WO2018045821A1 - Methods and devices for sending, receiving, and transmitting cloud host data - Google Patents

Methods and devices for sending, receiving, and transmitting cloud host data Download PDF

Info

Publication number
WO2018045821A1
WO2018045821A1 PCT/CN2017/092571 CN2017092571W WO2018045821A1 WO 2018045821 A1 WO2018045821 A1 WO 2018045821A1 CN 2017092571 W CN2017092571 W CN 2017092571W WO 2018045821 A1 WO2018045821 A1 WO 2018045821A1
Authority
WO
WIPO (PCT)
Prior art keywords
queue
cloud host
public network
target queue
information
Prior art date
Application number
PCT/CN2017/092571
Other languages
French (fr)
Chinese (zh)
Inventor
沈娟
李国超
崔孝飞
杨万里
Original Assignee
北京京东尚科信息技术有限公司
北京京东世纪贸易有限公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 北京京东尚科信息技术有限公司, 北京京东世纪贸易有限公司 filed Critical 北京京东尚科信息技术有限公司
Publication of WO2018045821A1 publication Critical patent/WO2018045821A1/en

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L47/00Traffic control in data switching networks
    • H04L47/10Flow control; Congestion control
    • H04L47/24Traffic characterised by specific attributes, e.g. priority or QoS
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L47/00Traffic control in data switching networks
    • H04L47/50Queue scheduling
    • H04L47/52Queue scheduling by attributing bandwidth to queues
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L65/00Network arrangements, protocols or services for supporting real-time applications in data packet communication
    • H04L65/40Support for services or applications
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/10Protocols in which an application is distributed across nodes in the network

Abstract

The present invention relates to the field of cloud computing, and provides methods and devices for sending, receiving, and transmitting cloud host data. The method for receiving cloud host data of the present invention comprises: obtaining destination address information of downlink traffic of a cloud host, the destination address information being public network address information of the cloud host; determining a target queue according to the destination address information on the basis of a corresponding relationship between a queue and a public network address; and performing downlink transmission by means of the target queue on the basis of bandwidth limitation of the target queue. By means of the method, a queue can be allocated for downlink traffic of a cloud host according to a destination address, and downlink traffic bandwidth can be limited by using bandwidth limitation of the queue, so that downlink traffic of the cloud host is limited based on a public network address, to avoid that network bandwidth is occupied by an individual user due to traffic of excessive surge, thus improving the stability of the cloud host.

Description

云主机数据发送、接收、传输方法和装置Cloud host data transmitting, receiving, transmitting method and device 技术领域Technical field
本发明涉及云计算领域,特别是一种云主机数据发送、接收、传输方法和装置。The present invention relates to the field of cloud computing, and in particular, to a cloud host data transmitting, receiving, and transmitting method and apparatus.
背景技术Background technique
目前,在OpenStack云计算领域中的IaaS(Infrastructure as a Service,基础设施即服务模式)中,云计算服务平台通过云计算虚拟化主机,将这些虚拟云主机提供给用户使用,需要根据用户的具体情况限制其创建的主机的上下行带宽,防止涌入过大的流量导致网络带宽被个别用户占用。另外,可以通过根据用户申请的带宽收取对应的费用来产生经济效益。At present, in the IaaS (Infrastructure as a Service) in the field of OpenStack cloud computing, the cloud computing service platform provides virtualized hosts to the users through cloud computing virtualization hosts, and needs to be customized according to users. The situation limits the upstream and downstream bandwidth of the host it creates, preventing the influx of excessive traffic and causing the network bandwidth to be occupied by individual users. In addition, economic benefits can be generated by charging a corresponding fee based on the bandwidth requested by the user.
现有技术中,OpenStack G版本支持通过Nova Flavor设置QoS(Quality of Service,服务质量),通过Flavor来设置QoS不是很灵活,这会需要维护很多个Flavor来保证不同的QoS需求。OpenStack L版本支持ML2-QoS功能,这个特性可以针对L2-port和L2-net来做流量QoS设置,ML2-QoS只能做二层网络的流量限制,无法区分内网流量和公网流量,不能充分利用内网的硬件资源,造成很大的资源浪费。In the prior art, the OpenStack G version supports setting QoS (Quality of Service) through Nova Flavor. Setting the QoS through the Flavor is not very flexible, which requires maintaining a large number of Flavors to ensure different QoS requirements. The OpenStack L version supports the ML2-QoS function. This feature can be used to configure traffic QoS for L2-port and L2-net. ML2-QoS can only limit the traffic of Layer 2 networks. It cannot distinguish between intranet traffic and public network traffic. Making full use of the hardware resources of the internal network, resulting in a great waste of resources.
发明内容Summary of the invention
本发明的一个目的在于提出一种针对云主机的公网流量进行带宽限制的方案。An object of the present invention is to propose a scheme for bandwidth limitation of public network traffic of a cloud host.
根据本发明的一个方面,提出一种云主机数据接收方法,包括:获取云主机下行流量的目的地址信息,目的地址信息为云主机的公网地址信息;基于队列与公网地址的对应关系,根据目的地址信息确定目标队列;基于目标队列的带宽限制,通过目标队列进行下行传输。According to an aspect of the present invention, a method for receiving a cloud host data includes: obtaining destination address information of a downlink traffic of a cloud host, where the destination address information is public network address information of the cloud host; and based on a correspondence between the queue and the public network address, Determining a target queue according to the destination address information; performing downlink transmission through the target queue based on the bandwidth limitation of the target queue.
可选地,获取云主机下行流量的目的地址信息包括:IFB(Intermediate Functional Block device,中间功能块装置)获取进入网卡的下行流量,并获取目的地址信息;基于队列与公网地址的对应关系,根据目的地址信息确定目标队列包括:IFB根据队列与公网地址的对应关系确定目标队列,其中,目标队列具有带宽限制信息;基于目标队列的带宽限制,通过目标队列进行下行传输包括:将下行流量在目标队列的带宽限制作用下返回网卡,经网卡进行下行传输。 Optionally, the destination address information of the downlink traffic of the cloud host is: the intermediate functional block device (IFB) acquires the downlink traffic that enters the network card, and obtains the destination address information; and the correspondence between the queue and the public network address, Determining the target queue according to the destination address information includes: determining, by the IFB, the target queue according to the correspondence between the queue and the public network address, wherein the target queue has bandwidth limitation information; and performing downlink transmission through the target queue according to the bandwidth limitation of the target queue includes: downlink traffic The network card is returned under the bandwidth limitation of the target queue, and the downlink transmission is performed through the network card.
可选地,云主机数据接收方法还包括:将云主机的网卡与IFB连接;在IFB中添加TC(Traffic Control,流量控制)规则,通过TC规则设置队列,且指定每个队列的带宽限制信息;在IFB中建立队列与公网地址的对应关系。Optionally, the cloud host data receiving method further includes: connecting the network card of the cloud host to the IFB; adding a TC (Traffic Control) rule in the IFB, setting a queue through the TC rule, and specifying bandwidth limit information of each queue. The correspondence between the queue and the public network address is established in the IFB.
可选地,云主机数据接收方法还包括:若基于队列与公网地址的对应关系,根据目的地址信息未能确定目标队列,则选取预定默认队列作为目标队列。Optionally, the cloud host data receiving method further includes: if the target queue is not determined according to the destination address information based on the correspondence between the queue and the public network address, selecting a predetermined default queue as the target queue.
可选地,云主机数据接收方法还包括:当删除云主机的公网地址时,删除与公网地址匹配的目标队列,且删除公网地址与队列的对应关系。Optionally, the cloud host data receiving method further includes: when deleting the public network address of the cloud host, deleting the target queue that matches the public network address, and deleting the correspondence between the public network address and the queue.
通过这样的方法,能够根据目的地址为云主机的下行流量分配队列,利用队列的带宽限制实现对下行流量带宽的限制,从而实现了基于公网地址的云主机下行流量限制,防止涌入过大的流量导致网络带宽被个别用户占用,提高了云主机的稳定性。In this way, the queue can be allocated to the downstream traffic of the cloud host according to the destination address, and the bandwidth limitation of the queue can be used to limit the downlink traffic bandwidth, thereby realizing the downlink traffic restriction of the cloud host based on the public network address, thereby preventing excessive flooding. The traffic causes the network bandwidth to be occupied by individual users, which improves the stability of the cloud host.
根据本发明的另一个方面,提出一种云主机数据发送方法,包括:获取云主机上行流量的源地址信息,源地址信息为云主机的公网地址信息;将源地址信息与流表信息进行匹配,确定目标队列,其中,流表信息包括公网地址信息与队列的对应关系;基于目标队列的带宽限制,通过目标队列进行上行传输。According to another aspect of the present invention, a cloud host data sending method is provided, including: obtaining source address information of a cloud host uplink traffic, the source address information being public network address information of the cloud host; and performing source address information and flow table information Matching, determining a target queue, where the flow table information includes a correspondence between the public network address information and the queue; and the uplink transmission is performed through the target queue based on the bandwidth limitation of the target queue.
可选地,获取云主机上行流量的源地址信息包括:云主机的网桥获取上行流量的源地址信息;将源地址信息与流表信息进行匹配,确定目标队列包括:网桥将源地址信息与网桥中的流表信息进行匹配,确定QoS功能模块中的目标队列,其中,队列的出口绑定网桥的上行端口,且每个队列具有带宽限制信息;基于目标队列的带宽限制,通过目标队列进行上行传输包括:调用服务质量QoS功能模块,将上行流量在QoS功能模块的目标队列的带宽限制作用下经上行端口进行上行传输。Optionally, obtaining source address information of the uplink traffic of the cloud host includes: acquiring, by the bridge of the cloud host, source address information of the uplink traffic; matching the source address information with the flow table information, and determining that the target queue includes: the source address information of the bridge Matching the flow table information in the bridge to determine the target queue in the QoS function module, wherein the exit of the queue is bound to the uplink port of the bridge, and each queue has bandwidth limitation information; based on the bandwidth limitation of the target queue, The uplink transmission of the target queue includes: calling the quality of service QoS function module, and performing uplink transmission on the uplink port under the bandwidth limitation of the target queue of the QoS function module.
可选地,云主机数据发送方法还包括:将云主机的网桥绑定QoS功能模块;在QoS功能模块中生成队列,为每个队列设置流量控制TC分类,通过TC分类指定带宽限制信息;在网桥中添加流表信息。Optionally, the cloud host data sending method further includes: binding a bridge of the cloud host to the QoS function module; generating a queue in the QoS function module, setting a flow control TC classification for each queue, and specifying bandwidth limitation information by using the TC classification; Add flow table information to the bridge.
可选地,云主机数据发送方法还包括:若源地址信息与流表信息未匹配成功,则选取预定默认队列作为目标队列。Optionally, the cloud host data sending method further includes: if the source address information and the flow table information do not match successfully, selecting a predetermined default queue as the target queue.
可选地,云主机数据发送方法还包括:当删除云主机的公网地址时,删除匹配公网地址的流表信息中的目标队列,并删除包括公网地址的流表信息。Optionally, the cloud host data sending method further includes: when deleting the public network address of the cloud host, deleting the target queue in the flow table information matching the public network address, and deleting the flow table information including the public network address.
通过这样的方法,能够根据源地址为云主机的上行流量分配队列,利用队列的带宽限制实现对上行流量带宽的限制,从而实现了基于公网地址的云主机上行流量限制, 防止涌入过大的流量导致网络带宽被个别用户占用,提高了云主机的稳定性。In this way, the queue can be allocated to the upstream traffic of the cloud host according to the source address, and the bandwidth limitation of the queue can be used to limit the uplink traffic bandwidth, thereby realizing the uplink traffic restriction of the cloud host based on the public network address. Preventing influx of excessive traffic causes network bandwidth to be occupied by individual users, improving the stability of the cloud host.
根据本发明的又一个方面,提出一种云主机数据传输方法,包括上文中提到的任意一项云主机数据接收方法;和/或,上文中提到的任意一项云主机数据发送方法。According to still another aspect of the present invention, a cloud host data transmission method is provided, including any one of the cloud host data receiving methods mentioned above; and/or any one of the cloud host data transmitting methods mentioned above.
通过这样的方法,能够根据目的地址为云主机的下行流量分配队列,利用队列的带宽限制实现对下行流量带宽的限制;且能够根据源地址为云主机的上行流量分配队列,利用队列的带宽限制实现对上行流量带宽的限制,从而实现了基于公网地址的云主机双向流量带宽限制,防止涌入过大的流量导致网络带宽被个别用户占用,提高了云主机的稳定性。In this way, the queue can be allocated to the downstream traffic of the cloud host according to the destination address, and the bandwidth limitation of the queue can be used to limit the bandwidth of the downlink traffic; and the queue can be allocated to the upstream traffic of the cloud host according to the source address, and the bandwidth limitation of the queue can be utilized. The limitation of the upstream traffic bandwidth is implemented, thereby realizing the bidirectional traffic bandwidth limitation of the cloud host based on the public network address, preventing the influx of excessive traffic and causing the network bandwidth to be occupied by individual users, thereby improving the stability of the cloud host.
根据本发明的再一个方面,提出一种云主机数据接收装置,包括:目的地址获取模块,用于获取云主机下行流量的目的地址信息,目的地址信息为云主机的公网地址信息;目标队列确定模块,用于基于队列与公网地址的对应关系,根据目的地址信息确定目标队列;下行传输模块,用于基于目标队列的带宽限制,通过目标队列进行下行传输。According to still another aspect of the present invention, a cloud host data receiving apparatus is provided, including: a destination address obtaining module, configured to acquire destination address information of a cloud host downlink traffic, and the destination address information is a public network address information of the cloud host; The determining module is configured to determine a target queue according to the destination address information based on the correspondence between the queue and the public network address, and the downlink transmission module is configured to perform downlink transmission by using the target queue based on the bandwidth limitation of the target queue.
可选地,目的地址获取模块用于在IFB获取进入网卡的下行流量,并获取目的地址信息;目标队列确定模块用于在IFB根据队列与公网地址的对应关系确定目标队列,其中,目标队列具有带宽限制信息;下行传输模块用于将下行流量在目标队列的带宽限制作用下返回网卡,经网卡进行下行传输。Optionally, the destination address obtaining module is configured to obtain the downlink traffic entering the network card at the IFB, and obtain the destination address information; the target queue determining module is configured to determine the target queue according to the correspondence between the IFB and the public network address, where the target queue is configured. The bandwidth transmission information is used; the downlink transmission module is configured to return the downlink traffic to the network card under the bandwidth limitation of the target queue, and perform downlink transmission through the network card.
可选地,云主机数据接收装置还包括:网卡连接模块,用于将云主机的网卡与IFB连接;下行队列生成模块,用于在IFB中添加TC规则,通过TC规则设置队列,且指定每个队列的带宽限制信息;对应关系生成模块,用于在IFB中建立队列与公网地址的对应关系。Optionally, the cloud host data receiving device further includes: a network card connection module, configured to connect the network card of the cloud host with the IFB; and a downlink queue generating module, configured to add a TC rule in the IFB, set a queue through the TC rule, and specify each The bandwidth limitation information of the queues; the correspondence generation module is configured to establish a correspondence between the queues and the public network addresses in the IFB.
可选地,目标队列确定模块还用于当基于队列与公网地址的对应关系根据目的地址信息未能确定目标队列时,选取预定默认队列作为目标队列。Optionally, the target queue determining module is further configured to select a predetermined default queue as the target queue when the target queue is not determined according to the destination address information based on the correspondence between the queue and the public network address.
可选地,云主机数据接收装置还包括:删除模块,用于当删除云主机的公网地址时,删除与公网地址匹配的目标队列,且删除公网地址与队列的对应关系。Optionally, the cloud host data receiving apparatus further includes: a deleting module, configured to delete the target queue that matches the public network address, and delete the correspondence between the public network address and the queue, when the public network address of the cloud host is deleted.
这样的装置能够根据目的地址为云主机的下行流量分配队列,利用队列的带宽限制实现对下行流量带宽的限制,从而实现了基于公网地址的云主机下行流量限制,防止涌入过大的流量导致网络带宽被个别用户占用,提高了云主机的稳定性。Such a device can allocate a queue for the downlink traffic of the cloud host according to the destination address, and use the bandwidth limitation of the queue to implement the limitation of the downlink traffic bandwidth, thereby implementing the downlink traffic restriction of the cloud host based on the public network address, and preventing the influx of excessive traffic. The network bandwidth is occupied by individual users, which improves the stability of the cloud host.
另外,根据本发明的一个方面,提出一种云主机数据发送装置,包括:源地址获 取模块,用于获取云主机上行流量的源地址信息,源地址信息为云主机的公网地址信息;目标队列确定模块,用于将源地址信息与流表信息进行匹配,确定目标队列,其中,流表信息包括公网地址信息与队列的对应关系;上行传输模块,用于基于目标队列的带宽限制,通过目标队列进行上行传输。In addition, according to an aspect of the present invention, a cloud host data transmitting apparatus is provided, including: obtaining a source address The module is configured to obtain source address information of the uplink traffic of the cloud host, and the source address information is public network address information of the cloud host, and the target queue determining module is configured to match the source address information with the flow table information to determine a target queue, where The flow table information includes a correspondence between the public network address information and the queue, and the uplink transmission module is configured to perform uplink transmission through the target queue based on the bandwidth limitation of the target queue.
可选地,源地址获取模块用于在云主机的网桥获取上行流量的源地址信息;目标队列确定模块用于将源地址信息与网桥中的流表信息进行匹配,确定QoS功能模块中的目标队列,其中,队列的出口绑定网桥的上行端口,且每个队列具有带宽限制信息;上行传输模块用于调用服务质量QoS功能模块,将上行流量在QoS功能模块的目标队列的带宽限制作用下经上行端口进行上行传输。Optionally, the source address obtaining module is configured to obtain source address information of the uplink traffic on the bridge of the cloud host; the target queue determining module is configured to match the source address information with the flow table information in the bridge, and determine the QoS function module. The target queue, wherein the outlet of the queue is bound to the uplink port of the bridge, and each queue has bandwidth limitation information; the uplink transmission module is configured to invoke the quality of service QoS function module, and the uplink traffic is in the bandwidth of the target queue of the QoS function module. Uplink transmission is performed via the uplink port under the restriction.
可选地,云主机数据发送装置还包括:网桥绑定模块,用于将云主机的网桥绑定QoS功能模块;上行队列生成模块,用于在QoS功能模块中生成队列,为每个队列设置流量控制TC分类,通过TC分类指定带宽限制信息;流表添加模块,用于在网桥中添加流表信息。Optionally, the cloud host data sending apparatus further includes: a bridge binding module, configured to bind the bridge of the cloud host to the QoS function module; and an uplink queue generating module, configured to generate a queue in the QoS function module, for each The queue sets the flow control TC classification, and specifies the bandwidth limitation information by the TC classification; the flow table adding module is used to add the flow table information to the bridge.
可选地,目标队列确定模块还用于当源地址信息与流表信息未匹配成功时,选取预定默认队列作为目标队列。Optionally, the target queue determining module is further configured to: when the source address information and the flow table information do not match successfully, select a predetermined default queue as the target queue.
可选地,云主机数据发送装置还包括:删除模块,用于当删除云主机的公网地址时,删除匹配公网地址的流表信息中的目标队列,并删除包括公网地址的流表信息。Optionally, the cloud host data sending apparatus further includes: a deleting module, configured to: when deleting the public network address of the cloud host, delete the target queue in the flow table information matching the public network address, and delete the flow table including the public network address information.
这样的装置能够根据源地址为云主机的上行流量分配队列,利用队列的带宽限制实现对上行流量带宽的限制,从而实现了基于公网地址的云主机上行流量限制,防止涌入过大的流量导致网络带宽被个别用户占用,提高了云主机的稳定性。Such a device can allocate a queue for the upstream traffic of the cloud host according to the source address, and use the bandwidth limitation of the queue to limit the bandwidth of the upstream traffic, thereby implementing the uplink traffic restriction of the cloud host based on the public network address, and preventing the influx of excessive traffic. The network bandwidth is occupied by individual users, which improves the stability of the cloud host.
另外,根据本发明的又一个方面,提出一种云主机数据传输装置,包括上文中提到的任意一项的云主机数据接收装置;和/或上文中提到的任意一项的云主机数据发送装置。In addition, according to still another aspect of the present invention, a cloud host data transmission apparatus is provided, comprising the cloud host data receiving apparatus of any of the above mentioned; and/or cloud host data of any of the above mentioned Sending device.
这样的装置能够根据目的地址为云主机的下行流量分配队列,利用队列的带宽限制实现对下行流量带宽的限制;且能够根据源地址为云主机的上行流量分配队列,利用队列的带宽限制实现对上行流量带宽的限制,从而实现了基于公网地址的云主机双向流量带宽限制,防止涌入过大的流量导致网络带宽被个别用户占用,提高了云主机的稳定性。Such a device can allocate a queue for the downlink traffic of the cloud host according to the destination address, and use the bandwidth limitation of the queue to implement the limitation of the downlink traffic bandwidth; and can allocate a queue according to the source address for the uplink traffic of the cloud host, and implement the bandwidth limitation by using the bandwidth of the queue. The limitation of the upstream traffic bandwidth, which realizes the bidirectional traffic bandwidth limitation of the cloud host based on the public network address, prevents the influx of excessive traffic, and the network bandwidth is occupied by individual users, thereby improving the stability of the cloud host.
根据本发明的再一个方面,提出一种云主机数据传输装置,包括:存储器;以及, 耦接至存储器的处理器,处理器被配置为基于存储在存储器的指令执行如上文中提到的任意一项的方法。According to still another aspect of the present invention, a cloud host data transmission apparatus is provided, including: a memory; A processor coupled to the memory, the processor being configured to perform the method of any of the above mentioned based on the instructions stored in the memory.
这样的装置能够根据目的地址为云主机的下行流量分配队列,利用队列的带宽限制实现对下行流量带宽的限制;且能够根据源地址为云主机的上行流量分配队列,利用队列的带宽限制实现对上行流量带宽的限制,从而实现了基于公网地址的云主机双向流量带宽限制,防止涌入过大的流量导致网络带宽被个别用户占用,提高了云主机的稳定性。由于基于公网地址进行限速,能够区分内网流量和公网流量,从而在限速的同时充分利用内网的硬件资源,提高云主机的性能。Such a device can allocate a queue for the downlink traffic of the cloud host according to the destination address, and use the bandwidth limitation of the queue to implement the limitation of the downlink traffic bandwidth; and can allocate a queue according to the source address for the uplink traffic of the cloud host, and implement the bandwidth limitation by using the bandwidth of the queue. The limitation of the upstream traffic bandwidth, which realizes the bidirectional traffic bandwidth limitation of the cloud host based on the public network address, prevents the influx of excessive traffic, and the network bandwidth is occupied by individual users, thereby improving the stability of the cloud host. Because the rate limit is based on the public network address, the internal network traffic and the public network traffic can be distinguished, so that the hardware resources of the internal network can be fully utilized while the speed limit is increased, thereby improving the performance of the cloud host.
另外,根据发明的一个方面,提出一种计算机可读存储介质,其上存储有计算机程序指令,该指令被处理器执行时实现上文中任意一种方法的步骤。Additionally, in accordance with one aspect of the invention, a computer readable storage medium having stored thereon computer program instructions that, when executed by a processor, implements the steps of any of the above methods.
这样的计算机可读存储介质通过执行其上的程序指令,实现了基于公网地址的云主机双向流量带宽限制,提高了云主机的稳定性。由于基于公网地址进行限速,能够区分内网流量和公网流量,从而在限速的同时充分利用内网的硬件资源,提高云主机的性能。Such a computer readable storage medium implements a bidirectional traffic bandwidth limitation of a cloud host based on a public network address by executing program instructions thereon, thereby improving the stability of the cloud host. Because the rate limit is based on the public network address, the internal network traffic and the public network traffic can be distinguished, so that the hardware resources of the internal network can be fully utilized while the speed limit is increased, thereby improving the performance of the cloud host.
附图说明DRAWINGS
此处所说明的附图用来提供对本发明的进一步理解,构成本申请的一部分,本发明的示意性实施例及其说明用于解释本发明,并不构成对本发明的不当限定。在附图中:The drawings described herein are intended to provide a further understanding of the invention, and are intended to be a part of the invention. In the drawing:
图1为本发明的云主机数据接收方法的一个实施例的流程图。FIG. 1 is a flowchart of an embodiment of a cloud host data receiving method according to the present invention.
图2为本发明的云主机数据接收方法的另一个实施例的流程图。2 is a flow chart of another embodiment of a cloud host data receiving method of the present invention.
图3为本发明的云主机数据接收方法的又一个实施例的流程图。FIG. 3 is a flowchart of still another embodiment of a cloud host data receiving method according to the present invention.
图4为本发明的云主机数据发送方法的一个实施例的流程图。4 is a flow chart of an embodiment of a method for transmitting cloud host data according to the present invention.
图5为本发明的云主机数据发送方法的另一个实施例的流程图。FIG. 5 is a flowchart of another embodiment of a cloud host data sending method according to the present invention.
图6为本发明的云主机数据发送方法的又一个实施例的流程图。FIG. 6 is a flowchart of still another embodiment of a cloud host data sending method according to the present invention.
图7为本发明的云主机数据传输方法的一个实施例的示意图。FIG. 7 is a schematic diagram of an embodiment of a cloud host data transmission method according to the present invention.
图8为本发明的云主机数据接收装置的一个实施例的示意图。FIG. 8 is a schematic diagram of an embodiment of a cloud host data receiving apparatus according to the present invention.
图9为本发明的云主机数据接收装置的另一个实施例的示意图。FIG. 9 is a schematic diagram of another embodiment of a cloud host data receiving apparatus of the present invention.
图10为本发明的云主机数据发送装置的一个实施例的示意图。 FIG. 10 is a schematic diagram of an embodiment of a cloud host data transmitting apparatus according to the present invention.
图11为本发明的云主机数据发送装置的另一个实施例的示意图。FIG. 11 is a schematic diagram of another embodiment of a cloud host data transmitting apparatus according to the present invention.
图12为本发明的云主机数据传输装置的一个实施例的示意图。FIG. 12 is a schematic diagram of an embodiment of a cloud host data transmission apparatus according to the present invention.
图13为本发明的云主机数据传输装置的另一个实施例的示意图。FIG. 13 is a schematic diagram of another embodiment of a cloud host data transmission apparatus according to the present invention.
图14为本发明的云主机数据传输装置的又一个实施例的示意图。FIG. 14 is a schematic diagram of still another embodiment of a cloud host data transmission apparatus of the present invention.
具体实施方式detailed description
下面通过附图和实施例,对本发明的技术方案做进一步的详细描述。The technical solution of the present invention will be further described in detail below through the accompanying drawings and embodiments.
本发明的云主机数据接收方法的一个实施例的流程图如图1所示。A flowchart of one embodiment of the cloud host data receiving method of the present invention is shown in FIG.
在步骤101中,获取云主机下行流量的目的地址信息,目的地址信息为云主机的公网地址信息。In step 101, the destination address information of the downlink traffic of the cloud host is obtained, and the destination address information is the public network address information of the cloud host.
在步骤102中,基于队列与公网地址的对应关系,根据目的地址信息确定目标队列。每个队列预先配置有能够传输的流量的公网地址信息,且每个队列具有带宽限制。In step 102, based on the correspondence between the queue and the public network address, the target queue is determined according to the destination address information. Each queue is pre-configured with public network address information of traffic that can be transmitted, and each queue has a bandwidth limit.
在步骤103中,基于目标队列的带宽限制,通过目标队列进行下行传输。由于目标队列具有带宽限制,因此下行流量经目标队列传输时,也需要在该队列的带宽限制下传输。In step 103, downlink transmission is performed through the target queue based on the bandwidth limitation of the target queue. Since the target queue has a bandwidth limit, when the downstream traffic is transmitted through the target queue, it also needs to be transmitted under the bandwidth limit of the queue.
通过这样的方法,能够根据目的地址为云主机的下行流量分配队列,利用队列的带宽限制实现对下行流量带宽的限制,从而实现了基于公网地址的云主机下行流量限制,防止涌入过大的流量导致网络带宽被个别用户占用,提高了云主机的稳定性。由于基于公网地址进行限速,能够区分内网流量和公网流量,从而在限速的同时充分利用内网的硬件资源,提高云主机的性能。In this way, the queue can be allocated to the downstream traffic of the cloud host according to the destination address, and the bandwidth limitation of the queue can be used to limit the downlink traffic bandwidth, thereby realizing the downlink traffic restriction of the cloud host based on the public network address, thereby preventing excessive flooding. The traffic causes the network bandwidth to be occupied by individual users, which improves the stability of the cloud host. Because the rate limit is based on the public network address, the internal network traffic and the public network traffic can be distinguished, so that the hardware resources of the internal network can be fully utilized while the speed limit is increased, thereby improving the performance of the cloud host.
本发明的云主机数据接收方法的另一个实施例的流程图如图2所示。A flowchart of another embodiment of the cloud host data receiving method of the present invention is shown in FIG. 2.
在步骤201中,IFB获取进入网卡的下行流量,由IFB获取目的地址信息。在一个实施例中,可以调用IFB,IFB中加载有ifb0虚拟网卡。虚拟网卡ifb0能够利用加载的TC规则获取下行流量的目的地址信息。In step 201, the IFB obtains the downlink traffic entering the network card, and the IFB obtains the destination address information. In one embodiment, the IFB can be invoked with an ifb0 virtual NIC loaded in the IFB. The virtual network card ifb0 can obtain the destination address information of the downlink traffic by using the loaded TC rule.
在步骤202中,IFB根据队列与公网地址的对应关系确定目标队列。在一个实施例中,在IFB中可配置有多个队列,目标队列具有带宽限制信息。可以通过队列与地址的对应关系确定下行流量的目标队列。在一个实施例中,在虚拟网卡ifb0的端口设置有TC规则,TC规则中设置有多个队列,以及规定了多个队列的带宽限制信息。In step 202, the IFB determines the target queue according to the correspondence between the queue and the public network address. In one embodiment, multiple queues can be configured in the IFB, and the target queue has bandwidth limit information. The target queue of the downstream traffic can be determined by the correspondence between the queue and the address. In one embodiment, a TC rule is set on a port of the virtual network card ifb0, a plurality of queues are set in the TC rule, and bandwidth limitation information of a plurality of queues is specified.
在步骤203中,将下行流量在目标队列的带宽限制作用下返回网卡,经网卡进行 下行传输。In step 203, the downlink traffic is returned to the network card by the bandwidth limitation of the target queue, and is performed by the network card. Downlink transmission.
在Linux操作系统中,TC用于Linux内核的流量控制,主要是通过在输出端口处建立一个队列来实现内核的流量控制。IFB可以被看作是一个只有TC过滤功能的虚拟网卡,它并不改变数据包的方向,对于往外发的数据包被重定向到IFB,经过IFB的TC过滤之后,依然是通过重定向之前的网卡发出去,对于一个网卡接收的数据包,被重定向到IFB,经过IFB的TC过滤之后,依然被重定向之前的网卡继续进行接收处理。通过这样的方法,可以利用Linux中的IFB功能进行改进,实现云主机下行流量的带宽限制,有利于实施应用。In the Linux operating system, TC is used for flow control of the Linux kernel, mainly by establishing a queue at the output port to implement kernel flow control. IFB can be regarded as a virtual network card with only TC filtering function. It does not change the direction of the data packet. For outgoing packets, it is redirected to the IFB. After the IF filtering by the IFB, it is still through the redirection. The network card sends out, and the data packet received by a network card is redirected to the IFB. After being filtered by the IFB TC, the network card before being redirected continues to receive and process. Through such a method, the IFB function in Linux can be used to improve, and the bandwidth limitation of the downlink traffic of the cloud host can be realized, which is advantageous for implementing the application.
本发明的云主机数据接收方法的又一个实施例的流程图如图3所示。A flowchart of still another embodiment of the cloud host data receiving method of the present invention is shown in FIG.
在步骤301中,将云主机的网卡与IFB连接,从而在下行流量到来时,会将流量重定向到IFB。在一个实施例中,可以加载IFB驱动并启动虚拟网卡ifb0。In step 301, the network host of the cloud host is connected to the IFB, so that when the downstream traffic arrives, the traffic is redirected to the IFB. In one embodiment, the IFB driver can be loaded and the virtual network card ifb0 can be started.
在步骤302中,在IFB中添加TC规则,通过TC规则设置队列,且指定每个队列的带宽限制信息。在一个实施例中,可以根据下行带宽需求设置多个队列。在一个实施例中,可以首先给ifb0网卡设定一个根队列,然后再添加几个子队列,每个子队列对应一个TC分类。每个TC分类设定了最大速率、可用的最低速率和优先级等。In step 302, a TC rule is added to the IFB, a queue is set by the TC rule, and bandwidth limit information for each queue is specified. In one embodiment, multiple queues can be set according to downstream bandwidth requirements. In one embodiment, a root queue may be first set to the ifb0 network card, and then several sub-queues may be added, each sub-queue corresponding to one TC classification. Each TC class sets the maximum rate, the lowest rate and priority that can be used, and so on.
在步骤303中,在IFB中建立队列与公网地址的对应关系。在一个实施例中,可以根据公网地址指定队列。下行流量的目的公网地址不同则指定的队列也不相同,而队列又通过TC分类设定了最大带宽,从而完成了ifb0的出口带宽限制。In step 303, a correspondence between the queue and the public network address is established in the IFB. In one embodiment, the queue can be specified based on the public network address. If the destination public network address of the downstream traffic is different, the specified queue is also different, and the queue sets the maximum bandwidth by the TC classification, thereby completing the export bandwidth limitation of ifb0.
在步骤304中,将进入网卡的下行流量转发到中间功能块装置IFB,由IFB获取目的地址信息。在一个实施例中,可以将进入网卡的下行数据重定向到ifb0的根队列上,由ifb0获取目的地址信息。In step 304, the downlink traffic entering the network card is forwarded to the intermediate function block device IFB, and the destination address information is obtained by the IFB. In an embodiment, the downlink data entering the network card may be redirected to the root queue of ifb0, and the destination address information is obtained by ifb0.
在步骤305中,IFB根据队列与公网地址的对应关系确定目标队列。In step 305, the IFB determines the target queue according to the correspondence between the queue and the public network address.
在步骤306中,将下行流量在目标队列的带宽限制作用下返回网卡,经网卡进行下行传输。In step 306, the downlink traffic is returned to the network card under the bandwidth limitation of the target queue, and the downlink transmission is performed via the network card.
通过这样的方法,能够将Linux中的IFB功能进行改进并应用于云主机下行流量的限流,稳定可靠,且有利于实践应用。同时,根据公网IP地址设置带宽的方式,便于设置及管理。Through such a method, the IFB function in Linux can be improved and applied to the current limit of the downlink traffic of the cloud host, which is stable and reliable, and is beneficial to practical applications. At the same time, the bandwidth is set according to the public network IP address, which is convenient for setting and management.
在一个实施例中,可以开放带宽修改功能,在用户申请公网地址时指定带宽的接口以及带宽修改的接口,方便修改队列的带宽限制。在一个实施例中,可以通过流量 控制来计费,选择的带宽越高收费越多,从而产生经济效益。In one embodiment, the bandwidth modification function can be opened, and the interface of the bandwidth and the interface of the bandwidth modification are specified when the user applies for the public network address, so that the bandwidth limitation of the queue can be easily modified. In one embodiment, traffic can be passed Controlling the billing, the higher the bandwidth selected, the more the charge, resulting in economic benefits.
在一个实施例中,可以设置默认队列,默认队列的优先级低于其他队列。当下行流量到来时,按照优先级从高到低的顺序进行公网地址的匹配。当未能匹配成功时,将默认队列确定为目标队列,在默认队列的带宽限制下进行传输。In one embodiment, a default queue can be set, with the default queue having a lower priority than the other queues. When the downlink traffic arrives, the public network address is matched in the order of priority from high to low. When the match fails, the default queue is determined as the target queue and is transmitted under the bandwidth limit of the default queue.
通过这样的方法,能够防止公网地址更新不及时造成下行流量无法传输,以及可能产生的拥塞等异常情况,保证系统的正常运行,提高系统的鲁棒性。In this way, it is possible to prevent the abnormality of the downlink traffic from being transmitted in the public network address, and the abnormal situation such as congestion, which can ensure the normal operation of the system and improve the robustness of the system.
在一个实施例中,当云主机删除公网地址时,可以删除与该公网地址有对应关系的队列,同时删除该对应关系,从而实现资源的高效利用,防止失效信息占用系统资源造成效率降低,有利于维持云主机的高效运行。In an embodiment, when the cloud host deletes the public network address, the queue corresponding to the public network address can be deleted, and the corresponding relationship is deleted, thereby effectively utilizing resources, and preventing invalid information from occupying system resources and reducing efficiency. It is beneficial to maintain the efficient operation of the cloud host.
本发明的云主机数据发送方法的一个实施例的流程图如图4所示。A flowchart of one embodiment of the cloud host data transmitting method of the present invention is shown in FIG.
在步骤401中,获取云主机上行流量的源地址信息,源地址信息为云主机的公网地址信息。In step 401, the source address information of the cloud host uplink traffic is obtained, and the source address information is the public network address information of the cloud host.
在步骤402中,将源地址信息与流表信息进行匹配,确定目标队列,其中,流表信息包括公网地址信息与队列的对应关系。每个队列预先配置有能够传输的流量的公网地址信息,且每个队列具有带宽限制。In step 402, the source address information is matched with the flow table information to determine a target queue, where the flow table information includes a correspondence between the public network address information and the queue. Each queue is pre-configured with public network address information of traffic that can be transmitted, and each queue has a bandwidth limit.
在步骤403中,基于目标队列的带宽限制,通过目标队列进行上行传输。由于目标队列具有带宽限制,因此上行流量经目标队列传输时,也需要在该队列的带宽限制下传输。In step 403, uplink transmission is performed through the target queue based on the bandwidth limitation of the target queue. Since the target queue has a bandwidth limitation, when the upstream traffic is transmitted through the target queue, it also needs to be transmitted under the bandwidth limit of the queue.
通过这样的方法,能够根据源地址为云主机的上行流量分配队列,利用队列的带宽限制实现对上行流量带宽的限制,从而实现了基于公网地址的云主机上行流量限制,防止涌入过大的流量导致网络带宽被个别用户占用,提高了云主机的稳定性。由于基于公网地址进行限速,能够区分内网流量和公网流量,从而在限速的同时充分利用内网的硬件资源,提高云主机的性能。In this way, the queue can be allocated to the upstream traffic of the cloud host according to the source address, and the bandwidth limitation of the queue can be used to limit the upstream traffic bandwidth, thereby realizing the uplink traffic restriction of the cloud host based on the public network address, thereby preventing excessive flooding. The traffic causes the network bandwidth to be occupied by individual users, which improves the stability of the cloud host. Because the rate limit is based on the public network address, the internal network traffic and the public network traffic can be distinguished, so that the hardware resources of the internal network can be fully utilized while the speed limit is increased, thereby improving the performance of the cloud host.
本发明的云主机数据发送方法的另一个实施例的流程图如图5所示。A flowchart of another embodiment of the cloud host data transmitting method of the present invention is shown in FIG.
在步骤501中,云主机的网桥获取上行流量的源地址信息。In step 501, the bridge of the cloud host obtains source address information of the uplink traffic.
在步骤502中,网桥将源地址信息与网桥中的流表信息进行匹配,确定QoS功能模块中的目标队列。在一个实施例中,在QoS功能模块中可以配置有多个队列,队列的出口绑定网桥的上行端口,且每个队列具有带宽限制信息。In step 502, the bridge matches the source address information with the flow table information in the bridge to determine the target queue in the QoS function module. In an embodiment, multiple queues may be configured in the QoS function module, and the egress of the queue is bound to the uplink port of the bridge, and each queue has bandwidth limitation information.
在步骤503中,调用QoS功能模块,将上行流量在QoS功能模块的目标队列的 带宽限制作用下经上行端口进行上行传输。In step 503, the QoS function module is invoked, and the uplink traffic is in the target queue of the QoS function module. Uplink transmission is performed via the uplink port under the bandwidth limitation.
QoS功能模块是OpenvSwitch提供的一个功能接口。OpenvSwitch是一款虚拟交换软件,主要用于虚拟机VM环境,作为一个虚拟交换机,支持多种虚拟化技术,它在虚拟机领域能很好的支持上行流量的控制,但对下行流量的限制效果不理想。通过将QoS功能模块整合到云平台,能够很好的应用其上行流量控制功能,提高了实现的效率,保证了实现效果,且有利于实践应用。The QoS function module is a functional interface provided by OpenvSwitch. OpenvSwitch is a virtual switching software. It is mainly used in the virtual machine VM environment. As a virtual switch, it supports multiple virtualization technologies. It can support the control of upstream traffic in the virtual machine domain, but it has limited effect on downstream traffic. not ideal. By integrating the QoS function module into the cloud platform, the uplink traffic control function can be well applied, the implementation efficiency is improved, the implementation effect is ensured, and the application is facilitated.
在一个实施例中,可以开放带宽修改功能,在用户申请公网地址时指定带宽的接口以及带宽修改的接口,方便修改队列带宽限制。在一个实施例中,可以通过流量控制来计费,选择的带宽越高收费越多,从而产生经济效益。In an embodiment, the bandwidth modification function can be opened, and the interface of the bandwidth and the interface of the bandwidth modification are specified when the user applies for the public network address, so that the bandwidth limitation of the queue can be easily modified. In one embodiment, billing can be performed by flow control, and the higher the bandwidth selected, the more the charge, resulting in economic benefits.
本发明的云主机数据发送方法的又一个实施例的流程图如图6所示。A flowchart of still another embodiment of the cloud host data transmitting method of the present invention is shown in FIG. 6.
在步骤601中,将云主机的网桥绑定QoS功能模块,当上行流量到来时,会调用QoS功能模块。In step 601, the bridge of the cloud host is bound to the QoS function module, and when the uplink traffic arrives, the QoS function module is called.
在步骤602中,在QoS功能模块中生成队列,为每个队列设置TC分类,通过TC分类指定带宽限制信息。在一个实施例中,可以根据上行带宽需求设置多个队列。在一个实施例中,可以先在网卡上添加QoS根队列,并设定可以使用的总带宽为网卡的最大带宽;进而在根队列下添加多个子队列,并设定每个子队列对应一个TC分类,由TC分类指定最大带宽、最低保证的带宽等,每个子队列可以对应不同带宽。In step 602, a queue is generated in the QoS function module, a TC classification is set for each queue, and bandwidth limitation information is specified by the TC classification. In one embodiment, multiple queues can be set according to upstream bandwidth requirements. In an embodiment, the QoS root queue may be added to the NIC first, and the total bandwidth that can be used is set to be the maximum bandwidth of the NIC; further, multiple subqueues are added under the root queue, and one TC classification corresponding to each subqueue is set. The TC classifies the maximum bandwidth, the minimum guaranteed bandwidth, etc., and each sub-queue can correspond to different bandwidths.
在步骤603中,在网桥中添加流表信息,流表信息中包括云主机的公网地址与队列的对应关系。在一个实施例中,可以给网桥br-ex添加流表,该流表根据源地址匹配数据包,让匹配数据包通过目标队列,因为队列设定了最高速率,所以可以达到限流的目的。当有多个公网IP使用时,添加多条这样的流表,每条流标指向对应的QoS队列。In step 603, the flow table information is added to the bridge, where the flow table information includes the correspondence between the public network address of the cloud host and the queue. In one embodiment, a flow table can be added to the bridge br-ex, the flow table matches the data packet according to the source address, and the matching data packet passes through the target queue. Because the queue sets the highest rate, the flow restriction can be achieved. . When there are multiple public network IPs, multiple such flow tables are added, and each flow label points to the corresponding QoS queue.
在步骤604中,云主机的网桥获取上行流量的源地址信息。In step 604, the bridge of the cloud host obtains source address information of the uplink traffic.
在步骤605中,将源地址信息与网桥中的流表信息进行匹配,确定目标队列。In step 605, the source address information is matched with the flow table information in the bridge to determine the target queue.
在步骤606中,调用QoS功能模块,将上行流量在QoS功能模块的目标队列的带宽限制作用下经上行端口进行上行传输。In step 606, the QoS function module is invoked to perform uplink transmission on the uplink port under the bandwidth limitation of the target queue of the QoS function module.
通过这样的方法,能够将OVS中的QoS功能模块进行改进并应用于云主机上行流量的带宽限制,稳定可靠,且有利于实践应用。Through such a method, the QoS function module in the OVS can be improved and applied to the bandwidth limitation of the uplink traffic of the cloud host, which is stable and reliable, and is beneficial for practical applications.
在一个实施例中,可以设置默认队列,默认队列的优先级低于其他队列。当上行 流量到来时,按照优先级的高低进行公网地址的匹配。当未能匹配成功时,将默认队列确定为目标队列,在默认队列的带宽限制下进行传输。In one embodiment, a default queue can be set, with the default queue having a lower priority than the other queues. When going up When the traffic arrives, the public network address is matched according to the priority. When the match fails, the default queue is determined as the target queue and is transmitted under the bandwidth limit of the default queue.
通过这样的方法,能够防止公网地址更新不及时造成下行流量无法传输,以及可能产生的拥塞等异常情况,保证系统的正常运行,提高系统的鲁棒性。In this way, it is possible to prevent the abnormality of the downlink traffic from being transmitted in the public network address, and the abnormal situation such as congestion, which can ensure the normal operation of the system and improve the robustness of the system.
在一个实施例中,当云主机删除公网地址时,可以删除与该公网地址有对应关系的队列,同时删除与该公网地址相关的流表条目,从而实现资源的高效利用,防止失效信息占用系统资源造成的效率降低,有利于维持云主机的高效运行。In an embodiment, when the cloud host deletes the public network address, the queue corresponding to the public network address can be deleted, and the flow table entry related to the public network address is deleted, thereby effectively utilizing resources and preventing invalidation. The reduced efficiency caused by the information occupied by the system resources is conducive to maintaining the efficient operation of the cloud host.
本发明的云主机数据传输方法可以包括上文中提到的任意一种云主机数据发送方法、云主机数据接收方法。在一个实施例中,如图7所示。The cloud host data transmission method of the present invention may include any one of the cloud host data transmission methods and the cloud host data reception method mentioned above. In one embodiment, as shown in FIG.
在701中,下行流量到达网卡。In 701, the downstream traffic arrives at the network card.
在702中,网卡将流量重定向到IFB。IFB会提取下行流量的目的地址,然后根据预先设置的队列与公网地址的对应关系确定目标队列,通过TC功能实现带宽限制。In 702, the NIC redirects traffic to the IFB. The IFB extracts the destination address of the downstream traffic, and then determines the target queue according to the corresponding relationship between the preset queue and the public network address, and implements the bandwidth limitation by using the TC function.
在703中,IFB返回下行流量。由于在IFB中实现了下行流量带宽的限制,因此,返回网卡的流量也能够实现下行流量带宽限制。In 703, the IFB returns downstream traffic. Since the downlink traffic bandwidth is limited in the IFB, the traffic returning to the NIC can also achieve the downstream traffic bandwidth limitation.
在704中,网桥收到上行流量。At 704, the bridge receives upstream traffic.
在705中,网桥根据上行流量的源地址,基于流表信息进行地址匹配,确定目标队列,调用QoS功能模块,利用QoS功能模块中目标队列的带宽限制实现对上行流量带宽的限制。In 705, the bridge performs address matching based on the flow table information according to the source address of the upstream traffic, determines the target queue, invokes the QoS function module, and uses the bandwidth limitation of the target queue in the QoS function module to implement the limitation of the upstream traffic bandwidth.
在706中,将经过目标队列带宽限制的上行流量经上行网卡接口发往外网。In 706, the uplink traffic that is limited by the target queue bandwidth is sent to the external network through the uplink network interface.
目前OpenStack并没有提供较好的双向限速方法。通过这样的方法,针对公网IP地址进行流量限制,主机可以通过使用设定了带宽的公网IP达到限流的目的,增加了云主机带宽限流的灵活性,很好的实现了基于公网地址的云主机双向限速功能,能够区分内网流量和公网流量,从而在限速的同时充分利用内网的硬件资源,提高云主机的性能。Currently OpenStack does not provide a good two-way speed limit method. In this way, the traffic restriction is performed on the IP address of the public network, and the host can achieve the purpose of limiting the current by using the public IP address with the bandwidth set, thereby increasing the flexibility of the bandwidth limitation of the cloud host, which is well implemented based on the public. The two-way speed limit function of the cloud host of the network address can distinguish between intranet traffic and public network traffic, so as to fully utilize the hardware resources of the intranet and improve the performance of the cloud host while limiting the speed.
本发明的云主机数据接收装置的一个实施例的示意图如图8所示。其中,目的地址获取模块801能够获取云主机下行流量的目的地址信息,目的地址信息为云主机的公网地址信息。目标队列确定模块802能够基于队列与公网地址的对应关系,根据目的地址信息确定目标队列。每个队列预先配置有能够传输的流量的公网地址信息,且每个队列具有带宽限制。在一个实施例中,可以采用流表匹配的方式进行目标队列的 确定,流表中包括公网地址与队列的对应关系。下行传输模块803能够基于目标队列的带宽限制,通过目标队列进行下行传输。由于目标队列具有带宽限制,因此下行流量经目标队列传输时,也需要在该队列的带宽限制下传输。A schematic diagram of one embodiment of the cloud host data receiving apparatus of the present invention is shown in FIG. The destination address obtaining module 801 can obtain the destination address information of the downlink traffic of the cloud host, and the destination address information is the public network address information of the cloud host. The target queue determination module 802 can determine the target queue based on the destination address information based on the correspondence between the queue and the public network address. Each queue is pre-configured with public network address information of traffic that can be transmitted, and each queue has a bandwidth limit. In one embodiment, the target queue can be performed by means of flow table matching. It is determined that the flow table includes the correspondence between the public network address and the queue. The downlink transmission module 803 can perform downlink transmission through the target queue based on the bandwidth limitation of the target queue. Since the target queue has a bandwidth limit, when the downstream traffic is transmitted through the target queue, it also needs to be transmitted under the bandwidth limit of the queue.
这样的装置能够根据目的地址为云主机的下行流量分配队列,利用队列的带宽限制实现对下行流量带宽的限制,从而实现了基于公网地址的云主机下行流量限制,防止涌入过大的流量导致网络带宽被个别用户占用,提高了云主机的稳定性。由于基于公网地址进行限速,能够区分内网流量和公网流量,从而在限速的同时充分利用内网的硬件资源,提高云主机的性能。Such a device can allocate a queue for the downlink traffic of the cloud host according to the destination address, and use the bandwidth limitation of the queue to implement the limitation of the downlink traffic bandwidth, thereby implementing the downlink traffic restriction of the cloud host based on the public network address, and preventing the influx of excessive traffic. The network bandwidth is occupied by individual users, which improves the stability of the cloud host. Because the rate limit is based on the public network address, the internal network traffic and the public network traffic can be distinguished, so that the hardware resources of the internal network can be fully utilized while the speed limit is increased, thereby improving the performance of the cloud host.
在一个实施例中,目的地址获取模块801能够在IFB获取进入网卡的下行流量,并由IFB获取目的地址信息。目标队列确定模块802能够在IFB根据队列与公网地址的对应关系确定目标队列。在一个实施例中,在IFB中可配置有多个队列,目标队列具有带宽限制信息,可以通过队列与地址的对应关系确定下行流量的目标队列。下行传输模块803能够将下行流量在目标队列的带宽限制作用下返回网卡,经网卡进行下行传输。In an embodiment, the destination address obtaining module 801 can obtain the downlink traffic entering the network card at the IFB, and obtain the destination address information by the IFB. The target queue determination module 802 can determine the target queue based on the correspondence between the IFB and the public network address. In an embodiment, multiple queues may be configured in the IFB, and the target queue has bandwidth limitation information, and the target queue of the downlink traffic may be determined by the correspondence between the queue and the address. The downlink transmission module 803 can return the downlink traffic to the network card under the bandwidth limitation of the target queue, and perform downlink transmission through the network card.
这样的装置利用Linux中的IFB功能进行改进,实现云主机下行流量的带宽限制,有利于实施应用。Such a device is improved by using the IFB function in Linux to realize the bandwidth limitation of the downstream traffic of the cloud host, which is advantageous for implementing the application.
本发明的云主机数据接收装置的另一个实施例的示意图如图9所示。其中,目的地址获取模块901、目标队列确定模块902和下行传输模块903的结构和功能与图8的实施例中相似。云主机数据接收装置还包括网卡连接模块904、下行队列生成模块905和对应关系生成模块906。其中,网卡连接模块904能够将云主机的网卡与IFB连接,从而在下行流量到来时,便于将流量重定向到IFB。下行队列生成模块905能够在IFB中添加TC规则,通过TC规则设置队列,且指定每个队列的带宽限制信息。在一个实施例中,可以根据下行带宽需求设置多个队列。对应关系生成模块906能够在IFB中建立队列与公网地址的对应关系。A schematic diagram of another embodiment of the cloud host data receiving apparatus of the present invention is shown in FIG. The structure and function of the destination address obtaining module 901, the target queue determining module 902, and the downlink transmitting module 903 are similar to those in the embodiment of FIG. The cloud host data receiving device further includes a network card connection module 904, a downlink queue generation module 905, and a correspondence relationship generation module 906. The network card connection module 904 can connect the network card of the cloud host with the IFB, so that when the downlink traffic arrives, it is convenient to redirect the traffic to the IFB. The downlink queue generation module 905 can add a TC rule in the IFB, set a queue through the TC rule, and specify bandwidth limitation information for each queue. In one embodiment, multiple queues can be set according to downstream bandwidth requirements. The correspondence generation module 906 can establish a correspondence between the queue and the public network address in the IFB.
这样的装置能够将Linux中的IFB功能进行改进并应用于云主机下行流量的限流,稳定可靠,且有利于实践应用。Such a device can improve the IFB function in Linux and apply it to the current limit of the downlink traffic of the cloud host, which is stable and reliable, and is beneficial for practical applications.
在一个实施例中,队列中包括默认队列,默认队列的优先级低于其他队列。当下行流量到来时,目标队列确定模块能够按照优先级从高到低的顺序进行公网地址的匹配。当未能匹配成功时,将默认队列确定为目标队列,在默认队列的带宽限制下进行 传输。In one embodiment, the queue includes a default queue, and the default queue has a lower priority than the other queues. When the downlink traffic arrives, the target queue determining module can match the public network address in descending order of priority. When the match fails, the default queue is determined as the target queue, which is performed under the bandwidth limit of the default queue. transmission.
这样的装置能够防止公网地址更新不及时造成下行流量无法传输,以及可能产生的拥塞等异常情况,保证系统的正常运行,提高系统的鲁棒性。Such a device can prevent the abnormality of the downlink traffic from being transmitted in the public network address, and the abnormal situation such as congestion, which can ensure the normal operation of the system and improve the robustness of the system.
在一个实施例中,云主机数据接收装置还包括删除模块,能够在云主机删除公网地址时删除与该公网地址有对应关系的队列,同时删除该对应关系,从而实现资源的高效利用,防止失效信息占用系统资源造成的效率降低,有利于维持云主机的高效运行。In an embodiment, the cloud host data receiving device further includes a deleting module, which is capable of deleting a queue corresponding to the public network address when the cloud host deletes the public network address, and deleting the corresponding relationship, thereby realizing efficient use of resources. Preventing the failure information from consuming the system resources and reducing the efficiency is beneficial to maintaining the efficient operation of the cloud host.
本发明的云主机数据发送装置的一个实施例的示意图如图10所示。其中,源地址获取模块1001用于获取云主机上行流量的源地址信息,源地址信息为云主机的公网地址信息。目标队列确定模块1002用于将源地址信息与流表信息进行匹配,确定目标队列,其中,流表信息包括公网地址信息与队列的对应关系。每个队列预先配置有能够传输的流量的公网地址信息,且每个队列具有带宽限制。上行传输模块1003用于基于目标队列的带宽限制,通过目标队列进行上行传输。由于目标队列具有带宽限制,因此上行流量经目标队列传输时,也需要在该队列的带宽限制下传输。A schematic diagram of one embodiment of the cloud host data transmitting apparatus of the present invention is shown in FIG. The source address obtaining module 1001 is configured to obtain source address information of the cloud host uplink traffic, where the source address information is public network address information of the cloud host. The target queue determining module 1002 is configured to match the source address information with the flow table information to determine a target queue, where the flow table information includes a correspondence between the public network address information and the queue. Each queue is pre-configured with public network address information of traffic that can be transmitted, and each queue has a bandwidth limit. The uplink transmission module 1003 is configured to perform uplink transmission through the target queue based on the bandwidth limitation of the target queue. Since the target queue has a bandwidth limitation, when the upstream traffic is transmitted through the target queue, it also needs to be transmitted under the bandwidth limit of the queue.
这样的装置能够根据源地址为云主机的上行流量分配队列,利用队列的带宽限制实现对上行流量带宽的限制,从而实现了基于公网地址的云主机上行流量限制,防止涌入过大的流量导致网络带宽被个别用户占用,提高了云主机的稳定性。由于基于公网地址进行限速,能够区分内网流量和公网流量,从而在限速的同时充分利用内网的硬件资源,提高云主机的性能。Such a device can allocate a queue for the upstream traffic of the cloud host according to the source address, and use the bandwidth limitation of the queue to limit the bandwidth of the upstream traffic, thereby implementing the uplink traffic restriction of the cloud host based on the public network address, and preventing the influx of excessive traffic. The network bandwidth is occupied by individual users, which improves the stability of the cloud host. Because the rate limit is based on the public network address, the internal network traffic and the public network traffic can be distinguished, so that the hardware resources of the internal network can be fully utilized while the speed limit is increased, thereby improving the performance of the cloud host.
在一个实施例中,源地址获取模块1001能够在云主机的网桥获取上行流量的源地址信息。目标队列确定模块1002能够通过网桥将源地址信息与网桥中的流表信息进行匹配,确定QoS功能模块中的目标队列。在一个实施例中,在QoS功能模块中可以配置有多个队列,队列的出口绑定网桥的上行端口,且每个队列具有带宽限制信息。上行传输模块1003能够调用QoS功能模块,将上行流量在QoS功能模块的目标队列的带宽限制作用下经上行端口进行上行传输。In an embodiment, the source address obtaining module 1001 can obtain source address information of the uplink traffic at the bridge of the cloud host. The target queue determination module 1002 can match the source address information with the flow table information in the bridge through the bridge to determine the target queue in the QoS function module. In an embodiment, multiple queues may be configured in the QoS function module, and the egress of the queue is bound to the uplink port of the bridge, and each queue has bandwidth limitation information. The uplink transmission module 1003 can invoke the QoS function module to perform uplink transmission on the uplink port under the bandwidth limitation of the target queue of the QoS function module.
这样的装置将QoS功能模块整合到云平台能够很好的应用其上行流量控制功能,提高了实现的效率,保证了实现效果,且有利于实践应用。Such a device integrates the QoS function module into the cloud platform, which can well apply its upstream flow control function, improve the efficiency of implementation, ensure the realization effect, and is beneficial to practical applications.
本发明的云主机数据发送装置的另一个实施例的示意图如图11所示。其中,源地址获取模块1101、目标队列确定模块1102和上行传输模块1103的结构和功能与图 10的实施例中相似。云主机数据发送装置还包括网桥绑定模块1104、上行队列生成模块1105和流表添加模块1106。网桥绑定模块1104能够将云主机的网桥绑定QoS功能模块,当上行流量到来时,会调用QoS功能模块。上行队列生成模块1105能够在QoS功能模块中生成队列,为每个队列设置TC分类,通过TC分类指定带宽限制信息。在一个实施例中,可以根据上行带宽需求设置多个队列。流表添加模块1106能够在网桥中添加流表信息,流表信息中包括云主机的公网地址与队列的对应关系。A schematic diagram of another embodiment of the cloud host data transmitting apparatus of the present invention is shown in FIG. The structure, function, and function of the source address obtaining module 1101, the target queue determining module 1102, and the uplink transmitting module 1103 Similar in the embodiment of 10. The cloud host data sending apparatus further includes a bridge binding module 1104, an uplink queue generating module 1105, and a flow table adding module 1106. The bridge binding module 1104 can bind the bridge of the cloud host to the QoS function module, and when the uplink traffic arrives, the QoS function module is called. The uplink queue generation module 1105 can generate a queue in the QoS function module, set a TC classification for each queue, and specify bandwidth limitation information by the TC classification. In one embodiment, multiple queues can be set according to upstream bandwidth requirements. The flow table adding module 1106 can add flow table information to the bridge, where the flow table information includes the correspondence between the public network address of the cloud host and the queue.
这样的装置将OpenvSwitch中的QoS功能模块进行改进并应用于云主机上行流量的带宽限制,稳定可靠,且有利于实践应用。Such a device improves the QoS function module in the OpenvSwitch and applies it to the bandwidth limitation of the uplink traffic of the cloud host, is stable and reliable, and is beneficial for practical applications.
在一个实施例中,可以设置默认队列,默认队列的优先级低于其他队列。当上行流量到来时,目标队列确定模块按照优先级的高低进行公网地址的匹配。当未能匹配成功时,将默认队列确定为目标队列,在默认队列的带宽限制下进行传输。In one embodiment, a default queue can be set, with the default queue having a lower priority than the other queues. When the uplink traffic arrives, the target queue determining module performs matching of the public network address according to the priority level. When the match fails, the default queue is determined as the target queue and is transmitted under the bandwidth limit of the default queue.
这样的装置能够防止公网地址更新不及时的情况下造成下行流量无法传输,以及可能产生的拥塞等异常情况,保证系统的正常运行,提高系统的鲁棒性。Such a device can prevent the downlink traffic from being transmitted, and the abnormal situation such as congestion, which can prevent the normal operation of the system and improve the robustness of the system.
在一个实施例中,云主机数据发送装置还包括删除模块,能够在云主机删除公网地址时删除与该公网地址有对应关系的队列,同时删除与该公网地址相关的流表条目,从而实现资源的高效利用,防止失效信息占用系统资源造成的效率降低,有利于维持云主机的高效运行。In an embodiment, the cloud host data sending device further includes a deleting module, which can delete a queue corresponding to the public network address when the cloud host deletes the public network address, and delete the flow table entry related to the public network address. Thereby, the efficient use of resources is realized, and the efficiency reduction caused by the failure information occupying system resources is prevented, and the efficient operation of the cloud host is maintained.
本发明的云主机数据传输装置可以包括上文中提到的任意一种云主机数据发送装置、云主机数据接收装置。在一个实施例中,如图12所示,云主机数据传输装置包括云主机数据接收装置1200和云主机数据发送装置1210。云主机数据接收装置1200包括目的地址获取模块1201、目标队列确定模块1202和下行传输模块1203;云主机数据发送装置1210包括源地址获取模块1211、目标队列确定模块1212和上行传输模块1213。云主机数据接收装置1200能够实现基于公网地址的下行流量带宽限制;云主机数据发送装置1210能够实现基于公网地址的上行流量带宽限制。The cloud host data transmission device of the present invention may include any one of the cloud host data transmitting devices and the cloud host data receiving device mentioned above. In one embodiment, as shown in FIG. 12, the cloud host data transmission device includes a cloud host data receiving device 1200 and a cloud host data transmitting device 1210. The cloud host data receiving device 1200 includes a destination address obtaining module 1201, a target queue determining module 1202, and a downlink transmitting module 1203. The cloud host data transmitting device 1210 includes a source address obtaining module 1211, a target queue determining module 1212, and an uplink transmitting module 1213. The cloud host data receiving apparatus 1200 can implement a downlink traffic bandwidth limitation based on a public network address; the cloud host data transmitting apparatus 1210 can implement an uplink traffic bandwidth limitation based on a public network address.
这样的装置能够根据目的地址为云主机的下行流量分配队列,利用队列的带宽限制实现对下行流量带宽的限制;且能够根据源地址为云主机的上行流量分配队列,利用队列的带宽限制实现对上行流量带宽的限制,从而实现了基于公网地址的云主机双向流量带宽限制,防止涌入过大的流量导致网络带宽被个别用户占用,提高了云主机的稳定性。 Such a device can allocate a queue for the downlink traffic of the cloud host according to the destination address, and use the bandwidth limitation of the queue to implement the limitation of the downlink traffic bandwidth; and can allocate a queue according to the source address for the uplink traffic of the cloud host, and implement the bandwidth limitation by using the bandwidth of the queue. The limitation of the upstream traffic bandwidth, which realizes the bidirectional traffic bandwidth limitation of the cloud host based on the public network address, prevents the influx of excessive traffic, and the network bandwidth is occupied by individual users, thereby improving the stability of the cloud host.
本发明的云主机数据传输装置的另一个实施例的示意图如图13所示,包括存储器1301和处理器1302。其中:A schematic diagram of another embodiment of the cloud host data transmission apparatus of the present invention is shown in FIG. 13, and includes a memory 1301 and a processor 1302. among them:
存储器1301可以是磁盘、闪存或其它任何非易失性存储介质。存储器1301用于存储系统的运行指令、队列、带宽限制、流表信息等。Memory 1301 can be a magnetic disk, flash memory, or any other non-volatile storage medium. The memory 1301 is used to store running instructions, queues, bandwidth limits, flow table information, and the like of the system.
处理器1302耦接至存储器1301,可以作为一个或多个集成电路来实施,例如微处理器或微控制器。该处理器1302用于执行存储器中存储的指令,进而实现数据运算、传输等。The processor 1302 is coupled to the memory 1301 and can be implemented as one or more integrated circuits, such as a microprocessor or a microcontroller. The processor 1302 is configured to execute instructions stored in the memory, thereby implementing data operations, transmissions, and the like.
在一个实施例中,还可以如图14所示,1400为云主机数据传输装置,包括存储器1401和处理器1402。处理器1402可以包括处理器1402a、1402b…1402n。处理器1402a-1402n通过BUS总线1403耦合至存储器1401。基于分布式结构的系统能够进行快速运算,提高了运行效率。云主机数据传输装置1400还可以通过存储接口1404连接至外部存储装置1405以便调用外部数据或将数据转移到外部存储装置1405,还可以通过网络接口1406连接至网络或者另外一台计算机系统(未标出)。此处不再进行详细介绍。In one embodiment, as shown in FIG. 14, 1400 is a cloud host data transmission device, including a memory 1401 and a processor 1402. Processor 1402 can include processors 1402a, 1402b...1402n. Processors 1402a-1402n are coupled to memory 1401 via BUS bus 1403. Systems based on distributed architectures enable fast calculations and improved operational efficiency. The cloud host data transmission device 1400 can also be connected to the external storage device 1405 through the storage interface 1404 to invoke external data or transfer data to the external storage device 1405, and can also be connected to the network or another computer system through the network interface 1406 (not labeled Out). It will not be described in detail here.
在该实施例中,通过存储器存储数据指令,再通过处理器处理上述指令,能够实现基于公网地址的云主机双向流量带宽限制,防止涌入过大的流量导致网络带宽被个别用户占用,提高了云主机的稳定性。In this embodiment, by storing the data instruction in the memory and processing the above instruction by the processor, the bidirectional traffic bandwidth limitation of the cloud host based on the public network address can be implemented, and the intrusion of excessive traffic is prevented, so that the network bandwidth is occupied by individual users, thereby improving The stability of the cloud host.
在又一个实施例中,一种计算机可读存储介质,其上存储有计算机程序指令,该指令被处理器执行时实现云主机数据传输方法对应实施例中的方法的步骤。本领域内的技术人员应明白,本申请的实施例可提供为方法、装置、或计算机程序产品。因此,本申请可采用完全硬件实施例、完全软件实施例、或结合软件和硬件方面的实施例的形式。而且,本申请可采用在一个或多个其中包含有计算机可用程序代码的计算机可用非瞬时性存储介质(包括但不限于磁盘存储器、CD-ROM、光学存储器等)上实施的计算机程序产品的形式。In still another embodiment, a computer readable storage medium having stored thereon computer program instructions that, when executed by a processor, implement the steps of a method in a cloud host data transfer method corresponding to an embodiment. Those skilled in the art will appreciate that embodiments of the present application can be provided as a method, apparatus, or computer program product. Thus, the present application can take the form of an entirely hardware embodiment, an entirely software embodiment, or an embodiment in combination of software and hardware. Moreover, the application can take the form of a computer program product embodied on one or more computer-usable non-transitory storage media (including but not limited to disk storage, CD-ROM, optical storage, etc.) .
本发明是参照根据本发明实施例的方法、设备(系统)和计算机程序产品的流程图和/或方框图来描述的。应理解可由计算机程序指令实现流程图和/或方框图中的每一流程和/或方框以及流程图和/或方框图中的流程和/或方框的结合。可提供这些计算机程序指令到通用计算机、专用计算机、嵌入式处理机或其他可编程数据处理设备的处理器以产生一个机器,使得通过计算机或其他可编程数据处理设备的处理器 执行的指令产生用于实现在流程图一个流程或多个流程和/或方框图一个方框或多个方框中指定的功能的装置。The present invention has been described with reference to flowchart illustrations and/or block diagrams of methods, apparatus (system) and computer program products according to embodiments of the invention. It will be understood that each flow and/or block of the flowchart illustrations and/or FIG. These computer program instructions can be provided to a processor of a general purpose computer, a special purpose computer, an embedded processor, or other programmable data processing device to produce a machine such that a processor through a computer or other programmable data processing device The executed instructions produce means for implementing the functions specified in one or more blocks of the flowchart or in a block or blocks of the flowchart.
这些计算机程序指令也可存储在能引导计算机或其他可编程数据处理设备以特定方式工作的计算机可读存储器中,使得存储在该计算机可读存储器中的指令产生包括指令装置的制造品,该指令装置实现在流程图一个流程或多个流程和/或方框图一个方框或多个方框中指定的功能。The computer program instructions can also be stored in a computer readable memory that can direct a computer or other programmable data processing device to operate in a particular manner, such that the instructions stored in the computer readable memory produce an article of manufacture comprising the instruction device. The apparatus implements the functions specified in one or more blocks of a flow or a flow and/or block diagram of the flowchart.
这些计算机程序指令也可装载到计算机或其他可编程数据处理设备上,使得在计算机或其他可编程设备上执行一系列操作步骤以产生计算机实现的处理,从而在计算机或其他可编程设备上执行的指令提供用于实现在流程图一个流程或多个流程和/或方框图一个方框或多个方框中指定的功能的步骤。These computer program instructions can also be loaded onto a computer or other programmable data processing device such that a series of operational steps are performed on a computer or other programmable device to produce computer-implemented processing for execution on a computer or other programmable device. The instructions provide steps for implementing the functions specified in one or more of the flow or in a block or blocks of a flow diagram.
至此,已经详细描述了本发明。为了避免遮蔽本发明的构思,没有描述本领域所公知的一些细节。本领域技术人员根据上面的描述,完全可以明白如何实施这里公开的技术方案。So far, the present invention has been described in detail. In order to avoid obscuring the concepts of the present invention, some details known in the art are not described. Those skilled in the art can fully understand how to implement the technical solutions disclosed herein according to the above description.
可能以许多方式来实现本发明的方法以及装置。例如,可通过软件、硬件、固件或者软件、硬件、固件的任何组合来实现本发明的方法以及装置。用于所述方法的步骤的上述顺序仅是为了进行说明,本发明的方法的步骤不限于以上具体描述的顺序,除非以其它方式特别说明。此外,在一些实施例中,还可将本发明实施为记录在记录介质中的程序,这些程序包括用于实现根据本发明的方法的机器可读指令。因而,本发明还覆盖存储用于执行根据本发明的方法的程序的记录介质。The method and apparatus of the present invention may be implemented in a number of ways. For example, the methods and apparatus of the present invention can be implemented in software, hardware, firmware, or any combination of software, hardware, and firmware. The above-described sequence of steps for the method is for illustrative purposes only, and the steps of the method of the present invention are not limited to the order specifically described above unless otherwise specifically stated. Moreover, in some embodiments, the invention may also be embodied as a program recorded in a recording medium, the program comprising machine readable instructions for implementing the method according to the invention. Thus, the invention also covers a recording medium storing a program for performing the method according to the invention.
最后应当说明的是:以上实施例仅用以说明本发明的技术方案而非对其限制;尽管参照较佳实施例对本发明进行了详细的说明,所属领域的普通技术人员应当理解:依然可以对本发明的具体实施方式进行修改或者对部分技术特征进行等同替换;而不脱离本发明技术方案的精神,其均应涵盖在本发明请求保护的技术方案范围当中。 It should be noted that the above embodiments are only used to illustrate the technical solutions of the present invention and are not intended to be limiting; although the present invention has been described in detail with reference to the preferred embodiments, those skilled in the art should understand that The invention is not limited to the spirit of the technical solutions of the present invention, and should be included in the scope of the technical solutions claimed in the present invention.

Claims (24)

  1. 一种云主机数据接收方法,包括:A cloud host data receiving method includes:
    获取云主机下行流量的目的地址信息,所述目的地址信息为所述云主机的公网地址信息;Obtaining destination address information of the downlink traffic of the cloud host, where the destination address information is public network address information of the cloud host;
    基于队列与所述公网地址的对应关系,根据所述目的地址信息确定目标队列;Determining a target queue according to the destination address information based on a correspondence between the queue and the public network address;
    基于所述目标队列的带宽限制,通过所述目标队列进行下行传输。Downlink transmission is performed through the target queue based on a bandwidth limit of the target queue.
  2. 根据权利要求1所述的方法,其中,The method of claim 1 wherein
    所述获取云主机下行流量的目的地址信息包括:The obtaining destination address information of the downlink traffic of the cloud host includes:
    中间功能块装置IFB获取进入网卡的所述下行流量,并获取所述目的地址信息;The intermediate function block device IFB acquires the downlink traffic entering the network card, and acquires the destination address information;
    所述基于队列与所述公网地址的对应关系,根据所述目的地址信息确定目标队列包括:Determining, according to the correspondence between the queue and the public network address, determining the target queue according to the destination address information includes:
    所述IFB根据队列与所述公网地址的对应关系确定所述目标队列,其中,所述目标队列具有所述带宽限制信息;Determining, by the IFB, the target queue according to a correspondence between a queue and the public network address, where the target queue has the bandwidth limitation information;
    所述基于所述目标队列的带宽限制,通过所述目标队列进行下行传输包括:The downlink transmission by using the target queue based on the bandwidth limitation of the target queue includes:
    将所述下行流量在所述目标队列的带宽限制作用下返回所述网卡,经所述网卡进行下行传输。And downlinking the downlink traffic to the network card under the bandwidth limitation of the target queue, and performing downlink transmission by using the network card.
  3. 根据权利要求2所述的方法,还包括:The method of claim 2 further comprising:
    将所述云主机的网卡与所述IFB连接;Connecting a network card of the cloud host to the IFB;
    在所述IFB中添加TC规则,通过所述TC规则设置队列,且指定每个所述队列的带宽限制信息;Adding a TC rule to the IFB, setting a queue by using the TC rule, and specifying bandwidth limitation information of each of the queues;
    在所述IFB中建立所述队列与所述公网地址的对应关系。Establishing a correspondence between the queue and the public network address in the IFB.
  4. 根据权利要求1~3中任意一项所述的方法,还包括:The method according to any one of claims 1 to 3, further comprising:
    若基于队列与所述公网地址的对应关系,根据所述目的地址信息未能确定目标队列,则选取预定默认队列作为目标队列。 If the target queue is not determined according to the destination address information based on the correspondence between the queue and the public network address, the predetermined default queue is selected as the target queue.
  5. 根据权利要求1~3中任意一项所述的方法,还包括:当删除所述云主机的公网地址时,删除与所述公网地址匹配的目标队列,且删除所述公网地址与所述队列的对应关系。The method according to any one of claims 1 to 3, further comprising: when deleting the public network address of the cloud host, deleting a target queue that matches the public network address, and deleting the public network address and Correspondence of the queues.
  6. 一种云主机数据发送方法,包括:A cloud host data sending method includes:
    获取云主机上行流量的源地址信息,所述源地址信息为所述云主机的公网地址信息;Obtaining source address information of the cloud host uplink traffic, where the source address information is public network address information of the cloud host;
    将所述源地址信息与流表信息进行匹配,确定目标队列,其中,所述流表信息包括所述公网地址信息与所述队列的对应关系;Matching the source address information with the flow table information to determine a target queue, where the flow table information includes a correspondence between the public network address information and the queue;
    基于所述目标队列的带宽限制,通过所述目标队列进行上行传输。Uplink transmission is performed through the target queue based on a bandwidth limit of the target queue.
  7. 根据权利要求6所述的方法,其中,The method of claim 6 wherein
    所述获取云主机上行流量的源地址信息包括:The source address information of obtaining the uplink traffic of the cloud host includes:
    所述云主机的网桥获取所述上行流量的源地址信息;The bridge of the cloud host acquires source address information of the uplink traffic;
    所述将所述源地址信息与流表信息进行匹配,确定目标队列包括:The matching the source address information with the flow table information, and determining the target queue includes:
    所述网桥将所述源地址信息与所述网桥中的流表信息进行匹配,确定QoS功能模块中的目标队列,其中,所述队列的出口绑定网桥的上行端口,且每个队列具有带宽限制信息;The bridge matches the source address information with the flow table information in the bridge to determine a target queue in the QoS function module, where the outlet of the queue is bound to an uplink port of the bridge, and each The queue has bandwidth limit information;
    所述基于所述目标队列的带宽限制,通过所述目标队列进行上行传输包括:The uplink transmission by using the target queue based on the bandwidth limitation of the target queue includes:
    调用服务质量QoS功能模块,将所述上行流量在所述QoS功能模块的所述目标队列的带宽限制作用下经所述上行端口进行上行传输。The service quality QoS function module is invoked, and the uplink traffic is uplinked by the uplink port under the bandwidth limitation of the target queue of the QoS function module.
  8. 根据权利要求7所述的方法,还包括:The method of claim 7 further comprising:
    将所述云主机的所述网桥绑定所述QoS功能模块;Binding the bridge of the cloud host to the QoS function module;
    在所述QoS功能模块中生成队列,为每个所述队列设置流量控制TC分类,通过所述TC分类指定带宽限制信息;Generating a queue in the QoS function module, setting a flow control TC classification for each of the queues, and specifying bandwidth limitation information by using the TC classification;
    在所述网桥中添加流表信息。 Add flow table information to the bridge.
  9. 根据权利要求6~8中任意一项所述方法,还包括:A method according to any one of claims 6 to 8, further comprising:
    若所述源地址信息与所述流表信息未匹配成功,则选取预定默认队列作为目标队列。If the source address information and the flow table information do not match successfully, the predetermined default queue is selected as the target queue.
  10. 根据权利要求6~8中任意一项所述的方法,还包括:A method according to any one of claims 6 to 8, further comprising:
    当删除所述云主机的公网地址时,删除匹配所述公网地址的流表信息中的目标队列,并删除包括所述公网地址的流表信息。When the public network address of the cloud host is deleted, the target queue in the flow table information matching the public network address is deleted, and the flow table information including the public network address is deleted.
  11. 一种云主机数据传输方法,包括权利要求1~5中任意一项所述云主机数据接收方法;和/或,A cloud host data transmission method, comprising the cloud host data receiving method according to any one of claims 1 to 5; and/or
    权利要求6~10中任意一项所述云主机数据发送方法。The cloud host data transmitting method according to any one of claims 6 to 10.
  12. 一种云主机数据接收装置,包括:A cloud host data receiving device includes:
    目的地址获取模块,用于获取云主机下行流量的目的地址信息,所述目的地址信息为所述云主机的公网地址信息;a destination address obtaining module, configured to obtain destination address information of a downlink traffic of the cloud host, where the destination address information is public network address information of the cloud host;
    目标队列确定模块,用于基于队列与所述公网地址的对应关系,根据所述目的地址信息确定目标队列;a target queue determining module, configured to determine a target queue according to the destination address information based on a correspondence between the queue and the public network address;
    下行传输模块,用于基于所述目标队列的带宽限制,通过所述目标队列进行下行传输。And a downlink transmission module, configured to perform downlink transmission by using the target queue based on a bandwidth limitation of the target queue.
  13. 根据权利要求12所述的装置,其中,The device according to claim 12, wherein
    所述目的地址获取模块用于通过中间功能块装置IFB获取进入网卡的所述下行流量,并获取所述目的地址信息;The destination address obtaining module is configured to acquire the downlink traffic entering the network card by using the intermediate function block device IFB, and obtain the destination address information;
    所述目标队列确定模块用于在所述IFB根据队列与所述公网地址的对应关系确定所述目标队列,其中,所述目标队列具有所述带宽限制信息;The target queue determining module is configured to determine the target queue according to a correspondence between the IFB and the public network address, where the target queue has the bandwidth limitation information;
    所述下行传输模块用于将所述下行流量在所述目标队列的带宽限制作用下返回所述网卡,经所述网卡进行下行传输。The downlink transmission module is configured to return the downlink traffic to the network card by using a bandwidth limitation of the target queue, and perform downlink transmission by using the network card.
  14. 根据权利要求13所述的装置,还包括: The apparatus of claim 13 further comprising:
    网卡连接模块,用于将所述云主机的网卡与所述IFB连接;a network card connection module, configured to connect the network card of the cloud host with the IFB;
    下行队列生成模块,用于在所述IFB中添加TC规则,通过所述TC规则设置队列,且指定每个所述队列的带宽限制信息;a downlink queue generating module, configured to add a TC rule in the IFB, set a queue by using the TC rule, and specify bandwidth limitation information of each of the queues;
    对应关系生成模块,用于在所述IFB中建立所述队列与所述公网地址的对应关系。The correspondence generation module is configured to establish a correspondence between the queue and the public network address in the IFB.
  15. 根据权利要求12~14中任意一项所述的装置,其中,The apparatus according to any one of claims 12 to 14, wherein
    所述目标队列确定模块还用于当基于队列与所述公网地址的对应关系根据所述目的地址信息未能确定目标队列时,选取预定默认队列作为目标队列。The target queue determining module is further configured to: when the target queue is not determined according to the destination address information based on the correspondence between the queue and the public network address, select a predetermined default queue as the target queue.
  16. 根据权利要求12~14中任意一项所述的装置,还包括:The apparatus according to any one of claims 12 to 14, further comprising:
    删除模块,用于当删除所述云主机的公网地址时,删除与所述公网地址匹配的目标队列,且删除所述公网地址与所述队列的对应关系。The deleting module is configured to: when the public network address of the cloud host is deleted, delete the target queue that matches the public network address, and delete the correspondence between the public network address and the queue.
  17. 一种云主机数据发送装置,包括:A cloud host data sending device includes:
    源地址获取模块,用于获取云主机上行流量的源地址信息,所述源地址信息为所述云主机的公网地址信息;The source address obtaining module is configured to obtain source address information of the cloud host uplink traffic, where the source address information is public network address information of the cloud host;
    目标队列确定模块,用于将所述源地址信息与流表信息进行匹配,确定目标队列,其中,所述流表信息包括所述公网地址信息与所述队列的对应关系;a target queue determining module, configured to match the source address information and the flow table information to determine a target queue, where the flow table information includes a correspondence between the public network address information and the queue;
    上行传输模块,用于基于所述目标队列的带宽限制,通过所述目标队列进行上行传输。An uplink transmission module, configured to perform uplink transmission by using the target queue based on a bandwidth limit of the target queue.
  18. 根据权利要求17所述的装置,其中,The device according to claim 17, wherein
    所述源地址获取模块用于在云主机的网桥获取所述上行流量的源地址信息;The source address obtaining module is configured to acquire source address information of the uplink traffic on a bridge of a cloud host;
    所述目标队列确定模块用于所述网桥将所述源地址信息与所述网桥中的流表信息进行匹配,确定QoS功能模块中的目标队列,其中,所述队列的出口绑定网桥的上行端口,且每个队列具有带宽限制信息;The target queue determining module is configured to match the source address information with the flow table information in the bridge to determine a target queue in the QoS function module, where the queue is bounded by the network The upstream port of the bridge, and each queue has bandwidth limitation information;
    所述上行传输模块用于调用服务质量QoS功能模块,将所述上行流量在所述QoS功能模块的所述目标队列的带宽限制作用下经所述上行端口进行上行传输。 The uplink transmission module is configured to invoke a quality of service QoS function module, and perform uplink transmission on the uplink port by using the uplink traffic in the bandwidth limitation of the target queue of the QoS function module.
  19. 根据权利要求18所述的装置,还包括:The apparatus of claim 18, further comprising:
    网桥绑定模块,用于将所述云主机的所述网桥绑定所述QoS功能模块;a bridge binding module, configured to bind the bridge of the cloud host to the QoS function module;
    上行队列生成模块,用于在所述QoS功能模块中生成队列,为每个所述队列设置流量控制TC分类,通过所述TC分类指定带宽限制信息;An uplink queue generating module, configured to generate a queue in the QoS function module, set a flow control TC classification for each of the queues, and specify bandwidth limitation information by using the TC classification;
    流表添加模块,用于在所述网桥中添加流表信息。A flow table adding module is configured to add flow table information to the bridge.
  20. 根据权利要求17~19中任意一项所述方法,所述目标队列确定模块还用于当所述源地址信息与所述流表信息未匹配成功时,选取预定默认队列作为目标队列。The method according to any one of claims 17 to 19, wherein the target queue determining module is further configured to: when the source address information and the flow table information do not match successfully, select a predetermined default queue as the target queue.
  21. 根据权利要求17~19中任意一项所述的方法,还包括:The method according to any one of claims 17 to 19, further comprising:
    删除模块,用于当删除所述云主机的公网地址时,删除匹配所述公网地址的流表信息中的目标队列,并删除包括所述公网地址的流表信息。And deleting the target queue in the flow table information matching the public network address, and deleting the flow table information including the public network address, when the public network address of the cloud host is deleted.
  22. 一种云主机数据传输装置,包括权利要求12~16中任意一项所述的云主机数据接收装置;和/或A cloud host data transmission device, comprising the cloud host data receiving device according to any one of claims 12 to 16; and/or
    权利要求17~21中任意一项所述的云主机数据发送装置。The cloud host data transmitting apparatus according to any one of claims 17 to 21.
  23. 一种云主机数据传输装置,包括:A cloud host data transmission device includes:
    存储器;以及Memory;
    耦接至所述存储器的处理器,所述处理器被配置为基于存储在所述存储器的指令执行如权利要求1至10中任意一项所述的方法。A processor coupled to the memory, the processor being configured to perform the method of any one of claims 1 to 10 based on an instruction stored in the memory.
  24. 一种计算机可读存储介质,其上存储有计算机程序指令,该指令被处理器执行时实现权利要求1至10任意一项所述的方法的步骤。 A computer readable storage medium having stored thereon computer program instructions which, when executed by a processor, perform the steps of the method of any one of claims 1 to 10.
PCT/CN2017/092571 2016-09-06 2017-07-12 Methods and devices for sending, receiving, and transmitting cloud host data WO2018045821A1 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
CN201610803755.4A CN107800645B (en) 2016-09-06 2016-09-06 Cloud host data sending, receiving and transmitting method and device
CN201610803755.4 2016-09-06

Publications (1)

Publication Number Publication Date
WO2018045821A1 true WO2018045821A1 (en) 2018-03-15

Family

ID=61530392

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2017/092571 WO2018045821A1 (en) 2016-09-06 2017-07-12 Methods and devices for sending, receiving, and transmitting cloud host data

Country Status (2)

Country Link
CN (1) CN107800645B (en)
WO (1) WO2018045821A1 (en)

Cited By (9)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN109120454A (en) * 2018-09-04 2019-01-01 山东浪潮云投信息科技有限公司 A kind of QoS flow speed limiting system and method
CN110868364A (en) * 2018-08-28 2020-03-06 阿里巴巴集团控股有限公司 Bandwidth isolation device and method
CN110932998A (en) * 2019-11-28 2020-03-27 杭州迪普科技股份有限公司 Message processing method and device
CN112671668A (en) * 2020-12-17 2021-04-16 中盈优创资讯科技有限公司 Neutron virtual network flow control method and device
CN112866019A (en) * 2021-01-11 2021-05-28 科大讯飞股份有限公司 Method for limiting bandwidth of elastic IP address, related equipment and readable storage medium
CN113300978A (en) * 2021-02-05 2021-08-24 阿里巴巴集团控股有限公司 Data transmission method and device
CN114338546A (en) * 2021-12-24 2022-04-12 中国联合网络通信集团有限公司 Virtual machine speed limiting method and device, electronic equipment and readable storage medium
CN114900470A (en) * 2022-06-17 2022-08-12 中国联合网络通信集团有限公司 Flow control method, device, equipment and storage medium
CN116723162A (en) * 2023-08-10 2023-09-08 浪潮电子信息产业股份有限公司 Network first packet processing method, system, device, medium and heterogeneous equipment

Families Citing this family (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN108683607B (en) * 2018-06-14 2020-02-21 新华三云计算技术有限公司 Virtual machine flow control method and device and server
CN111049669A (en) * 2019-10-30 2020-04-21 烽火通信科技股份有限公司 Distributed storage system and method for realizing flow control
CN113783797B (en) * 2021-09-13 2023-11-07 京东科技信息技术有限公司 Network flow control method, device and equipment of cloud primary container and storage medium

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101841451A (en) * 2009-12-30 2010-09-22 北京世纪互联宽带数据中心有限公司 Virtual local area network-based speed limiting method and system for cloud hosts
US20110292792A1 (en) * 2010-05-31 2011-12-01 Microsoft Corporation Applying Policies to Schedule Network Bandwidth Among Virtual Machines
CN102801636A (en) * 2012-09-05 2012-11-28 成都国腾实业集团有限公司 Method for limiting bandwidth of cloud hosting network of cloud computing platform
CN105915387A (en) * 2016-05-31 2016-08-31 新浪网技术(中国)有限公司 External network bandwidth speed limiting method, device and system of cloud host in IaaS cloud platform

Family Cites Families (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US8837483B2 (en) * 2011-04-11 2014-09-16 Alcatel Lucent Mapping private and public addresses
CN103188086B (en) * 2011-12-27 2015-11-11 中国移动通信集团公司 A kind of method, Apparatus and system of management and control intranet and extranet bandwidth
CN102546444B (en) * 2012-03-28 2014-08-13 杭州华三通信技术有限公司 Method for accessing private network through layer 2 tunneling protocol and server
CN103634235A (en) * 2013-11-01 2014-03-12 国云科技股份有限公司 Method for limiting speed of network interface of virtual machine
CN105915470B (en) * 2016-01-27 2019-05-21 无锡华云数据技术服务有限公司 A kind of elastic bandwidth configuration method based on Linux flow control

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101841451A (en) * 2009-12-30 2010-09-22 北京世纪互联宽带数据中心有限公司 Virtual local area network-based speed limiting method and system for cloud hosts
US20110292792A1 (en) * 2010-05-31 2011-12-01 Microsoft Corporation Applying Policies to Schedule Network Bandwidth Among Virtual Machines
CN102801636A (en) * 2012-09-05 2012-11-28 成都国腾实业集团有限公司 Method for limiting bandwidth of cloud hosting network of cloud computing platform
CN105915387A (en) * 2016-05-31 2016-08-31 新浪网技术(中国)有限公司 External network bandwidth speed limiting method, device and system of cloud host in IaaS cloud platform

Cited By (13)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN110868364B (en) * 2018-08-28 2023-04-18 阿里巴巴集团控股有限公司 Bandwidth isolation device and method
CN110868364A (en) * 2018-08-28 2020-03-06 阿里巴巴集团控股有限公司 Bandwidth isolation device and method
CN109120454A (en) * 2018-09-04 2019-01-01 山东浪潮云投信息科技有限公司 A kind of QoS flow speed limiting system and method
CN110932998A (en) * 2019-11-28 2020-03-27 杭州迪普科技股份有限公司 Message processing method and device
CN112671668A (en) * 2020-12-17 2021-04-16 中盈优创资讯科技有限公司 Neutron virtual network flow control method and device
CN112671668B (en) * 2020-12-17 2023-03-24 中盈优创资讯科技有限公司 Neutron virtual network flow control method and device
CN112866019A (en) * 2021-01-11 2021-05-28 科大讯飞股份有限公司 Method for limiting bandwidth of elastic IP address, related equipment and readable storage medium
CN113300978A (en) * 2021-02-05 2021-08-24 阿里巴巴集团控股有限公司 Data transmission method and device
CN114338546A (en) * 2021-12-24 2022-04-12 中国联合网络通信集团有限公司 Virtual machine speed limiting method and device, electronic equipment and readable storage medium
CN114900470A (en) * 2022-06-17 2022-08-12 中国联合网络通信集团有限公司 Flow control method, device, equipment and storage medium
CN114900470B (en) * 2022-06-17 2023-10-31 中国联合网络通信集团有限公司 Flow control method, device, equipment and storage medium
CN116723162A (en) * 2023-08-10 2023-09-08 浪潮电子信息产业股份有限公司 Network first packet processing method, system, device, medium and heterogeneous equipment
CN116723162B (en) * 2023-08-10 2023-11-03 浪潮电子信息产业股份有限公司 Network first packet processing method, system, device, medium and heterogeneous equipment

Also Published As

Publication number Publication date
CN107800645B (en) 2020-05-01
CN107800645A (en) 2018-03-13

Similar Documents

Publication Publication Date Title
WO2018045821A1 (en) Methods and devices for sending, receiving, and transmitting cloud host data
US9800502B2 (en) Quantized congestion notification for computing environments
US10103972B2 (en) Managing data flows in software-defined network using network interface card
US10547540B2 (en) Routing optimization for inter-cloud connectivity
US9544248B2 (en) Overlay network capable of supporting storage area network (SAN) traffic
US9462084B2 (en) Parallel processing of service functions in service function chains
US9148369B2 (en) Packet routing with analysis assist for embedded applications sharing a single network interface over multiple virtual networks
US20140307554A1 (en) Virtual enhanced transmission selection (vets) for lossless ethernet
US20150381510A1 (en) Flow control credits for priority in lossless ethernet
WO2014063129A1 (en) Providing a virtual security appliance architecture to a virtual cloud infrastructure
US9077659B2 (en) Packet routing for embedded applications sharing a single network interface over multiple virtual networks
EP3069484A1 (en) Shortening of service paths in service chains in a communications network
CA2961283C (en) Resource management method, host, and endpoint
US9571410B2 (en) Credit-based link level flow control and credit exchange using DCBX
US20190222522A1 (en) Policy aware framework for application input output management
WO2015066878A1 (en) Control device and control method in software defined network (sdn)
US10747577B2 (en) Performance characterization for datacenters
US11575620B2 (en) Queue-to-port allocation
WO2018057165A1 (en) Technologies for dynamically transitioning network traffic host buffer queues
US20140211663A1 (en) Spanning tree protocol (stp) implementation on an event driven virtual link aggregation (vlag) system
US11916999B1 (en) Network traffic management at radio-based application pipeline processing servers
Khorasi Software Defined Networking (SDN) Based Solution for Data Center Construct

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 17847994

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

32PN Ep: public notification in the ep bulletin as address of the adressee cannot be established

Free format text: NOTING OF LOSS OF RIGHTS PURSUANT TO RULE 112(1) EPC ( EPO FORM 1205A DATED 21/06/2019 )

122 Ep: pct application non-entry in european phase

Ref document number: 17847994

Country of ref document: EP

Kind code of ref document: A1