WO2020220459A1 - Vxlan and openflow-based method and system for sharing virtual home network - Google Patents

Vxlan and openflow-based method and system for sharing virtual home network Download PDF

Info

Publication number
WO2020220459A1
WO2020220459A1 PCT/CN2019/094124 CN2019094124W WO2020220459A1 WO 2020220459 A1 WO2020220459 A1 WO 2020220459A1 CN 2019094124 W CN2019094124 W CN 2019094124W WO 2020220459 A1 WO2020220459 A1 WO 2020220459A1
Authority
WO
WIPO (PCT)
Prior art keywords
vxlan
address
vtep
virtual
modify
Prior art date
Application number
PCT/CN2019/094124
Other languages
French (fr)
Chinese (zh)
Inventor
喻晶洁
何奥林
姚洁
Original Assignee
烽火通信科技股份有限公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 烽火通信科技股份有限公司 filed Critical 烽火通信科技股份有限公司
Publication of WO2020220459A1 publication Critical patent/WO2020220459A1/en

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L12/00Data switching networks
    • H04L12/28Data switching networks characterised by path configuration, e.g. LAN [Local Area Networks] or WAN [Wide Area Networks]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L12/00Data switching networks
    • H04L12/28Data switching networks characterised by path configuration, e.g. LAN [Local Area Networks] or WAN [Wide Area Networks]
    • H04L12/46Interconnection of networks

Definitions

  • the present invention relates to the field of data message forwarding, in particular to a virtual home network sharing method and system based on VXLAN (Virtual Extensible LAN) and OpenFlow (communication protocol).
  • VXLAN Virtual Extensible LAN
  • OpenFlow communication protocol
  • the virtual home gateway is divided into two parts, the vG (virtual gateway) end placed in the data center server and the pG (physical gateway) placed in the user's home, between the vG end and the pG end of the virtual home Use VXLAN to connect.
  • the vG end is equivalent to the server side
  • the pG end is equivalent to the user side.
  • VLANs Virtual Local Area Network, virtual local area network
  • the overlay method is generally used to isolate families.
  • the Overlay approach there is currently no effective solution to how families can share access to data center server-side resources.
  • the invention discloses a virtual home network sharing method and system based on VXLAN and OpenFlow, which can enable data message transmission between virtual homes and realize resource sharing.
  • a virtual home network sharing method based on VXLAN and OpenFlow includes the following steps:
  • the vG end multicasts its own resources to the device connected to the pG end through multicast;
  • the device attached to the pG end informs the vG end of its required resources through unicast;
  • the vG end sends the resources required by the device connected to the pG end through unicast.
  • the vG end Before the vG end multicasts its own resources to all pG end-linked devices in a multicast manner, it specifically includes:
  • the pG end-linked device Before the pG end-linked device notifies the vG end of its required resources through unicast, it specifically includes:
  • IP mapping is performed in the virtual switch on the pG end, and the OpenFlow flow table is issued to map the source IP address of the packet sent by the device at the pG end to the vG end to the unused second IP address;
  • the mac address of the vG end corresponds to the vG end VTEP endpoint.
  • the vG end before the vG end sends the resources required by the pG end-linked device through unicast, it further includes:
  • the mac address of the device connected to the pG end corresponds to the VTEP end point of the pG end.
  • a virtual home network sharing system based on VXLAN and OpenFlow provided by the present invention includes:
  • the first creation module which is used to create a VXLAN connection and connect the vG end and the pG end of the virtual home gateway;
  • the second creation module is used to create a new VXLAN connection between virtual homes and modify the VXLAN FDB table of the newly created VXLAN connection to make the second-tier network between the virtual homes reachable;
  • Multicast module which is used to drive the vG end to broadcast its own resources to the pG end-linked device through multicast;
  • the first unicast module which is used to drive the device connected to the pG end to inform the vG end of the resources it needs by unicasting;
  • the second unicast module is used to drive the vG end to send the resources required by the device connected to the pG end in a unicast manner.
  • the vG end Before the vG end broadcasts its own resources in a multicast manner, it specifically includes:
  • the pG end-linked device Before the pG end-linked device notifies the vG end of its required resources through unicast, it specifically includes:
  • the mac address of the vG end corresponds to the vG end VTEP endpoint.
  • the vG end before the vG end sends the resources required by the pG end-linked device through unicast, it further includes:
  • the mac address of the device connected to the pG end corresponds to the VTEP end point of the pG end.
  • the present invention has the advantage of creating a new VXLAN connection between virtual homes and modifying the VXLAN FDB table of the newly created VXLAN connection, so that the second layer network between the virtual homes can be reached, so that the vG of a virtual home
  • the terminal can communicate with devices connected to the pG end of other virtual homes, and other virtual homes can obtain resources on the vG end of the virtual home, and the vG end and the pG end of each virtual home can transmit data messages to realize resource sharing.
  • Figure 1 is a flowchart of a method for virtual home network sharing based on VXLAN and OpenFlow in an embodiment of the present invention
  • Figure 2 is a schematic diagram of the process of a multicast message sent from the vG end to the pG end in an example of the present invention
  • FIG. 3 is a schematic diagram of the process in which the device attached to the pG end in the example of the present invention responds to a message in a unicast manner to inform the vG end of its required resources;
  • Fig. 4 shows that the vG end transmits resources to the pG end-linked device through unicast in the example of the present invention
  • Figure 5 shows the FDB table format saved in the VXLAN endpoint VTEP in the example of the present invention.
  • the present invention will be further described in detail below in conjunction with the drawings and embodiments. Those skilled in the art should understand that the embodiments of the present invention may be provided as methods, systems, or computer program products. Therefore, the present invention may adopt the form of a complete hardware embodiment, a complete software embodiment, or an embodiment combining software and hardware. Moreover, the present invention may adopt the form of a computer program product implemented on one or more computer-usable storage media (including but not limited to disk storage, CD-ROM, optical storage, etc.) containing computer-usable program codes.
  • computer-usable storage media including but not limited to disk storage, CD-ROM, optical storage, etc.
  • the embodiment of the present invention provides a virtual home network sharing method based on VXLAN and OpenFlow.
  • VXLAN virtual local area network
  • OpenFlow virtual network sharing method
  • an embodiment of a method for sharing a virtual home network based on VXLAN and OpenFlow provided by an embodiment of the present invention includes:
  • S1 Create a VXLAN connection to connect the vG end and pG end of the virtual home;
  • the pG terminal corresponds to the access device on the user side in the virtual home, and is used to access terminal devices such as mobile phones and computers in the home. It can be understood that each pG corresponds to a virtual home vG.
  • the vG end and the pG end of each virtual home are connected by VXLAN, and the vG end and the pG end use a virtual switch that supports the OpenFlow protocol.
  • S2 Create a new VXLAN connection between the virtual homes, and modify the VXLAN FDB table of the newly created VXLAN connection to make the second-tier network between the virtual homes reachable;
  • VXLAN connection VXLAN FDB table between the virtual homes
  • data between the virtual homes can be communicated, that is, data packet transmission can be performed between the vG end and the pG end of each virtual home.
  • virtual home A and virtual home B create a new VXLAN between virtual home A and virtual home B Connect, and then modify the VXLAN connection VXLAN FDB table between virtual home A and virtual home B, so that the second layer link is reachable between virtual home A and virtual home B, and the data is interoperable.
  • Virtual home A can obtain resources from the vG end of virtual home B
  • the virtual home B can also obtain the resources of the vG end of the virtual home A.
  • FDB (Forwarding Data Base) table that is, MAC address forwarding table.
  • S4 The devices connected to the pG end (computers, mobile phones, etc.) inform the vG end of its own resources through unicast;
  • the vG end sends the resources required by the device connected to the pG end through unicast.
  • the vG-side when vG-side resource sharing between virtual homes is performed, the vG-side informs the pG-side connected device of the resources provided by itself through multicast, and the pG-side downlink device informs the resource provided by the vG-side
  • the resources required by the vG end itself, and the vG end transmits the resources to the devices connected to the pG end through unicast.
  • a method for sharing a virtual home network based on VXLAN and OpenFlow in an embodiment of the present invention is to create a VXLAN connection between virtual homes and modify the VXLAN FDB table of the newly created VXLAN connection to make the second-tier network between the virtual homes reachable, so that a certain
  • the vG end of a virtual home can send multicast packets to other virtual home pG end-linked devices, and other virtual home pG end-linked devices can obtain resources of the virtual home vG end.
  • Between the vG end and the pG end of each virtual home It can carry out data message transmission and realize resource sharing.
  • the specific steps include: modifying the FDB table of the newly created VXLAN connection VTEP end at the vG end so that the multicast packets on the vG end can reach the pG end; Modify the OpenFlow flow table on the vG side so that the source IP address of the vG side is an unused IP address, that is, an unused IP address before, to avoid conflicts with existing IP addresses.
  • VTEP namely VXLAN Tunnel End Point, is responsible for VXLAN encapsulation and decapsulation of original Ethernet packets.
  • the specific steps include: modifying the FDB table of the VXLAN connection on the pG end to the VTEP end, so that the unicast packets of the device linked to the pG end can reach the vG end; modifying the pG end OpenFlow flow table, so that the source IP address of the packet sent by the device attached to the pG to the vG end is an unused IP address, that is, an unused IP address before, so as to avoid conflicts with existing IP addresses.
  • the embodiment of the present invention provides a VXLAN and OpenFlow-based virtual home network sharing method in the first embodiment.
  • modifying the FDB table of the VXLAN connection on the vG side to the VTEP side and modifying the OpenFlow flow table on the vG side includes:
  • the mac address of the vG end corresponds to the vG end VTEP endpoint.
  • the embodiment of the present invention provides a VXLAN and OpenFlow-based virtual home network sharing method in the first
  • the vG side before the vG side sends the resources required by the pG-connected device in unicast mode, it further includes:
  • the mac address of the device connected to the pG end corresponds to the VTEP end point of the pG end.
  • the following uses an example to inform the vG end of the embodiment of the present invention of the resources provided by other pG offline devices through multicast.
  • the pG offline device learns the resources provided by the vG end and informs the vG end of the resources it needs.
  • the resource is transmitted to the device connected to the pG end in a unicast mode, and the above process is described in detail.
  • the vG end is equivalent to the server side of the virtual home gateway
  • the pG end is equivalent to the user side of the virtual home gateway.
  • a vSwitch is deployed in vG and pG, and accepts the control of the controller through the OpenFlow protocol, so that the quintuple information of the data message can be modified.
  • NC Network Card
  • the VXLAN tunnel endpoint is vtep.
  • the agent (pG2Agent is omitted and not shown in Figure 2) accepts the management of the controller to configure the VXLAN FDB table of vtep.
  • the multicast packet sent from the vG end to the pG end has the following processing logic:
  • VXLAN source endpoint (vG side) is vtep1, source IP address is ip1, source mac address is mac1;
  • VXLAN destination endpoint (pG side) is vtep2, destination IP address is multicast address ip_multi, destination mac address is multicast mac address mac_multi .
  • IP mapping is performed in the virtual switch on the vG side, and the source IP address ip1 is mapped to ip1_new by issuing the OpenFlow flow table (this address is a reserved address and will not cause address conflicts between different families), and the VXLAN FDB table on the vG side is modified at the same time , Corresponding to mac_multi as VXLAN endpoint vtep2;
  • the source MAC address is mac1
  • the source IP address is ip1_new
  • the destination MAC address is mac_multi
  • the destination IP address is ip_multi.
  • the pG-side attached device informs the vG side of the resources it needs after learning the resources provided by the vG side.
  • the pG-side attached device replies with a unicast message to inform the vG side of the resources it needs.
  • the logic is as follows:
  • the VXLAN endpoint of the vG end is vtep1, the IP address of the vG end is ip1, and the mac address of the server is mac1;
  • the VXLAN endpoint of pG is vtep2, the IP address of the device attached to the pG end is ip2, and the mac address of the device attached to the pG end is mac2. Since the source IP address of the multicast message received by the pG end is ip1_new, the destination IP address of the reply message is ip1_new, and the source IP address is ip2;
  • IP mapping is performed in the virtual switch on the pG side, and the OpenFlow flow table is issued through the controller to map the source IP address ip2 to ip2_new (this address is a reserved address and will not cause address conflicts between different families), and modify the virtual switch
  • the ARP table is ip1_new corresponding to mac1, modify the FDB table in the VXLAN endpoint where the pG end is located, and match mac1 to the VXLAN endpoint vtep1;
  • the source MAC address is mac2
  • the source IP address is ip2_new
  • the destination mac address is mac1
  • the destination IP address is ip1_new.
  • the OpenFlow flow table in the vG side is modified to do IP mapping. Change the destination IP address ip1_new of the message to ip1, and then forward the message to the vG end for internal processing.
  • the vG end transmits resources to the pG end through unicast, and the logic is as follows:
  • the VXLAN endpoint of the vG end is vtep1, the IP address of the vG end is ip1, and the mac address of the vG end is mac1;
  • the VXLAN endpoint of the pG end is vtep2, the IP address of the device at the pG end is ip2, and the mac address of the device at the pG end is mac2;
  • the source mac address of the data message sent by the vG end is mac1, the source IP address is ip1, the destination mac address is mac2, and the destination IP address is ip2_new.
  • IP mapping is done in the virtual switch on the vG side, the source IP address is mapped to ip1_new by issuing the OpenFlow flow table, the ARP table in the virtual switch on the vG side is modified so that ip2_new corresponds to mac2, and the FDB table of the VXLAN on the vG side is modified to mac2 Corresponding to vtep2;
  • the packet decapsulated by the VXLAN interface vtep2 on the pG side has the source mac address as mac1, the source IP address as ip1_new, the destination mac address as mac2, and the destination IP address as ip2_new.
  • IP mapping is done in the virtual switch where the pG end is located, the destination IP address ip2_new is mapped to ip2 by issuing the OpenFlow flow table, and the ARP table is modified to ip1_new corresponding to mac1, and the source mac address of the packet received by the device connected to the pG end Is mac1, the source IP address is ip1_new, the destination mac address is mac2, and the destination IP address is ip2.
  • an Agent needs to be deployed for receiving instructions from the controller to issue configuration.
  • the Controller connects to the Agent through the Netconf protocol, and uses the following configuration to change the FDB table of the vtep on the server side and the device side.
  • the Controller mainly provides the north-south API interface, the southbound interface is responsible for communicating and calling with basic network equipment, and the northbound interface is responsible for communicating and calling with upper-layer applications. At the same time, the controller will provide a web management platform. All SDN network functions are deployed and invoked on this interface. The independence, ease of use, and scalability between network functions are key indicators for measuring SDN Controller.
  • the Agent receives instructions from the Controller and configures the FDB table of the VTEP.
  • the format of the VXLAN FDB table is shown in Figure 5.
  • the endpoint of the VXLAN tunnel is called a VTEP, and a forwarding data table can be configured in the VTEP. It can decide to encapsulate the data packet in a VXLAN message and send it to the next hop VTEP according to the destination MAC address of the inner message. If it is a unicast MAC, the agent only needs to configure the remote vtep corresponding to the MAC address.
  • the vtep information includes IP, VNI (VXLAN Network Identifier, virtual extensible local area network identifier) and port information. If it is a multicast MAC, the agent needs to configure the remote vtep linked list corresponding to the MAC address.
  • the destination MAC address of the inner layer message is a unicast MAC address
  • the IP address, VNI number, and port number of the terminal As shown in Figure 5(b), if the destination MAC address of the inner message is a multicast MAC address, it means that the message needs to be sent to multiple vtep ends, so the IP addresses and VNI numbers of multiple vtep ends need to be recorded And the port number, and store it in the form of a linked list.
  • the first creation module which is used to create a VXLAN connection and connect the vG end and the pG end of the virtual home gateway;
  • the second creation module is used to create a new VXLAN connection between virtual homes and modify the VXLAN FDB table of the newly created VXLAN connection to make the second-tier network between the virtual homes reachable;
  • Multicast module which is used to drive the vG end to broadcast its own resources to the pG end-linked device through multicast;
  • the first unicast module which is used to drive the device connected to the pG end to inform the vG end of the resources it needs by unicasting;
  • the second unicast module is used to drive the vG end to send the resources required by the device connected to the pG end in a unicast manner.
  • the vG end Before the vG end broadcasts its own resources through multicast, it specifically includes:
  • the device connected to the pG end informs the vG end of its required resources through unicast, it specifically includes:
  • the first optional implementation of a virtual home network sharing system based on VXLAN and OpenFlow provided in the embodiment of the present invention
  • modify the FDB table of the newly created VXLAN connection VTEP side on the vG side, and modify the OpenFlow flow table on the vG side including:
  • IP mapping is performed in the virtual switch on the pG end, and the OpenFlow flow table is issued to map the source IP address of the packet sent by the device at the pG end to the vG end to the unused second IP address;
  • the vG end Before the vG end sends the resources required by the device connected to the pG end through unicast, it also includes:
  • the mac address of the device connected to the pG end corresponds to the VTEP end point of the pG end.

Abstract

The present invention relates to the field of data message forwarding, and disclosed thereby are a VXLAN and OpenFlow-based method and system for sharing a virtual home network. The method comprises: establishing a VXLAN connection, and connecting a vG end and a pG end of virtual homes; newly establishing a VXLAN connection between virtual homes, and modifying a VXLAN FDB table of the newly established VXLAN connection so that a two-layer network between the virtual homes may be achieved; the vG end multicasting resources contained thereby to a pG end hanging device by means of a multicasting manner; the pG end hanging device notifying the vG end about resources required thereby by means of a unicasting manner; and the vG end sending the resources required by the pG end hanging device by means of a unicasting manner. The present invention may enable data message transmission between various virtual homes, thus implementing resource sharing.

Description

基于VXLAN和OpenFlow的虚拟家庭网络共享方法及系统Virtual home network sharing method and system based on VXLAN and OpenFlow 技术领域Technical field
本发明涉及数据报文转发领域,具体涉及一种基于VXLAN(Virtual Extensible LAN,虚拟扩展局域网)和OpenFlow(通信协议)的虚拟家庭网络共享方法及系统。The present invention relates to the field of data message forwarding, in particular to a virtual home network sharing method and system based on VXLAN (Virtual Extensible LAN) and OpenFlow (communication protocol).
背景技术Background technique
虚拟家庭网关分为两个部分,放置于数据中心服务器中的vG(virtual Gateway,虚拟网关)端和放置于用户家中的pG(physical Gateway,物理网关),虚拟家庭的vG端和pG端之间采用VXLAN进行连接。vG端相当于服务器侧,pG端相当于用户侧。The virtual home gateway is divided into two parts, the vG (virtual gateway) end placed in the data center server and the pG (physical gateway) placed in the user's home, between the vG end and the pG end of the virtual home Use VXLAN to connect. The vG end is equivalent to the server side, and the pG end is equivalent to the user side.
对于虚拟家庭网关,传统网络隔离主要采用VLAN(Virtual Local Area Network,虚拟局域网)进行,而由于数据中心中家庭网关数量庞大,现如今一般采用Overlay的方式进行家庭之间的隔离。但是采用Overlay的方式,家庭间如何实现对于数据中心服务器端资源的共享访问,目前并没有有效的解决方式。For virtual home gateways, traditional network isolation mainly uses VLANs (Virtual Local Area Network, virtual local area network). However, due to the large number of home gateways in the data center, the overlay method is generally used to isolate families. However, with the Overlay approach, there is currently no effective solution to how families can share access to data center server-side resources.
发明内容Summary of the invention
本发明公开一种基于VXLAN和OpenFlow的虚拟家庭网络共享方法及系统,能够使各虚拟家庭间进行数据报文传输,实现资源共享。The invention discloses a virtual home network sharing method and system based on VXLAN and OpenFlow, which can enable data message transmission between virtual homes and realize resource sharing.
本发明提供的一种基于VXLAN和OpenFlow的虚拟家庭网络共享方法,包括以下步骤:A virtual home network sharing method based on VXLAN and OpenFlow provided by the present invention includes the following steps:
创建VXLAN连接,连接虚拟家庭的vG端和pG端;Create a VXLAN connection to connect the vG end and pG end of the virtual home;
虚拟家庭间新建VXLAN连接,并修改新建VXLAN连接的VXLAN FDB表,以使虚拟家庭间二层网络可达;Create a new VXLAN connection between virtual homes and modify the VXLAN FDB table of the newly created VXLAN connection to make the second-tier network between the virtual homes reachable;
vG端通过组播方式向pG端下挂设备组播自身所含资源;The vG end multicasts its own resources to the device connected to the pG end through multicast;
pG端下挂设备通过单播方式告知vG端自身所需资源;The device attached to the pG end informs the vG end of its required resources through unicast;
vG端通过单播方式发送pG端下挂设备所需资源。The vG end sends the resources required by the device connected to the pG end through unicast.
在上述方案的基础上,On the basis of the above scheme,
所述vG端通过组播方式向所有pG端下挂设备组播自身所含资源之前,具体包括:Before the vG end multicasts its own resources to all pG end-linked devices in a multicast manner, it specifically includes:
修改vG端VXLAN连接VTEP端的FDB表,以使vG端的组播包可达pG端;Modify the FDB table of the VXLAN connection on the vG side to the VTEP side so that the multicast packets on the vG side can reach the pG side;
修改vG端的OpenFlow流表,以使vG端的源IP地址为未被使用IP地址;Modify the OpenFlow flow table on the vG side to make the source IP address of the vG side an unused IP address;
所述pG端下挂设备通过单播方式告知vG端自身所需资源之前,具体包括:Before the pG end-linked device notifies the vG end of its required resources through unicast, it specifically includes:
修改pG端VXLAN连接VTEP端的FDB表,以使pG端下挂设备的单播包可达vG端;Modify the FDB table of the VXLAN connection on the pG end to the VTEP end so that the unicast packets of the device connected to the pG end can reach the vG end;
修改pG端的OpenFlow流表,以使pG端下挂设备发往vG端的报文的源IP地址为未被使用IP地址。Modify the OpenFlow flow table on the pG end so that the source IP address of the packet sent by the device attached to the pG end to the vG end is an unused IP address.
在上述方案的基础上,修改vG端VXLAN连接VTEP端的FDB表,修改vG端的OpenFlow流表,具体包括:On the basis of the above solution, modify the FDB table of the VXLAN connection on the vG side to the VTEP side, and modify the OpenFlow flow table on the vG side, including:
vG端虚拟交换机中进行IP映射,并通过下发OpenFlow流表,将vG端的源IP地址映射为未被使用的第一IP地址;Perform IP mapping in the virtual switch on the vG side, and map the source IP address of the vG side to the unused first IP address by issuing the OpenFlow flow table;
修改vG端新建VXLAN连接中VTEP端FDB表,将组播包的目的mac地址对应为pG端vtep端点。Modify the FDB table on the VTEP side in the newly created VXLAN connection on the vG side, and map the destination mac address of the multicast packet to the vtep endpoint on the pG side.
在上述方案的基础上,修改pG端VXLAN连接VTEP端的FDB 表,修改pG端的OpenFlow流表,具体包括:On the basis of the above solution, modify the FDB table of the VXLAN connection of the pG end to the VTEP end, and modify the OpenFlow flow table of the pG end, including:
pG端虚拟交换机中进行IP映射,并通过下发OpenFlow流表,将pG端下挂设备发往vG端报文的源IP地址映射为未被使用的第二IP地址;IP mapping is performed in the virtual switch on the pG end, and the OpenFlow flow table is issued to map the source IP address of the packet sent by the device at the pG end to the vG end to the unused second IP address;
修改pG端虚拟交换机中ARP表,将第一IP地址对应为vG端的mac地址;Modify the ARP table in the virtual switch on the pG side to correspond the first IP address to the mac address on the vG side;
将pG端VXLAN连接VTEP端FDB表中,vG端的mac地址对应为vG端VTEP端点。Connect the pG end VXLAN to the VTEP end FDB table, the mac address of the vG end corresponds to the vG end VTEP endpoint.
在上述方案的基础上,所述vG端通过单播方式发送pG端下挂设备所需资源之前,还包括:On the basis of the foregoing solution, before the vG end sends the resources required by the pG end-linked device through unicast, it further includes:
vG端虚拟交换机中进行IP映射,并通过下发OpenFlow流表,将vG端的源IP地址映射为第一IP地址;Perform IP mapping in the virtual switch on the vG side, and map the source IP address of the vG side to the first IP address by issuing the OpenFlow flow table;
修改vG端虚拟交换机中ARP表,将第二IP地址对应为pG端下挂设备的mac地址;Modify the ARP table in the virtual switch on the vG end to correspond the second IP address to the mac address of the device connected to the pG end;
将vG端新建VXLAN连接VTEP端FDB表中,pG端下挂设备的mac地址对应为pG端VTEP端点。Connect the newly created VXLAN at the vG end to the FDB table at the VTEP end. The mac address of the device connected to the pG end corresponds to the VTEP end point of the pG end.
本发明提供的一种基于VXLAN和OpenFlow的虚拟家庭网络共享系统,包括:A virtual home network sharing system based on VXLAN and OpenFlow provided by the present invention includes:
第一创建模块,其用于创建VXLAN连接,连接虚拟家庭网关的vG端和pG端;The first creation module, which is used to create a VXLAN connection and connect the vG end and the pG end of the virtual home gateway;
第二创建模块,其用于在虚拟家庭间新建VXLAN连接,并修改新建VXLAN连接的VXLAN FDB表,以使虚拟家庭间二层网络可达;The second creation module is used to create a new VXLAN connection between virtual homes and modify the VXLAN FDB table of the newly created VXLAN connection to make the second-tier network between the virtual homes reachable;
组播模块,其用于驱使vG端通过组播方式向pG端下挂设备广播自身所含资源;Multicast module, which is used to drive the vG end to broadcast its own resources to the pG end-linked device through multicast;
第一单播模块,其用于驱使pG端下挂设备通过单播方式告知vG端自身所需资源;The first unicast module, which is used to drive the device connected to the pG end to inform the vG end of the resources it needs by unicasting;
第二单播模块,其用于驱使vG端通过单播方式发送pG端下挂设备所需资源。The second unicast module is used to drive the vG end to send the resources required by the device connected to the pG end in a unicast manner.
在上述方案的基础上,On the basis of the above scheme,
所述vG端通过组播方式广播自身所含资源之前,具体包括:Before the vG end broadcasts its own resources in a multicast manner, it specifically includes:
修改vG端新建VXLAN连接VTEP端的FDB表,以使vG端的组播包可达pG端;Modify the FDB table of the newly created VXLAN connection on the VTEP side on the vG side so that the multicast packets on the vG side can reach the pG side;
修改vG端的OpenFlow流表,以使vG端的源IP地址为未被使用IP地址;Modify the OpenFlow flow table on the vG side to make the source IP address of the vG side an unused IP address;
所述pG端下挂设备通过单播方式告知vG端自身所需资源之前,具体包括:Before the pG end-linked device notifies the vG end of its required resources through unicast, it specifically includes:
修改pG端VXLAN连接VTEP端的FDB表,以使pG端下挂设备的单播包可达vG端;Modify the FDB table of the VXLAN connection on the pG end to the VTEP end so that the unicast packets of the device connected to the pG end can reach the vG end;
修改pG端的OpenFlow流表,以使pG端下挂设备发往vG端的报文的源IP地址为未被使用IP地址。Modify the OpenFlow flow table on the pG end so that the source IP address of the packet sent by the device attached to the pG end to the vG end is an unused IP address.
在上述方案的基础上,修改vG端新建VXLAN连接VTEP端的FDB表,修改vG端的OpenFlow流表,具体包括:On the basis of the above solution, modify the FDB table on the vG side to create a new VXLAN connection to the VTEP side, and modify the OpenFlow flow table on the vG side, including:
vG端虚拟交换机中进行IP映射,并通过下发OpenFlow流表,将vG端的源IP地址映射为未被使用的第一IP地址;Perform IP mapping in the virtual switch on the vG side, and map the source IP address of the vG side to the unused first IP address by issuing the OpenFlow flow table;
修改vG端新建VXLAN连接中VTEP端FDB表,将组播包的目的mac地址对应为pG端vtep端点。Modify the FDB table on the VTEP side in the newly created VXLAN connection on the vG side, and map the destination mac address of the multicast packet to the vtep endpoint on the pG side.
在上述方案的基础上,修改pG端VXLAN连接VTEP端的FDB表,修改pG端的OpenFlow流表,具体包括:On the basis of the above solution, modify the FDB table of the VXLAN connection of the pG end to the VTEP end, and modify the OpenFlow flow table of the pG end, including:
pG端虚拟交换机中进行IP映射,并通过下发OpenFlow流表, 将pG端下挂设备发往vG端报文的源IP地址映射为未被使用的第二IP地址;Perform IP mapping in the virtual switch on the pG end, and by issuing an OpenFlow flow table, map the source IP address of the packet sent by the device at the pG end to the vG end to an unused second IP address;
修改pG端虚拟交换机中ARP表,将第一IP地址对应为vG端的mac地址;Modify the ARP table in the virtual switch on the pG side to correspond the first IP address to the mac address on the vG side;
将pG端VXLAN连接VTEP端FDB表中,vG端的mac地址对应为vG端VTEP端点。Connect the pG end VXLAN to the VTEP end FDB table, the mac address of the vG end corresponds to the vG end VTEP endpoint.
在上述方案的基础上,所述vG端通过单播方式发送pG端下挂设备所需资源之前,还包括:On the basis of the foregoing solution, before the vG end sends the resources required by the pG end-linked device through unicast, it further includes:
vG端虚拟交换机中进行IP映射,并通过下发OpenFlow流表,将vG端的源IP地址映射为第一IP地址;Perform IP mapping in the virtual switch on the vG side, and map the source IP address of the vG side to the first IP address by issuing the OpenFlow flow table;
修改vG端虚拟交换机中ARP表,将第二IP地址对应为pG端下挂设备的mac地址;Modify the ARP table in the virtual switch on the vG end to correspond the second IP address to the mac address of the device connected to the pG end;
将vG端新建VXLAN连接VTEP端FDB表中,pG端下挂设备的mac地址对应为pG端VTEP端点。Connect the newly created VXLAN at the vG end to the FDB table at the VTEP end. The mac address of the device connected to the pG end corresponds to the VTEP end point of the pG end.
与现有技术相比,本发明的优点在于:通过在虚拟家庭间新建VXLAN连接,并修改新建VXLAN连接的VXLAN FDB表,以使虚拟家庭间二层网络可达,使得某个虚拟家庭的vG端能够对其它虚拟家庭pG端下挂设备进行通信,且其它虚拟家庭能够获取该虚拟家庭vG端的资源,各虚拟家庭的vG端和pG端间能够进行数据报文传输,实现资源共享。Compared with the prior art, the present invention has the advantage of creating a new VXLAN connection between virtual homes and modifying the VXLAN FDB table of the newly created VXLAN connection, so that the second layer network between the virtual homes can be reached, so that the vG of a virtual home The terminal can communicate with devices connected to the pG end of other virtual homes, and other virtual homes can obtain resources on the vG end of the virtual home, and the vG end and the pG end of each virtual home can transmit data messages to realize resource sharing.
附图说明Description of the drawings
图1为本发明实施例中一种基于VXLAN和OpenFlow的虚拟家庭网络共享方法的流程图;Figure 1 is a flowchart of a method for virtual home network sharing based on VXLAN and OpenFlow in an embodiment of the present invention;
图2为本发明实例中vG端发往pG端的组播报文的过程示意图;Figure 2 is a schematic diagram of the process of a multicast message sent from the vG end to the pG end in an example of the present invention;
图3为本发明实例中pG端下挂设备通过单播方式回复报文告知 vG端自身所需资源的过程示意图;FIG. 3 is a schematic diagram of the process in which the device attached to the pG end in the example of the present invention responds to a message in a unicast manner to inform the vG end of its required resources;
图4为本发明实例中vG端通过单播方式向pG端下挂设备传送资源;Fig. 4 shows that the vG end transmits resources to the pG end-linked device through unicast in the example of the present invention;
图5为本发明实例中VXLAN端点VTEP中所保存的FDB表格式。Figure 5 shows the FDB table format saved in the VXLAN endpoint VTEP in the example of the present invention.
具体实施方式Detailed ways
以下结合附图及实施例对本发明作进一步详细说明。本领域内的技术人员应明白,本发明的实施例可提供为方法、系统、或计算机程序产品。因此,本发明可采用完全硬件实施例、完全软件实施例、或结合软件和硬件方面的实施例的形式。而且,本发明可采用在一个或多个其中包含有计算机可用程序代码的计算机可用存储介质(包括但不限于磁盘存储器、CD-ROM、光学存储器等)上实施的计算机程序产品的形式。The present invention will be further described in detail below in conjunction with the drawings and embodiments. Those skilled in the art should understand that the embodiments of the present invention may be provided as methods, systems, or computer program products. Therefore, the present invention may adopt the form of a complete hardware embodiment, a complete software embodiment, or an embodiment combining software and hardware. Moreover, the present invention may adopt the form of a computer program product implemented on one or more computer-usable storage media (including but not limited to disk storage, CD-ROM, optical storage, etc.) containing computer-usable program codes.
本发明实施例提供一种基于VXLAN和OpenFlow的虚拟家庭网络共享方法,通过在虚拟家庭间新建VXLAN连接,并修改新建VXLAN连接的VXLAN FDB表,以使虚拟家庭间二层网络可达,使得某个虚拟家庭的vG端能够对其它虚拟家庭pG端下挂进行通信,且其它虚拟家庭能够获取该虚拟家庭vG端的资源,实现资源共享。本发明实施例还相应的提供了一种基于VXLAN和OpenFlow的虚拟家庭网络共享系统。The embodiment of the present invention provides a virtual home network sharing method based on VXLAN and OpenFlow. By creating a VXLAN connection between virtual homes, and modifying the VXLAN FDB table of the newly created VXLAN connection, the second layer network between the virtual homes can be reached, so that a certain The vG end of a virtual home can communicate with the pG end of other virtual homes, and other virtual homes can obtain the resources of the vG end of the virtual home to realize resource sharing. The embodiment of the present invention also correspondingly provides a virtual home network sharing system based on VXLAN and OpenFlow.
参见图1所示,本发明实施例提供的一种基于VXLAN和OpenFlow的虚拟家庭网络共享方法的一实施例包括:Referring to FIG. 1, an embodiment of a method for sharing a virtual home network based on VXLAN and OpenFlow provided by an embodiment of the present invention includes:
S1:创建VXLAN连接,连接虚拟家庭的vG端和pG端;S1: Create a VXLAN connection to connect the vG end and pG end of the virtual home;
本发明实施例中,pG端对应虚拟家庭中位于用户侧的接入设备,用以接入家庭中的手机、电脑等终端设备,可以理解,每个pG对应 一个虚拟家庭vG。每个虚拟家庭的vG端和pG端间均采用VXLAN进行连接,且vG端和pG端内部采用支持OpenFlow协议的虚拟交换机。In the embodiment of the present invention, the pG terminal corresponds to the access device on the user side in the virtual home, and is used to access terminal devices such as mobile phones and computers in the home. It can be understood that each pG corresponds to a virtual home vG. The vG end and the pG end of each virtual home are connected by VXLAN, and the vG end and the pG end use a virtual switch that supports the OpenFlow protocol.
S2:虚拟家庭间新建VXLAN连接,并修改新建VXLAN连接的VXLAN FDB表,以使虚拟家庭间二层网络可达;S2: Create a new VXLAN connection between the virtual homes, and modify the VXLAN FDB table of the newly created VXLAN connection to make the second-tier network between the virtual homes reachable;
本发明实施例中,通过修改虚拟家庭间VXLAN连接VXLAN FDB表,使得虚拟家庭间数据能够互通,即各个虚拟家庭的vG端和pG端间能够进行数据包传输。In the embodiment of the present invention, by modifying the VXLAN connection VXLAN FDB table between the virtual homes, data between the virtual homes can be communicated, that is, data packet transmission can be performed between the vG end and the pG end of each virtual home.
在实际应用过程中,虚拟家庭数量为多个,但某个时刻需要进行数据共享的虚拟家庭可能只有2个,例如虚拟家庭A和虚拟家庭B,则在虚拟家庭A和虚拟家庭B间新建VXLAN连接,然后修改虚拟家庭A和虚拟家庭B间VXLAN连接VXLAN FDB表,从而虚拟家庭A和虚拟家庭B间实现二层链路可达,数据互通,虚拟家庭A可获取虚拟家庭B的vG端的资源,同理,虚拟家庭B也可获取虚拟家庭A的vG端的资源。FDB(Forwarding Data Base)表,即MAC地址转发表。In the actual application process, there are multiple virtual homes, but there may be only two virtual homes that need to share data at a certain time. For example, virtual home A and virtual home B, then create a new VXLAN between virtual home A and virtual home B Connect, and then modify the VXLAN connection VXLAN FDB table between virtual home A and virtual home B, so that the second layer link is reachable between virtual home A and virtual home B, and the data is interoperable. Virtual home A can obtain resources from the vG end of virtual home B In the same way, the virtual home B can also obtain the resources of the vG end of the virtual home A. FDB (Forwarding Data Base) table, that is, MAC address forwarding table.
S3:vG端通过组播方式向pG端广播自身所含资源;S3: The vG end broadcasts its own resources to the pG end through multicast;
S4:pG端下挂设备(电脑、手机等)通过单播方式告知vG端自身所需资源;S4: The devices connected to the pG end (computers, mobile phones, etc.) inform the vG end of its own resources through unicast;
S5:vG端通过单播方式发送pG端下挂设备所需资源。S5: The vG end sends the resources required by the device connected to the pG end through unicast.
本发明实施例中,在进行虚拟家庭间的vG端资源共享时,vG端通过组播方式告知pG端下挂设备自己所提供的资源,pG端下挂设备获知vG端所提供的资源后告知vG端自身所需资源,vG端通过单播方式向pG端下挂设备传送资源。In the embodiment of the present invention, when vG-side resource sharing between virtual homes is performed, the vG-side informs the pG-side connected device of the resources provided by itself through multicast, and the pG-side downlink device informs the resource provided by the vG-side The resources required by the vG end itself, and the vG end transmits the resources to the devices connected to the pG end through unicast.
本发明实施例的一种基于VXLAN和OpenFlow的虚拟家庭网络 共享方法,通过在虚拟家庭间新建VXLAN连接,并修改新建VXLAN连接的VXLAN FDB表,以使虚拟家庭间二层网络可达,使得某个虚拟家庭的vG端能够对其它虚拟家庭pG端下挂设备发送组播报文,且其它虚拟家庭pG端下挂设备能够获取该虚拟家庭vG端的资源,各虚拟家庭的vG端和pG端间能够进行数据报文传输,实现资源共享。A method for sharing a virtual home network based on VXLAN and OpenFlow in an embodiment of the present invention is to create a VXLAN connection between virtual homes and modify the VXLAN FDB table of the newly created VXLAN connection to make the second-tier network between the virtual homes reachable, so that a certain The vG end of a virtual home can send multicast packets to other virtual home pG end-linked devices, and other virtual home pG end-linked devices can obtain resources of the virtual home vG end. Between the vG end and the pG end of each virtual home It can carry out data message transmission and realize resource sharing.
可选地,在上述一种基于VXLAN和OpenFlow的虚拟家庭网络共享方法对应实施例的基础上,本发明实施例提供的一种基于VXLAN和OpenFlow的虚拟家庭网络共享方法的第一个可选实施例中,vG端通过组播方式向所有pG端下挂设备组播自身所含资源之前,具体包括:修改vG端新建VXLAN连接VTEP端的FDB表,以使vG端的组播包可达pG端;修改vG端的OpenFlow流表,以使vG端的源IP地址为未被使用的IP地址,即之前未被使用的IP地址,避免与已有IP地址造成冲突。VTEP,即VXLAN Tunnel End Point,负责原始以太报文的VXLAN封装和解封装。Optionally, on the basis of the corresponding embodiment of the above-mentioned VXLAN and OpenFlow-based virtual home network sharing method, the first optional implementation of the VXLAN and OpenFlow-based virtual home network sharing method provided by the embodiment of the present invention In the example, before the vG end multicasts its own resources to all the pG end-connected devices through multicast, the specific steps include: modifying the FDB table of the newly created VXLAN connection VTEP end at the vG end so that the multicast packets on the vG end can reach the pG end; Modify the OpenFlow flow table on the vG side so that the source IP address of the vG side is an unused IP address, that is, an unused IP address before, to avoid conflicts with existing IP addresses. VTEP, namely VXLAN Tunnel End Point, is responsible for VXLAN encapsulation and decapsulation of original Ethernet packets.
pG端下挂设备通过单播方式告知vG端自身所需资源之前,具体包括:修改pG端VXLAN连接VTEP端的FDB表,以使pG端下挂设备的单播包可达vG端;修改pG端的OpenFlow流表,以使pG下挂设备发往vG端的报文的源IP地址为未被使用IP地址,即之前未被使用的IP地址,避免与已有IP地址造成冲突。Before the device linked to the pG end informs the vG end of its required resources through unicast, the specific steps include: modifying the FDB table of the VXLAN connection on the pG end to the VTEP end, so that the unicast packets of the device linked to the pG end can reach the vG end; modifying the pG end OpenFlow flow table, so that the source IP address of the packet sent by the device attached to the pG to the vG end is an unused IP address, that is, an unused IP address before, so as to avoid conflicts with existing IP addresses.
可选地,在上述一种基于VXLAN和OpenFlow的虚拟家庭网络共享方法对应第一个可选实施例的基础上,本发明实施例提供的一种基于VXLAN和OpenFlow的虚拟家庭网络共享方法的第二个可选实施例中,修改vG端VXLAN连接VTEP端的FDB表,修改vG端的OpenFlow流表,具体包括:Optionally, on the basis of the foregoing VXLAN and OpenFlow-based virtual home network sharing method corresponding to the first optional embodiment, the embodiment of the present invention provides a VXLAN and OpenFlow-based virtual home network sharing method in the first embodiment. In the two alternative embodiments, modifying the FDB table of the VXLAN connection on the vG side to the VTEP side and modifying the OpenFlow flow table on the vG side includes:
vG端虚拟交换机中进行IP映射,并通过下发OpenFlow流表,将vG端的源IP地址映射为未被使用的第一IP地址;Perform IP mapping in the virtual switch on the vG side, and map the source IP address of the vG side to the unused first IP address by issuing the OpenFlow flow table;
修改vG端新建VXLAN连接中VTEP端FDB表,将组播包的目的mac地址对应为pG端vtep端点。Modify the FDB table on the VTEP side in the newly created VXLAN connection on the vG side, and map the destination mac address of the multicast packet to the vtep endpoint on the pG side.
修改pG端VXLAN连接VTEP端的FDB表,修改pG端的OpenFlow流表,具体包括:Modify the FDB table of the VXLAN connection on the pG side to the VTEP side, and modify the OpenFlow flow table on the pG side, including:
pG端虚拟交换机中进行IP映射,并通过下发OpenFlow流表,将pG端下挂设备发往发往vG端报文的IP地址映射为未被使用的第二IP地址;Perform IP mapping in the virtual switch on the pG side, and by issuing the OpenFlow flow table, map the IP address of the packet sent to the vG side by the device connected to the pG side to the unused second IP address;
修改pG虚拟交换机中ARP表,将第一IP地址对应为vG端的mac地址;Modify the ARP table in the pG virtual switch to map the first IP address to the mac address of the vG end;
将pG端VXLAN连接VTEP端FDB表中,vG端的mac地址对应为vG端VTEP端点。Connect the pG end VXLAN to the VTEP end FDB table, the mac address of the vG end corresponds to the vG end VTEP endpoint.
可选地,在上述一种基于VXLAN和OpenFlow的虚拟家庭网络共享方法对应第二个可选实施例的基础上,本发明实施例提供的一种基于VXLAN和OpenFlow的虚拟家庭网络共享方法的第三个可选实施例中,vG端通过单播方式发送pG下挂设备所需资源之前,还包括:Optionally, on the basis of the foregoing VXLAN and OpenFlow-based virtual home network sharing method corresponding to the second optional embodiment, the embodiment of the present invention provides a VXLAN and OpenFlow-based virtual home network sharing method in the first In the three optional embodiments, before the vG side sends the resources required by the pG-connected device in unicast mode, it further includes:
vG端虚拟交换机中进行IP映射,并通过下发OpenFlow流表,将vG端的源IP地址映射为第一IP地址;Perform IP mapping in the virtual switch on the vG side, and map the source IP address of the vG side to the first IP address by issuing the OpenFlow flow table;
修改vG端虚拟交换机中ARP表,将第二IP地址对应为pG端下挂设备的mac地址;Modify the ARP table in the virtual switch on the vG end to correspond the second IP address to the mac address of the device connected to the pG end;
将vG端新建VXLAN连接VTEP端FDB表中,pG端下挂设备的mac地址对应为pG端VTEP端点。Connect the newly created VXLAN at the vG end to the FDB table at the VTEP end. The mac address of the device connected to the pG end corresponds to the VTEP end point of the pG end.
以下结合一实例来对本发明实施例中vG端通过组播方式告知其 他pG下挂设备自己所提供的资源,pG下挂设备获知vG端所提供的资源后告知vG端自身所需资源,vG端通过单播方式向pG端下挂设备传送资源,上述流程进行具体说明。The following uses an example to inform the vG end of the embodiment of the present invention of the resources provided by other pG offline devices through multicast. The pG offline device learns the resources provided by the vG end and informs the vG end of the resources it needs. The resource is transmitted to the device connected to the pG end in a unicast mode, and the above process is described in detail.
参见图2所示,vG端相当于虚拟家庭网关的服务器侧,pG端相当于为虚拟家庭网关的用户侧。vG和pG中部署有vSwitch,通过OpenFlow协议接受控制器Controller的控制,从而能够修改数据报文的五元组信息等。NC(Network Card)代表网卡,VXLAN隧道端点为vtep。代理Agent(图2中pG2Agent省略未画出)接受控制器Controller的管理对vtep的VXLAN FDB表进行配置。vG端通过组播方式告知其他pG端下挂设备自己所提供的资源流程中,vG端发往pG端的组播报文,处理逻辑如下:As shown in Figure 2, the vG end is equivalent to the server side of the virtual home gateway, and the pG end is equivalent to the user side of the virtual home gateway. A vSwitch is deployed in vG and pG, and accepts the control of the controller through the OpenFlow protocol, so that the quintuple information of the data message can be modified. NC (Network Card) stands for network card, and the VXLAN tunnel endpoint is vtep. The agent (pG2Agent is omitted and not shown in Figure 2) accepts the management of the controller to configure the VXLAN FDB table of vtep. In the process of informing other pG-connected devices of the resources provided by the vG end through multicast, the multicast packet sent from the vG end to the pG end has the following processing logic:
VXLAN源端点(vG端)为vtep1,源IP地址为ip1,源mac地址为mac1;VXLAN目的端点(pG端)为vtep2,目的IP地址为组播地址ip_multi,目的mac地址为组播mac地址mac_multi。VXLAN source endpoint (vG side) is vtep1, source IP address is ip1, source mac address is mac1; VXLAN destination endpoint (pG side) is vtep2, destination IP address is multicast address ip_multi, destination mac address is multicast mac address mac_multi .
vG端虚拟交换机中做IP映射,通过下发OpenFlow流表,将源IP地址ip1映射为ip1_new(该地址为预留地址,不会造成不同家庭间的地址冲突),同时修改vG端VXLAN FDB表,将mac_multi对应为VXLAN端点vtep2;IP mapping is performed in the virtual switch on the vG side, and the source IP address ip1 is mapped to ip1_new by issuing the OpenFlow flow table (this address is a reserved address and will not cause address conflicts between different families), and the VXLAN FDB table on the vG side is modified at the same time , Corresponding to mac_multi as VXLAN endpoint vtep2;
pG端接收到的组播报文,源MAC地址为mac1,源IP地址为ip1_new,目的MAC地址为mac_multi,目的IP地址为ip_multi。For the multicast packet received by the pG end, the source MAC address is mac1, the source IP address is ip1_new, the destination MAC address is mac_multi, and the destination IP address is ip_multi.
参见图3所示,pG端下挂设备获知vG端所提供的资源后告知vG端自身所需资源流程中,pG端下挂设备通过单播方式回复报文告知vG端自身所需资源,处理逻辑如下:As shown in Figure 3, the pG-side attached device informs the vG side of the resources it needs after learning the resources provided by the vG side. In the process, the pG-side attached device replies with a unicast message to inform the vG side of the resources it needs. The logic is as follows:
vG端所在VXLAN端点为vtep1,vG端IP地址为ip1,服务器mac地址为mac1;pG所在VXLAN端点为vtep2,pG端下挂设备IP 地址为ip2,pG端下挂设备mac地址为mac2。由于pG端收到的组播报文的源IP地址为ip1_new,因此回复报文的目的IP地址为ip1_new,源IP地址为ip2;The VXLAN endpoint of the vG end is vtep1, the IP address of the vG end is ip1, and the mac address of the server is mac1; the VXLAN endpoint of pG is vtep2, the IP address of the device attached to the pG end is ip2, and the mac address of the device attached to the pG end is mac2. Since the source IP address of the multicast message received by the pG end is ip1_new, the destination IP address of the reply message is ip1_new, and the source IP address is ip2;
pG端的虚拟交换机中进行IP映射,通过控制器下发OpenFlow流表,将源IP地址ip2映射为ip2_new(该地址为预留地址,不会造成不同家庭间的地址冲突),修改虚拟交换机中的ARP表为ip1_new对应mac1,修改pG端所在VXLAN端点中FDB表,将mac1对应VXLAN端点vtep1;IP mapping is performed in the virtual switch on the pG side, and the OpenFlow flow table is issued through the controller to map the source IP address ip2 to ip2_new (this address is a reserved address and will not cause address conflicts between different families), and modify the virtual switch The ARP table is ip1_new corresponding to mac1, modify the FDB table in the VXLAN endpoint where the pG end is located, and match mac1 to the VXLAN endpoint vtep1;
vG端VXLAN接口vtep1接收到的包解封装后,源MAC地址为mac2,源IP地址为ip2_new,目的mac地址为mac1,目的IP地址为ip1_new,通过修改vG端中的OpenFlow流表做IP映射,将该报文的目的IP地址ip1_new更换为ip1,然后将该报文转发给vG端内部处理。After the packet received by the VXLAN interface vtep1 on the vG side is decapsulated, the source MAC address is mac2, the source IP address is ip2_new, the destination mac address is mac1, and the destination IP address is ip1_new. The OpenFlow flow table in the vG side is modified to do IP mapping. Change the destination IP address ip1_new of the message to ip1, and then forward the message to the vG end for internal processing.
参见图4所示,vG端通过单播方式向pG端传送资源,逻辑如下:As shown in Figure 4, the vG end transmits resources to the pG end through unicast, and the logic is as follows:
vG端所在VXLAN端点为vtep1,vG端IP地址为ip1,vG端mac地址为mac1;pG端VXLAN端点为vtep2,pG端下挂设备IP地址为ip2,pG端下挂设备mac地址为mac2;The VXLAN endpoint of the vG end is vtep1, the IP address of the vG end is ip1, and the mac address of the vG end is mac1; the VXLAN endpoint of the pG end is vtep2, the IP address of the device at the pG end is ip2, and the mac address of the device at the pG end is mac2;
vG端发出的数据报文源mac地址为mac1,源IP地址为ip1,目的mac地址为mac2,目的IP地址为ip2_new。vG端中的虚拟交换机中做IP映射,通过下发OpenFlow流表,将源IP地址映射为ip1_new,vG端的虚拟交换机中的ARP表修改,使ip2_new对应mac2,修改vG端VXLAN的FDB表为mac2对应vtep2;The source mac address of the data message sent by the vG end is mac1, the source IP address is ip1, the destination mac address is mac2, and the destination IP address is ip2_new. IP mapping is done in the virtual switch on the vG side, the source IP address is mapped to ip1_new by issuing the OpenFlow flow table, the ARP table in the virtual switch on the vG side is modified so that ip2_new corresponds to mac2, and the FDB table of the VXLAN on the vG side is modified to mac2 Corresponding to vtep2;
pG端VXLAN接口vtep2解封装后的报文,源mac地址为mac1,源IP地址为ip1_new,目的mac地址为mac2,目的IP地址为ip2_new。 pG端所在的虚拟交换机中做IP映射,通过下发OpenFlow流表,将目的IP地址ip2_new映射为ip2,同时修改ARP表为ip1_new对应mac1,pG端下挂设备所收到的报文源mac地址为mac1,源IP地址为ip1_new,目的mac地址为mac2,目的IP地址为ip2。The packet decapsulated by the VXLAN interface vtep2 on the pG side has the source mac address as mac1, the source IP address as ip1_new, the destination mac address as mac2, and the destination IP address as ip2_new. IP mapping is done in the virtual switch where the pG end is located, the destination IP address ip2_new is mapped to ip2 by issuing the OpenFlow flow table, and the ARP table is modified to ip1_new corresponding to mac1, and the source mac address of the packet received by the device connected to the pG end Is mac1, the source IP address is ip1_new, the destination mac address is mac2, and the destination IP address is ip2.
本发明实施例中,在虚拟家庭网关的服务器侧和用户侧中,需要部署有Agent,用于接受控制器的指令下发配置。控制器Controller通过Netconf协议连接该Agent,用以下发配置,更改服务器侧和设备侧vtep的FDB表。In the embodiment of the present invention, on the server side and the user side of the virtual home gateway, an Agent needs to be deployed for receiving instructions from the controller to issue configuration. The Controller connects to the Agent through the Netconf protocol, and uses the following configuration to change the FDB table of the vtep on the server side and the device side.
控制器(Controller)主要提供南北向的API接口,南向接口负责和基础网络设备通信、调用,北向接口负责和上层应用通信、调用。同时,控制器会提供Web管理平台,所有SDN网络功能均在这个界面上进行部署、调用,网络功能之间的独立性、易用性、可扩展性是衡量SDN Controller的关键指标。The Controller mainly provides the north-south API interface, the southbound interface is responsible for communicating and calling with basic network equipment, and the northbound interface is responsible for communicating and calling with upper-layer applications. At the same time, the controller will provide a web management platform. All SDN network functions are deployed and invoked on this interface. The independence, ease of use, and scalability between network functions are key indicators for measuring SDN Controller.
为各个Agent分配所未使用的IP资源,通过Netconf等协议向Agent下发配置,用以修改VTEP端的VXLAN FDB表。修改vSwitch的转发规则,如果采用支持OpenFlow协议的虚拟交换机,则通过OpenFlow协议下发流表,用以更改数据报文的IP地址。Assign unused IP resources to each agent, and send configuration to the agent through protocols such as Netconf to modify the VXLAN FDB table on the VTEP side. Modify the forwarding rules of the vSwitch. If a virtual switch that supports the OpenFlow protocol is used, the flow table is issued through the OpenFlow protocol to change the IP address of the data message.
配置代理Agent需要维护VXLAN转发数据表。Agent接收Controller的指令,对VTEP的FDB表进行配置。To configure the agent, the VXLAN forwarding data table needs to be maintained. The Agent receives instructions from the Controller and configures the FDB table of the VTEP.
VXLAN FDB表格式如图5所示。VXLAN隧道的端点叫做VTEP,VTEP中可以配置转发数据表,其可以根据内层报文的目的MAC地址决定将数据包封装在VXLAN报文中送往下一跳VTEP。如果是单播MAC,Agent只需配置该MAC地址所对应的远端vtep,vtep的信息包含IP、VNI(VXLAN Network Identifier,虚拟可扩展局域网网络标识符)和port(端口)信息。如果是组播MAC,Agent 需要配置该MAC地址所对应的远端vtep链表。如图5(a)所示,如果内层报文的目的MAC地址是单播MAC地址,则意味着该报文只需发往一个vtep端,因此只需记录该单播MAC地址所对应vtep端的IP地址、VNI号以及端口port号。如图5(b)所示,如果内层报文的目的MAC地址是组播MAC地址,则意味着该报文需要发往多个vtep端,因此需要记录多个vtep端的IP地址、VNI号以及端口port号,并以链表的形式进行存储。The format of the VXLAN FDB table is shown in Figure 5. The endpoint of the VXLAN tunnel is called a VTEP, and a forwarding data table can be configured in the VTEP. It can decide to encapsulate the data packet in a VXLAN message and send it to the next hop VTEP according to the destination MAC address of the inner message. If it is a unicast MAC, the agent only needs to configure the remote vtep corresponding to the MAC address. The vtep information includes IP, VNI (VXLAN Network Identifier, virtual extensible local area network identifier) and port information. If it is a multicast MAC, the agent needs to configure the remote vtep linked list corresponding to the MAC address. As shown in Figure 5(a), if the destination MAC address of the inner layer message is a unicast MAC address, it means that the message only needs to be sent to one vtep end, so only the vtep corresponding to the unicast MAC address needs to be recorded The IP address, VNI number, and port number of the terminal. As shown in Figure 5(b), if the destination MAC address of the inner message is a multicast MAC address, it means that the message needs to be sent to multiple vtep ends, so the IP addresses and VNI numbers of multiple vtep ends need to be recorded And the port number, and store it in the form of a linked list.
本发明实施例提供的一种基于VXLAN和OpenFlow的虚拟家庭网络共享系统的一实施例包括:An embodiment of a virtual home network sharing system based on VXLAN and OpenFlow provided by the embodiment of the present invention includes:
第一创建模块,其用于创建VXLAN连接,连接虚拟家庭网关的vG端和pG端;The first creation module, which is used to create a VXLAN connection and connect the vG end and the pG end of the virtual home gateway;
第二创建模块,其用于在虚拟家庭间新建VXLAN连接,并修改新建VXLAN连接的VXLAN FDB表,以使虚拟家庭间二层网络可达;The second creation module is used to create a new VXLAN connection between virtual homes and modify the VXLAN FDB table of the newly created VXLAN connection to make the second-tier network between the virtual homes reachable;
组播模块,其用于驱使vG端通过组播方式向pG端下挂设备广播自身所含资源;Multicast module, which is used to drive the vG end to broadcast its own resources to the pG end-linked device through multicast;
第一单播模块,其用于驱使pG端下挂设备通过单播方式告知vG端自身所需资源;The first unicast module, which is used to drive the device connected to the pG end to inform the vG end of the resources it needs by unicasting;
第二单播模块,其用于驱使vG端通过单播方式发送pG端下挂设备所需资源。The second unicast module is used to drive the vG end to send the resources required by the device connected to the pG end in a unicast manner.
vG端通过组播方式广播自身所含资源之前,具体包括:Before the vG end broadcasts its own resources through multicast, it specifically includes:
修改vG端新建VXLAN连接VTEP端的FDB表,以使vG端的组播包可达pG端;Modify the FDB table of the newly created VXLAN connection on the VTEP side on the vG side so that the multicast packets on the vG side can reach the pG side;
修改vG端的OpenFlow流表,以使vG端的源IP地址为未被使用IP地址;Modify the OpenFlow flow table on the vG side to make the source IP address of the vG side an unused IP address;
pG端下挂设备通过单播方式告知vG端自身所需资源之前,具体包括:Before the device connected to the pG end informs the vG end of its required resources through unicast, it specifically includes:
修改pG端VXLAN连接VTEP端的FDB表,以使pG端下挂设备的单播包可达vG端;Modify the FDB table of the VXLAN connection on the pG end to the VTEP end so that the unicast packets of the device connected to the pG end can reach the vG end;
修改pG端的OpenFlow流表,以使pG端下挂设备发往vG端的报文的源IP地址为未被使用IP地址。Modify the OpenFlow flow table on the pG end so that the source IP address of the packet sent by the device attached to the pG end to the vG end is an unused IP address.
可选地,在上述一种基于VXLAN和OpenFlow的虚拟家庭网络共享系统对应实施例的基础上,本发明实施例提供的一种基于VXLAN和OpenFlow的虚拟家庭网络共享系统的第一个可选实施例中,修改vG端新建VXLAN连接VTEP端的FDB表,修改vG端的OpenFlow流表,具体包括:Optionally, on the basis of the above-mentioned corresponding embodiment of a virtual home network sharing system based on VXLAN and OpenFlow, the first optional implementation of a virtual home network sharing system based on VXLAN and OpenFlow provided in the embodiment of the present invention In the example, modify the FDB table of the newly created VXLAN connection VTEP side on the vG side, and modify the OpenFlow flow table on the vG side, including:
vG端虚拟交换机中进行IP映射,并通过下发OpenFlow流表,将vG端的源IP地址映射为未被使用的第一IP地址;Perform IP mapping in the virtual switch on the vG side, and map the source IP address of the vG side to the unused first IP address by issuing the OpenFlow flow table;
修改vG端新建VXLAN连接中VTEP端FDB表,将组播包的目的mac地址对应为pG端vtep端点。Modify the FDB table on the VTEP side in the newly created VXLAN connection on the vG side, and map the destination mac address of the multicast packet to the vtep endpoint on the pG side.
修改pG端VXLAN连接VTEP端的FDB表,修改pG端的OpenFlow流表,具体包括:Modify the FDB table of the VXLAN connection on the pG side to the VTEP side, and modify the OpenFlow flow table on the pG side, including:
pG端虚拟交换机中进行IP映射,并通过下发OpenFlow流表,将pG端下挂设备发往vG端报文的源IP地址映射为未被使用的第二IP地址;IP mapping is performed in the virtual switch on the pG end, and the OpenFlow flow table is issued to map the source IP address of the packet sent by the device at the pG end to the vG end to the unused second IP address;
修改pG端虚拟交换机中ARP表,将第一IP地址对应为vG端的mac地址;Modify the ARP table in the virtual switch on the pG side to correspond the first IP address to the mac address on the vG side;
将pG端VXLAN连接VTEP端FDB表中,vG端的mac地址对应为vG端VXLAN端点。Connect the pG end VXLAN to the VTEP end FDB table, and the mac address of the vG end corresponds to the VXLAN end point of the vG end.
vG端通过单播方式发送pG端下挂设备所需资源之前,还包括:Before the vG end sends the resources required by the device connected to the pG end through unicast, it also includes:
vG端虚拟交换机中进行IP映射,并通过下发OpenFlow流表,将vG端的源IP地址映射为第一IP地址;Perform IP mapping in the virtual switch on the vG side, and map the source IP address of the vG side to the first IP address by issuing the OpenFlow flow table;
修改vG端虚拟交换机中ARP表,将第二IP地址对应为pG端下挂设备的mac地址;Modify the ARP table in the virtual switch on the vG end to correspond the second IP address to the mac address of the device connected to the pG end;
将vG端新建VXLAN连接VTEP端FDB表中,pG端下挂设备的mac地址对应为pG端VTEP端点。Connect the newly created VXLAN at the vG end to the FDB table at the VTEP end. The mac address of the device connected to the pG end corresponds to the VTEP end point of the pG end.
本发明是参照根据本发明实施例的方法、设备(系统)和计算机程序产品的流程图和/或方框图来描述的。应理解可由计算机程序指令实现流程图和/或方框图中的每一流程和/或方框、以及流程图和/或方框图中的流程和/或方框的结合。可提供这些计算机程序指令到通用计算机、专用计算机、嵌入式处理机或其他可编程数据处理设备的处理器以产生一个机器,使得通过计算机或其他可编程数据处理设备的处理器执行的指令产生用于实现在流程图一个流程或多个流程和/或方框图一个方框或多个方框中指定的功能的装置。The present invention is described with reference to flowcharts and/or block diagrams of methods, equipment (systems) and computer program products according to embodiments of the present invention. It should be understood that each process and/or block in the flowchart and/or block diagram, and the combination of processes and/or blocks in the flowchart and/or block diagram can be implemented by computer program instructions. These computer program instructions can be provided to the processor of a general-purpose computer, a special-purpose computer, an embedded processor, or other programmable data processing equipment to generate a machine, so that the instructions executed by the processor of the computer or other programmable data processing equipment are generated It is a device that realizes the functions specified in one process or multiple processes in the flowchart and/or one block or multiple blocks in the block diagram.
本发明不局限于上述实施方式,对于本技术领域的普通技术人员来说,在不脱离本发明原理的前提下,还可以做出若干改进和润饰,这些改进和润饰也视为本发明的保护范围之内。本说明书中未作详细描述的内容属于本领域专业技术人员公知的现有技术。The present invention is not limited to the above-mentioned embodiments. For those of ordinary skill in the art, without departing from the principle of the present invention, several improvements and modifications can be made, and these improvements and modifications are also regarded as the protection of the present invention. Within range. The content not described in detail in this specification belongs to the prior art known to those skilled in the art.

Claims (10)

  1. 一种基于VXLAN和OpenFlow的虚拟家庭网络共享方法,其特征在于,包括以下步骤:A virtual home network sharing method based on VXLAN and OpenFlow is characterized in that it includes the following steps:
    创建VXLAN连接,连接虚拟家庭的vG端和pG端;Create a VXLAN connection to connect the vG end and pG end of the virtual home;
    虚拟家庭间新建VXLAN连接,并修改新建VXLAN连接的VXLAN FDB表,以使虚拟家庭间二层网络可达;Create a new VXLAN connection between virtual homes and modify the VXLAN FDB table of the newly created VXLAN connection to make the second-tier network between the virtual homes reachable;
    vG端通过组播方式向pG端下挂设备组播自身所含资源;The vG end multicasts its own resources to the device connected to the pG end through multicast;
    pG端下挂设备通过单播方式告知vG端自身所需资源;The device attached to the pG end informs the vG end of its required resources through unicast;
    vG端通过单播方式发送pG端下挂设备所需资源。The vG end sends the resources required by the device connected to the pG end through unicast.
  2. 如权利要求1所述的一种基于VXLAN和OpenFlow的虚拟家庭网络共享方法,其特征在于,A virtual home network sharing method based on VXLAN and OpenFlow according to claim 1, characterized in that:
    所述vG端通过组播方式向所有pG端下挂设备组播自身所含资源之前,具体包括:Before the vG end multicasts its own resources to all pG end-linked devices in a multicast manner, it specifically includes:
    修改vG端VXLAN连接VTEP端的FDB表,以使vG端的组播包可达pG端;Modify the FDB table of the VXLAN connection on the vG side to the VTEP side so that the multicast packets on the vG side can reach the pG side;
    修改vG端的OpenFlow流表,以使vG端的源IP地址为未被使用IP地址;Modify the OpenFlow flow table on the vG side to make the source IP address of the vG side an unused IP address;
    所述pG端下挂设备通过单播方式告知vG端自身所需资源之前,具体包括:Before the pG end-linked device notifies the vG end of its required resources through unicast, it specifically includes:
    修改pG端VXLAN连接VTEP端的FDB表,以使pG端下挂设备的单播包可达vG端;Modify the FDB table of the VXLAN connection on the pG end to the VTEP end so that the unicast packets of the device connected to the pG end can reach the vG end;
    修改pG端的OpenFlow流表,以使pG端下挂设备发往vG端的报文的源IP地址为未被使用IP地址。Modify the OpenFlow flow table on the pG end so that the source IP address of the packet sent by the device attached to the pG end to the vG end is an unused IP address.
  3. 如权利要求2所述的一种基于VXLAN和OpenFlow的虚拟家庭网络共享方法,其特征在于,修改vG端VXLAN连接VTEP端 的FDB表,修改vG端的OpenFlow流表,具体包括:A virtual home network sharing method based on VXLAN and OpenFlow according to claim 2, characterized in that modifying the FDB table of the VXLAN connection on the vG side and the VTEP side and modifying the OpenFlow flow table on the vG side specifically includes:
    vG端虚拟交换机中进行IP映射,并通过下发OpenFlow流表,将vG端的源IP地址映射为未被使用的第一IP地址;Perform IP mapping in the virtual switch on the vG side, and map the source IP address of the vG side to the unused first IP address by issuing the OpenFlow flow table;
    修改vG端新建VXLAN连接中VTEP端FDB表,将组播包的目的mac地址对应为pG端vtep端点。Modify the FDB table on the VTEP side in the newly created VXLAN connection on the vG side, and map the destination mac address of the multicast packet to the vtep endpoint on the pG side.
  4. 如权利要求3所述的一种基于VXLAN和OpenFlow的虚拟家庭网络共享方法,其特征在于,修改pG端VXLAN连接VTEP端的FDB表,修改pG端的OpenFlow流表,具体包括:A virtual home network sharing method based on VXLAN and OpenFlow according to claim 3, characterized in that modifying the FDB table of the VXLAN connection on the pG side and the VTEP side and modifying the OpenFlow flow table on the pG side specifically includes:
    pG端虚拟交换机中进行IP映射,并通过下发OpenFlow流表,将pG端下挂设备发往vG端报文的源IP地址映射为未被使用的第二IP地址;IP mapping is performed in the virtual switch on the pG end, and the OpenFlow flow table is issued to map the source IP address of the packet sent by the device at the pG end to the vG end to the unused second IP address;
    修改pG端虚拟交换机中ARP表,将第一IP地址对应为vG端的mac地址;Modify the ARP table in the virtual switch on the pG side to correspond the first IP address to the mac address on the vG side;
    将pG端VXLAN连接VTEP端FDB表中,vG端的mac地址对应为vG端VTEP端点。Connect the pG end VXLAN to the VTEP end FDB table, the mac address of the vG end corresponds to the vG end VTEP endpoint.
  5. 如权利要求4所述的一种基于VXLAN和OpenFlow的虚拟家庭网络共享方法,其特征在于,所述vG端通过单播方式发送pG端下挂设备所需资源之前,还包括:A virtual home network sharing method based on VXLAN and OpenFlow according to claim 4, characterized in that, before the vG end sends the resources required by the pG end connected device through unicast, it further comprises:
    vG端虚拟交换机中进行IP映射,并通过下发OpenFlow流表,将vG端的源IP地址映射为第一IP地址;Perform IP mapping in the virtual switch on the vG side, and map the source IP address of the vG side to the first IP address by issuing the OpenFlow flow table;
    修改vG端虚拟交换机中ARP表,将第二IP地址对应为pG端下挂设备的mac地址;Modify the ARP table in the virtual switch on the vG end to correspond the second IP address to the mac address of the device connected to the pG end;
    将vG端新建VXLAN连接VTEP端FDB表中,pG端下挂设备的mac地址对应为pG端VTEP端点。Connect the newly created VXLAN at the vG end to the FDB table at the VTEP end. The mac address of the device connected to the pG end corresponds to the VTEP end point of the pG end.
  6. 一种基于VXLAN和OpenFlow的虚拟家庭网络共享系统, 其特征在于,包括:A virtual home network sharing system based on VXLAN and OpenFlow is characterized in that it includes:
    第一创建模块,其用于创建VXLAN连接,连接虚拟家庭网关的vG端和pG端;The first creation module, which is used to create a VXLAN connection and connect the vG end and the pG end of the virtual home gateway;
    第二创建模块,其用于在虚拟家庭间新建VXLAN连接,并修改新建VXLAN连接的VXLAN FDB表,以使虚拟家庭间二层网络可达;The second creation module is used to create a new VXLAN connection between virtual homes and modify the VXLAN FDB table of the newly created VXLAN connection to make the second-tier network between the virtual homes reachable;
    组播模块,其用于驱使vG端通过组播方式向pG端下挂设备广播自身所含资源;Multicast module, which is used to drive the vG end to broadcast its own resources to the pG end-linked device through multicast;
    第一单播模块,其用于驱使pG端下挂设备通过单播方式告知vG端自身所需资源;The first unicast module, which is used to drive the device connected to the pG end to inform the vG end of the resources it needs by unicasting;
    第二单播模块,其用于驱使vG端通过单播方式发送pG端下挂设备所需资源。The second unicast module is used to drive the vG end to send the resources required by the device connected to the pG end in a unicast manner.
  7. 如权利要求6所述的一种基于VXLAN和OpenFlow的虚拟家庭网络共享系统,其特征在于,A virtual home network sharing system based on VXLAN and OpenFlow according to claim 6, characterized in that:
    所述vG端通过组播方式广播自身所含资源之前,具体包括:Before the vG end broadcasts its own resources in a multicast manner, it specifically includes:
    修改vG端新建VXLAN连接VTEP端的FDB表,以使vG端的组播包可达pG端;Modify the FDB table of the newly created VXLAN connection on the VTEP side on the vG side so that the multicast packets on the vG side can reach the pG side;
    修改vG端的OpenFlow流表,以使vG端的源IP地址为未被使用IP地址;Modify the OpenFlow flow table on the vG side to make the source IP address of the vG side an unused IP address;
    所述pG端下挂设备通过单播方式告知vG端自身所需资源之前,具体包括:Before the pG end-linked device notifies the vG end of its required resources through unicast, it specifically includes:
    修改pG端VXLAN连接VTEP端的FDB表,以使pG端下挂设备的单播包可达vG端;Modify the FDB table of the VXLAN connection on the pG end to the VTEP end so that the unicast packets of the device connected to the pG end can reach the vG end;
    修改pG端的OpenFlow流表,以使pG端下挂设备发往vG端的报文的源IP地址为未被使用IP地址。Modify the OpenFlow flow table on the pG end so that the source IP address of the packet sent by the device attached to the pG end to the vG end is an unused IP address.
  8. 如权利要求7所述的一种基于VXLAN和OpenFlow的虚拟家庭网络共享系统,其特征在于,修改vG端新建VXLAN连接VTEP端的FDB表,修改vG端的OpenFlow流表,具体包括:The virtual home network sharing system based on VXLAN and OpenFlow according to claim 7, characterized in that modifying the FDB table of the VXLAN connection VTEP side on the vG side and modifying the OpenFlow flow table on the vG side specifically includes:
    vG端虚拟交换机中进行IP映射,并通过下发OpenFlow流表,将vG端的源IP地址映射为未被使用的第一IP地址;Perform IP mapping in the virtual switch on the vG side, and map the source IP address of the vG side to the unused first IP address by issuing the OpenFlow flow table;
    修改vG端新建VXLAN连接中VTEP端FDB表,将组播包的目的mac地址对应为pG端vtep端点。Modify the FDB table on the VTEP side in the newly created VXLAN connection on the vG side, and map the destination mac address of the multicast packet to the vtep endpoint on the pG side.
  9. 如权利要求8所述的一种基于VXLAN和OpenFlow的虚拟家庭网络共享系统,其特征在于,修改pG端VXLAN连接VTEP端的FDB表,修改pG端的OpenFlow流表,具体包括:A virtual home network sharing system based on VXLAN and OpenFlow according to claim 8, characterized in that modifying the FDB table of the VXLAN connection on the pG side to the VTEP side and modifying the OpenFlow flow table of the pG side specifically includes:
    pG端虚拟交换机中进行IP映射,并通过下发OpenFlow流表,将pG端下挂设备发往vG端报文的源IP地址映射为未被使用的第二IP地址;IP mapping is performed in the virtual switch on the pG end, and the OpenFlow flow table is issued to map the source IP address of the packet sent by the device at the pG end to the vG end to the unused second IP address;
    修改pG端虚拟交换机中ARP表,将第一IP地址对应为vG端的mac地址;Modify the ARP table in the virtual switch on the pG side to correspond the first IP address to the mac address on the vG side;
    将pG端VXLAN连接VTEP端FDB表中,vG端的mac地址对应为vG端VTEP端点。Connect the pG end VXLAN to the VTEP end FDB table, the mac address of the vG end corresponds to the vG end VTEP endpoint.
  10. 如权利要求9所述的一种基于VXLAN和OpenFlow的虚拟家庭网络共享系统,其特征在于,所述vG端通过单播方式发送pG端下挂设备所需资源之前,还包括:The virtual home network sharing system based on VXLAN and OpenFlow according to claim 9, characterized in that, before the vG end sends the resources required by the pG end connected device through unicast, it further comprises:
    vG端虚拟交换机中进行IP映射,并通过下发OpenFlow流表,将vG端的源IP地址映射为第一IP地址;Perform IP mapping in the virtual switch on the vG side, and map the source IP address of the vG side to the first IP address by issuing the OpenFlow flow table;
    修改vG端虚拟交换机中ARP表,将第二IP地址对应为pG端下挂设备的mac地址;Modify the ARP table in the virtual switch on the vG end to correspond the second IP address to the mac address of the device connected to the pG end;
    将vG端新建VXLAN连接VTEP端FDB表中,pG端下挂设备 的mac地址对应为pG端VTEP端点。Connect the newly created VXLAN on the vG end to the VTEP end FDB table, and the mac address of the device connected to the pG end corresponds to the VTEP end point of the pG end.
PCT/CN2019/094124 2019-04-30 2019-07-01 Vxlan and openflow-based method and system for sharing virtual home network WO2020220459A1 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
CN201910365269.2A CN109936490B (en) 2019-04-30 2019-04-30 Virtual home network sharing method and system based on VXLAN and OpenFlow
CN201910365269.2 2019-04-30

Publications (1)

Publication Number Publication Date
WO2020220459A1 true WO2020220459A1 (en) 2020-11-05

Family

ID=66991192

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2019/094124 WO2020220459A1 (en) 2019-04-30 2019-07-01 Vxlan and openflow-based method and system for sharing virtual home network

Country Status (2)

Country Link
CN (1) CN109936490B (en)
WO (1) WO2020220459A1 (en)

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN113904986A (en) * 2021-09-29 2022-01-07 烽火通信科技股份有限公司 Two-layer intercommunication method and equipment for vxlan virtual network and vlan network
CN114338507A (en) * 2021-12-23 2022-04-12 武汉绿色网络信息服务有限责任公司 Method and device for changing traffic forwarding path in cloud gateway system

Families Citing this family (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN109936490B (en) * 2019-04-30 2020-07-07 烽火通信科技股份有限公司 Virtual home network sharing method and system based on VXLAN and OpenFlow
CN110601951B (en) * 2019-10-08 2021-12-10 浪潮云信息技术股份公司 Method for realizing VxLAN expandability in super-large-scale data center

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20170317919A1 (en) * 2016-04-29 2017-11-02 Cisco Technology, Inc. Interoperability between data plane learning endpoints and control plane learning endpoints in overlay networks
CN107465582A (en) * 2016-06-03 2017-12-12 中兴通讯股份有限公司 Data transmission method for uplink, device, system, physics home gateway and access node
CN107770010A (en) * 2017-09-29 2018-03-06 烽火通信科技股份有限公司 A kind of home intranet method and home networking system based on OpenFlow
WO2019076471A1 (en) * 2017-10-20 2019-04-25 Telefonaktiebolaget Lm Ericsson (Publ) Security enforcement for virtual gateways
CN109936490A (en) * 2019-04-30 2019-06-25 烽火通信科技股份有限公司 Virtual home network share method and system based on VXLAN and OpenFlow

Family Cites Families (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN105515992B (en) * 2014-09-26 2019-01-11 新华三技术有限公司 Flow entry processing method and processing device in VXLAN network
CN105577417B (en) * 2014-11-06 2019-02-22 新华三技术有限公司 Message forwarding method and device based on VXLAN network
CN107733764B (en) * 2016-08-11 2020-10-09 中国电信股份有限公司 Method, system and related equipment for establishing virtual extensible local area network tunnel
CN106789541B (en) * 2017-02-28 2019-11-15 江苏省未来网络创新研究院 A kind of across data center communication means and network system based on SDN
CN108429680B (en) * 2018-03-07 2020-09-15 北京青云科技股份有限公司 Route configuration method, system, medium and equipment based on virtual private cloud

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20170317919A1 (en) * 2016-04-29 2017-11-02 Cisco Technology, Inc. Interoperability between data plane learning endpoints and control plane learning endpoints in overlay networks
CN107465582A (en) * 2016-06-03 2017-12-12 中兴通讯股份有限公司 Data transmission method for uplink, device, system, physics home gateway and access node
CN107770010A (en) * 2017-09-29 2018-03-06 烽火通信科技股份有限公司 A kind of home intranet method and home networking system based on OpenFlow
WO2019076471A1 (en) * 2017-10-20 2019-04-25 Telefonaktiebolaget Lm Ericsson (Publ) Security enforcement for virtual gateways
CN109936490A (en) * 2019-04-30 2019-06-25 烽火通信科技股份有限公司 Virtual home network share method and system based on VXLAN and OpenFlow

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
HUAWEI ET AL.: "Overlapping IP Addresses with FMSS", SA WG2 MEETING #S2-116BIS S2-164736, 2 September 2016 (2016-09-02), XP051615114, DOI: 20191223084119A *

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN113904986A (en) * 2021-09-29 2022-01-07 烽火通信科技股份有限公司 Two-layer intercommunication method and equipment for vxlan virtual network and vlan network
CN113904986B (en) * 2021-09-29 2022-11-18 烽火通信科技股份有限公司 Two-layer intercommunication method and equipment for vxlan virtual network and vlan network
CN114338507A (en) * 2021-12-23 2022-04-12 武汉绿色网络信息服务有限责任公司 Method and device for changing traffic forwarding path in cloud gateway system

Also Published As

Publication number Publication date
CN109936490A (en) 2019-06-25
CN109936490B (en) 2020-07-07

Similar Documents

Publication Publication Date Title
WO2020220459A1 (en) Vxlan and openflow-based method and system for sharing virtual home network
US11374857B2 (en) Network device management method and apparatus, and system for indicating a network device to perform management operation
US10057116B2 (en) Method and device for configuring and managing network element equipment, and network element equipment
CN104935516B (en) Communication system and method based on software defined network
CN104396192B (en) Dissymmetric network address encapsulates
US8848609B2 (en) Forwarding internet protocol version 6 link-local multicast to support roaming of wireless mobile client devices
CN102316030B (en) Method for realizing two-layer internetworking of data center and device
CN104488222B (en) The network setting method of domestic network system and router therein
WO2018214809A1 (en) Message transmission method and device, and storage medium
EP3069471B1 (en) Optimized multicast routing in a clos-like network
US9036633B2 (en) Multicast support for internet protocol version four residual deployment via encapsulation or translation
WO2015085788A1 (en) Method and apparatus for processing dynamic host configuration protocol message
WO2015143879A1 (en) Method for sending multicast packet and switch
CN106209616B (en) Flooding inhibition method and device
CN107820262B (en) Parameter configuration method, device and system
WO2020108531A1 (en) Packet forwarding
WO2017185780A1 (en) Forwarding table entry establishment method and apparatus
CN111865780A (en) Synchronization method and device
CN112995038B (en) Access method of PROFINET protocol in industrial SDN
CN112929284A (en) ND message identification method and system under IPv6VXLAN scene
WO2017036384A1 (en) Provider edge device and data forwarding method
CN110620715B (en) Virtual extended local area network communication method, tunnel endpoint and controller
CN107547691B (en) Address resolution protocol message proxy method and device
WO2021077991A1 (en) Message detection method, connectivity negotiation relationship establishment method, and related device
EP1993228B1 (en) Message sending method, message sending device and message transmission system

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 19927004

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 19927004

Country of ref document: EP

Kind code of ref document: A1