CN104717081B - The implementation method and device of a kind of gateway function - Google Patents
The implementation method and device of a kind of gateway function Download PDFInfo
- Publication number
- CN104717081B CN104717081B CN201310684671.XA CN201310684671A CN104717081B CN 104717081 B CN104717081 B CN 104717081B CN 201310684671 A CN201310684671 A CN 201310684671A CN 104717081 B CN104717081 B CN 104717081B
- Authority
- CN
- China
- Prior art keywords
- server
- rule
- virtual machine
- gateway
- subnet
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
- 238000000034 method Methods 0.000 title claims abstract description 79
- 238000013507 mapping Methods 0.000 claims description 36
- 238000001514 detection method Methods 0.000 claims description 28
- 230000005012 migration Effects 0.000 claims description 27
- 238000013508 migration Methods 0.000 claims description 27
- 230000005540 biological transmission Effects 0.000 claims description 15
- 238000003860 storage Methods 0.000 claims description 14
- 238000007689 inspection Methods 0.000 claims description 11
- 238000004891 communication Methods 0.000 abstract description 39
- 238000007726 management method Methods 0.000 description 140
- 230000006870 function Effects 0.000 description 139
- 239000011800 void material Substances 0.000 description 12
- 101000746134 Homo sapiens DNA endonuclease RBBP8 Proteins 0.000 description 9
- 101000969031 Homo sapiens Nuclear protein 1 Proteins 0.000 description 9
- 102100021133 Nuclear protein 1 Human genes 0.000 description 9
- 230000008569 process Effects 0.000 description 6
- 238000009826 distribution Methods 0.000 description 5
- 230000008859 change Effects 0.000 description 4
- 238000010168 coupling process Methods 0.000 description 3
- 238000005859 coupling reaction Methods 0.000 description 3
- 238000010586 diagram Methods 0.000 description 3
- 230000006978 adaptation Effects 0.000 description 2
- 230000008878 coupling Effects 0.000 description 2
- 238000005516 engineering process Methods 0.000 description 2
- 230000003993 interaction Effects 0.000 description 2
- 238000013439 planning Methods 0.000 description 2
- 238000000926 separation method Methods 0.000 description 2
- 238000011144 upstream manufacturing Methods 0.000 description 2
- UHLRPXXFPYMCAE-UHFFFAOYSA-N 4-isopropylcalix[4]arene Chemical compound C1C(C=2O)=CC(C(C)C)=CC=2CC(C=2O)=CC(C(C)C)=CC=2CC(C=2O)=CC(C(C)C)=CC=2CC2=CC(C(C)C)=CC1=C2O UHLRPXXFPYMCAE-UHFFFAOYSA-N 0.000 description 1
- 230000004888 barrier function Effects 0.000 description 1
- 238000006243 chemical reaction Methods 0.000 description 1
- 230000007423 decrease Effects 0.000 description 1
- 238000010304 firing Methods 0.000 description 1
- 238000004519 manufacturing process Methods 0.000 description 1
- 238000012856 packing Methods 0.000 description 1
- 238000012545 processing Methods 0.000 description 1
- 230000001915 proofreading effect Effects 0.000 description 1
- 230000004044 response Effects 0.000 description 1
- 238000012360 testing method Methods 0.000 description 1
Landscapes
- Data Exchanges In Wide-Area Networks (AREA)
Abstract
Embodiments of the invention provide a kind of implementation method and device of gateway function, are related to communication technical field, it is possible to increase communication efficiency and communication stability between virtual machine and main frame.This method includes:Server receives the first request message that management node is sent, the first routing iinformation of the first gateway and the first detected rule of first gateway are carried in first request message, first request message is used to create first gateway on the virtual switch of request server in the server;Server obtains the first routing iinformation and the first detected rule according to the first request message;Server generates the first routing rule and the second detected rule according to the first routing iinformation and the first detected rule;Server realizes the function of the first gateway by virtual switch according to the first routing rule and the second detected rule.
Description
Technical field
The present invention relates to the implementation method and device of communication technical field, more particularly to a kind of gateway function.
Background technology
, can be by corresponding between the virtual machine in a subnet and the main frame in another subnet in virtualization system
Virtual gateway is communicated, wherein, main frame can include physical host and virtual machine.At present, virtualization system can include more
Individual server, at least one virtual machine can be run on each server, wherein, each virtual machine only belongs to the virtualization system
In some subnet.
In the prior art, when creating a subnet, it is also desirable to create a gateway corresponding with the subnet.Specifically can be with
By creating a virtual machine on some server in virtualization system, and when adding the subnet, by the net of the subnet
Pass is configured on a virtual network interface, while is connect using a separate interface of the virtual machine as the up of gateway
Mouthful, and the routing iinformation of reception is generated into routing rule, and the routing rule is configured on the virtual machine, i.e., in virtual machine
On realize gateway function, the virtual machine in the subnet on the Servers-all in the virtualization system all realizes gateway by this
The virtual machine of function is communicated.
However, the above-mentioned method for realizing gateway function, on the one hand, due to by the virtual machine forwarding number for realizing gateway function
According to the performance of bag and this realize gateway function virtual machine bandwidth limitation, therefore cause between source virtual machine and destination host
Communication efficiency is relatively low, wherein, destination host can include target physical main frame and target virtual machine;On the other hand, if gateway institute
Server fail, then by all virtual machines of the gateway communication can not proper communication, so as to cause source void
The interruption to be communicated between plan machine and destination host.
The content of the invention
Embodiments of the invention provide a kind of implementation method and device of gateway function, it is possible to increase virtual machine and main frame it
Between communication efficiency and communication stability.
To reach above-mentioned purpose, embodiments of the invention adopt the following technical scheme that:
In a first aspect, embodiments of the invention provide a kind of implementation method of gateway function, including:
Server receives the first request message that management node is sent, and the first gateway is carried in first request message
First detected rule of the first routing iinformation and first gateway, first request message are used to ask the server to exist
First gateway is created on virtual switch in the server;
The server obtains first routing iinformation and the first detection rule according to first request message
Then;
The server generates the first routing rule and the according to first routing iinformation and first detected rule
Two detected rules;
The server is real by the virtual switch according to first routing rule and second detected rule
The function of existing first gateway.
In the first possible implementation of first aspect, the server is according to first routing iinformation and institute
The first detected rule is stated, the first routing rule is generated and the second detected rule specifically includes:
The server generates the first via corresponding with first routing iinformation according to first routing iinformation
By rule and the first Route Distinguisher;
First Route Distinguisher is added in first detected rule by the server, to generate second inspection
Gauge is then.
With reference to the first possible implementation of foregoing first aspect or first aspect, in second of possible realization
In mode, first gateway and first routing rule are gateway corresponding with the first subnet and routing rule,
Wherein, the server passes through the virtual friendship according to first routing rule and second detected rule
The method for the function of realizing first gateway of changing planes, including:
The server receives source virtual machine by the virtual switch and sent to the packet of destination host, the number
According to the address information and the address information of the destination host for including the source virtual machine, wherein, the source virtual machine is by institute
State the first subnet and service is provided, the destination host provides service by the second subnet;
The server is according to the address information of the source virtual machine, the address information of the destination host and described second
Detected rule, determine the mark of first subnet and the mark of second subnet;
If the mark of first subnet is different from the mark of second subnet, the server is then according to described first
Routing rule, the packet is forwarded.
With reference to second of possible implementation of first aspect, in the third possible implementation, the service
After device determines the mark of first subnet and the mark of second subnet, methods described also includes:
If the mark of first subnet is identical with the mark of second subnet, the server is then according to described second
Detected rule forwards to the packet.
With reference to the third possible implementation of first aspect, in the 4th kind of possible implementation, the target
The address information of main frame includes the internet protocol address of the destination host,
Wherein, if the mark of first subnet is identical with the mark of second subnet, the server is then according to institute
State before the second detected rule forwards to the packet, methods described also includes:
The server is according to the IP address of the destination host, in the first address of cache corresponding with the source virtual machine
The MAC address of the destination host corresponding with the IP address of the destination host is searched in table;
If the server does not find the MAC Address of the destination host in first address mapping table, described
Server then obtains the MAC Address of the destination host, and the MAC Address of the destination host is preserved to first address
Mapping table.
With reference to the 4th kind of possible implementation of first aspect, in the 5th kind of possible implementation, the service
Device forwards according to first routing rule to the packet;The server is according to second detected rule pair
The packet is forwarded, and is specifically included:
The server is according to the IP address of first routing rule/second detected rule, the destination host
And the MAC Address of the destination host, the packet is forwarded.
Second aspect, embodiments of the invention also provide a kind of implementation method of gateway function, including:
When creating the first virtual machine in first server, management node searches the first via in the first server
By rule and the second detected rule, first routing rule and second detected rule are corresponding with first virtual machine
The first gateway rule;
If the management node does not find first routing rule and second inspection in the first server
Then, the management node then sends the first request message to the first server to gauge so that the first server according to
First request message obtains the first routing iinformation and the first detected rule, and according to first routing iinformation and described the
One detected rule generates first routing rule and second detected rule, and according to first routing rule and institute
The second detected rule is stated, the function of first gateway is realized by the virtual switch in the first server, wherein, institute
State and first routing iinformation and first detected rule are carried in the first request message, first request message is used for please
The first server is asked to create first gateway on the virtual switch.
In the first possible implementation of second aspect, when there is virtual machine to be migrated in the first server
When, the virtual machine to be migrated is virtual machine corresponding with first gateway, and methods described also includes:
The management node determines at least one second server in server cluster;
The management node searches first routing rule and described second at least one second server
Detected rule;
If the management node finds first routing rule and described at least one second server
Second detected rule, the management node then by the virtual machine (vm) migration to be migrated in the first server to it is described at least
One second server.
With reference to the first possible implementation of second aspect, in second of possible implementation, the management
Node is described by after the virtual machine (vm) migration to be migrated in the first server at least one second server
Method also includes:
The management node determines whether there be do not migrate virtually corresponding with first gateway in the first server
Machine;
If the management node determines not migrate virtual machine without described in the first server, the management node then refers to
Show that the first server deletes first routing rule and second detected rule.
In the third possible implementation of second aspect, the management node is searched in the first server
After first routing rule and the second detected rule, methods described also includes:
If the management node finds first routing rule and second detection in the first server
Rule, the management node then indicate the first server according to first routing rule and second detected rule,
The function of first gateway is realized by the virtual switch.
The third aspect, embodiments of the invention provide a kind of server, including:
Receiving unit, the is carried for receiving the first request message of management node transmission, in first request message
First detected rule of the first routing iinformation of one gateway and first gateway, first request message are used to ask in institute
State and first gateway is created on the virtual switch in server;
Acquiring unit, for first request message received according to the receiving unit, obtain the first via by
Information and first detected rule;
Generation unit, for first routing iinformation obtained according to the acquiring unit and the first detection rule
Then, the first routing rule and the second detected rule are generated;
Unit is realized, for first routing rule generated according to the generation unit and the second detection rule
Then, the function of first gateway is realized by the virtual switch.
In the first possible implementation of the third aspect,
The generation unit, specifically for first routing iinformation obtained according to the acquiring unit, generation and institute
First routing rule and the first Route Distinguisher corresponding to the first routing iinformation are stated, and first Route Distinguisher is added
Into first detected rule, to generate second detected rule.
With reference to the first possible implementation of the foregoing third aspect or the third aspect, in second of possible realization
In mode, first gateway and first routing rule are gateway corresponding with the first subnet and routing rule,
Wherein, the server also includes determining unit;
The receiving unit, it is additionally operable to send to the data of destination host by virtual switch reception source virtual machine
Bag, the packet include the address information of the source virtual machine and the address information of the destination host, wherein, the source is empty
Plan machine provides service by first subnet, and the destination host provides service by the second subnet;
The determining unit, address information, the mesh for the source virtual machine that is received according to the receiving unit
Mark main frame address information and the generation unit generation second detected rule, determine first subnet mark and
The mark of second subnet;
It is described to realize unit, if being additionally operable to the mark and the described second son for first subnet that the determining unit determines
The mark of net is different, then first routing rule generated according to the generation unit, the packet is forwarded.
With reference to second of possible implementation of the third aspect, in the third possible implementation,
It is described to realize unit, it is additionally operable to determine the mark of first subnet and second subnet in the determining unit
Mark after, if first subnet mark it is identical with the mark of second subnet, according to the generation unit life
Into second detected rule packet is forwarded.
With reference to the third possible implementation of the third aspect, in the 4th kind of possible implementation,
The address information of the destination host includes the IP address of the destination host, wherein, the server also includes
Searching unit and storage unit;
The searching unit, if the mark of first subnet determined for the determining unit and second subnet
Mark it is identical, it is described to realize that unit then enters according to second detected rule to the packet that the receiving unit receives
Before row forwarding, the IP address of the destination host received according to the receiving unit, corresponding with the source virtual machine
The MAC Address of the destination host corresponding with the IP address of the destination host is searched in first address mapping table;
The acquiring unit, if be additionally operable to the searching unit does not find the mesh in first address mapping table
The MAC Address of main frame is marked, then obtains the MAC Address of the destination host;
The storage unit, the MAC Address of the destination host for the acquiring unit to be obtained are preserved to described
First address mapping table.
With reference to the 4th kind of possible implementation of the third aspect, in the 5th kind of possible implementation,
It is described to realize unit, specifically for first routing rule/described second generated according to the generation unit
The IP address of the destination host and the MAC Address of the destination host that detected rule, the acquiring unit obtain, to described
The packet that receiving unit receives is forwarded.
Fourth aspect, embodiments of the invention also provide a kind of management node, including:
Searching unit, for when creating the first virtual machine in first server, being searched in the first server
First routing rule and the second detected rule, first routing rule and second detected rule be with it is described first virtual
The rule of first gateway corresponding to machine;
Transmitting element, if not finding first routing rule in the first server for the searching unit
With second detected rule, then send the first request message to the first server so that the first server according to
First request message obtains the first routing iinformation and the first detected rule, and according to first routing iinformation and described the
One detected rule generates first routing rule and second detected rule, and according to first routing rule and institute
The second detected rule is stated, the function of first gateway is realized by the virtual switch in the first server, wherein, institute
State and first routing iinformation and first detected rule are carried in the first request message, first request message is used for please
The first server is asked to create first gateway on the virtual switch.
In the first possible implementation of fourth aspect, the management node also includes determining unit and migration is single
Member;
The determining unit, for when having virtual machine to be migrated in the first server, in server cluster really
Fixed at least one second server, wherein, the virtual machine to be migrated is virtual machine corresponding with first gateway;
The searching unit, it is additionally operable to search institute at least one second server that the determining unit determines
State the first routing rule and second detected rule;
Migration units, if finding the first via at least one second server for the searching unit
By regular and described second detected rule, then by the virtual machine (vm) migration to be migrated in the first server to it is described at least
One second server.
With reference to the first possible implementation of fourth aspect, in second of possible implementation, the management
Node also includes indicating member;
The determining unit, it is additionally operable to the virtual machine to be migrated in the first server in the migration units
Migrate at least one second server, determine whether to have in the first server corresponding with first gateway
Do not migrate virtual machine;
The indicating member, if determining not migrating virtually described in nothing in the first server for the determining unit
Machine, it indicates that the first server deletes first routing rule and second detected rule.
In the third possible implementation of fourth aspect,
The indicating member, if be additionally operable to the searching unit found in the first server first via by
Regular and described second detected rule, it indicates that the first server is according to first routing rule and second detection
Rule, the function of first gateway is realized by the virtual switch.
5th aspect, embodiments of the invention provide a kind of system of realizing of gateway function, including:At least one such as right
It is required that the server described in any one of 11-16, and the management node as described in claim any one of 17-20.
Embodiments of the invention provide a kind of implementation method and device of gateway function, and management node is received by server
The first request message sent, carry in first request message the first gateway the first routing iinformation and the first gateway first
Detected rule, first request message are used to create the first gateway on the virtual switch of request server in the server, and
The server obtains the first routing iinformation and the first detected rule, and the server is according to first according to the first request message
Routing iinformation and the first detected rule, generate the first routing rule and the second detected rule, finally the server according to this first
Routing rule and second detected rule, the function of the first gateway is realized by virtual switch.By the program, on the one hand by
The first routing rule and second detected rule are generated in server, the function of the first gateway is realized by virtual switch, from
And the limitation of the performance and the virtual machine bandwidth of the virtual machine forwarding packet for realizing gateway function in the prior art is avoided, because
This, improves the communication efficiency between virtual machine and main frame;On the other hand, because the program is every suitable for virtualization system
Individual server, therefore, gateway function corresponding with some subnet can be created on each server, so as to work as the subnet
During some interior server fail, other virtual machines in the subnet can still continue to communicate with main frame, and then improve
Communication stability between virtual machine and main frame.
Brief description of the drawings
Fig. 1 is the schematic diagram that gateway function is realized by virtual machine that prior art provides;
Fig. 2 is a kind of flow chart one of the implementation method of gateway function provided in an embodiment of the present invention;
Fig. 3 is the schematic diagram provided in an embodiment of the present invention that gateway function is realized by virtual switch;
Fig. 4 is a kind of flowchart 2 of the implementation method of gateway function provided in an embodiment of the present invention;
Fig. 5 is a kind of interaction figure one of the implementation method of gateway function provided in an embodiment of the present invention;
Fig. 6 is a kind of interaction figure two of the implementation method of gateway function provided in an embodiment of the present invention;
Fig. 7 is a kind of flow chart 3 of the implementation method of gateway function provided in an embodiment of the present invention;
Fig. 8 is a kind of flow chart four of the implementation method of gateway function provided in an embodiment of the present invention;
Fig. 9 is the structural representation one of server provided in an embodiment of the present invention;
Figure 10 is the structural representation two of server provided in an embodiment of the present invention;
Figure 11 is the structural representation three of server provided in an embodiment of the present invention;
Figure 12 is the structural representation four of server provided in an embodiment of the present invention;
Figure 13 is the structural representation one of management node provided in an embodiment of the present invention;
Figure 14 is the structural representation two of management node provided in an embodiment of the present invention;
Figure 15 is the structural representation three of management node provided in an embodiment of the present invention;
Figure 16 is the structural representation five of server provided in an embodiment of the present invention;
Figure 17 is the structural representation four of management node provided in an embodiment of the present invention;
Figure 18 realizes system block diagram for gateway function provided in an embodiment of the present invention.
Embodiment
The implementation method and device of a kind of gateway function provided below in conjunction with the accompanying drawings embodiments of the invention carry out detailed
Carefully describe.
In the prior art, when creating a subnet, a void is created on a server that can be in virtualization system
Plan machine, and realize gateway function by configuring the routing rule of the subnet on the virtual machine.So as in the virtualization system
Servers-all on the subnet in virtual machine can be communicated by realizing the virtual machine of gateway function.
Wherein, gateway is when using being communicated between different architecture or the network of agreement, there is provided Route Selection,
The facility of the Web-compatible function such as data exchange.
Specifically, between virtual machine and main frame in same subnet, and between virtual machine and main frame in different sub-network
During transmission packet, source virtual machine needs that the packet first sent into the interchanger to server, then by interchanger send to
Realize on the virtual machine of gateway function, finally by realizing that the packet is forwarded to by the virtual machine of gateway function by interchanger
Destination host.Wherein, source virtual machine provides service by the first subnet, and destination host provides service by the second subnet, i.e. source is virtual
Machine belongs to the first subnet, and destination host belongs to the second subnet.Exist simultaneously belonging to source virtual machine for example, working as on a server
Realized corresponding to first subnet and realize gateway function corresponding to the second subnet belonging to the virtual machine and destination host of gateway function
Virtual machine when, between source virtual machine and destination host during transmission packet, source virtual machine need to first by the packet send to
The packet is sent to corresponding with the first subnet belonging to source virtual machine realize net again by the interchanger on server, interchanger
On the virtual machine for closing function, realize that the packet is passed through the interchanger by the virtual machine of gateway function as corresponding to first subnet
It is forwarded on the virtual machine for realizing gateway function corresponding with the second subnet belonging to destination host, and by second subnet pair
The virtual machine for realizing gateway function answered, which is subcontracted the data by the interchanger, is forwarded to destination host.
Further, for example, between the virtual machine in different sub-network exemplified by transmission packet, as shown in figure 1,
In virtualization system, if the virtual machine 2 in server A in subnet 1 will be led to the virtual machine 6 in subnet in server B 2
Letter, then can create the virtual machine 1 for realizing gateway function on server, the gateway is gateway 1 corresponding to subnet 1, is being serviced
The virtual machine 4 for realizing gateway function is created on device B, the gateway is gateway 2 corresponding to subnet 2.In server A, in subnet 1
Virtual machine 2 sends packet to virtual switch 1, and the packet is sent to realizing the virtual of the function of gateway 1 by virtual switch 1
Machine 1, then the packet is forwarded to virtual switch 1 by virtual machine 1, and be forwarded to the packet by virtual switch 1
The upstream Interface of server A.In server B, server B receives the data that the upstream Interface from server A is sent
Bag, and the packet is forwarded to the virtual machine 4 for realizing the function of gateway 2 by virtual switch 2, then counted this by virtual machine 4
Virtual switch 2 is forwarded to according to bag, the virtual machine 6 being finally forwarded to again by virtual switch 2 in subnet 2, to realize server A
The communication between virtual machine 6 in virtual machine 2 and server B in middle subnet 1 in subnet 2.
Bandwidth of the above method due to being forwarded the performance of packet and the Microsoft Loopback Adapter of the virtual machine by the virtual machine
Limitation, therefore the communication efficiency between source virtual machine and destination host is relatively low;And if event occurs for the server where the virtual machine
Barrier, then all other main frames to be communicated by the virtual machine can not all carry out proper communication in virtualization system, so as to make
Into the communication disruption between source virtual machine and destination host.
Main frame can include physical host and virtual machine, in the embodiment of the present invention, using main frame as virtual machine instance, i.e. and target
Main frame is target virtual machine, and a kind of implementation method of gateway function provided in an embodiment of the present invention is described in detail.Can
With understanding, when main frame is physical host, the implementation method and main frame of a kind of gateway function provided in an embodiment of the present invention
For virtual machine when gateway function implementation method it is similar, it will not be described.
Embodiment one
Embodiments of the invention provide a kind of implementation method of gateway function, as shown in Fig. 2 this method is server side
The implementation method of gateway function, this method can include:
S101, server receive the first request message that management node is sent, and the first net is carried in first request message
The first routing iinformation and the first detected rule of first gateway closed, first request message are used for request server in the clothes
The first gateway is created on virtual switch in business device.
Management node is the node of network resource administration and virtual resource etc. in virtualization system.Management node can wrap
Include network resource management unit and virtual resource administrative unit.Management node can manage multiple services in virtualization system
Device, management node carry out Internet resources distribution and virtual resource allocation to the plurality of server, and with the plurality of server it
Between mutually carry out data and issuing and receiving, so as to realize that the scheduling of virtual network and virtual resource links.
Gateway can realize network interconnection in Internet, be most complicated network interconnection apparatus, network interconnection.Gateway can both be used
Interconnected in wide area network, can be used for local area network interconnection.Using different communication protocol, data format or language, or even body
During the entirely different two kinds of systems of architecture, gateway is repacked to the information received, with the need of adaptation to end system
Ask.
Some interfaces for separating main frame and router in the interconnection network being made up of router and main frame be present, these
Interface causes network to be divided into the network of several separation, and independent network endpoint can be connected by these interfaces.These independences
Network endpoint in each network endpoint be the system in a subnet.
Further, during user's planning network, network can be divided into many subnets, the division of subnet is by borrowing IP
(Internet Protocol, the agreement interconnected between network)Subnet address is served as in some main frame positions of address, so as to will
Former network is divided into some subnets.During user's subnet division, as subnet address borrows increasing for main frame position, the number of subnet
Increase therewith, and the available host position in each subnet gradually decreases.
In the embodiment of the present invention, above-mentioned main frame position can be expressed as virtual seat in the plane.
It should be noted that in virtualization system, the virtual machine in a subnet can be by corresponding with the subnet
Gateway is communicated with the virtual machine in another subnet.When creating first virtual machine in a subnet, server
Gateway corresponding with the subnet can be created by virtual switch.
The implementation method for the gateway function that embodiments of the invention provide is that gateway function is realized in virtualized environment,
Therefore the virtual gateway that can realize gateway function that the gateway created in the embodiment of the present invention refers to.Wherein, virtual gateway is in void
In planization system, user is the module that can realize gateway function of the subnet distribution in the virtualization system.
It should be noted that as shown in figure 3, on one server, can there is one or more virtual switches, the void
Intend exchanging the virtual machine that machine testing is connected with its virtual port progress logic, packet is transmitted to virtual machine.It is of the invention real
Shi Zhong, in virtualization system, the virtual switch used is the distributed virtual switch, each with management node management
The distributed virtual switch in server all be present, so that the virtual machine on server can enter across multiple servers
During row migration, it is ensured that its network configuration is consistent.
In the embodiment of the present invention, when on one server create a subnet in first virtual machine when, it is necessary to
Gateway corresponding with the subnet is created on the server, to realize the communication between first virtual machine and other virtual machines.
As shown in figure 3, in the implementation method of gateway function provided in an embodiment of the present invention, it can create and service on each server
Gateway corresponding to the subnet belonging to virtual machine on device.For example, server A is included in the subnet 1 that runs on server
Virtual machine 1, the virtual machine 2 in subnet 1, the virtual machine 3 in subnet 2, virtual switch 1 and gateway 1 corresponding with subnet 1
The corresponding gateway 2 with subnet 2.Server B is included in the virtual machine 5 in the subnet 1 run in server B, the void in subnet 2
Virtual machine 6, virtual switch 2 and gateway 1 corresponding with subnet 1 and gateway 2 corresponding with subnet 2 in plan machine 4, subnet 2.
So, in virtualization system, server A and server B in server cluster can pass through respective virtual switch respectively
On gateway, carry out the communication between virtual machine, and when server A breaks down, the virtual machine that is run in server B it is logical
Letter is unaffected, so as to improve the communication stability between the communication efficiency between virtual machine and virtual machine.
Server receives the first request message that management node is sent, and is created on the virtual switch in the server
First gateway, wherein, include in first request message the first gateway the first routing iinformation and first gateway first
Detected rule.
Inputted it should be noted that routing iinformation configures the first gateway for user, the route letter of first gateway
Breath determines after passing through the first virtual gateway that the next-hop of route, the first detected rule of first gateway can be virtual including source
The address information of machine, the address information of target virtual machine, mark of subnet etc..
S102, server obtain the first routing iinformation and the first detected rule according to first request message.
After server receives the first request message, server can obtain the first via by believing according to first request message
Breath and the first detected rule.
Specifically, the first routing iinformation and the first detection rule are carried in the first request message received due to server
Then, therefore server can obtain the first routing iinformation and the first detected rule from first request message.
S103, server generate the first routing rule and the second detection according to the first routing iinformation and the first detected rule
Rule.
After server obtains the first routing iinformation and the first detected rule, server can according to first routing iinformation and
First detected rule, generate the first routing rule and the second detected rule.
In the embodiment of the present invention, server is real by the first routing rule and the second detected rule on virtual switch
Existing gateway function.
It should be noted that server generates the first routing rule according to first routing iinformation and the first detected rule
It will be illustrated with the detailed step of the second detected rule in subsequent embodiment.
S104, server realize the first gateway according to the first routing rule and the second detected rule by virtual switch
Function.
After server generates the first routing rule and the second detected rule, server can be according to the first routing rule and the
Two detected rules, the function of the first gateway is realized by virtual switch.
It should be noted that when source virtual machine need to be communicated with target virtual machine, i.e., source virtual machine need to send packet
During to target virtual machine, it is assumed that the first gateway is gateway corresponding with source virtual machine, and source virtual machine can be sent out by first gateway
The packet is given to target virtual machine.Specifically, server can detect source void respectively according to the second detected rule of generation
The subnet information of the second subnet belonging to the subnet information and target virtual machine of the first subnet belonging to plan machine, and in second inspection
Gauge then in find Route Distinguisher corresponding with the subnet information of the subnet information of the first subnet and the second subnet, so as to server
The first routing rule corresponding with the first gateway can be found according to the Route Distinguisher, to determine that source virtual machine and target are empty
Access path between plan machine, and then server can be according to the access path found, the packet that source virtual machine is sent
By the first gateway forwards, target virtual machine is eventually sent to, so as to realize the function of the first gateway.
, can be by creating the first gateway in virtual switch in the server, to be handed in virtual machine in the embodiment of the present invention
The function of the first gateway is realized on changing planes.Wherein, the first gateway can correspond to a plurality of first routing rule, when source virtual machine needs to send out
When sending packet to target virtual machine, if having preserved the source in the first gateway corresponding with the first subnet belonging to source virtual machine
The first routing rule between virtual machine and target virtual machine, then server can be directly virtual by source according to first routing rule
The packet that machine is sent is sent to the first gateway created on virtual switch, and by first gateway it is upper preserve the
Two detected rules and the first routing rule, the access path between source virtual machine and target virtual machine is selected, and according to the visit
Footpath of asking the way forwards the packet to target virtual machine.
Embodiments of the invention also provide a kind of implementation method of gateway function, as shown in figure 4, this method is management node
The implementation method of the gateway function of side, this method can include:
S201, when creating the first virtual machine in first server, management node searches in the first server
One routing rule and the second detected rule, first routing rule and second detected rule are corresponding with the first virtual machine the
The rule of one gateway.
It should be noted that in virtualization system, the virtual machine in a subnet can be by corresponding with the subnet
Gateway is communicated with the virtual machine in another subnet.When creating first virtual machine in a subnet, server
Gateway corresponding with the subnet can be created by virtual switch.
When creating the first virtual machine in first server, management node searched in the first server first via by
Rule and the second detected rule, first routing rule and second detected rule are the first gateway corresponding with the first virtual machine
Rule.
It is understood that when creating the first virtual machine in first server, management node can first judge this
It whether there is the first gateway corresponding with the first subnet belonging to first virtual machine in one server, to determine whether at this
First gateway is created in first server.Because the implementation method of the gateway function of embodiments of the invention offer is virtual
Change in environment and realize gateway function, therefore the virtual net that can realize gateway function that the gateway created in the embodiment of the present invention refers to
Close, therefore, server realizes the first gateway by the rule of the first gateway corresponding with the first virtual machine on virtual switch
Function, i.e. the first routing rule and second detected rule constitute the first gateway.
, should if S202, the management node do not find the first routing rule and the second detected rule in first server
Management node then sends the first request message to first server, so that the first server obtains the according to the first request message
One routing iinformation and the first detected rule, and the first routing rule is generated according to first routing iinformation and first detected rule
With the second detected rule, and according to first routing rule and second detected rule, by virtual in first server
Interchanger realizes the function of the first gateway, wherein, the first routing iinformation and the first detected rule are carried in the first request message, should
First request message is used to ask first server to create the first gateway on virtual switch.
Management node searches the first routing rule and the second detected rule in the first server, if the management node exists
The first routing rule and the second detected rule are not found in first server, i.e., the management node is not in the first server
The first gateway is found, the management node then sends the first request message to first server, make it that the first server can
First routing iinformation and the first detected rule are obtained with the first request message sent according to management node, and make it that server can
To generate the first routing rule and the second detected rule according to first routing iinformation and first detected rule, and cause clothes
Device of being engaged in can realize the according to first routing rule and second detected rule by the virtual switch in first server
The function of one gateway.Wherein, the first routing iinformation and the first detected rule are carried in the first request message, first request message
For asking first server to create the first gateway on virtual switch.
It should be noted that carry the first routing iinformation and first in the first request message sent due to management node
Detected rule, therefore server can obtain the first routing iinformation and first from first request message of management node transmission
Detected rule.
Wherein, routing iinformation configures the first gateway for user and inputted, and the routing iinformation of first gateway is first
The routing information that gateway is forwarded, the first detected rule of first gateway can include address information, the mesh of source virtual machine
Mark address information, mark of subnet of virtual machine etc..
Embodiments of the invention provide a kind of implementation method of gateway function, receive what management node was sent by server
First request message, the first routing iinformation of the first gateway and the first detection rule of the first gateway are carried in first request message
Then, first request message is used to create the first gateway, and the service on the virtual switch of request server in the server
Device obtains the first routing iinformation and the first detected rule according to the first request message, and the server according to the first via by believing
Breath and the first detected rule, generate the first routing rule and the second detected rule, finally the server according to the first via by advising
Then with second detected rule, the function of the first gateway is realized by virtual switch.By the program, on the one hand due to service
Device generates the first routing rule and second detected rule, the function of the first gateway is realized by virtual switch, so as to avoid
The limitation of the performance and the virtual machine bandwidth of the virtual machine forwarding packet of gateway function is realized in the prior art, therefore, is carried
High communication efficiency between virtual machine and main frame;On the other hand, each clothes due to the program suitable for virtualization system
Business device, therefore, can create gateway function corresponding with some subnet on each server, so as to when in the subnet
During some server fail, other virtual machines in the subnet can still continue to communicate with main frame, and then improve virtual
Communication stability between machine and main frame.
Embodiment two
Embodiments of the invention provide a kind of implementation method of gateway function, as shown in figure 5, this method is server side
The implementation method of gateway function, this method can include:
S301, when creating the first virtual machine in first server, management node searches in the first server
One routing rule and the second detected rule, the first routing rule and the second detected rule are and first virtual machine corresponding first
The rule of gateway.
Management node is the node of network resource administration and virtual resource etc. in virtualization system.Management node can wrap
Include network resource management unit and virtual resource administrative unit.Management node can manage multiple services in virtualization system
Device, management node carry out Internet resources distribution and virtual resource allocation to the plurality of server, and with the plurality of server it
Between mutually carry out data and issuing and receiving, so as to realize that the scheduling of virtual network and virtual resource links.
Particularly, first server is that management node passes through scheduling of resource, in virtualized environment, a service of selection
Device.Specifically, some virtual machine created on which server in some subnet is determined by management node by scheduling of resource
It is fixed.
It should be noted that in virtualization system, the virtual machine in subnet can pass through gateway corresponding with the subnet
Communicated with the virtual machine in another subnet.When creating first virtual machine in a subnet, management node is looked into
Whether have with the subnet corresponding gateway, when management node is not found and the subnet pair on that server if looking on the server
During the gateway answered, server can create gateway corresponding with the subnet on its virtual switch.
Gateway can realize network interconnection in Internet, be most complicated network interconnection apparatus, network interconnection.Gateway can both be used
Interconnected in wide area network, can be used for local area network interconnection.Using different communication protocol, data format or language, or even body
During the entirely different two kinds of systems of architecture, gateway is repacked to the information received, with the need of adaptation to end system
Ask.
Some interfaces for separating main frame and router in the interconnection network being made up of router and main frame be present, these
Interface causes network to be divided into the network of several separation, and independent network endpoint can be connected by these interfaces.These independences
Network endpoint in each network endpoint be the system in a subnet.
Further, during user's planning network, network can be divided into many subnets, the division of subnet is by borrowing IP
Subnet address is served as in some main frame positions of address, so as to which former network is divided into some subnets.During user's subnet division,
As subnet address borrows increasing for main frame position, the number of subnet increases therewith, and the available host position in each subnet is gradual
Reduce.
In the embodiment of the present invention, above-mentioned main frame position can be expressed as virtual seat in the plane.
When creating the first virtual machine in first server, management node searched in the first server first via by
Rule and the second detected rule, first routing rule and second detected rule are the first gateway corresponding with the first virtual machine
Rule.
It is understood that when creating the first virtual machine in first server, management node can first judge this
It whether there is the first gateway corresponding with the first subnet belonging to first virtual machine in one server, to determine whether at this
First gateway is created in first server.Because the implementation method of the gateway function of embodiments of the invention offer is virtual
Change in environment and realize gateway function, therefore the virtual net that can realize gateway function that the gateway created in the embodiment of the present invention refers to
Close, i.e., server can realize the first gateway by the rule of the first gateway corresponding with the first virtual machine on virtual switch
Function, you can the function of the first gateway is realized by the first routing rule on virtual switch and the second detected rule.
Wherein, virtual gateway is in virtualization system, and user can be real for the subnet distribution in the virtualization system
The module of existing gateway function.
If S302, the management node do not find the first routing rule and the second detected rule in the first server,
The management node then sends the first request message to first server, wherein, the first via is carried in first request message by believing
Breath and the first detected rule, first request message are used to ask first server to create the first gateway on virtual switch.
Management node searches the first routing rule and the second detected rule in the first server, if the management node exists
The first routing rule and the second detected rule are not found in first server, i.e., the management node is not in the first server
The first gateway is found, the management node then sends the first request message to first server, wherein, taken in the first request message
The routing iinformation of band first and the first detected rule, first request message are used to ask first server to be created on virtual switch
Build the first gateway.
It should be noted that carry the first routing iinformation and first in the first request message sent due to management node
Detected rule, thus first server can from management node send first request message in, obtain the first routing iinformation and
First detected rule.
Wherein, routing iinformation configures the first gateway for user and inputted, and the routing iinformation of first gateway is first
The routing information that gateway is forwarded, the first detected rule of first gateway can include address information, the mesh of source virtual machine
Mark address information, mark of subnet of virtual machine etc..
It should be noted that on one server, can there is one or more virtual switches, the virtual switch machine examination
The virtual machine for carrying out logic with its virtual port and being connected is surveyed, packet is transmitted to virtual machine.During the present invention is implemented, virtual
In change system, the virtual switch used is the distributed virtual switch, in each server with management node management
In the presence of the distributed virtual switch so that virtual machine on server can when being migrated across multiple servers,
Ensure that its network configuration is consistent.
S303, first server obtain the first routing iinformation and the first detected rule according to first request message.
First server receive management node transmission the first request message after, first server can according to this first
Request message, the first gateway is created on virtual switch, wherein, include the first of the first gateway in first request message
First detected rule of routing iinformation and first gateway.
After first server receives the first request message, first server can obtain the according to first request message
One routing iinformation and the first detected rule.
Specifically, the first routing iinformation and the first detection are carried in the first request message received due to first server
Rule, therefore first server can obtain the first routing iinformation and the first detected rule from first request message.
S304, first server generate the first via corresponding with first routing iinformation by advising according to the first routing iinformation
Then with the first Route Distinguisher.
After first server obtains the first routing iinformation and the first detected rule from management node, first server
First routing rule and the first Route Distinguisher can be generated according to first routing iinformation.
Optionally, the first Route Distinguisher can use " routing table 1 " or " route table1 " are represented, can also use other
The mark of the first routing rule can be represented to represent.
First Route Distinguisher is added in the first detected rule by S305, first server, generates the second detected rule.
After first server generates the first Route Distinguisher, first server and by first Route Distinguisher added to this
In one detected rule, the second detected rule is generated.
In the embodiment of the present invention, server is real by the first routing rule and the second detected rule on virtual switch
Existing gateway function.
S306, first server realize first according to the first routing rule and the second detected rule by virtual switch
The function of gateway.
After first server generates the first routing rule and the second detected rule, first server can according to the first via by
Rule and the second detected rule, the function of the first gateway is realized by virtual switch.
It should be noted that when source virtual machine need to be communicated with target virtual machine, i.e., source virtual machine need to send packet
During to target virtual machine, it is assumed that the first gateway is gateway corresponding with source virtual machine, and source virtual machine can be sent out by first gateway
The packet is given to target virtual machine.Specifically, first server can find source respectively according to the second detected rule of generation
The subnet information of the second subnet belonging to the subnet information and target virtual machine of the first subnet belonging to virtual machine, and this second
Route Distinguisher corresponding with the subnet information of the subnet information of the first subnet and the second subnet is found in detected rule, so as to first
Server can find the first routing rule corresponding with the first gateway according to the Route Distinguisher, with determine source virtual machine and
Access path between target virtual machine, and then first server can be sent out source virtual machine according to the access path found
The packet sent passes through the first gateway forwards, is eventually sent to target virtual machine, it is achieved thereby that the function of the first gateway.
, can be by creating the first gateway in virtual switch in the server, to be handed in virtual machine in the embodiment of the present invention
The function of the first gateway is realized on changing planes.Wherein, the first gateway can correspond to a plurality of first routing rule, when source virtual machine needs to send out
When sending packet to target virtual machine, if having preserved the source in the first gateway corresponding with the first subnet belonging to source virtual machine
The first routing rule between virtual machine and target virtual machine, then server can be directly virtual by source according to first routing rule
The packet that machine is sent is sent to the first gateway created on virtual switch, and by first gateway it is upper preserve the
Two detected rules and the first routing rule, the access path between source virtual machine and target virtual machine is selected, and according to the visit
Footpath of asking the way forwards the packet to target virtual machine.
It should be noted that as shown in fig. 6, after S301, the realization side of gateway function provided in an embodiment of the present invention
Method also includes:
If S307, management node find the first routing rule and the second detected rule in first server, the management
Node then indicates that according to the first routing rule and the second detected rule, the first gateway is realized by virtual switch for first server
Function.
Management node searches the first routing rule and the second detected rule in the first server, if the management node exists
The first routing rule and the second detected rule are found in first server, i.e., the management node is searched in the first server
To the first gateway, the management node then indicates first server according to the first routing rule and the second detected rule, by virtual
Interchanger realizes the function of the first gateway.
Further, if as shown in fig. 7, the first gateway and the first routing rule are gateway corresponding with the first subnet and road
By rule, according to the first routing rule and the second detected rule, the first gateway then is realized by virtual switch for first server
The method of function can include:
S401, first server receive source virtual machine by virtual switch and sent to the packet of target virtual machine, should
Packet includes the address information of source virtual machine and the address information of target virtual machine, wherein, the source virtual machine is by the first subnet
Service is provided, the target virtual machine provides service by the second subnet.
It should be noted that when the source virtual machine run in first server is communicated with target virtual machine, first
Server by virtual switch receive by source virtual machine send packet, and by the packet by with source virtual machine institute
First gateway forwards corresponding to first subnet of category are gone out.
First server receives source virtual machine by virtual switch and sent to the packet of target virtual machine, the packet
In can include source virtual machine address information and target virtual machine address information, wherein, the source virtual machine is by the first subnet
Service is provided, the target virtual machine provides service by the second subnet, i.e. source virtual machine belongs to the first subnet, and target virtual machine belongs to
Second subnet.
Particularly, when the source virtual machine of first server is to target virtual machine transmission data, first server divides data
Section, and one piece of data is packaged into the packet with IP heads, data are sent in the form of packet.
Specifically, due to different network system and equipment, such as the data of Ethernet, packet switching network transmission is basic
The form of unit is different, therefore, can not be in communication with each other between different network system and equipment.And IP agreement is by software program
The protocol software of composition, various different " frames " can be uniformly converted into " IP packets " form by it, and this conversion can cause
All computers can on the internet be realized and communicated.
Further, packet is a kind of form of packet switch, i.e., the data sectional that equipment is sent is broken into " bag ", then
Send.Due to each " bag " broken into(Packet)All send as one " independent message ", therefore, be referred to as
" packet ".IP has the function of packet packing and set assembling, and each packet has header and the two parts of message, reports
The targetedly required content such as location information in head, to allow each packet to accurately arrive at purpose by different paths
Ground, and the data for being reduced into and sending originally are reconfigured in destination.Wherein, every number after to above-mentioned data sectional is passed through
IP heads are added respectively according to the header portion of bag, to cause these packets to form IP packets.
S402, first server are according to the address information of source virtual machine, the address information of target virtual machine and the second detection
Rule, determine the mark of the first subnet and the mark of the second subnet.
First server receives source virtual machine by virtual switch and sent to the packet of target virtual machine, and first
Server can obtain address information, the address information of target virtual machine of source virtual machine from the packet, and empty according to source
The address information of plan machine, the address information of target virtual machine and the second detected rule, determine the mark and the second son of the first subnet
The mark of net.
It should be noted that first server obtains the address information and destination virtual of source virtual machine from above-mentioned packet
The address information of machine is respectively the IP address of source virtual machine and the IP address of target virtual machine.
It should be noted that the mark of the first subnet and the second subnet are identified as the subnet that can be characterized belonging to virtual machine
Mark, the mark can be numeral mark, or word marking or alphabetic flag etc., the present invention be not restricted.
Specifically, first server is by the IP address of source virtual machine, the IP address of target virtual machine and the second detected rule
In source IP, target ip address matched respectively, so that it is determined that the mark and target of the first subnet belonging to source virtual machine
The mark of the second subnet belonging to virtual machine.
If the mark of S403, the first subnet is different from the mark of the second subnet, first server is then according to the first via by advising
Then, the IP address of target virtual machine, is forwarded to packet.
After first server determines the mark of the first subnet and the mark of the second subnet, if the mark of the first subnet and the
The mark of two subnets is different, and first server then according to the IP address of the first routing rule, target virtual machine, is carried out to packet
Forwarding forwards to packet.
It should be noted that it is the head Field Options in the second detected rule as shown in table 1, this Field Options include
Route Distinguisher, source MAC, destination-mac address, source IP address, the mark of target ip address and subnet, wherein, source IP address
For representing the IP address of source virtual machine;Target ip address is used for the IP address for representing target virtual machine.Specifically, first service
Device can be checked corresponding respectively with it in the second detected rule according to the IP address of source virtual machine and the IP address of target virtual machine
Subnet mark, i.e. the first subnet mark and the second subnet mark.
Table 1
Wherein, MAC(Media Access Control, media access control)Address or be hardware address, be for
Define the position of the network equipment.In OSI7 layer protocols, third layer Internet is responsible for IP address, and second layer data link layer is then
It is responsible for MAC Address.One main frame has an IP address, and each network site has a MAC Address for being specific to it.
Specifically, if the mark of the first subnet is different from the mark of the second subnet, first server is then according to the second detection
The first Route Distinguisher corresponding with source virtual machine in rule, then found and first Route Distinguisher pair by first Route Distinguisher
The first routing rule answered, and first server forwards then according to the first routing rule to packet.
Further, first server can abandon according to the second detected rule to packet.
In the embodiment of the present invention, source MAC is the MAC Address of source virtual machine, source IP address for source virtual machine IP
Location, destination-mac address are the MAC Address of the first gateway, and the IP address that target ip address is target virtual machine.Because source is empty
Intend confidential by the first gateway corresponding with the subnet belonging to source virtual machine, therefore, destination-mac address is first gateway
MAC Address.Specifically, the acquisition methods of the MAC Address of the first gateway carry out further part in the present embodiment in detail
Explanation.
Exemplary, it is assumed that the IP address of source virtual machine is A, and the IP address of target virtual machine is B, is source as shown in table 2
Second detected rule corresponding to virtual machine and target virtual machine difference, from Table 2, it can be seen that the first son belonging to source virtual machine
Net be identified as 1, the second subnet belonging to target virtual machine is identified as 2, due to 1 from 2 be different subnets mark, because
This, the mark of the first subnet is different from the mark of the second subnet, and now, first server can be in the second detected rule the
One Route Distinguisher-route 1 finds the first routing rule, and first server is further according to the first routing rule and the MAC of the first gateway
Address, above-mentioned packet is forwarded.Wherein, the first routing rule is as shown in table 3, and table 3 is with routeing the 1 corresponding first via
By rule.
Table 2
Table 3
It is by the first net it should be noted that when first server forwards above-mentioned packet by the first routing rule
The packet is sent to target virtual machine by the MAC Address of pass.Specifically, first server is first from the first via shown in table 3
By obtaining the response to the packet in rule, that is, forward.
In the embodiment of the present invention, targeted subnet is the subnet belonging to target virtual machine, and target port is target virtual machine institute
Server communication interface, source IP address be source virtual machine IP address, gateway be and belonging to source virtual machine first son
First gateway corresponding to net.
If the mark of S404, the first subnet is identical with the mark of the second subnet, first server is then according to target virtual machine
IP address, in the first address mapping table corresponding with source virtual machine search it is corresponding with the IP address of the target virtual machine this
The MAC Address of target virtual machine.
It should be noted that corresponding pass of the address mapping table between the IP address and the MAC Address of virtual machine of virtual machine
It is to have an address mapping table in each virtual machine, wherein, the first mapping table is the source virtual machine run in first server
IP address and the source virtual machine MAC between corresponding relation, and other are virtual with the source virtual machine communicate
Corresponding relation between the IP address of machine and the MAC Address of other virtual machines.
It is understood that because IP address is in third layer-Internet of OSI7 layer protocols, MAC Address is assisted in OSI7 layers
The second layer-data link layer of view, and virtual switch is the forwarding that packet is carried out by MAC Address, therefore, the first clothes
When the virtual machine in business device source sends packet to target virtual machine, the forwarding of virtual switch is first passed through, from the packet
The IP address of target virtual machine is obtained, and target void is searched in the first address mapping table according to the IP address of the target virtual machine
The MAC Address of plan machine, to carry out the forwarding of the packet by virtual switch, i.e. first server can be according to target virtual machine
IP address, in the first address mapping table corresponding with source virtual machine search it is corresponding with the IP address of the target virtual machine this
The MAC Address of target virtual machine.
After first server determines the mark of the first subnet and the mark of the second subnet, first server is then according to target
The IP address of virtual machine, the IP address pair with the target virtual machine is searched in the first address mapping table corresponding with source virtual machine
The MAC Address for the target virtual machine answered.
If S405 first servers do not find the MAC Address of target virtual machine in first address mapping table, first
Server then obtains the MAC Address of the target virtual machine, and the MAC Address of the target virtual machine is preserved to first address and reflected
Firing table.
If the mark of the first subnet is identical with the mark of the second subnet, first server is then according to the IP of target virtual machine
Location, it is empty that the target corresponding with the IP address of the target virtual machine is searched in the first address mapping table corresponding with source virtual machine
After the MAC Address of plan machine, if first server with not finding the MAC of target virtual machine in first address mapping table
Location, first server then obtain the MAC Address of the target virtual machine, and by the MAC Address of the target virtual machine preserve to this
In one address mapping table.
Specifically, first server can be according to the IP address of target virtual machine, in the first address corresponding with source virtual machine
The MAC Address of the target virtual machine corresponding with the IP address of the target virtual machine is searched in mapping table, if first server exists
The MAC Address of the target virtual machine is not found in first address mapping table, source virtual machine then sends ARP (Address
Resolution Protocol, address resolution protocol) request to target virtual machine, carries target virtual machine in the ARP request
IP address.So, all virtual machines in virtualization system can all receive the ARP request of source virtual machine transmission, normal
In the case of only the destination virtual chance provide arp reply, the MAC Address of target virtual machine is carried in the arp reply, from
And the MAC Address of the target virtual machine is returned to the source virtual machine by target virtual machine by arp reply.Source virtual machine obtains
After arp reply, the MAC Address of target virtual machine is put into the arp cache of source virtual machine, i.e. in the first address mapping table, so as to
Used next time.Specifically, when source virtual machine receives arp reply, its first address mapping table will be carried out more
Newly, the first ground is stored in by the IP address of the target virtual machine in the arp reply is corresponding with the MAC Address of the target virtual machine
In the mapping table of location.
Wherein, ARP protocol is a TCP for obtaining physical address(Transmission Control Protocol, pass
Transport control protocol is discussed)/ IP agreement.After the ARP request of the IP address of carrying target virtual machine is broadcast on network, the target is empty
Intend chance and receive the ARP request, and the arp reply for the MAC Address for carrying target virtual machine is generated according to the ARP request, and
By sending the arp reply to source virtual machine, and the MAC Address of the target virtual machine is sent to the source virtual machine.
It is exemplary, it is assumed that virtual machine A need to send packet give virtual machine B, virtual machine A and virtual machine B then can respectively according to
It is secondary to perform following six steps:
(1), virtual machine A can check virtual machine A address mapping table first, check whether virtual machine B MAC Address.
(2)If, virtual machine A do not find virtual machine B MAC Address, virtual machine A in virtual machine A address mapping table
Then can be to one ARP request of Web broadcast, to ask virtual machine B MAC Address.Wherein, the Target IP carried in the ARP request
Address is virtual machine B IP address, and destination-mac address is the MAC Address (i.e. FF-FF-FF-FF-FF-FF) of broadcast frame, source IP
Address and source MAC are virtual machine A IP address and virtual machine A MAC Address.
(3), after virtual switch receives the ARP request, it is a broadcast frame, therefore, meeting to find the ARP request
The ARP request is transmitted to all virtual machines from non-reception total interface.
(4), after virtual machine B receives the ARP request, the IP of the target virtual machine carried in the ARP request can be proofreaded
Whether address is identical with virtual machine B IP address, if virtual machine B is with proofreading the IP of the target virtual machine carried in the ARP request
Location is identical with virtual machine B IP address, and virtual machine B then sends an arp reply to virtual machine A, is wherein carried in the arp reply
Virtual machine A IP address and virtual machine A MAC Address are correspondingly saved in virtually by virtual machine B MAC Address, and virtual machine B
In machine B address mapping table.
(5), virtual machine A receive virtual machine B transmission arp reply after, virtual machine A obtains void from the arp reply
Plan machine B MAC Address, and corresponding record virtual machine B IP address and virtual machine B MAC in virtual machine A address mapping table
Address.
(6), after virtual machine A gets virtual machine B MAC Address, virtual machine A can according to virtual machine B MAC Address,
The packet that virtual machine A is sent to virtual machine B is sent to virtual machine B.
It should be noted that in same subnet, source virtual machine is with obtaining the MAC of the first gateway corresponding with the subnet
The method of location is consistent with the method for the virtual machine A MAC Address for obtaining virtual machine B.
S406, first server are according to the MAC of the second detected rule, the IP address of target virtual machine and target virtual machine
Location, packet is forwarded.
If the mark of the first subnet is identical with the mark of the second subnet, and first server obtains the MAC of target virtual machine
After address, first server is then according to the MAC of the second detected rule, the IP address of target virtual machine and target virtual machine
Location, packet is forwarded.
It should be noted that the present invention does not limit S403 and S404-S405-S406 execution sequence, i.e. the present invention can be with
S403 is first carried out, then performs S404-S405-S406, S404-S405-S406 can also be first carried out, then perform S403.
Further, when there is virtual machine to be migrated in first server, the virtual machine to be migrated is and the first gateway pair
The virtual machine answered, as shown in figure 8, the implementation method of gateway function also includes:
S501, management node determine at least one second server in server cluster.
It should be noted that the Servers-all in management node management server cluster.
When there is virtual machine to be migrated in first server, management node determines at least in its server cluster managed
One server.
Wherein, at least one second server for the virtual machine to be migrated in first server to be migrated to target
Server.
Further, management node can select the server of at least one underloading in server cluster, using as this extremely
A few second server, this is due to that the server of only underloading could provide resource for the virtual machine to be migrated.Specifically
At least one second server of management node selection can be set according to actual conditions, and the present invention is not restricted.
It is understood that when management node need to be by the virtual machine (vm) migration to be migrated in first server at least one
During two servers, management node can select at least one server in server cluster, to be used as at least one second clothes
Business device.Because the virtual machine to be migrated in first server can have multiple, the plurality of virtual machine to be migrated can be migrated to one
Individual second server, it can also migrate to multiple second servers, therefore, management node need to determine at least one second service
Device.
S502, management node search the first routing rule and the second detected rule at least one second server.
After management node determines at least one second server in server cluster, management node in its determination extremely
The first routing rule and the second detected rule are searched in a few second server.
It is understood that management node is determined the virtual machine (vm) migration to be migrated in first server to second server
Afterwards, if so that the virtual machine to be migrated is communicated with other virtual machines, first need to check at least one second server
On whether have the first gateway, i.e., management node searches the first routing rule and the second detection at least one second server
Rule.
If S503, management node find the first routing rule and the second detection rule at least one second server
Then, the management node is then by the virtual machine (vm) migration to be migrated in first server at least one second server.
After management node searches the first routing rule and the second detected rule at least one second server, if pipe
Reason node the first routing rule and the second detected rule are found at least one second server, i.e., this at least one second
Have the first gateway on server, the management node then by the virtual machine (vm) migration to be migrated in first server to this at least one
Two servers.
It is understood that management node searches the first routing rule and the second detection at least one second server
After rule, if management node finds the first routing rule and the second detected rule at least one second server, pipe
Managing node can be directly by the virtual machine (vm) migration to be migrated in first server at least one second server, i.e., this is to be migrated
Can be directly to be communicated with other virtual machines after on virtual machine (vm) migration at least one second server.
Further, if management node finds the first routing rule and the second detection at least one second server
Rule, the management node then indicate at least one second server according to first routing rule and second detected rule,
The function of the first gateway is realized by virtual switch.Concrete implementation process has been carried out in detail in the previous section of the present embodiment
Carefully illustrate, here is omitted.
Further, if management node does not find the first routing rule and the second inspection at least one second server
Then, the management node then sends the first request message at least one second server, at least one second server to gauge
First routing rule and the second detected rule are generated according to the first request message, and the first gateway is realized by virtual switch
Function.Specifically, the method for the first gateway function and the reality in first server are realized at least one second server
The method of existing first gateway function is identical, and here is omitted.
Whether S504, management node, which determine to have in first server, corresponding with the first gateway does not migrate virtual machine.
Management node is managed after the virtual machine (vm) migration to be migrated in first server at least one second server
Whether reason node, which determines in first server to also have, corresponding with the first gateway does not migrate virtual machine.
It should be noted that management node by the virtual machine (vm) migration to be migrated in first server to this at least one second
After server, whether management node can be determined also corresponding with the first gateway in first server by way of lookup
Virtual machine is not migrated, determines whether to delete first gateway.
If S505, management node are determined in first server without not migrating virtual machine, the management node then indicate this first
Server deletes the first routing rule and the second detected rule.
Management node determine whether to have in first server it is corresponding with the first gateway after not migrating virtual machine, if management
Node determines that the management node then indicates that the first server deletes the first via by advising without virtual machine is not migrated in first server
Then with the second detected rule.
It is understood that if management node is determined without virtual machine is not migrated in first server, i.e., in first server
On the virtual machine that has been communicated not over the first gateway, the management node then may indicate that the first server deletes the
One routing rule and the second detected rule, that is, the first gateway in first server is deleted, taken so as to discharge first gateway
Resource, so, management node can separately use it for anything else the resource discharged in the first server, to realize the reasonable profit of resource
With.
Further, if management node, which determines to have in first server, does not migrate virtual machine, the management node, which is not done then, to be located
Reason, it is real by virtual switch to cause first server to continue according to first routing rule and second detected rule
The function of existing first gateway, i.e., not migrating virtual machine and can continue through first gateway and communicated in first server.
Embodiments of the invention provide a kind of implementation method of gateway function, receive what management node was sent by server
First request message, the first routing iinformation of the first gateway and the first detection rule of the first gateway are carried in first request message
Then, first request message is used to create the first gateway, and the service on the virtual switch of request server in the server
Device obtains the first routing iinformation and the first detected rule according to the first request message, and the server according to the first via by believing
Breath and the first detected rule, generate the first routing rule and the second detected rule, finally the server according to the first via by advising
Then with second detected rule, the function of the first gateway is realized by virtual switch.By the program, on the one hand due to service
Device generates the first routing rule and second detected rule, the function of the first gateway is realized by virtual switch, so as to avoid
The limitation of the performance and the virtual machine bandwidth of the virtual machine forwarding packet of gateway function is realized in the prior art, therefore, is carried
High communication efficiency between virtual machine and main frame;On the other hand, each clothes due to the program suitable for virtualization system
Business device, therefore, can create gateway function corresponding with some subnet on each server, so as to when in the subnet
During some server fail, other virtual machines in the subnet can still continue to communicate with main frame, and then improve virtual
Communication stability between machine and main frame.
Embodiment three
As shown in figure 9, embodiments of the invention provide a kind of server 1, corresponding to service provided in an embodiment of the present invention
The implementation method of the gateway function of device side, the server 1 can include:
Receiving unit 10, for receiving the first request message of management node transmission, carried in first request message
First detected rule of the first routing iinformation of the first gateway and first gateway, first request message are used to ask
First gateway is created on virtual switch in the server.
Acquiring unit 11, for first request message received according to the receiving unit 10, obtain described first
Routing iinformation and first detected rule.
Generation unit 12, for first routing iinformation obtained according to the acquiring unit 11 and first detection
Rule, generate the first routing rule and the second detected rule.
Unit 13 is realized, for first routing rule generated according to the generation unit 12 and second detection
Rule, the function of first gateway is realized by the virtual switch.
Optionally, the generation unit 12, specifically for the first via that is obtained according to the acquiring unit 11 by believing
Breath, generates corresponding with first routing iinformation first routing rule and the first Route Distinguisher, and by described first
Route Distinguisher is added in first detected rule, to generate second detected rule.
Optionally, first gateway and first routing rule are gateway corresponding with the first subnet and route rule
Then,
Wherein, as shown in Figure 10, the server 1 also includes determining unit 14;
The receiving unit 10, it is additionally operable to send to target virtual machine by virtual switch reception source virtual machine
Packet, the packet include the address information of the source virtual machine and the address information of the target virtual machine, wherein, institute
State source virtual machine and provide service by first subnet, the target virtual machine provides service by the second subnet.
The determining unit 14, address information, institute for the source virtual machine that is received according to the receiving unit 10
Second detected rule that the address information of target virtual machine and the generation unit 12 generate is stated, determines first subnet
Mark and second subnet mark.
It is described to realize unit 13, if being additionally operable to the mark of first subnet that the determining unit 14 determines and described the
The mark of two subnets is different, then first routing rule generated according to the generation unit 12, the packet is carried out
Forwarding.
Optionally, it is described to realize unit 13, it is additionally operable to mark and institute that the determining unit 14 determines first subnet
After the mark for stating the second subnet, if the mark of first subnet is identical with the mark of second subnet, according to
Second detected rule that generation unit 12 generates forwards to the packet.
Optionally, as shown in figure 11, the address information of the target virtual machine includes the IP address of the target virtual machine,
Wherein, the server 1 also includes searching unit 15 and storage unit 16.
The searching unit 15, if the mark and described second of first subnet determined for the determining unit 14
The mark of subnet is identical, described to realize unit 13 then according to second detected rule to described in the receiving unit 10 reception
Before packet is forwarded, according to the receiving unit 10 receive the target virtual machine IP address, with the source
The target virtual machine corresponding with the IP address of the target virtual machine is searched in first address mapping table corresponding to virtual machine
MAC Address.
The acquiring unit 11, if be additionally operable to the searching unit 15 does not find institute in first address mapping table
The MAC Address of target virtual machine is stated, then obtains the MAC Address of the target virtual machine.
The storage unit 16, the MAC Address of the target virtual machine for the acquiring unit 11 to be obtained preserve
To first address mapping table.
Optionally, as shown in figure 12, it is described to realize unit 13, specifically for according to the generation unit 12 generation
The IP address for the target virtual machine that first routing rule/second detected rule, the acquiring unit 11 obtain and institute
The MAC Address of target virtual machine is stated, the packet received to the receiving unit 10 forwards.
Embodiments of the invention provide a kind of server, and the first request that management node transmission is received by server disappears
Cease, carry the first routing iinformation of the first gateway and the first detected rule of the first gateway in first request message, this first
Request message is used to create the first gateway on the virtual switch of request server in the server, and the server is according to first
Request message, the first routing iinformation and the first detected rule are obtained, and the server is examined according to the first routing iinformation and first
Gauge then, generates the first routing rule and the second detected rule, finally the server according to first routing rule and this second
Detected rule, the function of the first gateway is realized by virtual switch.By the program, on the one hand due to server generation first
Routing rule and second detected rule, the function of the first gateway is realized by virtual switch, so as to avoid prior art
The limitation of the performance and the virtual machine bandwidth of the middle virtual machine forwarding packet for realizing gateway function, this improves virtual machine
Communication efficiency between main frame;On the other hand, each server due to the program suitable for virtualization system, therefore,
Gateway function corresponding with some subnet can be created on each server, so as to when some server in the subnet
When breaking down, other virtual machines in the subnet can still continue to communicate with main frame, so improve virtual machine and main frame it
Between communication stability.
As shown in figure 13, embodiments of the invention provide a kind of management node 2, corresponding to pipe provided in an embodiment of the present invention
The implementation method of the gateway function of node side is managed, the management node 2 can include:
Searching unit 20, for when creating the first virtual machine in first server, being looked into the first server
The first routing rule and the second detected rule are looked for, first routing rule and second detected rule are and the described first void
The rule of first gateway corresponding to plan machine.
Transmitting element 21, if for the searching unit 20 do not found in the first server first via by
Regular and described second detected rule, then the first request message is sent to the first server, so that the first server
First routing iinformation and the first detected rule are obtained according to first request message, and according to first routing iinformation and institute
State the first detected rule and generate first routing rule and second detected rule, and according to first routing rule
With second detected rule, the function of first gateway is realized by the virtual switch in the first server, its
In, first routing iinformation and first detected rule, first request message are carried in first request message
For asking the first server to create first gateway on the virtual switch.
Optionally, as shown in figure 14, the management node 2 also includes determining unit 22 and migration units 23.
The determining unit 22, for when having virtual machine to be migrated in the first server, in server cluster
At least one second server is determined, wherein, the virtual machine to be migrated is virtual machine corresponding with first gateway.
The searching unit 20, it is additionally operable to look at least one second server that the determining unit 22 determines
Look for first routing rule and second detected rule.
Migration units 23, if finding described at least one second server for the searching unit 20
One routing rule and second detected rule, then by the virtual machine (vm) migration to be migrated in the first server to described
At least one second server.
Optionally, as shown in figure 15, the management node 2 also includes indicating member 24.
The determining unit 22, it is additionally operable to the void to be migrated in the first server in the migration units 23
Plan machine is migrated at least one second server, determines whether have in the first server and first gateway
It is corresponding not migrate virtual machine.
The indicating member 24, if determining not migrate void described in nothing in the first server for the determining unit 22
Plan machine, it indicates that the first server deletes first routing rule and second detected rule.
Optionally, the indicating member 24, it is additionally operable to the searching unit 20 and searches first in the first server
After routing rule and the second detected rule, if the searching unit 20 finds the first via in the first server
By regular and described second detected rule, it indicates that the first server is according to first routing rule and second inspection
Gauge then, the function of first gateway is realized by the virtual switch.
Embodiments of the invention provide a kind of management node, when creating the first virtual machine in first server, management
Node searches the first routing rule and the second detected rule in the first server, first routing rule and second detection
Rule is the rule of the first gateway corresponding with the first virtual machine, and if not finding the first via in first server by advising
The first request message is then then sent to first server with the second detected rule, the management node, so that the first server root
The first routing iinformation and the first detected rule are obtained according to the first request message, and according to the first routing iinformation and the first detected rule
Generate the first routing rule and the second detected rule, and according to the first routing rule and the second detected rule, by this first
Virtual switch in server realizes the function of the first gateway, wherein, carried in the first request message the first routing iinformation and
First detected rule, first request message are used to ask first server to create the first gateway on virtual switch.Pass through
The program, on the one hand because server generates the first routing rule and second detected rule, the is realized by virtual switch
The function of one gateway, it is virtual with this so as to avoid the performance for the virtual machine forwarding packet for realizing gateway function in the prior art
The limitation of machine bandwidth, this improves the communication efficiency between virtual machine and main frame;On the other hand, because the program is applied to
Each server in virtualization system, therefore, gateway corresponding with some subnet can be created on each server
Function, so as to when some server fail in the subnet, other virtual machines in the subnet still can with main frame after
Continuous communication, and then improve the communication stability between virtual machine and main frame.
Example IV
As shown in figure 16, embodiments of the invention provide a kind of server, and the server can include:Processor 30, deposit
Reservoir 31, system bus 32 and COM1 33, wherein,
Connected and completed mutual lead to by system bus 32 between processor 30, memory 31 and COM1 33
Letter.
Processor 30 may be monokaryon or multinuclear CPU, be either specific integrated circuit or to be configured
Into the one or more integrated circuits for implementing the embodiment of the present invention.
Memory 31 can be high-speed RAM memory, or nonvolatile memory(non-volatile
memory), a for example, at least magnetic disk storage.
Memory 31 is used for the execute instruction of storage server.Specifically, it can include in the execute instruction of server soft
Part program and software code.
COM1 33 can be used for receiving or sending data.
Specifically, the processor 30 can be used for receiving management section from the COM1 33 by the system bus 32
The first request message sent is put, the first routing iinformation of the first gateway and first net are carried in first request message
The first detected rule closed, first request message are used to ask on the virtual switch in the server described in establishment
First gateway, and according to first request message, obtain first routing iinformation and first detected rule, Yi Jigen
According to first routing iinformation and first detected rule, the first routing rule and the second detected rule, last basis are generated
First routing rule and second detected rule, the function of first gateway is realized by the virtual switch;
The memory 31 can be used for storage from the software code of the first routing iinformation of the first gateway of the COM1 33 reception
With the software code of the first detected rule of the first gateway, and the software code of the first routing rule and the second detected rule is soft
Part code, and control server complete the software program of said process, so that the processor 30 can be by execution
The software program and the corresponding software code of calling stored in the memory 31, completes said process.
Optionally, the processor 30, specifically for according to first routing iinformation, generation is with the first via by believing
First routing rule and the first Route Distinguisher corresponding to breath, and first Route Distinguisher is examined added to described first
Gauge then in, to generate second detected rule.
Optionally, first gateway and first routing rule are gateway corresponding with the first subnet and route rule
Then, wherein, the processor 30, it is additionally operable to send to the number of target virtual machine by virtual switch reception source virtual machine
According to bag, the packet includes the address information of the source virtual machine and the address information of the target virtual machine, wherein, it is described
Source virtual machine provides service by first subnet, and the target virtual machine provides service by the second subnet, and according to the source
The address information of virtual machine, the address information of the target virtual machine and second detected rule, determine first subnet
Mark and second subnet mark, and if first subnet mark it is different from the mark of second subnet,
Then according to first routing rule, the packet is forwarded.
Optionally, the processor 30, it is additionally operable to determine the mark of first subnet and the mark of second subnet
Afterwards, if the mark of first subnet is identical with the mark of second subnet, according to second detected rule to institute
Packet is stated to be forwarded.
Optionally, the address information of the target virtual machine includes the IP address of the target virtual machine, wherein, the place
Device 30 is managed, if the mark for being additionally operable to first subnet is identical with the mark of second subnet, according to the described second detection
Before rule forwards to the packet, according to the IP address of the target virtual machine, corresponding with the source virtual machine
The first address mapping table in search the MAC Address of corresponding with the IP address of the target virtual machine target virtual machine,
And if do not find the MAC Address of the target virtual machine in first address mapping table, it is empty to obtain the target
The MAC Address of plan machine, and the MAC Address of the target virtual machine is preserved to first address mapping table.
Optionally, the processor 30, also particularly useful for according to first routing rule/second detected rule,
The MAC Address of the IP address of the target virtual machine and the target virtual machine, the packet is forwarded.
Embodiments of the invention provide a kind of server, and the first request that management node transmission is received by server disappears
Cease, carry the first routing iinformation of the first gateway and the first detected rule of the first gateway in first request message, this first
Request message is used to create the first gateway on the virtual switch of request server in the server, and the server is according to first
Request message, the first routing iinformation and the first detected rule are obtained, and the server is examined according to the first routing iinformation and first
Gauge then, generates the first routing rule and the second detected rule, finally the server according to first routing rule and this second
Detected rule, the function of the first gateway is realized by virtual switch.By the program, on the one hand due to server generation first
Routing rule and second detected rule, the function of the first gateway is realized by virtual switch, so as to avoid prior art
The limitation of the performance and the virtual machine bandwidth of the middle virtual machine forwarding packet for realizing gateway function, this improves virtual machine
Communication efficiency between main frame;On the other hand, each server due to the program suitable for virtualization system, therefore,
Gateway function corresponding with some subnet can be created on each server, so as to when some server in the subnet
When breaking down, other virtual machines in the subnet can still continue to communicate with main frame, so improve virtual machine and main frame it
Between communication stability.
As shown in figure 17, embodiments of the invention provide a kind of management node, and the management node can include:Processor
40th, memory 41, system bus 42 and COM1 43, wherein,
Connected and completed mutual lead to by system bus 42 between processor 40, memory 41 and COM1 43
Letter.
Processor 40 may be monokaryon or multinuclear CPU, be either specific integrated circuit or to be configured
Into the one or more integrated circuits for implementing the embodiment of the present invention.
Memory 41 can be high-speed RAM memory, or nonvolatile memory(non-volatile
memory), a for example, at least magnetic disk storage.
Memory 41 is used for the execute instruction of storage management node.Specifically, it can be wrapped in the execute instruction of management node
Include software program and software code.
COM1 43 can be used for receiving or sending data.
Specifically, the processor 40 can be used for when creating the first virtual machine in first server, described first
Search the first routing rule and the second detected rule in server, first routing rule and second detected rule be with
The rule of first gateway corresponding to first virtual machine, and if not finding the first via in the first server
By regular and described second detected rule, then the first request message is sent to the first server, so that the first service
Device obtains the first routing iinformation and the first detected rule according to first request message, and according to first routing iinformation and
First detected rule generates first routing rule and second detected rule, and according to the first via by advising
Then with second detected rule, the function of first gateway is realized by the virtual switch in the first server,
Wherein, first routing iinformation and first detected rule are carried in first request message, first request disappears
Cease for asking the first server to create first gateway on the virtual switch;The memory 41 can be used for
The software code of the first routing iinformation and the software code of the first detected rule sent from the COM1 43 is stored, and
Management node is controlled to complete the software program of said process, so that the processor 40 can be by performing the upper memory
The software program and the corresponding software code of calling stored in 41, completes said process.
Optionally, the processor 40, it is additionally operable to when having virtual machine to be migrated in the first server, in server
At least one second server is determined in cluster, wherein, the virtual machine to be migrated is corresponding with first gateway virtual
Machine, and first routing rule and second detected rule, Yi Ji are searched at least one second server
First routing rule and second detected rule are found at least one second server, then by described first
The virtual machine (vm) migration to be migrated on server is at least one second server.
Optionally, the processor 40, it is additionally operable to the virtual machine (vm) migration to be migrated in the first server extremely
After at least one second server, determine whether to have in the first server and corresponding with first gateway do not move
Virtual machine is moved, and if it is determined that not migrating virtual machine without described in the first server, it indicates that the first server is deleted
Except first routing rule and second detected rule.
Optionally, the processor 40, it is additionally operable to search the first routing rule and the second inspection in the first server
Gauge then after, if finding first routing rule and second detected rule in the first server, refer to
Show that the first server according to first routing rule and second detected rule, is realized by the virtual switch
The function of first gateway.
Embodiments of the invention provide a kind of management node, when creating the first virtual machine in first server, management
Node searches the first routing rule and the second detected rule in the first server, first routing rule and second detection
Rule is the rule of the first gateway corresponding with the first virtual machine, and if not finding the first via in first server by advising
Then then send the first request message to first server with the second detected rule, management node so that the first server according to
First request message obtains the first routing iinformation and the first detected rule, and is given birth to according to the first routing iinformation and the first detected rule
Into the first routing rule and the second detected rule, and according to the first routing rule and the second detected rule, first taken by this
Virtual switch in business device realizes the function of the first gateway, wherein, the first routing iinformation and the are carried in the first request message
One detected rule, first request message are used to ask first server to create the first gateway on virtual switch.By this
Scheme, on the one hand because server generates the first routing rule and second detected rule, first is realized by virtual switch
The function of gateway, so as to avoid the performance and the virtual machine of the virtual machine forwarding packet for realizing gateway function in the prior art
The limitation of bandwidth, this improves the communication efficiency between virtual machine and main frame;On the other hand, because the program is applied to void
Each server in planization system, therefore, gateway work(corresponding with some subnet can be created on each server
Can, so as to which when some server fail in the subnet, other virtual machines in the subnet can still continue with main frame
Communication, and then improve the communication stability between virtual machine and main frame.
As shown in figure 18, what the embodiment of the present invention also provided a kind of gateway function realizes system, the realization of the gateway function
System can include at least one server as described in claim any one of 11-16, and such as any one of claim 17-20
Described management node.At least one server is a server cluster, and management node is to every in the server cluster
Individual server is managed, and the management node is connected with each server in server cluster respectively.Wherein, with server set
Exemplified by a server in group, server receives the first request message that management node is sent, and is taken in first request message
First detected rule of the first routing iinformation and the first gateway with the first gateway, first request message are used for request server
Create the first gateway on virtual switch in the server, and the server is according to the first request message, obtain the first via by
Information and the first detected rule, and the server, according to the first routing iinformation and the first detected rule, the generation first via is by advising
Then with the second detected rule, finally the server virtual switch is passed through according to first routing rule and second detected rule
Machine realizes the function of the first gateway.Gateway function provided in an embodiment of the present invention realizes system, on the one hand because server is given birth to
Into the first routing rule and second detected rule, the function of the first gateway is realized by virtual switch, it is existing so as to avoid
There is the limitation of the performance and the virtual machine bandwidth of the virtual machine forwarding packet that gateway function is realized in technology, this improves
Communication efficiency between virtual machine and main frame;On the other hand, each server due to the program suitable for server cluster,
Therefore, gateway function corresponding with some subnet can be created on each server, so as to when some in the subnet
During server fail, other virtual machines in the subnet can still continue to communicate with main frame, so improve virtual machine with
Communication stability between main frame.
It is apparent to those skilled in the art that for convenience and simplicity of description, only with above-mentioned each function
The division progress of module, can be as needed and by above-mentioned function distribution by different function moulds for example, in practical application
Block is completed, i.e., the internal structure of device is divided into different functional modules, to complete all or part of work(described above
Energy.The specific work process of the system, apparatus, and unit of foregoing description, it may be referred to corresponding in preceding method embodiment
Journey, it will not be repeated here.
In several embodiments provided herein, it should be understood that disclosed system, apparatus and method can be with
Realize by another way.For example, device embodiment described above is only schematical, for example, the module or
The division of unit, only a kind of division of logic function, can there are other dividing mode, such as multiple units when actually realizing
Or component can combine or be desirably integrated into another system, or some features can be ignored, or not perform.It is another, institute
Display or the mutual coupling discussed or direct-coupling or communication connection can be by some interfaces, device or unit
INDIRECT COUPLING or communication connection, can be electrical, mechanical or other forms.
The unit illustrated as separating component can be or may not be physically separate, show as unit
The part shown can be or may not be physical location, you can with positioned at a place, or can also be distributed to multiple
On NE.Some or all of unit therein can be selected to realize the mesh of this embodiment scheme according to the actual needs
's.
In addition, each functional unit in each embodiment of the present invention can be integrated in a processing unit, can also
That unit is individually physically present, can also two or more units it is integrated in a unit.Above-mentioned integrated list
Member can both be realized in the form of hardware, can also be realized in the form of SFU software functional unit.
If the integrated unit is realized in the form of SFU software functional unit and is used as independent production marketing or use
When, it can be stored in a computer read/write memory medium.Based on such understanding, technical scheme is substantially
The part to be contributed in other words to prior art or all or part of the technical scheme can be in the form of software products
Embody, the computer software product is stored in a storage medium, including some instructions are causing a computer
Equipment(Can be personal computer, server, or network equipment etc.)Or processor(processor)It is each to perform the present invention
The all or part of step of embodiment methods described.And foregoing storage medium includes:USB flash disk, mobile hard disk, read-only storage
(ROM, Read-Only Memory), random access memory(RAM, Random Access Memory), magnetic disc or CD
Etc. it is various can be with the medium of store program codes.
The foregoing is only a specific embodiment of the invention, but protection scope of the present invention is not limited thereto, any
Those familiar with the art the invention discloses technical scope in, change or replacement can be readily occurred in, should all be contained
Cover within protection scope of the present invention.Therefore, protection scope of the present invention described should be defined by scope of the claims.
Claims (19)
- A kind of 1. implementation method of gateway function, it is characterised in that including:Server receives the first request message that management node is sent, and the first of the first gateway is carried in first request message First detected rule of routing iinformation and first gateway, first request message are used to ask the server described First gateway is created on virtual switch in server;The server obtains first routing iinformation and first detected rule according to first request message;The server generates the first routing rule and the second inspection according to first routing iinformation and first detected rule Gauge is then;The server realizes institute according to first routing rule and second detected rule by the virtual switch State the function of the first gateway;The server generates the first routing rule and the second inspection according to first routing iinformation and first detected rule Gauge then specifically includes:The server generates the first via corresponding with first routing iinformation by advising according to first routing iinformation Then with the first Route Distinguisher;First Route Distinguisher is added in first detected rule by the server, is advised with generating second detection Then.
- 2. the implementation method of gateway function according to claim 1, it is characterised in that first gateway and described first Routing rule is gateway corresponding with the first subnet and routing rule,Wherein, the server passes through the virtual switch according to first routing rule and second detected rule The method for realizing the function of first gateway, including:The server receives source virtual machine by the virtual switch and sent to the packet of destination host, the packet The address information of address information and the destination host including the source virtual machine, wherein, the source virtual machine is by described One subnet provides service, and the destination host provides service by the second subnet;The server is according to the address information of the source virtual machine, the address information of the destination host and second detection Rule, determine the mark of first subnet and the mark of second subnet;If first subnet mark it is different from the mark of second subnet, the server then according to the first via by Rule, the packet is forwarded.
- 3. the implementation method of gateway function according to claim 2, it is characterised in that the server determines described first After the mark of subnet and the mark of second subnet, methods described also includes:If the mark of first subnet is identical with the mark of second subnet, the server is then according to the described second detection Rule forwards to the packet.
- 4. the implementation method of gateway function according to claim 3, it is characterised in that the address information of the destination host Include the internet protocol address of the destination host,Wherein, if the mark of first subnet is identical with the mark of second subnet, the server is then according to described the Before two detected rules forward to the packet, methods described also includes:The server is according to the IP address of the destination host, in the first address mapping table corresponding with the source virtual machine Search the MAC address of the destination host corresponding with the IP address of the destination host;If the server does not find the MAC Address of the destination host, the service in first address mapping table Device then obtains the MAC Address of the destination host, and the MAC Address of the destination host is preserved to first address of cache Table.
- 5. the implementation method of gateway function according to claim 4, it is characterised in that the server is according to described first Routing rule, the packet is forwarded, including:The server turns according to the IP address of first routing rule and the destination host to the packet Hair;The server forwards according to second detected rule to the packet, specifically includes:The server is according to the MAC of second detected rule, the IP address of the destination host and the destination host Location, the packet is forwarded.
- A kind of 6. implementation method of gateway function, it is characterised in that including:When creating the first virtual machine in first server, management node searches the first via by advising in the first server It is then corresponding with first virtual machine the with the second detected rule, first routing rule and second detected rule The rule of one gateway;If the management node does not find first routing rule and the second detection rule in the first server Then, the management node then sends the first request message to the first server, so that the first server is according to First request message obtains the first routing iinformation and the first detected rule, and according to first routing iinformation and first inspection Gauge then generates first routing rule and second detected rule, and according to first routing rule and described Two detected rules, the function of first gateway is realized by the virtual switch in the first server, wherein, described First routing iinformation and first detected rule are carried in one request message, first request message is used to ask institute State first server and first gateway is created on the virtual switch;The server generates first routing rule and institute according to first routing iinformation and first detected rule The second detected rule is stated to specifically include:The server generates the first via corresponding with first routing iinformation by advising according to first routing iinformation Then with the first Route Distinguisher;First Route Distinguisher is added in first detected rule by the server, is advised with generating second detection Then.
- 7. the implementation method of gateway function according to claim 6, it is characterised in that need when in the first server When migrating virtual machine, the virtual machine to be migrated is virtual machine corresponding with first gateway, and methods described also includes:The management node determines at least one second server in server cluster;The management node searches first routing rule and second detection at least one second server Rule;If the management node finds first routing rule and described second at least one second server Detected rule, the management node is then by the virtual machine (vm) migration to be migrated in the first server to described at least one Second server.
- 8. the implementation method of gateway function according to claim 7, it is characterised in that the management node is by described first After the virtual machine (vm) migration to be migrated at least one second server on server, methods described also includes:Whether the management node, which determines to have in the first server, corresponding with first gateway does not migrate virtual machine;If the management node determines not migrate virtual machine without described in the first server, the management node then indicates institute State first server and delete first routing rule and second detected rule.
- 9. the implementation method of gateway function according to claim 6, it is characterised in that the management node is described first After the first routing rule and the second detected rule are searched in server, methods described also includes:If the management node finds first routing rule and second detected rule in the first server, The management node then indicates that the first server according to first routing rule and second detected rule, passes through institute State the function that virtual switch realizes first gateway.
- A kind of 10. server, it is characterised in that including:Receiving unit, for receiving the first request message of management node transmission, the first net is carried in first request message The first routing iinformation and the first detected rule of first gateway closed, first request message are used to ask in the clothes First gateway is created on virtual switch in business device;Acquiring unit, for first request message received according to the receiving unit, obtain first routing iinformation With first detected rule;Generation unit, for first routing iinformation obtained according to the acquiring unit, generation is with the first via by believing First routing rule corresponding to breath and the first Route Distinguisher, and first Route Distinguisher is advised added to the described first detection In then, to generate the second detected rule;Unit is realized, for first routing rule generated according to the generation unit and second detected rule, is led to Cross the function that the virtual switch realizes first gateway.
- 11. server according to claim 10, it is characterised in that first gateway and first routing rule are Corresponding with the first subnet gateway and routing rule,Wherein, the server also includes determining unit;The receiving unit, it is additionally operable to send to the packet of destination host by virtual switch reception source virtual machine, The packet includes the address information of the source virtual machine and the address information of the destination host, wherein, the source is virtual Machine provides service by first subnet, and the destination host provides service by the second subnet;The determining unit, address information, the target master for the source virtual machine that is received according to the receiving unit The address information of machine and second detected rule of generation unit generation, determine the mark of first subnet and described The mark of second subnet;It is described to realize unit, if being additionally operable to the mark for first subnet that the determining unit determines and second subnet Mark is different, then first routing rule generated according to the generation unit, the packet is forwarded.
- 12. server according to claim 11, it is characterised in thatIt is described to realize unit, it is additionally operable to determine the mark of first subnet and the mark of second subnet in the determining unit After knowledge, if the mark of first subnet is identical with the mark of second subnet, generated according to the generation unit Second detected rule forwards to the packet.
- 13. server according to claim 12, it is characterised in that the address information of the destination host includes the mesh The IP address of main frame is marked,Wherein, the server also includes searching unit and storage unit;The searching unit, if the mark and the mark of second subnet of first subnet determined for the determining unit It is sensible same, it is described to realize that unit then turns according to second detected rule to the packet that the receiving unit receives Before hair, the IP address of the destination host received according to the receiving unit, corresponding with the source virtual machine first The MAC Address of the destination host corresponding with the IP address of the destination host is searched in address mapping table;The acquiring unit, if be additionally operable to the searching unit does not find the target master in first address mapping table The MAC Address of machine, then obtain the MAC Address of the destination host;The storage unit, the MAC Address of the destination host for the acquiring unit to be obtained are preserved to described first Address mapping table.
- 14. server according to claim 13, it is characterised in thatIt is described to realize unit, specifically for first routing rule generated according to the generation unit and the acquiring unit The IP address of the destination host obtained, the packet received to the receiving unit forward;It is described to realize unit, specifically for generated according to the generation unit second detected rule, the acquiring unit The IP address of the destination host and the MAC Address of the destination host obtained, the number received to the receiving unit Forwarded according to bag.
- A kind of 15. management node, it is characterised in that including:Searching unit, for when creating the first virtual machine in first server, first to be searched in the first server Routing rule and the second detected rule, first routing rule and second detected rule are and first virtual machine pair The rule for the first gateway answered;Transmitting element, if not finding first routing rule and institute in the first server for the searching unit The second detected rule is stated, then the first request message is sent to the first server, so that the first server is according to First request message obtains the first routing iinformation and the first detected rule, and according to first routing iinformation and first inspection Gauge then generates first routing rule and second detected rule, and according to first routing rule and described Two detected rules, the function of first gateway is realized by the virtual switch in the first server, wherein, described First routing iinformation and first detected rule are carried in one request message, first request message is used to ask institute State first server and first gateway is created on the virtual switch;The first server generates first routing rule according to first routing iinformation and first detected rule Specifically included with second detected rule:The first server generates the first via corresponding with first routing iinformation according to first routing iinformation By rule and the first Route Distinguisher;First Route Distinguisher is added in first detected rule by the first server, to generate second inspection Gauge is then.
- 16. management node according to claim 15, it is characterised in that the management node also includes determining unit and moved Move unit;The determining unit, for when having virtual machine to be migrated in the first server, determined in server cluster to A few second server, wherein, the virtual machine to be migrated is virtual machine corresponding with first gateway;The searching unit, it is additionally operable to search described the at least one second server that the determining unit determines One routing rule and second detected rule;Migration units, if finding the first via by advising at least one second server for the searching unit Then with second detected rule, then by the virtual machine (vm) migration to be migrated in the first server to described at least one Second server.
- 17. management node according to claim 16, it is characterised in that the management node also includes indicating member;The determining unit, it is additionally operable to the virtual machine (vm) migration to be migrated in the first server in the migration units It is corresponding not with first gateway to after at least one second server, determining whether to have in the first server Migrate virtual machine;The indicating member, if determining not migrate virtual machine described in nothing in the first server for the determining unit, Indicate that the first server deletes first routing rule and second detected rule.
- 18. management node according to claim 15, it is characterised in that the management node also includes indicating member;The indicating member, if found for the searching unit in the first server first routing rule and Second detected rule, it indicates that the first server according to first routing rule and second detected rule, The function of first gateway is realized by the virtual switch.
- 19. a kind of gateway function realizes system, it is characterised in that including:At least one server as described in claim any one of 10-14, and the pipe as described in claim any one of 15-18 Manage node.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201310684671.XA CN104717081B (en) | 2013-12-13 | 2013-12-13 | The implementation method and device of a kind of gateway function |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201310684671.XA CN104717081B (en) | 2013-12-13 | 2013-12-13 | The implementation method and device of a kind of gateway function |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN104717081A CN104717081A (en) | 2015-06-17 |
| CN104717081B true CN104717081B (en) | 2018-01-23 |
Family
ID=53416077
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201310684671.XA Active CN104717081B (en) | 2013-12-13 | 2013-12-13 | The implementation method and device of a kind of gateway function |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN104717081B (en) |
Families Citing this family (15)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| EP3358876B1 (en) * | 2015-09-29 | 2020-12-23 | Soracom, Inc. | Control apparatus for gateway in mobile communication system |
| CN105657081B (en) * | 2016-04-07 | 2019-01-18 | 华为技术有限公司 | The method, apparatus and system of DHCP service are provided |
| CN107846358B (en) * | 2016-09-19 | 2020-07-10 | 北京金山云网络技术有限公司 | Data transmission method, device and network system |
| CN106685813B (en) * | 2016-11-16 | 2019-05-10 | 国家数字交换系统工程技术研究中心 | Suitable for accessing the output service response device and method of net gateway security |
| CN106789667B (en) * | 2016-11-21 | 2021-01-01 | 华为技术有限公司 | Data forwarding method, related equipment and system |
| CN106790614B (en) * | 2016-12-30 | 2020-11-13 | 上海顶竹通讯技术有限公司 | Scheduling method and system based on cloud platform |
| CN108462594B (en) * | 2017-02-21 | 2022-03-04 | 阿里巴巴集团控股有限公司 | Virtual private network and rule table generation method, device and routing method |
| KR102423755B1 (en) | 2017-12-14 | 2022-07-21 | 삼성전자주식회사 | Server and method for controlling packet transmission |
| CN108551413B (en) * | 2018-03-27 | 2020-11-03 | 青岛海信智慧家居系统股份有限公司 | Intelligent household equipment binding method and device, gateway equipment and storage medium |
| CN110753071B (en) * | 2018-07-23 | 2022-08-16 | 视联动力信息技术股份有限公司 | Information acquisition method and device |
| CN109067573B (en) * | 2018-07-26 | 2020-12-29 | 新华三技术有限公司 | Traffic scheduling method and device |
| CN110875854B (en) * | 2018-08-29 | 2023-04-07 | 阿里巴巴集团控股有限公司 | Method and device for detecting connectivity of virtual machine in virtual private network and storage medium |
| CN111158845B (en) * | 2018-11-07 | 2023-09-12 | 重庆金美通信有限责任公司 | Method for realizing router and terminal integrated integration by adopting general-purpose computer |
| CN110730133B (en) * | 2019-10-21 | 2021-11-12 | 北京百度网讯科技有限公司 | Route notification method and system |
| CN117792886A (en) * | 2022-09-20 | 2024-03-29 | 维沃移动通信有限公司 | Forwarding rule configuration method and device, terminal and network side equipment |
Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US7126941B1 (en) * | 2001-08-24 | 2006-10-24 | Cisco Technology, Inc. | Managing packet voice networks using a virtual switch approach |
| CN102469004A (en) * | 2010-10-29 | 2012-05-23 | 中国科学院计算技术研究所 | Virtual machine network system and creation method thereof |
| CN102801715A (en) * | 2012-07-30 | 2012-11-28 | 华为技术有限公司 | Method for virtual machine migration in network, gateway and system |
Family Cites Families (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| GB2458154B (en) * | 2008-03-07 | 2012-06-27 | Hewlett Packard Development Co | Routing across a virtual network |
| US8184648B2 (en) * | 2009-06-18 | 2012-05-22 | Rockstar Bidco, LP | Method and apparatus for implementing control of multiple physically dual homed devices |
| US8923149B2 (en) * | 2012-04-09 | 2014-12-30 | Futurewei Technologies, Inc. | L3 gateway for VXLAN |
-
2013
- 2013-12-13 CN CN201310684671.XA patent/CN104717081B/en active Active
Patent Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US7126941B1 (en) * | 2001-08-24 | 2006-10-24 | Cisco Technology, Inc. | Managing packet voice networks using a virtual switch approach |
| CN102469004A (en) * | 2010-10-29 | 2012-05-23 | 中国科学院计算技术研究所 | Virtual machine network system and creation method thereof |
| CN102801715A (en) * | 2012-07-30 | 2012-11-28 | 华为技术有限公司 | Method for virtual machine migration in network, gateway and system |
Also Published As
| Publication number | Publication date |
|---|---|
| CN104717081A (en) | 2015-06-17 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN104717081B (en) | The implementation method and device of a kind of gateway function | |
| US11310155B1 (en) | Virtual router workload offloading | |
| US10698739B2 (en) | Multitenant access to multiple desktops on host machine partitions in a service provider network | |
| TWI543566B (en) | Data center network system based on software-defined network and packet forwarding method, address resolution method, routing controller thereof | |
| CN105657081B (en) | The method, apparatus and system of DHCP service are provided | |
| US7242665B2 (en) | Network device virtual interface | |
| CN104350467B (en) | Elasticity for the cloud security using SDN carries out layer | |
| US10210008B2 (en) | Control server, service providing system, and method of providing a virtual infrastructure | |
| US11601365B2 (en) | Wide area networking service using provider network backbone network | |
| US11824773B2 (en) | Dynamic routing for peered virtual routers | |
| CN103023827B (en) | Data forwarding method for virtualized data centre and realization equipment of data forwarding method | |
| CN103812777B (en) | Efficient data transmission system and method in overlay virtualized network | |
| CN104871145A (en) | Memory sharing in network device | |
| CN101772918A (en) | The Operations, Administration and Maintenance of service chaining (OAM) | |
| CN106034077A (en) | Dynamic route configuration method, device and system thereof | |
| CN109547349A (en) | Flow managing method, device, terminal and storage medium based on virtual flow-line | |
| CN104782104B (en) | Scaled using the OTV of website virtual mac address | |
| US20220321471A1 (en) | Multi-tenant offloaded protocol processing for virtual routers | |
| CN104065553B (en) | Virtual network moving method and relevant device | |
| CN108322391A (en) | Data transferring method based on flow table | |
| US11991211B1 (en) | Symmetric cross-region network data flow management | |
| CN101778048B (en) | Data forwarding method, load balance scheduler and load balance system | |
| CN104348737B (en) | The transmission method and interchanger of a kind of multicast message | |
| CN103795621B (en) | Virtual machine data exchange method and device, and physical host | |
| CN109660458A (en) | A kind of method for routing and equipment |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant | ||
| TR01 | Transfer of patent right | ||
| TR01 | Transfer of patent right |
Effective date of registration: 20200423 Address after: 518129 Bantian HUAWEI headquarters office building, Longgang District, Guangdong, Shenzhen Patentee after: HUAWEI TECHNOLOGIES Co.,Ltd. Address before: 301, A building, room 3, building 301, foreshore Road, No. 310052, Binjiang District, Zhejiang, Hangzhou Patentee before: Huawei Technologies Co.,Ltd. |