WO2014075527A1 - Method, device and system for performing redundancy backup among network virtualization edge devices - Google Patents

Method, device and system for performing redundancy backup among network virtualization edge devices Download PDF

Info

Publication number
WO2014075527A1
WO2014075527A1 PCT/CN2013/085263 CN2013085263W WO2014075527A1 WO 2014075527 A1 WO2014075527 A1 WO 2014075527A1 CN 2013085263 W CN2013085263 W CN 2013085263W WO 2014075527 A1 WO2014075527 A1 WO 2014075527A1
Authority
WO
WIPO (PCT)
Prior art keywords
network virtual
network
virtual border
address
directory server
Prior art date
Application number
PCT/CN2013/085263
Other languages
French (fr)
Chinese (zh)
Inventor
胡方伟
Original Assignee
中兴通讯股份有限公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 中兴通讯股份有限公司 filed Critical 中兴通讯股份有限公司
Publication of WO2014075527A1 publication Critical patent/WO2014075527A1/en

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/10Protocols in which an application is distributed across nodes in the network
    • H04L67/1001Protocols in which an application is distributed across nodes in the network for accessing one among a plurality of replicated servers
    • H04L67/1036Load balancing of requests to servers for services different from user content provisioning, e.g. load balancing across domain name servers
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/10Protocols in which an application is distributed across nodes in the network
    • H04L67/104Peer-to-peer [P2P] networks
    • H04L67/1044Group management mechanisms 

Definitions

  • the present invention relates to the field of communications technologies, and in particular, to a method, device, and system for performing redundancy backup between network virtual border (NVE) devices.
  • NVE network virtual border
  • the cloud computing data center network is very different from the traditional data center network.
  • the cloud computing data center network is first larger than the traditional data center network, so the traditional two-layer technology has scalability in the cloud computing data center network.
  • cloud computing will use a large number of virtualization technologies.
  • one server can virtualize multiple virtual machines, and each virtual machine is assigned a virtual media access control (MAC). Addresses, and because of the requirements for disaster recovery backups and traffic load balancing between data centers, virtual machines may migrate between one data center and even across data centers.
  • MAC virtual media access control
  • Figure 1 is a network structure diagram of a cloud computing data center network virtualization overlay network.
  • NVE is a network virtual boundary.
  • User data encapsulates the original data on the device or function block, and the encapsulated data depends on the intermediate overlay network.
  • Data transmission, on the NVE device you need to save the mapping relationship between the partial or global outer address and the inner address.
  • the overlay network can be superimposed with two layers (1 ⁇ 2 0 ⁇ 61" 1 ⁇ 3 ) on the three layers.
  • the inner layer encapsulates the packet as an Ethernet packet, and the inner layer packet address is the MAC address.
  • the outer layer is the network layer packet header, and the outer address is the IP address.
  • the user data is encapsulated between the outer network layer and the inner layer Ethernet layer (User Datagram Protocol, UDP).
  • UDP User Datagram Protocol
  • the header of the packet can also be encapsulated in the form of a TCP packet header.
  • the data is transmitted in the overlay network depending on the IP address for routing.
  • the implementation of the overlay network solves the scalability problem of the traditional Layer 2 data center network and implements Network interoperability across data centers, rapid migration of VMs, and more.
  • the reliable operation of NVE is very important for the reliability of the network. Based on the existing technology, it is not feasible to implement redundant backup between network virtual border devices, which is not conducive to the realization of cloud computing data center network.
  • the load is balanced, and if an NVE device fails, users accessing the NVE device will not be able to continue communicating with other terminals, which will affect system reliability and stability. Summary of the invention
  • the main purpose of the embodiments of the present invention is to provide a method, a device, and a system for performing redundancy backup between network virtual border devices, which can implement redundancy backup between network virtual border devices, thereby facilitating cloud computing data centers. Load balancing of the network, as well as improved system reliability and stability.
  • a method for performing redundancy backup between network virtual border devices where one or more network virtual border devices form a network virtual boundary redundancy group, and each network virtual boundary redundancy group corresponds to a group ID, and the method includes:
  • the directory server receives the message sent by the network virtual border device, where the message carries the address of the network virtual border device, the group ID, and the tenant information of the network virtual border device; the directory server according to the group ID, The information carried by the message is notified to other network virtual border devices in the network virtual boundary redundancy group to which the network virtual border device belongs.
  • the tenant information includes one or more of the following: a tenant ID, a tenant status.
  • the method further includes: configuring a virtual address for the network virtual border device, and the network virtual border device performs packet processing according to the virtual address.
  • the virtual address configured for the network virtual border device is: manually configured or automatically assigned by the directory server.
  • the registration message also carries the virtual address of the network virtual border device.
  • the virtual address is an anycast address.
  • the method also includes:
  • the changed tenant information is notified by the directory server to other network virtual border devices in the network virtual boundary redundancy group to which the network virtual border device belongs.
  • the group ID is a virtual address.
  • a directory server comprising: a receiving module and a notification module; wherein
  • the receiving module is configured to receive a message sent by the network virtual border device, where the message carries an address, a group ID, and tenant information of the network virtual border device;
  • the notification module is configured to notify, according to the group ID, the message carrying information to other network virtual border devices in the network virtual boundary redundancy group to which the network virtual border device belongs.
  • the directory server also includes a configuration module.
  • the configuration module is configured to configure a virtual address for the network virtual border device.
  • the receiving module is further configured to receive the changed tenant information sent by the network virtual border device;
  • the notification module is further configured to notify the changed tenant information to other network virtual border devices in the network virtual boundary redundancy group to which the network virtual border device belongs.
  • a network virtual border device including a sending module and a receiving module, where the sending module is configured to send a message to a directory server, where the message carries an address, a group ID, and the network virtual boundary of the network virtual border device Tenant information of the device;
  • the receiving module is configured to receive information about other network virtual border devices notified by the directory server.
  • the network virtual border device further includes a message processing module, where
  • the packet processing module is configured to perform packet processing according to the configured virtual address.
  • the sending module is further configured to send a change to the directory server when the tenant information changes. After-time tenant information;
  • the receiving module is further configured to receive the changed tenant information of other network virtual border devices notified by the directory server.
  • a system for performing redundancy backup between network virtual border devices comprising a directory server and one or more network virtual border devices; wherein the directory server is the directory server; the network virtual border device is the network virtual border device .
  • one or more network virtual border devices form a network virtual boundary redundancy group, and each network virtual boundary redundancy group corresponds to a group ID
  • the directory server receives the message sent by the network virtual border device, where the message carries the address of the network virtual border device, the group ID, and the tenant information of the network virtual border device; the directory server according to the group ID
  • the information carried in the message is notified to other network virtual border devices in the network virtual boundary redundancy group to which the network virtual border device belongs.
  • Figure 1 is a network structure diagram of a cloud computing data center network virtualization overlay network
  • FIG. 2 is a schematic flowchart of a method for performing redundancy backup between network virtual border devices according to an embodiment of the present invention
  • FIG. 3 is a schematic structural diagram of a directory server according to an embodiment of the present invention.
  • FIG. 4 is a schematic structural diagram of a network virtual border device according to an embodiment of the present invention.
  • FIG. 5 is a schematic diagram of a network structure of network virtual border protection according to Embodiment 1 of the present invention
  • FIG. 6 is a schematic diagram of a network structure of network virtual border protection according to Embodiment 2 of the present invention.
  • one or more network virtual border devices form a network virtual boundary redundancy group, each network virtual boundary redundancy group corresponds to a group ID, and the directory server receives the message sent by the network virtual border device.
  • the message carries the address of the network virtual border device, the group ID, and the tenant information of the network virtual border device.
  • the directory server notifies the network virtual information according to the group ID.
  • Other network virtual border devices in the network virtual boundary redundancy group to which the border device belongs are examples of the network virtual border devices.
  • the embodiment of the invention provides a method for performing redundancy backup between network virtual border devices. As shown in FIG. 2, the method includes:
  • Step 201 The directory server receives a message sent by the network virtual border device, where the message carries the address of the network virtual border device, the group ID, and the tenant information of the network virtual border device.
  • a network virtual boundary redundancy group needs to be set, and each network virtual boundary redundancy group includes one or more network virtual border devices, and each network virtual boundary redundancy group corresponds to one group ID.
  • a virtual address is assigned to the network virtual border redundancy group to identify the network virtual border redundancy group.
  • the network virtual border device in the network virtual boundary redundancy group performs the message processing according to the virtual address. It should be noted that the virtual address and the group ID can also be unified, that is, the virtual network address distinguishes different network virtual boundary redundancy groups.
  • the virtual address configured for the network virtual border device is: manually configured or automatically allocated by the directory server.
  • the message further carries a virtual address of the network virtual border device.
  • the virtual address may be anycast IP address (anycast address) or other globally unique IP address.
  • the tenant information includes one or more of the following: a tenant ID, a tenant status.
  • the method further includes: when the tenant information of the network virtual border device changes, notifying, by the directory server, the changed tenant information to other network virtual boundaries in the network virtual boundary redundancy group to which the network virtual border device belongs device.
  • members in the network virtual boundary redundancy group synchronize the user information in the network virtual border device group by using information exchange with the directory server, for example, when members in the group find new user address information (tenants) ID), the directory server is used to realize the notification of the user address to other members in the group, and the information sharing of the user address information in the network virtual boundary redundancy group is realized.
  • the directory server is used to realize the notification of the user address to other members in the group, and the information sharing of the user address information in the network virtual boundary redundancy group is realized.
  • the embodiment of the present invention further provides a directory server.
  • the directory server includes: a receiving module and a notification module;
  • the receiving module is configured to receive a message sent by the network virtual border device, where the message carries an address, a group ID, and tenant information of the network virtual border device;
  • the notification module is configured to notify, according to the group ID, the information carried by the message to other network virtual border devices in the network virtual boundary redundancy group to which the network virtual border device belongs.
  • the directory server further includes a configuration module.
  • the configuration module is configured to configure a virtual address for the network virtual border device.
  • the receiving module is further configured to receive the changed tenant information sent by the network virtual border device;
  • the notification module is further configured to notify the changed tenant information to other network virtual border devices in the network virtual boundary redundancy group to which the network virtual border device belongs.
  • the receiving module and the notification module may be implemented by hardware having a communication function in the directory server; the configuration module may be a central processor in the directory server.
  • CPU Central Processing Unit
  • MPU Micro Processing Unit
  • DSP digital signal processor
  • FPGA Field-Programmable Gate Array
  • the embodiment of the present invention further provides a network virtual border device.
  • the network virtual border device includes a sending module and a receiving module.
  • the sending module is configured to send a message to the directory server, where the message carries an address, a group ID, and tenant information of the network virtual border device of the network virtual border device;
  • the receiving module is configured to receive information about other network virtual border devices in the network virtual boundary redundancy group of the network virtual border device that is notified by the directory server.
  • the network virtual border device further includes a packet processing module, where
  • the packet processing module is configured to perform packet processing according to the configured virtual address.
  • the sending module is further configured to send the changed tenant information to the directory server when the tenant information changes;
  • the receiving module is further configured to receive the tenant information of the other network virtual border device in the network virtual boundary redundancy group to which the network virtual border device belongs, which is notified by the directory server.
  • the sending module and the notification module may be implemented by hardware having a communication function in the directory server; the message processing module may be configured by a central processing unit (CPU) in the directory server.
  • CPU central processing unit
  • Processor MPU, Micro Processing Unit
  • DSP Digital Signal Processor
  • FPGA Field-Programmable Gate Array
  • the embodiment of the present invention further provides a system for performing redundancy backup between network virtual border devices, where the system includes a directory server and one or more network virtual border devices;
  • the directory server is the above directory server;
  • the network virtual border device is the network virtual border device described above.
  • Example 1 The technical solutions of the embodiments of the present invention are further described in detail below through specific embodiments.
  • Example 1 The technical solutions of the embodiments of the present invention are further described in detail below through specific embodiments.
  • FIG. 5 is a schematic diagram of a network structure of a network virtual border protection according to Embodiment 1 of the present invention.
  • a directory server stores a mapping relationship between a network MAC address and an IP address.
  • NVE1 and NVE2 form a network virtual boundary redundancy group to implement active-active load balancing. That is, the information sent by VM1 can be encapsulated by the NVE1 device or encapsulated by the NVE2 device. This network design can improve the reliability of network virtual border devices.
  • the network virtual border member devices NVE1 and NVE2 both send their own address information and status information to the directory server.
  • the directory server After receiving the address information and status information advertised by the member, the directory server advertises to other members in the group to implement the user address. Synchronization and sharing of information within a network virtual boundary redundancy group.
  • RT1 When NVE1 fails, RT1 quickly switches traffic to the virtual boundary member NVE2 through fast reroute (FRR). Because the address encapsulated by the packet is the virtual address of the group, NVE2 can superimpose the packet. Decapsulation is performed and sent to the intended user.
  • FRR fast reroute
  • the network virtual boundary redundancy group is constructed according to the link of the access side network device.
  • different VMs access the NVE through the same uplink, they can be built in the same virtual group, but for different VMs.
  • different virtual groups need to be constructed to implement separate protection for different links.
  • FIG. 6 is a schematic diagram of a network structure of a network virtual border protection according to Embodiment 2 of the present invention.
  • the NVE1 learns a new user MAC address, including the MAC address of the terminal attached to the local end and the MAC address information of the remote end, Register the address information with the directory server.
  • Directory service After receiving the registration information, the device needs to send the registration information to other devices in the virtual border redundancy group of the network to implement information sharing of the user address information in the network virtual boundary redundancy group.
  • data traffic can be switched quickly.
  • the process of automatically allocating virtual addresses includes:
  • NVE1 and NVE2 are the same network virtual boundary redundancy group.
  • the NVE1 registration message is sent to the Directory server.
  • the registration message includes the NVE1 address information and status information. For example, the IP address, group, and tenant ID of the NVE1. If the virtual address of the network virtual boundary redundancy group is manually assigned, the registration information also needs to include the virtual address information.
  • NVE2 does the same thing;
  • the Directory server For the automatic allocation mode, the Directory server generates a virtual address for the network virtual boundary redundancy group
  • the directory server encapsulates the virtual address in the reply packet and sends it to each network virtual boundary redundancy group member.
  • the virtual address will be flooded and advertised through the routing protocol in the network.
  • each virtual boundary of the network advertises and floods the virtual address as a common routing address in the network.
  • a specific implementation method for performing network virtual boundary protection includes:
  • the data packet sent by the VM1 can be sent to the NVE1 or the NVE2.
  • the load balancing of the local data is achieved, and the terminal of the remote VM1 is solved.
  • NVE1 and NVE2 are the same network virtual boundary redundancy group. The user MAC address sharing between NVE1 and NVE2 is realized by registering with the directory server, and IP FRR is configured on Router 1. Assume that NVE1 is faulty.
  • Router 1 For the data sent by the remote data, Router 1 quickly switches the data traffic from NVE1 to NVE2 through the FRR technology. Since the destination address of the encapsulated overlay network packet is a virtual address, NVE2 can be directly decapsulated. The message, and NVE2 has saved the user address information on all NVE1s, and NVE2 can quickly forward the decapsulated message to the destination user.

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Physics & Mathematics (AREA)
  • Computing Systems (AREA)
  • Mathematical Physics (AREA)
  • Theoretical Computer Science (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)

Abstract

Provided are a method, system and content server for performing redundancy backup among network virtualization edge devices, and a network virtualization edge device. The system comprises one or more network virtualization edge redundancy groups of the network virtualization edge device. The method comprises: a content server receiving a registration message sent by the network virtualization edge device, the registration message carrying an inner layer address, an outer layer address, and a group ID of the network virtualization edge device and tenant information about the network virtualization edge device; and the content server notifying other network virtualization edge devices in the network virtualization edge redundancy group to which the network virtualization edge device belongs, of the information carried in the registration message according to the group ID. The system can achieve the performance of redundancy backup among network virtualization edge devices, thereby being beneficial to the load balance of a cloud computing data centre network, and improving the system reliability and stability.

Description

网络虚拟边界设备间进行冗余备汾的方法、 设备及系统 技术领域  Method, device and system for redundant backup between network virtual border devices
本发明涉及通信技术领域, 尤其涉及一种网络虚拟边界( NVE )设备 间进行冗余备份的方法、 设备及系统。 背景技术  The present invention relates to the field of communications technologies, and in particular, to a method, device, and system for performing redundancy backup between network virtual border (NVE) devices. Background technique
云计算数据中心网络跟传统的数据中心网络有很大的不同, 云计算数 据中心网络首先是规模比传统的数据中心网络要大, 所以传统的二层技术 在云计算数据中心网络中存在扩展性问题, 另外, 云计算会大量使用虛拟 化技术, 对于云计算数据中心, 一台服务器可以虚拟化出多个虚拟机, 每 个虚拟机都分配有虚拟媒体接入控制( Media Access Control, MAC )地址, 而且, 由于数据中心之间的容灾备份、 流量的负载平衡等要求, 虚拟机可 能会在一个数据中心甚至跨数据中心之间进行迁移。  The cloud computing data center network is very different from the traditional data center network. The cloud computing data center network is first larger than the traditional data center network, so the traditional two-layer technology has scalability in the cloud computing data center network. In addition, cloud computing will use a large number of virtualization technologies. For a cloud computing data center, one server can virtualize multiple virtual machines, and each virtual machine is assigned a virtual media access control (MAC). Addresses, and because of the requirements for disaster recovery backups and traffic load balancing between data centers, virtual machines may migrate between one data center and even across data centers.
图 1为云计算数据中心网络虚拟化叠加网网络结构图, 图中 NVE为网 络虚拟边界, 用户数据在该设备或者功能块上对原始数据进行封装, 封装 好的数据依赖于中间的叠加网络进行数据传输, NVE设备上需要保存部分 或者全局外层地址和内层地址的映射关系。 例如, 叠加网络可以采用三层 上叠加二层(1^^ 2 0¥61" 1^^3 )的方式,内层的封装报文为以太网报文, 内层的报文地址为 MAC地址, 外层为网络层报文头, 外层的地址为 IP地 址, 为了实现协议栈的识別, 在外层网络层与内层以太网层之间封装用户 数据 4艮协议 ( User Datagram Protocol, UDP )报文头, 也可以封装类 TCP 报文头等形式。 数据在叠加网络中传输依赖于 IP地址进行路由。 这种叠加 网络的实现解决了传统二层数据中心网络的扩展性问题, 以及实现了跨数 据中心的网络互通、 VM的快速迁移等。 这种网络的结构设计中, NVE的可靠运行对于网络的可靠性有着非常 重要的意义, 基于现有技术, 由于无法实现网络虚拟边界设备间进行冗余 备份,从而不利于实现云计算数据中心网络的负荷均衡,并且,如果某 NVE 设备出现故障, 那么通过该 NVE设备接入的用户将无法继续跟其它终端进 行通信, 从而会影响系统可靠性和稳定性。 发明内容 Figure 1 is a network structure diagram of a cloud computing data center network virtualization overlay network. In the figure, NVE is a network virtual boundary. User data encapsulates the original data on the device or function block, and the encapsulated data depends on the intermediate overlay network. Data transmission, on the NVE device, you need to save the mapping relationship between the partial or global outer address and the inner address. For example, the overlay network can be superimposed with two layers (1^^ 2 0¥61" 1^^3 ) on the three layers. The inner layer encapsulates the packet as an Ethernet packet, and the inner layer packet address is the MAC address. The outer layer is the network layer packet header, and the outer address is the IP address. In order to realize the identification of the protocol stack, the user data is encapsulated between the outer network layer and the inner layer Ethernet layer (User Datagram Protocol, UDP). The header of the packet can also be encapsulated in the form of a TCP packet header. The data is transmitted in the overlay network depending on the IP address for routing. The implementation of the overlay network solves the scalability problem of the traditional Layer 2 data center network and implements Network interoperability across data centers, rapid migration of VMs, and more. In the structural design of this network, the reliable operation of NVE is very important for the reliability of the network. Based on the existing technology, it is not feasible to implement redundant backup between network virtual border devices, which is not conducive to the realization of cloud computing data center network. The load is balanced, and if an NVE device fails, users accessing the NVE device will not be able to continue communicating with other terminals, which will affect system reliability and stability. Summary of the invention
有鉴于此, 本发明实施例的主要目的在于提供一种网络虚拟边界设备 间进行冗余备份的方法、 设备及系统, 能够实现网络虚拟边界设备间进行 冗余备份, 从而有利于云计算数据中心网络的负荷均衡, 以及系统可靠性 和稳定性的提高。  In view of this, the main purpose of the embodiments of the present invention is to provide a method, a device, and a system for performing redundancy backup between network virtual border devices, which can implement redundancy backup between network virtual border devices, thereby facilitating cloud computing data centers. Load balancing of the network, as well as improved system reliability and stability.
为达到上述目的, 本发明实施例的技术方案是这样实现的:  To achieve the above objective, the technical solution of the embodiment of the present invention is implemented as follows:
一种网络虚拟边界设备间进行冗余备份的方法, 一个或者一个以上的 网络虚拟边界设备组成一个网络虚拟边界冗余组, 每个网络虚拟边界冗余 组对应一个组 ID, 该方法包括:  A method for performing redundancy backup between network virtual border devices, where one or more network virtual border devices form a network virtual boundary redundancy group, and each network virtual boundary redundancy group corresponds to a group ID, and the method includes:
目录服务器接收网络虚拟边界设备发送的消息, 所述消息携带所述网 络虛拟边界设备的地址、 组 ID和所述网络虛拟边界设备的租户信息; 所述目录服务器根据所述组 ID , 将所述消息携带的信息通知给所述网 络虚拟边界设备所属网络虚拟边界冗余组中的其他网络虚拟边界设备。  The directory server receives the message sent by the network virtual border device, where the message carries the address of the network virtual border device, the group ID, and the tenant information of the network virtual border device; the directory server according to the group ID, The information carried by the message is notified to other network virtual border devices in the network virtual boundary redundancy group to which the network virtual border device belongs.
所述租户信息包括以下一项或多项: 租户 ID、 租户状态。  The tenant information includes one or more of the following: a tenant ID, a tenant status.
该方法还包括: 为网络虚拟边界设备配置虚拟地址, 网络虚拟边界设 备根据所述虛拟地址进行报文处理。  The method further includes: configuring a virtual address for the network virtual border device, and the network virtual border device performs packet processing according to the virtual address.
所述为网络虚拟边界设备配置虚拟地址为: 手动配置或由目录服务器 自动分配。  The virtual address configured for the network virtual border device is: manually configured or automatically assigned by the directory server.
手动配置虚拟地址的场景下, 所述注册消息还携带所述网络虚拟边界 设备的虚拟地址。 所述虛拟地址为任播地址。 In the scenario of manually configuring a virtual address, the registration message also carries the virtual address of the network virtual border device. The virtual address is an anycast address.
该方法还包括:  The method also includes:
网络虚拟边界设备的租户信息发生变化时, 通过目录服务器将变化后 的租户信息通知给所述网络虚拟边界设备所属网络虚拟边界冗余组中的其 他网络虚拟边界设备。  When the tenant information of the network virtual border device changes, the changed tenant information is notified by the directory server to other network virtual border devices in the network virtual boundary redundancy group to which the network virtual border device belongs.
组 ID为虛拟地址。  The group ID is a virtual address.
一种目录服务器, 包括: 接收模块和通知模块; 其中,  A directory server, comprising: a receiving module and a notification module; wherein
所述接收模块, 用于接收网络虚拟边界设备发送的消息, 所述消息携 带所述网络虛拟边界设备的地址、 组 ID和所述网络虛拟边界设备的租户信 息;  The receiving module is configured to receive a message sent by the network virtual border device, where the message carries an address, a group ID, and tenant information of the network virtual border device;
所述通知模块, 用于根据所述组 ID, 将所述消息携带信息通知给所述 网络虚拟边界设备所属网络虚拟边界冗余组中的其他网络虚拟边界设备。  The notification module is configured to notify, according to the group ID, the message carrying information to other network virtual border devices in the network virtual boundary redundancy group to which the network virtual border device belongs.
该目录服务器还包括配置模块,  The directory server also includes a configuration module.
所述配置模块, 用于为网络虚拟边界设备配置虚拟地址。  The configuration module is configured to configure a virtual address for the network virtual border device.
所述接收模块, 还用于接收网络虚拟边界设备发送的变化后的租户信 息;  The receiving module is further configured to receive the changed tenant information sent by the network virtual border device;
所述通知模块, 还用于将所述变化后的租户信息通知给所述网络虚拟 边界设备所属网络虚拟边界冗余组中的其他网络虚拟边界设备。  The notification module is further configured to notify the changed tenant information to other network virtual border devices in the network virtual boundary redundancy group to which the network virtual border device belongs.
一种网络虚拟边界设备, 包括发送模块、 接收模块; 其中, 所述发送模块, 用于向目录服务器发送消息, 所述消息携带所述网络 虛拟边界设备的地址、 组 ID和所述网络虚拟边界设备的租户信息;  A network virtual border device, including a sending module and a receiving module, where the sending module is configured to send a message to a directory server, where the message carries an address, a group ID, and the network virtual boundary of the network virtual border device Tenant information of the device;
所述接收模块, 用于接收目录服务器通知的其他网络虚拟边界设备的 信息。  The receiving module is configured to receive information about other network virtual border devices notified by the directory server.
该网络虚拟边界设备还包括报文处理模块; 其中,  The network virtual border device further includes a message processing module, where
所述报文处理模块, 用于根据配置的虚拟地址进行报文处理。  The packet processing module is configured to perform packet processing according to the configured virtual address.
所述发送模块, 还用于在租户信息发生变化时, 向目录服务器发送变 化后的租户信息; The sending module is further configured to send a change to the directory server when the tenant information changes. After-time tenant information;
所述接收模块, 还用于接收目录服务器通知的其他网络虚拟边界设备 变化后的租户信息。  The receiving module is further configured to receive the changed tenant information of other network virtual border devices notified by the directory server.
一种网络虚拟边界设备间进行冗余备份的系统, 包括目录服务器和一 个以上网络虚拟边界设备; 其中, 所述目录服务器为上述的目录服务器; 所述网络虛拟边界设备为上述的网络虛拟边界设备。  A system for performing redundancy backup between network virtual border devices, comprising a directory server and one or more network virtual border devices; wherein the directory server is the directory server; the network virtual border device is the network virtual border device .
本发明实施例网络虚拟边界设备间进行冗余备份的方法、 设备及系统, 一个或者一个以上的网络虚拟边界设备组成一个网络虚拟边界冗余组, 每 个网络虛拟边界冗余组对应一个组 ID, 目录服务器接收网络虛拟边界设备 发送的消息, 所述消息携带所述网络虚拟边界设备的地址、 组 ID和所述网 络虚拟边界设备的租户信息; 所述目录服务器根据所述组 ID, 将所述消息 携带的信息通知给所述网络虚拟边界设备所属网络虚拟边界冗余组中的其 他网络虚拟边界设备。 通过本发明所述的方案, 能够实现网络虚拟边界设 备间进行冗余备份, 从而有利于云计算数据中心网络的负荷均衡, 以及系 统可靠性和稳定性的提高。 附图说明  The method, device and system for performing redundancy backup between network virtual border devices in the embodiment of the present invention, one or more network virtual border devices form a network virtual boundary redundancy group, and each network virtual boundary redundancy group corresponds to a group ID The directory server receives the message sent by the network virtual border device, where the message carries the address of the network virtual border device, the group ID, and the tenant information of the network virtual border device; the directory server according to the group ID The information carried in the message is notified to other network virtual border devices in the network virtual boundary redundancy group to which the network virtual border device belongs. Through the solution of the invention, redundancy backup between network virtual border devices can be realized, thereby facilitating load balancing of the cloud computing data center network, and improving system reliability and stability. DRAWINGS
图 1为云计算数据中心网络虚拟化叠加网网络结构图;  Figure 1 is a network structure diagram of a cloud computing data center network virtualization overlay network;
图 2为本发明实施例一种网络虚拟边界设备间进行冗余备份的方法流 程示意图;  2 is a schematic flowchart of a method for performing redundancy backup between network virtual border devices according to an embodiment of the present invention;
图 3为本发明实施例一种目录服务器的结构示意图;  3 is a schematic structural diagram of a directory server according to an embodiment of the present invention;
图 4为本发明实施例一种网络虚拟边界设备的结构示意图;  4 is a schematic structural diagram of a network virtual border device according to an embodiment of the present invention;
图 5为本发明实施例 1中网络虚拟边界保护的网络结构示意图; 图 6为本发明实施例 2中网络虚拟边界保护的网络结构示意图。 具体实施方式 FIG. 5 is a schematic diagram of a network structure of network virtual border protection according to Embodiment 1 of the present invention; FIG. 6 is a schematic diagram of a network structure of network virtual border protection according to Embodiment 2 of the present invention. detailed description
本发明实施例的基本思想是: 一个或者一个以上的网络虚拟边界设备 组成一个网络虛拟边界冗余组, 每个网络虛拟边界冗余组对应一个组 ID, 目录服务器接收网络虚拟边界设备发送的消息, 所述消息携带所述网络虚 拟边界设备的地址、 组 ID和所述网络虚拟边界设备的租户信息; 所述目录 服务器根据所述组 ID, 将所述消息携带的信息通知给所述网络虚拟边界设 备所属网络虚拟边界冗余组中的其他网络虚拟边界设备。  The basic idea of the embodiment of the present invention is: one or more network virtual border devices form a network virtual boundary redundancy group, each network virtual boundary redundancy group corresponds to a group ID, and the directory server receives the message sent by the network virtual border device. The message carries the address of the network virtual border device, the group ID, and the tenant information of the network virtual border device. The directory server notifies the network virtual information according to the group ID. Other network virtual border devices in the network virtual boundary redundancy group to which the border device belongs.
本发明实施例提出了一种网络虚拟边界设备间进行冗余备份的方法, 如图 2所示, 该方法包括:  The embodiment of the invention provides a method for performing redundancy backup between network virtual border devices. As shown in FIG. 2, the method includes:
步驟 201: 目录服务器接收网络虛拟边界设备发送的消息, 所述消息携 带所述网络虚拟边界设备的地址、 组 ID和所述网络虚拟边界设备的租户信 息。  Step 201: The directory server receives a message sent by the network virtual border device, where the message carries the address of the network virtual border device, the group ID, and the tenant information of the network virtual border device.
为了实现本发明, 需要设置网络虛拟边界冗余组, 每个网络虚拟边界 冗余组中包括一个或一个以上网络虚拟边界设备, 每个网络虚拟边界冗余 组对应一个组 ID。  In order to implement the present invention, a network virtual boundary redundancy group needs to be set, and each network virtual boundary redundancy group includes one or more network virtual border devices, and each network virtual boundary redundancy group corresponds to one group ID.
另外, 为该网络虚拟边界冗余组分配一个虚拟地址标识该网络虚拟边 界冗余组, 相应的, 网络虚拟边界冗余组中的网络虚拟边界设备才 据所述 虚拟地址进行艮文处理。 需要说明的是, 虚拟地址和组 ID也可以统一, 即 以虚拟地址区分不同的网络虚拟边界冗余组。  In addition, a virtual address is assigned to the network virtual border redundancy group to identify the network virtual border redundancy group. Correspondingly, the network virtual border device in the network virtual boundary redundancy group performs the message processing according to the virtual address. It should be noted that the virtual address and the group ID can also be unified, that is, the virtual network address distinguishes different network virtual boundary redundancy groups.
这里, 所述为网络虛拟边界设备配置虛拟地址为: 手动配置或由目录 服务器自动分配。  Here, the virtual address configured for the network virtual border device is: manually configured or automatically allocated by the directory server.
手动配置虚拟地址的场景下, 所述消息还携带所述网络虚拟边界设备 的虚拟地址。  In the scenario of manually configuring a virtual address, the message further carries a virtual address of the network virtual border device.
所述虚拟地址可以为 anycast IP地址(任播地址), 也可以为其他全局 唯一 IP地址。 可选的, 所述租户信息包括以下一项或多项: 租户 ID、 租户状态。 步骤 202: 所述目录服务器根据所述组 ID, 将所述消息携带的信息通 知给所述网络虚拟边界设备所属网络虚拟边界冗余组中的其他网络虚拟边 界设备。 The virtual address may be anycast IP address (anycast address) or other globally unique IP address. Optionally, the tenant information includes one or more of the following: a tenant ID, a tenant status. Step 202: The directory server notifies the information carried by the message to other network virtual border devices in the network virtual boundary redundancy group to which the network virtual border device belongs according to the group ID.
可选的, 该方法还包括: 网络虚拟边界设备的租户信息发生变化时, 通过目录服务器将变化后的租户信息通知给所述网络虛拟边界设备所属网 络虚拟边界冗余组中的其他网络虚拟边界设备。  Optionally, the method further includes: when the tenant information of the network virtual border device changes, notifying, by the directory server, the changed tenant information to other network virtual boundaries in the network virtual boundary redundancy group to which the network virtual border device belongs device.
本发明实施例中, 网络虚拟边界冗余组内成员通过与目录服务器之间 的信息交换实现网络虛拟边界设备组内用户信息的同步, 例如, 当组内成 员发现有新的用户地址信息 (租户 ID ) 时, 通过目录服务器实现该用户地 址向组内其他成员的通告, 实现用户地址信息在网络虚拟边界冗余组中的 信息共享。 这样, 当虛拟边界組中某成员出现故障时, 由于组内其它成员 已经保存了用户地址和状态信息, 流量可以快速切换到组内其他成员, 从 而有利于云计算数据中心网络的负荷均衡, 以及系统可靠性和稳定性的提 高。  In the embodiment of the present invention, members in the network virtual boundary redundancy group synchronize the user information in the network virtual border device group by using information exchange with the directory server, for example, when members in the group find new user address information (tenants) ID), the directory server is used to realize the notification of the user address to other members in the group, and the information sharing of the user address information in the network virtual boundary redundancy group is realized. In this way, when a member of the virtual boundary group fails, because other members in the group have saved the user address and status information, the traffic can be quickly switched to other members in the group, thereby facilitating load balancing of the cloud computing data center network, and Increased system reliability and stability.
本发明实施例还相应地提出了一种目录服务器, 如图 3 所示, 该目录 服务器包括: 接收模块和通知模块; 其中,  The embodiment of the present invention further provides a directory server. As shown in FIG. 3, the directory server includes: a receiving module and a notification module;
所述接收模块, 用于接收网络虛拟边界设备发送的消息, 所述消息携 带所述网络虚拟边界设备的地址、 组 ID和所述网络虚拟边界设备的租户信 息;  The receiving module is configured to receive a message sent by the network virtual border device, where the message carries an address, a group ID, and tenant information of the network virtual border device;
所述通知模块, 用于根据所述组 ID, 将所述消息携带的信息通知给所 述网络虚拟边界设备所属网络虚拟边界冗余组中的其他网络虚拟边界设备。  The notification module is configured to notify, according to the group ID, the information carried by the message to other network virtual border devices in the network virtual boundary redundancy group to which the network virtual border device belongs.
可选的, 该目录服务器还包括配置模块,  Optionally, the directory server further includes a configuration module.
所述配置模块, 用于为网络虚拟边界设备配置虚拟地址。  The configuration module is configured to configure a virtual address for the network virtual border device.
可选的, 所述接收模块, 还用于接收网络虚拟边界设备发送的变化后 的租户信息; 所述通知模块, 还用于将所述变化后的租户信息通知给所述网络虛拟 边界设备所属网絡虚拟边界冗余组中的其他网络虚拟边界设备。 Optionally, the receiving module is further configured to receive the changed tenant information sent by the network virtual border device; The notification module is further configured to notify the changed tenant information to other network virtual border devices in the network virtual boundary redundancy group to which the network virtual border device belongs.
另外, 所述接收模块和所述通知模块均可由所述目录服务器中具备通 信功能的硬件来实现; 所述配置模块可由所述目录服务器中的中央处理器 In addition, the receiving module and the notification module may be implemented by hardware having a communication function in the directory server; the configuration module may be a central processor in the directory server.
( CPU, Central Processing Unit )、 处理器( MPU, Micro Processing Unit ), 数字信号处理器( DSP, Digital Signal Processor )或可编程逻辑阵列( FPGA, Field - Programmable Gate Array ) 实现。 (CPU, Central Processing Unit), processor (MPU, Micro Processing Unit), digital signal processor (DSP), or Field-Programmable Gate Array (FPGA).
本发明实施例还相应地提出了一种网络虚拟边界设备, 如图 4所示, 该网络虛拟边界设备包括发送模块、 接收模块; 其中,  The embodiment of the present invention further provides a network virtual border device. As shown in FIG. 4, the network virtual border device includes a sending module and a receiving module.
所述发送模块, 用于向目录服务器发送消息, 所述消息携带所述网络 虛拟边界设备的地址、 组 ID和所述网络虛拟边界设备的租户信息;  The sending module is configured to send a message to the directory server, where the message carries an address, a group ID, and tenant information of the network virtual border device of the network virtual border device;
所述接收模块, 用于接收目录服务器通知的所述网络虚拟边界设备所 属网络虚拟边界冗余组中的其他网络虚拟边界设备的信息。  And the receiving module is configured to receive information about other network virtual border devices in the network virtual boundary redundancy group of the network virtual border device that is notified by the directory server.
可选的, 该网络虚拟边界设备还包括报文处理模块; 其中,  Optionally, the network virtual border device further includes a packet processing module, where
所述报文处理模块, 用于根据配置的虚拟地址进行报文处理。  The packet processing module is configured to perform packet processing according to the configured virtual address.
可选的, 所述发送模块, 还用于在租户信息发生变化时, 向目录服务 器发送变化后的租户信息;  Optionally, the sending module is further configured to send the changed tenant information to the directory server when the tenant information changes;
所述接收模块, 还用于接收目录服务器通知的所述网络虚拟边界设备 所属网络虚拟边界冗余组中的其他网络虚拟边界设备变化后的租户信息。  The receiving module is further configured to receive the tenant information of the other network virtual border device in the network virtual boundary redundancy group to which the network virtual border device belongs, which is notified by the directory server.
另外, 所述发送模块和所述通知模块均可由所述目录服务器中具备通 信功能的硬件来实现; 所述报文处理模块可由所述目录服务器中的中央处 理器( CPU, Central Processing Unit )、敫处理器( MPU, Micro Processing Unit )、 数字信号处理器( DSP, Digital Signal Processor )或可编程逻辑阵列( FPGA, Field - Programmable Gate Array ) 实现。  In addition, the sending module and the notification module may be implemented by hardware having a communication function in the directory server; the message processing module may be configured by a central processing unit (CPU) in the directory server.敫 Processor (MPU, Micro Processing Unit), Digital Signal Processor (DSP) or Field-Programmable Gate Array (FPGA).
本发明实施例还相应地提出了一种网络虚拟边界设备间进行冗余备份 的系统, 该系统包括目录服务器和一个以上网络虚拟边界设备; 其中, 所述目录服务器为上述的目录服务器; The embodiment of the present invention further provides a system for performing redundancy backup between network virtual border devices, where the system includes a directory server and one or more network virtual border devices; The directory server is the above directory server;
所述网络虚拟边界设备为上述的网络虚拟边界设备。  The network virtual border device is the network virtual border device described above.
下面通过具体实施例对本发明实施例的技术方案作进一步详细说明。 实施例 1  The technical solutions of the embodiments of the present invention are further described in detail below through specific embodiments. Example 1
图 5为本发明实施例 1 中网络虚拟边界保护的网络结构示意图, 图中 目录服务器( directory server )保存网络的 MAC地址和 IP地址的映射关系。  FIG. 5 is a schematic diagram of a network structure of a network virtual border protection according to Embodiment 1 of the present invention. In the figure, a directory server stores a mapping relationship between a network MAC address and an IP address.
NVE1和 NVE2构成一个网络虚拟边界冗余组,实现双主机( active-active ) 的负载均衡, 即 VM1发送的信息可以由 NVE1设备封装, 也可以由 NVE2 设备封装。 这种网络设计可以提高网络虛拟边界设备的可靠性。 NVE1 and NVE2 form a network virtual boundary redundancy group to implement active-active load balancing. That is, the information sent by VM1 can be encapsulated by the NVE1 device or encapsulated by the NVE2 device. This network design can improve the reliability of network virtual border devices.
该实施例中, 网络虚拟边界成员设备 NVE1和 NVE2都向目录服务器 发送自己的地址信息和状态信息, 目录服务器收到了成员通告的地址信息 和状态信息后, 向组内其他成员通告, 实现用户地址信息在网络虚拟边界 冗余组内的同步和共享。  In this embodiment, the network virtual border member devices NVE1 and NVE2 both send their own address information and status information to the directory server. After receiving the address information and status information advertised by the member, the directory server advertises to other members in the group to implement the user address. Synchronization and sharing of information within a network virtual boundary redundancy group.
当 NVE1 出现故障, RT1感知到该故障后, 通过快速重路由 (FRR ) 快速将流量切换到网络虚拟边界成员 NVE2,由于报文封装的地址为组的虚 拟地址, 所以 NVE2可以对叠加报文的进行解封装, 并发往目的用户。  When NVE1 fails, RT1 quickly switches traffic to the virtual boundary member NVE2 through fast reroute (FRR). Because the address encapsulated by the packet is the virtual address of the group, NVE2 can superimpose the packet. Decapsulation is performed and sent to the intended user.
本实施例中, 网络虚拟边界冗余组根据接入侧网络设备的链路构建, 不同的 VM通过相同的上行链路接入 NVE时,可以构建在同一个虚拟组中, 而对于不同的 VM通过不同的上行链路接入 NVE时,需要构建不同的虛拟 组, 实现对不同链路的分别保护。 实施例 2  In this embodiment, the network virtual boundary redundancy group is constructed according to the link of the access side network device. When different VMs access the NVE through the same uplink, they can be built in the same virtual group, but for different VMs. When accessing the NVE through different uplinks, different virtual groups need to be constructed to implement separate protection for different links. Example 2
图 6为本发明实施例 2中网络虛拟边界保护的网络结构示意图, 本实 施例中, 当 NVE1学习到新的用户 MAC地址, 包括本端附着的终端 MAC 地址和远端的 MAC地址信息时, 向目录服务器注册该地址信息。 目录服务 器收到了该注册信息后, 需要向本网络虚拟边界冗余组中的其他设备发送 该注册信息, 实现用户地址信息在网络虚拟边界冗余组中的信息共享。 当 网络虚拟边界冗余组中有设备出现故障时, 可以快速实现数据流量的切换。 FIG. 6 is a schematic diagram of a network structure of a network virtual border protection according to Embodiment 2 of the present invention. In this embodiment, when the NVE1 learns a new user MAC address, including the MAC address of the terminal attached to the local end and the MAC address information of the remote end, Register the address information with the directory server. Directory service After receiving the registration information, the device needs to send the registration information to other devices in the virtual border redundancy group of the network to implement information sharing of the user address information in the network virtual boundary redundancy group. When there is a device failure in the network virtual boundary redundancy group, data traffic can be switched quickly.
本实施例中, 虚拟地址自动分配的过程包括:  In this embodiment, the process of automatically allocating virtual addresses includes:
1 ) 图 6中, NVE1和 NVE2为同一个网络虚拟边界冗余组, 当 NVE1 配置为网络虛拟边界冗余组后, 向 Directory server发送 NVE1注册消息, 注册消息中包括 NVE1的地址信息和状态信息,如 NVE1的 IP地址,组 , 租户 ID等信息, 如果网络虚拟边界冗余组的虚拟地址为手动分配方式, 注 册信息中还需要包含该虚拟地址信息。 同样, NVE2也做相同的动作; 1) In Figure 6, NVE1 and NVE2 are the same network virtual boundary redundancy group. After NVE1 is configured as the network virtual boundary redundancy group, the NVE1 registration message is sent to the Directory server. The registration message includes the NVE1 address information and status information. For example, the IP address, group, and tenant ID of the NVE1. If the virtual address of the network virtual boundary redundancy group is manually assigned, the registration information also needs to include the virtual address information. Similarly, NVE2 does the same thing;
2 )对于自动分配的方式, Directory server为该网络虚拟边界冗余组产 生一个虚拟地址; 2) For the automatic allocation mode, the Directory server generates a virtual address for the network virtual boundary redundancy group;
3 directory server将该虚拟地址封装在 reply报文中发送给各个网絡虚 拟边界冗余组成员;  3 The directory server encapsulates the virtual address in the reply packet and sends it to each network virtual boundary redundancy group member.
4 ) 网络虛拟边界设备收到了 reply报文后 , 该虛拟地址会在网络中通 过路由协议泛洪和通告。  4) After the network virtual border device receives the reply packet, the virtual address will be flooded and advertised through the routing protocol in the network.
对于虚拟地址手工配置的方式, 各个网络虚拟边界将该虚拟地址作为 普通的路由地址在网络中通告和泛洪即可。  For the manual configuration of virtual addresses, each virtual boundary of the network advertises and floods the virtual address as a common routing address in the network.
本实施例中, 进行网络虚拟边界保护的具体实现方法包括:  In this embodiment, a specific implementation method for performing network virtual boundary protection includes:
对于本端数据的传输, VM1发送的数据报文可以发送给 NVE1, 也可 以发送 NVE2 ,通过用虚拟组地址的映射,既实现了对本端数据的负载均衡, 又解决了远端关于 VM1的终端地址映射条目的跳转。  For the transmission of the local data, the data packet sent by the VM1 can be sent to the NVE1 or the NVE2. By mapping the virtual group address, the load balancing of the local data is achieved, and the terminal of the remote VM1 is solved. A jump to an address map entry.
图 6 中, 当有新的用户附着到网络虚拟边界时, 网络虚拟边界会向 directory server注册该 MAC地址信息, directory server收到注册信息后,需 要向该网络虚拟边界冗余组其他成员扩散该地址信息, 实现同一个网络虚 拟边界冗余组成员内的地址和状态信息共享, 当组内成员出现故障时, 由 于其他成员设备保存了该成员的地址信息, 可以实现数据流量的快速切换。 图 6中,NVE1和 NVE2为同一个网络虛拟边界冗余组,通过向 directory server注册实现了 NVE1和 NVE2之间的用户 MAC地址的共享, 同时在路 由器 1上配置 IP FRR。假设 NVE1出现故障,对于远端数据发送来的数据, 路由器 1通过 FRR技术快速的将数据流量从 NVE1切换到 NVE2, 由于封 装的叠加网报文的目的地址为虚拟地址, 所以 NVE2可以直接解封装该报 文, 并且 NVE2已经保存了所有 NVE1上的用户地址信息, NVE2可以快 速转发解封装后的报文到目的用户。 In Figure 6, when a new user is attached to the network virtual boundary, the network virtual boundary registers the MAC address information with the directory server. After receiving the registration information, the directory server needs to diffuse the other members of the network virtual boundary redundancy group. The address information is used to share the address and status information of the members of the same network virtual border redundancy group. When a member of the group fails, the other member devices can save the data traffic quickly. In Figure 6, NVE1 and NVE2 are the same network virtual boundary redundancy group. The user MAC address sharing between NVE1 and NVE2 is realized by registering with the directory server, and IP FRR is configured on Router 1. Assume that NVE1 is faulty. For the data sent by the remote data, Router 1 quickly switches the data traffic from NVE1 to NVE2 through the FRR technology. Since the destination address of the encapsulated overlay network packet is a virtual address, NVE2 can be directly decapsulated. The message, and NVE2 has saved the user address information on all NVE1s, and NVE2 can quickly forward the decapsulated message to the destination user.
以上所述, 仅为本发明的较佳实施例而已, 并非用于限定本发明的保 护范围。  The above is only the preferred embodiment of the present invention and is not intended to limit the scope of the present invention.

Claims

权利要求书 claims
1、 一种网络虚拟边界设备间进行冗余备份的方法, 一个或者一个以 上的网络虚拟边界设备组成一个网络虚拟边界冗余组, 每个网络虚拟边 界冗余組对应一个组 ID, 该方法包括: 1. A method for redundant backup between network virtual border devices. One or more network virtual border devices form a network virtual border redundancy group. Each network virtual border redundancy group corresponds to a group ID. The method includes :
目录服务器接收网络虚拟边界设备发送的注册消息, 所述注册消息 携带所述网络虛拟边界设备的地址、组 ID和所述网络虛拟边界设备的租 户信息; The directory server receives a registration message sent by a network virtual border device, where the registration message carries the address, group ID, and tenant information of the network virtual border device;
所述目录服务器根据所述组 ID , 将所述注册消息携带的信息通知给 所述网络虛拟边界设备所属网络虛拟边界冗余组中的其他网络虛拟边界 设备。 The directory server notifies other network virtual border devices in the network virtual border redundancy group to which the network virtual border device belongs, based on the group ID, of the information carried in the registration message.
2、 根据权利要求 1所述的方法, 其中, 所述租户信息包括以下一项 或多项: 租户 ID、 租户状态。 2. The method according to claim 1, wherein the tenant information includes one or more of the following: tenant ID, tenant status.
3、 根据权利要求 1所述的方法, 其中, 该方法还包括: 为网络虚拟 边界设备配置虚拟地址, 网络虚拟边界设备根据所述虚拟地址进行 ^艮文 处理。 3. The method according to claim 1, wherein the method further comprises: configuring a virtual address for the network virtual border device, and the network virtual border device performs text processing according to the virtual address.
4、 根据权利要求 3所述的方法, 其中, 所述为网络虛拟边界设备配 置虚拟地址为: 手动配置或由目录服务器自动分配。 4. The method according to claim 3, wherein the configuring the virtual address for the network virtual border device is: manual configuration or automatic allocation by the directory server.
5、根据权利要求 4所述的方法,其中,手动配置虚拟地址的场景下, 所述注册消息还携带所述网络虛拟边界设备的虛拟地址。 5. The method according to claim 4, wherein in the scenario of manual configuration of the virtual address, the registration message also carries the virtual address of the network virtual border device.
6、 根据权利要求 3至 5任一项所述的方法, 其中, 所述虚拟地址为 任播地址。 6. The method according to any one of claims 3 to 5, wherein the virtual address is an anycast address.
7、 根据权利要求 1至 5任一项所述的方法, 其中, 该方法还包括: 网络虚拟边界设备的租户信息发生变化时, 通过目录服务器将变化 后的租户信息通知给所述网络虚拟边界设备所属网络虚拟边界冗余组中 的其他网絡虚拟边界设备。 7. The method according to any one of claims 1 to 5, wherein the method further includes: when the tenant information of the network virtual boundary device changes, notifying the changed tenant information to the network virtual boundary through the directory server Other network virtual border devices in the network virtual border redundancy group to which the device belongs.
8、 根据权利要求 3至 5任一项所述的方法, 其中, 组 ID为虚拟地 址。 8. The method according to any one of claims 3 to 5, wherein the group ID is a virtual address.
9、 一种目录服务器, 该目录服务器包括: 接收模块和通知模块; 其 中, 9. A directory server, which includes: a receiving module and a notification module; wherein,
所述接收模块, 用于接收网络虛拟边界设备发送的注册消息, 所述 注册消息携带所述网络虛拟边界设备的地址、组 ID和所述网络虛拟边界 设备的租户信息; The receiving module is configured to receive a registration message sent by a network virtual border device, where the registration message carries the address, group ID, and tenant information of the network virtual border device;
所述通知模块, 用于根据所述组 ID, 将所述注册消息携带信息通知 给所述网絡虚拟边界设备所属网络虛拟边界冗余组中的其他网络虚拟边 界设备。 The notification module is configured to notify other network virtual border devices in the network virtual border redundancy group to which the network virtual border device belongs, based on the group ID, of the information carried in the registration message.
10、 根据权利要求 9 所述的目录服务器, 其中, 该目录服务器还包 括配置模块, 10. The directory server according to claim 9, wherein the directory server further includes a configuration module,
所述配置模块, 用于为网络虚拟边界设备配置虚拟地址。 The configuration module is used to configure a virtual address for a network virtual border device.
11、 根据权利要求 9或 10所述的目录服务器, 其中, 11. The directory server according to claim 9 or 10, wherein,
所述接收模块, 还用于接收网络虚拟边界设备发送的变化后的租户 信息; The receiving module is also used to receive the changed tenant information sent by the network virtual border device;
所述通知模块, 还用于将所述变化后的租户信息通知给所述网络虚 拟边界设备所属网络虚拟边界冗余组中的其他网絡虛拟边界设备。 The notification module is also configured to notify other network virtual edge devices in the network virtual edge redundancy group to which the network virtual edge device belongs of the changed tenant information.
12、 一种网络虚拟边界设备, 该网络虚拟边界设备包括发送模块、 接收模块; 其中, 12. A network virtual border device, which includes a sending module and a receiving module; wherein,
所述发送模块, 用于向目录服务器发送注册消息, 所述注册消息携 带所述网络虚拟边界设备的地址、 组 ID和所述网络虚拟边界设备的租户 信息; The sending module is configured to send a registration message to the directory server, where the registration message carries the address of the network virtual border device, the group ID and the tenant information of the network virtual border device;
所述接收模块, 用于接收目录服务器通知的所述网络虚拟边界设备 所属网络虚拟边界冗余组中的其他网络虚拟边界设备对应的注册消息携 带的信息。 The receiving module is configured to receive information carried by registration messages corresponding to other network virtual border devices in the network virtual border redundancy group to which the network virtual border device belongs, notified by the directory server.
13、 根据权利要求 12所述的网络虚拟边界设备, 其中, 该网络虚拟 边界设备还包括报文处理模块; 其中, 13. The network virtual border device according to claim 12, wherein the network virtual border device further includes a message processing module; wherein,
所述报文处理模块, 用于根据配置的虚拟地址进行报文处理。 The message processing module is used to process messages according to the configured virtual address.
14、 根据权利要求 12或 13所述的网络虚拟边界设备, 其中, 所述发送模块, 还用于在租户信息发生变化时, 向目录服务器发送 变化后的租户信息; 14. The network virtual border device according to claim 12 or 13, wherein the sending module is further configured to send the changed tenant information to the directory server when the tenant information changes;
所述接收模块, 还用于接收目录服务器通知的所述网络虚拟边界设 备所属网络虚拟边界冗余组中的其他网络虚拟边界设备变化后的租户信 息。 The receiving module is also configured to receive the changed tenant information of other network virtual border devices in the network virtual border redundancy group to which the network virtual border device belongs, notified by the directory server.
15、 一种网络虚拟边界设备间进行冗余备份的系统, 该系统包括目 录服务器和一个以上网络虛拟边界设备; 其中, 所述目录服务器为权利 要求 9至 11任一项所述的目录服务器; 所述网络虚拟边界设备为权利要 求 12至 14任一项所述的网络虚拟边界设备。 15. A system for redundant backup between network virtual edge devices. The system includes a directory server and more than one network virtual edge device; wherein, the directory server is the directory server according to any one of claims 9 to 11; The network virtual border device is the network virtual border device according to any one of claims 12 to 14.
PCT/CN2013/085263 2012-11-16 2013-10-15 Method, device and system for performing redundancy backup among network virtualization edge devices WO2014075527A1 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
CN201210465013.7 2012-11-16
CN201210465013.7A CN103825815B (en) 2012-11-16 2012-11-16 Method, equipment and the system of redundancy backup are carried out between network virtual edge device

Publications (1)

Publication Number Publication Date
WO2014075527A1 true WO2014075527A1 (en) 2014-05-22

Family

ID=50730574

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2013/085263 WO2014075527A1 (en) 2012-11-16 2013-10-15 Method, device and system for performing redundancy backup among network virtualization edge devices

Country Status (2)

Country Link
CN (1) CN103825815B (en)
WO (1) WO2014075527A1 (en)

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US9916174B2 (en) 2015-05-27 2018-03-13 International Business Machines Corporation Updating networks having virtual machines with migration information
US10412005B2 (en) 2016-09-29 2019-09-10 International Business Machines Corporation Exploiting underlay network link redundancy for overlay networks

Families Citing this family (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN106856446B (en) * 2015-12-09 2019-12-10 中国电信股份有限公司 Method and system for improving virtual network reliability
CN106789388B (en) * 2016-03-25 2020-07-03 新华三技术有限公司 Method and device for determining message detection content
CN109802888B (en) * 2017-11-16 2021-11-09 中兴通讯股份有限公司 Method and device based on anycast address protection
CN112953803B (en) * 2021-02-10 2022-07-08 西南电子技术研究所(中国电子科技集团公司第十研究所) Airborne redundant network data transmission method

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6459682B1 (en) * 1998-04-07 2002-10-01 International Business Machines Corporation Architecture for supporting service level agreements in an IP network
CN101729510A (en) * 2008-10-29 2010-06-09 Tcl集团股份有限公司 Storage service system for virtual network and method for establishing the same
CN102281332A (en) * 2011-08-31 2011-12-14 上海西本网络科技有限公司 Distributed cache array and data updating method thereof

Family Cites Families (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US7535828B2 (en) * 2005-03-18 2009-05-19 Cisco Technology, Inc. Algorithm for backup PE selection
WO2009027612A2 (en) * 2007-08-24 2009-03-05 Thomson Licensing Method for constructing a virtual environment in a p2p network of the delaunay type by dynamic grouping of nodes, assistance device and related equipment
CN101582834B (en) * 2008-05-16 2013-10-09 华为技术有限公司 Updating method and system of forwarding table during service transmission of Ethernet
US8619779B2 (en) * 2009-09-30 2013-12-31 Alcatel Lucent Scalable architecture for enterprise extension in a cloud topology
US8532108B2 (en) * 2009-09-30 2013-09-10 Alcatel Lucent Layer 2 seamless site extension of enterprises in cloud computing
MX2012007559A (en) * 2010-05-28 2012-07-30 Huawei Tech Co Ltd Virtual layer 2 and mechanism to make it scalable.
US8694664B2 (en) * 2010-11-23 2014-04-08 Cisco Technology, Inc. Active-active multi-homing support for overlay transport protocol

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6459682B1 (en) * 1998-04-07 2002-10-01 International Business Machines Corporation Architecture for supporting service level agreements in an IP network
CN101729510A (en) * 2008-10-29 2010-06-09 Tcl集团股份有限公司 Storage service system for virtual network and method for establishing the same
CN102281332A (en) * 2011-08-31 2011-12-14 上海西本网络科技有限公司 Distributed cache array and data updating method thereof

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US9916174B2 (en) 2015-05-27 2018-03-13 International Business Machines Corporation Updating networks having virtual machines with migration information
US10684882B2 (en) 2015-05-27 2020-06-16 International Business Machines Corporation Updating networks with migration information for a virtual machine
US10412005B2 (en) 2016-09-29 2019-09-10 International Business Machines Corporation Exploiting underlay network link redundancy for overlay networks

Also Published As

Publication number Publication date
CN103825815A (en) 2014-05-28
CN103825815B (en) 2018-07-27

Similar Documents

Publication Publication Date Title
US11128494B2 (en) Distributed virtual gateway appliance
US8842518B2 (en) System and method for supporting management network interface card port failover in a middleware machine environment
EP2640013B1 (en) Method And Apparatus Providing Network Redundancy And High Availability To Remote Network Nodes
EP2874359B1 (en) Extended ethernet fabric switches
JP2023527999A (en) Loop prevention of virtual L2 network
JP2023535149A (en) System and method for VLAN switching and routing services
US11757773B2 (en) Layer-2 networking storm control in a virtualized cloud environment
WO2014075527A1 (en) Method, device and system for performing redundancy backup among network virtualization edge devices
GB2485024A (en) Providing failover for a Point to Point tunnel for Wireless Local Area Network (WLAN) split-plane environments
EP4183118A1 (en) Multi-edge etherchannel (meec) creation and management
EP2915298A1 (en) Message forwarding between geographically dispersed network sites
US20160205033A1 (en) Pool element status information synchronization method, pool register, and pool element
Chen et al. A scalable multi-datacenter layer-2 network architecture
JP2024503600A (en) Layer 2 networking span ports in virtualized cloud environments
WO2014023255A1 (en) Method and system for distributing virtualized network address of data centre and directory server
JP2024503322A (en) Layer 2 networking storm control in virtualized cloud environments
JP2024503318A (en) Layer 2 networking using access control lists in virtualized cloud environments
JP2024507143A (en) Scaling IP addresses in overlay networks
JP2024503319A (en) Layer 2 networking information in virtualized cloud environments
CN114449058A (en) Supporting any protocol through network virtualization
CN116711270A (en) Layer 2networking information in virtualized cloud environments
CN116648892A (en) Layer 2networking storm control in virtualized cloud environments

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 13855177

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 13855177

Country of ref document: EP

Kind code of ref document: A1