CN106034060A - Method and system for realizing virtual network - Google Patents
Method and system for realizing virtual network Download PDFInfo
- Publication number
- CN106034060A CN106034060A CN201510103570.8A CN201510103570A CN106034060A CN 106034060 A CN106034060 A CN 106034060A CN 201510103570 A CN201510103570 A CN 201510103570A CN 106034060 A CN106034060 A CN 106034060A
- Authority
- CN
- China
- Prior art keywords
- forwarding table
- command
- vdp
- virtual
- extended
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000000034 method Methods 0.000 title claims abstract description 28
- 238000012545 processing Methods 0.000 claims abstract description 24
- 238000001914 filtration Methods 0.000 claims description 11
- 230000001960 triggered effect Effects 0.000 abstract 1
- 238000010586 diagram Methods 0.000 description 10
- 238000005538 encapsulation Methods 0.000 description 5
- 238000012790 confirmation Methods 0.000 description 2
- 238000013459 approach Methods 0.000 description 1
- 238000013475 authorization Methods 0.000 description 1
- 238000011161 development Methods 0.000 description 1
- 238000012546 transfer Methods 0.000 description 1
- 230000005641 tunneling Effects 0.000 description 1
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L12/00—Data switching networks
- H04L12/28—Data switching networks characterised by path configuration, e.g. LAN [Local Area Networks] or WAN [Wide Area Networks]
- H04L12/46—Interconnection of networks
Landscapes
- Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Data Exchanges In Wide-Area Networks (AREA)
Abstract
The invention discloses a method and a system for realizing a virtual network. The method comprises the steps of transmitting an extended VSI discovery and configuration protocol (VDP) command which is added into a virtual network (VN) into an edge virtual bridge (EVB) by a virtual machine (VM) through an edge relay (ER); after the EVB bridge receives the extended VDP command of the VN, determining whether a context/virtual routing and forwarding function (VRF) of the VN exists, if no, generating a context/VRF forwarding table of the VN; forming a corresponding forwarding table item for aiming at the VM and adding the forwarding table item into the VRF forwarding table of the VN; wherein the EVB bridge supports the network virtual edge equipment (NVE). According to the method and the system, through the expanded VDP command, configuration processing of the EVB bridge to a virtual machine which accesses the VN is directly triggered and automatic VN configuration is finished, thereby improving virtual network supplying efficiency reducing a large amount of workload in artificial configuration and preventing possible artificial configuration errors.
Description
Technical Field
The present invention relates to virtual network technology, and more particularly, to a method and system for implementing virtual network.
Background
How to provide a Virtual Network (VN) through a virtualization technology (e.g. virtual machine), which mainly relates to the aspects of virtualization of the network, such as the Institute of Electrical and Electronics Engineers (IEEE) push out edge virtual bridge (802.1Qbg), support virtual machine, also known by IEEE terminology as virtual station, is a hot topic in the development and application process of data centers; platforms that distinguish virtual stations are called Edge Virtual Bridge (EVB) stations. Support connections to switches outside the virtualization platform (EVB bridges). Fig. 1 is a schematic diagram of an EVB architecture in The prior art, and as shown in fig. 1, a Virtual machine Interface (VSI, Virtual Station Interface) is implemented through a series of protocols such as a Virtual machine Interface Discovery and Configuration Protocol (VDP), a Channel Discovery and Configuration Protocol (CDCP), and an Edge Control Protocol (ECP) that run in an EVB Station-oriented Port (SBP) of Edge Relay (ER, Edge Relay) and C-VLAN components (S-channel Discovery and Configuration Port) (i.e., Virtual machine Interface and Configuration Protocol) in an EVB environment, i.e., a Virtual machine (Virtual machine) to EVB Bridge connection vm), a Virtual network consistency approach (VN) is also provided in an Internet Engineering Task Force (IETF, Virtual machine Engineering) group (353), that is, NVO3 determines the architecture of the virtual network.
Fig. 2 is a schematic diagram of an architecture of a Virtual Network, and as shown in fig. 2, a VN is controlled by a centralized Network Virtualization control device (NVA) to provide services, a plurality of Virtual Machines (VMs) in the VN are connected to a Network Virtualization Edge (NVE), that is, after being connected to the Network Virtualization Edge, Virtual Routing and Forwarding (VRF) Forwarding tables of the NVE are further associated to different VRF Forwarding tables in different NVEs of the VN, and the associated VRF Forwarding tables are used by the NVE to overlap a Network tunnel to implement Network connection, thereby finally implementing the VN. Of course, the VN may also be connected via NVE and the internet.
In practical applications, there is a view on how a VM accesses NVE as a control protocol: can be undertaken by IEEE's VDP, i.e., VM to EVB bridge association is achieved by VDP commands, much like a VN where a VM joins an NVE. Since VDP is a protocol of the second layer (L2) of the network protocol, in order to implement the virtual network of the NVO3, it is necessary to support address information of the third layer (L3) of the network protocol, and it is also necessary to transfer information supporting a virtual network number/identification (VN-ID) and the like. According to prior art regimes and extensions, virtual network traffic based on NVO3 of VDP or EVB can be implemented in case of manual configuration. Specifically, related interfaces of the VN are manually configured, or a corresponding virtual local area network identifier (VLAN-ID) is manually configured to be associated with a specified virtual machine; i.e. by manually assigning the VSI with the relevant interface or sub-interface, or setting the corresponding VLAN-ID information. The VDP of the VSI gets the relevant interface information through the association command to join the relevant VN. Fig. 3 is a schematic diagram of a method for implementing a virtual network in the prior art, as shown in fig. 3, after a VN is deployed, association between a VLAN-ID and a VM is established through a VDP command sent to an EVP bridge, and the virtual network is implemented through the VLAN-ID fed back to the VM.
Although a virtual network based on VDP or EVB NVO3 can be implemented by manual configuration, configuring such a large number of devices and networks is very time consuming and error prone for service providers that need to provide VNs in the order of tens of thousands or even millions in a data center. Therefore, the existing manual configuration method is time-consuming and low in accuracy, and cannot meet the requirements of application environments with high orders of magnitude.
Disclosure of Invention
In order to solve the above technical problems, the present invention provides a method and a system for implementing a virtual network, which can rapidly and accurately implement virtual network configuration and meet the requirements of a high-order application environment of the virtual network.
In order to achieve the object of the present invention, the present invention provides a method for implementing a virtual network, comprising:
the virtual machine VM sends an extended virtual machine interface discovery and configuration protocol (VDP) command for joining the virtual network VN to an edge virtual bridge EVB bridge through an edge relay ER;
after receiving an extended VDP command of joining a VN, an EVB bridge judges whether a VRF forwarding table with a context/virtual routing forwarding function of the VN exists or not, and if not, the EVB bridge generates the context/VRF forwarding table of the VN;
forming a corresponding forwarding table entry aiming at the VM and adding the forwarding table entry into the VRF forwarding table of the VN;
the EVB bridge supports network virtual marginalization equipment NVE.
Further, the extended VDP command includes:
a pre-association command to automatically join the VN, or a pre-association command with a resource reservation to automatically join the VN, or an association command to automatically join the VN, or a disassociation command to automatically join the VN.
Further, the extended VDP command includes at least: the media access control layer MAC address of the VM, and/or the IP address of the VM and information of a virtual network identification (VN-ID) of a joined layer 3 based network virtualization (NVO3) virtual network.
Further, generating the context of the VN specifically includes:
when the EVB bridge determines that the VM is the first VM in the VN and passes the identity authentication of the VN after receiving an extended VDP command to join the VN and does not contain a context/VRF forwarding table of the VN in the EVB bridge,
automatically generating a context/VRF forwarding table for the VN;
and when the context/VRF forwarding table of the VN exists, no processing is performed.
Further, forming a corresponding forwarding table entry for the VM and adding the forwarding table entry to the VRF forwarding table of the VN specifically includes:
the EVB bridge judges whether the IP address or the MAC address has a corresponding forwarding table item in a VRF forwarding table of the VN according to the IP address or the MAC address of the VM; if yes, no processing is carried out; otherwise, the IP address or the MAC address of the VM is used as a new added entry to form a forwarding table entry corresponding to the VM, and the forwarding table entry is added to the VRF forwarding table.
Further, the extended VDP command is:
a command for expanding through a reserved VDP type length value TLV type of the VDP; or,
commands that are extended by a filter information field in the VDP association command.
Further, the EVB bridge acts as a gateway device,
the extended VDP command to join the VN is: generating a virtual gateway, and realizing the connection between the VM and the VN through a tunnel;
the extended VDP command is: a command to extend through a reserved VDP TLV type of VDP; or a command which is expanded through a filtering information field in the VDP association command;
the extended VDP command includes at least: the virtual gateway name, the tunnel type of the virtual gateway, the IP address of the tunnel endpoint of the virtual gateway, and the VLAN information or interface information of the VM accessed to the virtual gateway.
In another aspect, the present application further provides a system for implementing a virtual network, including: a virtual machine and an EVB bridge; wherein,
the virtual machine is used for sending an extended VDP command for joining the VN to the EVB bridge through the ER;
the EVB bridge comprises a judgment processing unit and a table entry generating unit; wherein,
the judgment processing unit is used for judging whether a VRF forwarding table with a context/virtual routing forwarding function of the VN exists or not after receiving an expansion VDP command of joining the VN, and if the VRF forwarding table does not exist, generating the context/VRF forwarding table of the VN;
the table entry generating unit is used for forming a corresponding forwarding table entry aiming at the VM and adding the forwarding table entry into the VRF forwarding table of the VN;
the EVB bridge supports NVE.
Further, the determination processing unit, specifically configured to receive the extended VDP command to join the VN,
when the VM is determined to be the first VM in the VN and passes the identity authentication of the VN and the EVB bridge does not contain the context/VRF forwarding table of the VN, automatically generating the context/VRF forwarding table of the VN;
and when the context/VRF forwarding table of the VN exists, no processing is performed.
Further, the table entry generating unit is specifically configured to,
judging whether the IP address or the MAC address has a corresponding forwarding table entry or not according to the IP address or the MAC address of the VM; if yes, no processing is carried out; otherwise, the IP address or the MAC address of the VM is used as a newly added entry to form a forwarding table entry corresponding to the VM, and the forwarding table entry is added to the VRF forwarding table.
Further, the EVB bridge acts as a gateway device,
the expanded VDP command to join the VN is as follows: generating a virtual gateway, and realizing the connection between the VM and the VN through a tunnel;
the extended VDP command is: a command to extend through a reserved VDP TLV type of VDP; or a command which is expanded through a filtering information field in the VDP association command; the extended VDP command includes at least: the virtual gateway name, the tunnel type of the virtual gateway, the IP address of the tunnel endpoint of the virtual gateway, and the VLAN information or interface information of the VM accessed to the virtual gateway.
Compared with the prior art, the technical scheme of the application comprises the following steps: a Virtual Machine (VM) sends an extended virtual machine interface discovery and configuration protocol (VDP) command to join a virtual network VN to an Edge Virtual Bridge (EVB) bridge via an Edge Relay (ER); after receiving an extended VDP command of joining a VN, an EVB bridge judges whether a context/virtual routing forwarding function (VRF) forwarding table of the VN exists or not, and if the context/VRF forwarding table of the VN does not exist, the EVB bridge generates the context/VRF forwarding table of the VN; forming a corresponding forwarding table entry aiming at the VM and adding the forwarding table entry into the VRF forwarding table of the VN; the EVB bridge supports network virtual marginalization equipment NVE. The invention directly triggers the EVB bridge to carry out configuration processing on the virtual machine accessed to the VN and completes the automatic configuration of the VN by expanding the VDP command, thereby improving the providing efficiency of the virtual network, reducing a large amount of manual configuration workload and avoiding possible manual configuration errors.
Drawings
The accompanying drawings, which are included to provide a further understanding of the invention and are incorporated in and constitute a part of this application, illustrate embodiment(s) of the invention and together with the description serve to explain the invention without limiting the invention. In the drawings:
FIG. 1 is a schematic diagram of the architecture of a prior art EVB;
FIG. 2 is a schematic diagram of the architecture of a virtual network;
FIG. 3 is a schematic diagram of a prior art virtual network implementation;
FIG. 4 is a flow chart of a method of implementing virtual network configuration in accordance with the present invention;
FIG. 5 is a diagram of a specific implementation of an extended VDP command;
FIG. 6 is a block diagram of a system for implementing virtual network configuration according to the present invention;
fig. 7 is a flowchart of a method for implementing a virtual network according to a first embodiment of the present invention.
Detailed Description
In order to make the objects, technical solutions and advantages of the present invention more apparent, embodiments of the present invention will be described in detail below with reference to the accompanying drawings. It should be noted that the embodiments and features of the embodiments in the present application may be arbitrarily combined with each other without conflict.
Fig. 4 is a flowchart of a method for implementing virtual network configuration according to the present invention, as shown in fig. 4, including:
step 400, a Virtual Machine (VM) sends an extended virtual machine interface discovery and configuration protocol (VDP) command to join a Virtual Network (VN) to an Edge Virtual Bridge (EVB) bridge through an Edge Relay (ER);
in this step, the extended VDP command is:
a pre-association command to automatically join the VN, or a pre-association command with a resource reservation to automatically join the VN, or an association command to automatically join the VN, or a disassociation command to automatically join the VN.
The extended VDP command is:
a command extended by a reserved VDP Type Length Value (TLV) type of VDP; or,
commands that are extended by a filter information field in the VDP association command.
It should be noted that, in the prior art, corresponding VDP command information is included during manual setting, which specifically includes: table 1 is a list of existing VDP commands, and as can be seen from table 1, the representation of the above information is implemented by 0x01, 0x02, 0x03, and 0x04 in VDP commands in the prior art.
| VDP Command information | Assignment of value |
| Pre-association | 0x01 |
| Pre-association with resource reservation | 0x02 |
| Association | 0x03 |
| Disassociation | 0x04 |
| Virtual machine interface administrator identification | 0x05 |
| Reserved standard command | 0x00、0x06-0x7E |
TABLE 1
The invention can adopt commands which are extended through the reserved VDP TLV type of the VDP, for example, four of the list items of 0x 06-0 x7E which are not used in the VDP commands are selected to assign values to the command information of the extended VDP.
For example, the following values may be selected:
0x 11: pre-association to support auto-joining of the VN;
0x 12: pre-association with resource reservation to support auto-joining of a VN;
0x 13: supporting association of an automatic join VN;
0x 14: supporting disassociation of an auto-join VN; of course, other unused assignments may be selected without affecting the spirit of the present invention.
A command extended by a filtering information field in the VDP association command,
there may also be a second command extension method. In particular, according to the definition of EVB, it can also be extended by the filtering information TLV in the VDP command.
Table 2 is a value of the existing filtering information field, and a reserved type value may be selected: 0x00,0x05-0xFF as an extended VDP command.
TABLE 2
Fig. 5 is a schematic diagram of a specific implementation manner of the extended VDP command, and as shown in fig. 5, an a bit (auto-execute) may be specified, and when the a bit is set (i.e., the value is 1), the extended VDP command is executed to implement the auto-generation of the VN.
The extended VDP command can be defined in other manners. For example, TLV utility type of utility.
Here, the command information of the extended VDP is divided into two cases according to application scenarios: one is that: the extended VDP command includes at least: a media access control layer (MAC) address of the VM, and/or an IP address of the VM and information of a virtual network identification (VN-ID) of a joining layer 3 based network virtualization (NVO3) virtual network.
In this case, the generating of the context of the VN specifically includes:
when the EVB bridge determines that the VM is the first VM in the VN and passes the identity authentication of the VN after receiving an extended VDP command to join the VN and does not contain a context/VRF forwarding table of the VN in the EVB bridge,
triggering the EVB bridge to automatically generate a context/VRF forwarding table for the VN.
The forming of the corresponding forwarding table entry for the VM and adding the forwarding table entry to the VRF forwarding table of the VN comprises the following steps:
the EVB bridge judges whether the IP address or the MAC address has a corresponding forwarding table item according to the IP address or the MAC address of the VM; if yes, no processing is carried out; otherwise, the IP address or the MAC address of the VM is added to a VRF forwarding table as a newly added entry to form a forwarding table entry corresponding to the VM.
In another case, the EVB bridge acts as a gateway device,
the extended VDP command to join the VN is: generating a virtual gateway, and realizing the connection between the VM and the VN through a tunnel; the extended VDP command is: a command to extend through a reserved VDP TLV type of VDP; or a command which is expanded through a filtering information field in the VDP association command;
the extended VDP command includes at least: the virtual gateway name, the tunnel type of the virtual gateway, the IP address of the tunnel endpoint of the virtual gateway, and the VLAN information or interface information of the VM access virtual gateway.
Step 401, after receiving an extended VDP command to join the VN, the EVB bridge determines whether a context/virtual routing forwarding function (VRF) forwarding table of the VN exists, and if not, generates the context/VRF forwarding table of the VN; if not, a context/VRF forwarding table for the VN is generated.
The extended VDP command includes at least: when the MAC address, and/or the IP address of the VM and the VN-ID of the joined NVO3 virtual network are used, the generating the context of the VN specifically includes:
the EVB bridge, upon receiving an extended VDP command to join the VN, determines that the VM is the first VM in the VN and is authenticated by the identity of the VN, and does not include the context of the VN in the EVB bridge,
triggering the EVB bridge to automatically generate the context of the VN.
And step 402, forming a corresponding forwarding table entry aiming at the VM and adding the forwarding table entry into the VRF forwarding table of the VN.
In this step, forming a corresponding forwarding table entry for the VM and adding the forwarding table entry to the VRF forwarding table of the VN specifically includes:
the EVB bridge judges whether the IP address or the MAC address has a corresponding forwarding table entry according to the IP address or the MAC address of the VM; if yes, no processing is carried out; otherwise, the IP address or the MAC address of the VM is used as a new added entry to form a forwarding table entry corresponding to the VM, and the forwarding table entry is added to the VRF forwarding table.
The invention directly triggers the EVB bridge to carry out configuration processing on the virtual machine accessed to the VN and completes the automatic configuration of the VN by expanding the VDP command, thereby improving the providing efficiency of the virtual network, reducing a large amount of manual configuration workload and avoiding possible manual configuration errors.
Fig. 6 is a block diagram of a system for implementing virtual network configuration according to the present invention, as shown in fig. 6, including: a virtual machine and an EVB bridge; wherein,
the virtual machine is used for sending an extended VDP command for joining the VN to the EVB bridge through the ER;
it should be noted that for the sake of simplicity, the VM herein refers to the VM and the ER supporting his work, both of which coexist in the EVB station.
The EVB bridge comprises a judgment processing unit and a table entry generating unit; wherein,
the judgment processing unit is used for judging whether a VRF forwarding table with a context/virtual routing forwarding function of the VN exists or not after receiving an expansion VDP command of joining the VN, and if the VRF forwarding table does not exist, generating the context/VRF forwarding table of the VN; (ii) a
The table entry generating unit is used for forming a corresponding forwarding table entry aiming at the VM and adding the forwarding table entry into the VRF forwarding table of the VN;
the EVB bridge supports NVE.
The judgment processing unit is specifically configured to, after receiving the extended VDP command to join the VN,
when the VM is determined to be the first VM in the VN and passes the identity authentication of the VN and the EVB bridge does not contain the context/VRF forwarding table of the VN, automatically generating the context/VRF forwarding table of the VN; when the context/VRF forwarding table of the VN exists, no processing is done.
An entry generating unit, specifically configured to, after the VN context/VRF forwarding table already exists or the VN context/VRF forwarding table is generated,
judging whether the IP address or the MAC address has a corresponding forwarding table item in a VRF forwarding table according to the IP address or the MAC address of the VM; if yes, no processing is carried out; otherwise, the IP address or the MAC address of the VM is used as a new added entry to form a forwarding table entry corresponding to the VM, and the forwarding table entry is added to the VRF forwarding table.
On the other hand, when the EVB bridge is acting as a gateway device,
the extended VDP command to join the VN is: generating a virtual gateway, and realizing the connection between the VM and the VN through a tunnel; the extended VDP command is: a command to extend through a reserved VDP TLV type of VDP; or a command which is expanded through a filtering information field in the VDP association command;
the extended VDP command includes at least: the virtual gateway name, the tunnel type of the virtual gateway, the IP address of the tunnel endpoint of the virtual gateway, and the VLAN information or interface information of the VM access virtual gateway.
The process of the present invention is illustrated in clear detail below by means of specific examples, which are only intended to illustrate the invention and are not intended to limit the scope of the process of the invention.
Example 1
Fig. 7 is a flowchart of a method for implementing a virtual network according to a first embodiment of the present invention, as shown in fig. 7, including:
step 700, generating a VM and setting initialization parameters;
step 701, generating a VM (virtual machine), and triggering an EVB (event-variable bus) station corresponding to the VM to start running; here, the EVB station is an EVB station that supports VMs and virtual network adapters (VNICs)/VSIs corresponding to the VMs.
Step 702, the VM sends an extended VDP command to join the VN through the ER or the EVB station;
step 703, performing identity authentication of accessing the VN to the VM;
step 704, NVA returns the result information of the identity authentication. If the authentication is passed, further feeding back an EVB bridge VN-ID, an IP address (optionally, the IP address is an IP address newly allocated to the VM or confirmation of the IP address of the VM), a VN context/VRF forwarding table generation command; if the authentication is not passed, the process ends.
Step 705, when the VN context/VRF forwarding table does not exist, the EVB bridge generates a context/VRF forwarding table corresponding to the VN; and forming a corresponding VN forwarding table entry aiming at the VM.
Here, if the VM passes the identity authentication of the VN and the VM is the first connected VM for the VN on the NVE, the NVE automatically creates a context for the VN including the corresponding VRF table. This process may also be implemented by the NVA to determine and explicitly instruct the NVE to create a context/VRF forwarding table for the VN through a VN context/VRF forwarding table generation command.
If the VRF forwarding table already exists, the forwarding table is not needed to be generated, whether the forwarding table item corresponding to the VM exists or not is judged, and if the forwarding table item does not exist, the corresponding forwarding table item is formed in the VRF table of the VN.
Step 706, feeding back the processed confirmation information to the VM/ER/EVB station by the EVB bridge, which includes optional steps: VN-ID information, and IP address information.
Step 707, the EVB bridge/NVE synchronizes the newly added forwarding table entry/forwarding table update information of the NVE to all other EVB bridges/NVEs in the NV via the network virtualization control device NVA implementation.
Here. Synchronize to all other NVEs in the VN through the NVA. And the notification of the routing information of different VNs is distinguished by VN-ID, so that the error of routing update between different VNs is avoided.
Step 708, the VM performs packet forwarding. In particular, the method comprises the following steps of,
performing IP message encapsulation by using VN-ID; or, further, the encapsulated IP packet is further encapsulated by a preset second layer protocol L2.
For example, including VLAN encapsulation, or Q-in-Q encapsulation, etc.; the NVE sends a message to other NVEs; the encapsulation typically distinguishes between different VNs by means of a VN-ID.
Example 2
In this embodiment, the EVB bridge serves as a gateway device,
the extended VDP command to join the VN is: generating a virtual gateway, and realizing the connection between the VM and the VN through a tunnel; the extended VDP command is: a command to extend through a reserved VDP TLV type of VDP; or a command which is expanded through a filtering information field in the VDP association command;
the extended VDP command includes at least: the virtual gateway name, the tunnel type of the virtual gateway, the IP address of the tunnel endpoint of the virtual gateway, and the VLAN information or interface information of the VM accessed to the virtual gateway.
In the network deployment of the data center, the VM is also possible to access the VM to the enterprise network of the VM user through the virtual gateway of the data center. This can be achieved by IP tunneling.
Specifically, the VDP carries the name of the virtual gateway, the tunnel type of the virtual gateway, the IP address of the tunnel endpoint of the virtual gateway, and VLAN information or interface information of the VM accessing the virtual gateway, which need to be added.
The EVB bridge serves as a gateway device and initiates the establishment of a related tunnel after receiving an extended VDP command of joining the VN. Of course, authentication of access authorization through the network is required before the tunnel is established.
After the establishment is completed, the authentication result is returned to the VM, and the establishment of the related internal network, the related VLAN encapsulation and the like are completed.
In particular, the reserved value of the VDP command is also utilized: 0x 06-0 x7E, defining a new command to access the VN through the gateway. Network information and specific tunnel type information and IP address information of tunnel endpoints, etc. may be carried through the filtering information TLV.
Although the embodiments of the present invention have been described above, the above description is only for the convenience of understanding the present invention, and is not intended to limit the present invention. It will be understood by those skilled in the art that various changes in form and details may be made therein without departing from the spirit and scope of the invention as defined by the appended claims.
Claims (11)
1. A method for implementing a virtual network, comprising:
the virtual machine VM sends an extended virtual machine interface discovery and configuration protocol (VDP) command for joining the virtual network VN to an edge virtual bridge EVB bridge through an edge relay ER;
after receiving an extended VDP command of joining a VN, an EVB bridge judges whether a VRF forwarding table with a context/virtual routing forwarding function of the VN exists or not, and if not, the EVB bridge generates the context/VRF forwarding table of the VN;
forming a corresponding forwarding table entry aiming at the VM and adding the forwarding table entry into the VRF forwarding table of the VN;
the EVB bridge supports network virtual marginalization equipment NVE.
2. The method of claim 1, wherein the extended VDP command comprises:
a pre-association command to automatically join the VN, or a pre-association command with a resource reservation to automatically join the VN, or an association command to automatically join the VN, or a disassociation command to automatically join the VN.
3. The method of claim 2, wherein the extended VDP command comprises at least: the media access control layer MAC address of the VM, and/or the IP address of the VM and information of a virtual network identification (VN-ID) of a joined layer 3 based network virtualization (NVO3) virtual network.
4. The method according to claim 1, wherein the generating a context for a VN comprises in particular:
when the EVB bridge determines that the VM is the first VM in the VN and passes the identity authentication of the VN after receiving an extended VDP command to join the VN and does not contain a context/VRF forwarding table of the VN in the EVB bridge,
automatically generating a context/VRF forwarding table for the VN;
and when the context/VRF forwarding table of the VN exists, no processing is performed.
5. The method of claim 1, wherein forming the corresponding forwarding table entry for the VM to join the VRF forwarding table of the VN specifically comprises:
the EVB bridge judges whether the IP address or the MAC address has a corresponding forwarding table item in a VRF forwarding table of the VN according to the IP address or the MAC address of the VM; if yes, no processing is carried out; otherwise, the IP address or the MAC address of the VM is used as a new added entry to form a forwarding table entry corresponding to the VM, and the forwarding table entry is added to the VRF forwarding table.
6. The method of claim 2, wherein the extended VDP command is:
a command for expanding through a reserved VDP type length value TLV type of the VDP; or,
commands that are extended by a filter information field in the VDP association command.
7. The method of claim 1 or 2, wherein the EVB bridge acts as a gateway device,
the extended VDP command to join the VN is: generating a virtual gateway, and realizing the connection between the VM and the VN through a tunnel;
the extended VDP command is: a command to extend through a reserved VDP TLV type of VDP; or a command which is expanded through a filtering information field in the VDP association command;
the extended VDP command includes at least: the virtual gateway name, the tunnel type of the virtual gateway, the IP address of the tunnel endpoint of the virtual gateway, and the VLAN information or interface information of the VM accessed to the virtual gateway.
8. A system for implementing a virtual network, comprising: a virtual machine and an EVB bridge; wherein,
the virtual machine is used for sending an extended VDP command for joining the VN to the EVB bridge through the ER;
the EVB bridge comprises a judgment processing unit and a table entry generating unit; wherein,
the judgment processing unit is used for judging whether a VRF forwarding table with a context/virtual routing forwarding function of the VN exists or not after receiving an expansion VDP command of joining the VN, and if the VRF forwarding table does not exist, generating the context/VRF forwarding table of the VN;
the table entry generating unit is used for forming a corresponding forwarding table entry aiming at the VM and adding the forwarding table entry into the VRF forwarding table of the VN;
the EVB bridge supports NVE.
9. The system according to claim 8, wherein the decision processing unit is configured to, upon receiving an extended VDP command to join a VN,
when the VM is determined to be the first VM in the VN and passes the identity authentication of the VN and the EVB bridge does not contain the context/VRF forwarding table of the VN, automatically generating the context/VRF forwarding table of the VN;
and when the context/VRF forwarding table of the VN exists, no processing is performed.
10. The system according to claim 9, wherein the table entry generation unit is configured to,
judging whether the IP address or the MAC address has a corresponding forwarding table entry or not according to the IP address or the MAC address of the VM; if yes, no processing is carried out; otherwise, the IP address or the MAC address of the VM is used as a newly added entry to form a forwarding table entry corresponding to the VM, and the forwarding table entry is added to the VRF forwarding table.
11. The system of claim 9, wherein the EVB bridge acts as a gateway device,
the expanded VDP command to join the VN is as follows: generating a virtual gateway, and realizing the connection between the VM and the VN through a tunnel;
the extended VDP command is: a command to extend through a reserved VDP TLV type of VDP; or a command which is expanded through a filtering information field in the VDP association command; the extended VDP command includes at least: the virtual gateway name, the tunnel type of the virtual gateway, the IP address of the tunnel endpoint of the virtual gateway, and the VLAN information or interface information of the VM accessed to the virtual gateway.
Priority Applications (2)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201510103570.8A CN106034060A (en) | 2015-03-09 | 2015-03-09 | Method and system for realizing virtual network |
| PCT/CN2015/092122 WO2016141715A1 (en) | 2015-03-09 | 2015-10-16 | Method and system of realizing virtual network |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201510103570.8A CN106034060A (en) | 2015-03-09 | 2015-03-09 | Method and system for realizing virtual network |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN106034060A true CN106034060A (en) | 2016-10-19 |
Family
ID=56879942
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201510103570.8A Pending CN106034060A (en) | 2015-03-09 | 2015-03-09 | Method and system for realizing virtual network |
Country Status (2)
| Country | Link |
|---|---|
| CN (1) | CN106034060A (en) |
| WO (1) | WO2016141715A1 (en) |
Cited By (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN107911158A (en) * | 2017-09-27 | 2018-04-13 | 西安空间无线电技术研究所 | A kind of method of service architecture and offer service based on virtual data plane |
| WO2018103043A1 (en) * | 2016-12-08 | 2018-06-14 | 华为技术有限公司 | Message processing method and device in a cloud computing system |
Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20110317703A1 (en) * | 2010-06-29 | 2011-12-29 | Futurewei Technologies, Inc. | Asymmetric Network Address Encapsulation |
| EP2466486A1 (en) * | 2010-12-16 | 2012-06-20 | STMicroelectronics (Grenoble 2) SAS | An arrangement |
| CN103379010A (en) * | 2012-04-20 | 2013-10-30 | 中兴通讯股份有限公司 | Virtual network achieving method and system |
| CN103997414A (en) * | 2013-02-18 | 2014-08-20 | 华为技术有限公司 | Configuration information generation method and network control unit |
Family Cites Families (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102752215B (en) * | 2012-07-16 | 2015-03-11 | 杭州华三通信技术有限公司 | Processing method for VDP (vertical data processing) request messages and edge switch |
| CN103491010B (en) * | 2012-10-17 | 2016-12-07 | 华为技术有限公司 | The methods, devices and systems of message are sent in virtual network |
| CN104022953B (en) * | 2013-02-28 | 2018-02-09 | 新华三技术有限公司 | Message forwarding method and device based on open flows Openflow |
| CN104202187B (en) * | 2014-08-28 | 2017-11-14 | 新华三技术有限公司 | A kind of method and apparatus that the virtual bridged function in edge is disposed for interchanger |
-
2015
- 2015-03-09 CN CN201510103570.8A patent/CN106034060A/en active Pending
- 2015-10-16 WO PCT/CN2015/092122 patent/WO2016141715A1/en active Application Filing
Patent Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20110317703A1 (en) * | 2010-06-29 | 2011-12-29 | Futurewei Technologies, Inc. | Asymmetric Network Address Encapsulation |
| EP2466486A1 (en) * | 2010-12-16 | 2012-06-20 | STMicroelectronics (Grenoble 2) SAS | An arrangement |
| CN103379010A (en) * | 2012-04-20 | 2013-10-30 | 中兴通讯股份有限公司 | Virtual network achieving method and system |
| CN103997414A (en) * | 2013-02-18 | 2014-08-20 | 华为技术有限公司 | Configuration information generation method and network control unit |
Cited By (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| WO2018103043A1 (en) * | 2016-12-08 | 2018-06-14 | 华为技术有限公司 | Message processing method and device in a cloud computing system |
| CN107911158A (en) * | 2017-09-27 | 2018-04-13 | 西安空间无线电技术研究所 | A kind of method of service architecture and offer service based on virtual data plane |
| CN107911158B (en) * | 2017-09-27 | 2020-05-08 | 西安空间无线电技术研究所 | A virtual data plane-based service system and method for providing services |
Also Published As
| Publication number | Publication date |
|---|---|
| WO2016141715A1 (en) | 2016-09-15 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN103379010B (en) | A kind of virtual network realization method and system | |
| CN102088388B (en) | Method and equipment for automatically distributing/acquiring virtual local area network configuration information | |
| CN103580980B (en) | The method and device thereof that virtual network finds and automatically configures automatically | |
| CN103095495B (en) | Network beginning collocation method and device, system | |
| CN107135134B (en) | Private network access method and system based on virtual switch and SDN technology | |
| US9137198B2 (en) | Centralized configuration with dynamic distributed address management | |
| US20160285736A1 (en) | Access method and system for virtual network | |
| WO2016155394A1 (en) | Method and device for establishing link between virtual network functions | |
| WO2014166247A1 (en) | Implementation method and system for virtual network management | |
| CN112688814B (en) | Equipment access method, device, equipment and machine readable storage medium | |
| CN104468368A (en) | Method and device for allocating BGP neighbors | |
| JP6378442B2 (en) | Method and apparatus for deploying services in a virtualized network | |
| CN109768906B (en) | Private subnet line configuration method and device | |
| WO2015081785A1 (en) | Method and device for virtualized access | |
| WO2011057512A1 (en) | Method, operator edge device and system for ethernet service accessing bearing tunnels | |
| CN103684861A (en) | Method and device for processing network configuration and communication system | |
| CN108234270B (en) | Method and system for realizing multi-domain coexistence of virtual extensible local area network | |
| CN105049546A (en) | Client terminal IP address allocation method through DHCP server and device thereof | |
| CN106034060A (en) | Method and system for realizing virtual network | |
| CN105634899A (en) | Method and system for providing virtual network service | |
| CN103986692B (en) | Data forwarding method and system based on wireless access point | |
| WO2015058413A1 (en) | Data configuration method and network management server | |
| CN112671811B (en) | Network access method and equipment | |
| WO2016091186A1 (en) | Method and system for preventing conflict from occurring in resources occupied by logical switch | |
| CN103139167B (en) | A kind of method and apparatus for associating virtual site during virtual site migration |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| WD01 | Invention patent application deemed withdrawn after publication |
Application publication date: 20161019 |
|
| WD01 | Invention patent application deemed withdrawn after publication |