WO2016091186A1 - Method and system for preventing conflict from occurring in resources occupied by logical switch - Google Patents

Method and system for preventing conflict from occurring in resources occupied by logical switch Download PDF

Info

Publication number
WO2016091186A1
WO2016091186A1 PCT/CN2015/097012 CN2015097012W WO2016091186A1 WO 2016091186 A1 WO2016091186 A1 WO 2016091186A1 CN 2015097012 W CN2015097012 W CN 2015097012W WO 2016091186 A1 WO2016091186 A1 WO 2016091186A1
Authority
WO
WIPO (PCT)
Prior art keywords
resource
openflow
logical switch
resources
switch
Prior art date
Application number
PCT/CN2015/097012
Other languages
French (fr)
Chinese (zh)
Inventor
肖敏
张君辉
焦欣文
Original Assignee
中兴通讯股份有限公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 中兴通讯股份有限公司 filed Critical 中兴通讯股份有限公司
Publication of WO2016091186A1 publication Critical patent/WO2016091186A1/en

Links

Images

Definitions

  • This document relates to Software Defined Network (SDN) technology, and in particular to a method and system for preventing conflicts of resources occupied by logical switches.
  • SDN Software Defined Network
  • the OpenFlow network is a software-defined network that uses an architecture in which the control plane is separated from the forwarding plane.
  • 1 is a schematic diagram of an OpenFlow network component architecture in accordance with the related art.
  • the management plane of the OpenFlow network is implemented by the OpenFlow configuration point.
  • the control plane of the OpenFlow network is implemented by the OpenFlow controller.
  • the network application (App) calls the OpenFlow controller through an application programming interface (API).
  • API application programming interface
  • the forwarding plane of the OpenFlow network is implemented by an OpenFlow switch.
  • the interface between the OpenFlow configuration point and the OpenFlow switch runs the OpenFlow Management and Configuration (OF-Config) protocol.
  • the interface between the OpenFlow controller and the OpenFlow switch runs the OpenFlow protocol.
  • OF-Config OpenFlow Management and Configuration
  • the OpenFlow configuration point manages and configures the OpenFlow switch through the OF-Config channel.
  • the OpenFlow controller controls the forwarding behavior of the OpenFlow switch through the OpenFlow channel to implement separation of data forwarding and routing control.
  • an OpenFlow configuration point can divide multiple logical switches according to ports on the same OpenFlow switch. Different logical switches occupy different OpenFlow port resources and are controlled by different OpenFlow controllers.
  • 2 is a diagram showing an example of dividing a plurality of OpenFlow logical switches on an OpenFlow switch according to the related art. As shown in Figure 2, the OpenFlow configuration point configures two logical switches, OpenFlow logical switch 1 and OpenFlow logical switch 2, on the OpenFlow switch.
  • the OpenFlow logical switch 1 occupies part of the OpenFlow port resources and is controlled by the OpenFlow controller 1.
  • OpenFlow logical switch 2 occupies another part of OpenFlow port resources and is controlled by OpenFlow controller 2.
  • an OpenFlow switch may have only one virtual local area network (VLAN) forwarding table shared by multiple logical switches. Since different logical switches are controlled by different OpenFlow controllers, different OpenFlow controllers may appear. Adding different ports of multiple logical switches to the same VLAN, which is usually undesirable for network operators.
  • VLAN virtual local area network
  • the technical problem to be solved by the present invention is to provide a method and system for preventing conflicts of resources occupied by logical switches, so that different OpenFlow controllers controlling different logical switches on the same OpenFlow switch are given to respective controlled logical switches. Conflicts do not occur when resources are allocated.
  • a method for preventing conflicts between resources occupied by a logical switch includes the following steps:
  • the resource type includes one or more of the following resources:
  • VLAN Virtual local area network
  • VRF virtual route forwarding
  • MPLS multi-protocol label switching
  • the establishing, by the logical switch, a control connection with an associated OpenFlow controller After the querying the logical switch, determining the resource type with the resource isolation restriction includes:
  • the OpenFlow controller After each logical switch automatically establishes a control connection with the associated OpenFlow controller and runs the OpenFlow protocol on the control connection, the OpenFlow controller immediately sends a query message to the logical switch and receives a reply message of the logical switch. Know the resource type with resource isolation restrictions.
  • the step of querying, by the logical switch, the suffixable resource range of the resource type, and selecting the resource to be allocated to the logical switch from the sufficable resource range includes:
  • the OpenFlow controller sends a query message to the logical switch and receives a reply message of the logical switch to learn the available resource range of the resource type on the logical switch, and the OpenFlow controller learns from the available A resource is selected from the resource range to be allocated to the logical switch.
  • the resource type is determined according to a resource isolation restriction condition of the OpenFlow switch.
  • the step of separately configuring, by the different logical switches on the same OpenFlow switch, the non-overlapping resource range of the resource type includes:
  • the available resource ranges configured for different logical switches on the same OpenFlow switch are not overlapping.
  • a system for preventing conflicts between resources occupied by a logical switch comprising: a configuration module, a determining module, and an allocation module, wherein
  • the configuration module is configured to: configure, for different resource switches on the same OpenFlow switch, non-overlapping resource ranges of the resource types for resource types that need to implement resource isolation;
  • the determining module is configured to: after the logical switch establishes a control connection with the associated OpenFlow controller, query the logical switch to determine a resource type with a resource isolation restriction;
  • the allocation module is configured to: when the OpenFlow controller needs to allocate the resource type with the resource isolation restriction to the corresponding logical switch, query the logical switch for the available resource range of the resource type, and A resource selected from the range of available resources is allocated to the logical switch.
  • the resource type includes one or more of the following resources:
  • VLAN resources VRF resources, and MPLS label resources.
  • the determining module is configured to query the logical switch to determine a resource type with a resource isolation restriction after the logical switch establishes a control connection with the associated OpenFlow controller according to the following manner:
  • the determining module is configured to send a query message to the logical switch and receive a reply message of the logical switch. To know the type of resource that has resource isolation restrictions.
  • the allocating module is configured to query the logical switch for an occupant resource range of the resource type according to the following manner, and select a resource to be allocated to the logical switch from the occupable resource range:
  • the resource type is determined according to a resource isolation restriction condition of the OpenFlow switch.
  • the configuration module is configured to separately configure, for different logical switches on the same OpenFlow switch, an occupant resource range of the resource type that does not overlap:
  • the available resource ranges configured for different logical switches on the same OpenFlow switch are not overlapping.
  • the technical solution of the present invention utilizes the OpenFlow configuration point, and according to the resource isolation limitation of the OpenFlow switch, different logical switches on the same OpenFlow switch are configured to allocate non-overlapping resources of the same type of resources, and implement OpenFlow by extending the related technology OpenFlow protocol.
  • the controller obtains the resource type of the resource switch and the available resource range of the configuration.
  • FIG. 1 is a schematic diagram of an OpenFlow network component architecture according to the related art
  • FIG. 2 is a diagram showing an example of dividing a plurality of OpenFlow logical switches on an OpenFlow switch according to the related art
  • FIG. 3 is a flowchart of a method for preventing a resource conflict of a logical switch from colliding according to a preferred embodiment of the present invention
  • FIG. 4 is a flowchart of a method for preventing a resource conflict of a logical switch from colliding according to the first embodiment of the present invention
  • FIG. 5 is a flowchart of a method for preventing a resource conflict of a logical switch from colliding according to Embodiment 2 of the present invention
  • FIG. 6 is a flowchart of a method for preventing a resource conflict of a logical switch from colliding according to Embodiment 3 of the present invention
  • FIG. 7 is a schematic diagram of a system for preventing conflicts of resources occupied by a logical switch according to a preferred embodiment of the present invention.
  • the embodiment of the invention provides a method for preventing conflicts of resources occupied by a logical switch.
  • the flowchart of the method is as shown in FIG. 3, and includes the following steps.
  • step S302 for the resource types that need to implement resource isolation, the different logical switches on the same OpenFlow switch are respectively configured with non-overlapping resource types of the resource types.
  • VLAN virtual local area network
  • the ports are also not interoperable.
  • the OpenFlow configuration point separately configures the logical switch to occupy the resource range for each determined resource type.
  • the different logical switches on the same OpenFlow switch do not overlap in the available resource ranges configured for the same type of resources.
  • Step S304 after the logical switch establishes a control connection with the associated OpenFlow controller, query the logical switch to determine the resource type with the resource isolation restriction.
  • each logical switch automatically establishes a control connection with its own OpenFlow controller and runs OpenFlow on the control connection. protocol.
  • the OpenFlow controller then sends a query message to the logical switch and receives a reply message from the logical switch to learn the resource type (eg, VLAN resource) with resource isolation restrictions.
  • the OpenFlow controller immediately queries the logical switch for the resource type with the resource isolation restriction after the control connection is successfully established, so that the OpenFlow controller can know the resource type with the resource isolation restriction at the first time.
  • Step S306 when the OpenFlow controller needs to allocate the resource type with the resource isolation restriction to the corresponding logical switch, query the logical switch for the available resource range of the resource type, and use the occupied resource from the resource. A resource is selected in the range to be assigned to the logical switch.
  • OpenFlow controllers that accept web application calls allocate resources to the logical switches they need to control. Since the OpenFlow controller knows in advance the resource type of the resource isolation restriction on the logical switch, when the OpenFlow controller needs to allocate the resource type with the resource isolation restriction to the logical switch, first, the OpenFlow controller sends a query message to the logical switch. Receiving a reply message of the logical switch to determine a range of available resources of the resource type on the logical switch, and then the OpenFlow controller selects a resource to be allocated to the logical switch from the learned range of available resources.
  • the above-mentioned OpenFlow controller queries the configurable resource range on the logical switch as needed, and on the other hand, can prevent the problem of long-term occupation control connection and error-prone by querying the resource range of all resource types at one time, and on the other hand, The query process for the usable resource range of the resource type that does not need to be allocated is omitted, and the efficiency of the query is improved.
  • the OpenFlow controller initiates a query for resource types with resource isolation restrictions on the logical switch and the resource range of each resource type, so that the method has good compatibility and scalability. It can be applied to various OpenFlow switches produced by different software and hardware solutions, which better solves the technical problem of conflicts of resources occupied by logical switches.
  • FIG. 4 is a flowchart of a method for preventing a resource conflict of a logical switch from colliding according to the first embodiment of the present invention.
  • two OpenFlow logical switches on the same OpenFlow switch are respectively controlled by two OpenFlow controllers, that is, OpenFlow logical switch 1 is controlled by OpenFlow controller 1, and OpenFlow logical switch 2 is controlled by OpenFlow controller 2 control.
  • OpenFlow logical switches share the VLAN resources of the same OpenFlow switch and there is a potential for conflict.
  • the OpenFlow configuration point, the OpenFlow controller, and the OpenFlow logical switch in the OpenFlow network perform the following steps:
  • Step 402 The OpenFlow configuration point creates an OpenFlow logical switch 1 and an OpenFlow logical switch 2 on the OpenFlow switch, and configures the OpenFlow logical switch 1 with a VLAN occupiable range [1-2000], and configures the OpenFlow logical switch 2 with a VLAN occupiable range. 2001-4094].
  • the VLAN occupies of the OpenFlow logical switch 1 [1-2000] and the VLAN occupies of the OpenFlow logical switch 2 [2001-4094] do not overlap, which can avoid the two logical switches being separated into two. Potential VLAN assignment conflicts that may be caused by OpenFlow controllers.
  • Step 404 After the control connection between the OpenFlow logical switch 1 and the OpenFlow controller 1 is successfully established, the OpenFlow controller 1 immediately sends a query message to the OpenFlow logical switch 1 to query which resource types on the OpenFlow logical switch 1 have resource isolation restrictions. After receiving the query message sent by the OpenFlow controller 1, the OpenFlow logical switch 1 sends a reply message to the OpenFlow controller 1 to feedback the resource isolation restriction of the VLAN resource on the logical switch.
  • the OpenFlow configuration point will configure the OpenFlow logical switch 1 with the address of the OpenFlow controller 1, and then the OpenFlow logical switch 1 will automatically send it. And establish a control connection with the OpenFlow controller 1.
  • Step 406 The network application invokes the OpenFlow controller 1 to allocate VLAN resources, and the OpenFlow controller 1 sends an inquiry message to the OpenFlow logical switch 1 to query the occupiable range of the configured VLAN resources on the OpenFlow logical switch 1. After receiving the query message sent by the OpenFlow controller 1, the OpenFlow logical switch 1 sends a reply message to the OpenFlow controller 1 to feed back the occupied range of the configured VLAN resources on the logical switch [1-2000]. After receiving the reply message of the OpenFlow logical switch 1, the OpenFlow controller 1 selects a VLAN to be assigned to the port on the OpenFlow logical switch 1 from the learned VLAN resource occupiable range [1-2000].
  • Steps 408-410 are performed in the same manner as steps 404-406.
  • the network application invokes the OpenFlow controller 2 to perform VLAN allocation on the OpenFlow logical switch 2, between steps 408-410 and steps 404-406. It is parallel and independent of each other.
  • FIG. 5 is a flowchart of a method for preventing conflicts of resources occupied by a logical switch according to Embodiment 2 of the present invention.
  • two OpenFlow logical switches on the same OpenFlow switch are respectively controlled by two OpenFlow controllers, that is, OpenFlow logical switch 1 is controlled by OpenFlow controller 1, and OpenFlow logical switch 2 is controlled by OpenFlow controller 2 control.
  • Two OpenFlow logical switches share the VLAN resources and virtual route forwarding (VRF) resources of the same OpenFlow switch and have potential conflicts.
  • VRF is a virtual private network instance defined in the Virtual Private Network (VPN) technology defined by the Internet Engineering Task Force (IETF). Similar to a VLAN, multiple VRFs can be enabled on the same port of an OpenFlow switch, but on the same OpenFlow switch. Different logical switch ports belonging to different OpenFlow controllers may cause conflicts due to the same VRF being enabled.
  • the OpenFlow configuration point, the OpenFlow controller, and the OpenFlow logical switch in the OpenFlow network perform the following steps:
  • Step 502 The OpenFlow configuration point creates an OpenFlow logical switch 1 and an OpenFlow logical switch 2 on the OpenFlow switch, and configures the OpenFlow logical switch 1 with a VLAN occupiable range [1-2000] and a VRF occupiable range [1-1000].
  • OpenFlow Logical Switch 2 is configured with a VLAN occupiable range [2001-4094] and a VRF occupiable range [1001-2000].
  • the VRF occupiable range of the OpenFlow Logical Switch 1 [1-1000] and the VRF occupiable range [1001-2000] of the OpenFlow Logical Switch 2 are also non-overlapping, which avoids the fact that the two logical switches belong to two OpenFlow controls. Potential VRF allocation conflicts that may be caused by the device.
  • Step 504 After the control connection between the OpenFlow logical switch 1 and the OpenFlow controller 1 is successfully established, the OpenFlow controller 1 immediately sends a query message to the OpenFlow logical switch 1 to query which types of resources on the OpenFlow logical switch 1 have resource isolation restrictions. . After receiving the query message sent by the OpenFlow controller 1, the OpenFlow logical switch 1 sends a reply message to the OpenFlow controller 1 to feedback the resource isolation limit of the VLAN resource and the VRF resource on the logical switch.
  • Step 506 The network application invokes the OpenFlow controller 1 to allocate VLAN resources, and the OpenFlow controller 1 sends an inquiry message to the OpenFlow logical switch 1 to query the occupiable range of the configured VLAN resources on the OpenFlow logical switch 1. After receiving the query message sent by the OpenFlow controller 1, the OpenFlow logical switch 1 sends a reply message to the OpenFlow controller 1 to feed back the occupied range of the configured VLAN resources on the logical switch [1-2000]. After receiving the reply message of the OpenFlow logical switch 1, the OpenFlow controller 1 selects a VLAN to be assigned to the port on the OpenFlow logical switch 1 from the learned VLAN resource occupiable range [1-2000].
  • Step 508 the network application calls the OpenFlow controller 1 to allocate the VRF resources, and the OpenFlow controller 1 sends a query message to the OpenFlow logical switch 1 to query the vacable range of the configured VRF resources on the OpenFlow logical switch 1.
  • the OpenFlow logical switch 1 After receiving the query message sent by the OpenFlow controller 1, the OpenFlow logical switch 1 sends a reply message to the OpenFlow controller 1 to feed back the vacant range of the configured VRF resources on the logical switch [1-1000].
  • the OpenFlow controller 1 selects the VRF allocated to the port on the OpenFlow logical switch 1 from the learned VRF resource occupiable range [1-1000].
  • FIG. 6 is a flowchart of a method for preventing conflicts of resources occupied by a logical switch according to Embodiment 3 of the present invention.
  • two OpenFlow logical switches on the same OpenFlow switch are respectively controlled by two OpenFlow controllers, that is, OpenFlow logical switch 1 is controlled by OpenFlow controller 1, and OpenFlow logical switch 2 is controlled by OpenFlow controller 2 control.
  • Two OpenFlow logical switches share the VLAN resources, VRF resources, and Per-Platform-based Multiprotocol Label Switching (MPLS) label resources of the same OpenFlow switch and have potential conflicts.
  • MPLS is a communication forwarding protocol developed by the IETF.
  • the platform-based MPLS label on the same OpenFlow switch is used to uniformly allocate packets belonging to the same forwarding equivalence class (FEC) entering the OpenFlow switch.
  • FEC forwarding equivalence class
  • the OpenFlow configuration point, the OpenFlow controller, and the OpenFlow logical switch in the OpenFlow network perform the following steps:
  • Step 602 OpenFlow configuration points respectively create OpenFlow logical switch 1 and OpenFlow logical switch 2 on the OpenFlow switch, and configure OpenFlow logical switch 1 with a VLAN occupiable range [1-2000], a VRF occupiable range [1-1000], and based on The MPLS label of the platform can occupy the range [16-2 19 ], configure the OpenFlow logical switch 2 with the VLAN occupiable range [2001-4094], the VRF occupiable range [1001-2000], and the platform-based MPLS label occupies the range [2] 19 +1-2 20 ].
  • the VLAN occupies of the OpenFlow logical switch 1 [1-2000] and the VLAN occupiable range [2001-4094] of the OpenFlow logical switch 2 do not overlap, which can be avoided because the two OpenFlow logical switches belong to the two Potential VLAN assignment conflicts that may be caused by OpenFlow controllers.
  • the VRF occupiable range of the OpenFlow Logical Switch 1 [1-1000] and the VRF occupiable range [1001-2000] of the OpenFlow Logical Switch 2 are also non-overlapping, which avoids the fact that the two OpenFlow logical switches belong to two OpenFlows. Potential VRF allocation conflicts that may be caused by the controller.
  • the platform-based MPLS label of OpenFlow Logical Switch 1 can occupy a range [16-2 19 ] and the platform-based MPLS label of OpenFlow Logical Switch 2 can occupy a range [2 19 +1-2 20 ] and it does not overlap. Avoid potential platform-based MPLS label conflicts that may result from the two OpenFlow logical switches being separated into two OpenFlow controllers.
  • Step 604 after the control connection between the OpenFlow logical switch 1 and the OpenFlow controller 1 is successfully established, the OpenFlow controller 1 immediately sends a query message to the OpenFlow logical switch 1 to query which types of resources on the OpenFlow logical switch 1 have resource isolation restrictions. .
  • the OpenFlow logical switch 1 After receiving the query message sent by the OpenFlow controller 1, the OpenFlow logical switch 1 sends a reply message to the OpenFlow controller 1 to feedback the resource isolation limitation of the VLAN resource, the VRF resource, and the platform-based MPLS label resource on the logical switch. .
  • Step 606 The network application invokes the OpenFlow controller 1 to perform allocation of the platform-based MPLS label resource, and the OpenFlow controller 1 sends a query message to the OpenFlow logical switch 1 to query the configured platform-based MPLS label resource on the OpenFlow logical switch 1. Can occupy the range.
  • the OpenFlow logical switch 1 After receiving the query message sent by the OpenFlow controller 1, the OpenFlow logical switch 1 sends a reply message to the OpenFlow controller 1 to feed back the available range of the platform-based MPLS label resource configured on the logical switch. [16- 2 19 ].
  • the OpenFlow controller 1 selects the platform-based MPLS label from the learned platform-based MPLS label resource occupiable range [16-2 19 ] to the FEC entering the OpenFlow logical switch 1. .
  • Step 608 The network application invokes the OpenFlow controller 1 to allocate VLAN resources, and the OpenFlow controller 1 sends an inquiry message to the OpenFlow logical switch 1 to query the occupable range of the configured VLAN resources on the OpenFlow logical switch 1. After receiving the query message sent by the OpenFlow controller 1, the OpenFlow logical switch 1 sends a reply message to the OpenFlow controller 1 to feed back the occupied range of the configured VLAN resources on the logical switch [1-2000]. After receiving the reply message of the OpenFlow logical switch 1, the OpenFlow controller 1 selects a VLAN to be assigned to the port on the OpenFlow logical switch 1 from the learned VLAN resource occupiable range [1-2000].
  • the preferred embodiment of the present invention further provides a system for preventing conflicts between resources occupied by a logical switch, including: a configuration module 10, a determining module 12, and an allocating module 14.
  • the configuration module 10 (for example, an OpenFlow configuration point) is configured to: for different resource switches on the same OpenFlow switch, different non-overlapping resource types of the resource types are configured for resource types that need to implement resource isolation;
  • the determining module 12 is configured to: establish the logical switch and the associated OpenFlow controller After controlling the connection, query the logical switch to determine the resource type with resource isolation restrictions;
  • the allocating module 14 is configured to: when the OpenFlow controller needs to allocate the resource type with the resource isolation restriction to the corresponding logical switch, query the logical switch for the available resource range of the resource type, and from the A resource selected from the range of available resources is allocated to the logical switch. Specifically, after each logical switch automatically establishes a control connection with the associated OpenFlow controller and runs the OpenFlow protocol on the control connection, the determining module 12 is configured to send a query message to the logical switch and receive a reply message of the logical switch. To know the type of resource that has resource isolation restrictions.
  • the configuration module 10 is configured to separately configure, for different logical switches on the same OpenFlow switch, the vacant resource ranges of the resource types that are not overlapped: for the same type of resources, different on the same OpenFlow switch.
  • the range of available resources configured by the logical switch is not overlapping.
  • the determining module 12 is configured to query the logical switch to determine a resource type with resource isolation restrictions after the logical switch establishes a control connection with the associated OpenFlow controller in the following manner: at each logical switch After the control connection is automatically established with the associated OpenFlow controller and the OpenFlow protocol is run on the control connection, the determining module is configured to send a query message to the logical switch and receive a reply message of the logical switch to learn that there is resource isolation. Restricted resource type.
  • the allocating module 14 is configured to query the logical switch for an occupant resource range of the resource type, and select a resource from the occupable resource range to the logical switch: to the logic The switch sends a query message and receives a reply message of the logical switch to learn the available resource range of the resource type on the logical switch, and selects a resource to be allocated to the logical switch from the learned available resource range.
  • the determining module 12 and the assigning module 14 are included, for example, in an OpenFlow controller.
  • the present invention is not limited thereto.
  • the determination module 12 and the distribution module 14 are, for example, modules that are separate from the OpenFlow controller.
  • the specific content of the system is the same as that described above, and thus will not be described herein.
  • the embodiment of the invention further discloses a computer program, comprising program instructions, when the program instruction is executed by the terminal, so that the terminal can perform any of the above methods for detecting wireless network access security.
  • the embodiment of the invention also discloses a carrier carrying the computer program.
  • the technical solution of the present invention utilizes the OpenFlow configuration point, and according to the resource isolation limitation of the OpenFlow switch, different logical switches on the same OpenFlow switch are configured to allocate non-overlapping resources of the same type of resources, and implement OpenFlow control by extending the existing OpenFlow protocol.
  • the resource type of the logical switch that has resource isolation restrictions and the acquired resource range of the configuration. Therefore, the present invention has strong industrial applicability.

Landscapes

  • Data Exchanges In Wide-Area Networks (AREA)
  • Mobile Radio Communication Systems (AREA)

Abstract

A method and system for preventing a conflict from occurring in resources occupied by a logical switch. The method comprises the following steps: for the type of resources that need to be isolated, separately configuring, for different logical switches on a same OpenFlow switch, a non-overlapping range of resources that can be occupied and that belong to the resource type; after the logical switch and an OpenFlow controller to which the logical switch belongs establish a control connection, querying the logical switch, and determining the type of resources that have resource isolation limitation; and when the OpenFlow controller needs to allocate, to the corresponding logical switch, the type of the resources that have resource isolation limitation, querying the logical switch the range of resources that can be occupied and that belong to the resource type, and selecting resources from the range of resources that can be occupied and allocating the resources to the logical switch. The technical solution of the present invention prevents a conflict from occurring when different OpenFlow controllers that control different logical switches on the same OpenFlow switch allocate resources to the corresponding logical switches controlled by the OpenFlow controllers.

Description

一种防止逻辑交换机所占用资源发生冲突的方法及系统Method and system for preventing conflicts of resources occupied by logical switches 技术领域Technical field
本文涉及软件定义网络(Software Defined Network,SDN)技术,尤其涉及一种防止逻辑交换机所占用资源发生冲突的方法及系统。This document relates to Software Defined Network (SDN) technology, and in particular to a method and system for preventing conflicts of resources occupied by logical switches.
背景技术Background technique
OpenFlow网络作为一种软件定义网络,其采用控制平面与转发平面相分离的架构。图1是根据相关技术的OpenFlow网络组件架构的示意图。如图1所示,OpenFlow网络的管理平面由OpenFlow配置点来实现,OpenFlow网络的控制平面由OpenFlow控制器来实现,网络应用程序(App)通过应用程序编程接口(API)调用OpenFlow控制器以实现对OpenFlow网络的控制,OpenFlow网络的转发平面由OpenFlow交换机来实现。OpenFlow配置点与OpenFlow交换机之间的接口运行OpenFlow管理和配置(OF-Config)协议,OpenFlow控制器与OpenFlow交换机之间的接口运行OpenFlow协议,上述两个协议均由国际标准组织开放网络基金会(Open Networking Foundation,简称为ONF)负责制定和修改。OpenFlow配置点通过OF-Config通道对OpenFlow交换机进行管理和配置,OpenFlow控制器通过OpenFlow通道对OpenFlow交换机的转发行为进行控制,实现了数据转发和路由控制的分离。The OpenFlow network is a software-defined network that uses an architecture in which the control plane is separated from the forwarding plane. 1 is a schematic diagram of an OpenFlow network component architecture in accordance with the related art. As shown in Figure 1, the management plane of the OpenFlow network is implemented by the OpenFlow configuration point. The control plane of the OpenFlow network is implemented by the OpenFlow controller. The network application (App) calls the OpenFlow controller through an application programming interface (API). For the control of the OpenFlow network, the forwarding plane of the OpenFlow network is implemented by an OpenFlow switch. The interface between the OpenFlow configuration point and the OpenFlow switch runs the OpenFlow Management and Configuration (OF-Config) protocol. The interface between the OpenFlow controller and the OpenFlow switch runs the OpenFlow protocol. Both of these protocols are provided by the International Standards Organization Open Network Foundation. The Open Networking Foundation (referred to as ONF) is responsible for the development and revision. The OpenFlow configuration point manages and configures the OpenFlow switch through the OF-Config channel. The OpenFlow controller controls the forwarding behavior of the OpenFlow switch through the OpenFlow channel to implement separation of data forwarding and routing control.
目前,OpenFlow配置点可以在同一个OpenFlow交换机上根据端口划分出多个逻辑交换机,不同的逻辑交换机分别占用不同的OpenFlow端口资源,并分别由不同的OpenFlow控制器进行控制。图2是根据相关技术的一个OpenFlow交换机上划分多个OpenFlow逻辑交换机的示例图。如图2所示,OpenFlow配置点在OpenFlow交换机上配置了两个逻辑交换机即OpenFlow逻辑交换机1和OpenFlow逻辑交换机2,其中,OpenFlow逻辑交换机1占用了部分OpenFlow端口资源并由OpenFlow控制器1进行控制,OpenFlow逻辑交换机2则占用了另外部分OpenFlow端口资源并由OpenFlow控制器2进行控制。Currently, an OpenFlow configuration point can divide multiple logical switches according to ports on the same OpenFlow switch. Different logical switches occupy different OpenFlow port resources and are controlled by different OpenFlow controllers. 2 is a diagram showing an example of dividing a plurality of OpenFlow logical switches on an OpenFlow switch according to the related art. As shown in Figure 2, the OpenFlow configuration point configures two logical switches, OpenFlow logical switch 1 and OpenFlow logical switch 2, on the OpenFlow switch. The OpenFlow logical switch 1 occupies part of the OpenFlow port resources and is controlled by the OpenFlow controller 1. OpenFlow logical switch 2 occupies another part of OpenFlow port resources and is controlled by OpenFlow controller 2.
由于硬件实现上的限制,同一个OpenFlow交换机上的多个逻辑交换机所 分别占用的资源之间并不是完全隔离的,也即OpenFlow交换机的某些资源后续在不同逻辑交换机之间进行动态分配时存在潜在冲突的可能。例如,一个OpenFlow交换机上可能只有一张虚拟局域网(VLAN)转发表供多个逻辑交换机共用,由于不同的逻辑交换机分属于不同的OpenFlow控制器所控制,所以就可能会出现不同的OpenFlow控制器分别把多个逻辑交换机的不同端口加入相同VLAN的情况,而这种情况通常是网络操作员所不希望发生的。然而,针对相关技术中某个OpenFlow控制器给某个OpenFlow逻辑交换机分配的资源与另一个OpenFlow控制器给另一个OpenFlow逻辑交换机分配的资源发生冲突的问题,目前尚缺少有效的解决方案。Multiple logical switches on the same OpenFlow switch due to hardware implementation limitations The resources occupied by the switches are not completely isolated, that is, there are potential conflicts when certain resources of the OpenFlow switch are dynamically allocated between different logical switches. For example, an OpenFlow switch may have only one virtual local area network (VLAN) forwarding table shared by multiple logical switches. Since different logical switches are controlled by different OpenFlow controllers, different OpenFlow controllers may appear. Adding different ports of multiple logical switches to the same VLAN, which is usually undesirable for network operators. However, there is currently no effective solution to the problem that the resources allocated by one OpenFlow controller to the one OpenFlow logical switch in the related art conflict with the resources allocated by another OpenFlow controller to another OpenFlow logical switch.
发明内容Summary of the invention
有鉴于此,本发明要解决的技术问题是提供一种防止逻辑交换机所占用资源发生冲突的方法及系统,使得控制着同一OpenFlow交换机上不同逻辑交换机的不同OpenFlow控制器在给各自控制的逻辑交换机分配资源时不会发生冲突。In view of the above, the technical problem to be solved by the present invention is to provide a method and system for preventing conflicts of resources occupied by logical switches, so that different OpenFlow controllers controlling different logical switches on the same OpenFlow switch are given to respective controlled logical switches. Conflicts do not occur when resources are allocated.
为了解决上述问题,采用如下技术方案:In order to solve the above problems, the following technical solutions are adopted:
一种防止逻辑交换机所占用资源发生冲突的方法,包括以下步骤:A method for preventing conflicts between resources occupied by a logical switch includes the following steps:
针对需要实现资源隔离的资源类型,为同一OpenFlow交换机上的不同逻辑交换机分别配置不重叠的所述资源类型的可占用资源范围;Configuring a resource range of the resource type that does not overlap for different logical switches on the same OpenFlow switch.
在所述逻辑交换机与所属的OpenFlow控制器建立控制连接后,查询所述逻辑交换机,确定存在资源隔离限制的资源类型;After the logical switch establishes a control connection with the associated OpenFlow controller, querying the logical switch to determine a resource type with a resource isolation restriction;
当所述OpenFlow控制器需要给对应的逻辑交换机分配所述存在资源隔离限制的资源类型时,向所述逻辑交换机查询所述资源类型的可占用资源范围,并从所述可占用资源范围中选择资源分配给所述逻辑交换机。When the OpenFlow controller needs to allocate the resource type with the resource isolation restriction to the corresponding logical switch, query the logical switch for the available resource range of the resource type, and select, from the range of the occupied resources Resources are allocated to the logical switch.
可选地,所述资源类型包括如下资源中的一种或多种:Optionally, the resource type includes one or more of the following resources:
虚拟局域网(VLAN)资源、虚拟路由转发(VRF)资源、多协议标签交换(MPLS)标签资源中。Virtual local area network (VLAN) resources, virtual route forwarding (VRF) resources, and multi-protocol label switching (MPLS) label resources.
可选地,所述在所述逻辑交换机与所属的OpenFlow控制器建立控制连接 后,查询所述逻辑交换机,确定存在资源隔离限制的资源类型的步骤包括:Optionally, the establishing, by the logical switch, a control connection with an associated OpenFlow controller After the querying the logical switch, determining the resource type with the resource isolation restriction includes:
在每个逻辑交换机自动与所属的OpenFlow控制器建立控制连接并在控制连接上运行OpenFlow协议后,所述OpenFlow控制器立即向所述逻辑交换机发送查询消息并接收所述逻辑交换机的回复消息,以获知存在资源隔离限制的资源类型。After each logical switch automatically establishes a control connection with the associated OpenFlow controller and runs the OpenFlow protocol on the control connection, the OpenFlow controller immediately sends a query message to the logical switch and receives a reply message of the logical switch. Know the resource type with resource isolation restrictions.
可选地,所述向所述逻辑交换机查询所述资源类型的可占用资源范围,并从所述可占用资源范围中选择资源分配给所述逻辑交换机的步骤包括:Optionally, the step of querying, by the logical switch, the suffixable resource range of the resource type, and selecting the resource to be allocated to the logical switch from the sufficable resource range, the method includes:
所述OpenFlow控制器向所述逻辑交换机发送查询消息并接收所述逻辑交换机的回复消息,以获知该资源类型在所述逻辑交换机上的可占用资源范围,所述OpenFlow控制器从获知的可占用资源范围中选择资源分配给所述逻辑交换机。The OpenFlow controller sends a query message to the logical switch and receives a reply message of the logical switch to learn the available resource range of the resource type on the logical switch, and the OpenFlow controller learns from the available A resource is selected from the resource range to be allocated to the logical switch.
可选地,所述资源类型根据OpenFlow交换机的资源隔离限制情况确定。Optionally, the resource type is determined according to a resource isolation restriction condition of the OpenFlow switch.
可选地,所述为同一OpenFlow交换机上的不同逻辑交换机分别配置不重叠的所述资源类型的可占用资源范围的步骤包括:Optionally, the step of separately configuring, by the different logical switches on the same OpenFlow switch, the non-overlapping resource range of the resource type includes:
针对同类型资源,为同一OpenFlow交换机上的不同逻辑交换机所配置的可占用资源范围是没有重叠的。For the same type of resources, the available resource ranges configured for different logical switches on the same OpenFlow switch are not overlapping.
一种防止逻辑交换机所占用资源发生冲突的系统,包括:配置模块、确定模块及分配模块,其中A system for preventing conflicts between resources occupied by a logical switch, comprising: a configuration module, a determining module, and an allocation module, wherein
所述配置模块设置成:针对需要实现资源隔离的资源类型,为同一OpenFlow交换机上的不同逻辑交换机分别配置不重叠的所述资源类型的可占用资源范围;The configuration module is configured to: configure, for different resource switches on the same OpenFlow switch, non-overlapping resource ranges of the resource types for resource types that need to implement resource isolation;
所述确定模块设置成:在所述逻辑交换机与所属的OpenFlow控制器建立控制连接后,查询所述逻辑交换机,确定存在资源隔离限制的资源类型;The determining module is configured to: after the logical switch establishes a control connection with the associated OpenFlow controller, query the logical switch to determine a resource type with a resource isolation restriction;
所述分配模块设置成:当所述OpenFlow控制器需要给对应的逻辑交换机分配所述存在资源隔离限制的资源类型时,向所述逻辑交换机查询所述资源类型的可占用资源范围,并从所述可占用资源范围中选择资源分配给所述逻辑交换机。 The allocation module is configured to: when the OpenFlow controller needs to allocate the resource type with the resource isolation restriction to the corresponding logical switch, query the logical switch for the available resource range of the resource type, and A resource selected from the range of available resources is allocated to the logical switch.
可选地,所述资源类型包括如下资源中的一种或多种:Optionally, the resource type includes one or more of the following resources:
VLAN资源、VRF资源、MPLS标签资源。VLAN resources, VRF resources, and MPLS label resources.
可选地,所述确定模块设置成按照如下方式在所述逻辑交换机与所属的OpenFlow控制器建立控制连接后,查询所述逻辑交换机,确定存在资源隔离限制的资源类型:Optionally, the determining module is configured to query the logical switch to determine a resource type with a resource isolation restriction after the logical switch establishes a control connection with the associated OpenFlow controller according to the following manner:
在每个逻辑交换机自动与所属的OpenFlow控制器建立控制连接并在控制连接上运行OpenFlow协议后,所述确定模块,用于向所述逻辑交换机发送查询消息并接收所述逻辑交换机的回复消息,以获知存在资源隔离限制的资源类型。After the logical switch automatically establishes a control connection with the associated OpenFlow controller and runs the OpenFlow protocol on the control connection, the determining module is configured to send a query message to the logical switch and receive a reply message of the logical switch. To know the type of resource that has resource isolation restrictions.
可选地,所述分配模块设置成按照如下方式向所述逻辑交换机查询所述资源类型的可占用资源范围,并从所述可占用资源范围中选择资源分配给所述逻辑交换机:Optionally, the allocating module is configured to query the logical switch for an occupant resource range of the resource type according to the following manner, and select a resource to be allocated to the logical switch from the occupable resource range:
向所述逻辑交换机发送查询消息并接收所述逻辑交换机的回复消息,以获知该资源类型在所述逻辑交换机上的可占用资源范围,并从获知的可占用资源范围中选择资源分配给所述逻辑交换机。Sending a query message to the logical switch and receiving a reply message of the logical switch, to learn an available resource range of the resource type on the logical switch, and selecting a resource allocation from the learned available resource range to the Logical switch.
可选地,所述资源类型根据OpenFlow交换机的资源隔离限制情况确定。Optionally, the resource type is determined according to a resource isolation restriction condition of the OpenFlow switch.
可选地,所述配置模块设置成按照如下方式为同一OpenFlow交换机上的不同逻辑交换机分别配置不重叠的所述资源类型的可占用资源范围:Optionally, the configuration module is configured to separately configure, for different logical switches on the same OpenFlow switch, an occupant resource range of the resource type that does not overlap:
针对同类型资源,为同一OpenFlow交换机上的不同逻辑交换机所配置的可占用资源范围是没有重叠的。For the same type of resources, the available resource ranges configured for different logical switches on the same OpenFlow switch are not overlapping.
本发明技术方案利用OpenFlow配置点,根据OpenFlow交换机的资源隔离限制情况,给同一OpenFlow交换机上的不同逻辑交换机为同类型资源配置不重叠的可占用资源范围,并通过扩展相关技术的OpenFlow协议实现OpenFlow控制器对逻辑交换机存在资源隔离限制的资源类型及配置的可占用资源范围的获取。The technical solution of the present invention utilizes the OpenFlow configuration point, and according to the resource isolation limitation of the OpenFlow switch, different logical switches on the same OpenFlow switch are configured to allocate non-overlapping resources of the same type of resources, and implement OpenFlow by extending the related technology OpenFlow protocol. The controller obtains the resource type of the resource switch and the available resource range of the configuration.
附图概述BRIEF abstract
图1为根据相关技术的OpenFlow网络组件架构示意图; 1 is a schematic diagram of an OpenFlow network component architecture according to the related art;
图2为根据相关技术的一个OpenFlow交换机上划分多个OpenFlow逻辑交换机的示例图;2 is a diagram showing an example of dividing a plurality of OpenFlow logical switches on an OpenFlow switch according to the related art;
图3为根据本发明较佳实施例的一种防止逻辑交换机所占用资源发生冲突的方法的流程图;3 is a flowchart of a method for preventing a resource conflict of a logical switch from colliding according to a preferred embodiment of the present invention;
图4为根据本发明实施例一的防止逻辑交换机所占用资源发生冲突的方法的流程图;4 is a flowchart of a method for preventing a resource conflict of a logical switch from colliding according to the first embodiment of the present invention;
图5为根据本发明实施例二的防止逻辑交换机所占用资源发生冲突的方法的流程图;5 is a flowchart of a method for preventing a resource conflict of a logical switch from colliding according to Embodiment 2 of the present invention;
图6为根据本发明实施例三的防止逻辑交换机所占用资源发生冲突的方法的流程图;6 is a flowchart of a method for preventing a resource conflict of a logical switch from colliding according to Embodiment 3 of the present invention;
图7为根据本发明较佳实施例提供的防止逻辑交换机所占用资源发生冲突的系统的示意图。FIG. 7 is a schematic diagram of a system for preventing conflicts of resources occupied by a logical switch according to a preferred embodiment of the present invention.
本发明的较佳实施方式Preferred embodiment of the invention
以下是对本文详细描述的主题的概述。本概述并非是为了限制权利要求的保护范围。The following is an overview of the topics detailed in this document. This Summary is not intended to limit the scope of the claims.
下面将结合附图及具体实施例进行详细描述。The detailed description will be made below in conjunction with the accompanying drawings and specific embodiments.
本发明实施例提供了一种防止逻辑交换机所占用资源发生冲突的方法,所述方法的流程图如图3所示,包括以下步骤。The embodiment of the invention provides a method for preventing conflicts of resources occupied by a logical switch. The flowchart of the method is as shown in FIG. 3, and includes the following steps.
步骤S302,针对需要实现资源隔离的资源类型,为同一OpenFlow交换机上的不同逻辑交换机分别配置不重叠的所述资源类型的可占用资源范围。In step S302, for the resource types that need to implement resource isolation, the different logical switches on the same OpenFlow switch are respectively configured with non-overlapping resource types of the resource types.
具体而言,不同OpenFlow交换机所采用的具体软硬件实现方法可能是不同的,于是不同OpenFlow交换机的资源隔离限制情况也可能是不同的。例如,有OpenFlow交换机的虚拟局域网(VLAN)资源在该OpenFlow交换机上所创建的不同逻辑交换机之间是共享的,也即不同逻辑交换机上分配了相同VLAN的端口之间是互通的,做不到逻辑交换机之间VLAN资源的隔离;同时,也有OpenFlow交换机的VLAN资源在该OpenFlow交换机上所创建的不同逻辑交换机之间是隔离的,也即不同逻辑交换机上即使分配了相同VLAN 的端口之间也是不能互通的。所以,可以根据OpenFlow交换机的资源隔离限制情况,确定哪些资源类型需要进行人工配置以实现隔离,然后OpenFlow配置点针对所确定的各资源类型分别给逻辑交换机配置可占用资源范围。其中,同一OpenFlow交换机上的不同逻辑交换机针对同类型资源所配置的可占用资源范围是没有重叠的。Specifically, the specific software and hardware implementation methods used by different OpenFlow switches may be different, and the resource isolation restrictions of different OpenFlow switches may also be different. For example, a virtual local area network (VLAN) resource with an OpenFlow switch is shared between different logical switches created on the OpenFlow switch, that is, ports that are assigned the same VLAN on different logical switches are interworking. The isolation of VLAN resources between logical switches; at the same time, the VLAN resources of OpenFlow switches are isolated between different logical switches created on the OpenFlow switch, that is, even if the same VLAN is assigned on different logical switches. The ports are also not interoperable. Therefore, according to the resource isolation limitation of the OpenFlow switch, it is determined which resource types need to be manually configured to implement isolation, and then the OpenFlow configuration point separately configures the logical switch to occupy the resource range for each determined resource type. The different logical switches on the same OpenFlow switch do not overlap in the available resource ranges configured for the same type of resources.
步骤S304,在所述逻辑交换机与所属的OpenFlow控制器建立控制连接后,查询所述逻辑交换机,确定存在资源隔离限制的资源类型。Step S304, after the logical switch establishes a control connection with the associated OpenFlow controller, query the logical switch to determine the resource type with the resource isolation restriction.
具体而言,在OpenFlow配置点在OpenFlow交换机上创建多个逻辑交换机并分别配置可占用资源范围后,每个逻辑交换机会自动与自己所属的OpenFlow控制器建立起控制连接并在控制连接上运行OpenFlow协议。然后,OpenFlow控制器随即向逻辑交换机发送查询消息并接收逻辑交换机的回复消息,以获知存在资源隔离限制的资源类型(例如VLAN资源)。于此,OpenFlow控制器在控制连接建立成功后立即向逻辑交换机查询存在资源隔离限制的资源类型,可以让OpenFlow控制器在第一时间获知存在资源隔离限制的资源类型。Specifically, after multiple logical switches are created on the OpenFlow switch and the available resource ranges are configured, each logical switch automatically establishes a control connection with its own OpenFlow controller and runs OpenFlow on the control connection. protocol. The OpenFlow controller then sends a query message to the logical switch and receives a reply message from the logical switch to learn the resource type (eg, VLAN resource) with resource isolation restrictions. In this case, the OpenFlow controller immediately queries the logical switch for the resource type with the resource isolation restriction after the control connection is successfully established, so that the OpenFlow controller can know the resource type with the resource isolation restriction at the first time.
步骤S306,当所述OpenFlow控制器需要给对应的逻辑交换机分配所述存在资源隔离限制的资源类型时,向所述逻辑交换机查询所述资源类型的可占用资源范围,并从所述可占用资源范围中选择资源分配给所述逻辑交换机。Step S306, when the OpenFlow controller needs to allocate the resource type with the resource isolation restriction to the corresponding logical switch, query the logical switch for the available resource range of the resource type, and use the occupied resource from the resource. A resource is selected in the range to be assigned to the logical switch.
具体而言,接受网络应用程序调用的OpenFlow控制器会根据需要为其控制的逻辑交换机分配资源。由于OpenFlow控制器已预先获知逻辑交换机上存在资源隔离限制的资源类型,所以当OpenFlow控制器需要给逻辑交换机分配存在资源隔离限制的资源类型时,首先,OpenFlow控制器会向逻辑交换机发送查询消息并接收逻辑交换机的回复消息,以确定该资源类型在本逻辑交换机上的可占用资源范围,然后,OpenFlow控制器会从获知的可占用资源范围中选择资源分配给逻辑交换机。上述OpenFlow控制器按需查询逻辑交换机上已配置的可占用资源范围,一方面可以防止一次查询所有资源类型的可占用资源范围带来的长时间占用控制连接且容易出错的问题,另一方面可以省略对于无需分配的资源类型的可占用资源范围的查询过程,提高了查询的效率。Specifically, OpenFlow controllers that accept web application calls allocate resources to the logical switches they need to control. Since the OpenFlow controller knows in advance the resource type of the resource isolation restriction on the logical switch, when the OpenFlow controller needs to allocate the resource type with the resource isolation restriction to the logical switch, first, the OpenFlow controller sends a query message to the logical switch. Receiving a reply message of the logical switch to determine a range of available resources of the resource type on the logical switch, and then the OpenFlow controller selects a resource to be allocated to the logical switch from the learned range of available resources. The above-mentioned OpenFlow controller queries the configurable resource range on the logical switch as needed, and on the other hand, can prevent the problem of long-term occupation control connection and error-prone by querying the resource range of all resource types at one time, and on the other hand, The query process for the usable resource range of the resource type that does not need to be allocated is omitted, and the efficiency of the query is improved.
从上述流程可以看出,本发明较佳实施例提供的防止逻辑交换机所占用 资源发生冲突的方法简单实用,由OpenFlow控制器来发起针对逻辑交换机上存在资源隔离限制的资源类型及各资源类型的可占用资源范围的查询,使得该方法具备很好的兼容性和扩展性,可适用于各种采用不同软硬件方案生产出来的OpenFlow交换机,较好地解决了逻辑交换机所占用资源发生冲突的技术问题。It can be seen from the foregoing process that the protection of the logical switch is provided by the preferred embodiment of the present invention. The method for conflicting resources is simple and practical. The OpenFlow controller initiates a query for resource types with resource isolation restrictions on the logical switch and the resource range of each resource type, so that the method has good compatibility and scalability. It can be applied to various OpenFlow switches produced by different software and hardware solutions, which better solves the technical problem of conflicts of resources occupied by logical switches.
实施例一Embodiment 1
图4是根据本发明实施例一的防止逻辑交换机所占用资源发生冲突的方法的流程图。如图4所示,于本实施例中,同一个OpenFlow交换机上的两个OpenFlow逻辑交换机分别由两个OpenFlow控制器进行控制,即OpenFlow逻辑交换机1由OpenFlow控制器1控制,OpenFlow逻辑交换机2由OpenFlow控制器2控制。两个OpenFlow逻辑交换机共享同一个OpenFlow交换机的VLAN资源且存在潜在冲突的可能。4 is a flowchart of a method for preventing a resource conflict of a logical switch from colliding according to the first embodiment of the present invention. As shown in FIG. 4, in this embodiment, two OpenFlow logical switches on the same OpenFlow switch are respectively controlled by two OpenFlow controllers, that is, OpenFlow logical switch 1 is controlled by OpenFlow controller 1, and OpenFlow logical switch 2 is controlled by OpenFlow controller 2 control. Two OpenFlow logical switches share the VLAN resources of the same OpenFlow switch and there is a potential for conflict.
于本实施例中,OpenFlow网络中的OpenFlow配置点、OpenFlow控制器和OpenFlow逻辑交换机要执行如下步骤:In this embodiment, the OpenFlow configuration point, the OpenFlow controller, and the OpenFlow logical switch in the OpenFlow network perform the following steps:
步骤402,OpenFlow配置点在OpenFlow交换机上分别创建OpenFlow逻辑交换机1和OpenFlow逻辑交换机2,并给OpenFlow逻辑交换机1配置VLAN可占用范围[1-2000],给OpenFlow逻辑交换机2配置VLAN可占用范围[2001-4094]。其中,OpenFlow逻辑交换机1的VLAN可占用范围[1-2000]与OpenFlow逻辑交换机2的VLAN可占用范围[2001-4094]是不重叠的,这就可以避免由于上述两个逻辑交换机分属两个OpenFlow控制器所可能引起的潜在VLAN分配冲突。Step 402: The OpenFlow configuration point creates an OpenFlow logical switch 1 and an OpenFlow logical switch 2 on the OpenFlow switch, and configures the OpenFlow logical switch 1 with a VLAN occupiable range [1-2000], and configures the OpenFlow logical switch 2 with a VLAN occupiable range. 2001-4094]. The VLAN occupies of the OpenFlow logical switch 1 [1-2000] and the VLAN occupies of the OpenFlow logical switch 2 [2001-4094] do not overlap, which can avoid the two logical switches being separated into two. Potential VLAN assignment conflicts that may be caused by OpenFlow controllers.
步骤404,在OpenFlow逻辑交换机1与OpenFlow控制器1之间的控制连接建立成功之后,OpenFlow控制器1立即向OpenFlow逻辑交换机1发送查询消息,询问OpenFlow逻辑交换机1上哪些资源类型存在资源隔离限制。OpenFlow逻辑交换机1在接收到OpenFlow控制器1发送的查询消息后,会向OpenFlow控制器1发送回复消息,以反馈本逻辑交换机上的VLAN资源存在资源隔离限制。Step 404: After the control connection between the OpenFlow logical switch 1 and the OpenFlow controller 1 is successfully established, the OpenFlow controller 1 immediately sends a query message to the OpenFlow logical switch 1 to query which resource types on the OpenFlow logical switch 1 have resource isolation restrictions. After receiving the query message sent by the OpenFlow controller 1, the OpenFlow logical switch 1 sends a reply message to the OpenFlow controller 1 to feedback the resource isolation restriction of the VLAN resource on the logical switch.
根据OpenFlow协议的规定,OpenFlow配置点会给OpenFlow逻辑交换机1配置OpenFlow控制器1的地址,随后OpenFlow逻辑交换机1会自动发 起并建立其与OpenFlow控制器1之间的控制连接。According to the OpenFlow protocol, the OpenFlow configuration point will configure the OpenFlow logical switch 1 with the address of the OpenFlow controller 1, and then the OpenFlow logical switch 1 will automatically send it. And establish a control connection with the OpenFlow controller 1.
步骤406,网络应用程序调用OpenFlow控制器1进行VLAN资源的分配,OpenFlow控制器1向OpenFlow逻辑交换机1发送查询消息,询问OpenFlow逻辑交换机1上已配置的VLAN资源的可占用范围。OpenFlow逻辑交换机1在接收到OpenFlow控制器1发送的查询消息后,会向OpenFlow控制器1发送回复消息,以反馈本逻辑交换机上已配置的VLAN资源的可占用范围是[1-2000]。OpenFlow控制器1在接收到OpenFlow逻辑交换机1的回复消息后,从获知的VLAN资源可占用范围[1-2000]中选择VLAN分配给OpenFlow逻辑交换机1上的端口。Step 406: The network application invokes the OpenFlow controller 1 to allocate VLAN resources, and the OpenFlow controller 1 sends an inquiry message to the OpenFlow logical switch 1 to query the occupiable range of the configured VLAN resources on the OpenFlow logical switch 1. After receiving the query message sent by the OpenFlow controller 1, the OpenFlow logical switch 1 sends a reply message to the OpenFlow controller 1 to feed back the occupied range of the configured VLAN resources on the logical switch [1-2000]. After receiving the reply message of the OpenFlow logical switch 1, the OpenFlow controller 1 selects a VLAN to be assigned to the port on the OpenFlow logical switch 1 from the learned VLAN resource occupiable range [1-2000].
步骤408~410采用的是与步骤404~406相雷同的机制和方法,在网络应用程序调用OpenFlow控制器2对OpenFlow逻辑交换机2进行VLAN分配时执行,步骤408~410与步骤404~406之间是并行且相互独立的。Steps 408-410 are performed in the same manner as steps 404-406. When the network application invokes the OpenFlow controller 2 to perform VLAN allocation on the OpenFlow logical switch 2, between steps 408-410 and steps 404-406. It is parallel and independent of each other.
实施例二Embodiment 2
图5是根据本发明实施例二的防止逻辑交换机所占用资源发生冲突的方法的流程图。如图5所示,于本实施例中,同一个OpenFlow交换机上的两个OpenFlow逻辑交换机分别由两个OpenFlow控制器进行控制,即OpenFlow逻辑交换机1由OpenFlow控制器1控制,OpenFlow逻辑交换机2由OpenFlow控制器2控制。两个OpenFlow逻辑交换机共享同一个OpenFlow交换机的VLAN资源和虚拟路由转发(VRF)资源且存在潜在冲突的可能。VRF是互联网工程任务组(IETF)规定的虚拟专用网(VPN)技术中定义的虚拟专用网实例,与VLAN相类似,一个OpenFlow交换机的端口上可以同时启用多个VRF,但同一个OpenFlow交换机上分属于不同OpenFlow控制器的不同逻辑交换机端口可能会由于启用了相同的VRF而引起冲突。FIG. 5 is a flowchart of a method for preventing conflicts of resources occupied by a logical switch according to Embodiment 2 of the present invention. As shown in FIG. 5, in this embodiment, two OpenFlow logical switches on the same OpenFlow switch are respectively controlled by two OpenFlow controllers, that is, OpenFlow logical switch 1 is controlled by OpenFlow controller 1, and OpenFlow logical switch 2 is controlled by OpenFlow controller 2 control. Two OpenFlow logical switches share the VLAN resources and virtual route forwarding (VRF) resources of the same OpenFlow switch and have potential conflicts. VRF is a virtual private network instance defined in the Virtual Private Network (VPN) technology defined by the Internet Engineering Task Force (IETF). Similar to a VLAN, multiple VRFs can be enabled on the same port of an OpenFlow switch, but on the same OpenFlow switch. Different logical switch ports belonging to different OpenFlow controllers may cause conflicts due to the same VRF being enabled.
于本实施例中,OpenFlow网络中的OpenFlow配置点、OpenFlow控制器和OpenFlow逻辑交换机要执行如下步骤:In this embodiment, the OpenFlow configuration point, the OpenFlow controller, and the OpenFlow logical switch in the OpenFlow network perform the following steps:
步骤502,OpenFlow配置点在OpenFlow交换机上分别创建OpenFlow逻辑交换机1和OpenFlow逻辑交换机2,并给OpenFlow逻辑交换机1配置VLAN可占用范围[1-2000]和VRF可占用范围[1-1000],给OpenFlow逻辑交换机2配置VLAN可占用范围[2001-4094]和VRF可占用范围[1001-2000]。 Step 502: The OpenFlow configuration point creates an OpenFlow logical switch 1 and an OpenFlow logical switch 2 on the OpenFlow switch, and configures the OpenFlow logical switch 1 with a VLAN occupiable range [1-2000] and a VRF occupiable range [1-1000]. OpenFlow Logical Switch 2 is configured with a VLAN occupiable range [2001-4094] and a VRF occupiable range [1001-2000].
其中,OpenFlow逻辑交换机1的VLAN可占用范围[1-2000]与OpenFlow逻辑交换机2的VLAN可占用范围[2001-4094]是不重叠的,这就可以避免由于上述两个逻辑交换机分属两个OpenFlow控制器所可能引起的潜在VLAN分配冲突。OpenFlow逻辑交换机1的VRF可占用范围[1-1000]与OpenFlow逻辑交换机2的VRF可占用范围[1001-2000]也是不重叠的,这就可以避免由于上述两个逻辑交换机分属两个OpenFlow控制器所可能引起的潜在VRF分配冲突。The VLAN occupies of the OpenFlow logical switch 1 [1-2000] and the VLAN occupies of the OpenFlow logical switch 2 [2001-4094] do not overlap, which can avoid the two logical switches being separated into two. Potential VLAN assignment conflicts that may be caused by OpenFlow controllers. The VRF occupiable range of the OpenFlow Logical Switch 1 [1-1000] and the VRF occupiable range [1001-2000] of the OpenFlow Logical Switch 2 are also non-overlapping, which avoids the fact that the two logical switches belong to two OpenFlow controls. Potential VRF allocation conflicts that may be caused by the device.
步骤504,在OpenFlow逻辑交换机1与OpenFlow控制器1之间的控制连接建立成功之后,OpenFlow控制器1立即向OpenFlow逻辑交换机1发送查询消息,询问OpenFlow逻辑交换机1上哪些类型的资源存在资源隔离限制。OpenFlow逻辑交换机1在接收到OpenFlow控制器1发送的查询消息后,会向OpenFlow控制器1发送回复消息,以反馈本逻辑交换机上的VLAN资源和VRF资源存在资源隔离限制。Step 504: After the control connection between the OpenFlow logical switch 1 and the OpenFlow controller 1 is successfully established, the OpenFlow controller 1 immediately sends a query message to the OpenFlow logical switch 1 to query which types of resources on the OpenFlow logical switch 1 have resource isolation restrictions. . After receiving the query message sent by the OpenFlow controller 1, the OpenFlow logical switch 1 sends a reply message to the OpenFlow controller 1 to feedback the resource isolation limit of the VLAN resource and the VRF resource on the logical switch.
步骤506,网络应用程序调用OpenFlow控制器1进行VLAN资源的分配,OpenFlow控制器1向OpenFlow逻辑交换机1发送查询消息,询问OpenFlow逻辑交换机1上已配置的VLAN资源的可占用范围。OpenFlow逻辑交换机1在接收到OpenFlow控制器1发送的查询消息后,会向OpenFlow控制器1发送回复消息,以反馈本逻辑交换机上已配置的VLAN资源的可占用范围是[1-2000]。OpenFlow控制器1在接收到OpenFlow逻辑交换机1的回复消息后,从获知的VLAN资源可占用范围[1-2000]中选择VLAN分配给OpenFlow逻辑交换机1上的端口。Step 506: The network application invokes the OpenFlow controller 1 to allocate VLAN resources, and the OpenFlow controller 1 sends an inquiry message to the OpenFlow logical switch 1 to query the occupiable range of the configured VLAN resources on the OpenFlow logical switch 1. After receiving the query message sent by the OpenFlow controller 1, the OpenFlow logical switch 1 sends a reply message to the OpenFlow controller 1 to feed back the occupied range of the configured VLAN resources on the logical switch [1-2000]. After receiving the reply message of the OpenFlow logical switch 1, the OpenFlow controller 1 selects a VLAN to be assigned to the port on the OpenFlow logical switch 1 from the learned VLAN resource occupiable range [1-2000].
步骤508,网络应用程序调用OpenFlow控制器1进行VRF资源的分配,OpenFlow控制器1向OpenFlow逻辑交换机1发送查询消息,询问OpenFlow逻辑交换机1上已配置的VRF资源的可占用范围。OpenFlow逻辑交换机1在接收到OpenFlow控制器1发送的查询消息后,会向OpenFlow控制器1发送回复消息,以反馈本逻辑交换机上已配置的VRF资源的可占用范围是[1-1000]。OpenFlow控制器1在接收到OpenFlow逻辑交换机1的回复消息后,从获知的VRF资源可占用范围[1-1000]中选择VRF分配给OpenFlow逻辑交换机1上的端口。 Step 508, the network application calls the OpenFlow controller 1 to allocate the VRF resources, and the OpenFlow controller 1 sends a query message to the OpenFlow logical switch 1 to query the vacable range of the configured VRF resources on the OpenFlow logical switch 1. After receiving the query message sent by the OpenFlow controller 1, the OpenFlow logical switch 1 sends a reply message to the OpenFlow controller 1 to feed back the vacant range of the configured VRF resources on the logical switch [1-1000]. After receiving the reply message of the OpenFlow logical switch 1, the OpenFlow controller 1 selects the VRF allocated to the port on the OpenFlow logical switch 1 from the learned VRF resource occupiable range [1-1000].
实施例三Embodiment 3
图6是根据本发明实施例三的防止逻辑交换机所占用资源发生冲突的方法的流程图。如图6所示,于本实施例中,同一个OpenFlow交换机上的两个OpenFlow逻辑交换机分别由两个OpenFlow控制器进行控制,即OpenFlow逻辑交换机1由OpenFlow控制器1控制,OpenFlow逻辑交换机2由OpenFlow控制器2控制。两个OpenFlow逻辑交换机共享同一个OpenFlow交换机的VLAN资源、VRF资源和基于平台(Per-Platform)的多协议标签交换(MPLS)标签资源且存在潜在冲突的可能。MPLS是IETF制定的通信转发协议,同一个OpenFlow交换机上基于平台的MPLS标签用于给进入该OpenFlow交换机的属于同一转发等价类(FEC)的报文统一分配。FIG. 6 is a flowchart of a method for preventing conflicts of resources occupied by a logical switch according to Embodiment 3 of the present invention. As shown in FIG. 6, in this embodiment, two OpenFlow logical switches on the same OpenFlow switch are respectively controlled by two OpenFlow controllers, that is, OpenFlow logical switch 1 is controlled by OpenFlow controller 1, and OpenFlow logical switch 2 is controlled by OpenFlow controller 2 control. Two OpenFlow logical switches share the VLAN resources, VRF resources, and Per-Platform-based Multiprotocol Label Switching (MPLS) label resources of the same OpenFlow switch and have potential conflicts. MPLS is a communication forwarding protocol developed by the IETF. The platform-based MPLS label on the same OpenFlow switch is used to uniformly allocate packets belonging to the same forwarding equivalence class (FEC) entering the OpenFlow switch.
于本实施例中,OpenFlow网络中的OpenFlow配置点、OpenFlow控制器和OpenFlow逻辑交换机要执行如下步骤:In this embodiment, the OpenFlow configuration point, the OpenFlow controller, and the OpenFlow logical switch in the OpenFlow network perform the following steps:
步骤602,OpenFlow配置点在OpenFlow交换机上分别创建OpenFlow逻辑交换机1和OpenFlow逻辑交换机2,并给OpenFlow逻辑交换机1配置VLAN可占用范围[1-2000]、VRF可占用范围[1-1000]和基于平台的MPLS标签可占用范围[16-219],给OpenFlow逻辑交换机2配置VLAN可占用范围[2001-4094]、VRF可占用范围[1001-2000]和基于平台的MPLS标签可占用范围[219+1-220]。Step 602: OpenFlow configuration points respectively create OpenFlow logical switch 1 and OpenFlow logical switch 2 on the OpenFlow switch, and configure OpenFlow logical switch 1 with a VLAN occupiable range [1-2000], a VRF occupiable range [1-1000], and based on The MPLS label of the platform can occupy the range [16-2 19 ], configure the OpenFlow logical switch 2 with the VLAN occupiable range [2001-4094], the VRF occupiable range [1001-2000], and the platform-based MPLS label occupies the range [2] 19 +1-2 20 ].
其中,OpenFlow逻辑交换机1的VLAN可占用范围[1-2000]与OpenFlow逻辑交换机2的VLAN可占用范围[2001-4094]是不重叠的,这就可以避免由于上述两个OpenFlow逻辑交换机分属两个OpenFlow控制器所可能引起的潜在VLAN分配冲突。OpenFlow逻辑交换机1的VRF可占用范围[1-1000]与OpenFlow逻辑交换机2的VRF可占用范围[1001-2000]也是不重叠的,这就可以避免由于上述两个OpenFlow逻辑交换机分属两个OpenFlow控制器所可能引起的潜在VRF分配冲突。OpenFlow逻辑交换机1的基于平台的MPLS标签可占用范围[16-219]与OpenFlow逻辑交换机2的基于平台的MPLS标签可占用范围[219+1-220]也是不重叠的,这就可以避免由于上述两个OpenFlow逻辑交换机分属两个OpenFlow控制器所可能引起的潜在基于平台的MPLS标签冲突。 The VLAN occupies of the OpenFlow logical switch 1 [1-2000] and the VLAN occupiable range [2001-4094] of the OpenFlow logical switch 2 do not overlap, which can be avoided because the two OpenFlow logical switches belong to the two Potential VLAN assignment conflicts that may be caused by OpenFlow controllers. The VRF occupiable range of the OpenFlow Logical Switch 1 [1-1000] and the VRF occupiable range [1001-2000] of the OpenFlow Logical Switch 2 are also non-overlapping, which avoids the fact that the two OpenFlow logical switches belong to two OpenFlows. Potential VRF allocation conflicts that may be caused by the controller. The platform-based MPLS label of OpenFlow Logical Switch 1 can occupy a range [16-2 19 ] and the platform-based MPLS label of OpenFlow Logical Switch 2 can occupy a range [2 19 +1-2 20 ] and it does not overlap. Avoid potential platform-based MPLS label conflicts that may result from the two OpenFlow logical switches being separated into two OpenFlow controllers.
步骤604,在OpenFlow逻辑交换机1与OpenFlow控制器1之间的控制连接建立成功之后,OpenFlow控制器1立即向OpenFlow逻辑交换机1发送查询消息,询问OpenFlow逻辑交换机1上哪些类型的资源存在资源隔离限制。OpenFlow逻辑交换机1在接收到OpenFlow控制器1发送的查询消息后,会向OpenFlow控制器1发送回复消息,以反馈本逻辑交换机上的VLAN资源、VRF资源和基于平台的MPLS标签资源存在资源隔离限制。Step 604, after the control connection between the OpenFlow logical switch 1 and the OpenFlow controller 1 is successfully established, the OpenFlow controller 1 immediately sends a query message to the OpenFlow logical switch 1 to query which types of resources on the OpenFlow logical switch 1 have resource isolation restrictions. . After receiving the query message sent by the OpenFlow controller 1, the OpenFlow logical switch 1 sends a reply message to the OpenFlow controller 1 to feedback the resource isolation limitation of the VLAN resource, the VRF resource, and the platform-based MPLS label resource on the logical switch. .
步骤606,网络应用程序调用OpenFlow控制器1进行基于平台的MPLS标签资源的分配,OpenFlow控制器1向OpenFlow逻辑交换机1发送查询消息,询问OpenFlow逻辑交换机1上已配置的基于平台的MPLS标签资源的可占用范围。OpenFlow逻辑交换机1在接收到OpenFlow控制器1发送的查询消息后,会向OpenFlow控制器1发送回复消息,以反馈本逻辑交换机上已配置的基于平台的MPLS标签资源的可占用范围是[16-219]。OpenFlow控制器1在接收到OpenFlow逻辑交换机1的回复消息后,从获知的基于平台的MPLS标签资源可占用范围[16-219]中选择基于平台的MPLS标签分配给进入OpenFlow逻辑交换机1的FEC。Step 606: The network application invokes the OpenFlow controller 1 to perform allocation of the platform-based MPLS label resource, and the OpenFlow controller 1 sends a query message to the OpenFlow logical switch 1 to query the configured platform-based MPLS label resource on the OpenFlow logical switch 1. Can occupy the range. After receiving the query message sent by the OpenFlow controller 1, the OpenFlow logical switch 1 sends a reply message to the OpenFlow controller 1 to feed back the available range of the platform-based MPLS label resource configured on the logical switch. [16- 2 19 ]. After receiving the reply message of the OpenFlow logical switch 1, the OpenFlow controller 1 selects the platform-based MPLS label from the learned platform-based MPLS label resource occupiable range [16-2 19 ] to the FEC entering the OpenFlow logical switch 1. .
步骤608,网络应用程序调用OpenFlow控制器1进行VLAN资源的分配,OpenFlow控制器1向OpenFlow逻辑交换机1发送查询消息,询问OpenFlow逻辑交换机1上已配置的VLAN资源的可占用范围。OpenFlow逻辑交换机1在接收到OpenFlow控制器1发送的查询消息后,会向OpenFlow控制器1发送回复消息,以反馈本逻辑交换机上已配置的VLAN资源的可占用范围是[1-2000]。OpenFlow控制器1在接收到OpenFlow逻辑交换机1的回复消息后,从获知的VLAN资源可占用范围[1-2000]中选择VLAN分配给OpenFlow逻辑交换机1上的端口。Step 608: The network application invokes the OpenFlow controller 1 to allocate VLAN resources, and the OpenFlow controller 1 sends an inquiry message to the OpenFlow logical switch 1 to query the occupable range of the configured VLAN resources on the OpenFlow logical switch 1. After receiving the query message sent by the OpenFlow controller 1, the OpenFlow logical switch 1 sends a reply message to the OpenFlow controller 1 to feed back the occupied range of the configured VLAN resources on the logical switch [1-2000]. After receiving the reply message of the OpenFlow logical switch 1, the OpenFlow controller 1 selects a VLAN to be assigned to the port on the OpenFlow logical switch 1 from the learned VLAN resource occupiable range [1-2000].
如图7所示,本发明较佳实施例还提供一种防止逻辑交换机所占用资源发生冲突的系统,包括:配置模块10、确定模块12及分配模块14。As shown in FIG. 7, the preferred embodiment of the present invention further provides a system for preventing conflicts between resources occupied by a logical switch, including: a configuration module 10, a determining module 12, and an allocating module 14.
配置模块10(例如,OpenFlow配置点)设置成:针对需要实现资源隔离的资源类型,为同一OpenFlow交换机上的不同逻辑交换机分别配置不重叠的所述资源类型的可占用资源范围;The configuration module 10 (for example, an OpenFlow configuration point) is configured to: for different resource switches on the same OpenFlow switch, different non-overlapping resource types of the resource types are configured for resource types that need to implement resource isolation;
确定模块12设置成:在所述逻辑交换机与所属的OpenFlow控制器建立 控制连接后,查询所述逻辑交换机,确定存在资源隔离限制的资源类型;The determining module 12 is configured to: establish the logical switch and the associated OpenFlow controller After controlling the connection, query the logical switch to determine the resource type with resource isolation restrictions;
分配模块14设置成:当所述OpenFlow控制器需要给对应的逻辑交换机分配所述存在资源隔离限制的资源类型时,向所述逻辑交换机查询所述资源类型的可占用资源范围,并从所述可占用资源范围中选择资源分配给所述逻辑交换机。具体而言,在每个逻辑交换机自动与所属的OpenFlow控制器建立控制连接并在控制连接上运行OpenFlow协议后,确定模块12,用于向逻辑交换机发送查询消息并接收所述逻辑交换机的回复消息,以获知存在资源隔离限制的资源类型。The allocating module 14 is configured to: when the OpenFlow controller needs to allocate the resource type with the resource isolation restriction to the corresponding logical switch, query the logical switch for the available resource range of the resource type, and from the A resource selected from the range of available resources is allocated to the logical switch. Specifically, after each logical switch automatically establishes a control connection with the associated OpenFlow controller and runs the OpenFlow protocol on the control connection, the determining module 12 is configured to send a query message to the logical switch and receive a reply message of the logical switch. To know the type of resource that has resource isolation restrictions.
可选地,所述配置模块10设置成按照如下方式为同一OpenFlow交换机上的不同逻辑交换机分别配置不重叠的所述资源类型的可占用资源范围:针对同类型资源,为同一OpenFlow交换机上的不同逻辑交换机所配置的可占用资源范围是没有重叠的。Optionally, the configuration module 10 is configured to separately configure, for different logical switches on the same OpenFlow switch, the vacant resource ranges of the resource types that are not overlapped: for the same type of resources, different on the same OpenFlow switch. The range of available resources configured by the logical switch is not overlapping.
可选地,所述确定模块12设置成按照如下方式在所述逻辑交换机与所属的OpenFlow控制器建立控制连接后,查询所述逻辑交换机,确定存在资源隔离限制的资源类型:在每个逻辑交换机自动与所属的OpenFlow控制器建立控制连接并在控制连接上运行OpenFlow协议后,所述确定模块,用于向所述逻辑交换机发送查询消息并接收所述逻辑交换机的回复消息,以获知存在资源隔离限制的资源类型。Optionally, the determining module 12 is configured to query the logical switch to determine a resource type with resource isolation restrictions after the logical switch establishes a control connection with the associated OpenFlow controller in the following manner: at each logical switch After the control connection is automatically established with the associated OpenFlow controller and the OpenFlow protocol is run on the control connection, the determining module is configured to send a query message to the logical switch and receive a reply message of the logical switch to learn that there is resource isolation. Restricted resource type.
可选地,分配模块14设置成按照如下方式向所述逻辑交换机查询所述资源类型的可占用资源范围,并从所述可占用资源范围中选择资源分配给所述逻辑交换机:向所述逻辑交换机发送查询消息并接收所述逻辑交换机的回复消息,以获知该资源类型在所述逻辑交换机上的可占用资源范围,并从获知的可占用资源范围中选择资源分配给所述逻辑交换机。Optionally, the allocating module 14 is configured to query the logical switch for an occupant resource range of the resource type, and select a resource from the occupable resource range to the logical switch: to the logic The switch sends a query message and receives a reply message of the logical switch to learn the available resource range of the resource type on the logical switch, and selects a resource to be allocated to the logical switch from the learned available resource range.
于本实施例中,所述确定模块12及分配模块14例如包括在OpenFlow控制器内。然而,本发明对此并不限定。于其他实施例中,确定模块12及分配模块14例如为单独于OpenFlow控制器设置的模块。关于所述系统的具体内容同上述方法所述,故于此不再赘述。In this embodiment, the determining module 12 and the assigning module 14 are included, for example, in an OpenFlow controller. However, the present invention is not limited thereto. In other embodiments, the determination module 12 and the distribution module 14 are, for example, modules that are separate from the OpenFlow controller. The specific content of the system is the same as that described above, and thus will not be described herein.
以上显示和描述了本发明的基本原理和主要特征和本发明的优点。本发明不受上述实施例的限制,上述实施例和说明书中描述的只是说明本发明的 原理,在不脱离本发明精神和范围的前提下,本发明还会有各种变化和改进,这些变化和改进都落入要求保护的本发明范围内。The basic principles and main features of the present invention and the advantages of the present invention are shown and described above. The present invention is not limited by the above embodiments, and the above embodiments and descriptions are merely illustrative of the present invention. The present invention is subject to various modifications and improvements without departing from the spirit and scope of the invention.
本发明实施例还公开了一种计算机程序,包括程序指令,当该程序指令被终端执行时,使得该终端可执行上述任意的检测无线网络接入安全的方法。The embodiment of the invention further discloses a computer program, comprising program instructions, when the program instruction is executed by the terminal, so that the terminal can perform any of the above methods for detecting wireless network access security.
本发明实施例还公开了一种载有所述的计算机程序的载体。The embodiment of the invention also discloses a carrier carrying the computer program.
在阅读并理解了附图和详细描述后,可以明白其他方面。Other aspects will be apparent upon reading and understanding the drawings and detailed description.
工业实用性Industrial applicability
本发明技术方案利用OpenFlow配置点,根据OpenFlow交换机的资源隔离限制情况,给同一OpenFlow交换机上的不同逻辑交换机为同类型资源配置不重叠的可占用资源范围,并通过扩展现有OpenFlow协议实现OpenFlow控制器对逻辑交换机存在资源隔离限制的资源类型及配置的可占用资源范围的获取。因此本发明具有很强的工业实用性。 The technical solution of the present invention utilizes the OpenFlow configuration point, and according to the resource isolation limitation of the OpenFlow switch, different logical switches on the same OpenFlow switch are configured to allocate non-overlapping resources of the same type of resources, and implement OpenFlow control by extending the existing OpenFlow protocol. The resource type of the logical switch that has resource isolation restrictions and the acquired resource range of the configuration. Therefore, the present invention has strong industrial applicability.

Claims (12)

  1. 一种防止逻辑交换机所占用资源发生冲突的方法,包括以下步骤:A method for preventing conflicts between resources occupied by a logical switch includes the following steps:
    针对需要实现资源隔离的资源类型,为同一OpenFlow交换机上的不同逻辑交换机分别配置不重叠的所述资源类型的可占用资源范围;Configuring a resource range of the resource type that does not overlap for different logical switches on the same OpenFlow switch.
    在所述逻辑交换机与所属的OpenFlow控制器建立控制连接后,查询所述逻辑交换机,确定存在资源隔离限制的资源类型;After the logical switch establishes a control connection with the associated OpenFlow controller, querying the logical switch to determine a resource type with a resource isolation restriction;
    当所述OpenFlow控制器需要给对应的逻辑交换机分配所述存在资源隔离限制的资源类型时,向所述逻辑交换机查询所述资源类型的可占用资源范围,并从所述可占用资源范围中选择资源分配给所述逻辑交换机。When the OpenFlow controller needs to allocate the resource type with the resource isolation restriction to the corresponding logical switch, query the logical switch for the available resource range of the resource type, and select, from the range of the occupied resources Resources are allocated to the logical switch.
  2. 如权利要求1所述的防止逻辑交换机所占用资源发生冲突的方法,其中:所述资源类型包括如下资源中的一种或多种:The method of claim 1, wherein the resource type comprises one or more of the following resources:
    虚拟局域网(VLAN)资源、虚拟路由转发(VRF)资源、多协议标签交换(MPLS)标签资源中。Virtual local area network (VLAN) resources, virtual route forwarding (VRF) resources, and multi-protocol label switching (MPLS) label resources.
  3. 如权利要求1所述的防止逻辑交换机所占用资源发生冲突的方法,其中,所述在所述逻辑交换机与所属的OpenFlow控制器建立控制连接后,查询所述逻辑交换机,确定存在资源隔离限制的资源类型的步骤包括:The method for preventing conflicts of resources occupied by a logical switch according to claim 1, wherein after the logical switch establishes a control connection with an associated OpenFlow controller, the logical switch is queried to determine that there is a resource isolation restriction. The steps for the resource type include:
    在每个逻辑交换机自动与所属的OpenFlow控制器建立控制连接并在控制连接上运行OpenFlow协议后,所述OpenFlow控制器立即向所述逻辑交换机发送查询消息并接收所述逻辑交换机的回复消息,以获知存在资源隔离限制的资源类型。After each logical switch automatically establishes a control connection with the associated OpenFlow controller and runs the OpenFlow protocol on the control connection, the OpenFlow controller immediately sends a query message to the logical switch and receives a reply message of the logical switch. Know the resource type with resource isolation restrictions.
  4. 如权利要求1所述的防止逻辑交换机所占用资源发生冲突的方法,其中,所述向所述逻辑交换机查询所述资源类型的可占用资源范围,并从所述可占用资源范围中选择资源分配给所述逻辑交换机的步骤包括:The method for preventing conflicts of resources occupied by a logical switch according to claim 1, wherein the querying the logical switch for an occupable resource range of the resource type, and selecting a resource allocation from the sufficiency resource range The steps for the logical switch include:
    所述OpenFlow控制器向所述逻辑交换机发送查询消息并接收所述逻辑 交换机的回复消息,以获知该资源类型在所述逻辑交换机上的可占用资源范围,所述OpenFlow控制器从获知的可占用资源范围中选择资源分配给所述逻辑交换机。The OpenFlow controller sends a query message to the logical switch and receives the logic The reply message of the switch is used to learn the range of available resources of the resource type on the logical switch, and the OpenFlow controller selects a resource to be allocated to the logical switch from the learned range of available resources.
  5. 如权利要求1所述的防止逻辑交换机所占用资源发生冲突的方法,其中:所述资源类型根据OpenFlow交换机的资源隔离限制情况确定。The method for preventing conflicts of resources occupied by a logical switch according to claim 1, wherein the resource type is determined according to a resource isolation restriction condition of the OpenFlow switch.
  6. 如权利要求1所述的防止逻辑交换机所占用资源发生冲突的方法,其中,所述为同一OpenFlow交换机上的不同逻辑交换机分别配置不重叠的所述资源类型的可占用资源范围的步骤包括:The method for preventing conflicts of resources occupied by a logical switch according to claim 1, wherein the step of configuring the resource ranges of the resource types that are not overlapped for different logical switches on the same OpenFlow switch respectively includes:
    针对同类型资源,为同一OpenFlow交换机上的不同逻辑交换机所配置的可占用资源范围是没有重叠的。For the same type of resources, the available resource ranges configured for different logical switches on the same OpenFlow switch are not overlapping.
  7. 一种防止逻辑交换机所占用资源发生冲突的系统,包括:配置模块、确定模块及分配模块,其中A system for preventing conflicts between resources occupied by a logical switch, comprising: a configuration module, a determining module, and an allocation module, wherein
    所述配置模块设置成:针对需要实现资源隔离的资源类型,为同一OpenFlow交换机上的不同逻辑交换机分别配置不重叠的所述资源类型的可占用资源范围;The configuration module is configured to: configure, for different resource switches on the same OpenFlow switch, non-overlapping resource ranges of the resource types for resource types that need to implement resource isolation;
    所述确定模块设置成:在所述逻辑交换机与所属的OpenFlow控制器建立控制连接后,查询所述逻辑交换机,确定存在资源隔离限制的资源类型;The determining module is configured to: after the logical switch establishes a control connection with the associated OpenFlow controller, query the logical switch to determine a resource type with a resource isolation restriction;
    所述分配模块设置成:当所述OpenFlow控制器需要给对应的逻辑交换机分配所述存在资源隔离限制的资源类型时,向所述逻辑交换机查询所述资源类型的可占用资源范围,并从所述可占用资源范围中选择资源分配给所述逻辑交换机。The allocation module is configured to: when the OpenFlow controller needs to allocate the resource type with the resource isolation restriction to the corresponding logical switch, query the logical switch for the available resource range of the resource type, and A resource selected from the range of available resources is allocated to the logical switch.
  8. 如权利要求7所述的防止逻辑交换机所占用资源发生冲突的系统,其中:所述资源类型包括如下资源中的一种或多种: The system of claim 7, wherein the resource type comprises one or more of the following resources:
    VLAN资源、VRF资源、MPLS标签资源。VLAN resources, VRF resources, and MPLS label resources.
  9. 如权利要求7所述的防止逻辑交换机所占用资源发生冲突的系统,其中,所述确定模块设置成按照如下方式在所述逻辑交换机与所属的OpenFlow控制器建立控制连接后,查询所述逻辑交换机,确定存在资源隔离限制的资源类型:The system for preventing conflicts of resources occupied by a logical switch according to claim 7, wherein the determining module is configured to query the logical switch after establishing a control connection between the logical switch and an associated OpenFlow controller according to the following manner: To determine the resource type with resource isolation restrictions:
    在每个逻辑交换机自动与所属的OpenFlow控制器建立控制连接并在控制连接上运行OpenFlow协议后,所述确定模块,用于向所述逻辑交换机发送查询消息并接收所述逻辑交换机的回复消息,以获知存在资源隔离限制的资源类型。After the logical switch automatically establishes a control connection with the associated OpenFlow controller and runs the OpenFlow protocol on the control connection, the determining module is configured to send a query message to the logical switch and receive a reply message of the logical switch. To know the type of resource that has resource isolation restrictions.
  10. 如权利要求7所述的防止逻辑交换机所占用资源发生冲突的系统,其中,所述分配模块设置成按照如下方式向所述逻辑交换机查询所述资源类型的可占用资源范围,并从所述可占用资源范围中选择资源分配给所述逻辑交换机:The system for preventing conflicts of resources occupied by a logical switch according to claim 7, wherein the allocating module is configured to query the logical switch for an occupation resource range of the resource type according to the following manner, and Selecting a resource allocation to the logical switch in the occupied resource range:
    向所述逻辑交换机发送查询消息并接收所述逻辑交换机的回复消息,以获知该资源类型在所述逻辑交换机上的可占用资源范围,并从获知的可占用资源范围中选择资源分配给所述逻辑交换机。Sending a query message to the logical switch and receiving a reply message of the logical switch, to learn an available resource range of the resource type on the logical switch, and selecting a resource allocation from the learned available resource range to the Logical switch.
  11. 如权利要求7所述的防止逻辑交换机所占用资源发生冲突的系统,其中:所述资源类型根据OpenFlow交换机的资源隔离限制情况确定。The system for preventing conflicts of resources occupied by a logical switch according to claim 7, wherein: the resource type is determined according to a resource isolation restriction condition of the OpenFlow switch.
  12. 如权利要求7所述的防止逻辑交换机所占用资源发生冲突的系统,其中,所述配置模块设置成按照如下方式为同一OpenFlow交换机上的不同逻辑交换机分别配置不重叠的所述资源类型的可占用资源范围:The system of claim 7, wherein the configuration module is configured to configure, for different logical switches on the same OpenFlow switch, non-overlapping resources of the resource type as follows: Resource range:
    针对同类型资源,为同一OpenFlow交换机上的不同逻辑交换机所配置的可占用资源范围是没有重叠的。 For the same type of resources, the available resource ranges configured for different logical switches on the same OpenFlow switch are not overlapping.
PCT/CN2015/097012 2014-12-12 2015-12-10 Method and system for preventing conflict from occurring in resources occupied by logical switch WO2016091186A1 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
CN201410767979.5 2014-12-12
CN201410767979.5A CN105743821B (en) 2014-12-12 2014-12-12 Method and system for preventing conflict of resources occupied by logic switch

Publications (1)

Publication Number Publication Date
WO2016091186A1 true WO2016091186A1 (en) 2016-06-16

Family

ID=56106729

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2015/097012 WO2016091186A1 (en) 2014-12-12 2015-12-10 Method and system for preventing conflict from occurring in resources occupied by logical switch

Country Status (2)

Country Link
CN (1) CN105743821B (en)
WO (1) WO2016091186A1 (en)

Families Citing this family (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN108270592B (en) * 2016-12-30 2021-05-04 中兴通讯股份有限公司 Network resource configuration control method and device
CN112787929B (en) * 2020-12-31 2022-10-04 中盈优创资讯科技有限公司 Three-layer VPN service resource automatic allocation and management method and device

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102726007A (en) * 2009-04-01 2012-10-10 Nicira网络公司 Method and apparatus for implementing and managing virtual switches
CN103856406A (en) * 2012-11-29 2014-06-11 国际商业机器公司 System and method for managing routing table in distributed network switch
JP2014216812A (en) * 2013-04-25 2014-11-17 日本電気通信システム株式会社 Switch resource control system and switch resource control method

Family Cites Families (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US9450870B2 (en) * 2011-11-10 2016-09-20 Brocade Communications Systems, Inc. System and method for flow management in software-defined networks
CN103067245B (en) * 2012-12-28 2015-10-28 中兴通讯股份有限公司 A kind of stream table spatial isolation device for network virtualization and method
CN104038444B (en) * 2013-03-05 2017-05-31 中国移动通信集团山西有限公司 A kind of method of resource allocation, equipment and system
CN103269282A (en) * 2013-04-25 2013-08-28 杭州华三通信技术有限公司 Method and device for automatically deploying network configuration
CN103905523A (en) * 2013-12-23 2014-07-02 浪潮(北京)电子信息产业有限公司 Cloud computing network virtualization method and system based on SDN

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102726007A (en) * 2009-04-01 2012-10-10 Nicira网络公司 Method and apparatus for implementing and managing virtual switches
CN103856406A (en) * 2012-11-29 2014-06-11 国际商业机器公司 System and method for managing routing table in distributed network switch
JP2014216812A (en) * 2013-04-25 2014-11-17 日本電気通信システム株式会社 Switch resource control system and switch resource control method

Also Published As

Publication number Publication date
CN105743821B (en) 2019-12-17
CN105743821A (en) 2016-07-06

Similar Documents

Publication Publication Date Title
US11343168B2 (en) Interconnected region controller, interconnected region control method, and computer storage medium
EP3340064B1 (en) Network interface card, computer device and data packet processing method
CN107646185B (en) Method, system and storage medium for operation maintenance management in an overlay environment
US10063470B2 (en) Data center network system based on software-defined network and packet forwarding method, address resolution method, routing controller thereof
EP3522451B1 (en) Method for implementing network virtualization and related apparatus and communications system
CN109962850B (en) Method and controller for implementing segment routing and computer readable storage medium
EP3787232A1 (en) Network configuration method, device, and system
EP3694157B1 (en) Vxlan configuration method, device and system
CN104937885A (en) Global VLANs for fabric switches
CN103814554A (en) Communication method, device and system of virtual extensible local area network
EP4236270A2 (en) Software defined access fabric without subnet restriction to a virtual network
CN110351135B (en) Network equipment configuration method and device in multiple DCs
CN105577540B (en) A kind of method for building up of service link, apparatus and system
US10439961B2 (en) Network fabric control
US11949602B2 (en) Stretched EPG and micro-segmentation in multisite fabrics
CN104852846A (en) Data forwarding control method and system
WO2014180199A1 (en) Network establishment method and control device
EP3032782B1 (en) Packet transmission method and apparatus
CN108055215B (en) Message forwarding method and device
WO2016086544A1 (en) Network interface configuration method and apparatus for network device and storage medium
CN115150224A (en) Inter-cluster network two-layer communication method, device, equipment and storage medium
CN103580909A (en) Method and device for customizing hardware resource
CN114866467A (en) Cluster communication method, device, system, equipment and readable storage medium
EP3353998A1 (en) Advertising method and system in network functions virtualization environment
WO2016091186A1 (en) Method and system for preventing conflict from occurring in resources occupied by logical switch

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 15867314

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 15867314

Country of ref document: EP

Kind code of ref document: A1