WO2016198022A1 - Method for implementing virtualization network overlay and network virtualization edge node - Google Patents

Method for implementing virtualization network overlay and network virtualization edge node Download PDF

Info

Publication number
WO2016198022A1
WO2016198022A1 PCT/CN2016/087112 CN2016087112W WO2016198022A1 WO 2016198022 A1 WO2016198022 A1 WO 2016198022A1 CN 2016087112 W CN2016087112 W CN 2016087112W WO 2016198022 A1 WO2016198022 A1 WO 2016198022A1
Authority
WO
WIPO (PCT)
Prior art keywords
virtual network
network identifier
protocol
virtual
network
Prior art date
Application number
PCT/CN2016/087112
Other languages
French (fr)
Chinese (zh)
Inventor
王翠
张征
胡方伟
黄孙亮
Original Assignee
中兴通讯股份有限公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 中兴通讯股份有限公司 filed Critical 中兴通讯股份有限公司
Publication of WO2016198022A1 publication Critical patent/WO2016198022A1/en

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L49/00Packet switching elements
    • H04L49/20Support for services
    • H04L49/201Multicast operation; Broadcast operation
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L12/00Data switching networks
    • H04L12/28Data switching networks characterised by path configuration, e.g. LAN [Local Area Networks] or WAN [Wide Area Networks]
    • H04L12/46Interconnection of networks
    • H04L12/4641Virtual LANs, VLANs, e.g. virtual private networks [VPN]
    • H04L12/4645Details on frame tagging

Definitions

  • the present application relates to, but is not limited to, the field of network virtualization technologies, and in particular, to a method for implementing virtualized network overlay and a network virtualization edge node.
  • BIER Bit Index Explicit Replication
  • IETF Internet Engineering Task Force
  • the XYZW identifies the BitPosition, and each bit in the bit position corresponds to a BFR (bit-forwarding router) whose length identifies the bit string length (BitStringLength).
  • BFR bit-forwarding router
  • BitStringLength the bit string length
  • Each bit in the bit string corresponds to a BFR-id.
  • BitSting corresponding to BFR-1 with BFR-id of 1 is 00001
  • BitSting corresponding to BFR-2 with BFR-id of 2 is 00010, and so on.
  • BFR-1 is used as a BFIR (Bit-Forwarding Ingress Router).
  • BFR-1 determines which BFERs (Bit-Forwarding Egress Router, bits) in some way. The bit forwarding egress router) needs this multicast traffic.
  • BFR-2 and BFR-3 belong to the same subset Set Identifier, and both need the multicast traffic
  • BFERs that need this multicast traffic are corresponding.
  • the BFR-id is parsed into the set identifier SI, and the BitPosition corresponding to the BFR-2 and the BFR-3 is combined into a BitString.
  • the 00110 is encapsulated in the BIER header, and then extended by the IGP (Interior Gateway Protocol).
  • IGP Interior Gateway Protocol
  • the Bit Index Forwarding Table (BIFT) forwards the multicast data packet encapsulated with the BIER header.
  • IGP protocols mainly include the IS-IS (Intermediate System-to-Intermediate System) protocol and OSPF (Open Shortest Path First). Shortest path first) protocol.
  • Figure 2 shows the IS-IS protocol to support the BIER technology protocol extension IS-IS LSA (Link-State Advertisement);
  • Figure 3 shows the OSPF protocol extension OSPF-LSA to support the BIER technology.
  • the network node no longer needs to support the multicast protocol and maintain the multicast per-flow state, which greatly simplifies the implementation of the multicast control plane and the performance of the network node.
  • the BIER technology effectively utilizes the current IGP protocol, and only needs to make a small extension to the current IGP protocol to implement and improve multicast deployment.
  • BIER technology can also be combined with current software-defined networking technologies to mitigate obstacles to the development of future software-defined networks.
  • NVO3 Network Virtualization using Overlays over Layer 3
  • VXLAN Virtual eXtensible Local Area Network
  • Virtualization technology enables each physical server to be virtualized into multiple virtual machines (Virtual Machines, VMs). Virtual machines in the same VLAN (Virtual Local Area Network) domain can communicate with each other. However, since the VLAN only supports 4096, the number of current tenants is greatly limited. Moreover, due to the large Layer 2 network structure of the current data center, in order to prevent loops, the Spanning Tree Protocol is used, which also causes a large number of ports or links to be invalidated and wasted. Furthermore, three-tier IP technology is gradually introduced into the data center. This means that when virtual machines belonging to different networks need to communicate, they need to span not only the Layer 2 network but also the Layer 3 network. With the development of various reasons, Virtual Scalable Local Area Network (VXLAN) came into being.
  • VXLAN Virtual Scalable Local Area Network
  • VXLAN uses a 24-bit Virtual Network Identifier (VNI) to identify the VXLAN domain, which supports 16M VXLAN users.
  • VNI Virtual Network Identifier
  • VXLAN is an overlay technology. VXLAN technology can mark the original packet with the VXLAN identifier and then encapsulate it in the tunnel to the remote end. The virtual machines belonging to the same tenant are interoperable.
  • BUM traffic Broadcast ⁇ Unknown ⁇ Multicast, broadcast ⁇ unknown ⁇ multicast
  • ARP Address Resolution Protocol
  • ND Neighbor Discovery Protocol
  • DHCP Dynamic Host Configuration Protocol
  • mDNS multicast DNS (Domain Name System)
  • FIG. 4 the technical architecture of the current NVO3 is as shown in FIG. 4, in which Server (Server) 1/Server 2/Server 3 are respectively virtualized into different virtual machines VM1 to VM6, belonging to different tenants.
  • NVE Network Virtualization Edge
  • Figure 5 shows the packet header structure of the VXLAN data plane.
  • Figure 6 shows the tunnel message data structure after NVE encapsulation.
  • the NVE After the data plane is forwarded, the NVE encapsulates the original packet in the VXLAN packet header, encapsulates the outer tunnel according to the destination IP address of the tunnel corresponding to the VXLAN, and then unicasts the packet to the remote NVE.
  • VM1 After the data flow of the initiating tenant A reaches the NVE1, the NVE1 encapsulation carries a VXLAN header with a VNI (Virtual Network Identifier) of 1. Then, the outer tunnel is encapsulated according to the tunnel destination IP address NVE2 corresponding to the VXLAN, and then forwarded to the far end. End NVE2.
  • VNI Virtual Network Identifier
  • the remote NVE2 After receiving the packet, the remote NVE2 decapsulates the outer tunnel and forwards the packet to the VM3 of the tenant network A belonging to the VXLAN according to the VNI in the VXLAN packet header.
  • the forwarding of tenant B and tenant C is similar.
  • a VNI specifically refers to a VXLAN Network Identifier.
  • the current NVO3 deployment is shown in Figure 7.
  • VM1 and VM3 and VM5 belong to the same tenant.
  • the first method is to perform ingress replication on the NVE1 endpoint to copy the multicast traffic.
  • the VXLAN packet headers are encapsulated respectively, and the destination IP addresses (NVE2 and NVE3) of the multiple tunnels corresponding to the VXLAN are further encapsulated and sent to different remote NVE2s and NVE3s.
  • this method only works for small networks, when the tenant network When the network is large, there is a large amount of burden on the ingress end to replicate the multicast packets. At the same time, the bandwidth between the NVEs is also wasted.
  • the mapping of the destination address of the VXLAN to the tunnel on the NVE requires additional control plane technology to assist in the delivery.
  • the second method is to establish a multicast distribution tree by using a protocol independent multicast (PIM) on the network between the NVEs. Then, after receiving the BUM message, the NVE1 checks the VXLAN to which the BUM message belongs. Then, the multicast group mapping corresponding to the VXLAN is searched, and the BUM message is encapsulated in the VXLAN packet header, and then forwarded along the multicast distribution tree of the corresponding multicast group established between the NVEs.
  • PIM protocol independent multicast
  • This method can solve the burden of the ingress endpoint and the bandwidth between the NVEs to a certain extent, but it needs to run the Layer 3 PIM protocol between the NVEs, and also needs to maintain the multicast tree across the network, and to another extent Network complexity and configurability.
  • the VXLAN mapping of multicast groups on the NVE also requires additional control plane technology to assist in the delivery.
  • the embodiment of the invention provides a method for implementing virtualized network overlay and an NVE node, so as to alleviate various disadvantages of the current data center for the data plane and the control plane of the BUM traffic forwarding method.
  • the embodiment of the invention provides a method for implementing virtualized network overlay, which is applied to a network virtualization edge node of a virtualized data center, and includes:
  • the virtual network identifier is advertised by a routing protocol.
  • the advertising the virtual network identifier includes:
  • the above method also has the following features:
  • the routing protocol includes any of the following: an intermediate system to an intermediate system protocol, an open shortest path first protocol, and a border gateway protocol.
  • the above method also has the following features:
  • the routing protocol supports an IPv4 network protocol and an IPv6 network protocol.
  • the above method also has the following features:
  • the virtual network identifier includes a network identifier of a virtual scalable local area network.
  • the embodiment of the invention further provides a network virtualization edge node, which comprises:
  • Obtaining a module configured to obtain a virtual network identifier of the connected virtual network
  • the notification module is configured to advertise the virtual network identifier by using a routing protocol.
  • the network virtualization edge node further has the following features:
  • the notification module is configured to: notify a valid virtual network identifier; and/or notify the revoked virtual network identifier, wherein the routing protocol includes any one of the following: an intermediate system to an intermediate system protocol, an open shortest path priority Protocol, border gateway protocol, the routing protocol supports an IPv4 network protocol and an IPv6 network protocol, and the virtual network identifier includes a network identifier of a virtual scalable local area network.
  • the routing protocol includes any one of the following: an intermediate system to an intermediate system protocol, an open shortest path priority Protocol, border gateway protocol, the routing protocol supports an IPv4 network protocol and an IPv6 network protocol, and the virtual network identifier includes a network identifier of a virtual scalable local area network.
  • the embodiment of the present invention further provides a method for implementing virtualized network overlay, which is applied to a network virtualization edge node of a virtualized data center, including:
  • the above method also has the following features:
  • the advertisement message includes: an advertisement message carrying a valid virtual network identifier and/or carrying the revoked virtual network identifier.
  • the foregoing method further includes:
  • the virtual network identifier of the tenant is searched, the corresponding virtual network packet header is encapsulated, and the bit string corresponding to the virtual network identifier is searched, and the bit is encapsulated.
  • the bit index corresponding to the bit string displays a copy (BIER) header, which is forwarded according to the bit index forwarding table.
  • the embodiment of the invention further provides a network virtualization edge node, which comprises:
  • a receiving module configured to receive an advertisement packet carrying a virtual network identifier
  • the processing module is configured to parse the virtual network identifier, and establish or update a mapping relationship between the corresponding virtual network identifier and the bit string of the node that sends the same virtual network identifier according to the virtual network identifier.
  • the network virtualization edge node further has the following features:
  • the advertisement message received by the receiving module includes: an advertisement message carrying a valid virtual network identifier and/or an advertisement message carrying a revoked virtual network identifier.
  • the network virtualization edge node further has the following features:
  • the receiving module is further configured to receive a broadcast, unknown, and multicast BUM traffic of the tenant;
  • the processing module is further configured to search for a virtual network identifier to which the tenant belongs, encapsulate a corresponding virtual network packet header, and search for a bit string corresponding to the virtual network identifier, and encapsulate the bit corresponding to the bit string.
  • the index displays the copy header and forwards it according to the bit index forwarding table.
  • the embodiment of the present invention further provides a computer readable storage medium storing computer executable instructions, and when the computer executable instructions are executed, implementing the foregoing method for implementing virtualized network overlay on the transmitting side.
  • the embodiment of the present invention further provides a computer readable storage medium storing computer executable instructions, and when the computer executable instructions are executed, implementing the foregoing method for implementing virtualized network overlay on the receiving side.
  • the embodiments of the present invention provide a method for implementing virtualized network overlay and an NVE node, so as to alleviate the burden on the data plane and the control plane of the current data center for the BUM traffic forwarding method.
  • Figure 1 is a schematic diagram of a related BIER technology architecture
  • FIG. 2 is a schematic diagram of a related art IS-IS protocol extension implementing a BIER control plane
  • FIG. 3 is a schematic diagram of a related art OSPF protocol extension implementing a BIER control plane
  • FIG. 5 is a schematic diagram of a VXLAN packet header structure of the related art
  • FIG. 6 is a schematic diagram of a packet structure forwarded on a tunnel after NVE encapsulation in the related art
  • FIG. 7 is a schematic diagram of a related art NVO3 technical architecture (BUM scenario).
  • FIG. 8 is a flowchart of a method for implementing virtualized network overlay on a transmitting side according to an embodiment of the present invention
  • FIG. 9 is a schematic diagram of an NVE node on a transmitting side according to an embodiment of the present invention.
  • FIG. 10 is a flowchart of a method for implementing virtualized network overlay on a receiving side according to an embodiment of the present invention
  • FIG. 11 is a schematic diagram of an NVE node on a receiving side according to an embodiment of the present invention.
  • FIG. 12 is a schematic diagram of extending a virtual network identifier based on an IS-IS protocol according to an embodiment of the present invention.
  • FIG. 13 is a schematic diagram of an application scenario according to an embodiment of the present invention.
  • the BIER technology can be introduced into the virtualized network overlay NVO3, the data plane forwarding technology for realizing data center BUM traffic, and at the same time, the IGP-BIER and BGP-BIER are introduced on the control plane.
  • Extension used by the source NVE to discover the control plane technology of NVEs that belong to the same VXLAN.
  • the embodiment of the present invention attempts to introduce a BIER technology in the virtualized data center network to implement an optimal implementation of BUM traffic forwarding in a virtualized network.
  • FIG. 8 is a flowchart of a method for implementing virtualized network overlay on a transmitting side according to an embodiment of the present invention. As shown in FIG. 8 , the method in this embodiment is applied to an NVE node in a virtualized data center, and includes the following steps:
  • Step 11 Obtain a virtual network identifier (VNI, Virtual Network Identifier) of the connected virtual network.
  • VNI virtual network identifier
  • Step 12 advertise the VNI through a routing protocol.
  • the notifying the VNI includes: notifying a valid VNI; and/or notifying the revoked VNI.
  • the routing protocol includes any one of the following: an IS-IS protocol, an OSPF protocol, and a BGP (Border Gateway Protocol); the routing protocol supports an Internet Protocol version 4 (IPv4) network protocol and an Internet protocol. Sixth Edition (IPv6) network protocol.
  • IPv4 Internet Protocol version 4
  • IPv6 Sixth Edition
  • the VNI includes a network identifier of the VXLAN.
  • FIG. 9 is a schematic diagram of an NVE node on a transmitting side according to an embodiment of the present invention.
  • the NVE node in this embodiment may include:
  • a notification module configured to advertise the VNI through a routing protocol.
  • the notification module is configured to: announce a valid VNI; and/or, advertise the revoked VNI.
  • the routing protocol includes any one of the following: an IS-IS protocol, an OSPF protocol, and a BGP protocol; the routing protocol supports an IPv4 network protocol and an IPv6 network protocol; and the virtual network identifier includes a network identifier of the VXLAN.
  • FIG. 10 is a flowchart of a method for implementing virtualized network overlay on a receiving side according to an embodiment of the present invention. As shown in FIG. 10, the method in this embodiment is applied to an NVE node in a virtualized data center, and includes the following steps:
  • Step 21 Receive an advertisement message carrying a VNI.
  • Step 22 Parse the VNI, and establish or update a mapping relationship between the corresponding VNI and the bit string of the node transmitting the same VNI according to the VNI.
  • the advertisement message includes: an advertisement message carrying a valid virtual network identifier and/or carrying the revoked virtual network identifier.
  • the VNI of the tenant When the BUM traffic of the tenant is received, the VNI of the tenant is searched, and the corresponding virtual network packet header is encapsulated, and the bit string corresponding to the VNI is searched, and the bit index corresponding to the bit string is encapsulated and displayed.
  • the (BIER) header is forwarded according to the Bit Index Indexing Table (BIFT).
  • FIG. 11 is a schematic diagram of an NVE node on a receiving side according to an embodiment of the present invention. As shown in FIG. 11, the NVE node in this embodiment may include:
  • a receiving module configured to receive an advertisement message carrying a VNI
  • the processing module is configured to parse the VNI, and establish or update a mapping relationship between the corresponding VNI and the bit string of the node transmitting the same VNI according to the VNI.
  • the advertisement message that is received by the receiving module includes: an advertisement message carrying a valid virtual network identifier and/or an advertisement message carrying the revoked virtual network identifier.
  • the receiving module may be further configured to receive a BUM traffic of the tenant
  • the processing module may be further configured to search for a VNI to which the tenant belongs, encapsulate a corresponding virtual network packet header, search for a bit string corresponding to the VNI, and encapsulate a bit bit index corresponding to the bit string.
  • the copy header is forwarded according to the bit index forwarding table.
  • the Extended IP reachability TLV (Type ⁇ Lenght ⁇ Value, type of IS-IS protocol) is extended. ⁇ length ⁇ value)) (TLV type 135) and Multi-Topology Reachable IPv4 Prefixes TLV (multi-topology reachable IPv4 prefix TLV) (TLV type 235) extended; and for IPv6 (sixth edition of Internet Protocol)
  • the network is extended under IS-IS IPv6 Regression TLV (TLV type 236) and Multi-Topology Reachable IPv6 Prefixes TLV (TLV type 237).
  • the specific extended format is shown in Figure 2.
  • the embodiment of the present invention attempts to apply the BIER technology to the control plane of the virtualized data center, and thus further defines a new sub-sub-TLV (sub-sub-invention) in the IS-IS extension defined in FIG. 2 above.
  • TLV used to advertise the virtual network identity of the virtual network.
  • the packet reference format for extending the virtual network identifier based on the IS-IS protocol is as shown in FIG. 12 .
  • the Type identifies the type of the sub-sub-TLV, and the embodiment of the present invention is used to identify the virtual network sub-sub-TLV; the Length identifies the length of the Value part of the sub-sub-TLV; the Virtual Network Identifier is the virtual network identifier. 24-bit, uniquely identifies the virtual network.
  • the OSPF protocol extension implements the BIER control plane, and extends the IPv4 network under the Extended Prefix TLV (Extended Prefix TLV) of the OSPFv2 protocol; and for the IPv6 network, the Extended LSA TLV (Extended Link State Advertisement TLV) in OSPFv3
  • TLV Extended Prefix TLV
  • the Extended LSA TLV Extended Link State Advertisement TLV
  • the embodiment of the present invention attempts to apply the BIER technology to the control plane of the virtualized data center, and further defines a new sub-sub-TLV for advertising the virtual network of the virtual network in the OSPF and OSPFv3 extensions defined in FIG. 3 above.
  • logo The packet reference format for carrying the virtual network identifier based on the OSPF and OSPFv3 protocols is also shown in FIG.
  • the Type identifies the type of the sub-sub-TLV, and the embodiment of the present invention is used to identify the virtual network sub-sub-TLV; the Length identifies the length of the Value part of the sub-sub-TLV; the Virtual Network Identifier is the virtual network identifier. 24-bit, uniquely identifies the virtual network.
  • the embodiment of the present invention attempts to apply the BIER technology to the control plane of the virtualized data center, and further expands a new sub-TLV for advertising the virtual network identifier by referring to the BGP BIER attribute of the BGP protocol; or in the BGP protocol.
  • the network layer reachable information (NLRI) is extended to advertise the virtual network identifier.
  • the OSPF protocol can support the establishment of an OSPF virtual link on the BFIR and BFER devices in the BIER domain.
  • the extended TLV information mentioned in the embodiment of the present invention is directly sent to the edge device of the BIER domain through the virtual link, and the BFIR and the BFER device directly interact with each other.
  • the connected VNI information reduces the information storage of the intermediate nodes in the BIER domain.
  • the advertised format is still based on the OSPF protocol extension.
  • the packet reference format carrying the virtual network identifier is also shown in FIG.
  • the Type identifies the type of the sub-sub-TLV, and the embodiment of the present invention is used to identify the virtual network sub-sub-TLV; the Length identifies the length of the Value part of the sub-sub-TLV; the Virtual Network Identifier is the virtual network identifier. 24-bit, uniquely identifies the virtual network.
  • the NGPs (NVE1/NVE2/NVE3) run the IGP or BGP protocol.
  • the VM1 that belongs to the tenant A (VXLAN ID 10) is connected to the NVE1.
  • the BFRID of the NVE1 is 1, and the corresponding BitString is 001.
  • VM3 belonging to tenant A (VXLAN ID 10) is connected to NVE2, BVEID of NVE2 is 2, and BitString is 010;
  • VM5 belonging to tenant A (VXLAN ID 10) is connected to NVE3, and BFRID of NVE3 is 3, corresponding to The BitString is 100.
  • NVE1/NVE2/NVE3 carries BIER information and VXLAN information through IGP protocol extension or BGP protocol extension.
  • the VXLAN information can be directly notified by the IGP format extended in Embodiment 1 or Embodiment 2.
  • NVE2 advertises BIER information and VXLAN information. After NVE1 is received, VXLAN information and BitString mapping relationship are established locally [VXLAN 10:010]. Similarly, NVE3 advertises BIER information and VXLAN information, and NVE1 also receives local mapping after receiving it. For [VXLAN 10:110].
  • the NVE1 receives the tenant multicast traffic from the VM1, it searches for the multicast traffic belonging to the VXLAN 10, encapsulates the VXLAN packet header, and further searches for the BitString corresponding to the remote NVEs belonging to the VXLAN to be 110, so that the packet is further encapsulated.
  • the BIER header is forwarded to forward multicast packets.
  • Method 1 The NVEs advertise the VXLAN information by using the extended IGP format in the first embodiment and the second embodiment. If the intermediate node receives the VXLAN information and does not recognize the information, the IGP advertisement message may be forwarded according to the IGP rule.
  • Method 2 The NVEs implement the BGP neighbor relationship or the OSPF virtual link between the NVEs through the implementation of the third embodiment or the fourth embodiment, and directly notify the VXLAN information between the NVEs, and the intermediate node does not need to be processed.
  • NVE2 advertises BIER information and VXLAN information. Regardless of method 1 or method 2, after NVE1 is received, the mapping relationship between VXLAN information and BitString is established locally [VXLAN 10:010]. Similarly, NVE3 advertises BIER information and VXLAN information. Regardless of Method 1 or Method 2, after NVE1 is received, the local map is updated to [VXLAN 10:110].
  • the NVE1 receives the tenant multicast traffic from the VM1, it searches for the multicast traffic belonging to the VXLAN 10, encapsulates the VXLAN packet header, and further searches for the BitString corresponding to the remote NVEs belonging to the VXLAN to be 110, so that the packet is further encapsulated.
  • the BIER header is forwarded to forward multicast packets.
  • the forwarding plane update is caused by the virtual machine migration.
  • the virtual machine VM5 when the virtual machine VM5 is migrated and migrated from the affiliated VNI A to the VNI B, the node NVE3 connected to the VM5 discovers the user belonging to the VXLAN 10. After the migration, the VXLAN information is revoked through the IGP protocol or the BGP protocol.
  • the VXLAN information can be revoked directly by the IGP format extended in the first embodiment and the second embodiment; for example, the NVE3 advertisement revokes the VXLAN information, and after the NVE1 is received, the original saved VXLAN information and the BitString are locally updated.
  • the mapping relationship is updated from [VXLAN 10:110] to [VXLAN 10:010].
  • NVE1 receives the subsequent tenant multicast traffic from VM1, it still searches for the multicast traffic belonging to VXLAN 10, encapsulates the VXLAN packet header, and further searches for the BitString corresponding to the remote NVEs belonging to the VXLAN.
  • the update is 010, so the updated BIER header is further encapsulated and the multicast packet is forwarded.
  • Method 1 NVE3 revokes the VXLAN information by using the extended IGP format in the first embodiment and the second embodiment. If the intermediate node receives the revoked VXLAN information and does not recognize the information, the IGP advertisement message is forwarded according to the IGP rule.
  • NVE3 establishes a BGP neighbor relationship or an OSPF virtual link between NVE1 and NVE3 through the implementation in the third embodiment or the fourth embodiment, and directly advertises the revocation between NVE1 and NVE3. VXLAN information. Intermediate nodes do not need to be processed.
  • NVE1 updates the local mapping to [VXLAN 10:010].
  • NVE1 receives the subsequent tenant multicast traffic from VM1, it still searches for the multicast traffic belonging to VXLAN 10, encapsulates the VXLAN packet header, and further searches for the BitString update corresponding to the remote NVEs belonging to the VXLAN. Therefore, the updated BIER header is further encapsulated to forward the multicast packet.
  • the embodiment of the present invention further provides a computer readable storage medium storing computer executable instructions, and when the computer executable instructions are executed, implementing the foregoing method for implementing virtualized network overlay on the transmitting side.
  • the embodiment of the present invention further provides a computer readable storage medium storing computer executable instructions, and when the computer executable instructions are executed, implementing the foregoing method for implementing virtualized network overlay on the receiving side.
  • each module/unit in the above embodiment may be implemented in the form of hardware, for example, by implementing an integrated circuit to implement its corresponding function, or may be implemented in the form of a software function module, for example, executing a program stored in the memory by a processor. / instruction to achieve its corresponding function.
  • This application is not limited to any specific combination of hardware and software.
  • the embodiment of the present application provides a method for implementing virtualized network overlay and an NVE node, which can reduce the burden on the data plane and the control plane of the current data center for the BUM traffic forwarding method.

Abstract

A method for implementing virtualization network overlay, comprising: acquiring a virtual network identifier of a connected virtual network; and notifying the virtual network identifier through a routing protocol. By means of the solution, the burden of a current data centre on a data plane and a control plane for a BUM traffic forwarding method can be reduced. \

Description

一种实现虚拟化网络叠加的方法与网络虚拟化边缘节点Method for realizing virtualized network overlay and network virtualization edge node 技术领域Technical field
本申请涉及但不限于网络虚拟化技术领域,特别是一种实现虚拟化网络叠加的方法及网络虚拟化边缘节点。The present application relates to, but is not limited to, the field of network virtualization technologies, and in particular, to a method for implementing virtualized network overlay and a network virtualization edge node.
背景技术Background technique
比特位索引显示复制(Bit Index Explicit Replication,简称BIER)技术是近两年在IETF(Internet Engineering Task Force,互联网工程任务组)开始研究的组播技术,如图1所示,其基本原理是为每一个BIER域内的节点分配一个唯一的BFR-id(Bit-Forwarding Router Identifier,比特位转发路由器标识)。一般情况下,BFR-id通过<SI:XYZW>的格式标识,其中,SI是Set Identifier(集标识),当比特位串长度(BSL,BitStringLength)不足以标识域内所有BIER节点时,会引入SI。XYZW标识BitPosition(比特位位置),比特位位置中的每一位bit都对应于一个BFR(比特位转发路由器),其长度标识比特位串长度(BitStringLength)。例如,当BIER域内有5个节点,BSL为5时,可以将这5个节点放在同一个SI中,即BFR-id为1的BFR-1对应的SI为0,BitPosition是00001,BFR-id为2的BFR-2对应的SI为0,BitPosition是00010,以此类推。当BIER域内有10个节点,BSL为5时,需要将这10个节点分放在2个SI中,一个SI中5个节点。比特位串(BitString)中的每一位Bit都对应于一个BFR-id。例如,BFR-id为1的BFR-1对应的BitSting是00001,BFR-id为2的BFR-2对应的BitSting是00010,以此类推。当组播报文到达BFR-1时,此时BFR-1作为BFIR(Bit-Forwarding Ingress Router,比特位转发入口路由器),BFR-1通过某种方式决定哪些BFERs(Bit-Forwarding Egress Router,比特位转发出口路由器)需要这个组播流量,例如,获取到BFR-2和BFR-3属于同一个子集Set Identifier,且均需要该组播流量,则将这些需要此组播流量的BFERs对应的BFR-id解析成集标识SI,并将BFR-2和BFR-3对应的BitPosition组合成BitString 00110封装在BIER报文头中,然后通过扩展IGP(Interior Gateway Protocol,内部网关协议)生 成的比特位索引转发表(Bit Index Forwarding Table,简称BIFT)转发此封装有BIER头的组播数据报文。The Bit Index Explicit Replication (BIER) technology is a multicast technology that has been studied in the Internet Engineering Task Force (IETF) in the past two years. As shown in Figure 1, the basic principle is Each node in the BIER domain is assigned a unique BFR-id (Bit-Forwarding Router Identifier). In general, the BFR-id is identified by the format of <SI:XYZW>, where SI is the Set Identifier. When the bit string length (BSL, BitStringLength) is insufficient to identify all BIER nodes in the domain, SI is introduced. . The XYZW identifies the BitPosition, and each bit in the bit position corresponds to a BFR (bit-forwarding router) whose length identifies the bit string length (BitStringLength). For example, when there are 5 nodes in the BIER domain and the BSL is 5, the 5 nodes can be placed in the same SI, that is, the SI corresponding to BFR-1 with BFR-id of 1 is 0, and the BitPosition is 00001, BFR- The BFR-2 with id 2 is 0, the BitPosition is 00010, and so on. When there are 10 nodes in the BIER domain and the BSL is 5, the 10 nodes need to be divided into 2 SIs and 5 nodes in one SI. Each bit in the bit string (BitString) corresponds to a BFR-id. For example, BitSting corresponding to BFR-1 with BFR-id of 1 is 00001, BitSting corresponding to BFR-2 with BFR-id of 2 is 00010, and so on. When a multicast packet arrives at BFR-1, BFR-1 is used as a BFIR (Bit-Forwarding Ingress Router). BFR-1 determines which BFERs (Bit-Forwarding Egress Router, bits) in some way. The bit forwarding egress router) needs this multicast traffic. For example, if BFR-2 and BFR-3 belong to the same subset Set Identifier, and both need the multicast traffic, the BFERs that need this multicast traffic are corresponding. The BFR-id is parsed into the set identifier SI, and the BitPosition corresponding to the BFR-2 and the BFR-3 is combined into a BitString. The 00110 is encapsulated in the BIER header, and then extended by the IGP (Interior Gateway Protocol). The Bit Index Forwarding Table (BIFT) forwards the multicast data packet encapsulated with the BIER header.
上面提到,BIFT是基于IGP协议进行扩展的,当前支持扩展的IGP协议主要包括IS-IS(Intermediate System-to-Intermediate System,中间系统到中间系统)协议和OSPF(Open Shortest Path First,开放式最短路径优先)协议。图2所示是IS-IS协议为了支持BIER技术的协议扩展IS-IS LSA(Link-State Advertisement,链路状态通告);图3所示是OSPF协议为了支持BIER技术的协议扩展OSPF-LSA。As mentioned above, BIFT is extended based on the IGP protocol. The currently supported IGP protocols mainly include the IS-IS (Intermediate System-to-Intermediate System) protocol and OSPF (Open Shortest Path First). Shortest path first) protocol. Figure 2 shows the IS-IS protocol to support the BIER technology protocol extension IS-IS LSA (Link-State Advertisement); Figure 3 shows the OSPF protocol extension OSPF-LSA to support the BIER technology.
基于BIER技术,网路节点不再需要支持组播协议以及维护组播每流状态,极大地简化了组播控制面的实现以及网络节点的性能。而且,BIER技术有效地利用了当前的IGP协议,只需要对当前IGP协议做个小小的扩展便能实现和提高组播的部署。进一步地,BIER技术也可以和当前软件定义网络技术相结合,为未来的软件定义网络的发展减轻阻碍。Based on the BIER technology, the network node no longer needs to support the multicast protocol and maintain the multicast per-flow state, which greatly simplifies the implementation of the multicast control plane and the performance of the network node. Moreover, the BIER technology effectively utilizes the current IGP protocol, and only needs to make a small extension to the current IGP protocol to implement and improve multicast deployment. Further, BIER technology can also be combined with current software-defined networking technologies to mitigate obstacles to the development of future software-defined networks.
另一方面,虚拟化数据中心技术被越来越广泛的应用到私有云/公有云/混合云的数据中心部署中。IETF国际标准组织提出的一种针对虚拟化数据中心的解决方案NVO3(Network Virtualization using Overlays over Layer 3,基于层三的网络虚拟化叠加)技术也逐步进行着其标准化工作。其中,最广泛使用的就是虚拟可扩展局域网技术(Virtual eXtensible Local Area Network,简称VXLAN)。On the other hand, virtualized data center technology is increasingly being applied to data center deployments in private/public/hybrid clouds. A network virtualization solution NVO3 (Network Virtualization using Overlays over Layer 3) technology proposed by the IETF International Standards Organization is gradually undergoing standardization work. Among them, the most widely used is the Virtual eXtensible Local Area Network (VXLAN).
虚拟化技术使得每一台物理的服务器可以虚拟化为多台虚拟机(Virtual Machines,简称VMs),属于同一VLAN(Virtual Local Area Network,虚拟局域网)域的虚拟机可以互通。但是由于VLAN只支持4096个,故极大地限制了当前租户的数量。而且,由于当前数据中心的大二层网络结构,为了防止环路,使用了分发树协议(Spanning Tree Protocol),这也导致了大量的端口或者链路被失效和浪费掉。进而,三层IP技术逐渐被引入到数据中心中。这就意味着,对属于不同网络的虚拟机需要互通时不仅需要跨越二层网络,还需要跨越三层网络。各种原因的催生下,虚拟可扩展局域网技术(VXLAN)应运而生。首先,VXLAN技术使用了24-bit的虚拟网络标识(Virtual Network Identifier,简称VNI)来标示VXLAN域,即支持16M的VXLAN用户。另 外,VXLAN是一种叠加(overlay)技术,无论传输网络是二层还是三层,VXLAN技术可以将原始报文打上VXLAN标识,然后封装在隧道(Tunnel)中转发到远端,为虚拟化后的属于同一租户的虚拟机实现互通。Virtualization technology enables each physical server to be virtualized into multiple virtual machines (Virtual Machines, VMs). Virtual machines in the same VLAN (Virtual Local Area Network) domain can communicate with each other. However, since the VLAN only supports 4096, the number of current tenants is greatly limited. Moreover, due to the large Layer 2 network structure of the current data center, in order to prevent loops, the Spanning Tree Protocol is used, which also causes a large number of ports or links to be invalidated and wasted. Furthermore, three-tier IP technology is gradually introduced into the data center. This means that when virtual machines belonging to different networks need to communicate, they need to span not only the Layer 2 network but also the Layer 3 network. With the development of various reasons, Virtual Scalable Local Area Network (VXLAN) came into being. First, the VXLAN technology uses a 24-bit Virtual Network Identifier (VNI) to identify the VXLAN domain, which supports 16M VXLAN users. Another In addition, VXLAN is an overlay technology. VXLAN technology can mark the original packet with the VXLAN identifier and then encapsulate it in the tunnel to the remote end. The virtual machines belonging to the same tenant are interoperable.
数据中心中,存在两种类型的流量,一种是单播流量,另一种是BUM流量(Broadcast\Unknown\Multicast,广播\未知\组播),如ARP(Address Resolution Protocol,地址解析协议)/ND(Neighbor Discovery,邻居发现协议)、DHCP(Dynamic Host Configuration Protocol,动态主机设置协议)和mDNS(multicast DNS,组播DNS(Domain Name System,域名系统))等。对于单播流量,当前NVO3的技术架构如图4所示,其中Server(服务器)1/Server2/Server3分别虚拟化成不同的虚拟机VM1至VM6,隶属于不同的租户。属于同一租户的虚拟机之间构成一个虚拟网络(Virtual Network);例如,VM1和VM3属于同一个租户A,VM2和VM5属于同一个租户B,VM4和VM6属于同一个租户C。NVE(Network Virtualization Edge,网络虚拟化边缘)是执行隧道封装/解封装的节点。NVE之间的叠加隧道可以选择VXLAN隧道。图5所示是VXLAN数据面的报文头结构。图6所示是NVE封装后的隧道报文数据结构。数据面转发时,NVE上对原始报文进行VXLAN报文头的封装后,根据该VXLAN对应的隧道目的IP地址进行外层隧道的封装,然后单播转发报文到远端NVE,例如,VM1发起的租户A的数据流量到达NVE1后,NVE1封装上携带有VNI(Virtual Network Identifier)为1的VXLAN头,进而根据该VXLAN对应的隧道目的IP地址NVE2进行外层隧道的封装,然后转发到远端NVE2。远端NVE2接收到报文后,解封装外层隧道,根据VXLAN报文头中的VNI将报文转发到属于该VXLAN的租户网络A的VM3中。租户B和租户C的转发类似。VXLAN隧道中,VNI特定指的是VXLAN网络标识(VXLAN Network Identifier)。There are two types of traffic in the data center, one is unicast traffic, and the other is BUM traffic (Broadcast\Unknown\Multicast, broadcast\unknown\multicast), such as ARP (Address Resolution Protocol). /ND (Neighbor Discovery Protocol), DHCP (Dynamic Host Configuration Protocol), and mDNS (multicast DNS (Domain Name System)). For unicast traffic, the technical architecture of the current NVO3 is as shown in FIG. 4, in which Server (Server) 1/Server 2/Server 3 are respectively virtualized into different virtual machines VM1 to VM6, belonging to different tenants. Virtual machines belonging to the same tenant form a virtual network; for example, VM1 and VM3 belong to the same tenant A, VM2 and VM5 belong to the same tenant B, and VM4 and VM6 belong to the same tenant C. NVE (Network Virtualization Edge) is a node that performs tunnel encapsulation/decapsulation. The overlay tunnel between NVEs can select a VXLAN tunnel. Figure 5 shows the packet header structure of the VXLAN data plane. Figure 6 shows the tunnel message data structure after NVE encapsulation. After the data plane is forwarded, the NVE encapsulates the original packet in the VXLAN packet header, encapsulates the outer tunnel according to the destination IP address of the tunnel corresponding to the VXLAN, and then unicasts the packet to the remote NVE. For example, VM1 After the data flow of the initiating tenant A reaches the NVE1, the NVE1 encapsulation carries a VXLAN header with a VNI (Virtual Network Identifier) of 1. Then, the outer tunnel is encapsulated according to the tunnel destination IP address NVE2 corresponding to the VXLAN, and then forwarded to the far end. End NVE2. After receiving the packet, the remote NVE2 decapsulates the outer tunnel and forwards the packet to the VM3 of the tenant network A belonging to the VXLAN according to the VNI in the VXLAN packet header. The forwarding of tenant B and tenant C is similar. In a VXLAN tunnel, a VNI specifically refers to a VXLAN Network Identifier.
对于BUM流量,当前NVO3的部署如图7所示,比如,VM1和VM3和VM5属于同一租户,NVE1收到BUM流量后,方法一是在NVE1端点上进行入口复制,将组播流量复制一份,分别封装上VXLAN报文头,进一步封装上该VXLAN对应的多个隧道目的IP地址(NVE2和NVE3),分别发向不同的远端NVE2和NVE3。但是这个方法仅适用于小型网络,当租户网 络较大时,入口端点上会存在大量负担去复制组播报文,同时也大量浪费了NVEs之间的带宽,而且,NVE上VXLAN对应隧道目的地址的映射需要额外的控制面技术协助下发。方法二是在NVEs之间的网络上运行组播协议PIM(Protocol Independent Multicast,协议无关组播)建立组播分发树,然后当NVE1收到BUM报文后,查收该BUM报文属于哪个VXLAN,然后查找该VXLAN对应的组播组映射,然后将BUM报文封装上VXLAN报文头,然后沿着NVEs之间建立的属于该对应组播组的组播分发树进行转发。这个方法在一定程度上可以解决入口端点的负担以及NVEs之间的带宽,但是需要NVEs之间运行三层的PIM协议,并且还需要全网维护组播树,在另一种程度上又增加了网络复杂性和可部署性,而且,NVE上VXLAN对应组播组的映射也需要额外的控制面技术协助下发。For BUM traffic, the current NVO3 deployment is shown in Figure 7. For example, VM1 and VM3 and VM5 belong to the same tenant. After NVE1 receives BUM traffic, the first method is to perform ingress replication on the NVE1 endpoint to copy the multicast traffic. The VXLAN packet headers are encapsulated respectively, and the destination IP addresses (NVE2 and NVE3) of the multiple tunnels corresponding to the VXLAN are further encapsulated and sent to different remote NVE2s and NVE3s. But this method only works for small networks, when the tenant network When the network is large, there is a large amount of burden on the ingress end to replicate the multicast packets. At the same time, the bandwidth between the NVEs is also wasted. The mapping of the destination address of the VXLAN to the tunnel on the NVE requires additional control plane technology to assist in the delivery. . The second method is to establish a multicast distribution tree by using a protocol independent multicast (PIM) on the network between the NVEs. Then, after receiving the BUM message, the NVE1 checks the VXLAN to which the BUM message belongs. Then, the multicast group mapping corresponding to the VXLAN is searched, and the BUM message is encapsulated in the VXLAN packet header, and then forwarded along the multicast distribution tree of the corresponding multicast group established between the NVEs. This method can solve the burden of the ingress endpoint and the bandwidth between the NVEs to a certain extent, but it needs to run the Layer 3 PIM protocol between the NVEs, and also needs to maintain the multicast tree across the network, and to another extent Network complexity and configurability. In addition, the VXLAN mapping of multicast groups on the NVE also requires additional control plane technology to assist in the delivery.
发明内容Summary of the invention
以下是对本文详细描述的主题的概述。本概述并非是为了限制权利要求的保护范围。The following is an overview of the topics detailed in this document. This Summary is not intended to limit the scope of the claims.
本发明实施例提供一种实现虚拟化网络叠加的方法及NVE节点,以减轻当前数据中心对于BUM流量转发方法的数据面和控制面上的各种弊端。The embodiment of the invention provides a method for implementing virtualized network overlay and an NVE node, so as to alleviate various disadvantages of the current data center for the data plane and the control plane of the BUM traffic forwarding method.
本发明实施例提供了一种实现虚拟化网络叠加的方法,应用于虚拟化数据中心的网络虚拟化边缘节点,包括:The embodiment of the invention provides a method for implementing virtualized network overlay, which is applied to a network virtualization edge node of a virtualized data center, and includes:
获取所连接的虚拟网络的虚拟网络标识;Obtain a virtual network identifier of the connected virtual network;
通过路由协议通告所述虚拟网络标识。The virtual network identifier is advertised by a routing protocol.
可选地,上述方法还具有下面特点:所述通告所述虚拟网络标识包括:Optionally, the foregoing method further has the following feature: the advertising the virtual network identifier includes:
通告有效的虚拟网络标识;和/或,Notifying a valid virtual network identity; and/or,
通告撤销的虚拟网络标识。Announce the virtual network ID that was revoked.
可选地,上述方法还具有下面特点:Optionally, the above method also has the following features:
所述路由协议包括以下的任一种:中间系统到中间系统协议、开放式最短路径优先协议和边界网关协议。 The routing protocol includes any of the following: an intermediate system to an intermediate system protocol, an open shortest path first protocol, and a border gateway protocol.
可选地,上述方法还具有下面特点:Optionally, the above method also has the following features:
所述路由协议支持IPv4网络协议和IPv6网络协议。The routing protocol supports an IPv4 network protocol and an IPv6 network protocol.
可选地,上述方法还具有下面特点:Optionally, the above method also has the following features:
所述虚拟网络标识包括虚拟可扩展局域网的网络标识。The virtual network identifier includes a network identifier of a virtual scalable local area network.
本发明实施例还提供了一种网络虚拟化边缘节点,其中,包括:The embodiment of the invention further provides a network virtualization edge node, which comprises:
获取模块,设置为获取所连接的虚拟网络的虚拟网络标识;Obtaining a module, configured to obtain a virtual network identifier of the connected virtual network;
通告模块,设置为通过路由协议通告所述虚拟网络标识。The notification module is configured to advertise the virtual network identifier by using a routing protocol.
可选地,上述网络虚拟化边缘节点还具有下面特点:Optionally, the network virtualization edge node further has the following features:
所述通告模块设置为:通告有效的虚拟网络标识;和/或,通告撤销的虚拟网络标识,其中,所述路由协议包括以下的任一种:中间系统到中间系统协议、开放式最短路径优先协议、边界网关协议,所述路由协议支持IPv4网络协议和IPv6网络协议,所述虚拟网络标识包括虚拟可扩展局域网的网络标识。The notification module is configured to: notify a valid virtual network identifier; and/or notify the revoked virtual network identifier, wherein the routing protocol includes any one of the following: an intermediate system to an intermediate system protocol, an open shortest path priority Protocol, border gateway protocol, the routing protocol supports an IPv4 network protocol and an IPv6 network protocol, and the virtual network identifier includes a network identifier of a virtual scalable local area network.
本发明实施例还提供了一种实现虚拟化网络叠加的方法,应用于虚拟化数据中心的网络虚拟化边缘节点,包括:The embodiment of the present invention further provides a method for implementing virtualized network overlay, which is applied to a network virtualization edge node of a virtualized data center, including:
接收携带有虚拟网络标识的通告报文;Receiving an advertisement packet carrying a virtual network identifier;
解析所述虚拟网络标识,根据所述虚拟网络标识建立或更新对应的虚拟网络标识与发送相同虚拟网络标识的节点的比特位串的映射关系。Parsing the virtual network identifier, and establishing or updating a mapping relationship between the corresponding virtual network identifier and the bit string of the node that sends the same virtual network identifier according to the virtual network identifier.
可选地,上述方法还具有下面特点:Optionally, the above method also has the following features:
所述通告报文包括:携带有有效的虚拟网络标识和/或携带有撤销的虚拟网络标识的通告报文。The advertisement message includes: an advertisement message carrying a valid virtual network identifier and/or carrying the revoked virtual network identifier.
可选地,上述方法还包括:Optionally, the foregoing method further includes:
接收到租户的广播\未知\组播BUM流量时,查找所述租户隶属的虚拟网络标识,封装上相应的虚拟网络报文头,查找对应该虚拟网络标识的比特位串,封装上所述比特位串对应的比特位索引显示复制(BIER)头,按照比特位索引转发表进行转发。 When the broadcaster's broadcast\unknown\multicast BUM traffic is received, the virtual network identifier of the tenant is searched, the corresponding virtual network packet header is encapsulated, and the bit string corresponding to the virtual network identifier is searched, and the bit is encapsulated. The bit index corresponding to the bit string displays a copy (BIER) header, which is forwarded according to the bit index forwarding table.
本发明实施例还提供了了一种网络虚拟化边缘节点,其中,包括:The embodiment of the invention further provides a network virtualization edge node, which comprises:
接收模块,设置为接收携带有虚拟网络标识的通告报文;a receiving module, configured to receive an advertisement packet carrying a virtual network identifier;
处理模块,设置为解析所述虚拟网络标识,根据所述虚拟网络标识建立或更新对应的虚拟网络标识与发送相同虚拟网络标识的节点的比特位串的映射关系。The processing module is configured to parse the virtual network identifier, and establish or update a mapping relationship between the corresponding virtual network identifier and the bit string of the node that sends the same virtual network identifier according to the virtual network identifier.
可选地,上述网络虚拟化边缘节点还具有下面特点:Optionally, the network virtualization edge node further has the following features:
所述接收模块接收到的所述通告报文包括:携带有有效的虚拟网络标识的通告报文和/或携带有撤销的虚拟网络标识的通告报文。The advertisement message received by the receiving module includes: an advertisement message carrying a valid virtual network identifier and/or an advertisement message carrying a revoked virtual network identifier.
可选地,上述网络虚拟化边缘节点还具有下面特点:Optionally, the network virtualization edge node further has the following features:
所述接收模块,还设置为接收到租户的广播\未知\组播BUM流量;The receiving module is further configured to receive a broadcast, unknown, and multicast BUM traffic of the tenant;
所述处理模块,还设置为查找所述租户隶属的虚拟网络标识,封装上相应的虚拟网络报文头,查找对应该虚拟网络标识的比特位串,封装上所述比特位串对应的比特位索引显示复制头,按照比特位索引转发表进行转发。The processing module is further configured to search for a virtual network identifier to which the tenant belongs, encapsulate a corresponding virtual network packet header, and search for a bit string corresponding to the virtual network identifier, and encapsulate the bit corresponding to the bit string. The index displays the copy header and forwards it according to the bit index forwarding table.
本发明实施例还提供一种计算机可读存储介质,存储有计算机可执行指令,所述计算机可执行指令被执行时实现发送侧的上述实现虚拟化网络叠加的方法。The embodiment of the present invention further provides a computer readable storage medium storing computer executable instructions, and when the computer executable instructions are executed, implementing the foregoing method for implementing virtualized network overlay on the transmitting side.
本发明实施例还提供一种计算机可读存储介质,存储有计算机可执行指令,所述计算机可执行指令被执行时实现接收侧的上述实现虚拟化网络叠加的方法。The embodiment of the present invention further provides a computer readable storage medium storing computer executable instructions, and when the computer executable instructions are executed, implementing the foregoing method for implementing virtualized network overlay on the receiving side.
综上,本发明实施例提供一种实现虚拟化网络叠加的方法及NVE节点,以减轻当前数据中心对于BUM流量转发方法的数据面和控制面上的负担。In summary, the embodiments of the present invention provide a method for implementing virtualized network overlay and an NVE node, so as to alleviate the burden on the data plane and the control plane of the current data center for the BUM traffic forwarding method.
在阅读并理解了附图和详细描述后,可以明白其他方面。Other aspects will be apparent upon reading and understanding the drawings and detailed description.
附图概述BRIEF abstract
附图用来提供对本申请的进一步理解,并且构成说明书的一部分,与本申请的实施例一起用于解释本申请,并不构成对本申请的限制。在附图中:The accompanying drawings are used to provide a further understanding of the invention, In the drawing:
图1是相关的BIER技术架构的示意图; Figure 1 is a schematic diagram of a related BIER technology architecture;
图2是相关技术的IS-IS协议扩展实现BIER控制面的示意图;2 is a schematic diagram of a related art IS-IS protocol extension implementing a BIER control plane;
图3是相关技术的OSPF协议扩展实现BIER控制面的示意图;3 is a schematic diagram of a related art OSPF protocol extension implementing a BIER control plane;
图4是相关技术的NVO3技术架构(单播场景)的示意图;4 is a schematic diagram of a related art NVO3 technical architecture (unicast scenario);
图5是相关技术的VXLAN报文头结构的示意图;5 is a schematic diagram of a VXLAN packet header structure of the related art;
图6是相关技术的NVE封装后隧道上转发的报文结构的示意图;6 is a schematic diagram of a packet structure forwarded on a tunnel after NVE encapsulation in the related art;
图7是相关技术的NVO3技术架构(BUM场景)的示意图;7 is a schematic diagram of a related art NVO3 technical architecture (BUM scenario);
图8为本发明实施例的发送侧的实现虚拟化网络叠加的方法的流程图;FIG. 8 is a flowchart of a method for implementing virtualized network overlay on a transmitting side according to an embodiment of the present invention; FIG.
图9为本发明实施例的发送侧的NVE节点的示意图;FIG. 9 is a schematic diagram of an NVE node on a transmitting side according to an embodiment of the present invention; FIG.
图10为本发明实施例的接收侧的实现虚拟化网络叠加的方法的流程图;FIG. 10 is a flowchart of a method for implementing virtualized network overlay on a receiving side according to an embodiment of the present invention; FIG.
图11为本发明实施例的接收侧的NVE节点的示意图;FIG. 11 is a schematic diagram of an NVE node on a receiving side according to an embodiment of the present invention; FIG.
图12是本发明实施例的基于IS-IS协议扩展携带虚拟网络标识的示意图;FIG. 12 is a schematic diagram of extending a virtual network identifier based on an IS-IS protocol according to an embodiment of the present invention; FIG.
图13是本发明实施例的应用场景的示意图。FIG. 13 is a schematic diagram of an application scenario according to an embodiment of the present invention.
本发明的实施方式Embodiments of the invention
下文中将结合附图对本发明实施例进行详细说明。需要说明的是,在不冲突的情况下,本申请中的实施例及实施例中的特征可以相互任意组合。The embodiments of the present invention will be described in detail below with reference to the accompanying drawings. It should be noted that, in the case of no conflict, the features in the embodiments and the embodiments in the present application may be arbitrarily combined with each other.
鉴于相关技术存在的问题,如果能将BIER技术引入到虚拟化网络叠加NVO3中,用于实现数据中心BUM流量的数据面的转发技术,同时,在控制面,引入IGP-BIER和BGP-BIER的扩展,用于源端NVE发现远端属于同一VXLAN的NVEs的控制面技术。这样,将极大地减轻当前数据中心对于BUM流量转发方法的数据面和控制面上的各种弊端,进一步加快虚拟化数据中心的部署和BIER的部署。本发明实施例试图在上述虚拟化数据中心网络中,引入BIER技术,实现虚拟化网络中BUM流量转发的最优实现。In view of the problems of related technologies, if the BIER technology can be introduced into the virtualized network overlay NVO3, the data plane forwarding technology for realizing data center BUM traffic, and at the same time, the IGP-BIER and BGP-BIER are introduced on the control plane. Extension, used by the source NVE to discover the control plane technology of NVEs that belong to the same VXLAN. In this way, the various disadvantages of the data center and the control plane of the current data center for the BUM traffic forwarding method will be greatly alleviated, and the deployment of the virtualized data center and the deployment of the BIER will be further accelerated. The embodiment of the present invention attempts to introduce a BIER technology in the virtualized data center network to implement an optimal implementation of BUM traffic forwarding in a virtualized network.
图8为本发明实施例的发送侧的实现虚拟化网络叠加的方法的流程图,如图8所示,本实施例的方法应用于虚拟化数据中心的NVE节点,包括以下步骤: FIG. 8 is a flowchart of a method for implementing virtualized network overlay on a transmitting side according to an embodiment of the present invention. As shown in FIG. 8 , the method in this embodiment is applied to an NVE node in a virtualized data center, and includes the following steps:
步骤11、获取所连接的虚拟网络的虚拟网络标识(VNI,Virtual Network Identifier);Step 11: Obtain a virtual network identifier (VNI, Virtual Network Identifier) of the connected virtual network.
步骤12、通过路由协议通告所述VNI。Step 12: advertise the VNI through a routing protocol.
其中,通知所述VNI包括:通告有效的VNI;和/或,通告撤销的VNI。The notifying the VNI includes: notifying a valid VNI; and/or notifying the revoked VNI.
其中,所述路由协议包括以下的任一种:IS-IS协议、OSPF协议和BGP(Border Gateway Protocol,边界网关协议);所述路由协议支持互联网协议第四版(IPv4)网络协议和互联网协议第六版(IPv6)网络协议。The routing protocol includes any one of the following: an IS-IS protocol, an OSPF protocol, and a BGP (Border Gateway Protocol); the routing protocol supports an Internet Protocol version 4 (IPv4) network protocol and an Internet protocol. Sixth Edition (IPv6) network protocol.
其中,所述VNI包括VXLAN的网络标识。The VNI includes a network identifier of the VXLAN.
图9为本发明实施例的发送侧的NVE节点的示意图,如图9所示,本实施例的NVE节点可以包括:FIG. 9 is a schematic diagram of an NVE node on a transmitting side according to an embodiment of the present invention. As shown in FIG. 9, the NVE node in this embodiment may include:
获取模块,设置为获取所连接的虚拟网络的VNI;Obtaining a module, configured to obtain a VNI of the connected virtual network;
通告模块,设置为通过路由协议通告所述VNI。A notification module, configured to advertise the VNI through a routing protocol.
在一可选实施例中,所述通告模块设置为:通告有效的VNI;和/或,通告撤销的VNI。In an optional embodiment, the notification module is configured to: announce a valid VNI; and/or, advertise the revoked VNI.
其中,所述路由协议包括以下的任一种:IS-IS协议、OSPF协议和BGP协议;所述路由协议支持IPv4网络协议和IPv6网络协议;所述虚拟网络标识包括VXLAN的网络标识。The routing protocol includes any one of the following: an IS-IS protocol, an OSPF protocol, and a BGP protocol; the routing protocol supports an IPv4 network protocol and an IPv6 network protocol; and the virtual network identifier includes a network identifier of the VXLAN.
图10为本发明实施例的接收侧的实现虚拟化网络叠加的方法的流程图,如图10所示,本实施例的方法应用于虚拟化数据中心的NVE节点,包括以下步骤:FIG. 10 is a flowchart of a method for implementing virtualized network overlay on a receiving side according to an embodiment of the present invention. As shown in FIG. 10, the method in this embodiment is applied to an NVE node in a virtualized data center, and includes the following steps:
步骤21、接收携带有VNI的通告报文;Step 21: Receive an advertisement message carrying a VNI.
步骤22、解析所述VNI,根据所述VNI建立或更新对应的VNI与发送相同VNI的节点的比特位串的映射关系。Step 22: Parse the VNI, and establish or update a mapping relationship between the corresponding VNI and the bit string of the node transmitting the same VNI according to the VNI.
其中,所述通告报文包括:携带有有效的虚拟网络标识和/或携带有撤销的虚拟网络标识的通告报文。The advertisement message includes: an advertisement message carrying a valid virtual network identifier and/or carrying the revoked virtual network identifier.
本实施例的方法还可以包括: The method of this embodiment may further include:
接收到租户的BUM流量时,查找所述租户隶属的VNI,封装上相应的虚拟网络报文头,查找所述VNI对应的比特位串,封装上所述比特位串对应的比特位索引显示复制(BIER)头,按照比特位索引转发表(BIFT)进行转发。When the BUM traffic of the tenant is received, the VNI of the tenant is searched, and the corresponding virtual network packet header is encapsulated, and the bit string corresponding to the VNI is searched, and the bit index corresponding to the bit string is encapsulated and displayed. The (BIER) header is forwarded according to the Bit Index Indexing Table (BIFT).
图11为本发明实施例的接收侧的NVE节点的示意图,如图11所示,本实施例的NVE节点可以包括:FIG. 11 is a schematic diagram of an NVE node on a receiving side according to an embodiment of the present invention. As shown in FIG. 11, the NVE node in this embodiment may include:
接收模块,设置为接收携带有VNI的通告报文;a receiving module, configured to receive an advertisement message carrying a VNI;
处理模块,设置为解析所述VNI,根据所述VNI建立或更新对应的VNI与发送相同VNI的节点的比特位串的映射关系。The processing module is configured to parse the VNI, and establish or update a mapping relationship between the corresponding VNI and the bit string of the node transmitting the same VNI according to the VNI.
可选地,所述接收模块接收到的所述通告报文包括:携带有有效的虚拟网络标识的通告报文和/或携带有撤销的虚拟网络标识的通告报文。Optionally, the advertisement message that is received by the receiving module includes: an advertisement message carrying a valid virtual network identifier and/or an advertisement message carrying the revoked virtual network identifier.
在一可选实施例中,所述接收模块,还可以设置为接收到租户的BUM流量;In an optional embodiment, the receiving module may be further configured to receive a BUM traffic of the tenant;
所述处理模块,还可以设置为查找所述租户隶属的VNI,封装上相应的虚拟网络报文头,查找所述VNI对应的比特位串,封装上所述比特位串对应的比特位索引显示复制头,按照比特位索引转发表进行转发。The processing module may be further configured to search for a VNI to which the tenant belongs, encapsulate a corresponding virtual network packet header, search for a bit string corresponding to the VNI, and encapsulate a bit bit index corresponding to the bit string. The copy header is forwarded according to the bit index forwarding table.
下面结合实施例阐述本申请。The present application is described below in conjunction with the examples.
实施例一 Embodiment 1
当前,IS-IS协议扩展实现BIER控制面时,对于IPv4(互联网协议的第四版)网络,在IS-IS协议的Extended IP reachability TLV(扩展IP可达性TLV(Type\Lenght\Value,类型\长度\值))(TLV类型为135)和Multi-Topology Reachable IPv4Prefixes TLV(多拓扑可达IPv4前缀TLV)(TLV类型为235)下进行了扩展;以及对于IPv6(互联网协议的第六版)网络,在IS-IS的IPv6Reachability TLV(TLV类型为236)和Multi-Topology Reachable IPv6Prefixes TLV(TLV类型为237)下进行了扩展,具体扩展格式见图2。Currently, when the IS-IS protocol is extended to implement the BIER control plane, for IPv4 (fourth edition of the Internet Protocol) network, the Extended IP reachability TLV (Type\Lenght\Value, type of IS-IS protocol) is extended. \length\value)) (TLV type 135) and Multi-Topology Reachable IPv4 Prefixes TLV (multi-topology reachable IPv4 prefix TLV) (TLV type 235) extended; and for IPv6 (sixth edition of Internet Protocol) The network is extended under IS-IS IPv6 Regression TLV (TLV type 236) and Multi-Topology Reachable IPv6 Prefixes TLV (TLV type 237). The specific extended format is shown in Figure 2.
本发明实施例试图将BIER技术应用在虚拟化数据中心的控制面,于是在上述图2定义的IS-IS扩展中进一步定义了一个新的sub-sub-TLV(子子 TLV),用于通告虚拟网络的虚拟网络标识。基于IS-IS协议扩展携带虚拟网络标识的报文参考格式如图12所示。The embodiment of the present invention attempts to apply the BIER technology to the control plane of the virtualized data center, and thus further defines a new sub-sub-TLV (sub-sub-invention) in the IS-IS extension defined in FIG. 2 above. TLV), used to advertise the virtual network identity of the virtual network. The packet reference format for extending the virtual network identifier based on the IS-IS protocol is as shown in FIG. 12 .
其中,Type标识该sub-sub-TLV的类型,本发明实施例用于标识虚拟网络sub-sub-TLV;Length标识该sub-sub-TLV中Value部分的长度;Virtual Network Identifier是虚拟网络标识,24-bit,唯一标识虚拟网络。The Type identifies the type of the sub-sub-TLV, and the embodiment of the present invention is used to identify the virtual network sub-sub-TLV; the Length identifies the length of the Value part of the sub-sub-TLV; the Virtual Network Identifier is the virtual network identifier. 24-bit, uniquely identifies the virtual network.
实施例二 Embodiment 2
当前,OSPF协议扩展实现BIER控制面,对IPv4网络,在OSPFv2协议的Extended Prefix TLV(扩展前缀TLV)下进行了扩展;以及对于IPv6网络,在OSPFv3的Extended LSA TLV(扩展链路状态通告TLV)下进行了扩展,具体扩展格式见图3。Currently, the OSPF protocol extension implements the BIER control plane, and extends the IPv4 network under the Extended Prefix TLV (Extended Prefix TLV) of the OSPFv2 protocol; and for the IPv6 network, the Extended LSA TLV (Extended Link State Advertisement TLV) in OSPFv3 The expansion is carried out. The specific extended format is shown in Figure 3.
本发明实施例试图将BIER技术应用在虚拟化数据中心的控制面,于是在上述图3定义的OSPF和OSPFv3扩展中进一步定义了一个新的sub-sub-TLV,用于通告虚拟网络的虚拟网络标识。基于OSPF和OSPFv3协议扩展携带虚拟网络标识的报文参考格式也如图12所示。The embodiment of the present invention attempts to apply the BIER technology to the control plane of the virtualized data center, and further defines a new sub-sub-TLV for advertising the virtual network of the virtual network in the OSPF and OSPFv3 extensions defined in FIG. 3 above. Logo. The packet reference format for carrying the virtual network identifier based on the OSPF and OSPFv3 protocols is also shown in FIG.
其中,Type标识该sub-sub-TLV的类型,本发明实施例用于标识虚拟网络sub-sub-TLV;Length标识该sub-sub-TLV中Value部分的长度;Virtual Network Identifier是虚拟网络标识,24-bit,唯一标识虚拟网络。The Type identifies the type of the sub-sub-TLV, and the embodiment of the present invention is used to identify the virtual network sub-sub-TLV; the Length identifies the length of the Value part of the sub-sub-TLV; the Virtual Network Identifier is the virtual network identifier. 24-bit, uniquely identifies the virtual network.
实施例三 Embodiment 3
本发明实施例试图将BIER技术应用在虚拟化数据中心的控制面,于是参考在BGP协议的BGP BIER属性下进一步扩展了一个新的sub-TLV,用于通告虚拟网络标识;或者在BGP协议的网络层可达信息(NLRI,Network Layer Reachable Information)下进行扩展,用于通告虚拟网络标识。The embodiment of the present invention attempts to apply the BIER technology to the control plane of the virtualized data center, and further expands a new sub-TLV for advertising the virtual network identifier by referring to the BGP BIER attribute of the BGP protocol; or in the BGP protocol. The network layer reachable information (NLRI) is extended to advertise the virtual network identifier.
实施例四 Embodiment 4
OSPF协议可以支持在BIER域的BFIR和BFER设备上建立OSPF虚链,通过虚链,将本发明实施例所提到的扩展TLV信息直接发送到BIER域的边缘设备,BFIR和BFER设备直接互相交互所连接的VNI信息,减少BIER域中间节点的信息存储。所通告的格式仍然基于OSPF协议扩展携带虚拟网络标识的报文参考格式也如图12所示。 The OSPF protocol can support the establishment of an OSPF virtual link on the BFIR and BFER devices in the BIER domain. The extended TLV information mentioned in the embodiment of the present invention is directly sent to the edge device of the BIER domain through the virtual link, and the BFIR and the BFER device directly interact with each other. The connected VNI information reduces the information storage of the intermediate nodes in the BIER domain. The advertised format is still based on the OSPF protocol extension. The packet reference format carrying the virtual network identifier is also shown in FIG.
其中,Type标识该sub-sub-TLV的类型,本发明实施例用于标识虚拟网络sub-sub-TLV;Length标识该sub-sub-TLV中Value部分的长度;Virtual Network Identifier是虚拟网络标识,24-bit,唯一标识虚拟网络。The Type identifies the type of the sub-sub-TLV, and the embodiment of the present invention is used to identify the virtual network sub-sub-TLV; the Length identifies the length of the Value part of the sub-sub-TLV; the Virtual Network Identifier is the virtual network identifier. 24-bit, uniquely identifies the virtual network.
实施例五 Embodiment 5
如图13所示,NVEs(NVE1/NVE2/NVE3)之间运行IGP或BGP协议,隶属于租户A(VXLAN标识10)的VM1连接至NVE1,NVE1的BFRID为1,对应的BitString为001;同时,隶属于租户A(VXLAN标识10)的VM3连接至NVE2,NVE2的BFRID为2,对应的BitString为010;隶属于租户A(VXLAN标识10)的VM5连接至NVE3,NVE3的BFRID为3,对应的BitString为100。NVE1/NVE2/NVE3通过IGP协议扩展或者BGP协议扩展携带BIER信息和VXLAN信息。As shown in Figure 13, the NGPs (NVE1/NVE2/NVE3) run the IGP or BGP protocol. The VM1 that belongs to the tenant A (VXLAN ID 10) is connected to the NVE1. The BFRID of the NVE1 is 1, and the corresponding BitString is 001. VM3 belonging to tenant A (VXLAN ID 10) is connected to NVE2, BVEID of NVE2 is 2, and BitString is 010; VM5 belonging to tenant A (VXLAN ID 10) is connected to NVE3, and BFRID of NVE3 is 3, corresponding to The BitString is 100. NVE1/NVE2/NVE3 carries BIER information and VXLAN information through IGP protocol extension or BGP protocol extension.
当NVEs之间直接连接时,可以直接通过实施例一或者实施例二中扩展的IGP格式通告VXLAN信息。When the NVEs are directly connected, the VXLAN information can be directly notified by the IGP format extended in Embodiment 1 or Embodiment 2.
例如,NVE2通告BIER信息和VXLAN信息,NVE1收到后,本地建立VXLAN信息和BitString的映射关系[VXLAN 10:010],同样,NVE3通告BIER信息和VXLAN信息,NVE1也收到后,更新本地映射为[VXLAN 10:110]。当NVE1接收到来自于VM1的租户组播流量时,会查找该组播流量属于VXLAN 10,封装上VXLAN报文头,进一步查找,属于该VXLAN的远端NVEs对应的BitString为110,于是进一步封装上BIER报文头,转发组播报文。For example, NVE2 advertises BIER information and VXLAN information. After NVE1 is received, VXLAN information and BitString mapping relationship are established locally [VXLAN 10:010]. Similarly, NVE3 advertises BIER information and VXLAN information, and NVE1 also receives local mapping after receiving it. For [VXLAN 10:110]. When the NVE1 receives the tenant multicast traffic from the VM1, it searches for the multicast traffic belonging to the VXLAN 10, encapsulates the VXLAN packet header, and further searches for the BitString corresponding to the remote NVEs belonging to the VXLAN to be 110, so that the packet is further encapsulated. The BIER header is forwarded to forward multicast packets.
当NVEs之间非直接连接,而是需要经过多个节点才能达到互通时,有以下两种方法可以实现:When NVEs are not directly connected, but need to go through multiple nodes to achieve interworking, there are two ways to achieve this:
方法一:NVEs通过实施例一和实施例二中扩展的IGP格式通告VXLAN信息;中间节点接收到VXLAN信息发现不识别,则按照IGP规则转发该IGP通告消息即可。Method 1: The NVEs advertise the VXLAN information by using the extended IGP format in the first embodiment and the second embodiment. If the intermediate node receives the VXLAN information and does not recognize the information, the IGP advertisement message may be forwarded according to the IGP rule.
方法二:NVEs通过实施例三或者实施例四的实现,在NVEs之间建立BGP邻居或者OSPF虚链,直接在NVEs之间通告VXLAN信息,中间节点无需处理。 Method 2: The NVEs implement the BGP neighbor relationship or the OSPF virtual link between the NVEs through the implementation of the third embodiment or the fourth embodiment, and directly notify the VXLAN information between the NVEs, and the intermediate node does not need to be processed.
同样的,NVE2通告BIER信息和VXLAN信息,无论通过方法一还是方法二,NVE1收到后,本地建立VXLAN信息和BitString的映射关系[VXLAN 10:010],同样,NVE3通告BIER信息和VXLAN信息,无论通过方法一还是方法二,NVE1也收到后,更新本地映射为[VXLAN 10:110]。当NVE1接收到来自于VM1的租户组播流量时,会查找该组播流量属于VXLAN 10,封装上VXLAN报文头,进一步查找,属于该VXLAN的远端NVEs对应的BitString为110,于是进一步封装上BIER报文头,转发组播报文。Similarly, NVE2 advertises BIER information and VXLAN information. Regardless of method 1 or method 2, after NVE1 is received, the mapping relationship between VXLAN information and BitString is established locally [VXLAN 10:010]. Similarly, NVE3 advertises BIER information and VXLAN information. Regardless of Method 1 or Method 2, after NVE1 is received, the local map is updated to [VXLAN 10:110]. When the NVE1 receives the tenant multicast traffic from the VM1, it searches for the multicast traffic belonging to the VXLAN 10, encapsulates the VXLAN packet header, and further searches for the BitString corresponding to the remote NVEs belonging to the VXLAN to be 110, so that the packet is further encapsulated. The BIER header is forwarded to forward multicast packets.
实施例六 Embodiment 6
本实施例基于虚拟机迁移导致转发面更新,仍然如图13所示,当虚拟机VM5发生迁移,从隶属于的VNI A迁移到VNI B时,连接VM5的节点NVE3发现隶属于VXLAN 10的用户迁移了,于是通过IGP协议或者BGP协议通告撤销VXLAN信息。In this embodiment, the forwarding plane update is caused by the virtual machine migration. As shown in FIG. 13, when the virtual machine VM5 is migrated and migrated from the affiliated VNI A to the VNI B, the node NVE3 connected to the VM5 discovers the user belonging to the VXLAN 10. After the migration, the VXLAN information is revoked through the IGP protocol or the BGP protocol.
当NVEs之间直接连接时,可以直接通过实施例一和实施例二中扩展的IGP格式通告撤销VXLAN信息;例如,NVE3通告撤销VXLAN信息,NVE1收到后,本地更新原来保存的VXLAN信息和BitString的映射关系,从[VXLAN 10:110]更新到[VXLAN 10:010]。这样,当NVE1接收到来自于VM1的后续租户组播流量时,仍然会先查找该组播流量属于VXLAN 10,封装上VXLAN报文头,进一步查找,发现属于该VXLAN的远端NVEs对应的BitString更新为010,于是进一步封装上更新后的BIER报文头,转发组播报文。When the NVEs are directly connected, the VXLAN information can be revoked directly by the IGP format extended in the first embodiment and the second embodiment; for example, the NVE3 advertisement revokes the VXLAN information, and after the NVE1 is received, the original saved VXLAN information and the BitString are locally updated. The mapping relationship is updated from [VXLAN 10:110] to [VXLAN 10:010]. In this way, when NVE1 receives the subsequent tenant multicast traffic from VM1, it still searches for the multicast traffic belonging to VXLAN 10, encapsulates the VXLAN packet header, and further searches for the BitString corresponding to the remote NVEs belonging to the VXLAN. The update is 010, so the updated BIER header is further encapsulated and the multicast packet is forwarded.
当NVEs之间非直接连接,而是需要经过多个节点才能达到互通时,有两种方法可以实现本发明:When NVEs are not directly connected, but need to go through multiple nodes to achieve interoperability, there are two ways to implement the invention:
方法一:NVE3通过实施例一和实施例二中扩展的IGP格式通告撤销VXLAN信息;中间节点接收到撤销VXLAN信息发现不识别,则按照IGP规则转发该IGP通告消息即可。Method 1: NVE3 revokes the VXLAN information by using the extended IGP format in the first embodiment and the second embodiment. If the intermediate node receives the revoked VXLAN information and does not recognize the information, the IGP advertisement message is forwarded according to the IGP rule.
方法二:NVE3通过实施例三或者实施例四中的实现,在NVE1和NVE3之间建立BGP邻居或者OSPF虚链,直接在NVE1和NVE3之间通告撤销 VXLAN信息。中间节点无需处理。Method 2: NVE3 establishes a BGP neighbor relationship or an OSPF virtual link between NVE1 and NVE3 through the implementation in the third embodiment or the fourth embodiment, and directly advertises the revocation between NVE1 and NVE3. VXLAN information. Intermediate nodes do not need to be processed.
这样,无论通过方法一还是方法二,NVE1收到VXLAN撤销消息后,更新本地映射为[VXLAN 10:010]。当NVE1接收到来自于VM1的后续租户组播流量时,仍然会查找该组播流量属于VXLAN 10,封装上VXLAN报文头,进一步查找,发现属于该VXLAN的远端NVEs对应的BitString更新为010,于是进一步封装上更新后的BIER报文头,转发组播报文。Thus, regardless of method 1 or method 2, after receiving the VXLAN revocation message, NVE1 updates the local mapping to [VXLAN 10:010]. When NVE1 receives the subsequent tenant multicast traffic from VM1, it still searches for the multicast traffic belonging to VXLAN 10, encapsulates the VXLAN packet header, and further searches for the BitString update corresponding to the remote NVEs belonging to the VXLAN. Therefore, the updated BIER header is further encapsulated to forward the multicast packet.
本发明实施例还提供一种计算机可读存储介质,存储有计算机可执行指令,所述计算机可执行指令被执行时实现发送侧的上述实现虚拟化网络叠加的方法。The embodiment of the present invention further provides a computer readable storage medium storing computer executable instructions, and when the computer executable instructions are executed, implementing the foregoing method for implementing virtualized network overlay on the transmitting side.
本发明实施例还提供一种计算机可读存储介质,存储有计算机可执行指令,所述计算机可执行指令被执行时实现接收侧的上述实现虚拟化网络叠加的方法。The embodiment of the present invention further provides a computer readable storage medium storing computer executable instructions, and when the computer executable instructions are executed, implementing the foregoing method for implementing virtualized network overlay on the receiving side.
本领域普通技术人员可以理解上述方法中的全部或部分步骤可通过程序来指令相关硬件(例如处理器)完成,所述程序可以存储于计算机可读存储介质中,如只读存储器、磁盘或光盘等。可选地,上述实施例的全部或部分步骤也可以使用一个或多个集成电路来实现。相应地,上述实施例中的各模块/单元可以采用硬件的形式实现,例如通过集成电路来实现其相应功能,也可以采用软件功能模块的形式实现,例如通过处理器执行存储于存储器中的程序/指令来实现其相应功能。本申请不限制于任何特定形式的硬件和软件的结合。One of ordinary skill in the art will appreciate that all or a portion of the above steps may be performed by a program to instruct related hardware, such as a processor, which may be stored in a computer readable storage medium, such as a read only memory, disk or optical disk. Wait. Alternatively, all or part of the steps of the above embodiments may also be implemented using one or more integrated circuits. Correspondingly, each module/unit in the above embodiment may be implemented in the form of hardware, for example, by implementing an integrated circuit to implement its corresponding function, or may be implemented in the form of a software function module, for example, executing a program stored in the memory by a processor. / instruction to achieve its corresponding function. This application is not limited to any specific combination of hardware and software.
以上仅为本申请的可选实施例,本申请还可有其他多种实施例,在不背离本申请精神及其实质的情况下,熟悉本领域的技术人员当可根据本申请作出各种相应的改变和变形,但这些相应的改变和变形都应属于本申请所附的权利要求的保护范围。The above is only an alternative embodiment of the present application, and the present application may have various other embodiments. Those skilled in the art can make various corresponding according to the present application without departing from the spirit and spirit of the present application. Changes and modifications, but such corresponding changes and modifications are intended to fall within the scope of the appended claims.
工业实用性Industrial applicability
本申请实施例提供一种实现虚拟化网络叠加的方法及NVE节点,能够减轻当前数据中心对于BUM流量转发方法的数据面和控制面上的负担。 The embodiment of the present application provides a method for implementing virtualized network overlay and an NVE node, which can reduce the burden on the data plane and the control plane of the current data center for the BUM traffic forwarding method.

Claims (13)

  1. 一种实现虚拟化网络叠加的方法,应用于虚拟化数据中心的网络虚拟化边缘节点,包括:A method for implementing virtualized network overlay, applied to a network virtualization edge node of a virtualized data center, comprising:
    获取所连接的虚拟网络的虚拟网络标识;Obtain a virtual network identifier of the connected virtual network;
    通过路由协议通告所述虚拟网络标识。The virtual network identifier is advertised by a routing protocol.
  2. 如权利要求1所述的方法,其中,所述通告所述虚拟网络标识包括:The method of claim 1 wherein said advertising said virtual network identification comprises:
    通告有效的虚拟网络标识;和/或,Notifying a valid virtual network identity; and/or,
    通告撤销的虚拟网络标识。Announce the virtual network ID that was revoked.
  3. 如权利要求1所述的方法,其中,所述路由协议包括以下的任一种:中间系统到中间系统协议、开放式最短路径优先协议和边界网关协议。The method of claim 1, wherein the routing protocol comprises any one of the following: an intermediate system to an intermediate system protocol, an open shortest path first protocol, and a border gateway protocol.
  4. 如权利要求1所述的方法,其中,所述路由协议支持互联网协议第四版IPv4网络协议和互联网协议第六版IPv6网络协议。The method of claim 1 wherein said routing protocol supports Internet Protocol version 4 IPv4 network protocol and Internet Protocol version 6 IPv6 network protocol.
  5. 如权利要求1至4任一项所述的方法,其中,所述虚拟网络标识包括虚拟可扩展局域网的网络标识。The method of any of claims 1 to 4, wherein the virtual network identification comprises a network identity of a virtual scalable local area network.
  6. 一种网络虚拟化边缘节点,包括:A network virtualization edge node, including:
    获取模块,设置为获取所连接的虚拟网络的虚拟网络标识;Obtaining a module, configured to obtain a virtual network identifier of the connected virtual network;
    通告模块,设置为通过路由协议通告所述虚拟网络标识。The notification module is configured to advertise the virtual network identifier by using a routing protocol.
  7. 如权利要求6所述的网络虚拟化边缘节点,其中,所述通告模块设置为:通告有效的虚拟网络标识;和/或,通告撤销的虚拟网络标识;所述路由协议包括以下的任一种:中间系统到中间系统协议、开放式最短路径优先协议、边界网关协议;所述路由协议支持互联网协议第四版IPv4网络协议和互联网协议第六版IPv6网络协议;所述虚拟网络标识包括虚拟可扩展局域网的网络标识。The network virtualization edge node according to claim 6, wherein the notification module is configured to: notify a valid virtual network identifier; and/or notify the revoked virtual network identifier; the routing protocol includes any of the following : intermediate system to intermediate system protocol, open shortest path priority protocol, border gateway protocol; the routing protocol supports Internet Protocol version 4 IPv4 network protocol and Internet Protocol version 6 IPv6 network protocol; the virtual network identifier includes virtual Extend the network identity of the LAN.
  8. 一种实现虚拟化网络叠加的方法,应用于虚拟化数据中心的网络虚拟化边缘节点,包括:A method for implementing virtualized network overlay, applied to a network virtualization edge node of a virtualized data center, comprising:
    接收携带有虚拟网络标识的通告报文; Receiving an advertisement packet carrying a virtual network identifier;
    解析所述虚拟网络标识,根据所述虚拟网络标识建立或更新对应的虚拟网络标识与发送相同虚拟网络标识的节点的比特位串的映射关系。Parsing the virtual network identifier, and establishing or updating a mapping relationship between the corresponding virtual network identifier and the bit string of the node that sends the same virtual network identifier according to the virtual network identifier.
  9. 如权利要求8所述的方法,其中,所述通告报文包括:携带有有效的虚拟网络标识和/或携带有撤销的虚拟网络标识的通告报文。The method of claim 8, wherein the advertisement message comprises: an advertisement message carrying a valid virtual network identifier and/or carrying a revoked virtual network identifier.
  10. 如权利要求8或9所述的方法,所述方法还包括:The method of claim 8 or 9, the method further comprising:
    接收到租户的广播\未知\组播BUM流量时,查找所述租户隶属的虚拟网络标识,封装上相应的虚拟网络报文头,查找对应该虚拟网络标识的比特位串,封装上所述比特位串对应的比特位索引显示复制BIER头,按照比特位索引转发表进行转发。When the broadcaster's broadcast\unknown\multicast BUM traffic is received, the virtual network identifier of the tenant is searched, the corresponding virtual network packet header is encapsulated, and the bit string corresponding to the virtual network identifier is searched, and the bit is encapsulated. The bit index corresponding to the bit string displays the copied BIER header and is forwarded according to the bit index forwarding table.
  11. 一种网络虚拟化边缘节点,包括:A network virtualization edge node, including:
    接收模块,设置为接收携带有虚拟网络标识的通告报文;a receiving module, configured to receive an advertisement packet carrying a virtual network identifier;
    处理模块,设置为解析所述虚拟网络标识,根据所述虚拟网络标识建立或更新对应的虚拟网络标识与发送相同虚拟网络标识的节点的比特位串的映射关系。The processing module is configured to parse the virtual network identifier, and establish or update a mapping relationship between the corresponding virtual network identifier and the bit string of the node that sends the same virtual network identifier according to the virtual network identifier.
  12. 如权利要求11所述的网络虚拟化边缘节点,其中,所述接收模块接收到的所述通告报文包括:携带有有效的虚拟网络标识的通告报文和/或携带有撤销的虚拟网络标识的通告报文。The network virtualization edge node according to claim 11, wherein the notification message received by the receiving module comprises: an advertisement message carrying a valid virtual network identifier and/or a virtual network identifier carrying the revoked Announcement message.
  13. 如权利要求11或12所述的网络虚拟化边缘节点,其中,A network virtualization edge node according to claim 11 or 12, wherein
    所述接收模块,还设置为接收到租户的广播\未知\组播BUM流量;The receiving module is further configured to receive a broadcast, unknown, and multicast BUM traffic of the tenant;
    所述处理模块,还设置为查找所述租户隶属的虚拟网络标识,封装上相应的虚拟网络报文头,查找对应该虚拟网络标识的比特位串,封装上所述比特位串对应的比特位索引显示复制头,按照比特位索引转发表进行转发。 The processing module is further configured to search for a virtual network identifier to which the tenant belongs, encapsulate a corresponding virtual network packet header, and search for a bit string corresponding to the virtual network identifier, and encapsulate the bit corresponding to the bit string. The index displays the copy header and forwards it according to the bit index forwarding table.
PCT/CN2016/087112 2015-10-09 2016-06-24 Method for implementing virtualization network overlay and network virtualization edge node WO2016198022A1 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
CN201510647010.9A CN106572021B (en) 2015-10-09 2015-10-09 Method for realizing network virtualization superposition and network virtualization edge node
CN201510647010.9 2015-10-09

Publications (1)

Publication Number Publication Date
WO2016198022A1 true WO2016198022A1 (en) 2016-12-15

Family

ID=57503042

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2016/087112 WO2016198022A1 (en) 2015-10-09 2016-06-24 Method for implementing virtualization network overlay and network virtualization edge node

Country Status (2)

Country Link
CN (1) CN106572021B (en)
WO (1) WO2016198022A1 (en)

Cited By (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2018171359A1 (en) * 2017-03-22 2018-09-27 中兴通讯股份有限公司 Information transfer method and device
CN108632678A (en) * 2017-03-22 2018-10-09 中兴通讯股份有限公司 A kind of data transmission method, apparatus and system
CN108965134A (en) * 2017-05-23 2018-12-07 中兴通讯股份有限公司 Message forwarding method and device
CN113114576A (en) * 2019-12-25 2021-07-13 华为技术有限公司 Method, equipment and system for sending message
WO2022206405A1 (en) * 2021-03-29 2022-10-06 华为技术有限公司 Bierv6 message processing method, and device and system

Families Citing this family (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN106941437B (en) * 2016-01-04 2020-11-17 中兴通讯股份有限公司 Information transmission method and device
CN109150730A (en) * 2017-06-15 2019-01-04 中兴通讯股份有限公司 The cross-domain method, apparatus of multicast, system and computer readable storage medium
CN110417657B (en) 2018-04-27 2022-05-17 华为技术有限公司 Method and device for processing multicast data message
CN109729012B (en) * 2018-12-24 2021-08-24 新华三技术有限公司 Unicast message transmission method and device

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103581277A (en) * 2012-08-09 2014-02-12 中兴通讯股份有限公司 Distributing method and system of data center virtualization network address and directory server
CN104348724A (en) * 2013-07-31 2015-02-11 华为技术有限公司 Multi-tenant supporting data forwarding method and device
US20150089583A1 (en) * 2012-10-30 2015-03-26 Kelly Wanser System and method for securing virtualized networks
CN104871495A (en) * 2012-09-26 2015-08-26 华为技术有限公司 Overlay virtual gateway for overlay networks

Family Cites Families (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103326915A (en) * 2012-03-23 2013-09-25 华为技术有限公司 Method, device and system for achieving three-layer VPN
CN104734929B (en) * 2013-12-18 2019-03-01 华为技术有限公司 The method and device of routing diffusion
US9749214B2 (en) * 2014-02-26 2017-08-29 Futurewei Technologies, Inc. Software defined networking (SDN) specific topology information discovery
CN104518940B (en) * 2014-10-27 2017-12-29 华为技术有限公司 Realize the method and apparatus to be communicated between NVO3 networks and MPLS network

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103581277A (en) * 2012-08-09 2014-02-12 中兴通讯股份有限公司 Distributing method and system of data center virtualization network address and directory server
CN104871495A (en) * 2012-09-26 2015-08-26 华为技术有限公司 Overlay virtual gateway for overlay networks
US20150089583A1 (en) * 2012-10-30 2015-03-26 Kelly Wanser System and method for securing virtualized networks
CN104348724A (en) * 2013-07-31 2015-02-11 华为技术有限公司 Multi-tenant supporting data forwarding method and device

Non-Patent Citations (2)

* Cited by examiner, † Cited by third party
Title
KAWASHIMA, R. ET AL.: "Non-Tunneling Edge-Overlay Model using OpenFlow for Cloud Datacenter Networks", IEEE INTERNATIONAL CONFERENCE ON CLOUD COMPUTING TECHNOLOGY AND SCIENCE, 2013, pages 176 - 181, XP032573773 *
KAWASHIMA, R. ET AL.: "Performance Evaluation of Non-Tunneling Edge-Overlay Model on 40GbE Environment", 2014 IEEE 3RD SYMPOSIUM ON NETWORK CLOUD COMPUTING AND APPLICATIONS, 31 December 2014 (2014-12-31), pages 69, XP032584895 *

Cited By (10)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2018171359A1 (en) * 2017-03-22 2018-09-27 中兴通讯股份有限公司 Information transfer method and device
CN108632150A (en) * 2017-03-22 2018-10-09 中兴通讯股份有限公司 A kind of information transmitting methods and device
CN108632678A (en) * 2017-03-22 2018-10-09 中兴通讯股份有限公司 A kind of data transmission method, apparatus and system
CN108632150B (en) * 2017-03-22 2022-02-25 中兴通讯股份有限公司 Information transmission method and device
US11405307B2 (en) 2017-03-22 2022-08-02 Zte Corporation Information transfer method and device
CN108632678B (en) * 2017-03-22 2023-03-24 中兴通讯股份有限公司 Data transmission method, device and system
CN108965134A (en) * 2017-05-23 2018-12-07 中兴通讯股份有限公司 Message forwarding method and device
EP3637698A4 (en) * 2017-05-23 2020-12-30 ZTE Corporation Packet forwarding method, device and apparatus, and storage medium
CN113114576A (en) * 2019-12-25 2021-07-13 华为技术有限公司 Method, equipment and system for sending message
WO2022206405A1 (en) * 2021-03-29 2022-10-06 华为技术有限公司 Bierv6 message processing method, and device and system

Also Published As

Publication number Publication date
CN106572021B (en) 2021-07-06
CN106572021A (en) 2017-04-19

Similar Documents

Publication Publication Date Title
WO2016198022A1 (en) Method for implementing virtualization network overlay and network virtualization edge node
WO2021063232A1 (en) Method, apparatus and system for establishing bier forwarding table entry
US9985867B2 (en) Optimizing EVPN for data centers with redundant top-of-rack deployments
US9240944B2 (en) Overlay services in communication networks
US20210266189A1 (en) Packet forwarding method, packet sending apparatus, and packet receiving apparatus
EP3322140A1 (en) Bier packet transmission method and device
CN103841028B (en) Method and device for forwarding messages
EP2891277B1 (en) Overlay virtual gateway for overlay networks
KR102054338B1 (en) Routing vlan tagged packets to far end addresses of virtual forwarding instances using separate administrations
EP3896923A1 (en) Bier packet sending method and apparatus
WO2016188501A1 (en) Method for implementing bit index explicit replication and bit-forwarding router
US10637687B2 (en) EVPN implicit aliasing
US8898334B2 (en) System for network deployment and method for mapping and data forwarding thereof
EP2869512A1 (en) Dynamic area filtering for link-state routing protocols
US9467376B2 (en) Method and device for sending internet protocol packets
US8243625B2 (en) Systems and methods for implementing multi-topology support for label distribution protocol (LPD) of a multiprotocol label switching network
CN110912796B (en) Communication method, device and system
WO2016198017A1 (en) Method and apparatus for transmitting multicast address
CN106982163B (en) Method and gateway for acquiring route on demand
US20200296039A1 (en) Dynamic next-hop selection for routes in a network fabric
JP6098192B2 (en) Address generator
WO2022117018A1 (en) Packet transmission method and apparatus
EP4030698A1 (en) Packet processing method, device, system and apparatus as well as storage medium
WO2021017590A1 (en) Method, system, and first gw for achieving dci three-layer communication
WO2024016869A1 (en) Multicast configuration method and apparatus

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 16806920

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 16806920

Country of ref document: EP

Kind code of ref document: A1