CN103841023A - Data forwarding method and device - Google Patents
Data forwarding method and device Download PDFInfo
- Publication number
- CN103841023A CN103841023A CN201210479376.6A CN201210479376A CN103841023A CN 103841023 A CN103841023 A CN 103841023A CN 201210479376 A CN201210479376 A CN 201210479376A CN 103841023 A CN103841023 A CN 103841023A
- Authority
- CN
- China
- Prior art keywords
- address
- message
- header
- tunnel
- vsi
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
- 238000000034 method Methods 0.000 title claims abstract description 32
- 238000013507 mapping Methods 0.000 claims description 25
- 238000005538 encapsulation Methods 0.000 claims description 15
- 238000004806 packaging method and process Methods 0.000 claims description 8
- 230000005641 tunneling Effects 0.000 claims description 3
- 230000006854 communication Effects 0.000 abstract description 7
- 238000004891 communication Methods 0.000 abstract description 6
- MHABMANUFPZXEB-UHFFFAOYSA-N O-demethyl-aloesaponarin I Natural products O=C1C2=CC=CC(O)=C2C(=O)C2=C1C=C(O)C(C(O)=O)=C2C MHABMANUFPZXEB-UHFFFAOYSA-N 0.000 abstract 3
- 101150082208 DIABLO gene Proteins 0.000 abstract 2
- 102100033189 Diablo IAP-binding mitochondrial protein Human genes 0.000 abstract 2
- 230000005540 biological transmission Effects 0.000 description 10
- 238000010586 diagram Methods 0.000 description 7
- 238000012423 maintenance Methods 0.000 description 7
- 230000008569 process Effects 0.000 description 5
- 238000005516 engineering process Methods 0.000 description 4
- 230000002708 enhancing effect Effects 0.000 description 3
- 230000003044 adaptive effect Effects 0.000 description 2
- 230000009286 beneficial effect Effects 0.000 description 1
- 230000006870 function Effects 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
- 230000003287 optical effect Effects 0.000 description 1
Images
Landscapes
- Data Exchanges In Wide-Area Networks (AREA)
Abstract
The invention discloses a data forwarding method and device and belongs to the technical field of communication. The method includes: a first message is received from a tunnel, wherein the first message includes an external-layer IP head, a tunnel head and an inner-layer Ethernet head, and the tunnel is ended and if corresponding information is not found in an MAC table according to an SMAC address in the inner-layer Ethernet head, a corresponding relation between the SMAC address in the inner-layer Ethernet head and a source IP address in the external-layer IP head is established in the MAX table; and when a second message is received, wherein the second message includes an Ethernet head, the MAC table is inquired according to a DMAC address in the Ethernet head of the second message and if the DMAC address is found, tunnel package is performed according to an IP address corresponding to the DMAC address in the MAC table and then the packaged message is forwarded. The device includes an establishment module and a forwarding module. The data forwarding method and device realize automatic studying and forwarding of a forwarding plane.
Description
Technical Field
The present invention relates to the field of communications technologies, and in particular, to a method and a device for forwarding data.
Background
Network virtualization can hide implementation details of a physical network, so that a user can see that the physical network belongs to a logical network of the user without being concerned about how the physical network transmits user service data. After the network virtualization technology is adopted, the same physical network can virtualize various logic networks, so that diversified services can be provided conveniently, and the flexibility and the expandability of service deployment are improved.
Network Virtualization over L3 (NVO 3) is a Network Virtualization technology, and supports Network Virtualization over a physical Network with three layers, i.e., a Network layer. Each user network is connected to the intermediate transmission network through a virtual network Edge (NVE) device, and NVO3 technology is applied to the intermediate transmission network, so that different user networks are virtualized into one network. The intermediate transmission network is usually an Internet Protocol (IP) network. The NVE receiving the message may also be referred to as Ingress virtual network edge (NVE) device, and the NVE forwarding the message may also be referred to as Egress virtual network edge (NVE) device. In addition, in the intermediate transport network, besides the NVE, the intermediate transport network further includes a plurality of devices responsible for packet forwarding in the intermediate transport network, and these devices may also be referred to as intermediate devices. When two user networks communicate, the iNVE sends user data from one user network to the eNVE in a tunnel mode, and the eNVE sends the user data to the other user network, so that communication between the two user networks is realized. When communication is performed between a plurality of user networks connected by one NVE, the tunnel is not needed.
In the communication process, the iinve e needs to forward the user data to a certain tunnel, and adds an outer package to the user data, namely, a tunnel package, while the intermediate devices in the NVO3 network do not need to be aware of the user data, that is, the user data is transparent to the intermediate devices in the NVO3 network. The intermediate device only needs to forward the user data to eNV, and the eNV forwards the user data to the corresponding user network after terminating the tunnel.
Generally, one solution is to configure the tunnel manually; another solution is to run control plane protocols to automatically tunnel between NVEs.
However, the above manual method for configuring tunnels is relatively complicated in work, lacks flexibility, is relatively difficult in network expansion, and cannot automatically adapt to changes of the network; the mode of operating the control plane protocol needs the control plane to participate in the forwarding process, which not only needs the network to operate a complicated control plane protocol, but also needs the cooperation of the forwarding plane and the control plane to complete, and thus the implementation is complicated.
Disclosure of Invention
The invention provides a data forwarding method and equipment. The technical scheme is as follows:
in a first aspect, the present invention provides a method for data forwarding, where the method includes:
receiving a first message from a tunnel, wherein the first message comprises an outer Internet Protocol (IP) header, a tunnel header and an inner Ethernet header, terminating the tunnel, and if corresponding information is not found in a Media Access Control (MAC) table according to a Source Media Access Control (SMAC) address in the inner Ethernet header, establishing a corresponding relation between the SMAC address in the inner Ethernet header and the source IP address in the outer IP header in the MAC table;
when a second message is received, the second message comprises an Ethernet header, a DMAC (direct access control) address in the Ethernet header of the second message is searched for the MAC table, if the DMAC address in the Ethernet header of the second message is searched, the second message is subjected to tunnel encapsulation according to an IP (Internet protocol) address in the MAC table, which corresponds to the DMAC address in the Ethernet header of the second message, and the encapsulated message is forwarded.
With reference to the first aspect, in a first implementation manner of the first aspect, the method further includes:
if the DMAC address in the Ethernet header of the second message is not found in the MAC table, determining a user network from which the second message comes according to a port for receiving the second message, obtaining a multicast IP address and a multicast MAC address corresponding to the user network from which the second message comes according to a preset corresponding relation between the user network and the multicast IP address and the multicast MAC address, packaging the second message by taking the obtained multicast IP address as the DMAC address of an outer Ethernet header and taking the obtained multicast MAC address as the DIP address of an outer IP header, and multicasting and sending the packaged message.
With reference to the first aspect, in a second implementation manner of the first aspect, establishing, in the MAC table, a correspondence between the SMAC address in the inner-layer ethernet header and the source IP address in the outer-layer IP header includes:
acquiring a virtual switch instance VSI of a user network from which the first message comes, and acquiring a source IP address in an outer IP header of the first message;
and establishing a corresponding relation between the index and the source IP address in the outer IP header in the MAC table by taking the VSI of the user network and the SMAC address in the inner Ethernet header as the index.
With reference to the second implementation manner of the first aspect, in a third implementation manner of the first aspect, the obtaining a virtual switch instance VSI of a user network from which the first packet comes includes:
and acquiring a Virtual Network Identifier (VNID) in the tunnel header of the first message, and determining a virtual network identifier (VSI) corresponding to the VNID in the tunnel header of the first message according to a preset mapping between the VNID and the VSI.
With reference to the third implementation manner of the first aspect and the fourth implementation manner of the first aspect, acquiring the VNID in the tunnel header of the first packet, and determining, according to a preset mapping between the VNID and the VSI, the VSI corresponding to the VNID in the tunnel header of the first packet includes:
if the tunnel is a Generic Routing Encapsulation (GRE) tunnel, acquiring a Virtual Subnet Identifier (VSID) in a tunnel header of the first message, and determining a VSI corresponding to the VSID in the tunnel header of the first message according to mapping of a preset VSID and the VSI; or,
and if the tunnel is a virtual extensible local area network VxLAN tunnel, acquiring a virtual extensible local area network identifier (VNI) in the tunnel head of the first message, and determining a virtual extensible local area network identifier (VSI) corresponding to the VNI in the tunnel head of the first message according to the mapping of the preset VNI and the VSI.
With reference to the second implementation manner of the first aspect, in a fifth implementation manner of the first aspect, searching the MAC table according to a destination media access control DMAC address in an inner-layer ethernet header of the second packet, and if the DMAC address in the inner-layer ethernet header of the second packet is found, tunneling the second packet according to an IP address in the MAC table corresponding to the DMAC address in the inner-layer ethernet header of the second packet, includes:
determining the VSI of the user network from which the second message comes according to the port for receiving the second message, searching the combination of the VSI of the user network from which the second message comes and the DMAC address in the Ethernet header of the second message in the MAC table, and if the combination of the VSI of the user network from which the second message comes and the DMAC address in the Ethernet header of the second message is found, acquiring the IP address corresponding to the combination of the VSI of the user network from which the second message comes and the DMAC address in the Ethernet header of the second message in the MAC table;
and taking the obtained IP address as a destination DIP address of the tunnel head, and encapsulating the tunnel head and the outer layer IP head for the second message.
In a second aspect, the present invention provides an apparatus for data forwarding, where the apparatus includes:
an establishing module, configured to receive a first packet from a tunnel, where the first packet includes an outer layer Internet Protocol (IP) header, a tunnel header, and an inner layer ethernet header, and terminate the tunnel, and if corresponding information is not found in a Media Access Control (MAC) table according to a source MAC address in the inner layer ethernet header, establish a correspondence between an SMAC address in the inner layer ethernet header and a source IP address in the outer layer IP header in the MAC table;
and the forwarding module is used for searching the MAC table according to a Destination Media Access Control (DMAC) address in the Ethernet header of the second message when the second message is received, and performing tunnel encapsulation on the second message according to an IP address corresponding to the DMAC address in the Ethernet header of the second message in the MAC table and forwarding the encapsulated message if the DMAC address in the Ethernet header of the second message is found.
With reference to the second aspect, in a first implementation manner of the second aspect, the forwarding module is further configured to:
if the DMAC address in the Ethernet header of the second message is not found in the MAC table, determining a user network from which the second message comes according to a port for receiving the second message, obtaining a multicast IP address and a multicast MAC address corresponding to the user network from which the second message comes according to a preset corresponding relation between the user network and the multicast IP address and the multicast MAC address, packaging the second message by taking the obtained multicast IP address as the DMAC address of an outer Ethernet header and taking the obtained multicast MAC address as the DIP address of an outer IP header, and multicasting and sending the packaged message.
With reference to the second aspect, in a second implementation manner of the second aspect, the establishing module includes:
an obtaining unit, configured to obtain a virtual switch instance VSI of a user network from which the first packet comes, and obtain a source IP address in an outer IP header of the first packet;
and the establishing unit is used for establishing the corresponding relation between the index and the source IP address in the outer IP header in the MAC table by taking the VSI of the user network and the SMAC address in the inner Ethernet header as the index.
With reference to the second implementation manner of the second aspect, in a third implementation manner of the second aspect, the obtaining unit is configured to:
and acquiring a Virtual Network Identifier (VNID) in the tunnel header of the first message, and determining a virtual network identifier (VSI) corresponding to the VNID in the tunnel header of the first message according to a preset mapping between the VNID and the VSI.
With reference to the third implementation manner of the second aspect, in a fourth implementation manner of the second aspect, the obtaining unit is configured to:
if the tunnel is a Generic Routing Encapsulation (GRE) tunnel, acquiring a Virtual Subnet Identifier (VSID) in a tunnel header of the first message, and determining a VSI corresponding to the VSID in the tunnel header of the first message according to mapping of a preset VSID and the VSI; or,
and if the tunnel is a virtual extensible local area network VxLAN tunnel, acquiring a virtual extensible local area network identifier (VNI) in the tunnel head of the first message, and determining a virtual extensible local area network identifier (VSI) corresponding to the VNI in the tunnel head of the first message according to the mapping of the preset VNI and the VSI.
With reference to the second implementation manner of the second aspect, in a fifth implementation manner of the second aspect, the forwarding module includes:
a searching unit, configured to determine, according to a port that receives the second packet, a VSI of a user network from which the second packet comes, search, in the MAC table, a combination of the VSI of the user network from which the second packet comes and a DMAC address in an ethernet header of the second packet, and if a combination of the VSI of the user network from which the second packet comes and the DMAC address in the ethernet header of the second packet is found, obtain, in the MAC table, an IP address corresponding to a combination of the VSI of the user network from which the second packet comes and the DMAC address in the ethernet header of the second packet;
and the encapsulation unit is used for taking the obtained IP address as a destination DIP address of the tunnel head and encapsulating the tunnel head and the outer layer IP head for the second message.
The technical scheme provided by the invention has the beneficial effects that: by automatically establishing the corresponding relation between the SMAC address in the inner layer Ethernet header and the source IP address in the outer layer IP header when the message is forwarded, and forwarding the received Ethernet message according to the corresponding relation, the automatic learning and forwarding of a forwarding plane are realized, the participation of a control plane is not needed, and the equipment complexity is reduced.
Drawings
In order to more clearly illustrate the technical solutions in the embodiments of the present invention, the drawings needed to be used in the description of the embodiments will be briefly introduced below, and it is obvious that the drawings in the following description are only some embodiments of the present invention, and it is obvious for those skilled in the art to obtain other drawings based on these drawings without creative efforts.
FIG. 1 is a diagram of a network architecture of NVO3 provided by an embodiment of the present invention;
fig. 2 is a flowchart of a method for forwarding data according to an embodiment of the present invention;
fig. 3 is a flowchart of a method for forwarding data according to another embodiment of the present invention;
fig. 4 is a schematic structural diagram of a GRE header of a GRE tunnel according to an embodiment of the present invention;
fig. 5 is a schematic structural diagram of a VxLAN head of a VxLAN tunnel provided by an embodiment of the present invention;
fig. 6 is a transmission flowchart of a device a sending data to a device B according to an embodiment of the present invention;
fig. 7 is a transmission flowchart of a device B sending data to a device a according to an embodiment of the present invention;
fig. 8 is a block diagram of a data forwarding apparatus according to another embodiment of the present invention;
fig. 9 is a block diagram of a data forwarding apparatus according to still another embodiment of the present invention;
fig. 10 is a block diagram of a data forwarding apparatus according to a further embodiment of the present invention.
Detailed Description
In order to make the objects, technical solutions and advantages of the present invention more apparent, embodiments of the present invention will be described in detail with reference to the accompanying drawings.
Embodiments of the invention relate to NVO3 networks. Referring to fig. 1, a network structure diagram of NVO3 is provided according to an embodiment of the present invention. The NVO3 network is composed of SITE a of the user network, SITE SITEB of the user network and an intermediate transmission network L3 network. The intermediate transport network is typically an IP network. The physical locations of the SITE a of the user network and the SITE B of the user network may be different, for example, a company has two departments which are the SITE a of the user network and the SITE B of the user network, respectively, but are located in beijing and shanghai, respectively. Communication between SITE a of the user network and SITE B of the user network can be achieved via the NVO3 network, and different SITEs are logically divided into the same user network without being aware of the physical location differences.
In this embodiment of the present invention, the tunnel in the NVO3 network may be any type of tunnel, for example: generic Routing Encapsulation (GRE) tunnels, Virtual Extensible Local Area Network (VxLAN) tunnels, and so on. The message of the user network can be forwarded in the tunnel only after a tunnel header is added. The message structure of the user network is shown in table 1.
TABLE 1
| Ethernet head | Payload |
Wherein, payload (English) bears user data.
The structure of the message transmitted in the tunnel of the NVO3 network is shown in table 2.
TABLE 2
| Outer Ethernet head | Outer IP head | Tunnel head | Inner layer Ethernet head | Payload |
Wherein, outer IP head contains: a destination IP address (hereinafter referred to as a DIP address) and a source IP address (hereinafter referred to as a SIP address). The tunnel head includes: virtual Network Identifier (VNID for short). The structure of the VNID is determined by a specific tunnel layer protocol, and if the tunnel layer protocol is a GRE protocol, the VNID is a Virtual Subnet Identifier (abbreviated as VSID); if the tunnel layer protocol is VxLAN protocol, the VNID is Virtual Extensible Local Area Network Identifier (VNI). The inner Ethernet header comprises: a destination Media Access Control (MAC) address (hereinafter, DMAC address), and a source MAC address (hereinafter, SMAC address). The DMAC address in the inner layer Ethernet head is the MAC address of the equipment for receiving the message in the user network, and the SMAC address in the inner layer Ethernet head is the MAC address of the equipment for sending the message in the user network. The outer ethernet header also contains a DMAC address and an SMAC address, but the DMAC address in the outer ethernet header is the MAC address of the next Layer3switching (english: Layer3 switching) device in the forwarding path of the tunnel, and the SMAC address in the outer ethernet header is the MAC address of the device currently sending the packet in the tunnel. Wherein the next layer3switching device may be an NVE or an intermediate device.
In the case that the tunneling protocol is the GRE protocol, the tunnel header is the GRE header, and the data structure of the message in the tunnel is shown in table 3.
TABLE 3
| Outer Ethernet head | Outer IP head | GRE head | Inner layer Ethernet head | Payload |
In the case where the tunnel Protocol is a VxLAN Protocol, the tunnel header includes an outer User Datagram Protocol (UDP) header and a VxLAN header, and a message data structure in the tunnel is shown in table 4.
TABLE 4
| Outer Ethernet head | Outer IP head | Outer UDP header | VxLAN head | Inner layer Ethernet head | Payload |
Referring to fig. 2, an embodiment of the present invention provides a method for forwarding data, including:
201: the NVE receives a first message from the tunnel, the first message including an outer IP header, a tunnel header, and an inner Ethernet header. And the NVE terminates the tunnel, and if corresponding information is not found in the MAC table according to the SMAC address in the inner-layer Ethernet header, a corresponding relation between the SMAC address in the inner-layer Ethernet header of the first message and the source IP address in the outer-layer IP header of the first message is established in the MAC table.
The MAC table is maintained by the NVE in the embodiment of the present invention, and the MAC table includes a correspondence between a MAC address and an IP address.
202: when the NVE receives a second message, the second message comprises an Ethernet header, an MAC (media access control) table is searched according to a DMAC (digital access controller) address in the Ethernet header of the second message, if the DMAC address in the Ethernet header of the second message is searched, the NVE conducts tunnel encapsulation on the second message according to an IP (Internet protocol) address corresponding to the DMAC address in the Ethernet header of the second message in the MAC table, and forwards the encapsulated message.
The NVE tunnel-encapsulates a packet according to a specific IP address, which means that a tunnel header, such as a GRE header or a VxLAN header, is added to the packet, and an outer IP header is added, where a source IP address in the outer IP header is an IP address of the NVE, and a destination IP address is the specific IP address.
Each NVE has a preset corresponding relationship between a user network and a multicast IP address and a multicast MAC address. And each port of the NVE is connected to each site, and the NVE can determine the user network from which the second message comes according to the port for receiving the second message. If the NVE does not find the DMAC address in the Ethernet header of the second message in the MAC table, determining a user network from which the second message comes according to a port for receiving the second message, obtaining a multicast IP address and a multicast MAC address corresponding to the user network from which the second message comes according to a preset corresponding relation between the user network and the multicast IP address and between the user network and the multicast MAC address, packaging the second message by taking the obtained multicast IP address as the DMAC address of the outer Ethernet header and taking the obtained multicast MAC address as the DIP address of the outer IP header, and multicasting and sending the packaged message.
In this embodiment, the NVE in step 201 and the NVE in step 202 are the same NVE, and the NVE in step 201 receives a packet from the tunnel, so that the NVE is used as an egress user network edge device to establish the corresponding relationship in the MAC table. The NVE in step 202 receives the message from the customer network site, and therefore forwards the message according to the MAC table as an ingress customer network edge device.
According to the method provided by the embodiment, the corresponding relation between the SMAC address in the inner-layer Ethernet header and the source IP address in the outer-layer IP header is automatically established when the message is forwarded, and the received Ethernet message is forwarded according to the corresponding relation, so that the automatic learning and forwarding of the forwarding plane are realized, the participation of a control plane is not needed, the service is flexible to realize, the network is easy to expand, the network management and maintenance are convenient, the problems of large workload and difficulty in expansion of manually configured tunnels are solved, the problems that the forwarding plane is matched with the control plane and the control plane is operated in a tunnel operation mode are solved, the expansibility is enhanced, the self-adaptive capacity is improved, and the equipment complexity is reduced.
Referring to fig. 3, another embodiment of the present invention provides a method for forwarding data. The embodiment shown in fig. 3 is an alternative implementation. In this embodiment, the NVE distinguishes the user networks by Virtual Switch Instances (VSI), and when one NVE connects multiple user networks, the NVE identifies the different user networks connected by different VSIs. A user network may include multiple sites, each of which may include multiple devices. Under the network architecture, the MAC table maintained by the NVE may only include the correspondence between MAC addresses and IP addresses, and the MAC table may further store VSIs to distinguish different user networks, that is, the MAC table includes the correspondence between the combination of VSIs and MAC addresses and IP addresses. The NVE in the embodiment shown in fig. 3 maintains a MAC table with VSIs stored to distinguish different customer networks.
The method comprises the following steps:
301: and the NVE receives a first message from the tunnel, wherein the first message comprises an outer layer Internet Protocol (IP) head, a tunnel head and an inner layer Ethernet head, terminates the tunnel, and acquires the VSI of the user network from which the first message comes if corresponding information is not found in the MAC table according to the SMAC address in the inner layer Ethernet head.
Specifically, the obtaining, by the NVE, the VSI corresponding to the user network from which the first message comes may include:
and obtaining the VNID in the tunnel header of the first message, and determining the VSI corresponding to the VNID in the tunnel header of the first message according to the preset mapping between the VNID and the VSI.
Further, acquiring the VNID in the tunnel header of the first packet, and determining the VSI corresponding to the VNID in the tunnel header of the first packet according to a preset mapping between the VNID and the VSI may include:
under the condition that the tunnel is a GRE tunnel, acquiring a VSID in a tunnel header of the first message, and determining a VSI corresponding to the VSID in the tunnel header of the first message according to the mapping between a preset VSID and the VSI;
and under the condition that the tunnel is a VxLAN tunnel, obtaining a VxLAN network identifier VNI in the tunnel head of the first message, and determining a VSI corresponding to the VNI in the tunnel head of the first message according to the preset mapping between the VNI and the VSI.
In the case that the tunnel is a GRE tunnel, the data structure of the GRE header in the message transmitted in the tunnel is shown in fig. 4. Where VSID represents a virtual subnet ID used to identify the user network.
In the case where the tunnel is a VxLAN tunnel, a data structure of a VxLAN header in a message transferred in the tunnel is as shown in fig. 5. Wherein the VNI represents a virtual subnet ID for identifying the user network.
302: and the NVE acquires the source IP address in the outer layer IP header of the first message.
303: and the NVE takes the obtained VSI and the SMAC address of the inner layer Ethernet header of the first message as an index, and establishes a corresponding relation between the index and the source IP address in an MAC table.
304: when the NVE receives the second packet, the second packet includes an ethernet header, the NVE determines the VSI of the user network from which the second packet comes according to the port of the received second packet, and searches for a combination of the VSI of the user network from which the second packet comes and the DMAC address in the ethernet header of the second packet in the MAC table.
305: if the NVE finds the combination of the VSI of the user network from which the second message comes and the DMAC address in the Ethernet header of the second message, the NVE acquires an IP address corresponding to the combination of the VSI of the user network from which the second message comes and the DMAC address in the Ethernet header of the second message from the MAC table, and encapsulates the tunnel header and the outer IP header for the second message by taking the acquired IP address as the DIP address of the tunnel header and forwards the encapsulated message; if the NVE does not find the combination of the VSI of the user network from which the second message comes and the DMAC address in the Ethernet head of the second message, determining the user network from which the second message comes according to the port for receiving the second message, obtaining the multicast IP address and the multicast MAC address corresponding to the user network from which the second message comes according to the preset corresponding relation between the user network and the multicast IP address and the multicast MAC address, encapsulating the second message by taking the obtained multicast IP address as the DMAC address of the outer Ethernet head and taking the obtained multicast MAC address as the DIP address of the outer IP head, and multicasting and sending the encapsulated message.
The first packet in this embodiment may be a unicast packet, a multicast packet, or a broadcast packet. When the first message is a unicast message, the DMAC address in the inner layer Ethernet header of the message is the MAC address of a certain device in the second user network; when the first message is a multicast message or a broadcast message, the DMAC address in the inner layer Ethernet header of the message is the multicast address of the second user network, the inlet virtual network edge device broadcasts or multicasts the message in the user network according to a multicast group added by the user, and the outlet virtual network edge device broadcasts or multicasts the message in the user network; however, the above MAC table learning process is the same, and is not described here.
In this embodiment, the learning rule may be preset as required, including but not limited to: the learning is performed when the unicast message is received, or the learning is performed when the multicast message is received, or the learning is performed when the broadcast message is received, or the learning is performed when two or three of the unicast message, the multicast message and the broadcast message are received, which is not specifically limited in the present invention. In any case, in the learning process, when the corresponding entry already exists in the MAC table, the learned content does not need to be learned again. In the invention, the learning is carried out when the multicast or broadcast message is received, so that the corresponding forwarding can be carried out according to the learned content when the unicast message is subsequently received. That is, when there is no corresponding MAC entry in the MAC table, the learning may be performed when the first unicast packet is received, or the learning may be performed when the first multicast or broadcast packet is received, so as to ensure that the subsequent received unicast packet can be correctly forwarded.
According to the method provided by the embodiment, the corresponding relation between the SMAC address in the inner-layer Ethernet header and the source IP address in the outer-layer IP header is automatically established when the message is forwarded, and the received Ethernet message is forwarded according to the corresponding relation, so that the automatic learning and forwarding of the forwarding plane are realized, the participation of a control plane is not needed, the service is flexible to realize, the network is easy to expand, the network management and maintenance are convenient, the problems of large workload and difficulty in expansion of manually configured tunnels are solved, the problems that the forwarding plane is matched with the control plane and the control plane is operated in a tunnel operation mode are solved, the expansibility is enhanced, the self-adaptive capacity is improved, and the equipment complexity is reduced.
To better illustrate the above learning and forwarding process, the following is a detailed description of the transmission process between one device a in the station SITEA of the user network and one device B in the station SITE B of the user network as shown in fig. 1.
Referring to fig. 6, a method for forwarding data, which is used for a device a to send a packet to a device B, specifically includes:
601: device a communicates with device B for the first time and sends a message a to NVE1, where message a includes an ethernet header and a payload.
The format of the packet a is shown in table 1, where the DMAC address in the ethernet header is the address MAC _ B of the device B, and the SMAC address is the address MAC _ a of the device a.
602: after receiving the message a, the NVE1 determines the VSI corresponding to the SITE a, then searches the MAC table by using the VSI and the DMAC address, and if the information corresponding to the MAC _ B is not found, the NVE1 encapsulates the message a by using the MAC address and the IP address of the NVE1 and the VNID corresponding to the VSI to obtain a message B.
Each NVE has a preset corresponding relationship between a user network and a multicast IP address and a multicast MAC address. For example, SITE a and SITE B correspond to the same user network, and then both NVE1 and NVE2 have a multicast IP address and a multicast MAC address corresponding to the user network. When the NVE1 receives a message from a port connected to the SITE a, the multicast IP address and the multicast MAC address corresponding to the user network are determined according to the port. The format of the packet B is shown in table 2, the DMAC address of the outer ethernet header is a multicast MAC address, the SMAC address is a MAC address of NVE1, the DIP address of the outer IP header is a multicast IP address, the SIP address is an IP address of NVE1, the VNID is included in the tunnel header, and the inner ethernet header and the payload are the content of the packet a. The multicast IP address may be a multicast IP address commonly added by NVE1 and NVE2, and the multicast MAC address is a MAC address corresponding to the multicast IP address.
The multicast IP address and the corresponding MAC address are obtained when the NVE joins the multicast group and are stored locally, and the NVE can inquire the multicast IP address and the corresponding MAC address locally when the NVE carries out tunnel encapsulation. Typically, all NVEs connected to one user network will join the same multicast group.
Specifically, NVE1 may determine the VSI corresponding to SITE a according to the VLAN of message a or the port number of the received message a, which is not specifically limited in the present invention.
In this embodiment, the NVE may identify different user networks through the VSI. For example, an NVE may uniquely identify customer network 1 with VSI1, uniquely identify customer network 2 with VSI2, and so on. When the message is transmitted in the tunnel, the VNID is used to identify the user network and the VSI is no longer used. Therefore, each NVE maintains the corresponding relationship between the VNID and the VSI, and can obtain the corresponding VNID from the VSI of the user network according to the corresponding relationship, thereby performing encapsulation and decapsulation of the packet.
603: the NVE1 sends the packet B in a multicast manner, learns the VSI, the SMAC address in the inner ethernet header, i.e., MAC _ a, the VLAN in the packet a, and the PORT information PORT of the received packet a into the MAC table, and adds an entry to the MAC table of the NVE1, where the format is shown in table 5.
TABLE 5
| VSI | MAC_A | VLAN | PORT |
Wherein, VSI and MAC _ a are index values of the lookup MAC table, and VLAN and PORT are results corresponding to the index in the MAC table.
604: after receiving the message B multicast by the NVE1, the NVE2 parses the message B, finds that the DIP address in the tunnel header is the IP address of the message B, terminates the tunnel, determines the corresponding VSI according to the VNID in the tunnel header, and finds the MAC table by using the VSI and the DMAC address in the inner ethernet header, that is, MAC _ B. Therefore, NVE2 decapsulates packet B, and removes the outer ethernet header, the outer IP header, and the tunnel header to obtain packet C.
And the format and the content of the message C obtained after de-encapsulation are the same as those of the message A.
605: the NVE2 broadcasts the message C to the SITE B of the user network corresponding to the determined VSI, learns the determined VSI, the SMAC address of the inner ethernet header, and the SIP address of the outer IP header of the message B into the MAC table, and adds an entry in the MAC table of the NVE2, the format of which is shown in table 6.
TABLE 6
| VSI | MAC_A | OUT_IP | PORT |
Wherein, VSI and MAC _ a are index values of the lookup MAC table, and OUT _ IP and PORT are results of the lookup MAC table. The OUT _ IP is an SIP address of an outer layer IP header, and the PORT is information of an inlet PORT for receiving the message A.
606: the SITE B of the user network sends the received message C to the device B, thereby realizing the message transmission between the device a and the device B.
After the transmission flow shown in fig. 6, referring to fig. 7, a method for forwarding data, which is used for a device B to send a packet to a device a, specifically includes:
701: after receiving the message from the device a of the SITE a of the user network, a device B of the SITE B of the user network responds with a message D to the device a.
The format of the packet D is shown in table 1, where the DMAC address of the ethernet header is MAC _ a, and the SMAC is MAC _ B.
702: and the NVE2 receives the message D, determines the VSI corresponding to the SITE SITE B of the user network, and searches the MAC table by using the VSI and the destination MAC address MAC _ A. Because NVE2 has learned MAC _ a into the MAC table, the query results in port information and IP address OUT _ IP. And packaging the message D into a message E according to the information obtained by the query.
The format of the message E is shown in table 2, where DIP of the outer IP header is OUT _ IP, and SIP is an IP address of NVE 2; the VNID of the tunnel header is the VNID corresponding to the VSI.
703: the NVE2 sends a message E to the NVE1, learns the VSI corresponding to the SITE B of the user network, the SMAC, i.e., MAC _ B, in the inner ethernet header, the VLAN of the message D, and the PORT information PORT of the received message D into the MAC table, and adds an entry in the MAC table of the NVE2, where the format is shown in table 7.
TABLE 7
| VSI | MAC_B | VLAN | PORT |
Wherein, VSI and MAC _ B are index values of the lookup MAC table, and VLAN and PORT are results of the lookup MAC table.
704: after receiving the message E, the NVE1 parses the message E, finds that the DIP address in the tunnel header is its own IP address, terminates the tunnel, determines the VSI corresponding to the VNID in the tunnel header, i.e., the VSI corresponding to the SITE a of the user network, according to the preset mapping relationship between the VNID and the VSI, and finds the MAC table by using the VSI and the DMAC address of the inner ethernet header, i.e., the MAC _ a, to obtain the port information and the VLAN information.
705: the NVE1 decapsulates the message E, removes an outer IP header and a tunnel header, and adds the VLAN obtained by looking up the MAC table in the inner Ethernet header to obtain a message F, wherein the format and the content of the message F are the same as those of the message D; then NVE1 sends the message F from the port corresponding to the port information to the SITE SITE A of the user network according to the searched port information; and learning the determined VSI corresponding to the SITE a of the user network, the SIP address of the outer IP header, the SMAC address of the inner ethernet header, and the PORT information PORT of the received packet D into the MAC table, and adding an entry in the MAC table of NVE1, where the format is shown in table 8.
TABLE 8
| VSI | MAC_B | OUT_IP | PORT |
Wherein, VSI and MAC _ B are index values of the lookup MAC table, and OUT _ IP and PORT are results of the lookup table. The OUT _ IP is an SIP address of an outer layer IP header of the message E, and the PORT is PORT information of the received message D.
706: and after receiving the message F, the SITE SITE A of the user network sends the message F to the equipment A.
Through the above process, the MAC tables of NVE1 and NVE2 both learn the MAC entries to device a and device B, and subsequent communication packets can be directly forwarded by looking up the MAC tables.
Referring to fig. 8, another embodiment of the present invention provides an apparatus for data forwarding, including:
an establishing module 801, configured to receive a first packet from a tunnel, where the first packet includes an outer layer internet protocol IP header, a tunnel header, and an inner layer ethernet header, and terminate the tunnel, and if corresponding information is not found in a media access control MAC table according to a source media access control SMAC address in the inner layer ethernet header, establish a corresponding relationship between the SMAC address in the inner layer ethernet header and the source IP address in the outer layer IP header in the MAC table;
a forwarding module 802, configured to, when a second packet is received, find the MAC table according to a destination media access control DMAC address in the ethernet header of the second packet, and if the DMAC address in the ethernet header of the second packet is found, tunnel-encapsulate the second packet according to an IP address in the MAC table corresponding to the DMAC address in the ethernet header of the second packet, and forward the encapsulated packet.
In a first implementation manner of the foregoing apparatus, the forwarding module 802 is further configured to:
if the DMAC address in the Ethernet header of the second message is not found in the MAC table, determining a user network from which the second message comes according to a port for receiving the second message, obtaining a multicast IP address and a multicast MAC address corresponding to the user network from which the second message comes according to a preset corresponding relation between the user network and the multicast IP address and the multicast MAC address, packaging the second message by taking the obtained multicast IP address as the DMAC address of the outer Ethernet header and taking the obtained multicast MAC address as the DIP address of the outer IP header, and multicasting and sending the packaged message.
Referring to fig. 9, in a second embodiment of the above apparatus, the establishing module 801 includes:
an obtaining unit 801a, configured to obtain a VSI of a user network from which the first packet comes, and obtain a source IP address in an outer IP header of the first packet;
an establishing unit 801b, configured to use the VSI of the user network and the SMAC address in the inner-layer ethernet header as an index, and establish a corresponding relationship between the index and the source IP address in the outer-layer IP header in a MAC table.
In addition to the second embodiment, in a third embodiment of the apparatus, the obtaining unit 801a is configured to:
obtaining a VNID in a tunnel header of a first message, and determining a VSI corresponding to the VNID in the tunnel header of the first message according to a preset mapping between the VNID and the VSI.
In addition to the above third embodiment, in a fourth embodiment of the apparatus, the obtaining unit 801a is configured to:
if the tunnel is a GRE tunnel, acquiring a VSID in a tunnel header of a first message, and determining a VSI corresponding to the VSID in the tunnel header of the first message according to a preset VSID-VSI mapping; or,
and if the tunnel is a VxLAN tunnel, obtaining a VNI in a tunnel head of the first message, and determining a VSI corresponding to the VNI in the tunnel head of the first message according to a preset mapping between the VNI and the VSI.
On the basis of the second implementation manner, in a fifth implementation manner of the apparatus, the forwarding module 802 includes:
a searching unit 802a, configured to determine, according to a port that receives the second packet, a VSI of a user network from which the second packet comes, search, in an MAC table, a combination of the VSI of the user network from which the second packet comes and a DMAC address in an ethernet header of the second packet, and if a combination of the VSI of the user network from which the second packet comes and the DMAC address in the ethernet header of the second packet is found, obtain, in the MAC table, an IP address corresponding to a combination of the VSI of the user network from which the second packet comes and the DMAC address in the ethernet header of the second packet;
the forwarding unit 802b is configured to use the obtained IP address as a destination DIP address of a tunnel header, and encapsulate the tunnel header and an outer IP header for the second packet.
In any implementation manner of the device in this embodiment, the first packet is a unicast packet, a multicast packet, or a broadcast packet.
The above-mentioned device provided in this embodiment automatically establishes a corresponding relationship between the SMAC address in the inner ethernet header and the source IP address in the outer IP header when forwarding a packet, and forwards a received ethernet packet according to the corresponding relationship, thereby implementing automatic learning and forwarding of a forwarding plane, without participation of a control plane, achieving flexibility in service implementation, easy network expansion, and convenient network management and maintenance, and solving the problems of large workload and difficulty in expansion in manually configuring a tunnel, and also solving the problems that a tunnel establishment and maintenance mode of operating a control plane protocol requires cooperation between the forwarding plane and the control plane, and the control plane operates a complex protocol, enhancing expansibility, improving adaptive capability, and reducing complexity of the device.
Referring to fig. 10, a further embodiment of the present invention provides an apparatus for data forwarding, including:
a receiver 1001, configured to receive a first packet from a tunnel and a second packet, where the first packet includes an outer IP header, a tunnel header, and an inner ethernet header, and the second packet includes an ethernet header;
a processor 1002, configured to terminate a tunnel when the receiver receives the first packet, if corresponding information is not found in a MAC table according to a source MAC address in the inner ethernet header, establish a corresponding relationship between an SMAC address in the inner ethernet header and a source IP address in the outer IP header in the MAC table, when the receiver receives a second packet, find the MAC table according to a DMAC address in an ethernet header of the second packet, and if a DMAC address in an ethernet header of the second packet is found, tunnel-encapsulate the second packet according to an IP address in the MAC table corresponding to the DMAC address in the ethernet header of the second packet;
a sender 1003, configured to forward the packet encapsulated by the processor.
In the first embodiment of the foregoing apparatus, the processor 1002 may further be configured to:
if the DMAC address in the Ethernet header of the second message is not found in the MAC table, determining a user network from which the second message comes according to a port for receiving the second message, obtaining a multicast IP address and a multicast MAC address corresponding to the user network from which the second message comes according to a preset corresponding relation between the user network and the multicast IP address and the multicast MAC address, packaging the second message by taking the obtained multicast IP address as the DMAC address of the outer Ethernet header and the obtained multicast MAC address as the DIP address of the outer IP header, and multicasting and sending the packaged message; correspondingly, the sender 1003 may further be configured to multicast-send the packet encapsulated by the processor 1002 with the multicast IP address and the multicast MAC address.
In a second embodiment of the above apparatus, the processor 1002 is configured to:
acquiring a VSI (virtual switch interface) of a user network from which a first message comes, and acquiring a source IP address in an outer IP header of the first message; and establishing a corresponding relation between the index and the source IP address in the outer IP header in an MAC table by taking the VSI of the user network and the SMAC address in the inner Ethernet header as the index.
In a third implementation manner of the apparatus based on the second implementation manner, the processor 1002 is configured to:
obtaining a VNID in a tunnel header of a first message, and determining a VSI corresponding to the VNID in the tunnel header of the first message according to a preset mapping between the VNID and the VSI.
In a fourth embodiment of the apparatus based on the third embodiment, the processor 1002 is configured to:
if the tunnel is a GRE tunnel, acquiring a VSID in a tunnel header of a first message, and determining a VSI corresponding to the VSID in the tunnel header of the first message according to a preset VSID-VSI mapping; or,
and if the tunnel is a VxLAN tunnel, obtaining a VNI in a tunnel head of the first message, and determining a VSI corresponding to the VNI in the tunnel head of the first message according to a preset mapping between the VNI and the VSI.
In a fifth implementation manner of the apparatus on the basis of the second implementation manner, the processor 1002 is configured to:
determining the VSI of the user network from which the second message comes according to the port for receiving the second message, searching the combination of the VSI of the user network from which the second message comes and the DMAC address in the Ethernet header of the second message in the MAC table, if the combination of the VSI of the user network from which the second message comes and the DMAC address in the Ethernet header of the second message is found, acquiring the IP address corresponding to the combination of the VSI of the user network from which the second message comes and the DMAC address in the Ethernet header of the second message in the MAC table, taking the acquired IP address as the destination DIP address of the tunnel header, and encapsulating the tunnel header and the outer layer IP header for the second message.
The above-mentioned data forwarding device provided in this embodiment automatically establishes a corresponding relationship between the SMAC address in the inner-layer ethernet header and the source IP address in the outer-layer IP header when forwarding a packet, and forwards a received ethernet packet according to the corresponding relationship, so as to implement automatic learning and forwarding of a forwarding plane, without participation of a control plane, flexibly implement services, easily expand a network, and facilitate network management and maintenance, thereby solving the problems of large workload and difficulty in expanding a manually configured tunnel, and also solving the problems that the establishment and maintenance of a tunnel mode by running a control plane protocol requires the cooperation of the forwarding plane and the control plane, and the control plane runs a complex protocol, enhancing expansibility, improving adaptive capability, and reducing complexity of the device.
Another embodiment of the present invention further provides a data forwarding system, including the data forwarding device described in any of the above embodiments, where the function of the data forwarding device is the same as that described in the above embodiments, and is not described herein again.
The device in the user network site accesses the system through the data forwarding device, and the message is transmitted through the intermediate transmission network, which may also include intermediate devices, such as a router and the like. The number of the data forwarding devices is not limited, and is usually a plurality of devices.
The system automatically establishes the corresponding relation between the SMAC address in the inner layer Ethernet header and the source IP address in the outer layer IP header when the message is forwarded, and forwards the received Ethernet message according to the corresponding relation, thereby realizing the automatic learning and forwarding of the forwarding plane without the participation of a control plane, realizing flexible service, easily expanding the network, facilitating the network management and maintenance, solving the problems of large workload and difficult expansion of manually configured tunnels, also solving the problems that the tunnel operation mode of establishing and maintaining the control plane protocol needs the matching of the forwarding plane and the control plane operates a complex protocol, enhancing the expansibility, improving the self-adaptive capability and reducing the equipment complexity.
It will be understood by those skilled in the art that all or part of the steps for implementing the above embodiments may be implemented by hardware, or may be implemented by a program instructing relevant hardware, where the program may be stored in a computer-readable storage medium, and the above-mentioned storage medium may be a read-only memory, a magnetic disk or an optical disk, etc.
The above description is only for the purpose of illustrating the preferred embodiments of the present invention and is not to be construed as limiting the invention, and any modifications, equivalents, improvements and the like that fall within the spirit and principle of the present invention are intended to be included therein.
Claims (12)
1. A method of data forwarding, the method comprising:
receiving a first message from a tunnel, wherein the first message comprises an outer Internet Protocol (IP) header, a tunnel header and an inner Ethernet header, terminating the tunnel, and if corresponding information is not found in a Media Access Control (MAC) table according to a Source Media Access Control (SMAC) address in the inner Ethernet header, establishing a corresponding relation between the SMAC address in the inner Ethernet header and the source IP address in the outer IP header in the MAC table;
when a second message is received, the second message comprises an Ethernet header, a DMAC (direct access control) address in the Ethernet header of the second message is searched for the MAC table, if the DMAC address in the Ethernet header of the second message is searched, the second message is subjected to tunnel encapsulation according to an IP (Internet protocol) address in the MAC table, which corresponds to the DMAC address in the Ethernet header of the second message, and the encapsulated message is forwarded.
2. The method of claim 1, further comprising:
if the DMAC address in the Ethernet header of the second message is not found in the MAC table, determining a user network from which the second message comes according to a port for receiving the second message, obtaining a multicast IP address and a multicast MAC address corresponding to the user network from which the second message comes according to a preset corresponding relation between the user network and the multicast IP address and the multicast MAC address, packaging the second message by taking the obtained multicast MAC address as the DMAC address of an outer Ethernet header and taking the obtained multicast IP address as the DIP address of an outer IP header, and multicasting and sending the packaged message.
3. The method of claim 1, wherein establishing a correspondence between the SMAC address in the inner ethernet header and the source IP address in the outer IP header in the MAC table comprises:
acquiring a virtual switch instance VSI of a user network from which the first message comes, and acquiring a source IP address in an outer IP header of the first message;
and establishing a corresponding relation between the index and the source IP address in the outer IP header in the MAC table by taking the VSI of the user network and the SMAC address in the inner Ethernet header as the index.
4. The method of claim 3, wherein obtaining the VSI of the subscriber network from which the first packet originated comprises:
and acquiring a Virtual Network Identifier (VNID) in the tunnel header of the first message, and determining a virtual network identifier (VSI) corresponding to the VNID in the tunnel header of the first message according to a preset mapping between the VNID and the VSI.
5. The method of claim 4, wherein obtaining the VNID in the tunnel header of the first packet, and determining the VSI corresponding to the VNID in the tunnel header of the first packet according to a preset mapping between the VNID and the VSI comprises:
if the tunnel is a Generic Routing Encapsulation (GRE) tunnel, acquiring a Virtual Subnet Identifier (VSID) in a tunnel header of the first message, and determining a VSI corresponding to the VSID in the tunnel header of the first message according to mapping of a preset VSID and the VSI; or,
and if the tunnel is a virtual extensible local area network VxLAN tunnel, acquiring a virtual extensible local area network identifier (VNI) in the tunnel head of the first message, and determining a virtual extensible local area network identifier (VSI) corresponding to the VNI in the tunnel head of the first message according to the mapping of the preset VNI and the VSI.
6. The method according to claim 3, wherein the looking up the MAC table according to the DMAC address in the Ethernet header of the second packet, and if the DMAC address in the Ethernet header of the second packet is found, tunneling the second packet according to the IP address in the MAC table corresponding to the DMAC address in the Ethernet header of the second packet comprises:
determining the VSI of the user network from which the second message comes according to the port for receiving the second message, searching the combination of the VSI of the user network from which the second message comes and the DMAC address in the Ethernet header of the second message in the MAC table, and if the combination of the VSI of the user network from which the second message comes and the DMAC address in the Ethernet header of the second message is found, acquiring the IP address corresponding to the combination of the VSI of the user network from which the second message comes and the DMAC address in the Ethernet header of the second message in the MAC table;
and taking the obtained IP address as a destination DIP address of the tunnel head, and encapsulating the tunnel head and the outer layer IP head for the second message.
7. An apparatus for data forwarding, the apparatus comprising:
an establishing module, configured to receive a first packet from a tunnel, where the first packet includes an outer layer Internet Protocol (IP) header, a tunnel header, and an inner layer ethernet header, and terminate the tunnel, and if corresponding information is not found in a Media Access Control (MAC) table according to a source MAC address in the inner layer ethernet header, establish a correspondence between an SMAC address in the inner layer ethernet header and a source IP address in the outer layer IP header in the MAC table;
and the forwarding module is used for searching the MAC table according to a Destination Media Access Control (DMAC) address in the Ethernet header of the second message when the second message is received, and performing tunnel encapsulation on the second message according to an IP address corresponding to the DMAC address in the Ethernet header of the second message in the MAC table and forwarding the encapsulated message if the DMAC address in the Ethernet header of the second message is found.
8. The device of claim 7, wherein the forwarding module is further configured to:
if the DMAC address in the Ethernet header of the second message is not found in the MAC table, determining a user network from which the second message comes according to a port for receiving the second message, obtaining a multicast IP address and a multicast MAC address corresponding to the user network from which the second message comes according to a preset corresponding relation between the user network and the multicast IP address and the multicast MAC address, packaging the second message by taking the obtained multicast IP address as the DMAC address of an outer Ethernet header and taking the obtained multicast MAC address as the DIP address of an outer IP header, and multicasting and sending the packaged message.
9. The apparatus of claim 7, wherein the establishing module comprises:
an obtaining unit, configured to obtain a virtual switch instance VSI of a user network from which the first packet comes, and obtain a source IP address in an outer IP header of the first packet;
and the establishing unit is used for establishing the corresponding relation between the index and the source IP address in the outer IP header in the MAC table by taking the VSI of the user network and the SMAC address in the inner Ethernet header as the index.
10. The apparatus of claim 9, wherein the obtaining unit is configured to:
and acquiring a Virtual Network Identifier (VNID) in the tunnel header of the first message, and determining a virtual network identifier (VSI) corresponding to the VNID in the tunnel header of the first message according to a preset mapping between the VNID and the VSI.
11. The apparatus of claim 10, wherein the obtaining unit is configured to:
if the tunnel is a Generic Routing Encapsulation (GRE) tunnel, acquiring a Virtual Subnet Identifier (VSID) in a tunnel header of the first message, and determining a VSI corresponding to the VSID in the tunnel header of the first message according to mapping of a preset VSID and the VSI; or,
and if the tunnel is a virtual extensible local area network VxLAN tunnel, acquiring a virtual extensible local area network identifier (VNI) in the tunnel head of the first message, and determining a virtual extensible local area network identifier (VSI) corresponding to the VNI in the tunnel head of the first message according to the mapping of the preset VNI and the VSI.
12. The apparatus of claim 9, wherein the forwarding module comprises:
a searching unit, configured to determine, according to a port that receives the second packet, a VSI of a user network from which the second packet comes, search, in the MAC table, a combination of the VSI of the user network from which the second packet comes and a DMAC address in an ethernet header of the second packet, and if a combination of the VSI of the user network from which the second packet comes and the DMAC address in the ethernet header of the second packet is found, obtain, in the MAC table, an IP address corresponding to a combination of the VSI of the user network from which the second packet comes and the DMAC address in the ethernet header of the second packet;
and the encapsulation unit is used for taking the obtained IP address as a destination DIP address of the tunnel head and encapsulating the tunnel head and the outer layer IP head for the second message.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201210479376.6A CN103841023B (en) | 2012-11-22 | 2012-11-22 | The method and apparatus of data forwarding |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201210479376.6A CN103841023B (en) | 2012-11-22 | 2012-11-22 | The method and apparatus of data forwarding |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN103841023A true CN103841023A (en) | 2014-06-04 |
| CN103841023B CN103841023B (en) | 2017-03-08 |
Family
ID=50804175
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201210479376.6A Active CN103841023B (en) | 2012-11-22 | 2012-11-22 | The method and apparatus of data forwarding |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN103841023B (en) |
Cited By (21)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN104243630A (en) * | 2014-09-29 | 2014-12-24 | 杭州华三通信技术有限公司 | MAC (media access control) address learning method and MAC address learning device in VXLAN (virtual extensible local area network) |
| CN104243268A (en) * | 2014-09-19 | 2014-12-24 | 杭州华三通信技术有限公司 | Association method and device between virtual extensible local area networks (VXLAN) and tunnel |
| CN104243318A (en) * | 2014-09-29 | 2014-12-24 | 杭州华三通信技术有限公司 | MAC (media access control) address learning method and MAC address learning device in VXLAN (virtual extensible local area network) |
| CN104518940A (en) * | 2014-10-27 | 2015-04-15 | 华为技术有限公司 | Communication method and device for NVO3 (network virtualization over layer 3) network and MPLS (multi-protocol label switching) network |
| CN105227421A (en) * | 2014-07-03 | 2016-01-06 | 杭州华三通信技术有限公司 | Message processing method in a kind of stacking network and device |
| CN105490995A (en) * | 2014-09-30 | 2016-04-13 | 国际商业机器公司 | Method and device for forwarding message by NVE in NVO3 network |
| CN105591865A (en) * | 2014-10-21 | 2016-05-18 | 中兴通讯股份有限公司 | Method, NVE device, NVA device, and system for virtual network realization |
| CN105763385A (en) * | 2016-04-27 | 2016-07-13 | 杭州华三通信技术有限公司 | Flow scheduling method and apparatus |
| CN105763416A (en) * | 2016-04-27 | 2016-07-13 | 杭州华三通信技术有限公司 | Data transmission method and controller |
| CN106209648A (en) * | 2015-05-04 | 2016-12-07 | 杭州华三通信技术有限公司 | Multicast data packet forwarding method and apparatus across virtual expansible LAN |
| CN106899500A (en) * | 2016-12-16 | 2017-06-27 | 新华三技术有限公司 | A kind of message processing method and device across virtual expansible LAN |
| CN108199963A (en) * | 2017-12-27 | 2018-06-22 | 新华三技术有限公司 | Message forwarding method and device |
| CN108353029A (en) * | 2015-06-25 | 2018-07-31 | Nec实验室欧洲有限公司 | For managing the method and system for calculating the data service in network |
| US20180351878A1 (en) | 2015-05-04 | 2018-12-06 | New H3C Technologies Co., Ltd. | Multicast data packet forwarding |
| CN109039916A (en) * | 2018-09-13 | 2018-12-18 | 迈普通信技术股份有限公司 | Message forwarding method, device and storage medium |
| US10511547B2 (en) | 2015-05-04 | 2019-12-17 | New H3C Technologies Co., Ltd. | Multicast data packet forwarding |
| CN111182016A (en) * | 2018-11-12 | 2020-05-19 | 中移(杭州)信息技术有限公司 | PPPoE dialing message transmission method and device |
| CN111885596A (en) * | 2020-08-03 | 2020-11-03 | 南京创通微新通信有限公司 | Data forwarding system and method based on virtual port |
| CN112039920A (en) * | 2020-09-14 | 2020-12-04 | 迈普通信技术股份有限公司 | Communication method, communication device, electronic device and storage medium |
| WO2023010730A1 (en) * | 2021-08-02 | 2023-02-09 | 武汉绿色网络信息服务有限责任公司 | Data packet parsing method and server |
| CN116137585A (en) * | 2023-04-20 | 2023-05-19 | 武汉绿色网络信息服务有限责任公司 | Message forwarding method, device, computer equipment and storage medium |
Citations (11)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| EP1672850A2 (en) * | 2003-09-06 | 2006-06-21 | Fujitsu Limited | Method for a virtual private network (VPN) with channelized Ethernet over Sonet (EoS) |
| CN101094155A (en) * | 2007-08-02 | 2007-12-26 | 杭州华三通信技术有限公司 | Method for establishing IPv6 tunnel, IPv6 tunnel communication method, and Ipv4 periphery devices |
| CN101110746A (en) * | 2007-08-16 | 2008-01-23 | 华为技术有限公司 | Edge equipment of operators, city Ethernet access network and its data processing method |
| CN101127717A (en) * | 2007-09-30 | 2008-02-20 | 中控科技集团有限公司 | A packet forward method and switch |
| CN101146016A (en) * | 2006-09-15 | 2008-03-19 | 华为技术有限公司 | Ethernet frame transmission method and Ethernet architecture |
| CN101534209A (en) * | 2009-04-20 | 2009-09-16 | 杭州华三通信技术有限公司 | A method and device for sending multicast messages |
| CN101621525A (en) * | 2009-08-05 | 2010-01-06 | 杭州华三通信技术有限公司 | Method and equipment for treating legal entries |
| EP2252096A1 (en) * | 2009-05-14 | 2010-11-17 | Avaya Inc. | Unifying local and mobility network identifiers |
| CN101938415A (en) * | 2010-08-30 | 2011-01-05 | 北京傲天动联技术有限公司 | Rapid forwarding method for network forwarding device |
| CN102325073A (en) * | 2011-07-06 | 2012-01-18 | 杭州华三通信技术有限公司 | VPLS (Virtual Private Local Area Network Service)-based message processing method and device thereof |
| CN102752210A (en) * | 2012-07-09 | 2012-10-24 | 瑞斯康达科技发展股份有限公司 | Inter-LAN (local area network) message transmission method and system |
-
2012
- 2012-11-22 CN CN201210479376.6A patent/CN103841023B/en active Active
Patent Citations (11)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| EP1672850A2 (en) * | 2003-09-06 | 2006-06-21 | Fujitsu Limited | Method for a virtual private network (VPN) with channelized Ethernet over Sonet (EoS) |
| CN101146016A (en) * | 2006-09-15 | 2008-03-19 | 华为技术有限公司 | Ethernet frame transmission method and Ethernet architecture |
| CN101094155A (en) * | 2007-08-02 | 2007-12-26 | 杭州华三通信技术有限公司 | Method for establishing IPv6 tunnel, IPv6 tunnel communication method, and Ipv4 periphery devices |
| CN101110746A (en) * | 2007-08-16 | 2008-01-23 | 华为技术有限公司 | Edge equipment of operators, city Ethernet access network and its data processing method |
| CN101127717A (en) * | 2007-09-30 | 2008-02-20 | 中控科技集团有限公司 | A packet forward method and switch |
| CN101534209A (en) * | 2009-04-20 | 2009-09-16 | 杭州华三通信技术有限公司 | A method and device for sending multicast messages |
| EP2252096A1 (en) * | 2009-05-14 | 2010-11-17 | Avaya Inc. | Unifying local and mobility network identifiers |
| CN101621525A (en) * | 2009-08-05 | 2010-01-06 | 杭州华三通信技术有限公司 | Method and equipment for treating legal entries |
| CN101938415A (en) * | 2010-08-30 | 2011-01-05 | 北京傲天动联技术有限公司 | Rapid forwarding method for network forwarding device |
| CN102325073A (en) * | 2011-07-06 | 2012-01-18 | 杭州华三通信技术有限公司 | VPLS (Virtual Private Local Area Network Service)-based message processing method and device thereof |
| CN102752210A (en) * | 2012-07-09 | 2012-10-24 | 瑞斯康达科技发展股份有限公司 | Inter-LAN (local area network) message transmission method and system |
Non-Patent Citations (1)
| Title |
|---|
| 韩言妮,覃毅芳,慈松: "未来网络虚拟化关键技术研究", 《中兴通讯技术》 * |
Cited By (36)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN105227421B (en) * | 2014-07-03 | 2018-11-09 | 新华三技术有限公司 | Message processing method and device in a kind of stacking network |
| CN105227421A (en) * | 2014-07-03 | 2016-01-06 | 杭州华三通信技术有限公司 | Message processing method in a kind of stacking network and device |
| CN104243268B (en) * | 2014-09-19 | 2017-05-10 | 新华三技术有限公司 | Association method and device between virtual extensible local area networks (VXLAN) and tunnel |
| CN104243268A (en) * | 2014-09-19 | 2014-12-24 | 杭州华三通信技术有限公司 | Association method and device between virtual extensible local area networks (VXLAN) and tunnel |
| US11012261B2 (en) | 2014-09-19 | 2021-05-18 | Hewlett Packard Enterprise Development Lp | Associating VXLANs with tunnels |
| CN104243630A (en) * | 2014-09-29 | 2014-12-24 | 杭州华三通信技术有限公司 | MAC (media access control) address learning method and MAC address learning device in VXLAN (virtual extensible local area network) |
| CN104243630B (en) * | 2014-09-29 | 2017-10-03 | 新华三技术有限公司 | MAC address learning method and device in VXLAN networks |
| CN104243318A (en) * | 2014-09-29 | 2014-12-24 | 杭州华三通信技术有限公司 | MAC (media access control) address learning method and MAC address learning device in VXLAN (virtual extensible local area network) |
| US10956194B2 (en) | 2014-09-29 | 2021-03-23 | Hewlett Packard Enterprise Development Lp | Learning a MAC address in VXLAN |
| CN105490995A (en) * | 2014-09-30 | 2016-04-13 | 国际商业机器公司 | Method and device for forwarding message by NVE in NVO3 network |
| CN105490995B (en) * | 2014-09-30 | 2018-04-20 | 国际商业机器公司 | A kind of method and apparatus that NVE E-Packets in NVO3 networks |
| CN105591865A (en) * | 2014-10-21 | 2016-05-18 | 中兴通讯股份有限公司 | Method, NVE device, NVA device, and system for virtual network realization |
| CN104518940A (en) * | 2014-10-27 | 2015-04-15 | 华为技术有限公司 | Communication method and device for NVO3 (network virtualization over layer 3) network and MPLS (multi-protocol label switching) network |
| US10484203B2 (en) | 2014-10-27 | 2019-11-19 | Huawei Technologies Co., Ltd. | Method for implementing communication between NVO3 network and MPLS network, and apparatus |
| CN106209648B (en) * | 2015-05-04 | 2019-06-14 | 新华三技术有限公司 | Multicast data packet forwarding method and apparatus across virtual expansible local area network |
| CN106209648A (en) * | 2015-05-04 | 2016-12-07 | 杭州华三通信技术有限公司 | Multicast data packet forwarding method and apparatus across virtual expansible LAN |
| US20180351878A1 (en) | 2015-05-04 | 2018-12-06 | New H3C Technologies Co., Ltd. | Multicast data packet forwarding |
| US10511547B2 (en) | 2015-05-04 | 2019-12-17 | New H3C Technologies Co., Ltd. | Multicast data packet forwarding |
| US10341223B2 (en) | 2015-05-04 | 2019-07-02 | New H3C Technologies Co., Ltd. | Multicast data packet forwarding |
| US10326712B2 (en) | 2015-05-04 | 2019-06-18 | New H3C Technologies Co., Ltd. | Multicast data packet forwarding |
| CN108353029A (en) * | 2015-06-25 | 2018-07-31 | Nec实验室欧洲有限公司 | For managing the method and system for calculating the data service in network |
| CN105763385A (en) * | 2016-04-27 | 2016-07-13 | 杭州华三通信技术有限公司 | Flow scheduling method and apparatus |
| CN105763416B (en) * | 2016-04-27 | 2019-06-11 | 新华三技术有限公司 | A kind of data transmission method and controller |
| CN105763385B (en) * | 2016-04-27 | 2019-05-07 | 新华三技术有限公司 | Traffic scheduling method and device |
| CN105763416A (en) * | 2016-04-27 | 2016-07-13 | 杭州华三通信技术有限公司 | Data transmission method and controller |
| CN106899500B (en) * | 2016-12-16 | 2020-06-26 | 新华三技术有限公司 | Message processing method and device for cross-virtual extensible local area network |
| CN106899500A (en) * | 2016-12-16 | 2017-06-27 | 新华三技术有限公司 | A kind of message processing method and device across virtual expansible LAN |
| CN108199963A (en) * | 2017-12-27 | 2018-06-22 | 新华三技术有限公司 | Message forwarding method and device |
| CN109039916A (en) * | 2018-09-13 | 2018-12-18 | 迈普通信技术股份有限公司 | Message forwarding method, device and storage medium |
| CN111182016A (en) * | 2018-11-12 | 2020-05-19 | 中移(杭州)信息技术有限公司 | PPPoE dialing message transmission method and device |
| CN111182016B (en) * | 2018-11-12 | 2022-12-27 | 中移(杭州)信息技术有限公司 | PPPoE dialing message transmission method and device |
| CN111885596A (en) * | 2020-08-03 | 2020-11-03 | 南京创通微新通信有限公司 | Data forwarding system and method based on virtual port |
| CN112039920A (en) * | 2020-09-14 | 2020-12-04 | 迈普通信技术股份有限公司 | Communication method, communication device, electronic device and storage medium |
| CN112039920B (en) * | 2020-09-14 | 2022-02-22 | 迈普通信技术股份有限公司 | Communication method, communication device, electronic device and storage medium |
| WO2023010730A1 (en) * | 2021-08-02 | 2023-02-09 | 武汉绿色网络信息服务有限责任公司 | Data packet parsing method and server |
| CN116137585A (en) * | 2023-04-20 | 2023-05-19 | 武汉绿色网络信息服务有限责任公司 | Message forwarding method, device, computer equipment and storage medium |
Also Published As
| Publication number | Publication date |
|---|---|
| CN103841023B (en) | 2017-03-08 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN103841023B (en) | The method and apparatus of data forwarding | |
| US11765000B2 (en) | Method and system for virtual and physical network integration | |
| US10110490B2 (en) | Method and apparatus for forwarding packet | |
| CN105577548B (en) | Message processing method and device in a kind of software defined network | |
| EP3240250B1 (en) | Virtual router terminating an overlay tunnel in a storage area network | |
| CN104935516B (en) | Communication system and method based on software defined network | |
| US8819267B2 (en) | Network virtualization without gateway function | |
| CN105812259B (en) | A kind of message forwarding method and equipment | |
| US8879569B2 (en) | Virtual network connection method, network system, and network device | |
| CN102316030B (en) | Method for realizing two-layer internetworking of data center and device | |
| WO2022062506A1 (en) | Data processing method and apparatus, storage medium, and electronic apparatus | |
| CN108964940B (en) | Message sending method and device and storage medium | |
| CN106878136B (en) | Message forwarding method and device | |
| CN107317752B (en) | Method and device for forwarding data message | |
| CN114095305A (en) | BIER message forwarding method, equipment and system | |
| CN109474507B (en) | Message forwarding method and device | |
| CN105099847A (en) | Multi-homing access method and device | |
| WO2020220459A1 (en) | Vxlan and openflow-based method and system for sharing virtual home network | |
| CN103685007B (en) | A kind of mac learning method when edge device message forwards and edge device | |
| CN114598644A (en) | BIER message forwarding method, equipment and system | |
| CN108259297B (en) | Message processing method and device | |
| CN110401726B (en) | Method, device and equipment for processing address resolution protocol message and storage medium | |
| CN107547691B (en) | Address resolution protocol message proxy method and device | |
| CN110620715B (en) | Virtual extended local area network communication method, tunnel endpoint and controller | |
| CN114666269B (en) | VLAN message forwarding method, device, equipment and medium based on IP subnet |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C14 | Grant of patent or utility model | ||
| GR01 | Patent grant |