WO2017152563A1 - Sdn layer-2 forwarding method and system - Google Patents

Sdn layer-2 forwarding method and system Download PDF

Info

Publication number
WO2017152563A1
WO2017152563A1 PCT/CN2016/090310 CN2016090310W WO2017152563A1 WO 2017152563 A1 WO2017152563 A1 WO 2017152563A1 CN 2016090310 W CN2016090310 W CN 2016090310W WO 2017152563 A1 WO2017152563 A1 WO 2017152563A1
Authority
WO
WIPO (PCT)
Prior art keywords
host
mac address
destination
data packet
source
Prior art date
Application number
PCT/CN2016/090310
Other languages
French (fr)
Chinese (zh)
Inventor
曹静
Original Assignee
中兴通讯股份有限公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 中兴通讯股份有限公司 filed Critical 中兴通讯股份有限公司
Publication of WO2017152563A1 publication Critical patent/WO2017152563A1/en

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/40Network security protocols
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L45/00Routing or path finding of packets in data switching networks
    • H04L45/66Layer 2 routing, e.g. in Ethernet based MAN's
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L45/00Routing or path finding of packets in data switching networks
    • H04L45/54Organization of routing tables
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L45/00Routing or path finding of packets in data switching networks
    • H04L45/74Address processing for routing

Definitions

  • Step 304 The ICMP Layer 3 data packet sent by the H1 host reaches TSW1, and the TSW1 forwards the message to the CSW1 according to the lookup layer 2 forwarding table.
  • the CSW1 sends the switch to the TSW2 to which the H2 host belongs, and the switch TSW2 sends the packet to the corresponding H2 host.
  • the embodiment of the present invention provides an SDN layer 2 forwarding method and system.
  • the switch forwards the exchange data packet encapsulating the proxy MAC address between the source host and the destination host according to the forwarding table sent by the controller, where the forwarding table is used to indicate the forwarding path of the ICMP Layer 3 data packet encapsulated with the proxy MAC address. .
  • 3 is a signaling flowchart of host communication of the same network segment under different TSWs when there is a MAC address of a destination host on the controller in the related art
  • Example 6 is a flowchart of signaling interaction of Example 1 according to an embodiment of the present invention.
  • the source host encapsulates the interaction data packet by using the proxy MAC address as the destination host MAC address, and sends the data packet to the switch, including:
  • the destination access switch sends the interactive data packet to the destination host according to the destination host MAC address and the source host Layer 2 forwarding table.
  • FIG. 5 is a schematic diagram of a communication structure between hosts of the same network segment to which different switches belong to the embodiment of the present invention
  • FIG. 6 is a flowchart of signaling interaction of the example 1 of the embodiment of the present invention, as shown in FIG. In the network topology shown, steps 601-612 are included:
  • Step 607 The CSW queries all host routing tables in the network according to the destination host IP, and confirms that the H2 host belongs to the TSW2 host.
  • the CSW modifies the source MAC address of the ICMP packet to the proxy MAC address, and changes the destination MAC address to the physical MAC address of the host H2, and then the third layer.
  • the packet is forwarded to the TSW2 switch.
  • the host routing table can be queried according to the Proxy MAC packet corresponding to the TSW. Accurately narrow the scope of the query and improve the performance of the query.
  • the Proxy MAC proposed in the embodiment of the present invention is used as an advantage of the SDN network layer 2 forwarding method and system.
  • the host to which TSW2 belongs receives a Layer 3 data packet request and responds to the Layer 3 data packet response.
  • the source MAC address of the response packet is its own MAC
  • the destination MAC address is the Proxy MAC1 of the TSW1 switch.
  • the message is sent to the TSW2 switch.
  • the TSW2 switch forwards the response packet to the Proxy CSW1 according to the forwarding table.
  • the CSW1 receives the packet and changes the source MAC to the proxy MAC2.
  • the CSW1 core switch queries the host routing table of the response packet according to the destination IP address, and discovers that the host of the destination IP belongs to the TSW1.
  • the CSW1 changes the destination MAC address of the packet to the real MAC address of the host H1, and forwards the packet to the TSW1. switch.
  • the TSW1 switch sends a response packet to the corresponding host according to the Layer 2 forwarding table. At this point, communication between hosts on the same network segment under different TSWs is completed.
  • FIG. 7 is a schematic diagram of a communication flow between hosts to which a switch belongs according to an embodiment of the present invention
  • FIG. 8 is a flow chart of signaling interaction of Example 2 of the embodiment of the present invention, as shown in FIG.
  • the inter-host communication includes steps 801-812:
  • the APR pickup is performed on the source host according to the destination host MAC address carried in the ARP reply, and the destination host MAC address is saved in the ARP table.
  • Each component embodiment of an embodiment of the invention may be implemented in hardware, or in a software module running on one or more processors, or in a combination thereof.
  • a microprocessor or digital signal processor may be used in practice to implement some or all of the functionality of some or all of the components loaded with the ordered web address in accordance with an embodiment of the present invention.
  • Embodiments of the invention may also be implemented as a device or device program (e.g., a computer program and a computer program product) for performing some or all of the methods described herein.
  • Such a program implementing an embodiment of the invention may be stored on a computer readable medium or may be in the form of one or more signals. Such signals may be downloaded from an Internet website, provided on a carrier signal, or provided in any other form.

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Security & Cryptography (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)

Abstract

Disclosed are an SDN layer-2 forwarding method and system. The method comprises: when performing address resolution protocol (APR) fast-reply on a source host, a controller sets a destination host media access control (MAC) address in an ARP reply sent to the source host as a proxy MAC address generated in advance; the source host and the destination host encapsulate an interaction data packet and send the interaction data packet to a switch by using the proxy MAC address as the destination host MAC address; the switch forwards, between the source host and the destination host according to a forwarding table sent by the controller, the interaction data packet in which the proxy MAC address is encapsulated, wherein the forwarding table is used for indicating a forwarding path for an Internal control message protocol (ICMP) layer-3 data packet in which the proxy MAC address is encapsulated.

Description

一种SDN二层转发方法及系统SDN layer 2 forwarding method and system 技术领域Technical field
本申请涉及但不限于计算机网络技术领域,尤其涉及一种SDN二层转发方法及系统。The present application relates to, but is not limited to, the field of computer network technologies, and in particular, to an SDN Layer 2 forwarding method and system.
背景技术Background technique
软件定义网络(Software Defined Network,简称为SDN)是当前通信领域研究的热点技术。SDN包括控制面的控制器(Controller,简称C)和转发面的交换机(Switch,简称SW或者S)两部分构成。根据当前SDN技术的定义,控制器Controller和交换机Switch之间通过OPENFLOW(简称OF)协议下发控制指令,指导交换机上的数据流转发;控制器还通过网络配置协议(Network Configuration Protocol,Netconfig)来对交换机SW上进行参数配置等。其中,OF协议是美国斯坦福大学于2008年提出的一种转发/控制分离协议,外置控制面实体采用OF协议控制转发面设备实现各种转发逻辑,而转发面设备主要功能就是根据OF控制器下发的流表执行受控转发。其可以在控制面采用软件编程实现多种复杂的网络应用,例如虚拟数据中心(Virtual Data center,简称VDC),业务链(Service Function Chain,简称SFC),虚拟租户网络(Virtual Tenant Network,简称VTN)等。Software Defined Network (SDN) is a hotspot technology in the field of communication. The SDN consists of a control plane controller (Controller, referred to as C) and a forwarding plane switch (Switch, referred to as SW or S). According to the definition of the current SDN technology, the controller and the switch switch issue control commands through the OPENFLOW (OF) protocol to guide the data flow forwarding on the switch. The controller also uses the Network Configuration Protocol (Netconfig). Parameter configuration on the switch SW. Among them, the OF protocol is a forwarding/control separation protocol proposed by Stanford University in the United States in 2008. The external control plane entity uses the OF protocol to control the forwarding plane device to implement various forwarding logics, and the main function of the forwarding plane device is based on the OF controller. The delivered flow table performs controlled forwarding. It can be implemented in software on the control plane to implement a variety of complex network applications, such as Virtual Data Center (VDC), Service Function Chain (SFC), Virtual Tenant Network (VTN). )Wait.
图1是相关技术中对SDN网络实际使用的场景示意图,其中,ER1(External Route,外部路由器)、ER2是不受控的路由器。CSW1(Core Switch,核心交换机)、CSW2是受控的OPENFLOW物理交换机,TSW1(Tor Switch,接入交换机)、TSW2、TSW3…TSWN是受控的域内N台OPENFLOW物理交换机,每个TSW下挂M个主机/服务器,控制器(Controller)与受控交换机相连的虚线代表控制面,交换机之间的实线代表数据面。当前网络中,TSW作为底层交换机数量庞大,可以是几百甚至上千台。TSW下挂的主机/服务器数量众多,可以达到上千台之多。不同TSW下挂的主机/服务器之间可以属于同一个网段,也可以分属不同网段。共同点是相同TSW下的主机/服务器能够正常通信,不同TSW下的主机/服务器也能够正常通信。图2是相关技术中在控制器上没有目的主机的MAC地址时同一网段服务器大二层的纯二 层交换的信令流程图,交换机TSW1下H1主机到交换机TSW2下的H2主机的通信。主机之间的通信分两种场景,第一种场景是控制器上没有目的主机的MAC地址,其基本步骤描述如下:FIG. 1 is a schematic diagram of a scenario in which the SDN network is actually used in the related art, where an ER1 (External Route) and an ER2 are uncontrolled routers. CSW1 (Core Switch), CSW2 is a controlled OPENFLOW physical switch, TSW1 (Tor Switch, access switch), TSW2, TSW3...TSWN is a controlled domain N OPENFLOW physical switches, each TSW is connected to M The host/server, the dotted line connected to the controller and the controlled switch represents the control plane, and the solid line between the switches represents the data plane. In the current network, TSW is a large number of underlying switches, which can be hundreds or even thousands. There are a large number of hosts/servers under the TSW, which can reach as many as thousands. Hosts/servers connected to different TSWs can belong to the same network segment or belong to different network segments. The common point is that the host/server under the same TSW can communicate normally, and the host/server under different TSWs can also communicate normally. 2 is a two-layer pure two of the same network segment server when there is no MAC address of the destination host on the controller in the related art. Signaling flow chart of layer switching, communication between H1 host under switch TSW1 and H2 host under switch TSW2. There are two scenarios for communication between hosts. The first scenario is that there is no MAC address of the destination host on the controller. The basic steps are as follows:
步骤201,H1主机发送ARP请求,ARP消息在TSW1上送控制器,控制器查询ARP表,检查是否存在ARP Request的MAC地址条目记录,如果控制器没有查到和H2主机IP地址匹配的MAC地址,控制器就将ARP消息广播,广播接口包括所有WA的trunk口(接server的口)。In step 201, the H1 host sends an ARP request, and the ARP message is sent to the controller on the TSW1. The controller queries the ARP table to check whether there is a MAC address entry record of the ARP Request. If the controller does not find the MAC address matching the H2 host IP address. The controller broadcasts the ARP message, and the broadcast interface includes all the trunk ports of the WA (the port of the server).
步骤202,控制器因为接收到H1主机的ARP请求,发现并学习到发送ARP请求的H1主机的MAC地址,通过控制器的SPF算法计算二层转发报文的路径。根据SPF计算出来的路径,控制器需要往SPF计算路径上所有的交换机上下发H1主机的MAC的二层转发表。Step 202: The controller receives the ARP request of the H1 host, discovers and learns the MAC address of the H1 host that sends the ARP request, and calculates the path of the Layer 2 forwarded packet by using the SPF algorithm of the controller. According to the path calculated by the SPF, the controller needs to send and receive the Layer 2 forwarding table of the MAC of the H1 host to all the switches on the SPF calculation path.
步骤203,应答ARP的H2主机与发起ARP请求的H1主机在不同的TSW下面,对应IP的H2主机应答ARP请求。控制器收到H2主机的ARP reply,发现并学习到H2主机的MAC地址,通过控制器的SPF算法计算二层转发报文的路径。Step 203: The H2 host that responds to the ARP and the H1 host that initiates the ARP request are under different TSWs, and the H2 host corresponding to the IP responds to the ARP request. The controller receives the ARP reply from the H2 host, discovers and learns the MAC address of the H2 host, and calculates the path of the Layer 2 forwarded packet through the SPF algorithm of the controller.
步骤204,控制器根据SPF计算的二层转发报文的路径,控制器往路径上所有的交换机上下发对应H2主机的MAC的二层转发表。Step 204: The controller sends a Layer 2 forwarding table corresponding to the MAC of the H2 host to all the switches on the path according to the path of the Layer 2 forwarding packet calculated by the SPF.
步骤205,H2主机的ARP响应被控制器通过TSW转发给H1主机。In step 205, the ARP response of the H2 host is forwarded by the controller to the H1 host through the TSW.
步骤206,H1主机收到H2的ARP reply,学习到H2主机的MAC地址,就可发送ICMP(Internet Control Message Protocol网络控制报文协议)三层数据包。In step 206, the H1 host receives the ARP reply of the H2, and learns the MAC address of the H2 host, and then sends an ICMP (Internet Control Message Protocol) Layer 3 data packet.
步骤207,H1主机发送的ICMP三层数据包达到TSW1,TSW1根据查找二层转发表转发给CSW1,CSW1发送给H2主机所属的交换机TSW2,交换机TSW2再发给对应H2主机。Step 207: The ICMP Layer 3 data packet sent by the H1 host reaches TSW1, and the TSW1 forwards the message to the CSW1 according to the lookup Layer 2 forwarding table. The CSW1 sends the switch to the TSW2 to which the H2 host belongs, and the switch TSW2 sends the packet to the corresponding H2 host.
步骤208,H2主机收到H1的ICMP三层数据包后,回复ICMP应答消息给H1主机,ICMP响应报文到达TSW2交换机,TSW2交换机根据查找二层转发表转发给CSW1,CSW1查找二层转发表将ICMP响应报文发送给H1主机所属的交换机TSW1,TSW1查找二层转发表找到对应目的地址的转发 表,再发送给对应的H1主机。Step 208: After receiving the ICMP Layer 3 data packet of the H1, the H2 host replies an ICMP response message to the H1 host, and the ICMP response packet arrives at the TSW2 switch. The TSW2 switch forwards the packet to the CSW1 according to the lookup layer 2 forwarding table, and the CSW1 searches for the Layer 2 forwarding table. The ICMP response packet is sent to the switch TSW1 to which the H1 host belongs. The TSW1 searches the Layer 2 forwarding table to find the forwarding of the corresponding destination address. The table is sent to the corresponding H1 host.
步骤209,同理,其他主机之间通信,也通过上述步骤进行报文的二层转发。Step 209: Similarly, the communication between other hosts is performed, and the Layer 2 forwarding of the packet is also performed through the foregoing steps.
图3是相关技术中在控制器上有目的主机的MAC地址时不同TSW下的相同网段的主机通信的信令流程图,如图3所示,另外一种场景是控制器上有预期目的主机的MAC地址,不同TSW下的相同网段的主机通信基本步骤描述如下:FIG. 3 is a signaling flowchart of host communication on the same network segment under different TSWs when there is a destination host's MAC address on the controller in the related art, as shown in FIG. 3, another scenario is that the controller has an intended purpose. The basic steps of the host's MAC address and host communication on the same network segment under different TSWs are described as follows:
步骤301,H1主机先发送ARP请求,ARP消息在TSW1上送控制器,控制器查询ARP表,检查是否存在ARP Request的MAC地址条目记录,如果有,控制器做ARP代答。In step 301, the H1 host sends an ARP request, and the ARP message is sent to the controller on the TSW1. The controller queries the ARP table to check whether there is a MAC address entry record of the ARP Request. If so, the controller performs ARP pickup.
步骤302,控制器因为接收到H1主机的ARP请求,发现并学习到发送ARP请求的H1主机的MAC地址,通过控制器的SPF算法计算二层转发报文的路径。根据SPF计算出来的路径,控制器需要往SPF计算路径上所有的交换机上下发到达H1主机的MAC的二层转发表。Step 302: The controller receives the ARP request of the H1 host, discovers and learns the MAC address of the H1 host that sends the ARP request, and calculates the path of the Layer 2 forwarded packet by using the SPF algorithm of the controller. According to the path calculated by the SPF, the controller needs to send and receive all the switches on the SPF calculation path to the Layer 2 forwarding table of the MAC of the H1 host.
步骤303,控制器发送ARP代答给主机H1,主机H1学习到H2主机的MAC地址,就可发送ICMP(Internet Control Message Protocol网络控制报文协议)三层数据包。In step 303, the controller sends an ARP to the host H1. The host H1 learns the MAC address of the H2 host, and can send an ICMP (Internet Control Message Protocol) Layer 3 data packet.
步骤304,H1主机发送的ICMP三层数据包达到TSW1,TSW1根据查找二层转发表转发给CSW1,CSW1发送给H2主机所属的交换机TSW2,交换机TSW2再发给对应H2主机。Step 304: The ICMP Layer 3 data packet sent by the H1 host reaches TSW1, and the TSW1 forwards the message to the CSW1 according to the lookup layer 2 forwarding table. The CSW1 sends the switch to the TSW2 to which the H2 host belongs, and the switch TSW2 sends the packet to the corresponding H2 host.
步骤305,H2主机收到H1的ICMP三层数据包后,回复ICMP应答消息给H1主机,ICMP响应报文到达TSW2交换机,TSW2交换机根据查找二层转发表转发给CSW1,CSW1查找二层转发表将ICMP响应报文发送给H1主机所属的交换机TSW1,TSW1查找二层转发表找到对应目的地址的转发表,再发送给对应的H1主机。Step 305: After receiving the ICMP Layer 3 data packet of the H1, the H2 host returns an ICMP response message to the H1 host, and the ICMP response packet arrives at the TSW2 switch. The TSW2 switch forwards the packet to the CSW1 according to the lookup layer 2 forwarding table, and the CSW1 searches for the Layer 2 forwarding table. The ICMP response packet is sent to the switch TSW1 to which the H1 host belongs. The TSW1 searches the Layer 2 forwarding table to find the forwarding table corresponding to the destination address, and then sends the forwarding table to the corresponding H1 host.
步骤306,同理,其他主机之间通信,也通过上述步骤进行报文的二层转发。In the same way, the other hosts communicate with each other, and the Layer 2 forwarding of the packets is also performed through the foregoing steps.
上述报文二层转发方式,大二层场景下控制器需要为转发路径上所有的 转发设备下发到达目的主机流表,表现为每个TSW上要有所有的TSW下所有主机的MAC地址的转发表。上述举例的网络拓扑场景中有120台TSW,假如每台TSW交换机下挂5000个主机。直接表现到一个TSW下所属主机的MAC地址转发表达到5000张表,TSW交换机上主机MAC地址转发表的总数就达到了120*5000,也就是600000张主机MAC地址转发表。高数量级的主机IPMAC地址转发表不仅消耗了TSW的存储资源,更重要的是影响了查表的性能,增加了维护管理大量主机MAC地址转发表的成本。交换机上表的数量暴涨,当主机发生下线或迁移时,大量流表需要更新,容易造成控制器过载,并未体现网络虚拟化带来的优势。Layer 2 forwarding mode of the above-mentioned packets. In a large Layer 2 scenario, the controller needs to be all on the forwarding path. The forwarding device delivers the destination host flow table, which is represented by the forwarding table of the MAC addresses of all the hosts in all TSWs on each TSW. There are 120 TSWs in the network topology scenario of the above example, if there are 5000 hosts attached to each TSW switch. The MAC address forwarding of the host directly under a TSW is expressed to 5000 tables. The total number of MAC address forwarding tables on the TSW switch reaches 120*5000, which is 600,000 host MAC address forwarding tables. The high-order host IPMAC address forwarding table not only consumes the storage resources of the TSW, but also affects the performance of the look-up table and increases the cost of maintaining and managing a large number of host MAC address forwarding tables. The number of tables on the switch has skyrocketed. When the host goes offline or migrates, a large number of flow tables need to be updated, which is likely to cause overload of the controller, and does not reflect the advantages brought by network virtualization.
发明内容Summary of the invention
以下是对本文详细描述的主题的概述。本概述并非是为了限制权利要求的保护范围。The following is an overview of the topics detailed in this document. This Summary is not intended to limit the scope of the claims.
鉴于相关技术中网络拓扑二层转发高数量级主机MAC地址转发表的问题,本发明实施例提供了一种SDN二层转发方法及系统。In view of the problem of the network topology layer 2 forwarding high-order host MAC address forwarding table in the related art, the embodiment of the present invention provides an SDN layer 2 forwarding method and system.
一种SDN二层转发方法,包括:An SDN Layer 2 forwarding method includes:
控制器向源主机进行地址解析协议APR代答时,将发送到源主机的ARP应答中的目的主机媒体访问控制MAC地址设置为预先生成的代理MAC地址。When the controller performs address resolution protocol APR pickup on the source host, the destination host media access control MAC address in the ARP reply sent to the source host is set to a pre-generated proxy MAC address.
源主机和目的主机将代理MAC地址作为目的主机MAC地址对交互数据包进行封装,并发送到交换机。The source host and the destination host encapsulate the interactive data packet with the proxy MAC address as the destination host MAC address and send it to the switch.
交换机根据控制器发送的转发表对封装有代理MAC地址的交互数据包在源主机和目的主机之间进行转发,其中,转发表用于指示封装有代理MAC地址的ICMP三层数据包的转发路径。The switch forwards the exchange data packet encapsulating the proxy MAC address between the source host and the destination host according to the forwarding table sent by the controller, where the forwarding table is used to indicate the forwarding path of the ICMP Layer 3 data packet encapsulated with the proxy MAC address. .
一种SDN二层转发系统,包括:控制器、源主机、目的主机和交换机。An SDN Layer 2 forwarding system includes: a controller, a source host, a destination host, and a switch.
控制器,设置为在向源主机进行地址解析协议APR代答时,将发送到源主机的ARP应答中的目的主机MAC地址设置为预先生成的代理MAC地址。The controller is configured to set the destination host MAC address in the ARP reply sent to the source host to the pre-generated proxy MAC address when performing address resolution protocol APR pickup to the source host.
源主机,设置为将代理MAC地址作为目的主机MAC地址对交互数据包进行封装,并发送到交换机。 The source host is configured to encapsulate the interactive data packet with the proxy MAC address as the destination host MAC address and send it to the switch.
目的主机,设置为将代理MAC地址作为目的主机MAC地址对交互数据包进行封装,并发送到交换机。The destination host is configured to encapsulate the interactive data packet with the proxy MAC address as the destination host MAC address and send it to the switch.
交换机,设置为根据控制器发送的转发表对封装有代理MAC地址的交互数据包在源主机和目的主机之间进行转发,其中,转发表用于指示封装有代理MAC地址的ICMP三层数据包的转发路径。The switch is configured to forward the exchange data packet encapsulating the proxy MAC address between the source host and the destination host according to the forwarding table sent by the controller, where the forwarding table is used to indicate the ICMP Layer 3 data packet encapsulated with the proxy MAC address. The forwarding path.
一种计算机可读存储介质,存储有计算机可执行指令,所述计算机可执行指令被处理器执行时实现所述的软件定义网络SDN二层转发方法。A computer readable storage medium storing computer executable instructions that, when executed by a processor, implement the software defined network SDN Layer 2 forwarding method.
本发明实施例的有益效果如下:The beneficial effects of the embodiments of the present invention are as follows:
通过借用代理MAC地址的方式避免交换机上主机MAC地址转发表的暴涨,同时能够减少交换机转发表所大量占用的存储空间,减小交换机查找转发表的规模,提高交换机查表转发报文的性能,降低维护转发表的难度和工作量。By borrowing the proxy MAC address, the MAC address forwarding table of the switch can be prevented from increasing rapidly. At the same time, the storage space occupied by the switch forwarding table can be reduced, and the switch can find the size of the forwarding table and improve the performance of the switch to forward packets. Reduce the difficulty and workload of maintaining the forwarding table.
在阅读并理解了附图和详细描述后,可以明白其他方面。Other aspects will be apparent upon reading and understanding the drawings and detailed description.
附图概述BRIEF abstract
图1是相关技术中对SDN网络实际使用的场景示意图;1 is a schematic diagram of a scenario in which the SDN network is actually used in the related art;
图2是相关技术中在控制器上没有目的主机的MAC地址时同一网段服务器大二层的纯二层交换的信令流程图;2 is a signaling flowchart of a pure Layer 2 switching of a Layer 2 layer of the same network segment server when there is no MAC address of the destination host on the controller in the related art;
图3是相关技术中在控制器上有目的主机的MAC地址时不同TSW下的相同网段的主机通信的信令流程图;3 is a signaling flowchart of host communication of the same network segment under different TSWs when there is a MAC address of a destination host on the controller in the related art;
图4是本发明实施例的SDN二层转发方法的流程图;4 is a flowchart of an SDN Layer 2 forwarding method according to an embodiment of the present invention;
图5是本发明实施例的不同交换机所属同一网段主机之间的通信结构示意图;FIG. 5 is a schematic diagram of a communication structure between hosts of the same network segment to which different switches belong according to an embodiment of the present invention; FIG.
图6是本发明实施例的实例1的信令交互流程图;6 is a flowchart of signaling interaction of Example 1 according to an embodiment of the present invention;
图7是本发明实施例的交换机所属主机之间的通信流程的示意图;7 is a schematic diagram of a communication process between hosts to which a switch belongs according to an embodiment of the present invention;
图8是本发明实施例的实例2的信令交互流程图;8 is a flowchart of signaling interaction of Example 2 according to an embodiment of the present invention;
图9是本发明实施例的SDN二层转发系统的结构示意图。 FIG. 9 is a schematic structural diagram of an SDN Layer 2 forwarding system according to an embodiment of the present invention.
本发明的实施方式Embodiments of the invention
下文中将结合附图对本发明的实施例进行详细说明。需要说明的是,在不冲突的情况下,本申请中的实施例及实施例中的特征可以相互组合。Embodiments of the present invention will be described in detail below with reference to the accompanying drawings. It should be noted that the embodiments in the present application and the features in the embodiments may be combined with each other without conflict.
为了解决控制器下发到转发路径上所有的转发设备上转发表(也可以成为主机路由流表)而导致表的数量暴增的问题。避免当主机发现下线或者迁移时大量转发表的更新和控制器过载的问题。本发明实施例提供了一种SDN二层转发方法及系统,包括:控制器生成网络拓扑中唯一的代理MAC地址;控制器在为主机做ARP代答的时候填写该代理MAC地址;控制器为该代理MAC地址生成转发表用于指导数据转发;主机使用该MAC地址封装数据包;交换机根据转发表得知使用该代理MAC地址封装的数据包的转发。方法实施例In order to solve the problem that the number of tables is increased due to the forwarding table (which may also become the host routing flow table) of all forwarding devices that are sent by the controller to the forwarding path. Avoid the problem of a large number of forwarding table updates and controller overload when the host finds offline or migrates. The embodiment of the present invention provides an SDN Layer 2 forwarding method and system, including: the controller generates a unique proxy MAC address in the network topology; the controller fills in the proxy MAC address when performing ARP pickup for the host; The proxy MAC address generation forwarding table is used to guide data forwarding; the host encapsulates the data packet by using the MAC address; and the switch knows the forwarding of the data packet encapsulated by using the proxy MAC address according to the forwarding table. Method embodiment
根据本发明的实施例,提供了一种SDN二层转发方法,图4是本发明实施例的SDN二层转发方法的流程图,如图4所示,根据本发明实施例的SDN二层转发方法包括步骤401-403:According to an embodiment of the present invention, an SDN Layer 2 forwarding method is provided. FIG. 4 is a flowchart of an SDN Layer 2 forwarding method according to an embodiment of the present invention. As shown in FIG. 4, an SDN Layer 2 forwarding according to an embodiment of the present invention is provided. The method includes steps 401-403:
步骤401,控制器向源主机进行地址解析协议APR代答时,将发送到源主机的ARP应答中的目的主机MAC地址设置为预先生成的代理MAC地址。Step 401: When the controller performs address resolution protocol APR pickup on the source host, the destination host MAC address in the ARP reply sent to the source host is set to a pre-generated proxy MAC address.
可选地,在本发明实施例中,控制器向源主机进行APR代答之前,控制器需要通过源接入交换机接收其所属的源主机发送的ARP请求,根据ARP请求中的目的主机MAC地址查询本地保存的ARP表,判断ARP表中是否记录有目的主机MAC地址,如果判定所述ARP表中记录有所述目的主机MAC地址,则向源主机进行APR代答,如果判定所述ARP表中没有记录所述目的主机MAC地址,则将ARP请求进行广播。Optionally, in the embodiment of the present invention, before the controller performs APR pickup on the source host, the controller needs to receive the ARP request sent by the source host to which the source host belongs, according to the destination host MAC address in the ARP request. Querying the locally saved ARP table, determining whether the destination host MAC address is recorded in the ARP table, and if it is determined that the destination host MAC address is recorded in the ARP table, performing APR pickup on the source host, if the ARP table is determined If the destination host MAC address is not recorded, the ARP request is broadcast.
在判定所述ARP表中没有记录所述目的主机MAC地址的情况下,控制器将ARP请求进行广播之后,需要进行转发表的下发,处理如下:When it is determined that the destination host MAC address is not recorded in the ARP table, after the controller broadcasts the ARP request, the forwarding table needs to be sent, and the processing is as follows:
控制器根据ARP请求中携带源主机MAC地址进行SPF计算并获取源主机路径,向源主机路径上的所有接入交换机下发对应源主机的源主机二层转发表,并向源主机路径上的核心交换机下发对应源主机的源主机主机路由表,其中,源主机二层转发表用于根据目的主机MAC地址指示交互数据包的转 发路径,源主机主机路由表用于根据目的主机IP地址指示交互数据包的转发路径。The controller performs the SPF calculation and obtains the source host path according to the ARP request carrying the source host MAC address, and delivers the source host Layer 2 forwarding table of the source host to all the access switches on the source host path, and the source host path is The core switch sends a source host host routing table corresponding to the source host, where the source host Layer 2 forwarding table is used to indicate the transition of the interactive data packet according to the destination host MAC address. The source host host routing table is used to indicate the forwarding path of the interactive data packet according to the destination host IP address.
控制器接收目的主机发送的ARP应答,根据ARP应答中携带的源主机MAC地址进行SPF计算并获取目的主机路径,向目的主机路径上的核心交换机下发对应目的主机的目的主机主机路由表,并向目的主机路径上的所有接入交换机下发对应目的主机的目的主机二层转发表,其中,目的主机二层转发表用于根据目的主机MAC地址指示交互数据包的转发路径,目的主机主机路由表用于根据目的主机IP地址指示交互数据包的转发路径。The controller receives the ARP response sent by the destination host, performs the SPF calculation according to the source host MAC address carried in the ARP response, and obtains the destination host path, and delivers the destination host host routing table of the destination host to the core switch on the destination host path, and The destination host Layer 2 forwarding table is delivered to all the access switches on the destination host path, where the destination host Layer 2 forwarding table is used to indicate the forwarding path of the interactive data packet according to the destination host MAC address, and the destination host host routing The table is used to indicate the forwarding path of the interactive data packet according to the destination host IP address.
最后,控制器根据ARP应答中携带的目的主机MAC地址,向源主机进行APR代答,并将目的主机MAC地址保存到ARP表中。Finally, the controller performs APR pickup on the source host according to the destination host MAC address carried in the ARP reply, and saves the destination host MAC address to the ARP table.
步骤402,源主机和目的主机将代理MAC地址作为目的主机MAC地址对交互数据包进行封装,并发送到交换机。Step 402: The source host and the destination host encapsulate the interaction data packet with the proxy MAC address as the destination host MAC address, and send the data packet to the switch.
可选地,步骤402源主机将所述代理MAC地址作为目的主机MAC地址对交互数据包进行封装,并发送到交换机包括::Optionally, in step 402, the source host encapsulates the interaction data packet by using the proxy MAC address as the destination host MAC address, and sends the data packet to the switch, including:
源主机接收控制器发送的ARP应答,将代理MAC地址作为目的主机MAC地址。The source host receives the ARP reply sent by the controller and uses the proxy MAC address as the destination host MAC address.
源主机向目的主机发送交互数据包,其中,交互数据包的目的主机MAC地址为代理MAC地址。The source host sends an interaction data packet to the destination host, where the destination host MAC address of the interaction data packet is the proxy MAC address.
可选地,所述方法还包括:所述目的主机向所述源主机反馈交互数据包,其中,反馈的交互数据包中的目的主机MAC为所述代理MAC地址。Optionally, the method further includes: the destination host feeding back the interaction data packet to the source host, where the destination host MAC in the feedback interaction data packet is the proxy MAC address.
目的主机在向源主机反馈交互数据包时,将代理MAC地址作为目的主机MAC地址对交互数据包进行封装,并发送到交换机。When the destination host feeds back the interactive data packet to the source host, the proxy MAC address is used as the destination host MAC address to encapsulate the interactive data packet and send it to the switch.
步骤403,交换机根据控制器发送的转发表对封装有代理MAC地址的交互数据包在源主机和目的主机之间进行转发,其中,转发表用于指示封装有代理MAC地址的ICMP三层数据包的转发路径。Step 403: The switch forwards the interaction data packet encapsulating the proxy MAC address between the source host and the destination host according to the forwarding table sent by the controller, where the forwarding table is used to indicate the ICMP Layer 3 data packet encapsulated with the proxy MAC address. The forwarding path.
可选地,步骤403交换机根据所述控制器发送的转发表对封装有所述代理MAC地址的交互数据包在源主机和目的主机之间进行转发包括:Optionally, the step 403, according to the forwarding table sent by the controller, forwarding the interaction data packet encapsulating the proxy MAC address between the source host and the destination host, including:
源接入交换机接收到交互数据包,根据源主机二层转发表和代理MAC 地址,将交互数据包转发到相应的核心交换机。The source access switch receives the interaction data packet according to the source host layer 2 forwarding table and the proxy MAC address. The address forwards the interactive packet to the corresponding core switch.
核心交换机根据交互数据包中的目的主机IP地址和源主机主机路由表,确定目的主机归属的目的接入交换机,将交互数据包的源主机MAC地址修改为代理MAC地址,目的主机MAC地址修改为目的主机的真实MAC地址,并将修改后的交互数据包发送到目的接入交换机。The core switch determines the destination access switch to which the destination host belongs according to the destination host IP address and the source host host routing table in the interaction data packet, and modifies the source host MAC address of the interaction data packet to the proxy MAC address, and the destination host MAC address is modified to The real MAC address of the destination host, and the modified interactive data packet is sent to the destination access switch.
目的接入交换机根据目的主机MAC地址、和源主机二层转发表将交互数据包发送到目的主机。The destination access switch sends the interactive data packet to the destination host according to the destination host MAC address and the source host Layer 2 forwarding table.
目的接入交换机接收目的主机反馈的交互数据包,其中,反馈的交互数据包中的目的主机MAC为代理MAC地址。The destination access switch receives the interaction data packet fed back by the destination host, where the destination host MAC in the feedback interaction data packet is a proxy MAC address.
目的接入交换接根据代理MAC地址、和目的主机二层转发表将反馈的交互数据包发送到对应的核心交换机。The destination access switch sends the feedback interaction data packet to the corresponding core switch according to the proxy MAC address and the destination host Layer 2 forwarding table.
核心交换机根据反馈的交互数据包中的目的主机IP和目的主机主机路由表,确定源主机归属于源接入交换机,将反馈的交互数据包的源主机MAC地址修改为代理MAC地址,目的主机MAC地址修改为源主机真实的MAC地址,并将修改后的反馈的交互数据包发送到源接入交换机。The core switch determines that the source host belongs to the source access switch according to the destination host IP and the destination host host routing table in the feedback interaction data packet, and modifies the source host MAC address of the feedback interaction data packet to the proxy MAC address, and the destination host MAC address. The address is modified to the real MAC address of the source host, and the modified interactive data packet is sent to the source access switch.
源接入交换机根据目的主机MAC地址、和目的主机二层转发表将反馈的交互数据包发送到源主机。The source access switch sends the feedback interaction data packet to the source host according to the destination host MAC address and the destination host layer 2 forwarding table.
需要说明的是,在本发明实施例中,代理MAC地址包括:全局唯一代理MAC地址、或者针对相应的交换机生成的专属代理MAC地址。It should be noted that, in the embodiment of the present invention, the proxy MAC address includes: a globally unique proxy MAC address, or a dedicated proxy MAC address generated for the corresponding switch.
也就是说,在本发明实施例中,为了更发挥代理MAC应用在二层转发所带来的优势,可以设计控制器为每个交换机生成代理MAC地址;控制器在为主机做ARP代答的时候填写该代理MAC地址;控制器为该代理MAC地址生成转发表用于指导数据转发;主机使用该MAC地址封装数据包;交换机根据转发表得知使用该代理MAC地址封装的数据包的转发。主机先发送ARP请求,ARP消息在交换机TSW上送控制器,控制器做ARP代答,回复一个ARP Reply,携带一个Proxy MAC作为响应。Proxy MAC采用与交换设备相关联的编码方式,即每台交换设备具有独特的Proxy MAC。其中,转发查找过程中先按Proxy MAC分组,再按报文特征标识查询目标出口。如 此,控制器只需要为转发路径上所有的转发设备下发到达目的TSW的二层转发表。That is to say, in the embodiment of the present invention, in order to further exert the advantages brought by the proxy MAC application in the layer 2 forwarding, the controller may be designed to generate a proxy MAC address for each switch; the controller performs ARP pickup for the host. The proxy MAC address is filled in; the controller generates a forwarding table for the proxy MAC address to guide data forwarding; the host uses the MAC address to encapsulate the data packet; and the switch learns the forwarding of the data packet encapsulated by the proxy MAC address according to the forwarding table. The host sends an ARP request first. The ARP message is sent to the controller on the switch TSW. The controller performs ARP pickup, replies with an ARP Reply, and carries a Proxy MAC as a response. The Proxy MAC uses the encoding method associated with the switching device, that is, each switching device has a unique Proxy MAC. In the forwarding search process, the Proxy MAC packet is first grouped, and then the packet destination identifier is used to query the target exit. Such as Therefore, the controller only needs to deliver a Layer 2 forwarding table to the destination TSW for all the forwarding devices on the forwarding path.
以下结合实例,对本发明实施例上述技术方案进行详细说明。The above technical solutions of the embodiments of the present invention are described in detail below with reference to examples.
实例1Example 1
分属不同WA的相同网段主机通信场景,主机发送三层报文之前,先检查自身是否有目的IP的MAC地址。如果没有,那么主机先发送ARP请求,ARP消息请求的IP地址是目的主机的IP地址,在TSW上送控制器。控制器生成一个全局唯一Proxy MAC,发送ARP代答给请求的主机。控制器学习到了请求ARP的主机IP地址和MAC地址,根据SPF计算出路径,下发二层转发表到路径中所有的交换机,下发主机路由表到路径中所有的CSW控制器。同时控制器会检查是否存在ARP Request的MAC地址条目记录,如果没有存在ARP Request的MAC地址条目记录,控制器会发送ARP广播消息,ARP请求在所有的TSW的trunk口上广播。对应目的IP的主机收到ARP请求回复ARP应答。同样,控制器学习到了应答ARP的主机IP地址和MAC地址,根据控制器中SPF算法计算出路径,下发二层转发表到路径中所有的交换机,下发主机路由表到路径中所有的CSW控制器。The host is in the same network segment host communication scenario as the different WAs. Before sending a Layer 3 packet, the host checks whether it has the MAC address of the destination IP address. If not, the host sends an ARP request first. The IP address requested by the ARP message is the IP address of the destination host and is sent to the controller on the TSW. The controller generates a globally unique Proxy MAC and sends an ARP to the requesting host. The controller learns the host IP address and MAC address of the requesting ARP, calculates the path according to the SPF, delivers the Layer 2 forwarding table to all the switches in the path, and delivers the host routing table to all the CSW controllers in the path. At the same time, the controller checks whether there is a MAC address entry record of the ARP Request. If there is no MAC address entry record of the ARP Request, the controller sends an ARP broadcast message, and the ARP request is broadcast on all TSW trunk ports. The host corresponding to the destination IP receives the ARP request to reply to the ARP reply. Similarly, the controller learns the host IP address and MAC address of the ARP, calculates the path according to the SPF algorithm in the controller, delivers the Layer 2 forwarding table to all the switches in the path, and delivers the host routing table to all the CSWs in the path. Controller.
如果TSW是纯二层,那么TSW上原则上不对数据包更换MAC地址封装,那么要求CSW需要接收目的MAC为Proxy MAC的数据包。如果CSW上有默认网关的功能即:剥掉MAC和重新封装MAC的功能。数据包从CSW出来后,就打上目标主机的MAC地址,发送到目的主机所属的TSW是纯二层转发。If the TSW is a pure Layer 2, then in principle, the TSW does not replace the MAC address encapsulation of the data packet, so the CSW needs to receive the data packet whose destination MAC address is the Proxy MAC. If there is a default gateway function on the CSW: the function of stripping the MAC and re-encapsulating the MAC. After the packet comes out of the CSW, it is tagged with the MAC address of the target host, and the TSW sent to the destination host is pure Layer 2 forwarding.
本发明实施例根据网络拓扑结构,三层网关才下发主机路由,TSW作为纯二层设备,没有主机路由。考虑到TSW是纯二层转发,因此,主机路由不会下发到TSW。这样体现出来的好处包括主机路由生成的流表数目少,只有CSW上下发对应的主机路由表;符合网络拓扑“TSW是纯二层”的特点;TSW上的转发行为简单,即只有二层转发,没有三层行为。According to the network topology structure, the Layer 3 gateway delivers the host route, and the TSW functions as a pure Layer 2 device without host routing. Considering that TSW is pure Layer 2 forwarding, host routes are not delivered to TSW. The benefits of this are as follows: the number of flow tables generated by the host route is small, and only the host routing table corresponding to the CSW is sent and received; the network topology "TSW is pure Layer 2"; the forwarding behavior on the TSW is simple, that is, only Layer 2 forwarding There is no three-tier behavior.
图5是本发明实施例的不同交换机所属同一网段主机之间的通信结构示意图,图6是本发明实施例的实例1的信令交互流程图,如图6所示,在如图5所示的网络拓扑结构下,包括步骤601-612: 5 is a schematic diagram of a communication structure between hosts of the same network segment to which different switches belong to the embodiment of the present invention, and FIG. 6 is a flowchart of signaling interaction of the example 1 of the embodiment of the present invention, as shown in FIG. In the network topology shown, steps 601-612 are included:
步骤601,H1主机先发送ARP请求,ARP消息在TSW1上送控制器,控制器查询ARP表,检查是否存在ARP Request的MAC地址条目记录,如果存在ARP Request的MAC地址条目记录,控制器做ARP代答;如果控制器没有查到和H2主机IP地址匹配的MAC地址,控制器就将ARP消息广播,广播接口包括所有TSW的trunk口(接server的口)。In step 601, the H1 host sends an ARP request, and the ARP message is sent to the controller on the TSW1. The controller queries the ARP table to check whether there is an ARP Request MAC address entry record. If there is an ARP Request MAC address entry record, the controller performs ARP. If the controller does not find the MAC address matching the H2 host IP address, the controller broadcasts the ARP message, and the broadcast interface includes the trunk ports of all TSWs (ports connected to the server).
步骤602,控制器因为接收到H1主机的ARP请求,发现并学习到发送ARP请求的H1主机的MAC地址,通过SPF计算二层转发报文的路径。控制器根据SPF计算出来的路径,控制器往SPF计算路径上所有交换机上下发二层转发表,往SPF计算路径上的CSW交换机下发主机路由表。Step 602: The controller receives the ARP request of the H1 host, discovers and learns the MAC address of the H1 host that sends the ARP request, and calculates the path of the Layer 2 forwarding packet through the SPF. According to the path calculated by the SPF, the controller sends a Layer 2 forwarding table to all the switches on the SPF calculation path, and sends a host routing table to the CSW switch on the SPF calculation path.
步骤603,应答ARP的H2主机与发起ARP请求的H1主机在不同的TSW下面,对应IP的H2主机应答ARP请求。控制器收到H2主机的ARP reply,发现并学习到H2主机的MAC地址,通过SPF计算二层转发报文的路径。控制器根据SPF计算的二层转发报文的路径,控制器往路径上所有交换机上下发对应H2主机MAC的二层转发表,往路径上所有的CSW交换机上下发对应H2的主机路由表。In step 603, the H2 host that responds to the ARP and the H1 host that initiates the ARP request are under different TSWs, and the H2 host corresponding to the IP responds to the ARP request. The controller receives the ARP reply from the H2 host, discovers and learns the MAC address of the H2 host, and calculates the path of the Layer 2 packet forwarding through the SPF. The controller sends a Layer 2 forwarding table corresponding to the H2 host MAC address to all the switches on the path according to the path of the Layer 2 forwarding packet calculated by the SPF, and sends and routes the H2 host routing table to all the CSW switches in the path.
步骤604,控制器确认H2主机归属TSW2交换机,那么控制器响应H1主机的ARP代答;其中ARP代答中的目的IP的MAC地址是控制器生成的网络拓扑中唯一的Proxy MAC。Step 604, the controller confirms that the H2 host belongs to the TSW2 switch, and the controller responds to the ARP pickup of the H1 host; wherein the MAC address of the destination IP in the ARP pickup is the only Proxy MAC in the network topology generated by the controller.
步骤605,H1主机收到TSW1交换机转发的控制器的ARP响应,认为响应报文中Proxy MAC即为目的IP的MAC地址。TSW1交换机所属的H1主机封装Proxy MAC为目的MAC,H2的IP地址作为目的IP,向TSW2交换机所属的主机H2发送ICMP三层数据包。Step 605: The H1 host receives the ARP response of the controller forwarded by the TSW1 switch, and considers that the Proxy MAC in the response packet is the MAC address of the destination IP address. The H1 host encapsulation Proxy MAC to which the TSW1 switch belongs is the destination MAC address, and the IP address of H2 is used as the destination IP address to send ICMP Layer 3 data packets to the host H2 to which the TSW2 switch belongs.
步骤606,H1主机发送的ICMP三层数据包达到TSW1,TSW1根据查找二层转发表转发给CSW。Step 606: The ICMP Layer 3 data packet sent by the H1 host reaches TSW1, and the TSW1 forwards the packet to the CSW according to the lookup Layer 2 forwarding table.
步骤607,CSW根据目的主机IP查询网络中所有主机路由表,确认H2主机归属TSW2主机;CSW将ICMP报文的源MAC修改为Proxy MAC,目的MAC更改为主机H2的物理MAC,然后将三层数据包转发给TSW2交换机。 Step 607: The CSW queries all host routing tables in the network according to the destination host IP, and confirms that the H2 host belongs to the TSW2 host. The CSW modifies the source MAC address of the ICMP packet to the proxy MAC address, and changes the destination MAC address to the physical MAC address of the host H2, and then the third layer. The packet is forwarded to the TSW2 switch.
步骤608,TSW2交换机收到ICMP报文,检查目的MAC是所属直连主机的物理MAC,根据二层转发表,将ICMP报文转发给H2主机。Step 608: The TSW2 switch receives the ICMP packet, and checks that the destination MAC address is the physical MAC address of the directly connected host, and forwards the ICMP packet to the H2 host according to the Layer 2 forwarding table.
步骤609,H2主机收到H1的ICMP三层数据包后,H2回复ICMP应答消息给TSW2交换机,ICMP应答消息封装的目的IP是H1主机IP,目的MAC是Proxy MAC。Step 609: After the H2 host receives the ICMP Layer 3 data packet of the H1, the H2 replies to the ICMP response message to the TSW2 switch. The destination IP address encapsulated by the ICMP response message is the H1 host IP, and the destination MAC address is the Proxy MAC.
步骤610,ICMP应答消息到达TSW2,携带的目的IP是H2的IP地址,目的MAC是Proxy MAC。TSW2查询二层转发表,将应答报文发送给CSW。Step 610: The ICMP response message arrives at TSW2, and the carried destination IP address is the IP address of H2, and the destination MAC address is a Proxy MAC. TSW2 queries the Layer 2 forwarding table and sends the response packet to the CSW.
步骤611,CSW收到H2主机的ICMP响应报文,CSW识别报文中的Proxy MAC为代理MAC。CSW修改源MAC为Proxy MAC。目的MAC修改为H1MAC。CSW查询主机路由表,将ICMP报文转发给TSW1。In step 611, the CSW receives the ICMP response packet of the H2 host, and the Proxy MAC in the CSW identification packet is the proxy MAC address. CSW modifies the source MAC to Proxy MAC. The destination MAC is modified to H1MAC. The CSW queries the host routing table and forwards ICMP packets to TSW1.
步骤612,TSW1收到ICMP报文将报文根据二层转发表发送给H1主机,至此完成了不同TSW下相同网段的主机的通信。Step 612: The TSW1 receives the ICMP packet and sends the packet to the H1 host according to the Layer 2 forwarding table. The communication between the hosts on the same network segment under different TSWs is completed.
同理,其他主机之间通信,也通过上述步骤进行报文的二层转发。For the same reason, the communication between other hosts is also performed through the above steps.
实例2Example 2
在实例1中,Proxy MAC网络拓扑中唯一的代理MAC。在CSW查询主机路由表时,是在全网主机路由表中查询目的IP对应的主机MAC。查询的广度是在主机路由表中达到了最大化范围内查询。当主机路由表数量剧增时,查询范围和难度也等比例增加。考虑到降低复杂度和提高性能的双层优化,实例2提出一种根据不同TSW生成唯一标识交换机的Proxy MAC,TSW下挂主机关联所属TSW的Proxy MAC。应答不同TSW交换机下的主机采用目标主机所属TSW的唯一标识Proxy MAC。CSW收到三层数据包时查询主机路由表就可根据TSW对应的Proxy MAC分组查询。精确缩小查询范围和提高查询的性能。发挥本发明实施例中提出的Proxy MAC作为SDN网络二层转发方法和系统的优势。In Example 1, the only proxy MAC in the Proxy MAC network topology. When the CSW queries the host routing table, it searches the host MAC address of the destination IP address in the host-wide routing table. The breadth of the query is the maximum range of queries in the host routing table. When the number of host routing tables increases dramatically, the scope and difficulty of the query increase in proportion. Considering the double-layer optimization of reducing the complexity and improving the performance, the example 2 proposes a Proxy MAC that uniquely identifies the switch according to different TSWs, and the Proxy MAC of the TSW to which the host is associated with the TSW. The host under the different TSW switches adopts the unique identifier Proxy MAC of the TSW to which the target host belongs. When the CSW receives the Layer 3 data packet, the host routing table can be queried according to the Proxy MAC packet corresponding to the TSW. Accurately narrow the scope of the query and improve the performance of the query. The Proxy MAC proposed in the embodiment of the present invention is used as an advantage of the SDN network layer 2 forwarding method and system.
控制器对SW(Switch,交换机)之间的链路检测和TOPO形成都是通过LLDP(Link Layer Discovery Protocol,链路层发现协议)完成的。其中,LLDP提供了一种标准的链路层发现方式,可以将本端设备的主要能力、管理地址、设备标识、接口标识等信息组织成不同的TLV(Type/Length/Value,类型/长 度/值),并封装在LLDP PDU(Link Layer Discovery Protocol Data Unit,链路层发现协议数据单元)中发布给与自己直连的邻居。在本发明实施例的网络拓扑场景下,WA将自己管理的主机地址、交换机标识等信息组织成TLV封装在LLDP PDU中发布给相连的控制器,控制器收集到网络拓扑中所有的TSW管理的主机地址,交换机标志等信息。为每个TSW交换机编码一个唯一的Proxy MAC,通过控制器SPF算法算出到达TSW交换机的路径,控制器为路径中所有的交换机下发到达TSW交换机的转发表。The link detection and the TOPO formation of the switch between the switch and the switch are performed by LLDP (Link Layer Discovery Protocol). LLDP provides a standard link layer discovery mode, which can be used to organize the main device, management address, device identifier, and interface identifier of the local device into different TLVs (Type/Length/Value, type/long Degree/value), and is encapsulated in the LLDP PDU (Link Layer Discovery Protocol Data Unit) to be directly connected to the neighbor. In the network topology scenario of the embodiment of the present invention, the WA organizes the information such as the host address and the switch identifier that are managed by the user into TLVs and encapsulates them in the LLDP PDUs to the connected controllers. The controller collects all the TSWs managed in the network topology. Host address, switch flag and other information. A unique Proxy MAC is encoded for each TSW switch, and the path to the TSW switch is calculated by the controller SPF algorithm. The controller sends a forwarding table to the TSW switch for all the switches in the path.
本发明实施例的网络拓扑场景中,TSW1交换机所属主机与TSW2交换机所属同一网段主机之间的通信机制如下:TSW1交换机所属主机发送目的IP地址为TSW2交换机所属主机的ICMP三层数据包,TSW1交换机所属主机会先查询是否有目的IP的MAC地址。TSW1交换机所属主机如果没有查到对应MAC地址,TSW1交换机所属主机会先发送一个目的IP地址的ARP请求。假如源主机1.1.1.2发送三层数据包的目的IP是1.1.1.3,那么ARP请求报文内容:Who has 1.1.1.3?tell 1.1.1.2。ARP请求广播到TSW1交换机,TSW1交换机上送到控制器。控制器检索出目的IP主机归属TSW2交换机,那么控制器立即响应ARP代答,ARP代答携带的目的MAC是控制器根据目的IP主机所属的TSW2交换机唯一生成的标志TSW2的Proxy MAC2。TSW1交换机所属主机收到ARP响应,发送目的MAC为Proxy MAC2的ICMP三层数据包。三层数据包到达TSW1交换机,TSW1将报文转交给CSW1,CSW1收到报文,将三层数据包的源MAC更换为TSW1的Proxy MAC1,报文的目的MAC更换为目的主机H2的MAC。CSW1核心交换机根据转发表将报文转发给TSW2,TSW2根据目的主机MAC查找二层转发表,将报文转发给TSW2交换机所属主机。In the network topology scenario of the embodiment of the present invention, the communication mechanism between the host to which the TSW1 switch belongs and the host of the same network segment to which the TSW2 switch belongs is as follows: the host to which the TSW1 switch belongs is the ICMP Layer 3 data packet of the host to which the TSW2 switch belongs, TSW1 The host to which the switch belongs will first query whether there is a MAC address of the destination IP address. If the host to which the TSW1 switch belongs does not find the corresponding MAC address, the host to which the TSW1 switch belongs will first send an ARP request with the destination IP address. If the destination IP of the source host 1.1.1.2 sends the Layer 3 packet is 1.1.1.3, then the content of the ARP request message: Who has 1.1.1.3? Tell 1.1.1.2. The ARP request is broadcast to the TSW1 switch, which is sent to the controller on the TSW1 switch. The controller retrieves the destination IP host to the TSW2 switch, and the controller immediately responds to the ARP pickup. The destination MAC carried by the ARP proxy is the Proxy MAC2 of the TSW2 that is generated by the controller according to the TSW2 switch to which the destination IP host belongs. The host to which the TSW1 switch belongs receives an ARP response and sends an ICMP Layer 3 packet whose destination MAC address is Proxy MAC2. The Layer 3 packet arrives at the TSW1 switch. The TSW1 forwards the packet to the CSW1. The CSW1 receives the packet and replaces the source MAC address of the Layer 3 packet with the Proxy MAC1 of the TSW1. The destination MAC address of the packet is changed to the MAC address of the destination host H2. The core switch of the CSW1 forwards the packet to the TSW2 according to the forwarding table. The TSW2 searches the Layer 2 forwarding table according to the destination host MAC address and forwards the packet to the host to which the TSW2 switch belongs.
TSW2所属主机收到三层数据报文请求,响应三层数据报文应答。应答报文的源MAC为自身MAC,目的MAC为TSW1交换机的Proxy MAC1。报文发送到TSW2交换机。TSW2交换机根据转发表应答报文转发到Proxy CSW1,CSW1收到报文将源MAC更改为Proxy MAC2。CSW1核心交换机将应答报文根据目的IP查询主机路由表,发现目的IP的主机归属TSW1,CSW1将报文的目的MAC更改为主机H1真实的MAC,转发报文到TSW1 交换机。TSW1交换机根据二层转发表将应答报文发送给对应的主机。至此,完成了不同TSW下的相同网段的主机之间的通信。The host to which TSW2 belongs receives a Layer 3 data packet request and responds to the Layer 3 data packet response. The source MAC address of the response packet is its own MAC, and the destination MAC address is the Proxy MAC1 of the TSW1 switch. The message is sent to the TSW2 switch. The TSW2 switch forwards the response packet to the Proxy CSW1 according to the forwarding table. The CSW1 receives the packet and changes the source MAC to the proxy MAC2. The CSW1 core switch queries the host routing table of the response packet according to the destination IP address, and discovers that the host of the destination IP belongs to the TSW1. The CSW1 changes the destination MAC address of the packet to the real MAC address of the host H1, and forwards the packet to the TSW1. switch. The TSW1 switch sends a response packet to the corresponding host according to the Layer 2 forwarding table. At this point, communication between hosts on the same network segment under different TSWs is completed.
图7是本发明实施例的交换机所属主机之间的通信流程的示意图,图8是本发明实施例的实例2的信令交互流程图,如图8所示,在如图7所示的网络拓扑结构下,控制器没有保存网络中主机MAC地址的场景下,主机间通信包括步骤801-812:7 is a schematic diagram of a communication flow between hosts to which a switch belongs according to an embodiment of the present invention, and FIG. 8 is a flow chart of signaling interaction of Example 2 of the embodiment of the present invention, as shown in FIG. In the scenario where the controller does not save the host MAC address in the network, the inter-host communication includes steps 801-812:
步骤801,H1主机先发送ARP请求,ARP消息在TSW1上送控制器,控制器查询ARP表,检查是否存在ARP Request的MAC地址条目记录,如果存在ARP Request的MAC地址条目记录,控制器做ARP代答;如果控制器没有查到和H2主机IP地址匹配的MAC地址,控制器就将ARP消息广播,广播接口包括所有TSW的trunk口(接server的口)。In step 801, the H1 host sends an ARP request, and the ARP message is sent to the controller on the TSW1. The controller queries the ARP table to check whether there is an ARP Request MAC address entry record. If there is an ARP Request MAC address entry record, the controller performs ARP. If the controller does not find the MAC address matching the H2 host IP address, the controller broadcasts the ARP message, and the broadcast interface includes the trunk ports of all TSWs (ports connected to the server).
步骤802,控制器因为接收到H1主机的ARP请求,发现并学习到发送ARP请求的H1主机的MAC地址,通过SPF计算二层转发报文的路径。控制器根据SPF算法计算出来的路径,控制器往SPF计算路径上所有交换机上下发二层转发表,往SPF计算路径上的CSW交换机下发主机路由表。Step 802: The controller receives the ARP request of the H1 host, discovers and learns the MAC address of the H1 host that sends the ARP request, and calculates the path of the Layer 2 packet forwarding through the SPF. According to the path calculated by the SPF algorithm, the controller sends a Layer 2 forwarding table to all the switches on the SPF calculation path, and sends a host routing table to the CSW switch on the SPF calculation path.
步骤803,应答ARP的H2主机与发起ARP请求的H1主机在不同的TSW下面,对应IP的H2主机应答ARP请求。控制器收到H2主机的ARP reply,发现并学习到H2主机的MAC地址,通过SPF计算二层转发报文的路径。控制器根据SPF计算的二层转发报文的路径,控制器往路径上所有交换机上下发对应H2主机MAC的二层转发表,往路径上所有的CSW交换机上下发对应H2的主机路由表。In step 803, the H2 host that responds to the ARP and the H1 host that initiates the ARP request are under different TSWs, and the H2 host corresponding to the IP responds to the ARP request. The controller receives the ARP reply from the H2 host, discovers and learns the MAC address of the H2 host, and calculates the path of the Layer 2 packet forwarding through the SPF. The controller sends a Layer 2 forwarding table corresponding to the H2 host MAC address to all the switches on the path according to the path of the Layer 2 forwarding packet calculated by the SPF, and sends and routes the H2 host routing table to all the CSW switches in the path.
步骤804,控制器确认H2主机归属TSW2交换机,那么控制器响应H1主机的ARP代答;其中ARP代答中的目的IP的MAC地址是控制器为TSW2交换机生成的网络拓扑中具有唯一性的Proxy MAC2。Step 804, the controller confirms that the H2 host belongs to the TSW2 switch, and the controller responds to the ARP pickup of the H1 host; wherein the MAC address of the destination IP in the ARP pickup is a unique proxy in the network topology generated by the controller for the TSW2 switch. MAC2.
步骤805,H1主机收到TSW1交换机转发的控制器的ARP响应,认为响应报文中Proxy MAC2即为目的IP的MAC地址。TSW1交换机所属的H1主机封装Proxy MAC2为目的MAC,H2的IP地址作为目的IP,向TSW2交换机所属的主机H2发送ICMP三层数据包。 Step 805: The H1 host receives the ARP response of the controller forwarded by the TSW1 switch, and considers that the Proxy MAC2 in the response packet is the MAC address of the destination IP. The H1 host encapsulation Proxy MAC2 to which the TSW1 switch belongs is the destination MAC address, and the IP address of H2 is used as the destination IP address to send ICMP Layer 3 data packets to the host H2 to which the TSW2 switch belongs.
步骤806,H1主机发送的ICMP三层数据包达到TSW1,根据查找二层转发表转发给CSW。Step 806: The ICMP Layer 3 data packet sent by the H1 host reaches TSW1, and is forwarded to the CSW according to the lookup Layer 2 forwarding table.
步骤807,CSW根据目的主机IP查询主机路由表,确认H2主机归属TSW2主机;CSW将ICMP报文的源MAC更改为TSW1的Proxy MAC1,目的MAC更改为主机H2的物理MAC,然后将三层数据包转发给TSW2交换机。Step 807: The CSW queries the host routing table according to the destination host IP, and confirms that the H2 host belongs to the TSW2 host. The CSW changes the source MAC address of the ICMP packet to the Proxy MAC1 of the TSW1, and changes the destination MAC address to the physical MAC address of the host H2, and then the Layer 3 data. The packet is forwarded to the TSW2 switch.
步骤808,TSW2交换机收到ICMP报文,检查目的MAC是所属直连主机的物理MAC,将ICMP转发给H2主机。Step 808: The TSW2 switch receives the ICMP packet, checks that the destination MAC address is the physical MAC of the directly connected host, and forwards the ICMP to the H2 host.
步骤809,H2主机收到H1的ICMP三层数据包后,H2回复ICMP应答消息给TSW2交换机,ICMP应答消息封装的目的IP是H1主机IP,目的MAC是Proxy MAC1。Step 809: After the H2 host receives the ICMP Layer 3 data packet of the H1, the H2 replies an ICMP response message to the TSW2 switch. The destination IP address encapsulated by the ICMP response message is the H1 host IP, and the destination MAC address is the Proxy MAC1.
步骤810,ICMP应答消息到达TSW2,携带的目的IP是H2的IP地址,目的MAC是Proxy MAC1。TSW2查询二层转发表,将应答报文发送给CSW。In step 810, the ICMP response message arrives at TSW2, and the carried destination IP address is the IP address of H2, and the destination MAC address is Proxy MAC1. TSW2 queries the Layer 2 forwarding table and sends the response packet to the CSW.
步骤811,CSW收到H2主机的ICMP响应报文,CSW修改源MAC为Proxy MAC2,目的MAC修改为H1MAC,将ICMP报文转发给TSW1。Step 811: The CSW receives the ICMP response packet of the H2 host, and the CW modifies the source MAC address to the Proxy MAC2, and the destination MAC address is changed to the H1MAC, and the ICMP packet is forwarded to the TSW1.
步骤812,TSW1收到ICMP报文将报文根据二层转发表发送给H1主机,至此完成了不同TSW下相同网段的主机的通信。Step 812: The TSW1 receives the ICMP packet and sends the packet to the H1 host according to the Layer 2 forwarding table. The communication between the hosts on the same network segment under different TSWs is completed.
同理,其他主机之间通信,也通过上述步骤进行报文的二层转发。For the same reason, the communication between other hosts is also performed through the above steps.
综上所述,借助于本发明实施例的技术方案,解决了在SDN网络中交换机流表暴增带来的查找,删除,添加和更新一系列操作的性能问题,同时为减轻了交换表对流表的大容量存储的压力。In summary, the technical solution of the embodiment of the present invention solves the performance problem of finding, deleting, adding, and updating a series of operations caused by the bursting of the switch flow table in the SDN network, and at the same time, reducing the convection of the exchange table. The pressure of the table's mass storage.
系统实施例System embodiment
根据本发明的实施例,提供了一种SDN二层转发系统,图9是本发明实施例的SDN二层转发系统的结构示意图,如图9所示,根据本发明实施例的SDN二层转发系统包括:控制器90、源主机91、目的主机92、以及交换机93,以下对本发明实施例的每个模块进行详细的说明。An SDN Layer 2 forwarding system is provided according to an embodiment of the present invention. FIG. 9 is a schematic structural diagram of an SDN Layer 2 forwarding system according to an embodiment of the present invention. As shown in FIG. 9, an SDN Layer 2 forwarding according to an embodiment of the present invention is provided. The system includes a controller 90, a source host 91, a destination host 92, and a switch 93. Each module of the embodiment of the present invention is described in detail below.
控制器90,设置为在向源主机进行地址解析协议APR代答时,将发送到源主机的ARP应答中的目的主机MAC地址设置为预先生成的代理MAC地 址。The controller 90 is configured to set the destination host MAC address in the ARP reply sent to the source host to the pre-generated proxy MAC address when performing address resolution protocol APR pickup to the source host. site.
控制器90还设置为:在向源主机进行APR代答之前,通过源接入交换机接收其所属的源主机发送的ARP请求,根据ARP请求中的目的主机MAC地址查询本地保存的ARP表,判断ARP表中是否记录有目的主机MAC地址,如果判定所述ARP表中记录有所述目的主机MAC地址,则向源主机进行APR代答,如果判定所述ARP表中没有记录所述目的主机MAC地址,则将ARP请求进行广播。The controller 90 is further configured to: before the APR pickup of the source host, receive the ARP request sent by the source host to which the source host belongs, and query the locally saved ARP table according to the destination host MAC address in the ARP request, and determine Whether the destination host MAC address is recorded in the ARP table. If it is determined that the destination host MAC address is recorded in the ARP table, the source host performs APR pickup. If it is determined that the destination host MAC is not recorded in the ARP table. The address broadcasts the ARP request.
控制器90还设置为: Controller 90 is also configured to:
将ARP请求进行广播之后,根据ARP请求中携带源主机MAC地址进行SPF计算并获取源主机路径,向源主机路径上的所有接入交换机下发对应源主机的源主机二层转发表,并向源主机路径上的核心交换机下发对应源主机的源主机主机路由表,其中,源主机二层转发表用于根据目的主机MAC地址指示交互数据包的转发路径,源主机主机路由表用于根据目的主机IP地址指示交互数据包的转发路径。After the ARP request is broadcast, the source host MAC address is carried in the ARP request to perform the SPF calculation and the source host path is obtained, and the source host's Layer 2 forwarding table corresponding to the source host is delivered to all the access switches on the source host path, and The source host on the source host sends a source host host routing table to the source host. The source host Layer 2 forwarding table is used to indicate the forwarding path of the interactive packet according to the destination host MAC address. The source host host routing table is used to The destination host IP address indicates the forwarding path of the interactive data packet.
接收目的主机发送的ARP应答,根据ARP应答中携带的源主机MAC地址进行SPF计算并获取目的主机路径,向目的主机路径上的核心交换机下发对应目的主机的目的主机主机路由表,并向目的主机路径上的所有接入交换机下发对应目的主机的目的主机二层转发表,其中,目的主机二层转发表用于根据目的主机MAC地址指示交互数据包的转发路径,目的主机主机路由表用于根据目的主机IP地址指示交互数据包的转发路径。Receive the ARP reply sent by the destination host, perform SPF calculation according to the source host MAC address carried in the ARP reply, and obtain the destination host path, and deliver the destination host host routing table to the core switch on the destination host path to the destination host. All the access switches on the host path deliver the destination host Layer 2 forwarding table of the destination host. The destination host Layer 2 forwarding table is used to indicate the forwarding path of the interactive data packet according to the destination host MAC address. The destination host host routing table is used. The forwarding path of the interactive data packet is indicated according to the destination host IP address.
根据ARP应答中携带的目的主机MAC地址,向源主机进行APR代答,并将目的主机MAC地址保存到ARP表中。The APR pickup is performed on the source host according to the destination host MAC address carried in the ARP reply, and the destination host MAC address is saved in the ARP table.
源主机91,设置为将代理MAC地址作为目的主机MAC地址对交互数据包进行封装,并发送到交换机。The source host 91 is configured to encapsulate the interactive data packet with the proxy MAC address as the destination host MAC address and send it to the switch.
源主机92将所述代理MAC地址作为目的主机MAC地址对交互数据包进行封装,并发送到交换机包括:接收控制器90发送的ARP应答,将代理MAC地址作为目的主机MAC地址;向目的主机发送交互数据包,其中,交互数据包的目的主机MAC地址为代理MAC地址。 The source host 92 encapsulates the interaction data packet with the proxy MAC address as the destination host MAC address, and sends the data packet to the switch, including: receiving the ARP response sent by the controller 90, using the proxy MAC address as the destination host MAC address, and sending the proxy MAC address to the destination host. An interactive data packet, wherein the destination host MAC address of the interactive data packet is a proxy MAC address.
目的主机92,还设置为将代理MAC地址作为目的主机MAC地址对交互数据包进行封装,并发送到交换机96;目的主机92设置为:向源主机反馈交互数据包,其中,反馈的交互数据包中的目的主机MAC为代理MAC地址。The destination host 92 is further configured to encapsulate the interaction data packet with the proxy MAC address as the destination host MAC address, and send it to the switch 96. The destination host 92 is configured to: feed back the interaction data packet to the source host, where the feedback interaction data packet The destination host MAC in the proxy MAC address.
交换机93,设置为根据控制器90发送的转发表对封装有代理MAC地址的交互数据包在源主机和目的主机之间进行转发,其中,转发表用于指示封装有代理MAC地址的ICMP三层数据包的转发路径。交换机具体包括:接入交换机和核心交换机。The switch 93 is configured to forward the exchange data packet encapsulating the proxy MAC address between the source host and the destination host according to the forwarding table sent by the controller 90, wherein the forwarding table is used to indicate the ICMP layer 3 encapsulating the proxy MAC address. The forwarding path of the packet. The switch specifically includes: an access switch and a core switch.
所述交换机93包括:源接入交换机、核心交换机和目的接入交换机。The switch 93 includes: a source access switch, a core switch, and a destination access switch.
所述交换机93根据所述控制器发送的转发表对封装有所述代理MAC地址的交互数据包在源主机和目的主机之间进行转发包括:The switch 93 forwards the interaction data packet encapsulating the proxy MAC address between the source host and the destination host according to the forwarding table sent by the controller, including:
源接入交换机设置为:接收到交互数据包,根据源主机二层转发表和代理MAC地址,将交互数据包转发到相应的核心交换机。The source access switch is configured to: receive the interaction data packet, and forward the interaction data packet to the corresponding core switch according to the source host layer 2 forwarding table and the proxy MAC address.
核心交换机设置为:根据交互数据包中的目的主机IP地址和源主机主机路由表,确定目的主机归属的目的接入交换机,将交互数据包的源主机MAC地址修改为代理MAC地址,目的主机MAC地址修改为目的主机的真实MAC地址,并将修改后的交互数据包发送到目的接入交换机。The core switch is configured to: determine the destination access switch to which the destination host belongs according to the destination host IP address and the source host host routing table in the interaction data packet, and modify the source host MAC address of the interaction data packet to the proxy MAC address, and the destination host MAC address. The address is modified to the real MAC address of the destination host, and the modified interactive data packet is sent to the destination access switch.
目的接入交换机设置为:根据目的主机MAC地址、和源主机二层转发表将交互数据包发送到目的主机;接收目的主机反馈的交互数据包,其中,反馈的交互数据包中的目的主机MAC为代理MAC地址;根据代理MAC地址、和目的主机二层转发表将反馈的交互数据包发送到对应的核心交换机。The destination access switch is configured to: send the interaction data packet to the destination host according to the destination host MAC address and the source host layer 2 forwarding table; receive the interaction data packet fed back by the destination host, where the destination host MAC in the feedback interaction data packet is received. The proxy MAC address is sent to the corresponding core switch according to the proxy MAC address and the destination host Layer 2 forwarding table.
核心交换机还设置为:根据反馈的交互数据包中的目的主机IP和目的主机主机路由表,确定源主机归属于源接入交换机,将反馈的交互数据包的源主机MAC地址修改为代理MAC地址,目的主机MAC地址修改为源主机真实的MAC地址,并将修改后的反馈的交互数据包发送到源接入交换机。The core switch is further configured to: according to the destination host IP and the destination host host routing table in the feedback interaction data packet, determine that the source host belongs to the source access switch, and modify the source host MAC address of the feedback interaction data packet to the proxy MAC address. The destination host MAC address is modified to the real MAC address of the source host, and the modified feedback interactive data packet is sent to the source access switch.
源接入交换机还设置为:根据目的主机MAC地址、和目的主机二层转发表将反馈的交互数据包发送到源主机。The source access switch is further configured to: send the feedback interaction data packet to the source host according to the destination host MAC address and the destination host layer 2 forwarding table.
在本发明实施例中,代理MAC地址包括:全局唯一代理MAC地址、或 者针对相应的交换机生成的专属代理MAC地址。In the embodiment of the present invention, the proxy MAC address includes: a globally unique proxy MAC address, or The unique proxy MAC address generated for the corresponding switch.
一种计算机可读存储介质,存储有计算机可执行指令,所述计算机可执行指令被处理器执行时实现所述的软件定义网络SDN二层转发方法。A computer readable storage medium storing computer executable instructions that, when executed by a processor, implement the software defined network SDN Layer 2 forwarding method.
综上所述,通过借用代理MAC地址的方式避免交换机上主机MAC地址转发表的暴涨,同时能够减少交换机转发表所大量占用的存储空间,减小交换机查找转发表的规模,提高交换机查表转发报文的性能,降低维护转发表的难度和工作量。In summary, by borrowing the proxy MAC address, the host MAC address forwarding table on the switch can be prevented from skyrocketing. At the same time, the storage space occupied by the switch forwarding table can be reduced, the scale of the switch looking for the forwarding table can be reduced, and the switch table forwarding can be improved. The performance of the message reduces the difficulty and workload of maintaining the forwarding table.
显然,本领域的技术人员可以对本发明进行多种改动和变型而不脱离本发明实施例的精神和范围。这样,如果本发明实施例的这些修改和变型属于本发明实施例权利要求及其等同技术的范围之内,则本发明实施例也意图包含这些改动和变型在内。It is apparent that those skilled in the art can make various modifications and variations to the invention without departing from the spirit and scope of the embodiments of the invention. Therefore, it is intended that the present invention cover the modifications and variations of the embodiments of the present invention.
在此提供的算法和显示不与任何特定计算机、虚拟系统或者其它设备固有相关。每种通用系统也可以与基于在此的示教一起使用。根据上面的描述,构造这类系统所要求的结构是显而易见的。此外,本发明实施例也不针对任何特定编程语言。应当明白,可以利用多种编程语言实现在此描述的本发明实施例的内容,并且上面对特定语言所做的描述是为了披露本发明可选实施方式。The algorithms and displays provided herein are not inherently related to any particular computer, virtual system, or other device. Each general purpose system can also be used with teaching based on the teachings herein. The structure required to construct such a system is apparent from the above description. Moreover, embodiments of the invention are not directed to any particular programming language. It will be appreciated that the teachings of the embodiments of the invention described herein may be implemented in a variety of programming languages, and that the description of the specific language is described above to disclose alternative embodiments of the invention.
在此处所提供的说明书中,说明了大量具体细节。然而,能够理解,本发明的实施例可以在没有这些细节的情况下实践。在一些实例中,并未详细示出公知的方法、结构和技术,以便不模糊对本说明书的理解。In the description provided herein, numerous specific details are set forth. However, it can be appreciated that embodiments of the invention may be practiced without these details. In some instances, well-known methods, structures, and techniques are not shown in detail so as not to obscure the understanding of the description.
类似地,应当理解,为了精简本公开并帮助理解每个发明实施例方面中的一个或多个,在上面对本发明实施例的描述中,本发明实施例的每个特征有时被一起分组到单个实施例、图、或者对其的描述中。然而,并不应将该公开的方法解释成反映如下意图:即所要求保护的本发明实施例要求比在每个权利要求中所明确记载的特征更多的特征。更确切地说,如下面的权利要求书所反映的那样,发明实施例方面在于少于前面公开的单个实施例的所有特征。因此,遵循实施方式的权利要求书由此明确地并入该实施方式,其中每个权利要求本身都作为本发明实施例的单独实施例。 Similarly, in order to simplify the present disclosure and to assist in understanding one or more of the various embodiments of the present invention, in the above description of the embodiments of the present invention, each feature of the embodiments of the present invention is sometimes grouped together into a single Embodiments, figures, or descriptions thereof. However, the method disclosed is not to be interpreted as reflecting the intention that the claimed embodiments of the invention are claimed. Rather, as the following claims reflect, inventive aspects are less than all features of the single embodiments disclosed above. Therefore, the claims following the embodiments are hereby explicitly incorporated into the embodiments, and each of the claims is a separate embodiment of the embodiments of the invention.
本领域那些技术人员可以理解,可以对实施例中的客户端中的模块进行自适应性地改变并且把它们设置在与该实施例不同的一个或多个客户端中。可以把实施例中的模块组合成一个模块,以及此外可以把它们分成多个子模块或子单元或子组件。除了这样的特征和/或过程或者单元中的至少一些是相互排斥之外,可以采用任何组合对本说明书(包括伴随的权利要求、摘要和附图)中公开的所有特征以及如此公开的任何方法或者客户端的所有过程或单元进行组合。除非另外明确陈述,本说明书(包括伴随的权利要求、摘要和附图)中公开的每个特征可以由提供相同、等同或相似目的的替代特征来代替。Those skilled in the art will appreciate that the modules in the client in the embodiment can be adaptively changed and placed in one or more clients different from the embodiment. The modules in the embodiments can be combined into one module, and further they can be divided into a plurality of sub-modules or sub-units or sub-components. In addition to such features and/or at least some of the processes or units being mutually exclusive, any combination of the features disclosed in the specification, including the accompanying claims, the abstract and the drawings, and any methods so disclosed, or All processes or units of the client are combined. Each feature disclosed in this specification (including the accompanying claims, the abstract and the drawings) may be replaced by alternative features that provide the same, equivalent or similar purpose.
此外,本领域的技术人员能够理解,尽管在此所述的一些实施例包括其它实施例中所包括的某些特征而不是其它特征,但是不同实施例的特征的组合意味着处于本发明实施例的范围之内并且形成不同的实施例。例如,在下面的权利要求书中,所要求保护的实施例的任意之一都可以以任意的组合方式来使用。Moreover, those skilled in the art will appreciate that, although some embodiments described herein include certain features that are included in other embodiments and not in other features, combinations of features of the different embodiments are implied in the embodiments of the invention. Different embodiments are formed within the scope of the invention. For example, in the following claims, any one of the claimed embodiments can be used in any combination.
本发明实施例的每个部件实施例可以以硬件实现,或者以在一个或者多个处理器上运行的软件模块实现,或者以它们的组合实现。本领域的技术人员应当理解,可以在实践中使用微处理器或者数字信号处理器(DSP)来实现根据本发明实施例的加载有排序网址的客户端中的一些或者全部部件的一些或者全部功能。本发明实施例还可以实现为用于执行这里所描述的方法的一部分或者全部的设备或者装置程序(例如,计算机程序和计算机程序产品)。这样的实现本发明实施例的程序可以存储在计算机可读介质上,或者可以具有一个或者多个信号的形式。这样的信号可以从因特网网站上下载得到,或者在载体信号上提供,或者以任何其他形式提供。Each component embodiment of an embodiment of the invention may be implemented in hardware, or in a software module running on one or more processors, or in a combination thereof. Those skilled in the art will appreciate that a microprocessor or digital signal processor (DSP) may be used in practice to implement some or all of the functionality of some or all of the components loaded with the ordered web address in accordance with an embodiment of the present invention. . Embodiments of the invention may also be implemented as a device or device program (e.g., a computer program and a computer program product) for performing some or all of the methods described herein. Such a program implementing an embodiment of the invention may be stored on a computer readable medium or may be in the form of one or more signals. Such signals may be downloaded from an Internet website, provided on a carrier signal, or provided in any other form.
应该注意的是上述实施例对本发明实施例进行说明而不是对本发明实施例进行限制,并且本领域技术人员在不脱离所附权利要求的范围的情况下可设计出替换实施例。在权利要求中,不应将位于括号之间的任何参考符号构造成对权利要求的限制。单词“包含”不排除存在未列在权利要求中的元件或步骤。位于元件之前的单词“一”或“一个”不排除存在多个这样的元件。本发明实施例可以借助于包括有多个不同元件的硬件以及借助于适当编程的计算 机来实现。在列举了多个装置的单元权利要求中,这些装置中的多个可以是通过同一个硬件项来体现。单词第一、第二、以及第三等的使用不表示任何顺序。可将这些单词解释为名称。It should be noted that the above-described embodiments are illustrative of the embodiments of the present invention and are not intended to limit the embodiments of the present invention, and those skilled in the art can devise alternative embodiments without departing from the scope of the appended claims. In the claims, any reference signs placed between parentheses shall not be construed as a limitation. The word "comprising" does not exclude the presence of the elements or steps that are not recited in the claims. The word "a" or "an" Embodiments of the invention may be implemented by means of hardware comprising a plurality of different elements and by means of suitably programmed calculations Machine to achieve. In the unit claims enumerating several means, several of these means can be embodied by the same hardware item. The use of the words first, second, and third does not indicate any order. These words can be interpreted as names.
工业实用性Industrial applicability
通过借用代理MAC地址的方式避免交换机上主机MAC地址转发表的暴涨,同时能够减少交换机转发表所大量占用的存储空间,减小交换机查找转发表的规模,提高交换机查表转发报文的性能,降低维护转发表的难度和工作量。 By borrowing the proxy MAC address, the MAC address forwarding table of the switch can be prevented from increasing rapidly. At the same time, the storage space occupied by the switch forwarding table can be reduced, and the switch can find the size of the forwarding table and improve the performance of the switch to forward packets. Reduce the difficulty and workload of maintaining the forwarding table.

Claims (13)

  1. 一种软件定义网络SDN二层转发方法,包括:A software-defined network SDN Layer 2 forwarding method includes:
    控制器向源主机进行地址解析协议APR代答时,将发送到所述源主机的ARP应答中的目的主机媒体访问控制MAC地址设置为预先生成的代理MAC地址;When the controller performs address resolution protocol APR pickup on the source host, the destination host media access control MAC address in the ARP reply sent to the source host is set to a pre-generated proxy MAC address;
    所述源主机和目的主机将所述代理MAC地址作为目的主机MAC地址对交互数据包进行封装,并发送到交换机;The source host and the destination host encapsulate the interaction data packet with the proxy MAC address as the destination host MAC address, and send the data packet to the switch;
    所述交换机根据所述控制器发送的转发表对封装有所述代理MAC地址的交互数据包在源主机和目的主机之间进行转发,其中,所述转发表用于指示封装有所述代理MAC地址的ICMP三层数据包的转发路径。The switch forwards the interaction data packet encapsulating the proxy MAC address between the source host and the destination host according to the forwarding table sent by the controller, where the forwarding table is used to indicate that the proxy MAC is encapsulated. The forwarding path of the ICMP Layer 3 packet of the address.
  2. 如权利要求1所述的SDN二层转发方法,所述方法还包括:在控制器向源主机进行APR代答之前,控制器通过源接入交换机接收所述源接入交换机所属的源主机发送的ARP请求,根据所述ARP请求中的目的主机MAC地址查询本地保存的ARP表,判断所述ARP表中是否记录有所述目的主机MAC地址,如果判定所述ARP表中记录有所述目的主机MAC地址,则向所述源主机进行APR代答,如果判定所述ARP表中没有记录所述目的主机MAC地址,则将所述ARP请求进行广播。The SDN Layer 2 forwarding method according to claim 1, further comprising: before the controller performs APR pickup to the source host, the controller receives, by the source access switch, the source host to which the source access switch belongs The ARP request is configured to query the locally saved ARP table according to the destination host MAC address in the ARP request, and determine whether the destination host MAC address is recorded in the ARP table, and if it is determined that the destination is recorded in the ARP table. The host MAC address is forwarded to the source host by APR. If it is determined that the destination host MAC address is not recorded in the ARP table, the ARP request is broadcast.
  3. 如权利要求2所述的SDN二层转发方法,所述方法还包括:在控制器将所述ARP请求进行广播之后,控制器根据所述ARP请求中携带源主机MAC地址进行SPF计算并获取源主机路径,向所述源主机路径上的所有接入交换机下发对应源主机的源主机二层转发表,并向所述源主机路径上的核心交换机下发对应源主机的源主机主机路由表,其中,所述源主机二层转发表用于根据目的主机MAC地址指示交互数据包的转发路径,所述源主机主机路由表用于根据目的主机IP地址指示交互数据包的转发路径;The SDN layer 2 forwarding method of claim 2, the method further comprising: after the controller broadcasts the ARP request, the controller performs SPF calculation and acquires a source according to the source host MAC address in the ARP request. The source path sends a source host L2 forwarding table of the source host to all the access switches on the source host path, and delivers the source host host routing table of the corresponding source host to the core switch on the source host path. The source host Layer 2 forwarding table is configured to indicate a forwarding path of the interaction data packet according to the destination host MAC address, where the source host host routing table is configured to indicate a forwarding path of the interaction data packet according to the destination host IP address;
    控制器接收目的主机发送的ARP应答,根据所述ARP应答中携带的源主机MAC地址进行SPF计算并获取目的主机路径,向所述目的主机路径上的核心交换机下发对应目的主机的目的主机主机路由表,并向所述目的主机路径上的所有接入交换机下发对应目的主机的目的主机二层转发表,其中, 所述目的主机二层转发表用于根据目的主机MAC地址指示交互数据包的转发路径,所述目的主机主机路由表用于根据目的主机IP地址指示交互数据包的转发路径;The controller receives the ARP response sent by the destination host, performs SPF calculation according to the source host MAC address carried in the ARP response, and obtains the destination host path, and delivers the destination host host corresponding to the destination host to the core switch on the destination host path. Routing the routing table, and delivering the destination host Layer 2 forwarding table of the destination host to all the access switches on the destination host path, where The destination host Layer 2 forwarding table is configured to indicate a forwarding path of the interaction data packet according to the destination host MAC address, where the destination host host routing table is configured to indicate a forwarding path of the interaction data packet according to the destination host IP address;
    所述控制器根据所述ARP应答中携带的所述目的主机MAC地址,向所述源主机进行APR代答,并将所述目的主机MAC地址保存到所述ARP表中。The controller performs APR pickup on the source host according to the destination host MAC address carried in the ARP response, and saves the destination host MAC address in the ARP table.
  4. 如权利要求3所述的SDN二层转发方法,其中,所述源主机将所述代理MAC地址作为目的主机MAC地址对交互数据包进行封装,并发送到交换机包括:The SDN Layer 2 forwarding method according to claim 3, wherein the source host encapsulates the interactive data packet by using the proxy MAC address as the destination host MAC address, and sends the data packet to the switch, including:
    所述源主机接收所述控制器发送的ARP应答,将所述代理MAC地址作为目的主机MAC地址;The source host receives an ARP response sent by the controller, and uses the proxy MAC address as a destination host MAC address;
    所述源主机向目的主机发送所述交互数据包,其中,所述交互数据包的目的主机MAC地址为所述代理MAC地址;The source host sends the interaction data packet to the destination host, where the destination host MAC address of the interaction data packet is the proxy MAC address;
    所述方法还包括:所述目的主机向所述源主机反馈交互数据包,其中,反馈的交互数据包中的目的主机MAC为所述代理MAC地址。The method further includes: the destination host feeding back an interaction data packet to the source host, where the destination host MAC in the feedback interaction data packet is the proxy MAC address.
  5. 如权利要求4所述的SDN二层转发方法,其中,所述交换机根据所述控制器发送的转发表对封装有所述代理MAC地址的交互数据包在源主机和目的主机之间进行转发包括:The SDN Layer 2 forwarding method according to claim 4, wherein the switch forwards the interactive data packet encapsulating the proxy MAC address between the source host and the destination host according to the forwarding table sent by the controller, including :
    所述源接入交换机接收到所述交互数据包,根据所述源主机二层转发表和所述代理MAC地址,将所述交互数据包转发到相应的核心交换机;Receiving, by the source access switch, the interaction data packet, and forwarding the interaction data packet to a corresponding core switch according to the source host layer 2 forwarding table and the proxy MAC address;
    所述核心交换机根据所述交互数据包中的目的主机IP地址和所述源主机主机路由表,确定所述目的主机归属的目的接入交换机,将所述交互数据包的源主机MAC地址修改为所述代理MAC地址,目的主机MAC地址修改为所述目的主机的真实MAC地址,并将修改后的所述交互数据包发送到所述目的接入交换机;The core switch determines, according to the destination host IP address in the interaction data packet and the source host host routing table, the destination access switch to which the destination host belongs, and modifies the source host MAC address of the interaction data packet to The proxy MAC address, the destination host MAC address is modified to the real MAC address of the destination host, and the modified interactive data packet is sent to the destination access switch;
    所述目的接入交换机根据所述目的主机MAC地址和所述源主机二层转发表将所述交互数据包发送到所述目的主机;The destination access switch sends the interaction data packet to the destination host according to the destination host MAC address and the source host layer 2 forwarding table;
    所述目的接入交换机接收所述目的主机反馈的交互数据包,其中,所述反馈的交互数据包中的目的主机MAC为所述代理MAC地址; The destination access switch receives the interaction data packet fed back by the destination host, where the destination host MAC in the feedback interaction data packet is the proxy MAC address;
    所述目的接入交换接根据所述代理MAC地址和所述目的主机二层转发表将所述反馈的交互数据包发送到对应的核心交换机;Transmitting, by the destination access switch, the feedback interaction data packet to the corresponding core switch according to the proxy MAC address and the destination host Layer 2 forwarding table;
    所述核心交换机根据所述反馈的交互数据包中的目的主机IP和所述目的主机主机路由表,确定所述源主机归属于源接入交换机,将反馈的交互数据包的源主机MAC地址修改为所述代理MAC地址,目的主机MAC地址修改为源主机真实的MAC地址,并将修改后的所述反馈的交互数据包发送到所述源接入交换机;The core switch determines that the source host belongs to the source access switch according to the destination host IP and the destination host host routing table in the feedback interaction data packet, and modifies the source host MAC address of the feedback interaction data packet. For the proxy MAC address, the destination host MAC address is modified to be the real MAC address of the source host, and the modified interactive data packet is sent to the source access switch;
    所述源接入交换机根据所述目的主机MAC地址和所述目的主机二层转发表将所述反馈的交互数据包发送到所述源主机。The source access switch sends the feedback interaction data packet to the source host according to the destination host MAC address and the destination host layer 2 forwarding table.
  6. 如权利要求1所述的SDN二层转发方法,其中,所述代理MAC地址包括:全局唯一代理MAC地址、或者针对相应的交换机生成的专属代理MAC地址。The SDN Layer 2 forwarding method of claim 1, wherein the proxy MAC address comprises: a globally unique proxy MAC address, or a dedicated proxy MAC address generated for a corresponding switch.
  7. 一种软件定义网络SDN二层转发系统,包括:控制器、源主机、目的主机和交换机;A software-defined network SDN Layer 2 forwarding system includes: a controller, a source host, a destination host, and a switch;
    所述控制器,设置为在向源主机进行地址解析协议APR代答时,将发送到所述源主机的ARP应答中的目的主机媒体访问控制MAC地址设置为预先生成的代理MAC地址;The controller is configured to: when performing address resolution protocol APR pickup to the source host, set a destination host media access control MAC address in an ARP response sent to the source host to a pre-generated proxy MAC address;
    所述源主机,设置为将所述代理MAC地址作为目的主机MAC地址对交互数据包进行封装,并发送到交换机;The source host is configured to encapsulate the interaction data packet by using the proxy MAC address as a destination host MAC address, and send the data packet to the switch;
    所述目的主机,设置为将所述代理MAC地址作为目的主机MAC地址对交互数据包进行封装,并发送到交换机;The destination host is configured to encapsulate the interaction data packet by using the proxy MAC address as a destination host MAC address, and send the data packet to the switch;
    所述交换机,设置为根据所述控制器发送的转发表对封装有所述代理MAC地址的交互数据包在源主机和目的主机之间进行转发,其中,所述转发表用于指示封装有所述代理MAC地址的ICMP三层数据包的转发路径。The switch is configured to forward, according to the forwarding table sent by the controller, an interaction data packet encapsulating the proxy MAC address between the source host and the destination host, where the forwarding table is used to indicate that the encapsulation is The forwarding path of the ICMP Layer 3 packet of the proxy MAC address.
  8. 如权利要求7所述的SDN二层转发系统,所述控制器还设置为:在向源主机进行APR代答之前,通过源接入交换机接收所述源接入交换机所属的源主机发送的ARP请求,根据所述ARP请求中的目的主机MAC地址查询本地保存的ARP表,判断所述ARP表中是否记录有所述目的主机MAC地址, 如果判定所述ARP表中记录有所述目的主机MAC地址,则向所述源主机进行APR代答,如果判定所述ARP表中没有记录所述目的主机MAC地址,则将所述ARP请求进行广播。The SDN Layer 2 forwarding system of claim 7, wherein the controller is further configured to: before the APR pickup of the source host, receive, by the source access switch, the ARP sent by the source host to which the source access switch belongs And requesting, according to the destination host MAC address in the ARP request, querying the locally saved ARP table, and determining whether the destination host MAC address is recorded in the ARP table, If it is determined that the destination host MAC address is recorded in the ARP table, performing APR pickup on the source host, and if it is determined that the destination host MAC address is not recorded in the ARP table, performing the ARP request broadcast.
  9. 如权利要求8所述的SDN二层转发系统,所述控制器还设置为:The SDN Layer 2 forwarding system of claim 8, wherein the controller is further configured to:
    将所述ARP请求进行广播之后,根据所述ARP请求中携带源主机MAC地址进行SPF计算并获取源主机路径,向所述源主机路径上的所有接入交换机下发对应源主机的源主机二层转发表,并向所述源主机路径上的核心交换机下发对应源主机的源主机主机路由表,其中,所述源主机二层转发表用于根据目的主机MAC地址指示交互数据包的转发路径,所述源主机主机路由表用于根据目的主机IP地址指示交互数据包的转发路径;After the ARP request is broadcast, the source host MAC address is carried in the ARP request to perform the SPF calculation, and the source host path is obtained, and the source host corresponding to the source host is delivered to all access switches on the source host path. The layer forwarding table sends a source host host routing table corresponding to the source host to the core switch on the source host path, where the source host Layer 2 forwarding table is used to indicate the forwarding of the interactive data packet according to the destination host MAC address. a path, the source host host routing table is configured to indicate a forwarding path of the interaction data packet according to the destination host IP address;
    接收目的主机发送的ARP应答,根据所述ARP应答中携带的源主机MAC地址进行SPF计算并获取目的主机路径,向所述目的主机路径上的核心交换机下发对应目的主机的目的主机主机路由表,并向所述目的主机路径上的所有接入交换机下发对应目的主机的目的主机二层转发表,其中,所述目的主机二层转发表用于根据目的主机MAC地址指示交互数据包的转发路径,所述目的主机主机路由表用于根据目的主机IP地址指示交互数据包的转发路径;Receiving an ARP response sent by the destination host, performing SPF calculation according to the source host MAC address carried in the ARP response, and obtaining a destination host path, and delivering a destination host host routing table to the core switch on the destination host path. And sending, to all access switches on the destination host path, a destination host Layer 2 forwarding table of the destination host, where the destination host Layer 2 forwarding table is configured to indicate the forwarding of the interactive data packet according to the destination host MAC address. a path, the destination host host routing table is configured to indicate a forwarding path of the interaction data packet according to the destination host IP address;
    根据所述ARP应答中携带的所述目的主机MAC地址,向所述源主机进行APR代答,并将所述目的主机MAC地址保存到所述ARP表中。And performing APR pickup on the source host according to the destination host MAC address carried in the ARP response, and saving the destination host MAC address in the ARP table.
  10. 如权利要求9所述的SDN二层转发系统,其特征在于,The SDN Layer 2 forwarding system according to claim 9, wherein:
    所述源主机将所述代理MAC地址作为目的主机MAC地址对交互数据包进行封装,并发送到交换机包括:The source host encapsulates the interaction data packet by using the proxy MAC address as the destination host MAC address, and sends the data packet to the switch, including:
    接收所述控制器发送的ARP应答,将所述代理MAC地址作为目的主机MAC地址;向目的主机发送所述交互数据包,其中,所述交互数据包的目的主机MAC地址为所述代理MAC地址;Receiving an ARP response sent by the controller, using the proxy MAC address as a destination host MAC address, and sending the interaction data packet to a destination host, where a destination host MAC address of the interaction data packet is the proxy MAC address ;
    所述目的主机还设置为:向源主机反馈交互数据包,其中,反馈的交互数据包中的目的主机MAC为所述代理MAC地址。The destination host is further configured to: feed back an interaction data packet to the source host, where the destination host MAC in the feedback interaction data packet is the proxy MAC address.
  11. 如权利要求10所述的SDN二层转发系统,其中,所述交换机包括: 源接入交换机、核心交换机和目的接入交换机;The SDN Layer 2 forwarding system of claim 10, wherein the switch comprises: The source access switch, the core switch, and the destination access switch;
    所述交换机根据所述控制器发送的转发表对封装有所述代理MAC地址的交互数据包在源主机和目的主机之间进行转发包括:Transmitting, by the switch, the interaction data packet encapsulating the proxy MAC address between the source host and the destination host according to the forwarding table sent by the controller includes:
    所述源接入交换机设置为:接收到所述交互数据包,根据所述源主机二层转发表和所述代理MAC地址,将所述交互数据包转发到相应的核心交换机;The source access switch is configured to: receive the interaction data packet, forward the interaction data packet to a corresponding core switch according to the source host layer 2 forwarding table and the proxy MAC address;
    所述核心交换机设置为:根据所述交互数据包中的目的主机IP地址和所述源主机主机路由表,确定所述目的主机归属的目的接入交换机,将所述交互数据包的源主机MAC地址修改为所述代理MAC地址,目的主机MAC地址修改为所述目的主机的真实MAC地址,并将修改后的所述交互数据包发送到所述目的接入交换机;The core switch is configured to determine, according to the destination host IP address in the interaction data packet and the source host host routing table, a destination access switch to which the destination host belongs, and a source host MAC of the interaction data packet. The address is modified to the proxy MAC address, the destination host MAC address is modified to the real MAC address of the destination host, and the modified interactive data packet is sent to the destination access switch;
    所述目的接入交换机设置为:根据所述目的主机MAC地址和所述源主机二层转发表将所述交互数据包发送到所述目的主机;接收所述目的主机反馈的交互数据包,其中,所述反馈的交互数据包中的目的主机MAC为所述代理MAC地址;根据所述代理MAC地址和所述目的主机二层转发表将所述反馈的交互数据包发送到对应的核心交换机;The destination access switch is configured to: send the interaction data packet to the destination host according to the destination host MAC address and the source host layer 2 forwarding table; and receive an interaction data packet fed back by the destination host, where The destination host MAC in the feedback interaction data packet is the proxy MAC address; the feedback interaction data packet is sent to the corresponding core switch according to the proxy MAC address and the destination host layer 2 forwarding table;
    所述核心交换机还设置为:根据所述反馈的交互数据包中的目的主机IP和所述目的主机主机路由表,确定所述源主机归属于源接入交换机,将反馈的交互数据包的源主机MAC地址修改为所述代理MAC地址,目的主机MAC地址修改为源主机真实的MAC地址,并将修改后的所述反馈的交互数据包发送到所述源接入交换机;The core switch is further configured to: determine, according to the destination host IP and the destination host host routing table in the feedback interaction data packet, that the source host belongs to the source access switch, and the source of the feedback interaction data packet is to be fed back The host MAC address is modified to the proxy MAC address, the destination host MAC address is modified to be the real MAC address of the source host, and the modified interactive data packet is sent to the source access switch.
    所述源接入交换机还设置为:根据所述目的主机MAC地址和所述目的主机二层转发表将所述反馈的交互数据包发送到所述源主机。The source access switch is further configured to: send the feedback interaction data packet to the source host according to the destination host MAC address and the destination host layer 2 forwarding table.
  12. 如权利要求7所述的SDN二层转发系统,其中,所述代理MAC地址包括:全局唯一代理MAC地址、或者针对相应的交换机生成的专属代理MAC地址。The SDN Layer 2 forwarding system of claim 7 wherein said proxy MAC address comprises: a globally unique proxy MAC address or a dedicated proxy MAC address generated for a respective switch.
  13. 一种计算机可读存储介质,存储有计算机可执行指令,所述计算机可执行指令被处理器执行时实现权利要求1至6任意一项所述的软件定义网络SDN二层转发方法。 A computer readable storage medium storing computer executable instructions, the computer executable instructions being executed by a processor to implement the software defined network SDN layer 2 forwarding method of any one of claims 1 to 6.
PCT/CN2016/090310 2016-03-10 2016-07-18 Sdn layer-2 forwarding method and system WO2017152563A1 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
CN201610132969.3 2016-03-10
CN201610132969.3A CN107181681B (en) 2016-03-10 2016-03-10 SDN two-layer forwarding method and system

Publications (1)

Publication Number Publication Date
WO2017152563A1 true WO2017152563A1 (en) 2017-09-14

Family

ID=59788869

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2016/090310 WO2017152563A1 (en) 2016-03-10 2016-07-18 Sdn layer-2 forwarding method and system

Country Status (2)

Country Link
CN (1) CN107181681B (en)
WO (1) WO2017152563A1 (en)

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN111988439A (en) * 2019-05-21 2020-11-24 深信服科技股份有限公司 ARP request suppression system, method, equipment and storage medium
US11329917B2 (en) 2019-01-17 2022-05-10 Telia Company Ab Methods and apparatuses for switching frames in a network topology

Families Citing this family (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN110224942B (en) * 2018-03-01 2023-08-04 中兴通讯股份有限公司 Message processing method, device and storage medium
CN111147372B (en) 2018-11-05 2021-05-18 华为技术有限公司 Downlink message sending and forwarding method and device
CN109710423B (en) * 2018-12-11 2020-11-03 上海云轴信息科技有限公司 Method and equipment for communication between virtual machines
CN113098784B (en) * 2021-03-30 2022-05-27 南京创网网络技术有限公司 Distributed shunt based on SDN architecture and creation method thereof

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101577722A (en) * 2009-06-03 2009-11-11 中兴通讯股份有限公司 Method for realizing MAC forced forwarding function and device
CN102201963A (en) * 2010-03-22 2011-09-28 杭州华三通信技术有限公司 Media access control-forced forwarding method and functional unit
CN103404084A (en) * 2012-11-21 2013-11-20 华为技术有限公司 MAC address forced forwarding device and method
US20140056299A1 (en) * 2012-08-24 2014-02-27 Fujitsu Limited Information processing system, relay device, information processing device, and information processing method

Family Cites Families (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103139075B (en) * 2013-03-13 2016-01-20 杭州华三通信技术有限公司 A kind of message transmitting method and equipment
CN104113474B (en) * 2013-04-22 2017-08-29 华为技术有限公司 Generation method, controller and the system of forward-path
US9426060B2 (en) * 2013-08-07 2016-08-23 International Business Machines Corporation Software defined network (SDN) switch clusters having layer-3 distributed router functionality
WO2015100656A1 (en) * 2013-12-31 2015-07-09 华为技术有限公司 Method and device for implementing virtual machine communication
CN104219340B (en) * 2014-09-25 2018-01-09 新华三技术有限公司 A kind of arp reply Proxy Method and device
CN104301451B (en) * 2014-10-17 2019-03-01 福建星网锐捷网络有限公司 A kind of cross-network segment host communication method, apparatus and system
CN105007224B (en) * 2015-07-28 2018-06-15 清华大学 A kind of SDN network and IP network interconnected communication system, communication means
CN105245632B (en) * 2015-10-16 2018-08-14 电子科技大学 A kind of different segment inter-host communication method in SDN network

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101577722A (en) * 2009-06-03 2009-11-11 中兴通讯股份有限公司 Method for realizing MAC forced forwarding function and device
CN102201963A (en) * 2010-03-22 2011-09-28 杭州华三通信技术有限公司 Media access control-forced forwarding method and functional unit
US20140056299A1 (en) * 2012-08-24 2014-02-27 Fujitsu Limited Information processing system, relay device, information processing device, and information processing method
CN103404084A (en) * 2012-11-21 2013-11-20 华为技术有限公司 MAC address forced forwarding device and method

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US11329917B2 (en) 2019-01-17 2022-05-10 Telia Company Ab Methods and apparatuses for switching frames in a network topology
CN111988439A (en) * 2019-05-21 2020-11-24 深信服科技股份有限公司 ARP request suppression system, method, equipment and storage medium

Also Published As

Publication number Publication date
CN107181681B (en) 2022-02-25
CN107181681A (en) 2017-09-19

Similar Documents

Publication Publication Date Title
US11962501B2 (en) Extensible control plane for network management in a virtual infrastructure environment
WO2017152563A1 (en) Sdn layer-2 forwarding method and system
US9621373B2 (en) Proxy address resolution protocol on a controller device
US9281955B2 (en) Interoperability of data plane based overlays and control plane based overlays in a network environment
US10541913B2 (en) Table entry in software defined network
US10216853B2 (en) Method and system for implementing a VXLAN control plane
US20150358232A1 (en) Packet Forwarding Method and VXLAN Gateway
CN107547349B (en) Virtual machine migration method and device
US10419361B2 (en) Interworking between physical network and virtual network
US20170237655A1 (en) Forwarding Data Packets In Software Defined Networks
US20150281075A1 (en) Method and apparatus for processing address resolution protocol (arp) packet
WO2018059026A1 (en) Communication method and device
EP2687982A1 (en) Hierarchical system for managing a plurality of virtual machines, method and computer program
US10530735B2 (en) Pro-active mechanism to detect LISP movable silent host
US10680938B2 (en) Method and apparatus for information centric networking (ICN) over locator/identifier separator protocol (LISP)
WO2017032251A1 (en) Virtual network management
US9641417B2 (en) Proactive detection of host status in a communications network
US9929941B2 (en) Fast convergence for redundant edge devices
WO2016115698A1 (en) Data packet forwarding method, apparatus and device
US9130938B2 (en) Method, switch, and system for processing a message
EP3542518A1 (en) Enabling connections in a content centric network
CN107547691B (en) Address resolution protocol message proxy method and device
US20130230053A1 (en) System and Method for Facilitating Communication
US9763135B1 (en) Load balancing with mobile resources
US20160330166A1 (en) Address Acquiring Method and Network Virtualization Edge Device

Legal Events

Date Code Title Description
NENP Non-entry into the national phase

Ref country code: DE

121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 16893208

Country of ref document: EP

Kind code of ref document: A1

122 Ep: pct application non-entry in european phase

Ref document number: 16893208

Country of ref document: EP

Kind code of ref document: A1