 forwarding entry matching the destination MAC address is an access device entry associated with another access layer device in a same data center, and the encapsulating of the Ethernet packet of which the source MAC address is replaced comprises determining egress port information including an egress port in the access device entry associated with the another access layer device in the same data center; encapsulating the Ethernet packet of which the source MAC address is replaced based on the egress port in the egress port information;
the sending of the encapsulated Ethernet packet comprises sending the encapsulated Ethernet packet to the another access layer device via the egress port in the egress port information.
3. The method of claim 1 , wherein when the Layer 2 forwarding entry matching the destination MAC address is a data center entry associated with another data center, and the encapsulating of the Ethernet packet of which the source MAC address is replaced comprises determining an egress port from the data center entry, and encapsulating the Ethernet packet of which the source MAC address is replaced based on the egress port determined from the data center entry,and
the sending of the encapsulated Ethernet packet comprises sending the encapsulated Ethernet packet via the egress port determined from the data center entry.
4. The method of claim 1 , wherein when the Layer 2 forwarding entry matching the destination MAC address is a gateway forwarding entry, and the encapsulating of the Ethernet packet of which the source MAC address is replaced comprises determining an egress port from the gateway forwarding entry, and encapsulating the Ethernet packet of which the source MAC address is replaced based on the egress port determined from the gateway forwarding entry; and
the sending of the encapsulated Ethernet packet comprises sending the encapsulated Ethernet packet via the egress port determined from the gateway forwarding entry.
5. The method of claim 1 , wherein when the Ethernet packet is a multicast packet, the Layer 2 forwarding entry matching the destination MAC address is a multicast forwarding entry, and an egress port of the multicast forwarding entry comprises an egress port towards a root of a multicast tree of a multicast group, and the encapsulating of the Ethernet packet of which the source MAC address is replaced comprises determining the egress port towards the root of the multicast tree from the multicast forwarding entry; encapsulating the Ethernet packet of which the source MAC address is replaced based on the egress port determined from the multicast forwarding entry ; and
the sending of the encapsulated Ethernet packet comprises sending the encapsulated Ethernet packet via the egress port determined from the multicast forwarding entry.
6. The method of claim 1 , wherein when the Ethernet packet is a multicast packet, the Layer 2 forwarding entry matching the destination MAC address is a multicast forwarding entry, and an egress port of the multicast forwarding entry comprises an egress port towards a multicast receiver, the method further comprising:
sending to the multicast receiver the multicast packet of which the source MAC address is replaced through the egress port in the multicast forwarding entry and towards the multicast receiver.
7. The method of claim 1 , further comprising:
in response to determining that the Layer 2 forwarding entry matching the destination MAC address of the Ethernet packet comprises a mapped actual MAC address, replacing the destination MAC address of the Ethernet packet with the mapped actual MAC address, and sending the Ethernet packet of which the source MAC address and the destination MAC address are replaced through the egress port in the Layer 2 forwarding entry matching the destination MAC address.
8. The method of claim 1 , further comprising:
receiving an Ethernet packet encapsulated with the VLL2 network protocol; decapsulating VLL2 network protocol encapsulation when it is determined, according to the VLL2 network protocol encapsulation of the Ethernet packet encapsulated with the VLL2 network protocol, that a device receiving the Ethernet packet encapsulated with the VLL2 network protocol is a destination device of the Ethernet packet encapsulated with the VLL2 network protocol;
searching in the Layer 2 forwarding table according to a destination MAC address of the decapsulated Ethernet packet; and
in response to determining that a Layer 2 forwarding entry matching the destination MAC address of the decapsulated Ethernet packet comprises a mapped actual MAC address, replacing the destination MAC address of the decapsulated Ethernet packet with the mapped actual MAC address in the Layer 2 forwarding entry matching the destination MAC address of the decapsulated Ethernet packet, and sending the decapsulated Ethernet packet of which the destination MAC address is replaced through an egress port in the Layer 2 forwarding entry matching the destination MAC address of the decapsulated Ethernet packet.
9. The method of claim 1 , further comprising:
receiving an Address Resolution Protocol (ARP) request packet;
transferring the ARP request packet received into a proprietary ARP request packet;
searching in the Layer 2 forwarding table according to a source MAC address and a destination MAC address of the proprietary ARP request packet; and
in response to determining that a gateway forwarding entry matches the destination MAC address of the proprietary ARP request packet, performing the VLL2 network protocol encapsulation to the proprietary ARP request packet according to an egress port in the gateway forwarding entry matching the destination MAC address of the proprietary ARP request packet, and sending the proprietary ARP request packet encapsulated with the VLL2 network protocol towards the gateway.
10. The method of claim 1 , further comprising:
receiving a proprietary ARP response packet encapsulated with the VLL2 network protocol;
decapsulating VLL2 network protocol encapsulation to obtain a decapsulated proprietary ARP response packet, transferring the decapsulated proprietary ARP response packet into an ARP response packet;
searching in the Layer 2 forwarding table according to a source MAC address and a destination MAC address of the ARP response packet;
when it is determined that a Layer 2 forwarding entry matching the destination MAC address of the ARP response packet comprises a mapped actual MAC address, replacing the destination MAC address of the ARP response packet with the mapped actual MAC address in the Layer 2 forwarding entry matching the destination MAC address of the ARP response packet; and sending the ARP response packet of which the destination MAC address is replaced through an egress port in the Layer 2 forwarding entry matching the destination MAC address of the ARP response packet.
11 . The method of claim 1 , wherein the VLL2 network protocol is a Transparent Interconnection of Lots of Links (Trill) protocol or a Shortest Path Bridging (SPB) protocol.
12. A routing switch device, comprising:
a first storage, to store machine readable instructions;
a second storage, to store a Layer 2 forwarding table; and
a processor, to execute the machine readable instructions to perform operations to forward packets, the operations comprising:
receiving an Ethernet packet;
searching Layer 2 forwarding entries in a Layer 2 forwarding table according to a source Media Access Control (MAC) address of the Ethernet packet;
replacing the source MAC address of the Ethernet packet with a mapped virtual MAC address obtained from a Layer 2 forwarding entry matching the source MAC address of the Ethernet packet;
searching in the Layer 2 forwarding table according to a destination MAC address of the Ethernet packet;
in response to determiningthat a Layer 2 forwarding entry matching the destination MAC address of the Ethernet packet does not include a MAC address mapped to the destination MAC address, performing Very Large Layer 2 (VLL2) network protocol encapsulation on the Ethernet packet according to an egress port in the Layer 2 forwarding entry matching the destination MAC address, and sending the Ethernet packet encapsulated with a VLL2 network protocol header via the egress port.
13. The routing switch device of claim 12, wherein when the Layer 2 forwarding entry matching the destination MAC address is an access device entry associated with another access layer device in a same data center, and
the operation of encapsulating of the Ethernet packet of which the source MAC address is replaced comprises determining egress port information including an egress port in the access device entry associated with the another access layer device in the same data center; and encapsulating the Ethernet packet of which the source MAC address is replaced based on the egress port in the egress port information;
the operation of sending the encapsulated Ethernet packet comprises sending the encapsulated Ethernet packet to the another access layer device via the egress port in the egress port information.
14. The routing switch device of claim 12, wherein when the Layer 2 forwarding entry matching the destination MAC address is a data center entry associated with another data center, and
the operation of encapsulating of the Ethernet packet of which the source MAC address is replaced comprises determining an egress port from the data center entry and encapsulating the Ethernet packet of which the source MAC address is replaced based on the egress port determined from the data center entry; and
the operation of sending the encapsulated Ethernet packet comprises sending the encapsulated Ethernet packet via the egress port determined from the data center entry.
15. The routing switch device of claim 12, wherein when the Layer 2 forwarding entry matching the destination MAC address is a gateway forwarding entry, and
the operation of encapsulating of the Ethernet packet of which the source MAC address is replaced comprises determining an egress port from the gateway forwarding entry and encapsulating the Ethernet packet of which the source MAC address is replaced based on the egress port determined from the gateway forwarding entry; and the operation of sending the encapsulated Ethernet packet comprises sending the encapsulated Ethernet packet via the egress port determined from the gateway forwarding entry.
16. The routing switch device of claim 12, wherein when the Ethernet packet is a multicast packet, the Layer 2 forwarding entry matching the destination MAC address is a multicast forwarding entry, and an egress port of the multicast forwarding entry comprises an egress port towards a root of a multicast tree of a multicast group, and
the operation of encapsulating of the Ethernet packet of which the source
MAC address is replaced comprises determining the egress port towards the root of the multicast tree from the multicast forwarding entry and encapsulating the Ethernet packet of which the source MAC address is replaced based on the egress port determined from the multicast forwarding entry; and
the operation of sending the encapsulated Ethernet packet comprises sending the encapsulated Ethernet packet via the egress port determined from the multicast forwarding entry.
17. The routing switch device of claim 12, wherein when the Ethernet packet is a multicast packet, the Layer 2 forwarding entry matching the destination MAC address is a multicast forwarding entry, and an egress port of the multicast forwarding entry comprises an egress port towards a multicast receiver,
the processor is further to execute the machine readable instructions to perform operations comprising:
sending to the multicast receiver the multicast packet of which the source
MAC address is replaced through the egress port in the multicast forwarding entry and towards the multicast receiver.
18. The routing switch device of claim 12, wherein the processor is further to execute the machine readable instructions to perform operations comprising: in response to determining that the Layer 2 forwarding entry matching the destination MAC address of the Ethernet packet comprises a mapped actual MAC address, replacing the destination MAC address of the Ethernet packet with the mapped actual MAC address, and sending the Ethernet packet of which the source MAC address and the destination MAC address are replaced through the egress port in the Layer 2 forwarding entry matching the destination MAC address.
19. The routing switch device of claim 12, wherein the processor is further to execute the machine readable instructions to perform operations comprising: receiving an Ethernet packet encapsulated with the VLL2 network protocol; decapsulating VLL2 network protocol encapsulation when it is determined, according to the VLL2 network protocol encapsulation of the Ethernet packet encapsulated with the VLL2 network protocol, that a device receiving the Ethernet packet encapsulated with the VLL2 network protocol is a destination device of the Ethernet packet encapsulated with the VLL2 network protocol;
searching in the Layer 2 forwarding table according to a destination MAC address of the decapsulated Ethernet packet; and
in response to determining that a Layer 2 forwarding entry matching the destination MAC address of the decapsulated Ethernet packet comprises a mapped actual MAC address, replacing the destination MAC address of the decapsulated Ethernet packet with the mapped actual MAC address in the Layer 2 forwarding entry matching the destination MAC address of the decapsulated Ethernet packet, and sending the decapsulated Ethernet packet of which the destination MAC address is replaced through an egress port in the Layer 2 forwarding entry matching the destination MAC address of the decapsulated Ethernet packet.
20. The routing switch device of claim 12, wherein the processor is further to execute the machine readable instructions to perform operations comprising: receiving an Address Resolution Protocol (ARP) request packet;
transferring the ARP request packet received into a proprietary ARP request packet;
searching in the Layer 2 forwarding table according to a source MAC address and a destination MAC address of the proprietary ARP request packet; and
in response to determining that a gateway forwarding entry matching the destination MAC address of the proprietary ARP request packet, performing the VLL2 network protocol encapsulation to the proprietary ARP request packet according to an egress port in the gateway forwarding entry matching the destination MAC address of the proprietary ARP request packet, and sending the proprietary ARP request packet encapsulated with the VLL2 network protocol towards the gateway.
21 . The routing switch device of claim 12, wherein the processor is further to execute the machine readable instructions to perform operations comprising: receiving a proprietary ARP response packet encapsulated with the VLL2 network protocol;
decapsulating VLL2 network protocol encapsulation to obtain a decapsulated proprietary ARP response packet, transferring the decapsulated proprietary ARP response packet into an ARP response packet;
searching in the Layer 2 forwarding table according to a source MAC address and a destination MAC address of the ARP response packet;
when it is determined that a Layer 2 forwarding entry matching the destination MAC address of the ARP response packet comprises a mapped actual MAC address, replacing the destination MAC address of the ARP response packet with the mapped actual MAC address in the Layer 2 forwarding entry matching the destination MAC address of the ARP response packet; and sending the ARP response packet of which the destination MAC address is replaced through an egress port in the Layer 2 forwarding entry matching the destination MAC address of the ARP response packet.
22. The routing switch device of claim 12, wherein the VLL2 network protocol is a Transparent Interconnection of Lots of Links (Trill) protocol or a Shortest Path Bridging (SPB) protocol.
PCT/CN2013/082788 2012-08-31 2013-09-02 Packet forwarding WO2014032624A1 (en)

Priority Applications (2)

Application Number Priority Date Filing Date Title
US14/405,367 US9397942B2 (en) 2012-08-31 2013-09-02 Packet forwarding
EP13833309.1A EP2891284A4 (en) 2012-08-31 2013-09-02 Packet forwarding

Applications Claiming Priority (8)

Application Number Priority Date Filing Date Title
CN201210318996 2012-08-31
CN201210318996.1 2012-08-31
CN201310121091.XA CN103227843B (en) 2012-08-31 2013-04-09 A kind of physical link address management method and device
CN201310121091.X 2013-04-09
CN201310121231.3A CN103227757B (en) 2012-08-31 2013-04-09 A kind of message forwarding method and equipment
CN201310121235.1 2013-04-09
CN201310121231.3 2013-04-09
CN201310121235.1A CN103259727B (en) 2012-08-31 2013-04-09 A kind of message forwarding method and equipment

Publications (1)

Publication Number Publication Date
WO2014032624A1 true WO2014032624A1 (en) 2014-03-06

Family

ID=48838025

Family Applications (3)

Application Number Title Priority Date Filing Date
PCT/CN2013/082788 WO2014032624A1 (en) 2012-08-31 2013-09-02 Packet forwarding
PCT/CN2013/082781 WO2014032623A1 (en) 2012-08-31 2013-09-02 Configuring virtual media access control addresses for virtual machines
PCT/CN2013/082771 WO2014032620A1 (en) 2012-08-31 2013-09-02 Virtual mac address, mask-based, packet forwarding

Family Applications After (2)

Application Number Title Priority Date Filing Date
PCT/CN2013/082781 WO2014032623A1 (en) 2012-08-31 2013-09-02 Configuring virtual media access control addresses for virtual machines
PCT/CN2013/082771 WO2014032620A1 (en) 2012-08-31 2013-09-02 Virtual mac address, mask-based, packet forwarding

Country Status (4)

Country Link
US (3) US9397943B2 (en)
EP (3) EP2891284A4 (en)
CN (3) CN103259727B (en)
WO (3) WO2014032624A1 (en)

Families Citing this family (173)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102394831A (en) * 2011-11-28 2012-03-28 杭州华三通信技术有限公司 Flow uninterruptible method and device based on virtual machine VM (virtual memory) migration
CN103259727B (en) * 2012-08-31 2016-12-28 杭州华三通信技术有限公司 A kind of message forwarding method and equipment
WO2014037028A1 (en) * 2012-09-04 2014-03-13 Telefonaktiebolaget L M Ericsson (Publ) A method of operating a switch or access node in a network and a processing apparatus configured to implement the same
US9197553B2 (en) 2013-03-29 2015-11-24 Cisco Technology, Inc. Using a virtual internet protocol address to represent dually connected hosts in an internet protocol overlay network
US10454714B2 (en) 2013-07-10 2019-10-22 Nicira, Inc. Method and system of overlay flow control
US10749711B2 (en) 2013-07-10 2020-08-18 Nicira, Inc. Network-link method useful for a last-mile connectivity in an edge-gateway multipath system
US9509615B2 (en) * 2013-07-22 2016-11-29 Vmware, Inc. Managing link aggregation traffic in a virtual environment
US9350666B2 (en) * 2013-07-22 2016-05-24 Vmware, Inc. Managing link aggregation traffic in a virtual environment
US9686178B2 (en) 2013-07-22 2017-06-20 Vmware, Inc. Configuring link aggregation groups to perform load balancing in a virtual environment
CN104348726B (en) 2013-08-02 2018-12-11 新华三技术有限公司 Message forwarding method and device
CN104348717B (en) * 2013-08-02 2018-05-11 新华三技术有限公司 Message forwarding method and device
CN104378296B (en) * 2013-08-15 2018-04-10 新华三技术有限公司 A kind of message forwarding method and equipment
CN104378297B (en) * 2013-08-15 2018-01-16 新华三技术有限公司 A kind of message forwarding method and equipment
US11451474B2 (en) 2013-09-17 2022-09-20 Cisco Technology, Inc. Equal cost multi-path with bit indexed explicit replication
WO2015042152A1 (en) 2013-09-17 2015-03-26 Cisco Technology, Inc. Bit indexed explicit replication using multiprotocol label switching
US10218524B2 (en) 2013-09-17 2019-02-26 Cisco Technology, Inc. Bit indexed explicit replication for layer 2 networking
US9806897B2 (en) 2013-09-17 2017-10-31 Cisco Technology, Inc. Bit indexed explicit replication forwarding optimization
US10003494B2 (en) 2013-09-17 2018-06-19 Cisco Technology, Inc. Per-prefix LFA FRR with bit indexed explicit replication
CN104468370B (en) * 2013-09-24 2018-09-04 新华三技术有限公司 A kind of multicast data packet forwarding method and apparatus
US20150100560A1 (en) 2013-10-04 2015-04-09 Nicira, Inc. Network Controller for Managing Software and Hardware Forwarding Elements
US9876715B2 (en) * 2013-11-05 2018-01-23 Cisco Technology, Inc. Network fabric overlay
CN104660509B (en) * 2013-11-19 2017-11-21 中国科学院声学研究所 The method for processing forwarding of data message in a kind of access gateway
US9413713B2 (en) * 2013-12-05 2016-08-09 Cisco Technology, Inc. Detection of a misconfigured duplicate IP address in a distributed data center network fabric
CN103731353B (en) * 2013-12-26 2017-07-14 华为技术有限公司 The physical address acquisition methods of virtual machine
US10120729B2 (en) 2014-02-14 2018-11-06 Vmware, Inc. Virtual machine load balancing
CN104954218B (en) * 2014-03-24 2018-02-09 新华三技术有限公司 Distributed virtual switch and retransmission method
JP6211975B2 (en) * 2014-03-27 2017-10-11 株式会社日立製作所 Network extension system, control device, and network extension method
US20150304450A1 (en) * 2014-04-17 2015-10-22 Alcatel Lucent Canada,Inc. Method and apparatus for network function chaining
TWI531908B (en) * 2014-04-24 2016-05-01 A method of supporting virtual machine migration with Software Defined Network (SDN)
KR101938623B1 (en) * 2014-06-03 2019-01-15 후아웨이 테크놀러지 컴퍼니 리미티드 Openflow communication method, system, controller, and service gateway
CN105450529B (en) * 2014-06-24 2019-02-12 华为技术有限公司 Method, equipment and the system of across two-layer virtual network transmission multicast message
CN105262685B (en) * 2014-07-14 2018-10-09 新华三技术有限公司 A kind of message processing method and device
CN104092614B (en) * 2014-07-30 2017-07-04 新华三技术有限公司 The method and apparatus for updating address resolution information
CN105471744B (en) * 2014-09-19 2018-10-09 新华三技术有限公司 A kind of virtual machine migration method and device
CN104320342B (en) * 2014-10-29 2017-10-27 新华三技术有限公司 Message forwarding method and device in a kind of transparent interconnection of lots of links internet
CN104301232B (en) * 2014-10-29 2017-10-03 新华三技术有限公司 Message forwarding method and device in a kind of transparent interconnection of lots of links internet
CN104348696B (en) * 2014-11-17 2018-03-27 京信通信系统(中国)有限公司 A kind of method and apparatus for dividing multi-VLAN
CN105721322A (en) * 2014-12-03 2016-06-29 中兴通讯股份有限公司 Method, device and system for multicast data transmission in TRILL network
CN104579973B (en) * 2014-12-24 2018-09-21 北京华为数字技术有限公司 Message forwarding method and device in a kind of Virtual Cluster
US10216535B2 (en) * 2015-01-09 2019-02-26 Mediatek Inc. Efficient MAC address storage for virtual machine applications
US9906378B2 (en) 2015-01-27 2018-02-27 Cisco Technology, Inc. Capability aware routing
CN104639440B (en) * 2015-02-02 2017-11-14 新华三技术有限公司 A kind of method and apparatus for realizing three layers of forwarding and tunneling information in a network
CN105991321B (en) * 2015-02-06 2019-05-17 新华三技术有限公司 Manage the method and device of data center server
CN105991439B (en) * 2015-02-06 2019-05-10 新华三技术有限公司 Manage the method and device of data center server
CN105991783A (en) * 2015-02-06 2016-10-05 中兴通讯股份有限公司 MAC (Media Access Control) address learning method, device and system
US10423433B2 (en) * 2015-02-23 2019-09-24 Red Hat Israel, Inc. Scoped network address pool management
US10341221B2 (en) 2015-02-26 2019-07-02 Cisco Technology, Inc. Traffic engineering for bit indexed explicit replication
US10135789B2 (en) 2015-04-13 2018-11-20 Nicira, Inc. Method and system of establishing a virtual private network in a cloud service for branch networking
US10498652B2 (en) 2015-04-13 2019-12-03 Nicira, Inc. Method and system of application-aware routing with crowdsourcing
US10425382B2 (en) 2015-04-13 2019-09-24 Nicira, Inc. Method and system of a cloud-based multipath routing protocol
US9942058B2 (en) 2015-04-17 2018-04-10 Nicira, Inc. Managing tunnel endpoints for facilitating creation of logical networks
CN106209689B (en) * 2015-05-04 2019-06-14 新华三技术有限公司 Multicast data packet forwarding method and apparatus from VXLAN to VLAN
CN106209638B (en) * 2015-05-04 2019-07-12 新华三技术有限公司 From virtual LAN to the message forwarding method and equipment of virtual expansible local area network
CN106209554B (en) 2015-05-04 2019-12-13 新华三技术有限公司 message forwarding method and device for crossing virtual extensible local area network
CN106209636B (en) * 2015-05-04 2019-08-02 新华三技术有限公司 Multicast data packet forwarding method and apparatus from VLAN to VXLAN
CN106209648B (en) 2015-05-04 2019-06-14 新华三技术有限公司 Multicast data packet forwarding method and apparatus across virtual expansible local area network
CN106209637B (en) 2015-05-04 2019-07-05 新华三技术有限公司 From virtual expansible local area network to the message forwarding method and equipment of virtual LAN
US9825776B2 (en) * 2015-06-11 2017-11-21 Lenovo Enterprise Solutions (Singapore) Pte. Ltd. Data center networking
US10554484B2 (en) 2015-06-26 2020-02-04 Nicira, Inc. Control plane integration with hardware switches
US9992153B2 (en) 2015-07-15 2018-06-05 Nicira, Inc. Managing link aggregation traffic in edge nodes
US10243914B2 (en) 2015-07-15 2019-03-26 Nicira, Inc. Managing link aggregation traffic in edge nodes
US9819581B2 (en) 2015-07-31 2017-11-14 Nicira, Inc. Configuring a hardware switch as an edge node for a logical router
US9967182B2 (en) 2015-07-31 2018-05-08 Nicira, Inc. Enabling hardware switches to perform logical routing functionalities
US9847938B2 (en) 2015-07-31 2017-12-19 Nicira, Inc. Configuring logical routers on hardware switches
CN105072038B (en) * 2015-08-28 2018-12-21 华讯方舟科技有限公司 A kind of data message forwarding method and device
US10313186B2 (en) 2015-08-31 2019-06-04 Nicira, Inc. Scalable controller for hardware VTEPS
US10187218B2 (en) * 2015-09-15 2019-01-22 Google Llc Systems and methods for processing packets in a computer network
US9880870B1 (en) * 2015-09-24 2018-01-30 Amazon Technologies, Inc. Live migration of virtual machines using packet duplication
US10230576B2 (en) 2015-09-30 2019-03-12 Nicira, Inc. Managing administrative statuses of hardware VTEPs
US10263828B2 (en) 2015-09-30 2019-04-16 Nicira, Inc. Preventing concurrent distribution of network data to a hardware switch by multiple controllers
US9979593B2 (en) 2015-09-30 2018-05-22 Nicira, Inc. Logical L3 processing for L2 hardware switches
US9948577B2 (en) 2015-09-30 2018-04-17 Nicira, Inc. IP aliases in logical networks with hardware switches
US10033647B2 (en) * 2015-10-13 2018-07-24 Oracle International Corporation System and method for efficient network isolation and load balancing in a multi-tenant cluster environment
CN105872117A (en) * 2015-10-26 2016-08-17 乐视云计算有限公司 Method and system for obtaining MAC address and virtual machine manager
CN105939268B (en) * 2015-10-28 2019-11-08 杭州迪普科技股份有限公司 A kind of two-layer retransmitting table item polymerization and device
US9806911B2 (en) * 2015-11-02 2017-10-31 International Business Machines Corporation Distributed virtual gateway appliance
US10250553B2 (en) 2015-11-03 2019-04-02 Nicira, Inc. ARP offloading for managed hardware forwarding elements
US20170142234A1 (en) * 2015-11-13 2017-05-18 Microsoft Technology Licensing, Llc Scalable addressing mechanism for virtual machines
US9992112B2 (en) 2015-12-15 2018-06-05 Nicira, Inc. Transactional controls for supplying control plane data to managed hardware forwarding elements
US9998375B2 (en) 2015-12-15 2018-06-12 Nicira, Inc. Transactional controls for supplying control plane data to managed hardware forwarding elements
US9917799B2 (en) 2015-12-15 2018-03-13 Nicira, Inc. Transactional controls for supplying control plane data to managed hardware forwarding elements
CN106921551A (en) * 2015-12-24 2017-07-04 中国电信股份有限公司 Virtual communication method, system and equipment
CN105591927B (en) * 2015-12-25 2019-04-30 迈普通信技术股份有限公司 A kind of message forwarding method and routing bridge based on TRILL network
US9860160B2 (en) * 2015-12-30 2018-01-02 Stmicroelectronics, Inc. Multipath switching using per-hop virtual local area network classification
US10484282B2 (en) * 2016-01-12 2019-11-19 International Business Machines Corporation Interconnecting multiple separate openflow domains
US9917764B2 (en) 2016-01-22 2018-03-13 Lenovo Enterprise Solutions (Singapore) PTE., LTD. Selective network address storage within network device forwarding table
CN105763444B (en) * 2016-01-27 2019-03-15 新华三技术有限公司 A kind of route synchronization method and device
US9846602B2 (en) * 2016-02-12 2017-12-19 International Business Machines Corporation Migration of a logical partition or virtual machine with inactive input/output hosting server
US10129185B2 (en) 2016-03-11 2018-11-13 Centurylink Intellectual Property Llc System and method for implementing virtual platform media access control (MAC) address-based layer 3 network switching
US10200343B2 (en) 2016-06-29 2019-02-05 Nicira, Inc. Implementing logical network security on a hardware switch
US20180006969A1 (en) * 2016-06-29 2018-01-04 Cisco Technology, Inc. Technique for gleaning mac and ip address bindings
US10320838B2 (en) * 2016-07-20 2019-06-11 Cisco Technology, Inc. Technologies for preventing man-in-the-middle attacks in software defined networks
CN112486626A (en) * 2016-08-30 2021-03-12 华为技术有限公司 Method and device for determining virtual machine migration
US10630743B2 (en) 2016-09-23 2020-04-21 Cisco Technology, Inc. Unicast media replication fabric using bit indexed explicit replication
CN106454500B (en) * 2016-10-31 2019-09-10 北京小米移动软件有限公司 The address distribution method and device of TV host
US10637675B2 (en) 2016-11-09 2020-04-28 Cisco Technology, Inc. Area-specific broadcasting using bit indexed explicit replication
US10826715B2 (en) 2016-12-02 2020-11-03 Datalogic Ip Tech S.R.L. Simple device replacement in a Profinet IO conformance class A (CCA) network through ubiquitous computing paradigm and combining a token ring approach with a ubicomp paradigm to prevent real-time performance drop
CN106878052B (en) * 2016-12-21 2020-04-03 新华三技术有限公司 User migration method and device
CN108234422B (en) * 2016-12-21 2020-03-06 新华三技术有限公司 Resource scheduling method and device
US20200036624A1 (en) 2017-01-31 2020-01-30 The Mode Group High performance software-defined core network
US10992568B2 (en) 2017-01-31 2021-04-27 Vmware, Inc. High performance software-defined core network
US10992558B1 (en) 2017-11-06 2021-04-27 Vmware, Inc. Method and apparatus for distributed data network traffic optimization
US20180219765A1 (en) 2017-01-31 2018-08-02 Waltz Networks Method and Apparatus for Network Traffic Control Optimization
US11121962B2 (en) 2017-01-31 2021-09-14 Vmware, Inc. High performance software-defined core network
US11706127B2 (en) 2017-01-31 2023-07-18 Vmware, Inc. High performance software-defined core network
US11252079B2 (en) 2017-01-31 2022-02-15 Vmware, Inc. High performance software-defined core network
US10778528B2 (en) 2017-02-11 2020-09-15 Nicira, Inc. Method and system of connecting to a multipath hub in a cluster
US10574528B2 (en) 2017-02-11 2020-02-25 Nicira, Inc. Network multi-source inbound quality of service methods and systems
US10447496B2 (en) 2017-03-30 2019-10-15 Cisco Technology, Inc. Multicast traffic steering using tree identity in bit indexed explicit replication (BIER)
US10516645B1 (en) 2017-04-27 2019-12-24 Pure Storage, Inc. Address resolution broadcasting in a networked device
US10164794B2 (en) 2017-04-28 2018-12-25 Cisco Technology, Inc. Bridging of non-capable subnetworks in bit indexed explicit replication
CN108809905A (en) * 2017-05-03 2018-11-13 湘潭大学 A kind of height of multiplex roles cooperation is handled up multi-channel MAC protocols
US11418460B2 (en) * 2017-05-15 2022-08-16 Consensii Llc Flow-zone switching
US10523539B2 (en) 2017-06-22 2019-12-31 Nicira, Inc. Method and system of resiliency in cloud-delivered SD-WAN
US10491476B2 (en) * 2017-08-22 2019-11-26 Cisco Technology, Inc. Extending a virtual local area network across a layer 2 data center interconnect
CN108632074B (en) * 2017-08-24 2020-10-02 新华三信息安全技术有限公司 Service configuration file issuing method and device
US11115480B2 (en) 2017-10-02 2021-09-07 Vmware, Inc. Layer four optimization for a virtual network defined over public cloud
US11102032B2 (en) * 2017-10-02 2021-08-24 Vmware, Inc. Routing data message flow through multiple public clouds
US10959098B2 (en) 2017-10-02 2021-03-23 Vmware, Inc. Dynamically specifying multiple public cloud edge nodes to connect to an external multi-computer node
US11089111B2 (en) 2017-10-02 2021-08-10 Vmware, Inc. Layer four optimization for a virtual network defined over public cloud
US10999100B2 (en) 2017-10-02 2021-05-04 Vmware, Inc. Identifying multiple nodes in a virtual network defined over a set of public clouds to connect to an external SAAS provider
US10999165B2 (en) 2017-10-02 2021-05-04 Vmware, Inc. Three tiers of SaaS providers for deploying compute and network infrastructure in the public cloud
US11223514B2 (en) 2017-11-09 2022-01-11 Nicira, Inc. Method and system of a dynamic high-availability mode based on current wide area network connectivity
CN107896249B (en) * 2017-11-16 2020-08-04 中国平安人寿保险股份有限公司 Cross-network area data access method, device, equipment and storage medium
CN108199960B (en) * 2018-02-11 2021-07-16 迈普通信技术股份有限公司 Multicast data message forwarding method, entrance routing bridge, exit routing bridge and system
US10904148B2 (en) 2018-03-12 2021-01-26 Nicira, Inc. Flow-based local egress in a multisite datacenter
CN108600106B (en) * 2018-04-28 2019-06-14 北京邮电大学 A kind of DEU data exchange unit and method of low time delay
CN109218198B (en) * 2018-10-09 2021-03-26 迈普通信技术股份有限公司 Data interaction method, device, MPLS network system and storage medium
CN109104700A (en) * 2018-10-10 2018-12-28 中国电子科技集团公司第七研究所 A kind of more mesh method of multicasting being suitable for narrowband wireless communication network
CN111182016B (en) * 2018-11-12 2022-12-27 中移(杭州)信息技术有限公司 PPPoE dialing message transmission method and device
CN109617716B (en) * 2018-11-30 2022-02-25 新华三技术有限公司合肥分公司 Data center exception handling method and device
CN109510751B (en) * 2018-12-19 2021-07-20 迈普通信技术股份有限公司 Message forwarding method and routing equipment
CN109600326B (en) * 2018-12-24 2021-11-19 华为技术有限公司 Method, node and system for forwarding data or message
CN111432252B (en) * 2019-01-09 2022-06-17 中央电视台 System, method and computer program product for security control of 4K video and audio streams
US11300936B2 (en) * 2019-03-26 2022-04-12 Lenovo (Singapore) Pte. Ltd. Extracting EtherCAT datagrams from an EtherCAT frame
US20220353199A1 (en) * 2019-05-23 2022-11-03 Hewlett Packard Enterprise Development Lp System and method for facilitating data-driven intelligent network with ingress port injection limits
CN110062064B (en) * 2019-05-30 2022-06-21 新华三信息安全技术有限公司 Address Resolution Protocol (ARP) request message response method and device
US10979300B2 (en) * 2019-06-20 2021-04-13 Kaloom Inc. Computing device and methods for synchronizing networking information with a topology server
US11018995B2 (en) 2019-08-27 2021-05-25 Vmware, Inc. Alleviating congestion in a virtual network deployed over public clouds for an entity
US11611507B2 (en) 2019-10-28 2023-03-21 Vmware, Inc. Managing forwarding elements at edge nodes connected to a virtual network
CN110912797B (en) * 2019-11-18 2021-12-24 新华三大数据技术有限公司 Method and device for forwarding broadcast message
US11537422B2 (en) * 2019-11-20 2022-12-27 Red Hat, Inc. Virtual machine migration downtime reduction using a multicast address
US11489783B2 (en) 2019-12-12 2022-11-01 Vmware, Inc. Performing deep packet inspection in a software defined wide area network
US11394640B2 (en) 2019-12-12 2022-07-19 Vmware, Inc. Collecting and analyzing data regarding flows associated with DPI parameters
CN111163187B (en) * 2019-12-31 2022-08-16 奇安信科技集团股份有限公司 MAC address generation method and device for virtual machine network port
CN111147382B (en) * 2019-12-31 2021-09-21 杭州迪普科技股份有限公司 Message forwarding method and device
US11438789B2 (en) 2020-01-24 2022-09-06 Vmware, Inc. Computing and using different path quality metrics for different service classes
CN111447295B (en) * 2020-02-29 2022-04-01 新华三信息安全技术有限公司 Hardware address negotiation method and device
CN111654560B (en) * 2020-06-02 2022-10-21 中电科航空电子有限公司 Physical address table management interaction method for airborne software and hardware stack switch
US11245641B2 (en) 2020-07-02 2022-02-08 Vmware, Inc. Methods and apparatus for application aware hub clustering techniques for a hyper scale SD-WAN
US11363124B2 (en) 2020-07-30 2022-06-14 Vmware, Inc. Zero copy socket splicing
CN111935334B (en) * 2020-08-14 2022-09-20 株洲市慧纳科技有限责任公司 Method, system, server and readable storage medium for intelligently allocating network addresses
CN112153169B (en) * 2020-08-24 2022-03-25 烽火通信科技股份有限公司 VMAC high-speed address learning method and electronic equipment
CN112073552B (en) * 2020-08-28 2022-03-11 烽火通信科技股份有限公司 ARP (Address resolution protocol) table item indexing method and system
CN114143257B (en) * 2020-09-03 2023-04-28 华为技术有限公司 Method for generating table entry, method for sending message, equipment and system
US11444865B2 (en) 2020-11-17 2022-09-13 Vmware, Inc. Autonomous distributed forwarding plane traceability based anomaly detection in application traffic for hyper-scale SD-WAN
US11575600B2 (en) 2020-11-24 2023-02-07 Vmware, Inc. Tunnel-less SD-WAN
CN114650196B (en) * 2020-12-17 2024-04-05 浙江宇视科技有限公司 VLAN interface data message forwarding method, device, equipment and storage medium
US11601356B2 (en) 2020-12-29 2023-03-07 Vmware, Inc. Emulating packet flows to assess network links for SD-WAN
CN112787938B (en) * 2021-01-14 2022-09-20 北京星网锐捷网络技术有限公司 Routing table item configuration method and device
CN116783874A (en) 2021-01-18 2023-09-19 Vm维尔股份有限公司 Network aware load balancing
CN113206792B (en) * 2021-03-11 2022-05-27 新华三信息安全技术有限公司 Message forwarding method and device
CN115134299A (en) * 2021-03-25 2022-09-30 华为技术有限公司 Communication method and device
US11509571B1 (en) 2021-05-03 2022-11-22 Vmware, Inc. Cost-based routing mesh for facilitating routing through an SD-WAN
US11729065B2 (en) 2021-05-06 2023-08-15 Vmware, Inc. Methods for application defined virtual network service among multiple transport in SD-WAN
US11489720B1 (en) 2021-06-18 2022-11-01 Vmware, Inc. Method and apparatus to evaluate resource elements and public clouds for deploying tenant deployable elements based on harvested performance metrics
US11375005B1 (en) 2021-07-24 2022-06-28 Vmware, Inc. High availability solutions for a secure access service edge application
CN113824654B (en) * 2021-09-28 2023-12-29 新华三信息安全技术有限公司 Message forwarding method and device
US11943146B2 (en) 2021-10-01 2024-03-26 VMware LLC Traffic prioritization in SD-WAN
CN114070790B (en) * 2021-11-15 2023-09-26 中国联合网络通信集团有限公司 Information forwarding method, PE, system, equipment and medium in VPLS equipment
US11909815B2 (en) 2022-06-06 2024-02-20 VMware LLC Routing based on geolocation costs
US11870695B1 (en) * 2022-12-16 2024-01-09 Microsoft Technology Licensing, Llc Virtual machine migration on hypervisor network
CN117640503A (en) * 2024-01-22 2024-03-01 北京天维信通科技股份有限公司 Flow optimization method and device integrating BRouter technology and intelligent path technology

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101521631A (en) * 2009-04-14 2009-09-02 华为技术有限公司 Treatment method, equipment and system for VPLS network messages
CN101626338A (en) * 2009-08-03 2010-01-13 杭州华三通信技术有限公司 Method and device for realizing multiple virtual private network (VPN) examples
WO2011118586A1 (en) * 2010-03-24 2011-09-29 日本電気株式会社 Communication system, control device, forwarding node, method for updating processing rules, and program
CN103227843A (en) * 2012-08-31 2013-07-31 杭州华三通信技术有限公司 Physical link address management method and device

Family Cites Families (35)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
FI112151B (en) 1999-12-23 2003-10-31 Nokia Corp Dissemination of a message
US7908338B2 (en) 2000-12-07 2011-03-15 Sony Corporation Content retrieval method and apparatus, communication system and communication method
EP1360820B1 (en) 2001-02-13 2009-09-23 Siemens Aktiengesellschaft Method and array for determining the virtual address of a terminal
AU2001258468B2 (en) 2001-05-07 2006-10-19 Core Wireless Licensing S.A.R.L. RLC/MAC Protocol
CN100334849C (en) 2003-07-31 2007-08-29 华为技术有限公司 Method for realizing address synchronization in independant virtual LAN learning mode
WO2007004921A1 (en) 2005-06-30 2007-01-11 Telefonaktiebolaget Lm Ericsson (Publ) Mapping an original mac address of a terminal to a unique locally administrated virtual mac address
CN100377537C (en) 2005-08-09 2008-03-26 华为技术有限公司 Message forming method
CN100499673C (en) 2005-10-21 2009-06-10 华为技术有限公司 Virtual terminal temporary media access control address dynamic altering method
US20070162594A1 (en) * 2006-01-12 2007-07-12 Microsoft Corporation Controlled disconnection of a network device
US7653038B2 (en) 2006-02-16 2010-01-26 Marvell World Trade Ltd. Dual MAC arbitration
CN100454901C (en) * 2006-02-17 2009-01-21 华为技术有限公司 ARP message processing method
US8144698B2 (en) * 2006-06-09 2012-03-27 Ericsson Ab Scalable data forwarding techniques in a switched network
CN101127696B (en) * 2006-08-15 2012-06-27 华为技术有限公司 Data forwarding method for layer 2 network and network and node devices
CN100563211C (en) * 2006-09-29 2009-11-25 华为技术有限公司 The implementation method of a kind of virtual gateway, virtual subnet and system
CN101170490B (en) 2006-10-24 2010-05-19 中兴通讯股份有限公司 Igmp message transmission method
CN101262417B (en) 2007-03-05 2010-09-01 中兴通讯股份有限公司 Device and method for saving MAC address of switching chip
CN100490411C (en) 2007-06-29 2009-05-20 华为技术有限公司 Method for studying MAC address and network element apparatus
EP2075959A1 (en) * 2007-12-27 2009-07-01 THOMSON Licensing Apparatus amd method for concurently accessing multiple wireless networks (WLAN/WPAN)
US10127059B2 (en) 2008-05-02 2018-11-13 Skytap Multitenant hosted virtual machine infrastructure
JP5083051B2 (en) * 2008-06-06 2012-11-28 富士通株式会社 Monitoring system, monitoring device, monitored device, and monitoring method
US7873711B2 (en) 2008-06-27 2011-01-18 International Business Machines Corporation Method, system and program product for managing assignment of MAC addresses in a virtual machine environment
US9014136B2 (en) 2008-10-13 2015-04-21 T-Mobile Usa, Inc. System and method to provide fast wide-area mobile IP handoffs
US8271775B2 (en) * 2008-12-17 2012-09-18 Cisco Technology, Inc. Layer two encryption for data center interconnectivity
US8966082B2 (en) 2009-02-10 2015-02-24 Novell, Inc. Virtual machine address management
US9817695B2 (en) * 2009-04-01 2017-11-14 Vmware, Inc. Method and system for migrating processes between virtual machines
US8224946B2 (en) 2009-04-24 2012-07-17 Rockstar Bidco, LP Method and apparatus for accommodating duplicate MAC addresses
CN101557341B (en) * 2009-05-14 2011-10-26 中兴通讯股份有限公司 Message forwarding method based on forwarding table of medium access control and system
CN101616094B (en) * 2009-08-10 2012-04-18 杭州华三通信技术有限公司 Method and equipment for acquiring message forwarding path
US8897303B2 (en) * 2010-06-29 2014-11-25 Futurewei Technologies, Inc. Delegate gateways and proxy for target hosts in large layer 2 and address resolution with duplicated internet protocol addresses
CN102404179B (en) * 2010-09-19 2014-10-29 杭州华三通信技术有限公司 Method and device for processing message
CN102025796B (en) 2010-11-23 2014-06-11 中兴通讯股份有限公司 MAC (media access control) address updating method and device
US8724629B1 (en) 2011-06-13 2014-05-13 Juniper Networks, Inc. E-tree service having extended shared VLAN learning across VPLS network
US9112787B2 (en) 2012-06-21 2015-08-18 Cisco Technology, Inc. First hop load balancing
US8806025B2 (en) 2012-06-25 2014-08-12 Advanced Micro Devices, Inc. Systems and methods for input/output virtualization
US9094459B2 (en) * 2012-07-16 2015-07-28 International Business Machines Corporation Flow based overlay network

Patent Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101521631A (en) * 2009-04-14 2009-09-02 华为技术有限公司 Treatment method, equipment and system for VPLS network messages
CN101626338A (en) * 2009-08-03 2010-01-13 杭州华三通信技术有限公司 Method and device for realizing multiple virtual private network (VPN) examples
WO2011118586A1 (en) * 2010-03-24 2011-09-29 日本電気株式会社 Communication system, control device, forwarding node, method for updating processing rules, and program
CN103227843A (en) * 2012-08-31 2013-07-31 杭州华三通信技术有限公司 Physical link address management method and device
CN103227757A (en) * 2012-08-31 2013-07-31 杭州华三通信技术有限公司 Message forwarding method and equipment
CN103259727A (en) * 2012-08-31 2013-08-21 杭州华三通信技术有限公司 Packet forwarding method and device

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
See also references of EP2891284A4 *

Also Published As

Publication number Publication date
EP2891304A4 (en) 2016-06-29
EP2891287A1 (en) 2015-07-08
EP2891304A1 (en) 2015-07-08
CN103227843B (en) 2016-05-04
CN103227843A (en) 2013-07-31
CN103227757A (en) 2013-07-31
US9397942B2 (en) 2016-07-19
US20150169351A1 (en) 2015-06-18
EP2891287A4 (en) 2016-04-20
US20150172190A1 (en) 2015-06-18
EP2891284A1 (en) 2015-07-08
US9397943B2 (en) 2016-07-19
WO2014032623A1 (en) 2014-03-06
US20150222543A1 (en) 2015-08-06
US9667541B2 (en) 2017-05-30
CN103259727A (en) 2013-08-21
WO2014032620A1 (en) 2014-03-06
EP2891284A4 (en) 2016-05-18
CN103259727B (en) 2016-12-28
CN103227757B (en) 2016-12-28

Similar Documents

Publication Publication Date Title
US9397942B2 (en) Packet forwarding
US11463279B2 (en) Method and apparatus for implementing a flexible virtual local area network
EP3533189B1 (en) Rule-based network identifier mapping
US9912612B2 (en) Extended ethernet fabric switches
CN106936777B (en) Cloud computing distributed network implementation method and system based on OpenFlow
EP3240250B1 (en) Virtual router terminating an overlay tunnel in a storage area network
CN105099848B (en) Network extension group
US10193707B2 (en) Packet transmission method and apparatus
WO2017099971A1 (en) Interconnection of switches based on hierarchical overlay tunneling
US8693478B2 (en) Multiple shortest-path tree protocol
EP2920926B1 (en) Virtual link aggregations across multiple fabric switches
EP3446512B1 (en) Dynamic multi-destination traffic management in a distributed tunnel endpoint
CN103746916A (en) Method and apparatus for improving forwarding strategy of SPBM network

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 13833309

Country of ref document: EP

Kind code of ref document: A1

WWE Wipo information: entry into national phase

Ref document number: 14405367

Country of ref document: US

REEP Request for entry into the european phase

Ref document number: 2013833309

Country of ref document: EP

WWE Wipo information: entry into national phase

Ref document number: 2013833309

Country of ref document: EP

NENP Non-entry into the national phase

Ref country code: DE