WO2017215483A1 - Système de réseau social et procédé et système de partage de réseau - Google Patents

Système de réseau social et procédé et système de partage de réseau Download PDF

Info

Publication number
WO2017215483A1
WO2017215483A1 PCT/CN2017/087179 CN2017087179W WO2017215483A1 WO 2017215483 A1 WO2017215483 A1 WO 2017215483A1 CN 2017087179 W CN2017087179 W CN 2017087179W WO 2017215483 A1 WO2017215483 A1 WO 2017215483A1
Authority
WO
WIPO (PCT)
Prior art keywords
network
tenant
virtual machine
nat
management terminal
Prior art date
Application number
PCT/CN2017/087179
Other languages
English (en)
Chinese (zh)
Inventor
徐昊
蒋天超
刘波
杨开印
Original Assignee
中兴通讯股份有限公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 中兴通讯股份有限公司 filed Critical 中兴通讯股份有限公司
Publication of WO2017215483A1 publication Critical patent/WO2017215483A1/fr

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/10Protocols in which an application is distributed across nodes in the network
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L61/00Network arrangements, protocols or services for addressing or naming
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L61/00Network arrangements, protocols or services for addressing or naming
    • H04L61/09Mapping addresses
    • H04L61/25Mapping addresses of the same type
    • H04L61/2503Translation of Internet protocol [IP] addresses
    • H04L61/2521Translation architectures other than single NAT servers
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/10Protocols in which an application is distributed across nodes in the network
    • H04L67/1095Replication or mirroring of data, e.g. scheduling or transport for data synchronisation between network nodes

Definitions

  • This document relates to, but is not limited to, the field of cloud virtual network communication, and in particular, to a networking system, a network sharing method and system.
  • a tenant's limitation on the network topology cannot meet the current requirements.
  • a tenant creates a route and binds it.
  • To set the external gateway choose whether to go through NAT mode (Network Address Translation) or non-NAT mode.
  • NAT mode Network Address Translation
  • non-NAT mode Network Address Translation
  • a tenant can only create a network mode route.
  • the routing mode that is, NAT and non-NAT compatibility, cannot meet the requirements under the traditional virtualized network architecture.
  • the embodiments of the present invention provide a networking system, a network sharing method, and a system, which are compatible with two networks in one tenant.
  • An embodiment of the present invention provides a networking system, including a management end and at least one tenant end, where the tenant end includes at least one virtual machine.
  • Each of the tenants includes one of a NAT mode network and a non-NAT mode network
  • the management end includes at least one of the two networks, and the tenant is set to be at least one of the tenant terminals.
  • a virtual machine provides a network of the tenant, and the management end is configured to provide a network different from the tenant for at least one of the tenants.
  • the embodiment of the present invention further provides a network sharing system, including a management end and at least one tenant end, each tenant includes at least one virtual machine; each tenant establishes a NAT mode network and a non-NAT mode network. a network in which the management terminal establishes at least one of the two networks; the tenant is configured to provide the network of the tenant at least one virtual machine in the tenant, and the management terminal is set to At least one of the tenant terminals provides a network different from the tenant.
  • the embodiment of the present invention further provides a network sharing method, including:
  • Each tenant establishes one of a NAT mode network and a non-NAT mode network
  • the management terminal establishes at least one of the above two networks
  • the tenant provides a network of the tenant at least one virtual machine in the tenant, and the management provides a network different from the tenant in at least one virtual machine in the tenant.
  • the embodiment of the present invention provides a networking system, a network sharing method, and a system, where each tenant includes one of a NAT mode network and a non-NAT mode network, and the management end includes at least one of the foregoing two networks.
  • the tenant provides the network of the tenant at least one virtual machine in the tenant, and the management side provides the network different from the tenant for at least one virtual machine in the tenant.
  • the tenant has its own network and the network provided by the management terminal, which realizes compatibility between the two networks in one tenant, and improves the flexible application of the system.
  • FIG. 1 is a flowchart of a network sharing method according to an embodiment of the present invention
  • FIG. 2 is a schematic diagram of a network sharing system according to an embodiment of the present invention.
  • FIG. 3 is a flowchart of a method for establishing a NAT network in a tenant end according to an embodiment of the present invention
  • FIG. 4 is a method for creating a non-NAT network in a tenant end according to an embodiment of the present invention. flow chart;
  • FIG. 5 is a flowchart of a method for establishing a non-NAT network on a management end according to an embodiment of the present invention
  • FIG. 6 is a flowchart of a method for a management terminal to share a non-NAT network established to a tenant by using a management terminal according to an embodiment of the present invention
  • FIG. 7 is a flowchart of a method for establishing a NAT mode network on a tenant side according to an embodiment of the present invention
  • FIG. 8 is a schematic diagram of a network sharing system according to an embodiment of the present invention.
  • Embodiments of the present invention consider that in a network system, each tenant can only create one network in a NAT and non-NAT mode network; by creating a respective network on each tenant, creating at least one network on the management end, Then, each tenant provides the network of the tenant to the virtual machine in the tenant, and the management end provides the virtual machine in the tenant with a network different from the tenant, so that the virtual machine in the tenant can be implemented.
  • the network of the tenant interacts with the external network, or the network of the management end interacts with the external network, and the network of the tenant and the network of the management end are different, thereby achieving the purpose of compatibility between the two network modes and improving the flexible application of the system.
  • This embodiment provides a networking system, including a management end and at least one tenant end, where the tenant end includes at least one virtual machine.
  • Each tenant includes one of a NAT mode network and a non-NAT mode network.
  • the management end includes at least one of the two types of networks.
  • the tenant provides the tenant network for at least one virtual machine in the tenant.
  • the management terminal provides a network different from the tenant at least one virtual machine in the tenant.
  • a network system includes a management terminal and a tenant terminal; a tenant end corresponds to an independent hardware structure in which multiple virtual machines can be simulated, and A tenant includes a virtual machine. There can only be one mode in the network of this tenant, that is, only one of the NAT mode network and the non-NAT mode network.
  • a network in the NAT mode refers to a host that has been assigned a local IP (Internet Protocol) protocol in the private network.
  • IP Internet Protocol
  • a non-NAT mode network unlike NAT, the local IP address of the host in non-NAT mode can directly interact with the external network without source address translation.
  • the hosts in the NAT mode network and the non-NAT mode network have different local IP addresses, and the IP number segments of various uses in each area are related internationally.
  • a tenant includes any one of the above two modes.
  • the tenant can provide the network to the virtual machine in the tenant.
  • the virtual machine can interact with the external network in the network mode of the tenant.
  • the network mode of the management side includes at least one of a NAT mode and a non-NAT mode.
  • the management terminal selectively shares the network different from the tenant to the tenant according to the network of each tenant, so that the virtual machine in the tenant can interact with the external network through the network provided by the management terminal.
  • the management terminal can share the non-NAT mode network to the tenant; correspondingly, when the tenant includes the non-NAT mode network, the management terminal can share the NAT mode network to the tenant. .
  • the virtual machine in the tenant can interact with the external network through the network of the tenant, or interact with the external network through a network different from the tenant shared by the management terminal.
  • the network of each tenant in the embodiment is the same network.
  • the management end may only include a network different from the tenant.
  • the management terminal may only include a non-NAT mode network; when each tenant includes a non-NAT mode network, the management terminal may include only the NAT mode network.
  • the network of each tenant may include any one of two networks, that is, in the network of each tenant, there is a NAT mode network or a non-NAT mode network.
  • the network of the management side may also include two types of networks, including a NAT mode network and a non-NAT mode network.
  • Each virtual machine in the tenant can be provided through the network and/or management provided by the tenant.
  • the network different from this tenant interacts with the external network.
  • the virtual machine in the tenant can interact with the external network through the network of the tenant; in the second solution, the virtual machine in the tenant can pass through the network provided by the management terminal. The external network interacts.
  • the virtual machine in the tenant can interact with the external network through the network provided by the tenant and the network provided by the management terminal.
  • the solution 1 is a virtual machine in the tenant, and interacts with the external network according to the local IP address assigned by the tenant and the network mode of the tenant. If the mode is NAT, the source address is translated and the local IP address is converted.
  • Solution 2 For the public network IP that can interact with the Internet, and then interact with the external network; if it is in the non-NAT mode, it directly interacts with the external network according to the local IP address provided by the tenant.
  • Solution 2 The virtual machine in the tenant side interacts with the external network according to the IP address provided by the management terminal and the network mode of the management end. At this time, the tenant does not need to allocate a local IP address for the virtual machine; the third solution is the tenant.
  • the virtual machine in the end can interact with the external network through the local IP allocated by the tenant and the network mode of the tenant, or interact with the external network through the IP address provided by the management terminal and the network mode of the management end.
  • the virtual machine that can interact with the external network through the network of the tenant and the management end has at least the local IP provided by the tenant and the IP provided by the management end. Two different IPs interact with the external network according to different IP addresses and corresponding networks when interacting with the external network.
  • Each tenant includes its own virtual machine.
  • the management terminal can also include a virtual machine.
  • the management terminal can be a tenant. It has the same hardware structure as the tenant.
  • the management terminal can also include virtual machines. These virtual machines can interact with the external network through the management network.
  • the management terminal shares its own network different from the tenant to the tenant.
  • the tenant can also share the network of the tenant to other tenants or management terminals.
  • the management terminal is configured to provide a shared network for each tenant. For management purposes, the management terminal can provide different interfaces, and each of the tenants provides a network for the management end.
  • the management terminal can also have multiple, respectively. Provide different tenants with different networks than the tenant.
  • the embodiment provides a networking system, including a management terminal and at least one tenant.
  • the tenant includes at least one virtual machine.
  • the tenant has its own network and a network different from the tenant provided by the management terminal.
  • the tenant is compatible with both networks, which improves the flexible application of the system.
  • This embodiment provides a network sharing method. Referring to FIG. 1, the method includes:
  • the tenant provides a network of the tenant at least one virtual machine in the tenant, and the management end provides a network different from the tenant in the virtual machine of the tenant.
  • a network system includes a management terminal and a tenant; a tenant corresponds to an independent hardware structure in which multiple virtual machines can be simulated, and one tenant includes a virtual machine.
  • a tenant When a tenant establishes a network, it can only select one of the NAT mode and the non-NAT mode. That is, one tenant has only one network.
  • the tenant After a tenant establishes a network of any mode, the tenant provides the tenant network to at least one virtual machine in the tenant. That is, the virtual machine in the tenant can use the network mode of the tenant.
  • the network interacts.
  • the management side also establishes at least one of a network of a NAT mode and a non-NAT mode.
  • the management terminal selectively shares the network different from the tenant to the tenant according to the network of each tenant, so that the virtual machine in the tenant can pass the network provided by the management terminal. Interact with the external network.
  • the management terminal can share the non-NAT mode network to the tenant; correspondingly, when the tenant establishes a non-NAT mode network, the management terminal can set the NAT mode.
  • the network is shared with the tenant.
  • the timing between the establishment of the network between the tenant and the management terminal is not limited in this embodiment.
  • the network may be established on the tenant side, then the network may be established on the management end, or the network may be established on the management end first, and then established on the tenant side.
  • the network, or both, is possible in this embodiment.
  • the virtual machine in the tenant can interact with the external network through the network established by the tenant, and can also share the network different from the tenant through the management terminal.
  • the network interacts.
  • the networks established for each tenant in this embodiment are the same network, that is, the network in the NAT mode, or the network in the non-NAT mode. In this case, since the network modes of all tenants are the same, it is only necessary to establish another network different from the tenant for the management.
  • NAT is established on each tenant side.
  • the management terminal can only establish a non-NAT mode network; when each tenant establishes a non-NAT network, the management terminal can only establish a NAT mode network.
  • the network established here is different from the tenant in terms of the management end, it does not mean that the tenant establishes the network before the management establishes the network, nor can it be said that the tenant establishes the network after the network is established on the management side;
  • the order in which the tenant and the management end establishes the network may be arbitrary, as long as the management terminal can provide the tenant with a different network from the tenant after the network is established, and establish the network sequence with the tenant and the management end. There is no necessary connection.
  • the network established for each tenant may include any of the two networks, that is, in the network established by the tenant, there is a NAT mode network or a non-NAT mode network.
  • the network established for the management terminal may also include two types of networks, including a NAT mode network and a non-NAT mode network. Similar to the above situation, although the description is made here that the network is established for the tenant, and the management establishes the network, this does not limit the timing between the establishment of the network by the tenant and the establishment of the network by the management. The timing between the parties can be arbitrary.
  • each virtual machine in the tenant can interact with the external network through the network provided by the tenant and/or the network provided by the management terminal different from the tenant.
  • the virtual machine in the tenant can interact with the external network through the network of the tenant; in the second solution, the virtual machine in the tenant can pass through the network provided by the management terminal. The external network interacts.
  • the virtual machine in the tenant can interact with the external network through the network provided by the tenant and the network provided by the management terminal.
  • the solution 1 is a virtual machine in the tenant side, and interacts with the external network according to the local IP address assigned by the tenant and the network mode of the tenant.
  • the source address translation can be performed, and the local IP address is used. It is converted to a public network IP that can interact with the Internet, and then interacts with the external network; if it is in a non-NAT mode, it directly interacts with the external network according to the local IP address provided by the tenant.
  • Solution 2 The virtual machine in the tenant side interacts with the external network according to the IP address provided by the management terminal and the network mode of the management end. At this time, the tenant does not need to allocate a local IP address for the virtual machine; the third solution is the tenant.
  • the virtual machine in the end can interact with the external network through the local IP allocated by the tenant and the network mode of the tenant, or interact with the external network through the IP address provided by the management terminal and the network mode of the management end. Because the network mode of the tenant is different from the network mode provided by the management terminal, the virtual machine that can interact with the external network through the network of the tenant and the management end has at least the local IP provided by the tenant. And the IP provided by the management terminal, two different IPs, interact with the external network according to different IP addresses and corresponding networks when interacting with the external network.
  • Each tenant includes its own virtual machine.
  • the management terminal can also include a virtual machine.
  • the management terminal can be a tenant. It has the same hardware structure as the tenant.
  • the management terminal can also include virtual machines. These virtual machines can interact with the external network through the management network.
  • the management terminal shares its own network different from the tenant to the tenant.
  • the tenant can also share the network established by the tenant to other tenants or management terminals.
  • the management terminal is configured to provide a shared network for each tenant. For management purposes, the management terminal can provide different interfaces, and each of the tenants provides a network established by the management terminal.
  • the management terminal can also have multiple Provide different tenants with different networks than the tenant.
  • the embodiment provides a network sharing method, in which a network in a NAT and a non-NAT is established on the tenant, and at least one of a NAT and a non-NAT is established on the management end, and the tenant is in the tenant.
  • the virtual machine provides the network of the tenant
  • the management side provides a network different from the tenant in the virtual machine in the tenant, thereby implementing compatibility between the NAT mode network and the non-NAT mode network on the tenant, thereby improving the flexibility of the system.
  • Application Under the current openstack (OpenStack cloud computing management platform) technology, a hardware device (a tenant can only create a network mode route), so that its virtual machine can have a network of NAT and non-NAT coexistence, thereby reaching a tenant, two Network modes coexist.
  • OpenStack OpenStack cloud computing management platform
  • This embodiment provides a network sharing system. Referring to FIG. 2, the method includes:
  • each of the tenants 20 includes at least one virtual machine 202; each tenant 20 establishes one of a NAT mode network and a non-NAT mode network, and the management terminal 10 establishes the above two networks. At least one of the networks; the tenant 20 provides the network of the tenant 20 to the at least one virtual machine 202 of the tenant 20, and the management 10 provides the non-virtual machine 202 of the tenant 20 for the tenant. 20 networks.
  • a network system includes a management terminal 10 and a tenant terminal 20; a tenant terminal 20 corresponds to an independent hardware structure in which a plurality of virtual machines 202 can be simulated, and a tenant terminal 20 includes a virtual machine. 202.
  • a tenant 20 can only be in NAT mode when establishing a network. Select one of the non-NAT modes to create, that is, one tenant 20 has only one type of network.
  • the tenant 20 After a tenant 20 establishes a network of any mode, the tenant 20 provides the network of the tenant 20 to at least one virtual machine 202 of the tenant 20, that is, the virtual machine 202 in the tenant 20 can The network mode of the tenant 20 interacts with the external network.
  • the management terminal 10 can also establish at least one of a network of a NAT mode and a non-NAT mode. After the management terminal 10 establishes the network, the management terminal 10 selectively shares the network different from the tenant 20 to the tenant 20 according to the network of each tenant 20, so that the virtual machine in the tenant 20 202 can interact with the external network through the network provided by the management terminal 10. For example, when the tenant 20 establishes a NAT mode network, the management terminal 10 can share the non-NAT mode network to the tenant 20; correspondingly, when the tenant 20 establishes a non-NAT mode network, the management terminal 10 The NAT mode network can be shared to the tenant 20 .
  • the virtual machine 202 in the tenant 20 can interact with the external network through the network established by the tenant 20, and can also be shared by the management terminal 10.
  • the network at the tenant 20 interacts with the external network.
  • the network established by each tenant 20 in this embodiment is the same network. In this case, since the network modes of all the tenants 20 are the same, the tenant is established and tenant for the management terminal 10.
  • the other end of the network 20 can be another network.
  • the network established by each tenant 20 may include any one of two networks, that is, in the network established by the tenant 20, there is a NAT mode network or a non-NAT mode network.
  • the network established by the management terminal 10 may also include two types of networks, that is, both a NAT mode network and a non-NAT mode network.
  • the network establishment of the tenant 20 and the management 10 may be arbitrary in any of the above manners, and the order of execution is not limited in this embodiment.
  • each virtual machine 202 in the tenant 20 can be different from the tenant 20 provided by the network and/or the management terminal 10 provided by the tenant 20
  • the network interacts with the external network.
  • the virtual machine 202 in the tenant 20 can interact with the external network through the network of the tenant; in the second solution, the virtual machine 202 in the tenant 20 can pass through the management terminal. 10 provides a network to interact with the external network; scheme 3, the virtual machine 202 in the tenant 20 can be provided by the network provided by the tenant and the management terminal 10 The network interacts with the external network.
  • Each tenant 20 includes a respective virtual machine 202, and similarly, the management 10 may also include a virtual machine 202.
  • the management terminal 10 can be the tenant 20 and has the same hardware interface as the tenant 20, and the management terminal 10 can also include the virtual machine 202.
  • the virtual machine 202 can interact with the external network through the network of the management terminal 10.
  • the management terminal 10 shares its own network different from the tenant 20 to the tenant 20, and the tenant 20 can also share the network established by the tenant 20 to the other tenant 20 or the management terminal 10.
  • the management terminal 10 is configured to provide a shared network for each tenant 20.
  • the management terminal 10 can provide different interfaces, and each of the tenant terminals 20 is provided with a network established by the management terminal 10; There may also be more than 10, respectively providing different tenant terminals 20 with a different network than the tenant 20 .
  • the embodiment provides a network sharing system, including a management terminal and at least one tenant.
  • the tenant includes at least one virtual machine, and establishes at least one of NAT and non-NAT on the tenant, and establishes at least one on the management end.
  • Compatible with non-NAT mode networks improving the flexible application of the system.
  • This embodiment provides a method for establishing a NAT network in a tenant.
  • the method includes:
  • the NAT external network can interact with the Internet; the NAT internal network is a local area network, and cannot connect to the Internet without going through the NAT external network, but can only interact between nodes inside the NAT.
  • S302 Create a route in the tenant, connect the NAT internal network to the route, and bind the routed external gateway to the NAT external network.
  • routing is the path selection. Routers connect to multiple networks, so they must be gateways to multiple networks. After the external gateway of the route is bound to the external network of the NAT, the route can interact with the Internet; since the network of the tenant is a NAT network, the local IP cannot be The Internet interacts, so you can set SNAT (source address translation) to true, that is, source address translation.
  • SNAT source address translation
  • the local IP address of the virtual machine can be manually set or automatically configured.
  • the local IP of each virtual machine in a tenant should be different. If the local IP addresses of all virtual machines are the same, An IP address conflict will occur and the network will not connect properly.
  • the local IP address of the virtual machine cannot directly interact with the Internet. You can configure the corresponding public IP address for the virtual machine. Therefore, apply for the external public IP address for the virtual machine.
  • the local IP of the virtual machine is converted into a public network IP that can interact with the Internet through SNAT.
  • the NAT mode network of the tenant is established, and the interaction between the virtual machine and the Internet can be further implemented.
  • the way to create a NAT network on the management side is similar to that created on the tenant side. It is worth mentioning that you do not need to create a virtual machine on the management side.
  • the virtual machine can be created only in the tenant.
  • This embodiment also provides a method for creating a non-NAT network in the tenant. Referring to FIG. 4, the method includes:
  • S402. Create a route in the tenant, access the non-NAT network to the route, and bind the routed external gateway to a non-NAT external network.
  • the route can interact with the Internet; since the network of the tenant is a non-NAT network, the local IP can directly interact with the Internet, so SNAT can be set as False, that is, source address translation is prohibited.
  • the IP address of the virtual machine can directly interact with the external network. No source address translation is required, and no additional public IP address is required.
  • the non-NAT mode network of the tenant is established, and Further realize the interaction between the virtual machine and the Internet.
  • the way to create a non-NAT network on the management side is similar to that created on the tenant side. It is worth mentioning that you do not need to create a virtual machine on the management side.
  • the virtual machine can be created only in the tenant.
  • FIG. 5 shows a flow chart of establishing a non-NAT network on the management end.
  • Non-NAT external networks can interact with the Internet.
  • the route can interact with the Internet; since the network of the management terminal is a non-NAT network, the local IP can directly interact with the Internet, so SNAT can be set as False, that is, source address translation is prohibited.
  • a non-NAT internal network is established with the non-NAT external network, and the non-NAT internal network can interact with the Internet through the non-NAT external network.
  • FIG. 6 is a flowchart of a method for the management terminal to share the established non-NAT network to the tenant, including:
  • the tenant does not necessarily have a NAT mode, only the non-NAT network in the management terminal needs to be shared with the tenant.
  • the virtual machine can directly interact with the Internet through the non-NAT network of the management terminal.
  • the virtual machine can be further To provide a non-NAT internal network for selection, you do not need to create a virtual machine, but only bind the IP address under the non-NAT internal network to the existing virtual machine.
  • FIG. 7 shows a flow chart of establishing a NAT mode network on the tenant side, including:
  • the NAT external network can interact with the Internet.
  • the route can interact with the Internet. Since the network of the tenant is a NAT network, the local IP cannot directly interact with the Internet. Therefore, SNAT can be set to True, that is, source address translation.
  • NAT internal network After the NAT internal network is associated with the route, a connection is established between the NAT internal network and the NAT external network, and the NAT internal network can interact with the Internet through the NAT external network.
  • S705 Create a virtual machine in the tenant, and bind the local IP address to the virtual machine.
  • the local IP address of the virtual machine can be manually set or automatically configured.
  • the local IP of each virtual machine in a tenant should be different. If the local IP addresses of all virtual machines are the same, An IP address conflict will occur and the network will not connect properly.
  • the local IP address of the virtual machine cannot directly interact with the Internet. You can configure the corresponding public IP address for the virtual machine. Therefore, apply for the external public IP address for the virtual machine.
  • the local IP of the virtual machine is converted into a public network IP that can interact with the Internet through SNAT.
  • This embodiment provides a network sharing method.
  • the tenant provides a NAT network for the virtual machine in the tenant by using the NAT network on the tenant side and the non-NAT network on the management end.
  • the management end is the virtual network in the tenant.
  • the machine provides a non-NAT network to implement the NAT mode on the tenant. The compatibility of the network and the non-NAT mode network improves the flexible application of the system.
  • the network sharing system in this embodiment includes a tenant 20 and a management terminal 10.
  • the tenant 20 includes multiple virtual machines.
  • the tenant 20 establishes a NAT mode network, and the management terminal 10 establishes a non-NAT mode.
  • the internet ;
  • the process of establishing a NAT mode network by the tenant 20 is as follows:
  • a NAT external network is created on the tenant side 20; the NAT external network of the tenant 20 is connected to the Internet to implement interaction with the Internet, and the interaction here includes any operations that need to be completed by networking.
  • the tenant route 201 is created on the tenant side 20, and the NAT external network is bound to the external gateway of the tenant route 201. After the external gateway of the tenant route 201 is bound to the NAT external network, the tenant route 201 can be implemented with the Internet. Inter-exchange; since the network of the tenant 20 is a NAT network, the local IP cannot interact with the Internet. Therefore, SNAT (Source Address Translation) can be set to true, that is, source address translation is performed.
  • SNAT Source Address Translation
  • a NAT intranet is a local area network. It cannot connect to the Internet without going through a NAT external network, but can only interact between nodes inside the NAT.
  • the intranet of the NAT is associated with the tenant route 201. After the intranet of the NAT is associated with the tenant route 201, a connection is established between the intranet and the extranet of the NAT, and the intranet can interact with the Internet through the NAT intranet. At this point, the NAT network in the tenant 20 has been created, and each virtual machine in the tenant 20 can interact with the Internet through the NAT network.
  • the process of the management terminal 10 establishing a non-NAT mode network is as follows:
  • a non-NAT external network is created on the management terminal 10; the non-NAT external network is connected to the Internet to implement interaction with the Internet, and the interaction here includes any operations that need to be completed by networking.
  • the management route 101 can implement interaction with the Internet; since the network of the management terminal 10 is a non-NAT network, the local IP can directly interact with the Internet. Therefore, you can set SNAT to false, that is, source address translation is prohibited.
  • non-NAT intranet After the non-NAT intranet is associated with the management route 101, a non-NAT intranet and a non-NAT extranet are established to communicate with each other through the non-NAT intranet through the non-NAT external network. So far, the non-NAT network in the management terminal 10 has been created, and the management terminal 10 can share the non-NAT network to other tenant terminals 20.
  • the tenant 20 provides a NAT mode network for the virtual machine in the tenant 20; the virtual machine interacts with the Internet through the NAT network, and the local IP of the virtual machine cannot be used; the virtual machine can convert the local IP through SNAT. Convert IP to a public IP that the Internet can recognize.
  • the management terminal 10 provides a non-NAT mode network for the virtual machine in the tenant 20; the virtual machine interacts with the Internet through a non-NAT network, and the IP address in the non-NAT mode is available, and the IP address in the non-NAT mode Can interact directly with the Internet.
  • each virtual machine in the tenant 20 can be performed by the NAT network provided by the tenant 20 and/or the non-NAT network provided by the management terminal 10 and the Internet.
  • the virtual machine in the tenant terminal 20 includes: a first virtual machine 2021, a second virtual machine 2022, and a third virtual machine 2023.
  • the first virtual machine 2021 is configured to interact with the Internet through the tenant's NAT network;
  • the machine 2022 is configured to interact with the Internet through a non-NAT network provided by the management terminal 10;
  • the third virtual machine 2023 is configured to interact with the Internet through a NAT network provided by the tenant and a non-NAT network provided by the management terminal 10.
  • the first virtual machine 2021 is configured to convert to the public network IP through the SNAT of the tenant route 201 according to the local IP address allocated by the tenant 20, and then implement interaction with the Internet; the second virtual machine 2022 is set to follow the management terminal 10
  • the provided IP address can be exchanged with the Internet through the non-NAT mode network of the management terminal 10 without converting the IP address;
  • the third virtual machine 2023 has both the local IP provided by the tenant 20 and the non-administrator 10
  • the IP address provided by the NAT network, the third virtual machine 2023 is set to be converted by the local IP, and then interacts with the Internet through the NAT network of the tenant 20, and the IP address provided by the non-NAT network directly passes through the non-NAT network of the management terminal 10. versus Internet interaction. Because the NAT and non-NAT modes are different, the IP addresses provided by the local IP and the non-NAT network in the third virtual machine 2023 are different, and the two IPs can be used to implement interaction in a corresponding manner.
  • the embodiment provides a network sharing system, including a management terminal and a tenant.
  • the tenant includes multiple virtual machines, and establishes at least one network in the NAT and non-NAT on the tenant.
  • the tenant is configured to provide the network in the tenant to the virtual machine in the tenant, and the management end is configured to provide a network different from the tenant in the virtual machine in the tenant, thereby implementing NAT on the tenant.
  • the compatibility of the mode network and the non-NAT mode network improves the flexible application of the system.
  • the embodiment of the invention further provides a computer readable storage medium storing computer executable instructions, which are implemented by the processor to implement the method described in the foregoing embodiments.
  • computer storage medium includes volatile and nonvolatile implemented in any method or technique for storing information, such as computer readable instructions, data structures, program modules or other data. Sex, removable and non-removable media.
  • Computer storage media includes, but is not limited to, RAM, ROM, EEPROM, flash memory or other memory technology, CD-ROM, digital versatile disc (DVD) or other optical disc storage, magnetic cartridge, magnetic tape, magnetic disk storage or other magnetic storage device, or may Any other medium used to store the desired information and that can be accessed by the computer.
  • communication media typically includes computer readable instructions, data structures, program modules or other data in a modulated data signal, such as a carrier wave or other transport mechanism, and can include any information delivery media.
  • the above technical solution can enable the tenant to have a network established by itself and a network provided by the management end, thereby implementing compatibility between the two networks in one tenant, thereby improving the flexible application of the system.

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)

Abstract

La présente invention concerne un système, un procédé de partage de réseau et un système de réseau social. Le procédé comprend les étapes suivantes : chaque extrémité de locataire établit l'un d'un réseau de mode de traduction d'adresse de réseau (NAT) et un réseau en mode non-NAT (S101) ; une extrémité de gestion établit au moins un réseau de deux réseaux (S102) ; l'extrémité de locataire fournit un réseau de l'extrémité de locataire pour au moins une machine virtuelle dans l'extrémité de locataire, et l'extrémité de gestion fournit un réseau différent de celui de l'extrémité de locataire pour lesdites machines virtuelles dans l'extrémité de locataire (S103).
PCT/CN2017/087179 2016-06-14 2017-06-05 Système de réseau social et procédé et système de partage de réseau WO2017215483A1 (fr)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
CN201610417007.2 2016-06-14
CN201610417007.2A CN107508845B (zh) 2016-06-14 2016-06-14 一种组网系统、网络共享方法和系统

Publications (1)

Publication Number Publication Date
WO2017215483A1 true WO2017215483A1 (fr) 2017-12-21

Family

ID=60664329

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2017/087179 WO2017215483A1 (fr) 2016-06-14 2017-06-05 Système de réseau social et procédé et système de partage de réseau

Country Status (2)

Country Link
CN (1) CN107508845B (fr)
WO (1) WO2017215483A1 (fr)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN111654443A (zh) * 2020-06-05 2020-09-11 山东汇贸电子口岸有限公司 一种云环境下虚机IPv6地址直接访问公网的方法

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102752137A (zh) * 2012-06-28 2012-10-24 用友软件股份有限公司 主动设置虚拟机网络参数的装置和方法
CN104407913A (zh) * 2014-11-12 2015-03-11 国云科技股份有限公司 一种单网卡虚拟机实现双线接入的方法
CN104506403A (zh) * 2014-12-05 2015-04-08 国云科技股份有限公司 一种支持多级隔离的虚拟网络管理方法
US20150281059A1 (en) * 2014-03-27 2015-10-01 Nicira, Inc. Host architecture for efficient cloud service access

Family Cites Families (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN100499494C (zh) * 2005-09-13 2009-06-10 华为技术有限公司 一种远程管理本地网络设备的系统及实现方法
CN103731308A (zh) * 2013-12-29 2014-04-16 国云科技股份有限公司 一种虚拟机公网管理方法
CN103746997A (zh) * 2014-01-10 2014-04-23 浪潮电子信息产业股份有限公司 一种云计算中心网络安全解决方案
CN103888553B (zh) * 2014-02-21 2017-09-26 汉柏科技有限公司 基于路由的虚拟机与宿主机网络连通方法和装置
CN103812704B (zh) * 2014-02-25 2017-12-15 国云科技股份有限公司 一种面向虚拟机的公网ip动态管理方法
CN104468746A (zh) * 2014-11-23 2015-03-25 国云科技股份有限公司 一种适用于云平台的分布式虚拟网络实现方法
CN104580545B (zh) * 2014-12-18 2018-08-28 国云科技股份有限公司 一种基于地址监听的虚拟机ip管理方法

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102752137A (zh) * 2012-06-28 2012-10-24 用友软件股份有限公司 主动设置虚拟机网络参数的装置和方法
US20150281059A1 (en) * 2014-03-27 2015-10-01 Nicira, Inc. Host architecture for efficient cloud service access
CN104407913A (zh) * 2014-11-12 2015-03-11 国云科技股份有限公司 一种单网卡虚拟机实现双线接入的方法
CN104506403A (zh) * 2014-12-05 2015-04-08 国云科技股份有限公司 一种支持多级隔离的虚拟网络管理方法

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
SHEN, JUNHUI: "Network Connection Mode and Principle of VMware Virtual Machine", COMPUTER KNOWLEDGE AND TECHNOLOGY, vol. 8, no. 35, 31 December 2012 (2012-12-31), ISSN: 1009-3044 *

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN111654443A (zh) * 2020-06-05 2020-09-11 山东汇贸电子口岸有限公司 一种云环境下虚机IPv6地址直接访问公网的方法

Also Published As

Publication number Publication date
CN107508845B (zh) 2021-07-06
CN107508845A (zh) 2017-12-22

Similar Documents

Publication Publication Date Title
US11115465B2 (en) Accessing endpoints in logical networks and public cloud service providers native networks using a single network interface and a single routing table
US10491516B2 (en) Packet communication between logical networks and public cloud service providers native networks using a single network interface and a single routing table
US9755903B2 (en) Replicating firewall policy across multiple data centers
JP6266035B2 (ja) 論理ルータ
EP3175590B1 (fr) Pontage de nuages
US8363656B2 (en) Multiple virtual machines sharing a single IP address
US20230124797A1 (en) Stateful services on stateless clustered edge
US10044617B2 (en) Stateful services on stateless clustered edge
EP3219058B1 (fr) Services à états sur bord en grappe sans état
US9832112B2 (en) Using different TCP/IP stacks for different hypervisor services
US11457096B2 (en) Application based egress interface selection
US9729679B2 (en) Using different TCP/IP stacks for different tenants on a multi-tenant host
WO2019040720A1 (fr) Accès à des points d'extrémité dans des réseaux logiques et des réseaux natifs de prestataires de services en nuage publics à l'aide d'une seule interface réseau et d'une seule table de routage
US9866473B2 (en) Stateful services on stateless clustered edge
CN109937400A (zh) 用于虚拟机的实时迁移的流状态传送
US20160142297A1 (en) Stateful services on stateless clustered edge
US10091125B2 (en) Using different TCP/IP stacks with separately allocated resources
US9940180B2 (en) Using loopback interfaces of multiple TCP/IP stacks for communication between processes
JP6884891B2 (ja) ルート同期
CN106685860B (zh) 网络虚拟化方法及设备
WO2017215483A1 (fr) Système de réseau social et procédé et système de partage de réseau
CN111756629B (zh) 设备接入overlay网络及通信的方法、装置、设备、网络及介质
US20240154929A1 (en) Network address translation (nat) devices configured to resolve nat state synchronization issues

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 17812594

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 17812594

Country of ref document: EP

Kind code of ref document: A1