[go: up one dir, main page]
More Web Proxy on the site http://driver.im/

CN104767685A - Flow forwarding method and device - Google Patents

Flow forwarding method and device Download PDF

Info

Publication number
CN104767685A
CN104767685A CN201510184872.2A CN201510184872A CN104767685A CN 104767685 A CN104767685 A CN 104767685A CN 201510184872 A CN201510184872 A CN 201510184872A CN 104767685 A CN104767685 A CN 104767685A
Authority
CN
China
Prior art keywords
address
conflict
stream table
main frame
existing stream
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN201510184872.2A
Other languages
Chinese (zh)
Other versions
CN104767685B (en
Inventor
赵昌峰
吴玲
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Hangzhou H3C Technologies Co Ltd
Original Assignee
Hangzhou H3C Technologies Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Hangzhou H3C Technologies Co Ltd filed Critical Hangzhou H3C Technologies Co Ltd
Priority to CN201510184872.2A priority Critical patent/CN104767685B/en
Publication of CN104767685A publication Critical patent/CN104767685A/en
Application granted granted Critical
Publication of CN104767685B publication Critical patent/CN104767685B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Landscapes

  • Data Exchanges In Wide-Area Networks (AREA)

Abstract

The invention provides a flow forwarding method and device. The method comprises the steps of determining a host with an address conflict; for each of at least one existing flow meter, determining the corresponding flow identifier of each existing flow meter, wherein the existing flow meters are used for forwarding the existing flow of the host with the address conflict and are distributed to a software defined network (SDN) switch; distributing the first flow meter for forwarding the corresponding flow of the existing flow meters to the SDN switch with the distributed existing flow meters, wherein the matching item of the first flow meter comprises the flow identifier.

Description

A kind of flow forwarding method and device
Technical field
The invention belongs to software defined network (Software Defined Network, SDN) technical field, particularly a kind of flow forwarding method and device.
Background technology
SDN technology by being separated with datum plane by the control plane of the network equipment, thus realizes the flexible control of network traffics.Correspondingly, SDN framework comprises SDN controller and SDN switch, wherein: the SDN management channels by being preferably open flows (OpenFlow agreement) between SDN controller and SDN switch communicates, SDN controller is issued to SDN switch according to the protocol generation stream table of the configuration of user or dynamic operation, and the stream table that SDN switch issues according to SDN controller carries out Message processing.
In SDN, the extendible VLAN of extensive use (Virtual eXtensible LAN, VXLAN) technology realizes the tunnel of data retransmission.In SDN networking, SDN controller, also as DHCP (Dynamic Host Configuration Protocol, DHCP) server, is the host assignment IP addresses such as virtual machine (Virtual Machine, VM).
But, in the SDN of prior art, when SDN controller cluster occur division and when again merging, IP address conflict may be there is between main frame, and in conflicting main frame, only have a main frame to enjoy service, other main frame is isolated and flow interrupts at once, thus can not enjoy service.
Summary of the invention
In view of this, the present invention proposes a kind of flow forwarding method and device, thus provides service for there is the main frame of address conflict.
The technical scheme of embodiment of the present invention is as follows:
According to the one side of embodiment of the present invention, propose a kind of flow forwarding method, the method is included in the following steps that the SDN controller in SDN framework performs:
Determine the main frame of address conflict;
Be directed to each the existing stream table at least one existing stream table, determine the flow identifier that this existing stream table is corresponding, described existing stream table is the existing flow of main frame for forwarding described address conflict and has been issued to the stream table of SDN switch;
To being issued the first-class table for forwarding flow corresponding to this existing stream table by the SDN switch issuing this existing stream table, the occurrence of described first-class table comprises described flow identifier.
Preferably, the method also comprises:
Determine the reference address of the conflict address of the main frame of described address conflict;
Issue second table to the SDN switch be connected with the main frame of described address conflict, the source address of the first newly-increased traffic messages that described second table is used for the main frame from described address conflict to receive is converted to described reference address, and/or,
Issue the 3rd stream table to the SDN switch be connected with the main frame of described address conflict, the destination address that described 3rd stream table is used for destination address the second newly-increased traffic messages being described reference address is converted to described conflict address.
Preferably, described existing stream table is issued to the SDN switch be connected with the main frame of described address conflict, and described existing stream table meets: the incoming interface in occurrence is the interface of the main frame of described address conflict and the source IP address in occurrence is conflict address; Or
Described existing stream table is issued to the SDN switch be connected with the main frame of described address conflict, and described existing stream table meets: the object IP address in occurrence is conflict address and action item comprises and specifies the interface of the main frame of described address conflict to be outgoing interface; Or
Described existing stream table is issued to the SDN switch be not connected with the main frame of described address conflict, described existing stream table meets: the source IP address in occurrence is conflict address, and the extendible VLAN (VXLAN) in occurrence encapsulates destination node (VTEP) the IP address, VXLAN tunnel that source IP address is the SDN switch be connected with the main frame of described address conflict; Or
Described existing stream table is issued to the SDN switch be not connected with the main frame of described address conflict, described existing stream table is satisfied: the object IP address in occurrence is conflict address, and action item comprises appointment VXLAN and encapsulates the VTEP IP address that destination address is the SDN switch of the main frame connection of described address conflict.
Preferably, the described flow identifier determining that this existing stream table is corresponding comprises:
To being issued mirror request by the SDN switch issuing this existing stream table, to make to be given the flow that this existing stream table is corresponding by the SDN switch issuing this existing stream table on described SDN controller;
From described issued the SDN switch of this existing stream table extract flow identifier corresponding to this existing stream table in the flow that send.
Preferably, the described flow identifier determining that this existing stream table is corresponding comprises:
When comprising flow identifier in this existing stream table, from this existing stream table, extract flow identifier;
When not comprising flow identifier in this existing stream table, to being issued mirror request by the SDN switch issuing this existing stream table, to make to be given the flow that this existing stream table is corresponding by the SDN switch issuing this existing stream table on described SDN controller; From described by find that there is the SDN switch of stream table extract flow identifier corresponding to this existing stream table in the flow that send.
Preferably, be directed to the first-class table being issued to the SDN switch be connected with the main frame of described address conflict, if the object IP address that the occurrence of this first-class table comprises is described conflict address and VXLAN encapsulates the VTEP IP address that source IP address is not gateway, then the action item of described first-class table comprises: amendment object Mac address is the Mac address of the main frame of described address conflict.
Preferably, the method also comprises: for reference address determined by the main frame of described address conflict; Be directed to the first-class table being issued to the SDN switch be connected with the main frame of described address conflict, if the source IP address that the occurrence of this first-class table comprises is conflict address and action item comprises the VTEP IP address that appointment VXLAN encapsulation object IP address is gateway, then the action item of described first-class table comprises: amendment source IP address is described reference address; And/or
Be directed to the first-class table being issued to the SDN switch be connected with the main frame of described address conflict, if the object IP address that the occurrence of this first-class table comprises is described reference address and VXLAN encapsulates the VTEP IP address that source IP address is gateway, then the action item of described first-class table comprises: amendment object IP address is described conflict address.
Preferably, the method also comprises:
For reference address determined by the main frame of described address conflict;
To address conflict main frame belonging to SDN controller under gateway device send network address translation (NAT) and revise list item, described NAT revise list item be used for the NAT of described gateway device to show in raw address be revised as reference address by address of conflicting.
Preferably, described flow identifier comprises: source IP address, object IP address, transport layer protocol type, source port and destination interface.
According to the another aspect of embodiment of the present invention, propose a kind of traffic forwarding device, the SDN controller of this application of installation in SDN framework, this device comprises:
Conflict main frame determination module, for determining the main frame of address conflict;
Flow identifier determination module, be directed to each the existing stream table at least one existing stream table, determine the flow identifier that this existing stream table is corresponding, described existing stream table is the existing flow of main frame for forwarding described address conflict and has been issued to the stream table of SDN switch;
First-class table issues module, and for being issued the first-class table for forwarding flow corresponding to this existing stream table by the SDN switch issuing this existing stream table, the occurrence of described first-class table comprises described flow identifier.
Preferably, also comprise:
Reference address determination module, for determining the reference address of the conflict address of the main frame of described address conflict;
Second table issues module, for issuing second table to the SDN switch be connected with the main frame of described address conflict, the source address of the first newly-increased traffic messages that described second table is used for the main frame from described address conflict to receive is converted to described reference address, and/or
3rd stream table issues module, and for issuing the 3rd stream table to the SDN switch be connected with the main frame of described address conflict, the destination address that described 3rd stream table is used for destination address the second newly-increased traffic messages being described reference address is converted to described conflict address.
Preferably, described existing stream table is issued to the SDN switch be connected with the main frame of described address conflict, and described existing stream table meets: the incoming interface in occurrence is the interface of the main frame of described address conflict and the source IP address in occurrence is conflict address; Or
Described existing stream table is issued to the SDN switch be connected with the main frame of described address conflict, and described existing stream table meets: the object IP address in occurrence is conflict address and action item comprises and specifies the interface of the main frame of described address conflict to be outgoing interface; Or
Described existing stream table is issued to the SDN switch be not connected with the main frame of described address conflict, described existing stream table meets: the source IP address in occurrence is conflict address, and the VXLAN encapsulation source IP address in occurrence is the VTEP IP address of the SDN switch be connected with the main frame of described address conflict; Or
Described existing stream table is issued to the SDN switch be not connected with the main frame of described address conflict, described existing stream table is satisfied: the object IP address in occurrence is conflict address, and action item comprises appointment VXLAN and encapsulates the VTEP IP address that destination address is the SDN switch of the main frame connection of described address conflict.
Preferably, flow identifier determination module, for being issued mirror request by the SDN switch issuing this existing stream table, to make to be given the flow that this existing stream table is corresponding by the SDN switch issuing this existing stream table on described SDN controller; From described issued the SDN switch of this existing stream table extract flow identifier corresponding to this existing stream table in the flow that send.
Preferably, flow identifier determination module, for when comprising flow identifier in this existing stream table, extracts flow identifier from this existing stream table; When not comprising flow identifier in this existing stream table, to being issued mirror request by the SDN switch issuing this existing stream table, to make to be given the flow that this existing stream table is corresponding by the SDN switch issuing this existing stream table on described SDN controller, from described by find that there is the SDN switch of stream table extract flow identifier corresponding to this existing stream table in the flow that send
Preferably, be directed to the first-class table being issued to the SDN switch be connected with the main frame of described address conflict, if the object IP address that the occurrence of this first-class table comprises is described conflict address and VXLAN encapsulates the VTEP IP address that source IP address is not gateway, then the action item of described first-class table comprises: amendment object Mac address is the Mac address of the main frame of described address conflict.
Preferably, also comprise:
Reference address determination module, for determining reference address for the main frame of described address conflict;
Be directed to the first-class table being issued to the SDN switch be connected with the main frame of described address conflict, if the source IP address that the occurrence of this first-class table comprises is conflict address and action item comprises the VTEP IP address that appointment VXLAN encapsulation object IP address is gateway, then the action item of described first-class table comprises: amendment source IP address is described reference address; And/or
Be directed to the first-class table being issued to the SDN switch be connected with the main frame of described address conflict, if the object IP address that the occurrence of this first-class table comprises is described reference address and VXLAN encapsulates the VTEP IP address that source IP address is gateway, then the action item of described first-class table comprises: amendment object IP address is described conflict address.
Preferably, also comprise:
Reference address determination module, for determining reference address for the main frame of described address conflict;
NAT modified module, sends NAT for the gateway device under the SDN controller belonging to the main frame to address conflict and revises list item, and described NAT revises list item and is used for the raw address in the NAT of described gateway device table to be revised as reference address by address of conflicting.
In the present invention, the existing flow for the main frame of address conflict extracts flow identifier, and issues the first-class table for forwarding existing flow based on extracted flow identifier, and the existing flow achieving address conflict main frame continues to forward.
In addition, the present invention is by determining the reference address of the conflict address of the main frame of address conflict, the source address of the newly-increased traffic messages received by the main frame from address conflict is converted to reference address, and be that the destination address of newly-increased traffic messages of reference address is converted to conflict address by destination address, achieve the forwarding of the new flow increasing of address conflict main frame.
Accompanying drawing explanation
Fig. 1 is SDN controller cluster division schematic diagram in prior art;
Fig. 2 is the flow chart of the flow forwarding method according to embodiment of the present invention;
Fig. 3 is the SDN controller cluster division schematic diagram according to embodiment of the present invention;
Fig. 4 is the structure chart of the traffic forwarding device according to embodiment of the present invention.
Embodiment
For making the object, technical solutions and advantages of the present invention clearly, below in conjunction with accompanying drawing, the present invention is described in further detail.
Fig. 1 is SDN controller cluster division schematic diagram in prior art.
As seen from Figure 1, SDN controller cluster comprises SDN controller 1 and SDN controller 2.Server 1 is connected with SDN controller 1, and server 2 is connected with SDN controller 2 with server 3.Switch SW (Switch) 1 and SW2 is the switch of cluster management network, for the passage of SDN controller 1 with SDN controller 2 synchrodata.SW3, SW4, SW5, SW6 and SW7 are the switch of existing network.Gateway GW (Gateway) 1 is connected with SDN controller 1; GW2 and SDN controller 2 connects.Each gateway terminates VXLAN flow carry out Business Processing (as NAT etc.), realizes the exchanging visit of existing network and non-virtualized network.There is VM1, VM2 on the server and virtual switch (vSwitch) 1, VM1 is connected with vSwitch1 respectively with VM2; Server 2 has VM3, VM4 and vSwitch2, VM3 with VM4 is connected with vSwitch2 respectively; Server 3 has VM5, VM6 and vSwitch3, VM5 with VM6 is connected with vSwitch3 respectively.
The vSwitch3 of the vSwitch1 of server 1, the vSwitch2 of server 2 and server 3 and SDN switch known to those skilled in the art.
Between SW1 and SW2 during link failure, the cluster division that SDN controller 1 and controller 2 form.SDN controller 1 is as the master controller of vSwitch1 and GW1, and SDN controller 2 is as the master controller of vSwitch2, vSwitch3 and GW2.
When after cluster division, VM2 applies for IP address to SDN controller 1, and VM4 applies for IP address to SDN controller 2.The IP address that SDN controller 1 distributes for VM2 is identical with the IP address that SDN controller 2 distributes for VM4.
After the cluster of division reconsolidates, the master controller of SDN controller cluster finds that the IP address of VM2 and VM4 is identical.In the prior art, be as the criterion with one party SDN controller, and the VM of SDN controller will be isolated in addition, thus cannot service be enjoyed.Such as, if be as the criterion with SDN controller 1, VM2 can enjoy service, and VM4 is isolated service of can not enjoying; If be as the criterion with SDN controller 2, VM4 can enjoy service, and VM2 is isolated and can not enjoys service.
The application is devoted to for the main frame of address conflict provides service.
Fig. 2 is the flow chart of the flow forwarding method according to embodiment of the present invention, and the method can be applicable to SDN controller.
As seen from Figure 2, the method comprises:
Step 201: the main frame determining address conflict.
When there is the identical situation in IP address between main frame, SDN controller can be determined or the mode such as Stochastic choice based on predetermined policy, manually, some main frames are defined as normal main frame, and other main frame is defined as the main frame of address conflict.Normal main frame normally enjoys service, and the main frame being defined as address conflict is not also isolated.
Step 202: be directed to each the existing stream table at least one existing stream table, determine the flow identifier that this existing stream table is corresponding, existing stream table is existing flow for the main frame of forwarding address conflict and has been issued to the stream table of SDN switch.
Be directed to the existing flow of each main frame for forwarding address conflict and be issued to the existing stream table of SDN switch, the flow identifier that this existing stream table is corresponding determined respectively by SDN controller.
In one embodiment, flow identifier comprises: source IP address, object IP address, transport layer protocol type, source port and destination interface.Visible, not only comprise source IP address and the object IP address of flow in flow identifier, also comprise the source port of flow, destination interface and transport layer protocol type.Therefore based on flow identifier, existing flow corresponding to stream table can be had by precise marking.
In one embodiment, existing stream table is issued to the SDN switch be connected with the main frame of address conflict, and this existing stream table meets: the incoming interface in occurrence is the interface of the main frame of address conflict and the source IP address in occurrence is conflict address.
In one embodiment, existing stream table is issued to the SDN switch be connected with the main frame of address conflict, and this existing stream table meets: the object IP address in occurrence is conflict address and the interface that action item comprises the main frame of assigned address conflict is outgoing interface.
In one embodiment, existing stream table is issued to the SDN switch be not connected with the main frame of address conflict, and this existing stream table meets: the source IP address in occurrence is conflict address, and the extendible VLAN (VXLAN) in occurrence encapsulates destination node (VTEP) the IP address, VXLAN tunnel that source IP address is the SDN switch be connected with the main frame of address conflict.
In one embodiment, existing stream table is issued to the SDN switch be not connected with the main frame of address conflict, and this existing stream table is satisfied: the object IP address in occurrence is conflict address, action item comprises appointment VXLAN and encapsulates the VTEP IP address that destination address is the SDN switch of the main frame connection of address conflict.
SDN controller can obtain flow identifier corresponding to existing stream table by the mode issuing mirror request to the SDN switch receiving existing stream table.
In one embodiment, determine that the flow identifier that existing stream table is corresponding comprises:
To being issued mirror request by the SDN switch issuing this existing stream table, to make to be given the flow that this existing stream table is corresponding by the SDN switch issuing this existing stream table on SDN controller;
From issued the SDN switch of this existing stream table extract flow identifier corresponding to this existing stream table in the flow that send.
Alternatively, SDN controller judges whether the existing stream table being handed down to SDN switch comprises flow identifier, and when comprising flow identifier, SDN controller directly extracts flow identifier from existing stream table; When not comprising flow identifier, SDN controller obtains flow identifier corresponding to existing stream table by the mode issuing mirror request.
In one embodiment, determine that the flow identifier that this existing stream table is corresponding comprises:
When comprising flow identifier in this existing stream table, from this existing stream table, extract flow identifier;
When not comprising flow identifier in this existing stream table, to being issued mirror request by the SDN switch issuing this existing stream table, to make to be given the flow that this existing stream table is corresponding by the SDN switch issuing this existing stream table on SDN controller; From by find that there is the SDN switch of stream table extract flow identifier corresponding to this existing stream table in the flow that send.
Step 203: to being issued the first-class table for forwarding flow corresponding to this existing stream table by the SDN switch issuing this existing stream table, the occurrence of first-class table comprises flow identifier.
After determining the flow identifier that existing stream table is corresponding, existing flow corresponding to stream table can be had by precise marking.SDN controller is again to being issued the first-class table for forwarding flow corresponding to this existing stream table by the SDN switch issuing this existing stream table, and the occurrence of first-class table comprises flow identifier.Occurrence just because of first-class table comprises flow identifier, and each the existing flow corresponding to existing stream table can distinguish the first-class table of exact matching, thus maintains each the existing flow corresponding to existing stream table.
Based on flow process shown in Fig. 2, can be that the main frame of address conflict maintains existing existing flow.When the main frame of address conflict has new flow increasing, by arranging the normal forwarding that reference address can realize new flow increasing for the main frame of address conflict.Wherein: the newly-increased traffic messages that the main frame for address conflict sends, at the SDN switch place be connected with the main frame of address conflict, source address is converted to reference address; For the new flow increasing of access reference address, at the SDN switch place be connected with the main frame of address conflict, destination address is converted to conflict address.
In one embodiment, the method comprises:
The reference address of the conflict address of the main frame of SDN controller determination address conflict, this reference address is not by the address used; SDN controller issues second table to the SDN switch be connected with the main frame of address conflict, and the source address of the first newly-increased traffic messages that second table is used for the main frame from address conflict to receive is converted to reference address.Visible, the SDN switch be connected with the main frame of address conflict, the source address of the received by the main frame of address conflict by second table first newly-increased traffic messages is converted to reference address, thus can forward the first newly-increased traffic messages sent by the main frame with address conflict.
In one embodiment, the method comprises: the reference address of the conflict address of the main frame of SDN controller determination address conflict, and this reference address is not by the address used; SDN controller issues the 3rd stream table to the SDN switch be connected with the main frame of address conflict, and the destination address that the 3rd stream table is used for destination address the second newly-increased traffic messages being reference address is converted to conflict address.Visible, the SDN switch be connected with the main frame of address conflict, by the 3rd stream table be that the destination address of the second newly-increased traffic messages of reference address is converted to conflict address by destination address, thus this newly-increased traffic messages can be forwarded to the main frame with address conflict.
In one embodiment, be directed to the first-class table being issued to the SDN switch be connected with the main frame of address conflict, if the object IP address that the occurrence of this first-class table comprises is conflict address and VXLAN encapsulates the VTEP IP address that source IP address is not gateway, then the action item of first-class table comprises: amendment object Mac address is the Mac address of the main frame of address conflict.
In one embodiment, the method also comprises: for reference address determined by the main frame of address conflict;
Be directed to the first-class table being issued to the SDN switch be connected with the main frame of address conflict, if the source IP address that the occurrence of this first-class table comprises is conflict address and action item comprises the VTEP IP address that appointment VXLAN encapsulation object IP address is gateway, then the action item of first-class table comprises: amendment source IP address is reference address.
In one embodiment, the method also comprises: for reference address determined by the main frame of address conflict;
Be directed to the first-class table being issued to the SDN switch be connected with the main frame of address conflict, if the object IP address that the occurrence of this first-class table comprises is reference address and VXLAN encapsulates the VTEP IP address that source IP address is gateway, then the action item of first-class table comprises: amendment object IP address is conflict address.
In one embodiment, the method also comprises:
For reference address determined by the main frame of address conflict;
To address conflict main frame belonging to SDN controller under gateway device send network address translation (NAT) revise list item, NAT revise list item be used for by the NAT of gateway device show in raw address be revised as reference address by address of conflicting.
Below in conjunction with example, embodiment of the present invention is described in detail.
Fig. 3 is the SDN controller cluster division schematic diagram according to embodiment of the present invention.
As seen from Figure 3, SDN controller cluster comprises SDN controller 1 and SDN controller 2.Server 1 is connected with SDN controller 1, and server 2 is connected with SDN controller 2 with server 3.Switch SW (Switch) 1 and SW2 is the switch of cluster management network, as the passage of synchrodata between SDN controller 1 and SDN controller 2.SW3, SW4, SW5, SW6 and SW7 are the switch of existing network.Gateway GW (Gateway) 1 is connected with SDN controller 1; GW2 and SDN controller 2 connects.Each gateway terminates VXLAN flow carry out Business Processing (as NAT etc.), thus realizes the exchanging visit of existing network and outside non-virtualized network.The VTEPIP address of GW1 is 10.0.0.1/24; The VTEP IP address of GW2 is 10.0.0.2/24.
There is VM1, VM2 on the server and virtual switch (vSwitch) 1, VM1 is connected with vSwitch1 respectively with VM2; Server 2 has VM3, VM4 and vSwitch2, VM3 with VM4 is connected with vSwitch2 respectively; Server 3 has VM5, VM6 and vSwitch3, VM5 with VM6 is connected with vSwitch3 respectively.
The vSwitch3 of the vSwitch1 of server 1, the vSwitch2 of server 2 and server 3 and SDN switch known to those skilled in the art.In server 1, the VTEP IP address of vSwitch1 is 11.1.0.2/24; In server 2, the VTEP IP address of vSwitch2 is 11.2.0.2/24; In server 3, the VTEP IP address of vSwitch3 is 11.3.0.2/24.
Between SW1 and SW2 during link failure, the cluster division that SDN controller 1 and controller 2 form.SDN controller 1 is as the master controller of vSwitch1 and GW1, and controller 2 is as the master controller of vSwitch2, vSwitch3 and GW2.
When after cluster division, VM2 applies for IP address to SDN controller 1, and VM4 applies for IP address to SDN controller 2.Assuming that the IP address that SDN controller 1 distributes for VM2 is: the IP address that 100.0.0.3/24, SDN controller 2 distributes for VM4 is similarly: 100.0.0.3/24, namely VM2 and VM4 is assigned with identical IP address.
At cluster interkinesis, have flow 1 and flow 2 between VM4 and VM6, wherein, the direction of flow 1 is VM4 to VM6, and the direction of flow 2 is VM6 to VM4.Have flow 3 and flow 4 between VM4 and non-virtualized network, wherein, the direction of flow 3 is that VM4 arrives non-virtualized network, and the direction of flow 4 is that non-virtualized network is to VM4.The MAC Address of VM4 is 00-44-44; The IP address of VM6 is 100.0.0.2/24; The IP address of the external network server in non-virtualized network is 211.0.0.1; The MAC Address of VM2 is 00-22-22; VM4 is connected to the interface 2 of vSwitch2; The interface 1 of vSwitch2 is the interface connecting SW3 switch.
List the concrete structure of the stream table being handed down to vSwitch2 and vSwitch3 below in detail.It will be appreciated by those of skill in the art that following stream list structure is only for exemplary purposes of illustration, and and be not used in restriction object.In fact, other elements such as VXLAN packaging information (as VXLAN encapsulates source IP address) may be included in the occurrence of following stream table further.Herein in order to simple object, save in the occurrence of stream table and describe VXLAN packaging information.
The stream table being handed down to vSwitch2 is as shown in table 1:
Table 1
As can be seen from Table 1, be handed down in the stream table of vSwitch2, the corresponding flow 1 of stream table Cookie2, the corresponding flow 2 of stream table Cookie3, the corresponding flow 3 of stream table Cookie4, the corresponding flow 4 of stream table Cookie5.
The stream table being handed down to vSwitch3 is as shown in table 2:
Table 2
In table 2, interface 2 is the interface of VM4 connection vSwitch3, and interface 1 is the interface of vSwitch3 connection SW5.
As can be seen from Table 2, be handed down in the stream table of vSwitch3, the corresponding flow 2 of stream table Cookie2, the corresponding flow 1 of stream table Cookie3.
The NAT list item being handed down to GW2 is as shown in table 3:
Table 3
Between SW1 and SW2 after link failure recovery, the cluster of division reconsolidates.After cluster merges, according to modes such as election or appointments, between SDN controller 1 and SDN controller 2, determine master controller.Master controller obtains synchrodata based on link between SW1 and SW2, finds that the IP address of VM2 and VM4 is identical, and preserves the stream table being issued to vSwitch1, vSwitch2 and vSwitch3 in the host controller.Determine a normal VM by master controller or the identical VM of user's secondary IP address, and other VM is conflict VM.Such as: through master controller, automatic or user judges by hand: VM2 is conflict VM as normal VM, VM4, namely determines that the main frame of address conflict is VM4.
Assuming that determined master controller is SDN controller 1.
SDN controller 1 arranges one not by the reference address 100.0.0.4 used for VM4, and arranges the corresponding relation between reference address with address of conflicting (i.e. 100.0.0.3).SDN controller 1 issues the ARP about IP address 100.0.0.4, and the MAC Address that wherein IP address 100.0.0.4 is corresponding is 00-44-44; And master controller also issues ARP, the corresponding MAC Address of IP address 100.0.0.3 is revised as the MAC Address (i.e. 00-22-22) of VM2.
SDN controller 1 issues stream table 1 to the vSwitch2 be connected with VM4, and this stream table 1 is for being converted to reference address by the source address of the newly-increased traffic messages received from VM4.And SDN controller 1 also issues stream table 2 to the vSwitch2 be connected with VM4, stream table 2 is converted to conflict address for the destination address of the newly-increased traffic messages by destination address being reference address.Visible, by arranging reference address for VM4, the normal forwarding of the new flow increasing sending or mail to VM4 from VM4 can be realized.
The existing flow how keeping VM4 is described below.
SDN controller 1 is issued to the stream table of the VSwitch2 be connected with the main frame of address conflict (i.e. VM4) at local search, and this stream table meets: the incoming interface in occurrence is the interface of the main frame of address conflict and the source IP address in occurrence is conflict address.Namely, in all stream tables being issued to VM4 place vSwitch2, inquiry incoming interface is the interface of VM4, the stream table of source IP address 100.0.0.3, finds as following table 4:
Table 4
And, SDN controller 1 is issued to the stream table in the VSwitch2 be connected with the main frame of address conflict (i.e. VM4) at local search, and this stream table meets: the object IP address in occurrence is conflict address and the interface that action item comprises the main frame of assigned address conflict is outgoing interface.Namely, in all stream tables being issued to VM4 place vSwitch2, inquiry object IP address is 100.0.0.3, and outgoing interface is the stream table of VM4 place interface, finds as following table 5:
Table 5
In addition, SDN controller 1 is issued to the stream table of the SDN switch be not connected with the main frame of address conflict at local search, and this stream table meets: the source IP address in occurrence is conflict address, the VXLAN encapsulation source IP address in occurrence is the VTEP IP address of the SDN switch be connected with the main frame of address conflict.That is, all stream tables in other VSwitch that inquiry is issued to except VSwitch2, and this stream table meets: the VTEPIP address 11.2.0.2 of source IP address to be 100.0.0.3, VXLAN packaged source IP be VSwitch2.In the stream table Cookie 3 being issued to vSwitch3, source IP address is 100.0.0.3; VXLAN packaged source IP is 11.2.0.2 (is simple object, do not describe VXLAN packaged source IP in table 2), therefore finds as following table 6 from the stream table being issued to vSwitch3:
Table 6
Also have, SDN controller 1 is issued to the stream table of the SDN switch be not connected with the main frame of address conflict at local search, and this stream table meets: the object IP address in occurrence is conflict address, the VXLAN in occurrence encapsulates the VTEP IP address that destination address is the SDN switch of the main frame connection of address conflict.That is, inquiry is issued to all stream tables in other VSwitch except VSwitch2, and this stream table meets: object IP address is 100.0.0.3, action item comprises specifies VXLAN to encapsulate the VTEP IP address 11.2.0.2 that object IP (i.e. tunnel destination address) is VM4 place VSwitch2, finds as following table 7 from the stream table being issued to vSwitch3:
Table 7
Because the Cookie4 in the table 4 and Cookie5 in table 5 all directly includes flow identifier, therefore, SDN controller 1 can the Cookie4 from table 4 and the Cookie5 extracting directly flow identifier in table 5, obtains as following table 8:
Table 8
For the Cookie2 in the table 4 and Cookie3 in table 5, due to directly flow identifier cannot be mentioned, therefore SDN controller 1 can to by under deliver Cookie3 in Cookie2 and table 5 in 4 VSwitch2 issue mirror request, on SDN controller 1, send flow corresponding to Cookie3 in Cookie2 in table 4 and table 5 to make VSwitch2; Cookie3 in the flow that SDN controller 1 send from above in extraction table 4 in Cookie2 and table 5 distinguish corresponding flow identifier.
The flow identifier that SDN controller 1 extracts for Cookie2 and Cookie3 in table 4, as shown in table 9:
Table 9
Similarly, for the Cookie3 in the table 6 and Cookie2 in table 7, due to directly flow identifier cannot be mentioned, therefore SDN controller 1 issues mirror request to the vSwitch3 delivering down the Cookie3 in the 6 and Cookie2 in table 7, gives flow corresponding to this Cookie3 and Cookie2 to make vSwitch3 on SDN controller 1; Thus SDN controller 1 extracts flow identifier corresponding to Cookie2 and Cookie3 from the flow that vSwitch3 send.
The flow identifier that SDN controller 1 extracts for the Cookie3 in the table 6 and Cookie2 in table 7, as shown in table 10:
Table 10
Then, SDN controller 1 issues new stream table for forwarding existing flow respectively to vSwitch2 and vSwitch3.Not only comprise source IP address and the object IP address of flow in new stream table as the flow identifier of occurrence, also comprise the source port of flow, destination interface and transport layer protocol type.After vSwitch2 and vSwitch3 receives new stream table, existing flow corresponding to stream table can be had based on flow identifier precise marking, and continue to forward existing flow based on new stream table, and existing stream is shown deleted or aging voluntarily.
Particularly, for existing stream table Cookie2 and Cookie3 of vSwitch2, corresponding to the new stream table that issues as shown in table 11 below:
Table 11
From table 11, existing stream table Cookie2 corresponds to new stream table Cookie201 and Cookie202.In the occurrence of new stream table Cookie201 and Cookie202, not only comprise source IP address and object IP address, also comprise source port, destination interface and protocol type further.Existing flow corresponding to existing stream table Cookie2 not only needs coupling source IP address and object IP address, also needs coupling source port, destination interface and protocol type just can hit.And with existing, the action item of new stream table Cookie201 with Cookie202 flows that to show Cookie2 identical, flow 1 corresponding to existing stream table Cookie2 so just can be made normally to forward at vSwitch2.
From table 11, existing stream table Cookie3 corresponds to new stream table Cookie301 and Cookie302.Source IP address, object IP address, source port, destination interface and protocol type is comprised equally in the occurrence of new stream table Cookie301 and Cookie302.And, the corresponding MAC Address that source host due to new flow corresponding to stream table Cookie301 and Cookie302 may receive IP address 100.0.0.3 is the ARP of the MAC Address (i.e. 00-22-22) of VM2, therefore the action item of Cookie301 with Cookie302 is except comprising the content identical with the action item of existing stream table Cookie3, also need to comprise the MAC Address (00-44-44) target MAC (Media Access Control) address being revised as VM4 from the MAC Address of VM2, flow 2 corresponding to existing stream table Cookie3 so just can be made normally to forward at vSwitch2.
Similarly, for existing stream table cookie2 and cookie3 of vSwitch3, the new stream table issued is as shown in table 12 below:
Table 12
From table 12, existing stream table Cookie2 corresponds to new stream table Cookie201 and Cookie202; Existing stream table Cookie3 corresponds to new stream table Cookie301 and Cookie302.Not only comprise source IP address and object IP address in the occurrence of new stream table Cookie201, Cookie202, Cookie301 and Cookie302, also comprise source port, destination interface and protocol type further.Therefore, each the existing flow corresponding to existing stream table Cookie2 and Cookie3 not only needs coupling source IP address and object IP address, also needs coupling source port, destination interface and protocol type just can hit.And with existing, the action item of new stream table Cookie201 with Cookie202 flows that to show Cookie2 identical, with existing, the action item of Cookie301 with Cookie302 of new stream table flows that to show Cookie3 identical, so just can make flow 2 corresponding to existing stream table Cookie2 and normally forward at vSwitch3 at the flow 1 that existing stream table Cookie3 is corresponding.
For existing stream table Cookie4 and Cookie5 of vSwitch2, the new stream table issued is as shown in table 13 below:
Table 13
From table 13, existing stream table Cookie4 corresponds to new stream table Cookie401; Existing stream table Cookie5 corresponds to new stream table Cookie501 and Cookie502.
Because the occurrence of existing stream table Cookie4 comprises flow identifier, therefore new stream table Cookie401 can be identical with the existing occurrence showing Cookie4 that flows.The flow 3 that existing stream table Cookie4 is corresponding is the flow being sent to external network from conflict main frame VM4, therefore the action item of new stream table Cookie401 also comprises source IP address is revised as reference address (100.0.0.4) by address of conflicting (100.0.0.3) except comprising the content of existing stream table Cookie4, so just, flow 3 corresponding to existing stream table Cookie4 can be made normally to forward at vSwitch2, and after making flow 3 arrive gateway, can know that this flow 3 is sent by VM4, and forward.
The flow 4 that existing stream table Cookie5 is corresponding is the flow being sent to conflict main frame VM4 from external network.New stream table Cookie501 maintained flow 4 for issue the ARP about IP address 100.0.0.4 at SDN controller 1 before; New stream table Cookie502 maintains flow 4 for issue the ARP about IP address 100.0.0.4 at SDN controller 1 after.
Because the occurrence of existing stream table Cookie5 comprises flow identifier, therefore new stream table Cookie501 is identical with the existing occurrence showing Cookie5 that flows.When source host does not receive the ARP about IP address 100.0.0.4, when flow 4 arrives server 2, object IP address is still 100.0.0.3, with existing, new stream table Cookie501 action item flows that to show Cookie5 identical.
When source host has received the ARP about IP address 100.0.0.4, when flow 4 arrives server 2, object IP address may be reference address (100.0.0.4), therefore new stream table Cookie502 action item also comprises address (100.0.0.3) of conflicting is revised as by reference address (100.0.0.4) in object IP address except comprising the content identical with existing stream table Cookie5, and flow 4 corresponding to existing stream table Cookie5 so just can be made normally to forward at vSwitch2.In addition, the occurrence of existing stream table Cookie5 comprises flow identifier, and therefore new stream table Cookie502 can be identical with the existing occurrence showing Cookie5 that flows, and is only that object IP address is changed to 100.0.0.4 by 100.0.0.3.
And SDN controller cluster issues NAT to GW2 and revises list item, reference address 100.0.0.4 is revised as in the former IP address in being shown by the NAT of GW2.So far, the existing flow of VM4 can match in newly-increased stream table, and therefore the existing flow of VM4 is maintained.
Fig. 4 is the structure chart of the traffic forwarding device according to embodiment of the present invention, in this application of installation SDN controller.
As shown in Figure 4, this device 400 comprises:
Conflict main frame determination module 401, for determining the main frame of address conflict;
Flow identifier determination module 402, is directed to each the existing stream table at least one existing stream table, determines the flow identifier that this existing stream table is corresponding, and existing stream table is existing flow for the main frame of forwarding address conflict and has been issued to the stream table of SDN switch;
First-class table issues module 403, and for being issued the first-class table for forwarding flow corresponding to this existing stream table by the SDN switch issuing this existing stream table, the occurrence of first-class table comprises flow identifier.
In one embodiment, this device 400 also comprises:
Reference address determination module 404, for determining the reference address of the conflict address of the main frame of address conflict;
Second table issues module 405, for issuing second table to the SDN switch be connected with the main frame of described address conflict, the source address of the first newly-increased traffic messages that described second table is used for the main frame from described address conflict to receive is converted to reference address, and/or
3rd stream table issues module 406, and for issuing the 3rd stream table to the SDN switch be connected with the main frame of address conflict, the destination address that the 3rd stream table is used for destination address the second newly-increased traffic messages being reference address is converted to conflict address.
In one embodiment, existing stream table is issued to the SDN switch be connected with the main frame of address conflict, and existing stream table meets: the incoming interface in occurrence is the interface of the main frame of address conflict and the source IP address in occurrence is conflict address; Or
Existing stream table is issued to the SDN switch be connected with the main frame of address conflict, and existing stream table meets: the object IP address in occurrence is conflict address and the interface that action item comprises the main frame of assigned address conflict is outgoing interface; Or
Existing stream table is issued to the SDN switch be not connected with the main frame of address conflict, existing stream table meets: the source IP address in occurrence is conflict address, and the extendible VXLAN encapsulation source IP address in occurrence is the VTEP IP address of the SDN switch be connected with the main frame of address conflict; Or
Existing stream table is issued to the SDN switch be not connected with the main frame of address conflict, existing stream table is satisfied: the object IP address in occurrence is conflict address, and action item comprises appointment VXLAN and encapsulates the VTEP IP address that destination address is the SDN switch of the main frame connection of address conflict.
In one embodiment, flow identifier determination module 402, for being issued mirror request by the SDN switch issuing this existing stream table, to make to be given the flow that this existing stream table is corresponding by the SDN switch issuing this existing stream table on SDN controller; From issued the SDN switch of this existing stream table extract flow identifier corresponding to this existing stream table in the flow that send.
In one embodiment, flow identifier determination module 402, for when comprising flow identifier in this existing stream table, extracts flow identifier from this existing stream table; When not comprising flow identifier in this existing stream table, to being issued mirror request by the SDN switch issuing this existing stream table, to make to be given the flow that this existing stream table is corresponding by the SDN switch issuing this existing stream table on SDN controller, from by find that there is the SDN switch of stream table extract flow identifier corresponding to this existing stream table in the flow that send
In one embodiment,
Be directed to the first-class table being issued to the SDN switch be connected with the main frame of address conflict, if the object IP address that the occurrence of this first-class table comprises is conflict address and VXLAN encapsulates the VTEP IP address that source IP address is not gateway, then the action item of first-class table comprises: amendment object Mac address is the Mac address of the main frame of address conflict.
In one embodiment, this device 400 also comprises:
Reference address determination module 404, determines reference address for the main frame for address conflict;
Be directed to the first-class table being issued to the SDN switch be connected with the main frame of address conflict, if the source IP address that the occurrence of this first-class table comprises is conflict address and action item comprises the VTEP IP address that appointment VXLAN encapsulation object IP address is gateway, then the action item of first-class table comprises: amendment source IP address is reference address; And/or
Be directed to the first-class table being issued to the SDN switch be connected with the main frame of address conflict, if the object IP address that the occurrence of this first-class table comprises is reference address and VXLAN encapsulates the VTEP IP address that source IP address is gateway, then the action item of first-class table comprises: amendment object IP address is conflict address.
In one embodiment, this device also comprises:
Reference address determination module 404, determines reference address for the main frame for address conflict;
NAT modified module 407, sends NAT for the gateway device under the SDN controller belonging to the main frame to address conflict and revises list item, and NAT revises list item and is used for the raw address in the NAT of gateway device table to be revised as reference address by address of conflicting.
In sum, the existing flow that the present invention is directed to the main frame of address conflict extracts flow identifier, and issues the first-class table for forwarding existing flow based on extracted flow identifier, and the existing flow achieving address conflict main frame continues to forward.
In addition, the present invention is by determining the reference address of the conflict address of the main frame of address conflict, the source address of the newly-increased traffic messages received by the main frame from address conflict is converted to reference address, and be that the destination address of newly-increased traffic messages of reference address is converted to conflict address by destination address, achieve the forwarding of the new flow increasing of address conflict main frame.
The above, be only preferred embodiment of the present invention, be not intended to limit protection scope of the present invention.Within the spirit and principles in the present invention all, any amendment done, equivalent replacement, improvement etc., all should be included within protection scope of the present invention.

Claims (17)

1. a flow forwarding method, is characterized in that, the method is included in the following steps that the SDN controller in software defined network SDN framework performs:
Determine the main frame of address conflict;
Be directed to each the existing stream table at least one existing stream table, determine the flow identifier that this existing stream table is corresponding, described existing stream table is the existing flow of main frame for forwarding described address conflict and has been issued to the stream table of SDN switch;
To being issued the first-class table for forwarding flow corresponding to this existing stream table by the SDN switch issuing this existing stream table, the occurrence of described first-class table comprises described flow identifier.
2. flow forwarding method according to claim 1, is characterized in that, the method also comprises:
Determine the reference address of the conflict address of the main frame of described address conflict;
Issue second table to the SDN switch be connected with the main frame of described address conflict, the source address of the first newly-increased traffic messages that described second table is used for the main frame from described address conflict to receive is converted to described reference address, and/or,
Issue the 3rd stream table to the SDN switch be connected with the main frame of described address conflict, the destination address that described 3rd stream table is used for destination address the second newly-increased traffic messages being described reference address is converted to described conflict address.
3. flow forwarding method according to claim 1, is characterized in that,
Described existing stream table is issued to the SDN switch be connected with the main frame of described address conflict, and described existing stream table meets: the incoming interface in occurrence is the interface of the main frame of described address conflict and the source IP address in occurrence is conflict address; Or
Described existing stream table is issued to the SDN switch be connected with the main frame of described address conflict, and described existing stream table meets: the object IP address in occurrence is conflict address and action item comprises and specifies the interface of the main frame of described address conflict to be outgoing interface; Or
Described existing stream table is issued to the SDN switch be not connected with the main frame of described address conflict, described existing stream table meets: the source IP address in occurrence is conflict address, and the extendible VLAN VXLAN encapsulation source IP address in occurrence is the destination node VTEP IP address, VXLAN tunnel of the SDN switch be connected with the main frame of described address conflict; Or
Described existing stream table is issued to the SDN switch be not connected with the main frame of described address conflict, described existing stream table is satisfied: the object IP address in occurrence is conflict address, and action item comprises appointment VXLAN and encapsulates the VTEP IP address that object IP address is the SDN switch of the main frame connection of described address conflict.
4. flow forwarding method according to claim 1, is characterized in that, the described flow identifier determining that this existing stream table is corresponding comprises:
To being issued mirror request by the SDN switch issuing this existing stream table, to make to be given the flow that this existing stream table is corresponding by the SDN switch issuing this existing stream table on described SDN controller;
From described issued the SDN switch of this existing stream table extract flow identifier corresponding to this existing stream table in the flow that send.
5. flow forwarding method according to claim 1, is characterized in that, the described flow identifier determining that this existing stream table is corresponding comprises:
When comprising flow identifier in this existing stream table, from this existing stream table, extract flow identifier;
When not comprising flow identifier in this existing stream table, to being issued mirror request by the SDN switch issuing this existing stream table, to make to be given the flow that this existing stream table is corresponding by the SDN switch issuing this existing stream table on described SDN controller; From described by find that there is the SDN switch of stream table extract flow identifier corresponding to this existing stream table in the flow that send.
6. flow forwarding method according to claim 1, is characterized in that,
Be directed to the first-class table being issued to the SDN switch be connected with the main frame of described address conflict, if the object IP address that the occurrence of this first-class table comprises is conflict address and VXLAN encapsulates the VTEP IP address that source IP address is not gateway, then the action item of described first-class table comprises: amendment object Mac address is the Mac address of the main frame of described address conflict.
7. flow forwarding method according to claim 1, is characterized in that, the method also comprises: for reference address determined by the main frame of described address conflict;
Be directed to the first-class table being issued to the SDN switch be connected with the main frame of described address conflict, if the source IP address that the occurrence of this first-class table comprises is conflict address and action item comprises the VTEP IP address that appointment VXLAN encapsulation object IP address is gateway, then the action item of described first-class table comprises: amendment source IP address is described reference address; And/or
Be directed to the first-class table being issued to the SDN switch be connected with the main frame of described address conflict, if the object IP address that the occurrence of this first-class table comprises is described reference address and VXLAN encapsulates the VTEP IP address that source IP address is gateway, then the action item of described first-class table comprises: amendment object IP address is described conflict address.
8. flow forwarding method according to claim 1, is characterized in that, the method also comprises:
For reference address determined by the main frame of described address conflict;
To address conflict main frame belonging to SDN controller under gateway device send network address translation NAT and revise list item, described NAT revise list item be used for the NAT of described gateway device to show in raw address be revised as reference address by address of conflicting.
9. the flow forwarding method according to any one of claim 1-8, is characterized in that, described flow identifier comprises: source IP address, object IP address, transport layer protocol type, source port and destination interface.
10. a traffic forwarding device, is characterized in that, the SDN controller of this application of installation in software defined network SDN framework, and this device comprises:
Conflict main frame determination module, for determining the main frame of address conflict;
Flow identifier determination module, be directed to each the existing stream table at least one existing stream table, determine the flow identifier that this existing stream table is corresponding, described existing stream table is the existing flow of main frame for forwarding described address conflict and has been issued to the stream table of SDN switch;
First-class table issues module, and for being issued the first-class table for forwarding flow corresponding to this existing stream table by the SDN switch issuing this existing stream table, the occurrence of described first-class table comprises described flow identifier.
11. traffic forwarding devices according to claim 10, is characterized in that, also comprise:
Reference address determination module, for determining the reference address of the conflict address of the main frame of described address conflict;
Second table issues module, for issuing second table to the SDN switch be connected with the main frame of described address conflict, the source address of the first newly-increased traffic messages that described second table is used for the main frame from described address conflict to receive is converted to described reference address, and/or
3rd stream table issues module, and for issuing the 3rd stream table to the SDN switch be connected with the main frame of described address conflict, the destination address that described 3rd stream table is used for destination address the second newly-increased traffic messages being described reference address is converted to described conflict address.
12. traffic forwarding devices according to claim 10, is characterized in that,
Described existing stream table is issued to the SDN switch be connected with the main frame of described address conflict, and described existing stream table meets: the incoming interface in occurrence is the interface of the main frame of described address conflict and the source IP address in occurrence is conflict address; Or
Described existing stream table is issued to the SDN switch be connected with the main frame of described address conflict, and described existing stream table meets: the object IP address in occurrence is conflict address and action item comprises and specifies the interface of the main frame of described address conflict to be outgoing interface; Or
Described existing stream table is issued to the SDN switch be not connected with the main frame of described address conflict, described existing stream table meets: the source IP address in occurrence is conflict address, and the extendible VLAN VXLAN encapsulation source IP address in occurrence is the destination node VTEP IP address, VXLAN tunnel of the SDN switch be connected with the main frame of described address conflict; Or
Described existing stream table is issued to the SDN switch be not connected with the main frame of described address conflict, described existing stream table is satisfied: the object IP address in occurrence is conflict address, and action item comprises appointment VXLAN and encapsulates the VTEP IP address that object IP address is the SDN switch of the main frame connection of described address conflict.
13. traffic forwarding devices according to claim 10, is characterized in that,
Flow identifier determination module, for being issued mirror request by the SDN switch issuing this existing stream table, to make to be given the flow that this existing stream table is corresponding by the SDN switch issuing this existing stream table on described SDN controller; From described issued the SDN switch of this existing stream table extract flow identifier corresponding to this existing stream table in the flow that send.
14. traffic forwarding devices according to claim 10, is characterized in that,
Flow identifier determination module, for when comprising flow identifier in this existing stream table, extracts flow identifier from this existing stream table; When not comprising flow identifier in this existing stream table, to being issued mirror request by the SDN switch issuing this existing stream table, to make to be given the flow that this existing stream table is corresponding by the SDN switch issuing this existing stream table on described SDN controller, from described by find that there is the SDN switch of stream table extract flow identifier corresponding to this existing stream table in the flow that send.
15. traffic forwarding devices according to claim 10, is characterized in that,
Be directed to the first-class table being issued to the SDN switch be connected with the main frame of described address conflict, if the object IP address that the occurrence of this first-class table comprises is described conflict address and VXLAN encapsulates the VTEP IP address that source IP address is not gateway, then the action item of described first-class table comprises: amendment object Mac address is the Mac address of the main frame of described address conflict.
16. traffic forwarding devices according to claim 10, is characterized in that, also comprise:
Reference address determination module, for determining reference address for the main frame of described address conflict;
Be directed to the first-class table being issued to the SDN switch be connected with the main frame of described address conflict, if the source IP address that the occurrence of this first-class table comprises is conflict address and action item comprises the VTEP IP address that appointment VXLAN encapsulation object IP address is gateway, then the action item of described first-class table comprises: amendment source IP address is described reference address; And/or
Be directed to the first-class table being issued to the SDN switch be connected with the main frame of described address conflict, if the object IP address that the occurrence of this first-class table comprises is described reference address and VXLAN encapsulates the VTEP IP address that source IP address is gateway, then the action item of described first-class table comprises: amendment object IP address is described conflict address.
17. traffic forwarding devices according to claim 10, is characterized in that, also comprise:
Reference address determination module, for determining reference address for the main frame of described address conflict;
NAT modified module, send network address translation NAT for the gateway device under the SDN controller belonging to the main frame to address conflict and revise list item, described NAT revises list item and is used for the raw address in the NAT of described gateway device table to be revised as reference address by address of conflicting.
CN201510184872.2A 2015-04-17 2015-04-17 A kind of flow forwarding method and device Active CN104767685B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201510184872.2A CN104767685B (en) 2015-04-17 2015-04-17 A kind of flow forwarding method and device

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201510184872.2A CN104767685B (en) 2015-04-17 2015-04-17 A kind of flow forwarding method and device

Publications (2)

Publication Number Publication Date
CN104767685A true CN104767685A (en) 2015-07-08
CN104767685B CN104767685B (en) 2018-04-20

Family

ID=53649308

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201510184872.2A Active CN104767685B (en) 2015-04-17 2015-04-17 A kind of flow forwarding method and device

Country Status (1)

Country Link
CN (1) CN104767685B (en)

Cited By (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN105743734A (en) * 2016-01-22 2016-07-06 北京航空航天大学 Virtual machine mirror image flow transmission control method and virtual machine mirror image flow transmission control device
WO2017185878A1 (en) * 2016-04-27 2017-11-02 新华三技术有限公司 Packet forwarding
CN107547348A (en) * 2017-07-25 2018-01-05 新华三技术有限公司 Prevent flow interruption method and apparatus
CN107786407A (en) * 2016-08-27 2018-03-09 南京理工大学 It is a kind of to solve the method for loop network link disconnecting using SDN technologies
CN108650154A (en) * 2018-06-29 2018-10-12 新华三技术有限公司 Flow control methods and device
CN108810183A (en) * 2018-05-04 2018-11-13 新华三技术有限公司 Processing method, device and the machine readable storage medium of conflict MAC Address
CN109151016A (en) * 2018-08-10 2019-01-04 广东神马搜索科技有限公司 Flow forwarding method and device, calculate equipment and storage medium at service system
CN112491744A (en) * 2020-11-13 2021-03-12 浪潮思科网络科技有限公司 Port flow mirroring method, device and medium

Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102916865A (en) * 2012-11-08 2013-02-06 浙江宇视科技有限公司 Monitoring service management method and device
CN103139074A (en) * 2013-02-07 2013-06-05 杭州华三通信技术有限公司 Method and device used for handling media access control (MAC) address conflict

Patent Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102916865A (en) * 2012-11-08 2013-02-06 浙江宇视科技有限公司 Monitoring service management method and device
CN103139074A (en) * 2013-02-07 2013-06-05 杭州华三通信技术有限公司 Method and device used for handling media access control (MAC) address conflict

Cited By (18)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN105743734B (en) * 2016-01-22 2019-02-01 北京航空航天大学 The control method and device of virtual machine image flow transmission
CN105743734A (en) * 2016-01-22 2016-07-06 北京航空航天大学 Virtual machine mirror image flow transmission control method and virtual machine mirror image flow transmission control device
US10547567B2 (en) 2016-04-27 2020-01-28 New H3C Technologies Co., Ltd Packet forwarding
WO2017185878A1 (en) * 2016-04-27 2017-11-02 新华三技术有限公司 Packet forwarding
CN107317832B (en) * 2016-04-27 2020-01-03 新华三技术有限公司 Message forwarding method and device
JP2019514310A (en) * 2016-04-27 2019-05-30 新華三技術有限公司New H3C Technologies Co., Ltd. Packet forwarding
CN107317832A (en) * 2016-04-27 2017-11-03 新华三技术有限公司 Message forwarding method and device
CN107786407B (en) * 2016-08-27 2019-11-15 南京理工大学 A method of the disconnecting of loop network link is solved using SDN technology
CN107786407A (en) * 2016-08-27 2018-03-09 南京理工大学 It is a kind of to solve the method for loop network link disconnecting using SDN technologies
CN107547348A (en) * 2017-07-25 2018-01-05 新华三技术有限公司 Prevent flow interruption method and apparatus
CN107547348B (en) * 2017-07-25 2020-07-07 新华三技术有限公司 Method and device for preventing data stream interruption
CN108810183A (en) * 2018-05-04 2018-11-13 新华三技术有限公司 Processing method, device and the machine readable storage medium of conflict MAC Address
CN108810183B (en) * 2018-05-04 2021-09-07 新华三技术有限公司 Method and device for processing conflicting MAC addresses and machine-readable storage medium
CN108650154A (en) * 2018-06-29 2018-10-12 新华三技术有限公司 Flow control methods and device
CN108650154B (en) * 2018-06-29 2020-11-27 新华三技术有限公司 Flow control method and device
CN109151016A (en) * 2018-08-10 2019-01-04 广东神马搜索科技有限公司 Flow forwarding method and device, calculate equipment and storage medium at service system
CN109151016B (en) * 2018-08-10 2021-07-30 阿里巴巴(中国)有限公司 Flow forwarding method and device, service system, computing device and storage medium
CN112491744A (en) * 2020-11-13 2021-03-12 浪潮思科网络科技有限公司 Port flow mirroring method, device and medium

Also Published As

Publication number Publication date
CN104767685B (en) 2018-04-20

Similar Documents

Publication Publication Date Title
CN104767685A (en) Flow forwarding method and device
CN109660443B (en) SDN-based physical device and virtual network communication method and system
US7155494B2 (en) Mapping between virtual local area networks and fibre channel zones
JP6032278B2 (en) LAN multiplexer
CN103259727B (en) A kind of message forwarding method and equipment
TWI449380B (en) Data center network system and packet forwarding method thereof
US8832279B2 (en) Network system, machine allocation device and machine allocation method
US20170353351A1 (en) Method and network infrastructure for a direct public traffic connection within a datacenter
US9900238B2 (en) Overlay network-based original packet flow mapping apparatus and method therefor
WO2015062529A1 (en) Packet forwarding in data center network
EP2086178A1 (en) Link aggregation method, device, mac frame receiving/sending method and system
CN102025591A (en) Method and system for implementing virtual private network
CN108574616A (en) A kind of method, equipment and the system of processing routing
EP4231597A1 (en) Method for forwarding bier message, and device and system
EP3069471B1 (en) Optimized multicast routing in a clos-like network
CN112532563B (en) Message sending method and device
CN104601472A (en) Chip VXLAN gateway distributed routing implementation method and message processing system
US11310081B2 (en) Packet transmission method and apparatus
WO2017133647A1 (en) Packet processing method, traffic classifier, and service function instance
CN105634770A (en) Method for disposing virtual extensible local area network (VXLAN)
CN105453513B (en) Message forwarding method, forwarding-table item delivery method and the network equipment
CN106209616B (en) Flooding inhibition method and device
WO2013172391A1 (en) Multi-tenant system, switch, controller, and packet transfer method
CN102546349B (en) A kind of message forwarding method and equipment
CN113660164A (en) Message forwarding method and network equipment

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
EXSB Decision made by sipo to initiate substantive examination
SE01 Entry into force of request for substantive examination
CB02 Change of applicant information
CB02 Change of applicant information

Address after: 310052 Binjiang District Changhe Road, Zhejiang, China, No. 466, No.

Applicant after: Xinhua three Technology Co., Ltd.

Address before: 310052 Binjiang District Changhe Road, Zhejiang, China, No. 466, No.

Applicant before: Huasan Communication Technology Co., Ltd.

GR01 Patent grant
GR01 Patent grant