WO2023000630A1 - Distributed routing method and apparatus, device, and storage medium - Google Patents

Distributed routing method and apparatus, device, and storage medium Download PDF

Info

Publication number
WO2023000630A1
WO2023000630A1 PCT/CN2022/071687 CN2022071687W WO2023000630A1 WO 2023000630 A1 WO2023000630 A1 WO 2023000630A1 CN 2022071687 W CN2022071687 W CN 2022071687W WO 2023000630 A1 WO2023000630 A1 WO 2023000630A1
Authority
WO
WIPO (PCT)
Prior art keywords
data
port
data packet
flow table
vxlan
Prior art date
Application number
PCT/CN2022/071687
Other languages
French (fr)
Chinese (zh)
Inventor
张宏波
Original Assignee
平安科技(深圳)有限公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 平安科技(深圳)有限公司 filed Critical 平安科技(深圳)有限公司
Publication of WO2023000630A1 publication Critical patent/WO2023000630A1/en

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L45/00Routing or path finding of packets in data switching networks
    • H04L45/44Distributed routing
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L12/00Data switching networks
    • H04L12/28Data switching networks characterised by path configuration, e.g. LAN [Local Area Networks] or WAN [Wide Area Networks]
    • H04L12/46Interconnection of networks
    • H04L12/4633Interconnection of networks using encapsulation techniques, e.g. tunneling
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L12/00Data switching networks
    • H04L12/28Data switching networks characterised by path configuration, e.g. LAN [Local Area Networks] or WAN [Wide Area Networks]
    • H04L12/46Interconnection of networks
    • H04L12/4641Virtual LANs, VLANs, e.g. virtual private networks [VPN]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L45/00Routing or path finding of packets in data switching networks
    • H04L45/74Address processing for routing
    • H04L45/745Address table lookup; Address filtering
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L49/00Packet switching elements
    • H04L49/35Switches specially adapted for specific applications
    • H04L49/354Switches specially adapted for specific applications for supporting virtual local area networks [VLAN]

Definitions

  • the present application relates to the field of cloud technology, and in particular to a distributed routing method, device, equipment and storage medium.
  • a software virtual switch based on Open vSwitch is required to implement the distributed routing function.
  • Open vSwitch When managing the VXLAN distributed routing of the vpc host overlay network, a software virtual switch based on Open vSwitch is required to implement the distributed routing function.
  • Open vSwitch When Open vSwitch is used to implement virtual switching, a large number of upcalls will be sent to the user plane if the kernel flow table misses. In the case of a large number of short connections (redis services), the performance of the virtual switch will deteriorate.
  • the main purpose of this application is to solve the technical problem that a large number of flow table lookup operations will lead to a decrease in virtual machine network performance when a virtual machine switch is used for distributed routing management.
  • the first aspect of the present application provides a distributed routing method, including: receiving a data sending instruction, extracting a data packet in the data sending instruction, and forwarding the data packet to the host core; extracting the data sending instruction source port and target port, and query the virtual network port associated with the source port in the preset association rules; forward the data packet to the corresponding physical network port through the virtual network port; extract the data packet According to the data information, look up the corresponding data forwarding flow table from the host kernel according to the data information, wherein the data forwarding flow table is used to indicate the forwarding rule between the physical network port and the target port; according to the Perform VXLAN encapsulation on the data forwarding flow table and the data information to obtain a VXLAN data tunnel, and transmit the data packet to the target port through the VXLAN data tunnel.
  • the second aspect of the present application provides a distributed routing device, including a memory, a processor, and computer-readable instructions stored on the memory and operable on the processor, and the processor executes the computer-readable instructions.
  • the following steps are implemented when reading the instruction: receiving the data sending instruction, extracting the data packet in the data sending instruction, and forwarding the data packet to the host kernel; extracting the source port and the target port of the data sending instruction, and querying The virtual network port associated with the source port in the preset association rules; forwarding the data packet to the corresponding physical network port through the virtual network port; extracting the data information of the data packet, according to the data information Find the corresponding data forwarding flow table from the host kernel, wherein the data forwarding flow table is used to indicate the forwarding rule between the physical network port and the target port; according to the data forwarding flow table and the data VXLAN encapsulation is performed on the information to obtain a VXLAN data tunnel, and the data packet is transmitted to the target port through the VXLAN data tunnel.
  • the third aspect of the present application provides a computer-readable storage medium, wherein computer instructions are stored in the computer-readable storage medium, and when the computer instructions are run on the computer, the computer is made to perform the following steps: receiving a data transmission instruction, Extracting the data packet in the data sending instruction, and forwarding the data packet to the host kernel; extracting the source port and the target port of the data sending instruction, and querying the preset association rules associated with the source port the virtual network port; forward the data packet to the corresponding physical network port through the virtual network port; extract the data information of the data packet, and search the corresponding data forwarding flow from the host kernel according to the data information Table, wherein the data forwarding flow table is used to indicate the forwarding rules between the physical network port and the target port; perform VXLAN encapsulation according to the data forwarding flow table and the data information to obtain a VXLAN data tunnel, and pass The VXLAN data tunnel transmits the data packet to the target port.
  • the fourth aspect of the present application provides a distributed routing device, including: a receiving module, configured to receive a data sending instruction, extract a data packet in the data sending instruction, and forward the data packet to the host core; extract module, used to extract the source port and target port of the data sending instruction, and query the virtual network port associated with the source port in the preset association rules; the forwarding module is used to pass the data packet through the virtual The network port is forwarded to the corresponding physical network port; the flow table lookup module is used to extract the data information of the data packet, and search the corresponding data forwarding flow table from the host kernel according to the data information, wherein the data The forwarding flow table is used to indicate the forwarding rules between the physical network port and the target port; the transmission module is used to perform VXLAN encapsulation according to the data forwarding flow table and the data information to obtain a VXLAN data tunnel, and pass the The VXLAN data tunnel transmits the data packet to the target port.
  • a receiving module configured to receive a data sending instruction, extract a data
  • the data packet in the data sending instruction is received and extracted, and the data packet is forwarded to the host kernel; the source port and target port of the data sending instruction are extracted, and the source port in the preset association rule is queried Associated virtual network port; forward the data packet to the corresponding physical network port through the virtual network port; extract the data information of the data packet, find the corresponding data forwarding flow table; perform VXLAN encapsulation according to the data forwarding flow table and data information, and obtain VXLAN Data tunnel, and transmit the data packet to the target port through the VXLAN data tunnel.
  • the transmission process of the data packet is simplified through the preset forwarding rules, and the operation of searching the flow table is reduced, thereby improving the network performance of the virtual machine.
  • FIG. 1 is a schematic diagram of a first embodiment of a distributed routing method in an embodiment of the present application
  • FIG. 2 is a schematic diagram of a second embodiment of the distributed routing method in the embodiment of the present application.
  • FIG. 3 is a schematic diagram of a third embodiment of the distributed routing method in the embodiment of the present application.
  • FIG. 4 is a schematic diagram of a fourth embodiment of the distributed routing method in the embodiment of the present application.
  • FIG. 5 is a schematic diagram of an embodiment of a distributed routing device in the embodiment of the present application.
  • FIG. 6 is a schematic diagram of another embodiment of the distributed routing device in the embodiment of the present application.
  • FIG. 7 is a schematic diagram of an embodiment of a distributed routing device in the embodiment of the present application.
  • the embodiment of the present application provides a distributed routing method, device, equipment, and storage medium.
  • the data packet in the data sending instruction is received and extracted, and the data packet is forwarded to the host kernel;
  • the data is extracted Send the source port and target port of the instruction, and query the virtual network port associated with the source port in the preset association rules; forward the data packet to the corresponding physical network port through the virtual network port; extract the data information of the data packet, and find the corresponding The data forwarding flow table;
  • VXLAN encapsulation is performed according to the data forwarding flow table and data information to obtain a VXLAN data tunnel, and the data packet is transmitted to the target port through the VXLAN data tunnel.
  • the transmission process of the data packet is simplified through the preset forwarding rules, and the operation of searching the flow table is reduced, thereby improving the network performance of the virtual machine.
  • An embodiment of the distributed routing method in the embodiment of the present application includes:
  • the execution subject of the present application may be a distributed routing device, and may also be a terminal or a server, which is not specifically limited here.
  • the embodiment of the present application is described by taking the server as an execution subject as an example.
  • the distributed routing device described in this embodiment is implemented based on a VPC (Virtual PC, virtual machine) host, and in this embodiment, it is specifically implemented based on Open vSwitch (OVS, an open virtual switching standard) in an Overlay network.
  • VPC Virtual PC, virtual machine
  • OVS Open vSwitch
  • the server in this embodiment receives a data sending instruction, wherein the data sending instruction includes a data packet to be sent, extracts the data packet contained in the data sending instruction, and sends the data packet to In the VPC host kernel.
  • this step after receiving the aforementioned data sending instruction, extract the codes of the source port and the target port included in the data sending instruction; The encoding information of the corresponding virtual network port allocated when the port is created, and the associated virtual network port address corresponding to the source port is obtained according to the encoding information of the virtual network port. After obtaining the corresponding associated virtual network port address, send the data packet extracted in the preceding steps to the virtual network port.
  • the preset association rule information is the association information generated in advance based on the corresponding relationship between the virtual source port and the virtual network port configured by the preset OVS-agent management system. Specifically, in this embodiment The preset OVS-agent management system will continue to monitor system events. When a corresponding new virtual interface is created when a virtual machine is created in the VPC host, the OVS-agent management system will allocate a virtual network port to the new virtual interface; according to its specific The distribution of the generated association rules.
  • the data packet is forwarded to the physical network port corresponding to the virtual network port.
  • data packets can be forwarded according to the flow table.
  • the specific style of the flow table can be:
  • said in_port represents an input port
  • vf is a virtual network port
  • pf is a physical network port
  • vni is a VXLAN identifier (VXLAN Network Identifier).
  • the data information of the data packet is extracted, and the corresponding data forwarding flow table is found from the host kernel according to the data information, wherein the data forwarding flow table is used to indicate the forwarding rule between the physical network port and the target port.
  • the target address may be an internal address of the virtual machine in this embodiment, or an external address.
  • VXLAN Virtual eXtensible Local Area Network
  • VXLAN Virtual eXtensible Local Area Network
  • VXLAN is a tunnel technology that can establish a layer-2 Ethernet network on the basis of a layer-3 network. Network tunnels to achieve cross-regional Layer 2 interconnection; VXLAN generally implements packet encapsulation and decapsulation through software installed on the server, and the network only needs to be reachable by IP routes.
  • the transmission process of the data packet is simplified through the preset forwarding rules, and the operation of searching the flow table is reduced, thereby improving the network performance of the virtual machine.
  • the second embodiment of the distributed routing method in the embodiment of the present application includes:
  • the Open vSwitch management tool is an OVS-agent management system, through which the OVS-agent management system is used to pre-configure the underlay network, wherein the underlay network refers to the network of the current data center network basic forwarding architecture, as long as Any two points on the data center network can be reached by routing, which refers to the physical base layer.
  • the underlay network can be improved through the technical improvement of the physical network equipment itself, the expansion of the number of equipment, and the scale of bandwidth. It includes all existing traditional networks. technology.
  • OVS-datapath must also be configured.
  • datapath is the OVS kernel module, which is responsible for performing data exchange, that is, matching the data packets received from the receiving port in the flow table, and executing the matched actions.
  • a datapath can correspond to multiple vports (virtual ports).
  • the OVS-agent management system assigns a virtual network port to the corresponding virtual interface, and configures the rules that directly associate the virtual interface with the virtual network port, that is, let datapath directly receive packets from the virtual interface , directly forwards to the virtual network port without any processing, and forwards the packet received from the virtual network port to the virtual interface directly.
  • OVS-agent needs to query the control plane database, find the network configuration of the online virtual machine, generate the corresponding eSwitch hardware forwarding rules according to the virtual machine network configuration, similar to the rules of the kernel state distributed flow table, and send them to the Physical network port.
  • the Socket (socket) mentioned in this step is an abstraction of an endpoint for two-way communication between application processes on different hosts in the network.
  • a socket is one end of process communication on the network, providing a mechanism for application layer processes to exchange data using network protocols. From the perspective of its position, the socket connects to the application process and connects to the network protocol stack, which is the interface for the application program to communicate through the network protocol, and the interface for the application program to interact with the network protocol root.
  • the Open vSwitch management tool monitors whether there is a process in the virtual machine user control to send a data packet sending instruction through the socket.
  • the distributed routing device described in this embodiment is implemented based on a VPC (Virtual PC, virtual machine) host, in this
  • the distributed routing method in the embodiment is implemented specifically through the Overlay network based on Open vSwitch (OVS, Open Virtual Switching Standard).
  • the virtio is an I/O paravirtualization solution, a set of general I/O device virtualization programs, and an abstraction of a group of general I/O devices in the paravirtualized Hypervisor.
  • the server in this embodiment receives a data sending instruction, wherein the data sending instruction includes a data packet to be sent, extracts the data packet contained in the data sending instruction, and drives it through the virtio of the virtual machine Send the data packet to the host host kernel through the ring.
  • this step after receiving the aforementioned data sending instruction, extract the codes of the source port and the target port included in the data sending instruction; The encoding information of the corresponding virtual network port allocated when the port is created, and the associated virtual network port address corresponding to the source port is obtained according to the encoding information of the virtual network port. After obtaining the corresponding associated virtual network port address, send the data packet extracted in the preceding steps to the virtual network port.
  • the preset association rule information is the association information generated in advance based on the corresponding relationship between the virtual source port and the virtual network port configured by the preset OVS-agent management system. Specifically, in this embodiment The preset OVS-agent management system will continue to monitor system events. When a corresponding new virtual interface is created when a virtual machine is created in the VPC host, the OVS-agent management system will allocate a virtual network port to the new virtual interface; according to its specific The distribution of the generated association rules.
  • the data packet is forwarded to the physical network port corresponding to the virtual network port.
  • data packets can be forwarded according to the flow table, and the specific style of the flow table can be:
  • said in_port represents an input port
  • vf is a virtual network port
  • pf is a physical network port
  • vni is a VXLAN identifier (VXLAN Network Identifier).
  • VXLAN encapsulation according to the data forwarding flow table and data information to obtain a VXLAN data tunnel, and transmit the data packet to the target port through the VXLAN data tunnel.
  • the data information of the data packet is extracted, and the corresponding data forwarding flow table is found from the host kernel according to the data information, wherein the data forwarding flow table is used to indicate the forwarding rule between the physical network port and the target port.
  • the target address may be an internal address of the virtual machine in this embodiment, or an external address.
  • VXLAN Virtual eXtensible Local Area Network
  • VXLAN Virtual eXtensible Local Area Network
  • VXLAN is a tunnel technology that can establish a layer-2 Ethernet network on the basis of a layer-3 network. Network tunnels to achieve cross-regional Layer 2 interconnection; VXLAN generally implements packet encapsulation and decapsulation through software installed on the server, and the network only needs to be reachable by IP routes.
  • forwarding rules are configured in advance according to the virtual port when the virtual machine is online, and data transmission is performed according to the forwarding rules, which simplifies the transmission process of data packets, reduces the flow table lookup operation of routing operations in this solution, and greatly improves Virtual machine network performance.
  • the third embodiment of the distributed routing method in the embodiment of the present application includes:
  • step 301-step 303 in this embodiment are basically the same as the contents of step 201-step 203 in the foregoing embodiment, so details are not repeated here.
  • step 304-step 308 in this embodiment are basically the same as the contents of step 101-step 105 in the foregoing embodiment, so details are not repeated here.
  • the distributed routing method in this embodiment can also search and offload the flow table.
  • the distributed routing method described in this embodiment uses the offloading function of the network card hardware to perform the offloading operation.
  • the pre-installed OVS-agent management system extracts the configuration information in the code, obtains the flow table unloading rule of the virtual machine, and stores the unloading rule in advance into the database.
  • the TC command is a preset control tool in the Linux kernel, and the TC command can be provided by specific hardware Implemented by the TC command issuing rules. Specifically, after detecting that a virtual network port has received a TC command for flow table offloading, the flow table offloading rule corresponding to the virtual network port is found in the preset control database.
  • the virtual network port unloads the data forwarding flow table corresponding to the flow table unloading TC command according to the flow table offloading rule.
  • the interface address is issued, and the flow table unloading rule corresponding to the virtual network port that receives the flow table offloading command is sent.
  • the virtual network port unloads the corresponding data forwarding flow in the TC command according to the received flow table offloading rule.
  • the table is unloaded.
  • the function of the virtual network port is set in the OVS, and the virtual network port is in one-to-one correspondence with the virtual port of the virtual machine, so that the unloading of the data forwarding flow table can be realized through the writing function of the virtual network port.
  • the forwarding rules are configured in advance according to the virtual port when the virtual machine goes online, and data transmission is performed according to the forwarding rules, which simplifies the transmission process of data packets, reduces the flow table lookup operation of routing operations in this solution, and can also perform The search and unloading of the flow table greatly improves the network performance of the virtual machine without using a smart network card.
  • the fourth embodiment of the distributed routing method in the embodiment of the present application includes:
  • step 401-step 403 in this embodiment is basically the same as the content in step 201-step 203 in the previous embodiment, so it will not be repeated here.
  • the Socket (socket) mentioned in this step is an abstraction of an endpoint for two-way communication between application processes on different hosts in the network.
  • a socket is one end of process communication on the network, providing a mechanism for application layer processes to exchange data using network protocols. From the perspective of its position, the socket connects to the application process and connects to the network protocol stack, which is the interface for the application program to communicate through the network protocol, and the interface for the application program to interact with the network protocol root.
  • the Open vSwitch management tool monitors whether there is a process in the virtual machine user control to send a data packet sending instruction through the socket.
  • the distributed routing device described in this embodiment is implemented based on a VPC (Virtual PC, virtual machine) host, in this
  • the distributed routing method in the embodiment is implemented specifically through the Overlay network based on Open vSwitch (OVS, Open Virtual Switching Standard).
  • the virtio is an I/O paravirtualization solution, a set of general I/O device virtualization programs, and an abstraction of a group of general I/O devices in the paravirtualized Hypervisor.
  • the server in this embodiment receives a data sending instruction, wherein the data sending instruction includes a data packet to be sent, extracts the data packet contained in the data sending instruction, and drives it through the virtio of the virtual machine Send the data packet to the host host kernel through the ring.
  • the distributed routing method in this embodiment can also search and offload the flow table.
  • the distributed routing method described in this embodiment uses the offloading function of the network card hardware to perform the offloading operation.
  • the pre-installed OVS-agent management system extracts the configuration information in the code, obtains the flow table unloading rule of the virtual machine, and stores the unloading rule in advance into the database.
  • the TC command is a preset control tool in the Linux kernel, and the TC command can be provided by specific hardware Implemented by the TC command issuing rules. Specifically, after detecting that a virtual network port has received a TC command for flow table offloading, the flow table offloading rule corresponding to the virtual network port is found in the preset control database.
  • the virtual network port unloads the corresponding data forwarding flow table in the flow table unloading TC command according to the flow table offloading rule;
  • the interface address is issued, and the flow table unloading rule corresponding to the virtual network port that receives the flow table offloading command is sent.
  • the virtual network port unloads the corresponding data forwarding flow in the TC command according to the received flow table offloading rule.
  • the table is unloaded.
  • the function of the virtual network port is set in the OVS, and the virtual network port is in one-to-one correspondence with the virtual port of the virtual machine, so that the unloading of the data forwarding flow table can be realized through the writing function of the virtual network port.
  • the virtual network port decapsulates the corresponding VXLAN data tunnel in the VXLAN decapsulation command according to the VXLAN decapsulation rule.
  • the distributed routing method described in this embodiment can also receive a VXLAN decapsulation command, and perform a decapsulation operation on VXLAN when the data forwarding flow table is unloaded.
  • the distributed routing method described in this embodiment uses the write-in function of the network card hardware to perform the VXLAN decapsulation operation. Specifically, after detecting that a virtual network port has received a TC command for VXLAN decapsulation, the VXLAN decapsulation rule corresponding to the virtual network port is found in the preset control database. According to the rules of the network card hardware, the interface address is issued, and the VXLAN decapsulation rule corresponding to the virtual network port that receives the flow table unloading command is sent. The virtual network port decapsulates the corresponding VXLAN data tunnel in the TC command according to the received VXLAN decapsulation rule. encapsulation.
  • a specific operation statement for offloading a VXLAN-encapsulated flow table can be:
  • action order 2 mirred(Egress Redirect to device enp175s0f0_0)stolen
  • the specific meaning of the above statement is: the destination mac matches ea:84:22:e4:2b:da; the destination address matches 6.2.14.129; the key id is 1048; the packet whose destination port is 4789 is first untunneled and then mirrored Give VF interface enp175s0f0_0.
  • the virtual machine in this embodiment can be migrated; when a virtual machine migration instruction is received, the codes of the original virtual machine and the target virtual machine in the virtual machine migration instruction are extracted, and according to the The original virtual machine and the target virtual machine are coded to find the network location of the original virtual machine and the target virtual machine; the storage data in the original virtual machine is backed up, and a transmission channel is created through a data migration command issued by the network card hardware; The backup storage data is transmitted to the target virtual machine through the transmission channel.
  • the virtual network port is placed in the OVS network to replace the solution of directly entering the virtual machine into the virtual machine, the virtual machine can use the standard virtio-net network card driver, so that the virtual machine subsequent migration.
  • the forwarding rules are configured in advance according to the virtual port when the virtual machine goes online, and data transmission is performed according to the forwarding rules, which simplifies the transmission process of data packets, reduces the flow table lookup operation of routing operations in this solution, and can also perform The search and unloading of the flow table greatly improves the network performance of the virtual machine without using a smart network card; it also supports the migration of the virtual machine.
  • An embodiment of the distributed routing device in the embodiment of the present application includes:
  • the receiving module 501 is configured to receive a data sending instruction, extract a data packet in the data sending instruction, and forward the data packet to the host core;
  • An extraction module 502 configured to forward the data packet request to the virtual network port associated with the source port according to the preset association rules according to the source port information of the data packet;
  • a forwarding module 503, configured to forward the data packet to a physical network port through the associated virtual network port;
  • a flow table lookup module 504 configured to extract data information of the data packet, and search a preset flow table in the host kernel according to the data information;
  • the transmission module 505 is configured to perform VXLAN encapsulation according to the flow table and the data information, and transmit the data packet to the target address through the underlying network.
  • the transmission process of the data packet is simplified through the preset forwarding rules, and the operation of searching the flow table is reduced, thereby improving the network performance of the virtual machine.
  • FIG. 6 another embodiment of the distributed routing device in the embodiment of the present application includes:
  • the receiving module 501 is configured to receive a data sending instruction, extract a data packet in the data sending instruction, and forward the data packet to the host core;
  • An extraction module 502 configured to forward the data packet request to the virtual network port associated with the source port according to the preset association rules according to the source port information of the data packet;
  • a forwarding module 503, configured to forward the data packet to a physical network port through the associated virtual network port;
  • a flow table lookup module 504 configured to extract data information of the data packet, and search a preset flow table in the host kernel according to the data information;
  • the transmission module 505 is configured to perform VXLAN encapsulation according to the flow table and the data information, and transmit the data packet to the target address through the underlying network.
  • the receiving module 501 includes:
  • the checking unit 5011 is used to check whether there is a process in the virtual machine user control to send a data packet sending instruction through the socket;
  • the transmission unit 5012 is configured to receive the data sending instruction if yes, extract the data packet in the data sending instruction, and send the data packet to the Host host kernel through the ring in the virtio driver of the virtual machine.
  • the distributed routing device further includes a rule setting module 506, and the rule setting module 506 is specifically used for:
  • the virtual port code is obtained, and the virtual network port is allocated according to the virtual port code according to a preset allocation rule to obtain the association rule.
  • the distributed routing device further includes an offload module, and the offload module includes:
  • the first command receiving unit is used to detect whether a virtual network port has received a TC command for flow table offloading
  • the first rule search unit is configured to search the flow table unloading rule in the preset control database if yes;
  • a first rule issuing unit configured to call a rule issuing interface of the network card hardware to issue the flow table offloading rule to the virtual network port that has received the flow table offloading command;
  • the offload execution unit is used for the virtual network port to offload the corresponding flow table in the flow table offload TC command according to the flow table offload rule.
  • the distributed routing device also includes a decapsulation module, and the decapsulation module includes:
  • the second command receiving unit detects whether a VXLAN decapsulation command is received
  • the second rule search unit is used to search the VXLAN decapsulation rule in the preset control database if it is true;
  • the second rule delivery unit is used to call the network card hardware delivery rule interface to deliver the VXLAN decapsulation rule to the virtual network port that has received the VXLAN decapsulation command;
  • the decapsulation execution unit is used for the virtual network port to decapsulate the corresponding VXLAN data tunnel in the VXLAN decapsulation command according to the VXLAN decapsulation rule.
  • the distributed routing device further includes a virtual machine migration module, and the virtual machine migration module is specifically used for:
  • the backup storage data is transmitted to the target virtual machine through the transmission channel.
  • the forwarding rules are configured in advance according to the virtual port when the virtual machine goes online, and data transmission is performed according to the forwarding rules, which simplifies the transmission process of data packets, reduces the flow table lookup operation of routing operations in this solution, and can also perform The search and unloading of the flow table greatly improves the network performance of the virtual machine without using a smart network card; it also supports the migration of the virtual machine.
  • FIG. 7 is a schematic structural diagram of a distributed routing device provided by an embodiment of the present application.
  • the distributed routing device 700 may have relatively large differences due to different configurations or performances, and may include one or more processors (central processing units) , CPU) 710 (eg, one or more processors) and memory 720, one or more storage media 730 (eg, one or more mass storage devices) for storing application programs 733 or data 732 .
  • the memory 720 and the storage medium 730 may be temporary storage or persistent storage.
  • the program stored in the storage medium 730 may include one or more modules (not shown in the figure), and each module may include a series of instruction operations on the distributed routing device 700 .
  • the processor 710 may be configured to communicate with the storage medium 730 , and execute a series of instruction operations in the storage medium 730 on the distributed routing device 700 .
  • the distributed routing device 700 can also include one or more power supplies 740, one or more wired or wireless network interfaces 750, one or more input and output interfaces 760, and/or, one or more operating systems 731, such as Windows Server , Mac OS X, Unix, Linux, FreeBSD, etc.
  • operating systems 731 such as Windows Server , Mac OS X, Unix, Linux, FreeBSD, etc.
  • the present application also provides a computer device, which may be any device capable of executing the distributed routing method described in the above embodiments, the computer device includes a memory and a processor, and the memory stores a computer-readable Instructions, when the computer-readable instructions are executed by the processor, the processor is made to execute the steps of the distributed routing method in the foregoing embodiments.
  • Blockchain essentially a decentralized database, is a series of data blocks associated with each other using cryptographic methods. Each data block contains a batch of network transaction information, which is used to verify its Validity of information (anti-counterfeiting) and generation of the next block.
  • the blockchain can include the underlying platform of the blockchain, the platform product service layer, and the application service layer.
  • the present application also provides a computer-readable storage medium.
  • the computer-readable storage medium may be a non-volatile computer-readable storage medium.
  • the computer-readable storage medium may also be a volatile computer-readable storage medium. Instructions are stored in the computer-readable storage medium, and when the instructions are run on the computer, the computer is made to execute the steps of the distributed routing method.
  • Blockchain essentially a decentralized database, is a series of data blocks associated with each other using cryptographic methods. Each data block contains a batch of network transaction information, which is used to verify its Validity of information (anti-counterfeiting) and generation of the next block.
  • the blockchain can include the underlying platform of the blockchain, the platform product service layer, and the application service layer.
  • the integrated unit is realized in the form of a software function unit and sold or used as an independent product, it can be stored in a computer-readable storage medium.
  • the technical solution of the present application is essentially or part of the contribution to the prior art or all or part of the technical solution can be embodied in the form of a software product, and the computer software product is stored in a storage medium , including several instructions to make a computer device (which may be a personal computer, a server, or a network device, etc.) execute all or part of the steps of the methods described in the various embodiments of the present application.
  • the aforementioned storage medium includes: U disk, mobile hard disk, read-only memory (read-only memory, ROM), random access memory (random access memory, RAM), magnetic disk or optical disc and other media that can store program codes. .

Abstract

The present application relates to the technical field of cloud, and discloses a distributed routing method and apparatus, a device, and a storage medium, for use in solving the technical problem in the prior art that a large amount of flow table lookup operations would cause the degradation of the performance of a virtual machine network when a virtual switch is used to perform distributed routing management. The method comprises: receiving and extracting a data packet in a data sending instruction, and forwarding the data packet to a host kernel; extracting a source port and a target port of the data sending instruction, and querying a virtual network port associated with the source port in a preset association rule; forwarding the data packet to a corresponding physical network port by means of the virtual network port; extracting data information of the data packet, and looking for a corresponding data forwarding flow table; and performing VXLAN encapsulation according to the data forwarding flow table and the data information to obtain a VXLAN data tunnel, and transmitting the data packet to the target port by means of the VXLAN data tunnel. In addition, the present application further relates to blockchain technology; related information of routing data may be stored in a blockchain.

Description

分布式路由方法、装置、设备及存储介质Distributed routing method, device, equipment and storage medium
本申请要求于2021年7月23日提交中国专利局、申请号为202110835453.6、发明名称为“分布式路由方法、装置、设备及存储介质”的中国专利申请的优先权,其全部内容通过引用结合在申请中。This application claims the priority of the Chinese patent application with the application number 202110835453.6 and the title of the invention "distributed routing method, device, equipment and storage medium" filed with the China Patent Office on July 23, 2021, the entire contents of which are incorporated by reference in application.
技术领域technical field
本申请涉及云技术领域,尤其涉及一种分布式路由方法、装置、设备及存储介质。The present application relates to the field of cloud technology, and in particular to a distributed routing method, device, equipment and storage medium.
背景技术Background technique
在对vpc主机overlay网络的VXLAN分布式路由进行管理时,需要基于Open vSwitch的软件虚拟交换机实现分布式路由功能。一般情况下,采用Open vSwitch实现虚拟交换时,内核流表不命中则会形成大量upcall到用户面,在大量短连接(redis服务)的场景下会导致虚拟交换机的性能变差,When managing the VXLAN distributed routing of the vpc host overlay network, a software virtual switch based on Open vSwitch is required to implement the distributed routing function. In general, when Open vSwitch is used to implement virtual switching, a large number of upcalls will be sent to the user plane if the kernel flow table misses. In the case of a large number of short connections (redis services), the performance of the virtual switch will deteriorate.
在现有的技术中,有的方案通过预下发流表解决upcall造成的短连接性能过低的问题,但发明人意识到由于在每次数据连接中进行数据转发时都需要查找预下发流表,使得查找流表的操作占用计算资源,会导致虚拟机网络性能下降。In the existing technology, some solutions solve the problem of low performance of short connections caused by upcalls through pre-delivery flow tables, but the inventors realized that it is necessary to search for pre-delivery The flow table makes the operation of looking up the flow table occupy computing resources, which will lead to a decrease in the network performance of the virtual machine.
发明内容Contents of the invention
本申请的主要目的在于解决使用虚拟机交换机进行分布式路由管理时,大量的流表查找操作会导致虚拟机网络性能下降的技术问题。The main purpose of this application is to solve the technical problem that a large number of flow table lookup operations will lead to a decrease in virtual machine network performance when a virtual machine switch is used for distributed routing management.
本申请第一方面提供了一种分布式路由方法,包括:接收数据发送指令,提取所述数据发送指令中的数据包,并将所述数据包转发至主机内核中;提取所述数据发送指令的来源端口和目标端口,并查询预置的关联规则中与所述来源端口关联的虚拟网口;将所述数据包通过所述虚拟网口转发至对应的物理网口中;提取所述数据包的数据信息,根据所述数据信息从所述主机内核中查找对应的数据转发流表,其中,所述数据转发流表用于指示所述物理网口和目标端口之间的转发规则;根据所述数据转发流表和所述数据信息进行VXLAN封装,得到VXLAN数据隧道,并通过所述VXLAN数据隧道将所述数据包传输至所述目标端口。The first aspect of the present application provides a distributed routing method, including: receiving a data sending instruction, extracting a data packet in the data sending instruction, and forwarding the data packet to the host core; extracting the data sending instruction source port and target port, and query the virtual network port associated with the source port in the preset association rules; forward the data packet to the corresponding physical network port through the virtual network port; extract the data packet According to the data information, look up the corresponding data forwarding flow table from the host kernel according to the data information, wherein the data forwarding flow table is used to indicate the forwarding rule between the physical network port and the target port; according to the Perform VXLAN encapsulation on the data forwarding flow table and the data information to obtain a VXLAN data tunnel, and transmit the data packet to the target port through the VXLAN data tunnel.
本申请第二方面提供了一种分布式路由设备,包括存储器、处理器及存储在所述存储器上并可在所述处理器上运行的计算机可读指令,所述处理器执行所述计算机可读指令时实现如下步骤:接收数据发送指令,提取所述数据发送指令中的数据包,并将所述数据包转发至主机内核中;提取所述数据发送指令的来源端口和目标端口,并查询预置的关联规则中与所述来源端口关联的虚拟网口;将所述数据包通过所述虚拟网口转发至对应的物理网口中;提取所述数据包的数据信息,根据所述数据信息从所述主机内核中查找对应的数据转发流表,其中,所述数据转发流表用于指示所述物理网口和目标端口之间的转发规则;根据所述数据转发流表和所述数据信息进行VXLAN封装,得到VXLAN数据隧道,并通过所述VXLAN数据隧道将所述数据包传输至所述目标端口。The second aspect of the present application provides a distributed routing device, including a memory, a processor, and computer-readable instructions stored on the memory and operable on the processor, and the processor executes the computer-readable instructions. The following steps are implemented when reading the instruction: receiving the data sending instruction, extracting the data packet in the data sending instruction, and forwarding the data packet to the host kernel; extracting the source port and the target port of the data sending instruction, and querying The virtual network port associated with the source port in the preset association rules; forwarding the data packet to the corresponding physical network port through the virtual network port; extracting the data information of the data packet, according to the data information Find the corresponding data forwarding flow table from the host kernel, wherein the data forwarding flow table is used to indicate the forwarding rule between the physical network port and the target port; according to the data forwarding flow table and the data VXLAN encapsulation is performed on the information to obtain a VXLAN data tunnel, and the data packet is transmitted to the target port through the VXLAN data tunnel.
本申请的第三方面提供了一种计算机可读存储介质,所述计算机可读存储介质中存储计算机指令,当所述计算机指令在计算机上运行时,使得计算机执行如下步骤:接收数据发送指令,提取所述数据发送指令中的数据包,并将所述数据包转发至主机内核中;提取所述数据发送指令的来源端口和目标端口,并查询预置的关联规则中与所述来源端口关联的虚拟网口;将所述数据包通过所述虚拟网口转发至对应的物理网口中;提取所述数据包的数据信息,根据所述数据信息从所述主机内核中查找对应的数据转发流表,其中,所述数据转发流表用于指示所述物理网口和目标端口之间的转发规则;根据所述数据转发流表和所述数据信息进行VXLAN封装,得到VXLAN数据隧道,并通过所述VXLAN数据隧道将所述数据包传输至所述目标端口。The third aspect of the present application provides a computer-readable storage medium, wherein computer instructions are stored in the computer-readable storage medium, and when the computer instructions are run on the computer, the computer is made to perform the following steps: receiving a data transmission instruction, Extracting the data packet in the data sending instruction, and forwarding the data packet to the host kernel; extracting the source port and the target port of the data sending instruction, and querying the preset association rules associated with the source port the virtual network port; forward the data packet to the corresponding physical network port through the virtual network port; extract the data information of the data packet, and search the corresponding data forwarding flow from the host kernel according to the data information Table, wherein the data forwarding flow table is used to indicate the forwarding rules between the physical network port and the target port; perform VXLAN encapsulation according to the data forwarding flow table and the data information to obtain a VXLAN data tunnel, and pass The VXLAN data tunnel transmits the data packet to the target port.
本申请第四方面提供了一种分布式路由装置,包括:接收模块,用于接收数据发送指令,提取所述数据发送指令中的数据包,并将所述数据包转发至主机内核中;提取模块,用于提取所述数据发送指令的来源端口和目标端口,并查询预置的关联规则中与所述来源端口关联的虚拟网口;转发模块,用于将所述数据包通过所述虚拟网口转发至对应的物理网口中;流表查找模块,用于提取所述数据包的数据信息,根据所述数据信息从所述主机内核中查找对应的数据转发流表,其中,所述数据转发流表用于指示所述物理网口和目标端口之间的转发规则;传输模块,用于根据所述数据转发流表和所述数据信息进行VXLAN封装,得到VXLAN数据隧道,并通过所述VXLAN数据隧道将所述数据包传输至所述目标端口。The fourth aspect of the present application provides a distributed routing device, including: a receiving module, configured to receive a data sending instruction, extract a data packet in the data sending instruction, and forward the data packet to the host core; extract module, used to extract the source port and target port of the data sending instruction, and query the virtual network port associated with the source port in the preset association rules; the forwarding module is used to pass the data packet through the virtual The network port is forwarded to the corresponding physical network port; the flow table lookup module is used to extract the data information of the data packet, and search the corresponding data forwarding flow table from the host kernel according to the data information, wherein the data The forwarding flow table is used to indicate the forwarding rules between the physical network port and the target port; the transmission module is used to perform VXLAN encapsulation according to the data forwarding flow table and the data information to obtain a VXLAN data tunnel, and pass the The VXLAN data tunnel transmits the data packet to the target port.
本申请提供的技术方案中,接收并提取数据发送指令中的数据包,将数据包转发至主机内核中;提取数据发送指令的来源端口和目标端口,并查询预置的关联规则中与来源端口关联的虚拟网口;将数据包通过虚拟网口转发至对应的物理网口中;提取数据包的数据信息,查找对应的数据转发流表;根据数据转发流表和数据信息进行VXLAN封装,得到VXLAN数据隧道,并通过VXLAN数据隧道将数据包传输至目标端口。本申请实施例中,通过预置的转发规则简化数据包的传输流程,减少流表查找的操作,从而提升虚拟机网络性能。In the technical solution provided by this application, the data packet in the data sending instruction is received and extracted, and the data packet is forwarded to the host kernel; the source port and target port of the data sending instruction are extracted, and the source port in the preset association rule is queried Associated virtual network port; forward the data packet to the corresponding physical network port through the virtual network port; extract the data information of the data packet, find the corresponding data forwarding flow table; perform VXLAN encapsulation according to the data forwarding flow table and data information, and obtain VXLAN Data tunnel, and transmit the data packet to the target port through the VXLAN data tunnel. In the embodiment of the present application, the transmission process of the data packet is simplified through the preset forwarding rules, and the operation of searching the flow table is reduced, thereby improving the network performance of the virtual machine.
附图说明Description of drawings
图1为本申请实施例中分布式路由方法的第一实施例的示意图;FIG. 1 is a schematic diagram of a first embodiment of a distributed routing method in an embodiment of the present application;
图2为本申请实施例中分布式路由方法的第二实施例的示意图;FIG. 2 is a schematic diagram of a second embodiment of the distributed routing method in the embodiment of the present application;
图3为本申请实施例中分布式路由方法的第三实施例的示意图;FIG. 3 is a schematic diagram of a third embodiment of the distributed routing method in the embodiment of the present application;
图4为本申请实施例中分布式路由方法的第四实施例的示意图;FIG. 4 is a schematic diagram of a fourth embodiment of the distributed routing method in the embodiment of the present application;
图5为本申请实施例中分布式路由装置的一个实施例示意图;FIG. 5 is a schematic diagram of an embodiment of a distributed routing device in the embodiment of the present application;
图6为本申请实施例中分布式路由装置的另一个实施例示意图;FIG. 6 is a schematic diagram of another embodiment of the distributed routing device in the embodiment of the present application;
图7为本申请实施例中分布式路由设备的一个实施例示意图。FIG. 7 is a schematic diagram of an embodiment of a distributed routing device in the embodiment of the present application.
具体实施方式detailed description
本申请实施例提供了一种分布式路由方法、装置、设备及存储介质,本申请提供的技术方案中,接收并提取数据发送指令中的数据包,将数据包转发至主机内核中;提取数据发送指令的来源端口和目标端口,并查询预置的关联规则中与来源端口关联的虚拟网口;将数据包通过虚拟网口转发至对应的物理网口中;提取数据包的数据信息,查找对应的数据转发流表;根据数据转发流表和数据信息进行VXLAN封装,得到VXLAN数据隧道,并通过VXLAN数据隧道将数据包传输至目标端口。本申请实施例中,通过预置的转发规则简化数据包的传输流程,减少流表查找的操作,从而提升虚拟机网络性能。The embodiment of the present application provides a distributed routing method, device, equipment, and storage medium. In the technical solution provided by the present application, the data packet in the data sending instruction is received and extracted, and the data packet is forwarded to the host kernel; the data is extracted Send the source port and target port of the instruction, and query the virtual network port associated with the source port in the preset association rules; forward the data packet to the corresponding physical network port through the virtual network port; extract the data information of the data packet, and find the corresponding The data forwarding flow table; VXLAN encapsulation is performed according to the data forwarding flow table and data information to obtain a VXLAN data tunnel, and the data packet is transmitted to the target port through the VXLAN data tunnel. In the embodiment of the present application, the transmission process of the data packet is simplified through the preset forwarding rules, and the operation of searching the flow table is reduced, thereby improving the network performance of the virtual machine.
本申请的说明书和权利要求书及上述附图中的术语“第一”、“第二”、“第三”、“第四”等(如果存在)是用于区别类似的对象,而不必用于描述特定的顺序或先后次序。应该理解这样使用的数据在适当情况下可以互换,以便这里描述的实施例能够以除了在这里图示或描述的内容以外的顺序实施。此外,术语“包括”或“具有”及其任何变形,意图在于覆盖不排他的包含,例如,包含了一系列步骤或单元的过程、方法、系统、产品或设备不必限于清楚地列出的那些步骤或单元,而是可包括没有清楚地列出的或对于这些过程、方法、产品或设备固有的其它步骤或单元。The terms "first", "second", "third", "fourth", etc. (if any) in the specification and claims of the present application and the above drawings are used to distinguish similar objects, and not necessarily Used to describe a specific sequence or sequence. It is to be understood that the terms so used are interchangeable under appropriate circumstances such that the embodiments described herein can be practiced in sequences other than those illustrated or described herein. Furthermore, the term "comprising" or "having" and any variations thereof, are intended to cover a non-exclusive inclusion, for example, a process, method, system, product or device comprising a sequence of steps or elements is not necessarily limited to those explicitly listed instead, may include other steps or elements not explicitly listed or inherent to the process, method, product or apparatus.
为便于理解,下面对本申请实施例的具体流程进行描述,请参阅图1,本申请实施例中分布式路由方法的一个实施例包括:For ease of understanding, the following describes the specific process of the embodiment of the present application. Please refer to FIG. 1. An embodiment of the distributed routing method in the embodiment of the present application includes:
101、接收数据发送指令,提取数据发送指令中的数据包,并将数据包转发至主机内核中;101. Receive the data sending instruction, extract the data packet in the data sending instruction, and forward the data packet to the host kernel;
可以理解的是,本申请的执行主体可以为分布式路由装置,还可以是终端或者服务器, 具体此处不做限定。本申请实施例以服务器为执行主体为例进行说明。It can be understood that the execution subject of the present application may be a distributed routing device, and may also be a terminal or a server, which is not specifically limited here. The embodiment of the present application is described by taking the server as an execution subject as an example.
本实施例中所述的分布式路由装置是基于VPC(Virtual PC,虚拟机)主机实现的,在本实施例中,是具体通过Overlay网络中基于Open vSwitch(OVS,开放虚拟交换标准)实现本实施例中的分布式路由方法的。The distributed routing device described in this embodiment is implemented based on a VPC (Virtual PC, virtual machine) host, and in this embodiment, it is specifically implemented based on Open vSwitch (OVS, an open virtual switching standard) in an Overlay network. Example of the distributed routing method.
在进行具体的路由操作时,本实施例中的服务器接收数据发送指令,其中,该数据发送指令中包含有待发送的数据包,提取该数据发送指令中包含的数据包,将该数据包发送至VPC主机内核中。When performing a specific routing operation, the server in this embodiment receives a data sending instruction, wherein the data sending instruction includes a data packet to be sent, extracts the data packet contained in the data sending instruction, and sends the data packet to In the VPC host kernel.
102、提取数据发送指令的来源端口和目标端口,并查询预置的关联规则中与来源端口关联的虚拟网口;102. Extract the source port and target port of the data sending instruction, and query the virtual network port associated with the source port in the preset association rules;
本步骤中,在接收到前述的数据发送指令后,提取数据发送指令中包含的来源端口和目标端口的编码;随后,根据来源端口编码在前述的预置的关联规则信息中查找出在该来源端口被创建时分配的对应的虚拟网口的编码信息,根据该虚拟网口的编码信息得到该来源端口对应的关联的虚拟网口地址。得到对应的关联的虚拟网口地址后,将前述步骤中提取到的数据包发送至虚拟网口。In this step, after receiving the aforementioned data sending instruction, extract the codes of the source port and the target port included in the data sending instruction; The encoding information of the corresponding virtual network port allocated when the port is created, and the associated virtual network port address corresponding to the source port is obtained according to the encoding information of the virtual network port. After obtaining the corresponding associated virtual network port address, send the data packet extracted in the preceding steps to the virtual network port.
在本步骤中,所述的预置的关联规则信息,是预先基于预置的OVS-agent管理系统配置的虚拟来源端口与虚拟网口的对应关系生成的关联信息,具体地,本实施例中预置的OVS-agent管理系统会持续监听系统事件,在VPC主机中创建虚拟机时创建出相对应的新虚拟接口时,OVS-agent管理系统向该新虚拟接口分配虚拟网口;根据其具体的分配情况生成关联规则。In this step, the preset association rule information is the association information generated in advance based on the corresponding relationship between the virtual source port and the virtual network port configured by the preset OVS-agent management system. Specifically, in this embodiment The preset OVS-agent management system will continue to monitor system events. When a corresponding new virtual interface is created when a virtual machine is created in the VPC host, the OVS-agent management system will allocate a virtual network port to the new virtual interface; according to its specific The distribution of the generated association rules.
103、将数据包通过关联的虚拟网口转发至对应的物理网口中;103. Forward the data packet to the corresponding physical network port through the associated virtual network port;
当虚拟网口接收到数据包后,将该数据包转发给该虚拟网口对应的物理网口中。After the virtual network port receives the data packet, the data packet is forwarded to the physical network port corresponding to the virtual network port.
下面举具体的例子进行说明,在本步骤在进行数据包转发时可以根据流表进行转发,其流表的具体样式可以为:The following is a specific example to illustrate. In this step, data packets can be forwarded according to the flow table. The specific style of the flow table can be:
in_port=vf,in_port=vf,
many match files,many match files,
actions:VXLAN_encap(vni),actions:VXLAN_encap(vni),
send to=pf;send to=pf;
其中,所述in_port表示输入端口,vf为虚拟网口,pf为物理网口,vni为VXLAN标识(VXLAN Network Identifier)。Wherein, said in_port represents an input port, vf is a virtual network port, pf is a physical network port, and vni is a VXLAN identifier (VXLAN Network Identifier).
104、提取数据包的数据信息,根据数据信息从主机内核中查找对应的数据转发流表;104. Extract the data information of the data packet, and search the corresponding data forwarding flow table from the host kernel according to the data information;
105、根据数据转发流表和数据信息进行VXLAN封装,得到VXLAN数据隧道,并通过VXLAN数据隧道将数据包传输至目标端口。105. Perform VXLAN encapsulation according to the data forwarding flow table and data information to obtain a VXLAN data tunnel, and transmit the data packet to the target port through the VXLAN data tunnel.
提取数据包的数据信息,根据数据信息从主机内核中查找出对应的数据转发流表,其中,所述数据转发流表用于指示所述物理网口和目标端口之间的转发规则。The data information of the data packet is extracted, and the corresponding data forwarding flow table is found from the host kernel according to the data information, wherein the data forwarding flow table is used to indicate the forwarding rule between the physical network port and the target port.
本实施例中,该目标地址可以为本实施例中的虚拟机内部地址,也可以为外部的地址。根据流表和数据信息进行VXLAN封装,并通过underly网络将数据包传输至目标地址,其中,VXLAN(Virtual eXtensible Local Area Network)是一种隧道技术,能在三层网络的基础上建立二层以太网网络隧道,从而实现跨地域的二层互连;VXLAN一般通过安装在服务器上的软件实现报文的封装与解封装,网络只要IP路由可达即可。In this embodiment, the target address may be an internal address of the virtual machine in this embodiment, or an external address. Perform VXLAN encapsulation according to the flow table and data information, and transmit the data packet to the target address through the underlying network. Among them, VXLAN (Virtual eXtensible Local Area Network) is a tunnel technology that can establish a layer-2 Ethernet network on the basis of a layer-3 network. Network tunnels to achieve cross-regional Layer 2 interconnection; VXLAN generally implements packet encapsulation and decapsulation through software installed on the server, and the network only needs to be reachable by IP routes.
本申请实施例中,通过预置的转发规则简化数据包的传输流程,减少流表查找的操作,从而提升虚拟机网络性能。In the embodiment of the present application, the transmission process of the data packet is simplified through the preset forwarding rules, and the operation of searching the flow table is reduced, thereby improving the network performance of the virtual machine.
请参阅图2,本申请实施例中分布式路由方法的第二实施例包括:Referring to Fig. 2, the second embodiment of the distributed routing method in the embodiment of the present application includes:
201、在主机上安装Open vSwitch管理工具;201. Install the Open vSwitch management tool on the host;
本实施例中,所述的Open vSwitch管理工具为OVS-agent管理系统,通过该OVS-agent管理系统,预先配置underlay网络,其中,该underlay网络指当前数据中心网路基础转发架构的网络,只要数据中心网络上任意两点路由可达即可,指的是物理基础层,可以通过物理网络设备本身的技术改良、扩大设备数量、带宽规模等完善underlay网络,其包含了一切现有的传统网络技术。In this embodiment, the Open vSwitch management tool is an OVS-agent management system, through which the OVS-agent management system is used to pre-configure the underlay network, wherein the underlay network refers to the network of the current data center network basic forwarding architecture, as long as Any two points on the data center network can be reached by routing, which refers to the physical base layer. The underlay network can be improved through the technical improvement of the physical network equipment itself, the expansion of the number of equipment, and the scale of bandwidth. It includes all existing traditional networks. technology.
此外,还要配置OVS-datapath,其中,datapath为OVS内核模块,负责执行数据交换,也就是把从接收端口收到的数据包在流表中进行匹配,并执行匹配到的动作。一个datapath可以对应多个vport(虚拟端口)。In addition, OVS-datapath must also be configured. Among them, datapath is the OVS kernel module, which is responsible for performing data exchange, that is, matching the data packets received from the receiving port in the flow table, and executing the matched actions. A datapath can correspond to multiple vports (virtual ports).
202、判断Open vSwitch数据路径上是否有新的虚拟端口被创建;202. Determine whether a new virtual port is created on the Open vSwitch data path;
创建虚拟机,通过OVS-agent管理系统续监听系统设备事件,判断是否有发现OVS-datapath上创建新虚拟接口。Create a virtual machine, and continue to monitor system device events through the OVS-agent management system to determine whether a new virtual interface has been created on the OVS-datapath.
203、若有,则获取虚拟端口编码,按照预置的分配规则根据虚拟端口编码分配虚拟网口,得到关联规则;203. If there is, obtain the virtual port code, allocate the virtual network port according to the virtual port code according to the preset allocation rule, and obtain the association rule;
若有新虚拟接口被创建,则OVS-agent管理系统给对应虚拟接口分配一个虚拟网口,并配置把虚拟接口和虚拟网口直接关联的规则,即让datapath直接从虚拟接口上收到的包,不做任何处理直接转发给虚拟网口,从虚拟网口上收到的包直接转发给虚拟接口。If a new virtual interface is created, the OVS-agent management system assigns a virtual network port to the corresponding virtual interface, and configures the rules that directly associate the virtual interface with the virtual network port, that is, let datapath directly receive packets from the virtual interface , directly forwards to the virtual network port without any processing, and forwards the packet received from the virtual network port to the virtual interface directly.
此外,OVS-agent需要查询控制面数据库,找到上线虚拟机的网络配置,按虚拟机网络配置,类似内核态分布式流表的规则,生成对应的eSwitch硬件转发规则,并通过TC命令下发给物理网口。In addition, OVS-agent needs to query the control plane database, find the network configuration of the online virtual machine, generate the corresponding eSwitch hardware forwarding rules according to the virtual machine network configuration, similar to the rules of the kernel state distributed flow table, and send them to the Physical network port.
204、检查虚拟机用户控件内是否有进程通过socket发送数据包发送指令;204. Check whether there is a process in the virtual machine user control to send a data packet sending instruction through the socket;
本步骤中所述Socket(套接字),就是对网络中不同主机上的应用进程之间进行双向通信的端点的抽象。一个套接字就是网络上进程通信的一端,提供了应用层进程利用网络协议交换数据的机制。从所处的地位来讲,套接字上联应用进程,下联网络协议栈,是应用程序通过网络协议进行通信的接口,是应用程序与网络协议根进行交互的接口。具体在本实施例中,Open vSwitch管理工具监控虚拟机用户控件内是否有进程通过socket发送数据包发送指令。The Socket (socket) mentioned in this step is an abstraction of an endpoint for two-way communication between application processes on different hosts in the network. A socket is one end of process communication on the network, providing a mechanism for application layer processes to exchange data using network protocols. From the perspective of its position, the socket connects to the application process and connects to the network protocol stack, which is the interface for the application program to communicate through the network protocol, and the interface for the application program to interact with the network protocol root. Specifically in this embodiment, the Open vSwitch management tool monitors whether there is a process in the virtual machine user control to send a data packet sending instruction through the socket.
205、若是,则接收数据发送指令,提取数据发送指令中的数据包,将数据包在虚拟机的virtio驱动中通过ring发送到Host主机内核中;205. If so, receive the data sending instruction, extract the data packet in the data sending instruction, and send the data packet to the Host host kernel through the ring in the virtio driver of the virtual machine;
若有进程通过socket发送数据包发送指令,则提取数据发送指令中的数据包,其中,本实施例中所述的分布式路由装置是基于VPC(Virtual PC,虚拟机)主机实现的,在本实施例中,是具体通过Overlay网络中基于Open vSwitch(OVS,开放虚拟交换标准)实现本实施例中的分布式路由方法的。If there is a process to send a data packet sending instruction through the socket, then extract the data packet in the data sending instruction, wherein the distributed routing device described in this embodiment is implemented based on a VPC (Virtual PC, virtual machine) host, in this In the embodiment, the distributed routing method in the embodiment is implemented specifically through the Overlay network based on Open vSwitch (OVS, Open Virtual Switching Standard).
本步骤中,所述virtio是一种I/O半虚拟化解决方案,是一套通用I/O设备虚拟化的程序,是对半虚拟化Hypervisor中的一组通用I/O设备的抽象。提供了一套上层应用与各Hypervisor虚拟化设备(KVM,Xen,VMware等)之间的通信框架和编程接口,减少跨平台所带来的兼容性问题,大大提高驱动程序开发效率。In this step, the virtio is an I/O paravirtualization solution, a set of general I/O device virtualization programs, and an abstraction of a group of general I/O devices in the paravirtualized Hypervisor. Provides a set of communication framework and programming interface between upper-layer applications and various hypervisor virtualization devices (KVM, Xen, VMware, etc.), reducing compatibility problems caused by cross-platform, and greatly improving the efficiency of driver development.
在进行具体的路由操作时,本实施例中的服务器接收数据发送指令,其中,该数据发送指令中包含有待发送的数据包,提取该数据发送指令中包含的数据包,通过虚拟机的virtio驱动将该数据包通过ring发送到Host主机内核中。When performing a specific routing operation, the server in this embodiment receives a data sending instruction, wherein the data sending instruction includes a data packet to be sent, extracts the data packet contained in the data sending instruction, and drives it through the virtio of the virtual machine Send the data packet to the host host kernel through the ring.
206、提取数据发送指令的来源端口和目标端口,并查询预置的关联规则中与来源端口关联的虚拟网口;206. Extract the source port and target port of the data sending instruction, and query the virtual network port associated with the source port in the preset association rules;
本步骤中,在接收到前述的数据发送指令后,提取数据发送指令中包含的来源端口和目标端口的编码;随后,根据来源端口编码在前述的预置的关联规则信息中查找出在该来 源端口被创建时分配的对应的虚拟网口的编码信息,根据该虚拟网口的编码信息得到该来源端口对应的关联的虚拟网口地址。得到对应的关联的虚拟网口地址后,将前述步骤中提取到的数据包发送至虚拟网口。In this step, after receiving the aforementioned data sending instruction, extract the codes of the source port and the target port included in the data sending instruction; The encoding information of the corresponding virtual network port allocated when the port is created, and the associated virtual network port address corresponding to the source port is obtained according to the encoding information of the virtual network port. After obtaining the corresponding associated virtual network port address, send the data packet extracted in the preceding steps to the virtual network port.
在本步骤中,所述的预置的关联规则信息,是预先基于预置的OVS-agent管理系统配置的虚拟来源端口与虚拟网口的对应关系生成的关联信息,具体地,本实施例中预置的OVS-agent管理系统会持续监听系统事件,在VPC主机中创建虚拟机时创建出相对应的新虚拟接口时,OVS-agent管理系统向该新虚拟接口分配虚拟网口;根据其具体的分配情况生成关联规则。In this step, the preset association rule information is the association information generated in advance based on the corresponding relationship between the virtual source port and the virtual network port configured by the preset OVS-agent management system. Specifically, in this embodiment The preset OVS-agent management system will continue to monitor system events. When a corresponding new virtual interface is created when a virtual machine is created in the VPC host, the OVS-agent management system will allocate a virtual network port to the new virtual interface; according to its specific The distribution of the generated association rules.
207、将数据包通过虚拟网口转发至对应的物理网口中;207. Forward the data packet to the corresponding physical network port through the virtual network port;
当虚拟网口接收到数据包后,将该数据包转发给该虚拟网口对应的物理网口中。After the virtual network port receives the data packet, the data packet is forwarded to the physical network port corresponding to the virtual network port.
举具体的例子进行说明,在本步骤在进行数据包转发时可以根据流表进行转发,其流表的具体样式可以为:To illustrate with a specific example, in this step, data packets can be forwarded according to the flow table, and the specific style of the flow table can be:
in_port=vf,in_port=vf,
many match files,many match files,
actions:VXLAN_encap(vni),actions:VXLAN_encap(vni),
send to=pf;send to=pf;
其中,所述in_port表示输入端口,vf为虚拟网口,pf为物理网口,vni为VXLAN标识(VXLAN Network Identifier)。Wherein, said in_port represents an input port, vf is a virtual network port, pf is a physical network port, and vni is a VXLAN identifier (VXLAN Network Identifier).
208、提取数据包的数据信息,根据数据信息从主机内核中查找对应的数据转发流表;208. Extract the data information of the data packet, and search the corresponding data forwarding flow table from the host kernel according to the data information;
209、根据数据转发流表和数据信息进行VXLAN封装,得到VXLAN数据隧道,并通过VXLAN数据隧道将数据包传输至目标端口。209. Perform VXLAN encapsulation according to the data forwarding flow table and data information to obtain a VXLAN data tunnel, and transmit the data packet to the target port through the VXLAN data tunnel.
提取数据包的数据信息,根据数据信息从主机内核中查找出对应的数据转发流表,其中,所述数据转发流表用于指示所述物理网口和目标端口之间的转发规则。The data information of the data packet is extracted, and the corresponding data forwarding flow table is found from the host kernel according to the data information, wherein the data forwarding flow table is used to indicate the forwarding rule between the physical network port and the target port.
本实施例中,该目标地址可以为本实施例中的虚拟机内部地址,也可以为外部的地址。根据流表和数据信息进行VXLAN封装,并通过underly网络将数据包传输至目标地址,其中,VXLAN(Virtual eXtensible Local Area Network)是一种隧道技术,能在三层网络的基础上建立二层以太网网络隧道,从而实现跨地域的二层互连;VXLAN一般通过安装在服务器上的软件实现报文的封装与解封装,网络只要IP路由可达即可。In this embodiment, the target address may be an internal address of the virtual machine in this embodiment, or an external address. Perform VXLAN encapsulation according to the flow table and data information, and transmit the data packet to the target address through the underlying network. Among them, VXLAN (Virtual eXtensible Local Area Network) is a tunnel technology that can establish a layer-2 Ethernet network on the basis of a layer-3 network. Network tunnels to achieve cross-regional Layer 2 interconnection; VXLAN generally implements packet encapsulation and decapsulation through software installed on the server, and the network only needs to be reachable by IP routes.
本申请实施例中,预先根据虚拟机上线时的虚拟端口配置转发规则,根据转发规则进行数据传输,简化数据包的传输流程,减少了本方案中路由操作的流表查找的操作,大大提升了虚拟机网络性能。In the embodiment of this application, forwarding rules are configured in advance according to the virtual port when the virtual machine is online, and data transmission is performed according to the forwarding rules, which simplifies the transmission process of data packets, reduces the flow table lookup operation of routing operations in this solution, and greatly improves Virtual machine network performance.
请参阅图3,本申请实施例中分布式路由方法的第三实施例包括:Referring to Figure 3, the third embodiment of the distributed routing method in the embodiment of the present application includes:
301、在主机上安装Open vSwitch管理工具;301. Install the Open vSwitch management tool on the host;
302、判断Open vSwitch数据路径上是否有新的虚拟端口被创建;302. Determine whether a new virtual port is created on the Open vSwitch data path;
303、若有,则获取虚拟端口编码,按照预置的分配规则根据虚拟端口编码分配虚拟网口,得到关联规则;303. If yes, obtain the virtual port code, allocate the virtual network port according to the virtual port code according to the preset allocation rule, and obtain the association rule;
本实施例中步骤301-步骤303中内容与前述实施例中步骤201-步骤203中内容基本相同,故在此不再赘述。The contents of step 301-step 303 in this embodiment are basically the same as the contents of step 201-step 203 in the foregoing embodiment, so details are not repeated here.
304、接收数据发送指令,提取数据发送指令中的数据包,并将数据包转发至主机内核中;304. Receive the data sending instruction, extract the data packet in the data sending instruction, and forward the data packet to the host kernel;
305、提取数据发送指令的来源端口和目标端口,并查询预置的关联规则中与来源端口关联的虚拟网口;305. Extract the source port and target port of the data sending instruction, and query the virtual network port associated with the source port in the preset association rules;
306、将数据包通过虚拟网口转发至对应的物理网口中;306. Forward the data packet to the corresponding physical network port through the virtual network port;
307、提取数据包的数据信息,根据数据信息从主机内核中查找对应的数据转发流表;307. Extract the data information of the data packet, and search the corresponding data forwarding flow table from the host kernel according to the data information;
308、根据数据转发流表和数据信息进行VXLAN封装,得到VXLAN数据隧道,并通过VXLAN数据隧道将数据包传输至目标端口;308. Perform VXLAN encapsulation according to the data forwarding flow table and data information to obtain a VXLAN data tunnel, and transmit the data packet to the target port through the VXLAN data tunnel;
本实施例中步骤304-步骤308中内容与前述实施例中步骤101-步骤105中内容基本相同,故在此不再赘述。The contents of step 304-step 308 in this embodiment are basically the same as the contents of step 101-step 105 in the foregoing embodiment, so details are not repeated here.
309、检测是否有虚拟网口接收到流表卸载的TC命令;309. Detect whether a virtual network port receives a TC command for flow table offloading;
310、若是,则在预置的控制数据库中查找流表卸载规则;310. If yes, search the flow table unloading rules in the preset control database;
本实施例中的分布式路由方法还能够对流表进行查找卸载,具体地,本实施例中所述的分布式路由方法是使用网卡硬件的卸载功能进行卸载操作的。在本步骤之前,在本实施例中的VPC主机中创建虚拟机时,预装的OVS-agent管理系统提取代码中配置信息,获取该虚拟机的流表卸载规则,并预先将该卸载规则存入数据库中。The distributed routing method in this embodiment can also search and offload the flow table. Specifically, the distributed routing method described in this embodiment uses the offloading function of the network card hardware to perform the offloading operation. Before this step, when creating a virtual machine in the VPC host in this embodiment, the pre-installed OVS-agent management system extracts the configuration information in the code, obtains the flow table unloading rule of the virtual machine, and stores the unloading rule in advance into the database.
本步骤中,检测是否有虚拟网口接收到流表卸载的TC(Traffic Control,流量控制)命令,所述TC命令是Linux内核中预置的控制工具,所述TC命令可以通过具体硬件提供的TC命令下发规则实现的。具体地,在检测到有虚拟网口接收到流表卸载的TC命令后,在预置的控制数据库中查找出该虚拟网口对应的流表卸载规则。In this step, detect whether there is a virtual network port to receive the TC (Traffic Control, flow control) command of flow table unloading, the TC command is a preset control tool in the Linux kernel, and the TC command can be provided by specific hardware Implemented by the TC command issuing rules. Specifically, after detecting that a virtual network port has received a TC command for flow table offloading, the flow table offloading rule corresponding to the virtual network port is found in the preset control database.
311、调用网卡硬件的规则下发接口向接收到流表卸载命令的虚拟网口下发流表卸载规则;311. Call the rule delivery interface of the network card hardware to deliver the flow table unloading rule to the virtual network port that receives the flow table unloading command;
312、虚拟网口根据流表卸载规则对流表卸载TC命令中对应的数据转发流表进行卸载。312. The virtual network port unloads the data forwarding flow table corresponding to the flow table unloading TC command according to the flow table offloading rule.
根据网卡硬件的规则下发接口地址,向接收到流表卸载命令的虚拟网口对应的流表卸载规则,虚拟网口根据收到的流表卸载规则对流表卸载TC命令中对应的数据转发流表进行卸载。本实施例中将虚拟网口功能设置在OVS中,将虚拟网口与虚拟机的虚拟端口一一对应,以便通过虚拟网口的写在功能实现数据转发流表的卸载。According to the rules of the network card hardware, the interface address is issued, and the flow table unloading rule corresponding to the virtual network port that receives the flow table offloading command is sent. The virtual network port unloads the corresponding data forwarding flow in the TC command according to the received flow table offloading rule. The table is unloaded. In this embodiment, the function of the virtual network port is set in the OVS, and the virtual network port is in one-to-one correspondence with the virtual port of the virtual machine, so that the unloading of the data forwarding flow table can be realized through the writing function of the virtual network port.
本申请实施例中,预先根据虚拟机上线时的虚拟端口配置转发规则,根据转发规则进行数据传输,简化数据包的传输流程,减少了本方案中路由操作的流表查找的操作,还能够进行流表的查找和卸载,在不使用智能网卡的情况下,大大提升了虚拟机网络性能。In the embodiment of this application, the forwarding rules are configured in advance according to the virtual port when the virtual machine goes online, and data transmission is performed according to the forwarding rules, which simplifies the transmission process of data packets, reduces the flow table lookup operation of routing operations in this solution, and can also perform The search and unloading of the flow table greatly improves the network performance of the virtual machine without using a smart network card.
请参阅图4,本申请实施例中分布式路由方法的第四实施例包括:Please refer to Figure 4, the fourth embodiment of the distributed routing method in the embodiment of the present application includes:
401、在主机上安装Open vSwitch管理工具;401. Install the Open vSwitch management tool on the host;
402、判断Open vSwitch数据路径上是否有新的虚拟端口被创建;402. Determine whether a new virtual port is created on the Open vSwitch data path;
403、若有,则获取虚拟端口编码,按照预置的分配规则根据虚拟端口编码分配虚拟网口,得到关联规则;403. If yes, obtain the virtual port code, allocate the virtual network port according to the virtual port code according to the preset allocation rule, and obtain the association rule;
本实施例中步骤401-步骤403中内容与前述实施例中步骤201-步骤203中内容基本相同,故在此不再赘述。The content in step 401-step 403 in this embodiment is basically the same as the content in step 201-step 203 in the previous embodiment, so it will not be repeated here.
404、检查虚拟机用户控件内是否有进程通过socket发送数据包发送指令;404. Check whether there is a process in the virtual machine user control to send a data packet sending instruction through the socket;
本步骤中所述Socket(套接字),就是对网络中不同主机上的应用进程之间进行双向通信的端点的抽象。一个套接字就是网络上进程通信的一端,提供了应用层进程利用网络协议交换数据的机制。从所处的地位来讲,套接字上联应用进程,下联网络协议栈,是应用程序通过网络协议进行通信的接口,是应用程序与网络协议根进行交互的接口。具体在本实施例中,Open vSwitch管理工具监控虚拟机用户控件内是否有进程通过socket发送数据包发送指令。The Socket (socket) mentioned in this step is an abstraction of an endpoint for two-way communication between application processes on different hosts in the network. A socket is one end of process communication on the network, providing a mechanism for application layer processes to exchange data using network protocols. From the perspective of its position, the socket connects to the application process and connects to the network protocol stack, which is the interface for the application program to communicate through the network protocol, and the interface for the application program to interact with the network protocol root. Specifically in this embodiment, the Open vSwitch management tool monitors whether there is a process in the virtual machine user control to send a data packet sending instruction through the socket.
405、若是,则接收数据发送指令,提取数据发送指令中的数据包,将数据包在虚拟机的virtio驱动中通过ring发送到Host主机内核中;405. If so, receive the data sending instruction, extract the data packet in the data sending instruction, and send the data packet to the Host host kernel through the ring in the virtio driver of the virtual machine;
若有进程通过socket发送数据包发送指令,则提取数据发送指令中的数据包,其中,本实施例中所述的分布式路由装置是基于VPC(Virtual PC,虚拟机)主机实现的,在本 实施例中,是具体通过Overlay网络中基于Open vSwitch(OVS,开放虚拟交换标准)实现本实施例中的分布式路由方法的。If there is a process to send a data packet sending instruction through the socket, then extract the data packet in the data sending instruction, wherein the distributed routing device described in this embodiment is implemented based on a VPC (Virtual PC, virtual machine) host, in this In the embodiment, the distributed routing method in the embodiment is implemented specifically through the Overlay network based on Open vSwitch (OVS, Open Virtual Switching Standard).
本步骤中,所述virtio是一种I/O半虚拟化解决方案,是一套通用I/O设备虚拟化的程序,是对半虚拟化Hypervisor中的一组通用I/O设备的抽象。提供了一套上层应用与各Hypervisor虚拟化设备(KVM,Xen,VMware等)之间的通信框架和编程接口,减少跨平台所带来的兼容性问题,大大提高驱动程序开发效率。In this step, the virtio is an I/O paravirtualization solution, a set of general I/O device virtualization programs, and an abstraction of a group of general I/O devices in the paravirtualized Hypervisor. Provides a set of communication framework and programming interface between upper-layer applications and various hypervisor virtualization devices (KVM, Xen, VMware, etc.), reducing compatibility problems caused by cross-platform, and greatly improving the efficiency of driver development.
在进行具体的路由操作时,本实施例中的服务器接收数据发送指令,其中,该数据发送指令中包含有待发送的数据包,提取该数据发送指令中包含的数据包,通过虚拟机的virtio驱动将该数据包通过ring发送到Host主机内核中。When performing a specific routing operation, the server in this embodiment receives a data sending instruction, wherein the data sending instruction includes a data packet to be sent, extracts the data packet contained in the data sending instruction, and drives it through the virtio of the virtual machine Send the data packet to the host host kernel through the ring.
406、提取数据发送指令的来源端口和目标端口,并查询预置的关联规则中与来源端口关联的虚拟网口;406. Extract the source port and target port of the data sending instruction, and query the virtual network port associated with the source port in the preset association rules;
本步骤中具体内容与前述实施例中步骤102中内容基本相同,故在此不再赘述。The specific content in this step is basically the same as the content in step 102 in the foregoing embodiment, so details are not repeated here.
407、将数据包通过关联的虚拟网口转发至对应的物理网口中;407. Forward the data packet to the corresponding physical network port through the associated virtual network port;
本步骤中具体内容与前述实施例中步骤103中内容基本相同,故在此不再赘述。The specific content in this step is basically the same as the content in step 103 in the foregoing embodiment, so details are not repeated here.
408、提取数据包的数据信息,根据数据信息从主机内核中查找对应的数据转发流表;408. Extract the data information of the data packet, and search the corresponding data forwarding flow table from the host kernel according to the data information;
本步骤中具体内容与前述实施例中步骤104中内容基本相同,故在此不再赘述。The specific content in this step is basically the same as the content in step 104 in the foregoing embodiment, so details are not repeated here.
409、根据数据转发流表和数据信息进行VXLAN封装,得到VXLAN数据隧道,并通过VXLAN数据隧道将数据包传输至目标端口;409. Perform VXLAN encapsulation according to the data forwarding flow table and data information to obtain a VXLAN data tunnel, and transmit the data packet to the target port through the VXLAN data tunnel;
本步骤中具体内容与前述实施例中步骤105中内容基本相同,故在此不再赘述。The specific content in this step is basically the same as the content in step 105 in the foregoing embodiment, so details are not repeated here.
410、检测是否有虚拟网口接收到流表卸载的TC命令;410. Detect whether a virtual network port receives a TC command for flow table offloading;
411、若是,则在预置的控制数据库中查找流表卸载规则;411. If yes, search the flow table unloading rule in the preset control database;
本实施例中的分布式路由方法还能够对流表进行查找卸载,具体地,本实施例中所述的分布式路由方法是使用网卡硬件的卸载功能进行卸载操作的。在本步骤之前,在本实施例中的VPC主机中创建虚拟机时,预装的OVS-agent管理系统提取代码中配置信息,获取该虚拟机的流表卸载规则,并预先将该卸载规则存入数据库中。The distributed routing method in this embodiment can also search and offload the flow table. Specifically, the distributed routing method described in this embodiment uses the offloading function of the network card hardware to perform the offloading operation. Before this step, when creating a virtual machine in the VPC host in this embodiment, the pre-installed OVS-agent management system extracts the configuration information in the code, obtains the flow table unloading rule of the virtual machine, and stores the unloading rule in advance into the database.
本步骤中,检测是否有虚拟网口接收到流表卸载的TC(Traffic Control,流量控制)命令,所述TC命令是Linux内核中预置的控制工具,所述TC命令可以通过具体硬件提供的TC命令下发规则实现的。具体地,在检测到有虚拟网口接收到流表卸载的TC命令后,在预置的控制数据库中查找出该虚拟网口对应的流表卸载规则。In this step, detect whether there is a virtual network port to receive the TC (Traffic Control, flow control) command of flow table unloading, the TC command is a preset control tool in the Linux kernel, and the TC command can be provided by specific hardware Implemented by the TC command issuing rules. Specifically, after detecting that a virtual network port has received a TC command for flow table offloading, the flow table offloading rule corresponding to the virtual network port is found in the preset control database.
412、调用网卡硬件的规则下发接口向接收到流表卸载命令的虚拟网口下发流表卸载规则;412. Call the rule delivery interface of the network card hardware to deliver the flow table unloading rule to the virtual network port that receives the flow table unloading command;
413、虚拟网口根据流表卸载规则对流表卸载TC命令中对应的数据转发流表进行卸载;413. The virtual network port unloads the corresponding data forwarding flow table in the flow table unloading TC command according to the flow table offloading rule;
根据网卡硬件的规则下发接口地址,向接收到流表卸载命令的虚拟网口对应的流表卸载规则,虚拟网口根据收到的流表卸载规则对流表卸载TC命令中对应的数据转发流表进行卸载。本实施例中将虚拟网口功能设置在OVS中,将虚拟网口与虚拟机的虚拟端口一一对应,以便通过虚拟网口的写在功能实现数据转发流表的卸载。According to the rules of the network card hardware, the interface address is issued, and the flow table unloading rule corresponding to the virtual network port that receives the flow table offloading command is sent. The virtual network port unloads the corresponding data forwarding flow in the TC command according to the received flow table offloading rule. The table is unloaded. In this embodiment, the function of the virtual network port is set in the OVS, and the virtual network port is in one-to-one correspondence with the virtual port of the virtual machine, so that the unloading of the data forwarding flow table can be realized through the writing function of the virtual network port.
414、检测是否接收到VXLAN解封装命令;414. Detect whether a VXLAN decapsulation command is received;
415、若是,则在预置的控制数据库中查找VXLAN解封装规则;415. If yes, search for VXLAN decapsulation rules in the preset control database;
416、调用网卡硬件下发规则接口向接收到VXLAN解封装命令的虚拟网口下发VXLAN解封装规则;416. Call the network card hardware delivery rule interface to deliver the VXLAN decapsulation rule to the virtual network port that receives the VXLAN decapsulation command;
417、虚拟网口根据VXLAN解封装规则对VXLAN解封装命令中对应的VXLAN数据隧道进行解封装。417. The virtual network port decapsulates the corresponding VXLAN data tunnel in the VXLAN decapsulation command according to the VXLAN decapsulation rule.
此外,本实施例中所述的分布式路由方法还能够接收VXLAN解封装命令,在数据转发 流表卸载时对VXLAN进行解封装操作。本实施例中所述的分布式路由方法是使用网卡硬件的写在功能执行VXLAN解封装操作。具体地在检测到有虚拟网口接收到VXLAN解封装的TC命令后,在预置的控制数据库中查找出该虚拟网口对应的VXLAN解封装规则。根据网卡硬件的规则下发接口地址,向接收到流表卸载命令的虚拟网口对应的VXLAN解封装规则,虚拟网口根据收到的VXLAN解封装规则对TC命令中对应的VXLAN数据隧道进行解封装。In addition, the distributed routing method described in this embodiment can also receive a VXLAN decapsulation command, and perform a decapsulation operation on VXLAN when the data forwarding flow table is unloaded. The distributed routing method described in this embodiment uses the write-in function of the network card hardware to perform the VXLAN decapsulation operation. Specifically, after detecting that a virtual network port has received a TC command for VXLAN decapsulation, the VXLAN decapsulation rule corresponding to the virtual network port is found in the preset control database. According to the rules of the network card hardware, the interface address is issued, and the VXLAN decapsulation rule corresponding to the virtual network port that receives the flow table unloading command is sent. The virtual network port decapsulates the corresponding VXLAN data tunnel in the TC command according to the received VXLAN decapsulation rule. encapsulation.
例如,对一个VXLAN封装的流表卸载的一个具体的操作语句可以为:For example, a specific operation statement for offloading a VXLAN-encapsulated flow table can be:
filter protocol all pref 49152flower handle 0x1filter protocol all pref 49152flower handle 0x1
dst_mac ea:84:22:e4:2b:dadst_mac ea:84:22:e4:2b:da
enc_dst_ip 6.2.14.129enc_dst_ip 6.2.14.129
enc_key_id 1048enc_key_id 1048
enc_dst_port 4789enc_dst_port 4789
in_hwin_hw
action order 1:tunnel_key unset pipeaction order 1: tunnel_key unset pipe
index 11ref 1bind 1index 11ref 1bind 1
action order 2:mirred(Egress Redirect to device enp175s0f0_0)stolenaction order 2:mirred(Egress Redirect to device enp175s0f0_0)stolen
index 11ref 1bind 1;index 11ref 1bind 1;
其中,上述语句的具体含义为:目的mac匹配ea:84:22:e4:2b:da;目的地址匹配6.2.14.129;key id为1048;将目的端口是4789的包先做解tunnel,然后镜像给VF接口enp175s0f0_0。Among them, the specific meaning of the above statement is: the destination mac matches ea:84:22:e4:2b:da; the destination address matches 6.2.14.129; the key id is 1048; the packet whose destination port is 4789 is first untunneled and then mirrored Give VF interface enp175s0f0_0.
此外,根据本实施例中的配置,本实施例中的虚拟机可以进行迁移;接收到虚拟机迁移指令时,提取所述虚拟机迁移指令中的原虚拟机和目标虚拟机编码,根据所述原虚拟机和目标虚拟机编码查找所述原虚拟机和所述目标虚拟机的网络位置;将所述原虚拟机中的存储数据进行备份,通过网卡硬件下发的数据迁移命令创建传输通道;通过所述传输通道将备份的存储数据传输至目标虚拟机中。其中,本申请中由于将虚拟网口置于OVS网络中以代替将虚拟网口直通进到虚拟机内到虚拟机内部的方案,是的虚拟机能够使用标准virtio-net网卡驱动,以便虚拟机的后续进行迁移。In addition, according to the configuration in this embodiment, the virtual machine in this embodiment can be migrated; when a virtual machine migration instruction is received, the codes of the original virtual machine and the target virtual machine in the virtual machine migration instruction are extracted, and according to the The original virtual machine and the target virtual machine are coded to find the network location of the original virtual machine and the target virtual machine; the storage data in the original virtual machine is backed up, and a transmission channel is created through a data migration command issued by the network card hardware; The backup storage data is transmitted to the target virtual machine through the transmission channel. Among them, in this application, because the virtual network port is placed in the OVS network to replace the solution of directly entering the virtual machine into the virtual machine, the virtual machine can use the standard virtio-net network card driver, so that the virtual machine subsequent migration.
本申请实施例中,预先根据虚拟机上线时的虚拟端口配置转发规则,根据转发规则进行数据传输,简化数据包的传输流程,减少了本方案中路由操作的流表查找的操作,还能够进行流表的查找和卸载,在不使用智能网卡的情况下,大大提升了虚拟机网络性能;同时还支持对虚拟机进行迁移。In the embodiment of this application, the forwarding rules are configured in advance according to the virtual port when the virtual machine goes online, and data transmission is performed according to the forwarding rules, which simplifies the transmission process of data packets, reduces the flow table lookup operation of routing operations in this solution, and can also perform The search and unloading of the flow table greatly improves the network performance of the virtual machine without using a smart network card; it also supports the migration of the virtual machine.
上面对本申请实施例中分布式路由方法进行了描述,下面对本申请实施例中分布式路由装置进行描述,请参阅图5,本申请实施例中分布式路由装置一个实施例包括:The distributed routing method in the embodiment of the present application is described above, and the distributed routing device in the embodiment of the present application is described below. Please refer to FIG. 5. An embodiment of the distributed routing device in the embodiment of the present application includes:
接收模块501,用于接收数据发送指令,提取所述数据发送指令中的数据包,并将所述数据包转发至主机内核中;The receiving module 501 is configured to receive a data sending instruction, extract a data packet in the data sending instruction, and forward the data packet to the host core;
提取模块502,用于根据所述数据包的来源端口信息,根据预置的关联规则将所述数据包请求转发给所述来源端口关联的虚拟网口;An extraction module 502, configured to forward the data packet request to the virtual network port associated with the source port according to the preset association rules according to the source port information of the data packet;
转发模块503,用于将所述数据包通过所述关联的虚拟网口转发至物理网口中;A forwarding module 503, configured to forward the data packet to a physical network port through the associated virtual network port;
流表查找模块504,用于提取所述数据包的数据信息,根据所述数据信息在主机内核中查找预置的流表;A flow table lookup module 504, configured to extract data information of the data packet, and search a preset flow table in the host kernel according to the data information;
传输模块505,用于根据所述流表和所述数据信息进行VXLAN封装,并通过underly网络将所述数据包传输至目标地址。The transmission module 505 is configured to perform VXLAN encapsulation according to the flow table and the data information, and transmit the data packet to the target address through the underlying network.
本申请实施例中,通过预置的转发规则简化数据包的传输流程,减少流表查找的操作,从而提升虚拟机网络性能。In the embodiment of the present application, the transmission process of the data packet is simplified through the preset forwarding rules, and the operation of searching the flow table is reduced, thereby improving the network performance of the virtual machine.
请参阅图6,本申请实施例中分布式路由装置的另一个实施例包括:Please refer to Figure 6, another embodiment of the distributed routing device in the embodiment of the present application includes:
接收模块501,用于接收数据发送指令,提取所述数据发送指令中的数据包,并将所述数据包转发至主机内核中;The receiving module 501 is configured to receive a data sending instruction, extract a data packet in the data sending instruction, and forward the data packet to the host core;
提取模块502,用于根据所述数据包的来源端口信息,根据预置的关联规则将所述数据包请求转发给所述来源端口关联的虚拟网口;An extraction module 502, configured to forward the data packet request to the virtual network port associated with the source port according to the preset association rules according to the source port information of the data packet;
转发模块503,用于将所述数据包通过所述关联的虚拟网口转发至物理网口中;A forwarding module 503, configured to forward the data packet to a physical network port through the associated virtual network port;
流表查找模块504,用于提取所述数据包的数据信息,根据所述数据信息在主机内核中查找预置的流表;A flow table lookup module 504, configured to extract data information of the data packet, and search a preset flow table in the host kernel according to the data information;
传输模块505,用于根据所述流表和所述数据信息进行VXLAN封装,并通过underly网络将所述数据包传输至目标地址。The transmission module 505 is configured to perform VXLAN encapsulation according to the flow table and the data information, and transmit the data packet to the target address through the underlying network.
可选的,所述接收模块501包括:Optionally, the receiving module 501 includes:
检查单元5011,用于检查虚拟机用户控件内是否有进程通过socket发送数据包发送指令;The checking unit 5011 is used to check whether there is a process in the virtual machine user control to send a data packet sending instruction through the socket;
传输单元5012,用于若是,则接收数据发送指令,提取所述数据发送指令中的数据包,将所述数据包在虚拟机的virtio驱动中通过ring发送到Host主机内核中。The transmission unit 5012 is configured to receive the data sending instruction if yes, extract the data packet in the data sending instruction, and send the data packet to the Host host kernel through the ring in the virtio driver of the virtual machine.
可选的,所述分布式路由装置还包括规则设置模块506,所述规则设置模块506具体用于:Optionally, the distributed routing device further includes a rule setting module 506, and the rule setting module 506 is specifically used for:
在主机上安装Open vSwitch管理工具;Install the Open vSwitch management tool on the host;
判断Open vSwitch数据路径上是否有新的虚拟端口被创建;Determine whether a new virtual port is created on the Open vSwitch data path;
若有,则获取所述虚拟端口编码,按照预置的分配规则根据所述虚拟端口编码分配虚拟网口,得到所述关联规则。If so, the virtual port code is obtained, and the virtual network port is allocated according to the virtual port code according to a preset allocation rule to obtain the association rule.
可选的,所述分布式路由装置还包括卸载模块,所述卸载模块包括:Optionally, the distributed routing device further includes an offload module, and the offload module includes:
第一命令接收单元,用于检测是否有虚拟网口接收到流表卸载的TC命令;The first command receiving unit is used to detect whether a virtual network port has received a TC command for flow table offloading;
第一规则查找单元,用于若是,则在预置的控制数据库中查找流表卸载规则;The first rule search unit is configured to search the flow table unloading rule in the preset control database if yes;
第一规则下发单元,用于调用网卡硬件的规则下发接口向所述接收到流表卸载命令的虚拟网口下发所述流表卸载规则;A first rule issuing unit, configured to call a rule issuing interface of the network card hardware to issue the flow table offloading rule to the virtual network port that has received the flow table offloading command;
卸载执行单元,用于所述虚拟网口根据所述流表卸载规则对所述流表卸载TC命令中对应的流表进行卸载。The offload execution unit is used for the virtual network port to offload the corresponding flow table in the flow table offload TC command according to the flow table offload rule.
可选的,所述分布式路由装置还包括解封装模块,所述解封装模块包括:Optionally, the distributed routing device also includes a decapsulation module, and the decapsulation module includes:
第二命令接收单元,检测是否接收到VXLAN解封装命令;The second command receiving unit detects whether a VXLAN decapsulation command is received;
第二规则查找单元,用于若是,则在预置的控制数据库中查找VXLAN解封装规则;The second rule search unit is used to search the VXLAN decapsulation rule in the preset control database if it is true;
第二规则下发单元,用于调用网卡硬件下发规则接口向所述接收到VXLAN解封装命令的虚拟网口下发所述VXLAN解封装规则;The second rule delivery unit is used to call the network card hardware delivery rule interface to deliver the VXLAN decapsulation rule to the virtual network port that has received the VXLAN decapsulation command;
解封装执行单元,用于所述虚拟网口根据所述VXLAN解封装规则对所述VXLAN解封装命令中对应的VXLAN数据隧道进行解封装。The decapsulation execution unit is used for the virtual network port to decapsulate the corresponding VXLAN data tunnel in the VXLAN decapsulation command according to the VXLAN decapsulation rule.
可选的,所述分布式路由装置还包括虚拟机迁移模块,所述虚拟机迁移模块具体用于:Optionally, the distributed routing device further includes a virtual machine migration module, and the virtual machine migration module is specifically used for:
获取虚拟机迁移指令,并提取所述虚拟机迁移指令中的原虚拟机和目标虚拟机编码;Obtaining a virtual machine migration instruction, and extracting codes of the original virtual machine and the target virtual machine in the virtual machine migration instruction;
根据所述原虚拟机和目标虚拟机编码查找所述原虚拟机和所述目标虚拟机的网络位置;Finding the network locations of the original virtual machine and the target virtual machine according to the codes of the original virtual machine and the target virtual machine;
将所述原虚拟机中的存储数据进行备份,通过网卡硬件下发的数据迁移命令创建传输通道;Backing up the stored data in the original virtual machine, and creating a transmission channel through a data migration command issued by the network card hardware;
通过所述传输通道将备份的存储数据传输至目标虚拟机中。The backup storage data is transmitted to the target virtual machine through the transmission channel.
本申请实施例中,预先根据虚拟机上线时的虚拟端口配置转发规则,根据转发规则进 行数据传输,简化数据包的传输流程,减少了本方案中路由操作的流表查找的操作,还能够进行流表的查找和卸载,在不使用智能网卡的情况下,大大提升了虚拟机网络性能;同时还支持对虚拟机进行迁移。In the embodiment of this application, the forwarding rules are configured in advance according to the virtual port when the virtual machine goes online, and data transmission is performed according to the forwarding rules, which simplifies the transmission process of data packets, reduces the flow table lookup operation of routing operations in this solution, and can also perform The search and unloading of the flow table greatly improves the network performance of the virtual machine without using a smart network card; it also supports the migration of the virtual machine.
上面图5和图6从模块化功能实体的角度对本申请实施例中的分布式路由装置进行详细描述,下面从硬件处理的角度对本申请实施例中分布式路由设备进行详细描述。The above Figures 5 and 6 describe in detail the distributed routing device in the embodiment of the present application from the perspective of modular functional entities, and the following describes the distributed routing device in the embodiment of the present application in detail from the perspective of hardware processing.
图7是本申请实施例提供的一种分布式路由设备的结构示意图,该分布式路由设备700可因配置或性能不同而产生比较大的差异,可以包括一个或一个以上处理器(central processing units,CPU)710(例如,一个或一个以上处理器)和存储器720,一个或一个以上存储应用程序733或数据732的存储介质730(例如一个或一个以上海量存储设备)。其中,存储器720和存储介质730可以是短暂存储或持久存储。存储在存储介质730的程序可以包括一个或一个以上模块(图示没标出),每个模块可以包括对分布式路由设备700中的一系列指令操作。更进一步地,处理器710可以设置为与存储介质730通信,在分布式路由设备700上执行存储介质730中的一系列指令操作。FIG. 7 is a schematic structural diagram of a distributed routing device provided by an embodiment of the present application. The distributed routing device 700 may have relatively large differences due to different configurations or performances, and may include one or more processors (central processing units) , CPU) 710 (eg, one or more processors) and memory 720, one or more storage media 730 (eg, one or more mass storage devices) for storing application programs 733 or data 732 . Wherein, the memory 720 and the storage medium 730 may be temporary storage or persistent storage. The program stored in the storage medium 730 may include one or more modules (not shown in the figure), and each module may include a series of instruction operations on the distributed routing device 700 . Furthermore, the processor 710 may be configured to communicate with the storage medium 730 , and execute a series of instruction operations in the storage medium 730 on the distributed routing device 700 .
分布式路由设备700还可以包括一个或一个以上电源740,一个或一个以上有线或无线网络接口750,一个或一个以上输入输出接口760,和/或,一个或一个以上操作系统731,例如Windows Serve,Mac OS X,Unix,Linux,FreeBSD等等。本领域技术人员可以理解,图7示出的分布式路由设备结构并不构成对分布式路由设备的限定,可以包括比图示更多或更少的部件,或者组合某些部件,或者不同的部件布置。The distributed routing device 700 can also include one or more power supplies 740, one or more wired or wireless network interfaces 750, one or more input and output interfaces 760, and/or, one or more operating systems 731, such as Windows Server , Mac OS X, Unix, Linux, FreeBSD, etc. Those skilled in the art can understand that the distributed routing device structure shown in Figure 7 does not constitute a limitation on the distributed routing device, and may include more or less components than shown in the illustration, or combine some components, or different Part placement.
本申请还提供一种计算机设备,该计算机设备可以是能够执行上述实施例中所述的分布式路由方法的任何一种设备,所述计算机设备包括存储器和处理器,存储器中存储有计算机可读指令,计算机可读指令被处理器执行时,使得处理器执行上述各实施例中的所述分布式路由方法的步骤。The present application also provides a computer device, which may be any device capable of executing the distributed routing method described in the above embodiments, the computer device includes a memory and a processor, and the memory stores a computer-readable Instructions, when the computer-readable instructions are executed by the processor, the processor is made to execute the steps of the distributed routing method in the foregoing embodiments.
本申请所指区块链是分布式数据存储、点对点传输、共识机制、加密算法等计算机技术的新型应用模式。区块链(Blockchain),本质上是一个去中心化的数据库,是一串使用密码学方法相关联产生的数据块,每一个数据块中包含了一批次网络交易的信息,用于验证其信息的有效性(防伪)和生成下一个区块。区块链可以包括区块链底层平台、平台产品服务层以及应用服务层等。The blockchain referred to in this application is a new application mode of computer technologies such as distributed data storage, point-to-point transmission, consensus mechanism, and encryption algorithm. Blockchain (Blockchain), essentially a decentralized database, is a series of data blocks associated with each other using cryptographic methods. Each data block contains a batch of network transaction information, which is used to verify its Validity of information (anti-counterfeiting) and generation of the next block. The blockchain can include the underlying platform of the blockchain, the platform product service layer, and the application service layer.
本申请还提供一种计算机可读存储介质,该计算机可读存储介质可以为非易失性计算机可读存储介质,该计算机可读存储介质也可以为易失性计算机可读存储介质,所述计算机可读存储介质中存储有指令,当所述指令在计算机上运行时,使得计算机执行所述分布式路由方法的步骤。The present application also provides a computer-readable storage medium. The computer-readable storage medium may be a non-volatile computer-readable storage medium. The computer-readable storage medium may also be a volatile computer-readable storage medium. Instructions are stored in the computer-readable storage medium, and when the instructions are run on the computer, the computer is made to execute the steps of the distributed routing method.
所属领域的技术人员可以清楚地了解到,为描述的方便和简洁,上述描述的系统,装置和单元的具体工作过程,可以参考前述方法实施例中的对应过程,在此不再赘述。Those skilled in the art can clearly understand that for the convenience and brevity of the description, the specific working process of the above-described system, device and unit can refer to the corresponding process in the foregoing method embodiment, which will not be repeated here.
本申请所指区块链是分布式数据存储、点对点传输、共识机制、加密算法等计算机技术的新型应用模式。区块链(Blockchain),本质上是一个去中心化的数据库,是一串使用密码学方法相关联产生的数据块,每一个数据块中包含了一批次网络交易的信息,用于验证其信息的有效性(防伪)和生成下一个区块。区块链可以包括区块链底层平台、平台产品服务层以及应用服务层等。The blockchain referred to in this application is a new application mode of computer technologies such as distributed data storage, point-to-point transmission, consensus mechanism, and encryption algorithm. Blockchain (Blockchain), essentially a decentralized database, is a series of data blocks associated with each other using cryptographic methods. Each data block contains a batch of network transaction information, which is used to verify its Validity of information (anti-counterfeiting) and generation of the next block. The blockchain can include the underlying platform of the blockchain, the platform product service layer, and the application service layer.
所述集成的单元如果以软件功能单元的形式实现并作为独立的产品销售或使用时,可以存储在一个计算机可读取存储介质中。基于这样的理解,本申请的技术方案本质上或者说对现有技术做出贡献的部分或者该技术方案的全部或部分可以以软件产品的形式体现出来,该计算机软件产品存储在一个存储介质中,包括若干指令用以使得一台计算机设备(可以是个人计算机,服务器,或者网络设备等)执行本申请各个实施例所述方法的全部或部 分步骤。而前述的存储介质包括:U盘、移动硬盘、只读存储器(read-only memory,ROM)、随机存取存储器(random access memory,RAM)、磁碟或者光盘等各种可以存储程序代码的介质。If the integrated unit is realized in the form of a software function unit and sold or used as an independent product, it can be stored in a computer-readable storage medium. Based on this understanding, the technical solution of the present application is essentially or part of the contribution to the prior art or all or part of the technical solution can be embodied in the form of a software product, and the computer software product is stored in a storage medium , including several instructions to make a computer device (which may be a personal computer, a server, or a network device, etc.) execute all or part of the steps of the methods described in the various embodiments of the present application. The aforementioned storage medium includes: U disk, mobile hard disk, read-only memory (read-only memory, ROM), random access memory (random access memory, RAM), magnetic disk or optical disc and other media that can store program codes. .
以上所述,以上实施例仅用以说明本申请的技术方案,而非对其限制;尽管参照前述实施例对本申请进行了详细的说明,本领域的普通技术人员应当理解:其依然可以对前述各实施例所记载的技术方案进行修改,或者对其中部分技术特征进行等同替换;而这些修改或者替换,并不使相应技术方案的本质脱离本申请各实施例技术方案的精神和范围。As mentioned above, the above embodiments are only used to illustrate the technical solutions of the present application, and are not intended to limit them; although the present application has been described in detail with reference to the foregoing embodiments, those of ordinary skill in the art should understand that: it can still understand the foregoing The technical solutions described in each embodiment are modified, or some of the technical features are equivalently replaced; and these modifications or replacements do not make the essence of the corresponding technical solutions deviate from the spirit and scope of the technical solutions of the various embodiments of the application.

Claims (20)

  1. 一种分布式路由方法,其中,所述分布式路由方法包括:A distributed routing method, wherein the distributed routing method includes:
    接收数据发送指令,提取所述数据发送指令中的数据包,并将所述数据包转发至主机内核中;receiving a data sending instruction, extracting a data packet in the data sending instruction, and forwarding the data packet to the host kernel;
    提取所述数据发送指令的来源端口和目标端口,并查询预置的关联规则中与所述来源端口关联的虚拟网口;Extracting the source port and target port of the data sending instruction, and querying the virtual network port associated with the source port in the preset association rules;
    将所述数据包通过所述虚拟网口转发至对应的物理网口中;Forwarding the data packet to the corresponding physical network port through the virtual network port;
    提取所述数据包的数据信息,根据所述数据信息从所述主机内核中查找对应的数据转发流表,其中,所述数据转发流表用于指示所述物理网口和目标端口之间的转发规则;extracting the data information of the data packet, and searching for a corresponding data forwarding flow table from the host kernel according to the data information, wherein the data forwarding flow table is used to indicate the connection between the physical network port and the target port Forwarding rules;
    根据所述数据转发流表和所述数据信息进行VXLAN封装,得到VXLAN数据隧道,并通过所述VXLAN数据隧道将所述数据包传输至所述目标端口。Perform VXLAN encapsulation according to the data forwarding flow table and the data information to obtain a VXLAN data tunnel, and transmit the data packet to the target port through the VXLAN data tunnel.
  2. 根据权利要求1所述的分布式路由方法,其中,所述接收数据发送指令,提取所述数据发送指令中的数据包,并将所述数据包转发至主机内核中包括:The distributed routing method according to claim 1, wherein the receiving the data sending instruction, extracting the data packet in the data sending instruction, and forwarding the data packet to the host kernel comprises:
    检查虚拟机用户控件内是否有进程通过socket发送数据包发送指令;Check whether there is a process in the virtual machine user control to send a packet sending instruction through the socket;
    若是,则接收数据发送指令,提取所述数据发送指令中的数据包,将所述数据包在虚拟机的virtio驱动中通过ring发送到Host主机内核中。If so, receive the data sending instruction, extract the data packet in the data sending instruction, and send the data packet to the Host host kernel through the ring in the virtio driver of the virtual machine.
  3. 根据权利要求1或2所述的分布式路由方法,其中,在所述接收数据发送指令,提取所述数据发送指令中的数据包,并将所述数据包转发至主机内核中之前,还包括:The distributed routing method according to claim 1 or 2, wherein, before receiving the data sending instruction, extracting the data packet in the data sending instruction, and forwarding the data packet to the host kernel, further comprising: :
    在主机上安装Open vSwitch管理工具;Install the Open vSwitch management tool on the host;
    判断Open vSwitch数据路径上是否有新的虚拟端口被创建;Determine whether a new virtual port is created on the Open vSwitch data path;
    若有,则获取所述虚拟端口编码,按照预置的分配规则根据所述虚拟端口编码分配虚拟网口,得到所述关联规则。If so, the virtual port code is obtained, and the virtual network port is allocated according to the virtual port code according to a preset allocation rule to obtain the association rule.
  4. 根据权利要求3所述的分布式路由方法,其中,在所述通过所述VXLAN数据隧道将所述数据包传输至所述目标端口之后,还包括:The distributed routing method according to claim 3, wherein, after transmitting the data packet to the target port through the VXLAN data tunnel, further comprising:
    检测是否有虚拟网口接收到流表卸载的TC命令;Detect whether a virtual network port has received the TC command for flow table offloading;
    若是,则在预置的控制数据库中查找流表卸载规则;If so, look for flow table offload rules in the preset control database;
    调用网卡硬件的规则下发接口向所述接收到流表卸载命令的虚拟网口下发所述流表卸载规则;Calling the rule delivery interface of the network card hardware to deliver the flow table offloading rule to the virtual network port that has received the flow table offloading command;
    所述虚拟网口根据所述流表卸载规则对所述流表卸载TC命令中对应的数据转发流表进行卸载。The virtual network port unloads the corresponding data forwarding flow table in the flow table unloading TC command according to the flow table offloading rule.
  5. 根据权利要求4所述的分布式路由方法,其中,在所述通过所述VXLAN数据隧道将所述数据包传输至所述目标端口之后,还包括:The distributed routing method according to claim 4, wherein, after transmitting the data packet to the target port through the VXLAN data tunnel, further comprising:
    检测是否接收到VXLAN解封装命令;Detect whether a VXLAN decapsulation command is received;
    若是,则在预置的控制数据库中查找VXLAN解封装规则;If so, look for VXLAN decapsulation rules in the preset control database;
    调用网卡硬件下发规则接口向所述接收到VXLAN解封装命令的虚拟网口下发所述VXLAN解封装规则;Calling the network card hardware delivery rule interface to send the VXLAN decapsulation rule to the virtual network port that received the VXLAN decapsulation command;
    所述虚拟网口根据所述VXLAN解封装规则对所述VXLAN解封装命令中对应的VXLAN数据隧道进行解封装。The virtual network port decapsulates the corresponding VXLAN data tunnel in the VXLAN decapsulation command according to the VXLAN decapsulation rule.
  6. 根据权利要求5所述的分布式路由方法,其中,在所述通过所述VXLAN数据隧道将所述数据包传输至所述目标端口之后,还包括:The distributed routing method according to claim 5, wherein, after transmitting the data packet to the target port through the VXLAN data tunnel, further comprising:
    获取虚拟机迁移指令,并提取所述虚拟机迁移指令中的原虚拟机和目标虚拟机编码;Obtaining a virtual machine migration instruction, and extracting codes of the original virtual machine and the target virtual machine in the virtual machine migration instruction;
    根据所述原虚拟机和目标虚拟机编码查找所述原虚拟机和所述目标虚拟机的网络位置;Finding the network locations of the original virtual machine and the target virtual machine according to the codes of the original virtual machine and the target virtual machine;
    将所述原虚拟机中的存储数据进行备份,通过网卡硬件下发的数据迁移命令创建传输通道;Backing up the stored data in the original virtual machine, and creating a transmission channel through a data migration command issued by the network card hardware;
    通过所述传输通道将备份的存储数据传输至目标虚拟机中。The backup storage data is transmitted to the target virtual machine through the transmission channel.
  7. 一种分布式路由设备,包括存储器、处理器及存储在所述存储器上并可在所述处理器上运行的计算机可读指令,所述处理器执行所述计算机可读指令时实现如下步骤:A distributed routing device, comprising a memory, a processor, and computer-readable instructions stored on the memory and operable on the processor, and the processor implements the following steps when executing the computer-readable instructions:
    接收数据发送指令,提取所述数据发送指令中的数据包,并将所述数据包转发至主机内核中;receiving a data sending instruction, extracting a data packet in the data sending instruction, and forwarding the data packet to the host kernel;
    提取所述数据发送指令的来源端口和目标端口,并查询预置的关联规则中与所述来源端口关联的虚拟网口;Extracting the source port and target port of the data sending instruction, and querying the virtual network port associated with the source port in the preset association rules;
    将所述数据包通过所述虚拟网口转发至对应的物理网口中;Forwarding the data packet to the corresponding physical network port through the virtual network port;
    提取所述数据包的数据信息,根据所述数据信息从所述主机内核中查找对应的数据转发流表,其中,所述数据转发流表用于指示所述物理网口和目标端口之间的转发规则;extracting the data information of the data packet, and searching for a corresponding data forwarding flow table from the host kernel according to the data information, wherein the data forwarding flow table is used to indicate the connection between the physical network port and the target port Forwarding rules;
    根据所述数据转发流表和所述数据信息进行VXLAN封装,得到VXLAN数据隧道,并通过所述VXLAN数据隧道将所述数据包传输至所述目标端口。Perform VXLAN encapsulation according to the data forwarding flow table and the data information to obtain a VXLAN data tunnel, and transmit the data packet to the target port through the VXLAN data tunnel.
  8. 根据权利要求7所述的分布式路由设备,其中,所述接收数据发送指令,提取所述数据发送指令中的数据包,并将所述数据包转发至主机内核中包括:The distributed routing device according to claim 7, wherein the receiving the data sending instruction, extracting the data packet in the data sending instruction, and forwarding the data packet to the host kernel comprises:
    检查虚拟机用户控件内是否有进程通过socket发送数据包发送指令;Check whether there is a process in the virtual machine user control to send a packet sending instruction through the socket;
    若是,则接收数据发送指令,提取所述数据发送指令中的数据包,将所述数据包在虚拟机的virtio驱动中通过ring发送到Host主机内核中。If so, receive the data sending instruction, extract the data packet in the data sending instruction, and send the data packet to the Host host kernel through the ring in the virtio driver of the virtual machine.
  9. 根据权利要求7或8所述的分布式路由设备,其中,在所述接收数据发送指令,提取所述数据发送指令中的数据包,并将所述数据包转发至主机内核中之前,还包括:The distributed routing device according to claim 7 or 8, wherein, before receiving the data sending instruction, extracting the data packet in the data sending instruction, and forwarding the data packet to the host kernel, further comprising: :
    在主机上安装Open vSwitch管理工具;Install the Open vSwitch management tool on the host;
    判断Open vSwitch数据路径上是否有新的虚拟端口被创建;Determine whether a new virtual port is created on the Open vSwitch data path;
    若有,则获取所述虚拟端口编码,按照预置的分配规则根据所述虚拟端口编码分配虚拟网口,得到所述关联规则。If so, the virtual port code is obtained, and the virtual network port is allocated according to the virtual port code according to a preset allocation rule to obtain the association rule.
  10. 根据权利要求9所述的分布式路由设备,其中,在所述通过所述VXLAN数据隧道将所述数据包传输至所述目标端口之后,还包括:The distributed routing device according to claim 9, wherein, after transmitting the data packet to the target port through the VXLAN data tunnel, further comprising:
    检测是否有虚拟网口接收到流表卸载的TC命令;Detect whether a virtual network port has received the TC command for flow table offloading;
    若是,则在预置的控制数据库中查找流表卸载规则;If so, look for flow table offload rules in the preset control database;
    调用网卡硬件的规则下发接口向所述接收到流表卸载命令的虚拟网口下发所述流表卸载规则;Calling the rule delivery interface of the network card hardware to deliver the flow table offloading rule to the virtual network port that has received the flow table offloading command;
    所述虚拟网口根据所述流表卸载规则对所述流表卸载TC命令中对应的数据转发流表进行卸载。The virtual network port unloads the corresponding data forwarding flow table in the flow table unloading TC command according to the flow table offloading rule.
  11. 根据权利要求10所述的分布式路由设备,其中,在所述通过所述VXLAN数据隧道将所述数据包传输至所述目标端口之后,还包括:The distributed routing device according to claim 10, wherein, after transmitting the data packet to the target port through the VXLAN data tunnel, further comprising:
    检测是否接收到VXLAN解封装命令;Detect whether a VXLAN decapsulation command is received;
    若是,则在预置的控制数据库中查找VXLAN解封装规则;If so, look for VXLAN decapsulation rules in the preset control database;
    调用网卡硬件下发规则接口向所述接收到VXLAN解封装命令的虚拟网口下发所述VXLAN解封装规则;Calling the network card hardware delivery rule interface to send the VXLAN decapsulation rule to the virtual network port that received the VXLAN decapsulation command;
    所述虚拟网口根据所述VXLAN解封装规则对所述VXLAN解封装命令中对应的VXLAN数据隧道进行解封装。The virtual network port decapsulates the corresponding VXLAN data tunnel in the VXLAN decapsulation command according to the VXLAN decapsulation rule.
  12. 根据权利要求11所述的分布式路由设备,其中,在所述通过所述VXLAN数据隧道将所述数据包传输至所述目标端口之后,还包括:The distributed routing device according to claim 11, wherein, after transmitting the data packet to the target port through the VXLAN data tunnel, further comprising:
    获取虚拟机迁移指令,并提取所述虚拟机迁移指令中的原虚拟机和目标虚拟机编码;Obtaining a virtual machine migration instruction, and extracting codes of the original virtual machine and the target virtual machine in the virtual machine migration instruction;
    根据所述原虚拟机和目标虚拟机编码查找所述原虚拟机和所述目标虚拟机的网络位置;Finding the network locations of the original virtual machine and the target virtual machine according to the codes of the original virtual machine and the target virtual machine;
    将所述原虚拟机中的存储数据进行备份,通过网卡硬件下发的数据迁移命令创建传输通道;Backing up the stored data in the original virtual machine, and creating a transmission channel through a data migration command issued by the network card hardware;
    通过所述传输通道将备份的存储数据传输至目标虚拟机中。The backup storage data is transmitted to the target virtual machine through the transmission channel.
  13. 一种计算机可读存储介质,所述计算机可读存储介质中存储计算机指令,当所述计算机指令在计算机上运行时,使得计算机执行如下步骤:A computer-readable storage medium, wherein computer instructions are stored in the computer-readable storage medium, and when the computer instructions are run on the computer, the computer is made to perform the following steps:
    接收数据发送指令,提取所述数据发送指令中的数据包,并将所述数据包转发至主机内核中;receiving a data sending instruction, extracting a data packet in the data sending instruction, and forwarding the data packet to the host kernel;
    提取所述数据发送指令的来源端口和目标端口,并查询预置的关联规则中与所述来源端口关联的虚拟网口;Extracting the source port and target port of the data sending instruction, and querying the virtual network port associated with the source port in the preset association rules;
    将所述数据包通过所述虚拟网口转发至对应的物理网口中;Forwarding the data packet to the corresponding physical network port through the virtual network port;
    提取所述数据包的数据信息,根据所述数据信息从所述主机内核中查找对应的数据转发流表,其中,所述数据转发流表用于指示所述物理网口和目标端口之间的转发规则;extracting the data information of the data packet, and searching for a corresponding data forwarding flow table from the host kernel according to the data information, wherein the data forwarding flow table is used to indicate the connection between the physical network port and the target port Forwarding rules;
    根据所述数据转发流表和所述数据信息进行VXLAN封装,得到VXLAN数据隧道,并通过所述VXLAN数据隧道将所述数据包传输至所述目标端口。Perform VXLAN encapsulation according to the data forwarding flow table and the data information to obtain a VXLAN data tunnel, and transmit the data packet to the target port through the VXLAN data tunnel.
  14. 根据权利要求13所述的计算机可读存储介质,其中,所述接收数据发送指令,提取所述数据发送指令中的数据包,并将所述数据包转发至主机内核中包括:The computer-readable storage medium according to claim 13, wherein the receiving the data sending instruction, extracting the data packet in the data sending instruction, and forwarding the data packet to the host kernel comprises:
    检查虚拟机用户控件内是否有进程通过socket发送数据包发送指令;Check whether there is a process in the virtual machine user control to send a packet sending instruction through the socket;
    若是,则接收数据发送指令,提取所述数据发送指令中的数据包,将所述数据包在虚拟机的virtio驱动中通过ring发送到Host主机内核中。If so, receive the data sending instruction, extract the data packet in the data sending instruction, and send the data packet to the Host host kernel through the ring in the virtio driver of the virtual machine.
  15. 根据权利要求13或14所述的计算机可读存储介质,其中,在所述接收数据发送指令,提取所述数据发送指令中的数据包,并将所述数据包转发至主机内核中之前,还包括:The computer-readable storage medium according to claim 13 or 14, wherein, before receiving the data sending instruction, extracting the data packet in the data sending instruction, and forwarding the data packet to the host core, further include:
    在主机上安装Open vSwitch管理工具;Install the Open vSwitch management tool on the host;
    判断Open vSwitch数据路径上是否有新的虚拟端口被创建;Determine whether a new virtual port is created on the Open vSwitch data path;
    若有,则获取所述虚拟端口编码,按照预置的分配规则根据所述虚拟端口编码分配虚拟网口,得到所述关联规则。If so, the virtual port code is obtained, and the virtual network port is allocated according to the virtual port code according to a preset allocation rule to obtain the association rule.
  16. 根据权利要求15所述的计算机可读存储介质,其中,在所述通过所述VXLAN数据隧道将所述数据包传输至所述目标端口之后,还包括:The computer-readable storage medium according to claim 15, wherein, after transmitting the data packet to the target port through the VXLAN data tunnel, further comprising:
    检测是否有虚拟网口接收到流表卸载的TC命令;Detect whether a virtual network port has received the TC command for flow table offloading;
    若是,则在预置的控制数据库中查找流表卸载规则;If so, look for flow table offload rules in the preset control database;
    调用网卡硬件的规则下发接口向所述接收到流表卸载命令的虚拟网口下发所述流表卸载规则;Calling the rule delivery interface of the network card hardware to deliver the flow table offloading rule to the virtual network port that has received the flow table offloading command;
    所述虚拟网口根据所述流表卸载规则对所述流表卸载TC命令中对应的数据转发流表进行卸载。The virtual network port unloads the corresponding data forwarding flow table in the flow table unloading TC command according to the flow table offloading rule.
  17. 根据权利要求16所述的计算机可读存储介质,其中,在所述通过所述VXLAN数据隧道将所述数据包传输至所述目标端口之后,还包括:The computer-readable storage medium according to claim 16, wherein, after transmitting the data packet to the target port through the VXLAN data tunnel, further comprising:
    检测是否接收到VXLAN解封装命令;Detect whether a VXLAN decapsulation command is received;
    若是,则在预置的控制数据库中查找VXLAN解封装规则;If so, look for VXLAN decapsulation rules in the preset control database;
    调用网卡硬件下发规则接口向所述接收到VXLAN解封装命令的虚拟网口下发所述VXLAN解封装规则;Calling the network card hardware delivery rule interface to send the VXLAN decapsulation rule to the virtual network port that received the VXLAN decapsulation command;
    所述虚拟网口根据所述VXLAN解封装规则对所述VXLAN解封装命令中对应的VXLAN数据隧道进行解封装。The virtual network port decapsulates the corresponding VXLAN data tunnel in the VXLAN decapsulation command according to the VXLAN decapsulation rule.
  18. 根据权利要求17所述的计算机可读存储介质,其中,在所述通过所述VXLAN数据隧道将所述数据包传输至所述目标端口之后,还包括:The computer-readable storage medium according to claim 17, wherein, after transmitting the data packet to the target port through the VXLAN data tunnel, further comprising:
    获取虚拟机迁移指令,并提取所述虚拟机迁移指令中的原虚拟机和目标虚拟机编码;Obtaining a virtual machine migration instruction, and extracting codes of the original virtual machine and the target virtual machine in the virtual machine migration instruction;
    根据所述原虚拟机和目标虚拟机编码查找所述原虚拟机和所述目标虚拟机的网络位置;Finding the network locations of the original virtual machine and the target virtual machine according to the codes of the original virtual machine and the target virtual machine;
    将所述原虚拟机中的存储数据进行备份,通过网卡硬件下发的数据迁移命令创建传输通道;Backing up the stored data in the original virtual machine, and creating a transmission channel through a data migration command issued by the network card hardware;
    通过所述传输通道将备份的存储数据传输至目标虚拟机中。The backup storage data is transmitted to the target virtual machine through the transmission channel.
  19. 一种分布式路由装置,其中,所述分布式路由装置包括:A distributed routing device, wherein the distributed routing device includes:
    接收模块,用于接收数据发送指令,提取所述数据发送指令中的数据包,并将所述数据包转发至主机内核中;A receiving module, configured to receive a data sending instruction, extract a data packet in the data sending instruction, and forward the data packet to the host kernel;
    提取模块,用于提取所述数据发送指令的来源端口和目标端口,并查询预置的关联规则中与所述来源端口关联的虚拟网口;An extraction module, configured to extract the source port and target port of the data sending instruction, and query the virtual network port associated with the source port in the preset association rules;
    转发模块,用于将所述数据包通过所述虚拟网口转发至对应的物理网口中;A forwarding module, configured to forward the data packet to a corresponding physical network port through the virtual network port;
    流表查找模块,用于提取所述数据包的数据信息,根据所述数据信息从所述主机内核中查找对应的数据转发流表,其中,所述数据转发流表用于指示所述物理网口和目标端口之间的转发规则;A flow table lookup module, configured to extract data information of the data packet, and search for a corresponding data forwarding flow table from the host kernel according to the data information, wherein the data forwarding flow table is used to indicate that the physical network Forwarding rules between port and target port;
    传输模块,用于根据所述数据转发流表和所述数据信息进行VXLAN封装,得到VXLAN数据隧道,并通过所述VXLAN数据隧道将所述数据包传输至所述目标端口。The transmission module is configured to perform VXLAN encapsulation according to the data forwarding flow table and the data information to obtain a VXLAN data tunnel, and transmit the data packet to the target port through the VXLAN data tunnel.
  20. 根据权利要求19所述的分布式路由装置,其中,所述接收模块包括:The distributed routing device according to claim 19, wherein the receiving module comprises:
    检查单元,用于检查虚拟机用户控件内是否有进程通过socket发送数据包发送指令;The checking unit is used to check whether there is a process in the virtual machine user control to send a data packet sending instruction through the socket;
    传输单元,用于若是,则接收数据发送指令,提取所述数据发送指令中的数据包,将所述数据包在虚拟机的virtio驱动中通过ring发送到Host主机内核中。The transmission unit is configured to, if yes, receive the data sending instruction, extract the data packet in the data sending instruction, and send the data packet to the Host host kernel through the ring in the virtio driver of the virtual machine.
PCT/CN2022/071687 2021-07-23 2022-01-13 Distributed routing method and apparatus, device, and storage medium WO2023000630A1 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
CN202110835453.6 2021-07-23
CN202110835453.6A CN113595905B (en) 2021-07-23 2021-07-23 Distributed routing method, device, equipment and storage medium

Publications (1)

Publication Number Publication Date
WO2023000630A1 true WO2023000630A1 (en) 2023-01-26

Family

ID=78249233

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2022/071687 WO2023000630A1 (en) 2021-07-23 2022-01-13 Distributed routing method and apparatus, device, and storage medium

Country Status (2)

Country Link
CN (1) CN113595905B (en)
WO (1) WO2023000630A1 (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN116506355A (en) * 2023-06-27 2023-07-28 珠海星云智联科技有限公司 Processing method for unloading flow chart storage and related device

Families Citing this family (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN113595905B (en) * 2021-07-23 2022-11-29 平安科技(深圳)有限公司 Distributed routing method, device, equipment and storage medium

Citations (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20160232019A1 (en) * 2015-02-09 2016-08-11 Broadcom Corporation Network Interface Controller with Integrated Network Flow Processing
US20180083876A1 (en) * 2016-09-20 2018-03-22 Radisys Corporation Optimization of multi-table lookups for software-defined networking systems
US20180300244A1 (en) * 2013-12-13 2018-10-18 Nicira, Inc. Dynamically adjusting the number of flows allowed in a flow table cache
CN109660443A (en) * 2018-12-26 2019-04-19 江苏省未来网络创新研究院 Physical equipment and virtual network communication method and system based on SDN
CN111131037A (en) * 2019-12-27 2020-05-08 网易(杭州)网络有限公司 Data transmission method, device, medium and electronic equipment based on virtual gateway
CN111817961A (en) * 2020-08-06 2020-10-23 平安科技(深圳)有限公司 Open vSwitch kernel flow table-based distributed routing method and device in Overlay network
CN113595905A (en) * 2021-07-23 2021-11-02 平安科技(深圳)有限公司 Distributed routing method, device, equipment and storage medium

Family Cites Families (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN104601472B (en) * 2015-02-04 2017-11-03 盛科网络(苏州)有限公司 The method and message handling system of VXLAN gateways distribution route are realized in the chips

Patent Citations (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20180300244A1 (en) * 2013-12-13 2018-10-18 Nicira, Inc. Dynamically adjusting the number of flows allowed in a flow table cache
US20160232019A1 (en) * 2015-02-09 2016-08-11 Broadcom Corporation Network Interface Controller with Integrated Network Flow Processing
US20180083876A1 (en) * 2016-09-20 2018-03-22 Radisys Corporation Optimization of multi-table lookups for software-defined networking systems
CN109660443A (en) * 2018-12-26 2019-04-19 江苏省未来网络创新研究院 Physical equipment and virtual network communication method and system based on SDN
CN111131037A (en) * 2019-12-27 2020-05-08 网易(杭州)网络有限公司 Data transmission method, device, medium and electronic equipment based on virtual gateway
CN111817961A (en) * 2020-08-06 2020-10-23 平安科技(深圳)有限公司 Open vSwitch kernel flow table-based distributed routing method and device in Overlay network
CN113595905A (en) * 2021-07-23 2021-11-02 平安科技(深圳)有限公司 Distributed routing method, device, equipment and storage medium

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN116506355A (en) * 2023-06-27 2023-07-28 珠海星云智联科技有限公司 Processing method for unloading flow chart storage and related device
CN116506355B (en) * 2023-06-27 2023-09-05 珠海星云智联科技有限公司 Processing method for unloading flow chart storage and related device

Also Published As

Publication number Publication date
CN113595905B (en) 2022-11-29
CN113595905A (en) 2021-11-02

Similar Documents

Publication Publication Date Title
CN110710168B (en) Intelligent thread management across isolated network stacks
US11381520B2 (en) System and method for supporting node role attributes in a high performance computing environment
US10560318B2 (en) System and method for correlating fabric-level group membership with subnet-level partition membership in a high-performance computing environment
WO2023000630A1 (en) Distributed routing method and apparatus, device, and storage medium
US9935920B2 (en) Virtualization gateway between virtualized and non-virtualized networks
EP3031179B1 (en) Switch clusters having layer-3 distributed router functionality
KR100992050B1 (en) Method and system for protocol offload and direct i/o with i/o sharing in a virtualized network environment
US8769040B2 (en) Service providing system, a virtual machine server, a service providing method, and a program thereof
US8331362B2 (en) Methods and apparatus for distributed dynamic network provisioning
US8565118B2 (en) Methods and apparatus for distributed dynamic network provisioning
TWI598746B (en) Server systems and computer-implemented method for providing flexible hard-disk drive (hdd) and solid-state drive (ssd) support in a computing system
US9385912B1 (en) Framework for stateless packet tunneling
WO2012174980A1 (en) Virtual router system and virtual router implementation method
US8711864B1 (en) System and method for supporting fibre channel over ethernet communication
US9584481B2 (en) Host providing system and communication control method
CN104579695A (en) Data forwarding device and method
CN104580011A (en) Data forwarding device and method
JP2014096675A (en) Communication apparatus and setting method
CN104221331A (en) Layer 2 packet switching without look-up table for ethernet switches
WO2015003295A1 (en) Communication method, device and system in virtual domain
WO2023050667A1 (en) Method and system for implementing bare metal inspection process, device, and storage medium
CN105446797A (en) Virtual machine access service method
WO2023019877A1 (en) Security protection method, apparatus and device for network host, and storage medium
JP2005100194A (en) Server device multiply belonging to two or more user closed network
JP7212158B2 (en) Provider network service extension

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 22844804

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE