Movatterモバイル変換

[0]ホーム
URL:

CN115189987A - Implementation method, system, device and program product of network virtualization - Google Patents

Implementation method, system, device and program product of network virtualizationDownload PDF

Info

Publication number
CN115189987A
CN115189987ACN202210727754.1ACN202210727754ACN115189987ACN 115189987 ACN115189987 ACN 115189987ACN 202210727754 ACN202210727754 ACN 202210727754ACN 115189987 ACN115189987 ACN 115189987A
Authority
CN
China
Prior art keywords
intelligent switch
source
message
destination
server
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN202210727754.1A
Other languages
Chinese (zh)
Inventor
李兆耕
王佩龙
龚志敏
牛立新
黄冰
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Beijing Baidu Netcom Science and Technology Co Ltd
Original Assignee
Beijing Baidu Netcom Science and Technology Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Beijing Baidu Netcom Science and Technology Co LtdfiledCriticalBeijing Baidu Netcom Science and Technology Co Ltd
Priority to CN202210727754.1ApriorityCriticalpatent/CN115189987A/en
Publication of CN115189987ApublicationCriticalpatent/CN115189987A/en
Pendinglegal-statusCriticalCurrent

Links

Images

Classifications

Landscapes

Abstract

The disclosure provides a method, a system, an apparatus, an electronic device, a storage medium and a computer program product for implementing network virtualization, relates to the technical field of artificial intelligence, in particular to cloud computing and cloud network technology, and can be used in an intelligent cloud scene. The specific implementation scheme is as follows: acquiring a message to be forwarded from a source server to a destination server; determining a tunnel rule representing a virtual communication path for forwarding a message in a virtual network through a source intelligent switch corresponding to a source server and a target intelligent switch corresponding to a target server, wherein a central processing unit in the intelligent switch is in communication connection with a switching chip through a plurality of message receiving and transmitting units; and performing data plane processing on the message through the source intelligent switch and the target intelligent switch based on the tunnel rule, and forwarding the message to the target server from the source server through the virtual network according to a data plane processing result. The present disclosure improves the flexibility and convenience of the network virtualization process of the physical server.

Description

Translated fromChinese
网络虚拟化的实现方法、系统、装置及程序产品Implementation method, system, device and program product of network virtualization

技术领域technical field

本公开涉及人工智能技术领域,具体涉及云计算和云网络技术,尤其涉及网络虚拟化的实现方法、系统、装置、电子设备、存储介质以及计算机程序产品,可用于智能云场景下。The present disclosure relates to the field of artificial intelligence technologies, in particular to cloud computing and cloud network technologies, and in particular to methods, systems, devices, electronic devices, storage media and computer program products for implementing network virtualization, which can be used in intelligent cloud scenarios.

背景技术Background technique

为了降低虚拟机带来的额外虚拟化开销,在云计算中,存在一类直接以服务器形态交付的技术,通常称为裸金属(Bare Metal)。虽然裸金属技术可以避免计算虚拟化开销,但出于多租户资源隔离的考量,其仍然需要接入虚拟网络,实现裸金属服务器的网络虚拟化。现有技术中,往往需要对服务器进行一定的改进,例如在服务器设置智能网卡,才能将其接入虚拟网络。In order to reduce the additional virtualization overhead caused by virtual machines, in cloud computing, there is a technology that is directly delivered in the form of servers, usually called bare metal. Although bare metal technology can avoid computing virtualization overhead, it still needs to be connected to a virtual network to realize network virtualization of bare metal servers due to the consideration of multi-tenant resource isolation. In the prior art, it is often necessary to make certain improvements to the server, such as setting an intelligent network card on the server before it can be connected to a virtual network.

发明内容SUMMARY OF THE INVENTION

本公开提供了一种网络虚拟化的实现方法、系统、装置、电子设备、存储介质以及计算机程序产品。The present disclosure provides a method, system, apparatus, electronic device, storage medium, and computer program product for realizing network virtualization.

根据第一方面,提供了一种网络虚拟化的实现方法,包括:获取待从源服务器转发至目的服务器的报文;通过源服务器对应的源智能交换机和目的服务器对应的目的智能交换机,确定表征虚拟网络中用于转发报文的虚拟通信路径的隧道规则,其中,源智能交换机和目的智能交换机中的中央处理器通过多个报文收发单元与交换芯片通信连接;通过源智能交换机和目的智能交换机,基于隧道规则,对报文进行数据面处理,并根据数据面处理结果,将报文从源服务器,经由虚拟网络,转发至目的服务器。According to a first aspect, a method for implementing network virtualization is provided, including: obtaining a message to be forwarded from a source server to a destination server; A tunnel rule for a virtual communication path used to forward packets in a virtual network, wherein the central processors in the source intelligent switch and the destination intelligent switch communicate with the switching chip through multiple packet sending and receiving units; through the source intelligent switch and the destination intelligent switch The switch, based on the tunnel rules, processes the data plane of the packet, and forwards the packet from the source server to the destination server via the virtual network according to the data plane processing result.

根据第二方面,提供了一种网络虚拟化的实现系统,包括:网络控制器、智能交换机和服务器,其中:网络控制器,用于管理虚拟网络涉及的隧道规则,并将隧道规则同步至虚拟网络中对应的智能交换机,其中,智能交换机中的中央处理器通过多个报文收发单元与交换芯片通信连接;智能交换机,用于获取待从源服务器转发至目的服务器的报文;通过源服务器对应的源智能交换机和目的服务器对应的目的智能交换机,确定表征虚拟网络中用于转发报文的虚拟通信路径的隧道规则,并基于隧道规则,对报文进行数据面处理,以根据数据面处理结果将报文从源服务器,经由虚拟网络,转发至目的服务器。According to a second aspect, a system for realizing network virtualization is provided, including: a network controller, an intelligent switch and a server, wherein: the network controller is used for managing tunnel rules involved in a virtual network and synchronizing the tunnel rules to the virtual network The corresponding intelligent switch in the network, wherein the central processing unit in the intelligent switch communicates with the switching chip through a plurality of message sending and receiving units; the intelligent switch is used to obtain the message to be forwarded from the source server to the destination server; through the source server The corresponding source intelligent switch and the destination intelligent switch corresponding to the destination server determine the tunnel rules that characterize the virtual communication path used to forward packets in the virtual network, and based on the tunnel rules, perform data plane processing on the packets to process the packets according to the data plane. As a result, the message is forwarded from the source server to the destination server via the virtual network.

根据第三方面,提供了一种网络虚拟化的实现装置,包括:获取单元,被配置成获取待从源服务器转发至目的服务器的报文;确定单元,被配置成通过源服务器对应的源智能交换机和目的服务器对应的目的智能交换机,确定表征虚拟网络中用于转发报文的虚拟通信路径的隧道规则,其中,源智能交换机和目的智能交换机中的中央处理器通过多个报文收发单元与交换芯片通信连接;转发单元,被配置成通过源智能交换机和目的智能交换机,基于隧道规则,对报文进行数据面处理,并根据数据面处理结果,将报文从源服务器,经由虚拟网络,转发至目的服务器。According to a third aspect, a device for implementing network virtualization is provided, comprising: an obtaining unit configured to obtain a message to be forwarded from a source server to a destination server; a determining unit configured to obtain a message through a source intelligence corresponding to the source server The destination intelligent switch corresponding to the switch and the destination server determines the tunnel rule representing the virtual communication path in the virtual network for forwarding packets, wherein the central processors in the source intelligent switch and the destination intelligent switch communicate with each other through multiple packet sending and receiving units. The switching chip is connected for communication; the forwarding unit is configured to process the data plane of the packet through the source intelligent switch and the destination intelligent switch based on the tunnel rules, and send the packet from the source server to the virtual network according to the data plane processing result. forwarded to the destination server.

根据第四方面,提供了一种电子设备,包括:至少一个处理器;以及与至少一个处理器通信连接的存储器;其中,存储器存储有可被至少一个处理器执行的指令,指令被至少一个处理器执行,以使至少一个处理器能够执行如第一方面任一实现方式描述的方法。According to a fourth aspect, an electronic device is provided, comprising: at least one processor; and a memory communicatively connected to the at least one processor; wherein the memory stores instructions executable by the at least one processor, and the instructions are processed by the at least one processor The processor executes to enable at least one processor to execute the method as described in any implementation form of the first aspect.

根据第五方面,提供了一种存储有计算机指令的非瞬时计算机可读存储介质,计算机指令用于使计算机执行如第一方面任一实现方式描述的方法。According to a fifth aspect, there is provided a non-transitory computer-readable storage medium storing computer instructions for causing a computer to perform a method as described in any implementation manner of the first aspect.

根据第六方面,提供了一种计算机程序产品,包括:计算机程序,计算机程序在被处理器执行时实现如第一方面任一实现方式描述的方法。According to a sixth aspect, there is provided a computer program product, comprising: a computer program that, when executed by a processor, implements the method described in any implementation manner of the first aspect.

根据本公开的技术,提供了一种网络虚拟化的实现方法,智能交换机中的中央处理器通过多个报文收发单元与交换芯片通信连接,具有较强的数据面处理能力,能够直接将物理服务器接入虚拟网络,提高了物理服务器的网络虚拟化过程的灵活性和便捷性。According to the technology of the present disclosure, a method for realizing network virtualization is provided. The central processing unit in the intelligent switch is communicated and connected to the switching chip through a plurality of message sending and receiving units, has strong data plane processing capability, and can directly convert physical The server is connected to the virtual network, which improves the flexibility and convenience of the network virtualization process of the physical server.

应当理解,本部分所描述的内容并非旨在标识本公开的实施例的关键或重要特征,也不用于限制本公开的范围。本公开的其它特征将通过以下的说明书而变得容易理解。It should be understood that what is described in this section is not intended to identify key or critical features of embodiments of the disclosure, nor is it intended to limit the scope of the disclosure. Other features of the present disclosure will become readily understood from the following description.

附图说明Description of drawings

附图用于更好地理解本方案,不构成对本公开的限定。其中:The accompanying drawings are used for better understanding of the present solution, and do not constitute a limitation to the present disclosure. in:

图1是根据本公开的一个实施例可以应用于其中的示例性系统架构图;1 is an exemplary system architecture diagram to which an embodiment of the present disclosure may be applied;

图2是根据本公开的网络虚拟化的实现方法的一个实施例的流程图;2 is a flowchart of an embodiment of a method for implementing network virtualization according to the present disclosure;

图3是根据本实施例的智能交换机的结构示意图;3 is a schematic structural diagram of an intelligent switch according to the present embodiment;

图4是根据本实施例的网络虚拟化的实现方法的应用场景的示意图;4 is a schematic diagram of an application scenario of the method for implementing network virtualization according to the present embodiment;

图5是根据本公开的网络虚拟化的实现方法的又一个实施例的流程图;FIG. 5 is a flowchart of yet another embodiment of a method for implementing network virtualization according to the present disclosure;

图6根据本公开的网络虚拟化的实现方法的一个具体实施例所适用的系统结构图;FIG. 6 is a system structure diagram to which a specific embodiment of the implementation method of network virtualization according to the present disclosure is applicable;

图7根据本公开的网络虚拟化的实现系统的一个实施例的结构图;7 is a structural diagram of an embodiment of a system for implementing network virtualization according to the present disclosure;

图8是根据本公开的网络虚拟化的实现装置的一个实施例的结构图;8 is a structural diagram of an embodiment of an apparatus for implementing network virtualization according to the present disclosure;

图9是适于用来实现本公开实施例的计算机系统的结构示意图。FIG. 9 is a schematic structural diagram of a computer system suitable for implementing embodiments of the present disclosure.

具体实施方式Detailed ways

以下结合附图对本公开的示范性实施例做出说明,其中包括本公开实施例的各种细节以助于理解,应当将它们认为仅仅是示范性的。因此,本领域普通技术人员应当认识到,可以对这里描述的实施例做出各种改变和修改,而不会背离本公开的范围和精神。同样,为了清楚和简明,以下的描述中省略了对公知功能和结构的描述。Exemplary embodiments of the present disclosure are described below with reference to the accompanying drawings, which include various details of the embodiments of the present disclosure to facilitate understanding and should be considered as exemplary only. Accordingly, those of ordinary skill in the art will recognize that various changes and modifications of the embodiments described herein can be made without departing from the scope and spirit of the present disclosure. Also, descriptions of well-known functions and constructions are omitted from the following description for clarity and conciseness.

本公开的技术方案中,所涉及的用户个人信息的收集、存储、使用、加工、传输、提供和公开等处理,均符合相关法律法规的规定,且不违背公序良俗。In the technical solutions of the present disclosure, the collection, storage, use, processing, transmission, provision, and disclosure of the user's personal information involved are all in compliance with relevant laws and regulations, and do not violate public order and good customs.

图1示出了可以应用本公开的网络虚拟化的实现方法及装置的示例性架构100。FIG. 1 shows anexemplary architecture 100 to which the method and apparatus for implementing network virtualization of the present disclosure may be applied.

如图1所示,系统架构100可以包括服务器101、102、103,网络104和部署虚拟网络对应的服务器集群105。服务器101、102、103之间通信连接构成拓扑网络,网络104用以在服务器101、102、103和服务器集群105之间提供通信链路的介质。网络104可以包括各种连接类型,例如有线、无线通信链路或者光纤电缆等等。As shown in FIG. 1 , thesystem architecture 100 may includeservers 101 , 102 , and 103 , anetwork 104 and aserver cluster 105 corresponding to the deployment virtual network. The communication connections among theservers 101 , 102 , and 103 constitute a topology network, and thenetwork 104 is used as a medium for providing communication links between theservers 101 , 102 , 103 and theserver cluster 105 . Thenetwork 104 may include various connection types, such as wired, wireless communication links, or fiber optic cables, among others.

服务器101、102、103通过网络104与服务器集群105交互,以接收或发送消息等。服务器101、102、103可以是支持网络连接从而进行数据交互和数据处理的硬件设备或软件。当服务器101、102、103为硬件时,其可以是支持网络连接,信息获取、交互、显示、处理等功能的各种服务器,包括但不限于裸金属服务器等物理服务器。当服务器101、102、103为软件时,可以安装在上述所列举的电子设备中。其可以实现成例如用来提供分布式服务的多个软件或软件模块,也可以实现成单个软件或软件模块。在此不做具体限定。Servers 101, 102, 103 interact withserver cluster 105 throughnetwork 104 to receive or send messages and the like. Theservers 101, 102, and 103 may be hardware devices or software that support network connections for data interaction and data processing. When theservers 101, 102, and 103 are hardware, they may be various servers supporting network connection, information acquisition, interaction, display, processing and other functions, including but not limited to physical servers such as bare metal servers. When theservers 101, 102, and 103 are software, they can be installed in the electronic devices listed above. It can be implemented, for example, as multiple software or software modules for providing distributed services, or as a single software or software module. There is no specific limitation here.

服务器集群105可以是提供虚拟网络服务的服务器集群。例如,通过智能交换机对服务器101、102、103发出的报文进行数据面处理,以在源服务器和目的服务器之间转发报文,实现物理服务器的网络虚拟化的后台处理服务器集群。作为示例,服务器105可以是云端服务器。Server cluster 105 may be a server cluster that provides virtual network services. For example, data plane processing is performed on the packets sent by theservers 101, 102, and 103 through the intelligent switch to forward the packets between the source server and the destination server, so as to realize the background processing server cluster of the network virtualization of the physical server. As an example, theserver 105 may be a cloud server.

需要说明的是,服务器集群可以是硬件,也可以是软件。当服务器集群为硬件时,可以实现成多个服务器组成的分布式服务器集群。当服务器集群为软件时,可以实现成多个软件或软件模块(例如用来提供分布式服务的软件或软件模块)。在此不做具体限定。It should be noted that the server cluster can be hardware or software. When the server cluster is hardware, it can be implemented as a distributed server cluster composed of multiple servers. When the server cluster is software, it can be implemented as a plurality of software or software modules (eg, software or software modules for providing distributed services). There is no specific limitation here.

还需要说明的是,本申请的实施例所提供的网络虚拟化的实现方法可由服务器集群执行。相应地,网络虚拟化的实现装置包括的各个部分(例如各个单元)可以全部设置于服务器集群中。It should also be noted that, the implementation method of network virtualization provided by the embodiments of the present application may be executed by a server cluster. Correspondingly, each part (for example, each unit) included in the apparatus for implementing network virtualization may all be set in a server cluster.

应该理解,图1中的服务器、网络和服务器集群的数目仅仅是示意性的。根据实现需要,可以具有任意数目的服务器、网络和服务器集群。当网络虚拟化的实现方法运行于其上的电子设备不需要与其他电子设备进行数据传输时,该系统架构可以仅包括网络虚拟化的实现方法运行于其上的电子设备(例如服务器集群)。It should be understood that the numbers of servers, networks and server clusters in FIG. 1 are merely illustrative. There can be any number of servers, networks, and server clusters depending on the implementation needs. When the electronic device on which the implementation method of network virtualization runs does not need to perform data transmission with other electronic devices, the system architecture may only include the electronic device (eg, server cluster) on which the implementation method of network virtualization runs.

请参考图2,图2为本公开实施例提供的一种网络虚拟化的实现方法的流程图,其中,流程200包括以下步骤:Please refer to FIG. 2 , which is a flowchart of a method for implementing network virtualization according to an embodiment of the present disclosure, wherein theprocess 200 includes the following steps:

步骤201,获取待从源服务器转发至目的服务器的报文。Step 201: Obtain a packet to be forwarded from the source server to the destination server.

本实施例中,网络虚拟化的实现方法的执行主体(例如,图1中的服务器集群)可以获取待从源服务器转发至目的服务器的报文。In this embodiment, the execution body of the method for implementing network virtualization (for example, the server cluster in FIG. 1 ) may acquire the packets to be forwarded from the source server to the destination server.

源服务器与目的服务器相对应,其中,源服务器表征发出报文的服务器,目的服务器表征最终接收报文的服务器。需要说明的是,源服务器和目的服务器仅是针对于报文的转发过程涉及的服务器进行的区分性说明,在不同的转发过程中,相同的服务器可以担任源服务器、目的服务器多种角色。The source server corresponds to the destination server, wherein the source server represents the server that sends the message, and the destination server represents the server that finally receives the message. It should be noted that the source server and the destination server are only differentiated descriptions for the servers involved in the packet forwarding process. In different forwarding processes, the same server can play multiple roles of source server and destination server.

本实施例中,服务器可以是各种物理服务器。作为示例,服务器可以是裸金属服务器。裸金属服务器既拥有传统服务器的特点还具有云计算服务的功能。裸金属服务器可以视为升级过后的物理服务器,裸金属服务器仍然是租赁的,云服务提供商向租户提供一个裸金属服务器,对于该裸金属服务器,只有对应的唯一租户。In this embodiment, the server may be various physical servers. As an example, the server may be a bare metal server. Bare metal servers have both the characteristics of traditional servers and the functions of cloud computing services. The bare metal server can be regarded as an upgraded physical server. The bare metal server is still leased. The cloud service provider provides a bare metal server to the tenant. For the bare metal server, there is only one corresponding tenant.

对于每个服务器,上述执行主体可以为该服务器设置对应的智能交换机。每个智能交换机可以对应一个或多个服务器,当一个智能交换机对应多个服务器时,可以预先设置智能交换机的端口与相连的多个服务器的对应关系。For each server, the above-mentioned executive body may set a corresponding intelligent switch for the server. Each intelligent switch may correspond to one or more servers. When one intelligent switch corresponds to multiple servers, the corresponding relationship between the ports of the intelligent switch and the connected multiple servers may be preset.

当该服务器作为源服务器,发出报文时,该服务器对应的智能交换机可以接收该服务器发出的报文。其中,报文中携带有源服务器和目的服务器的IP(Internet Protocol,互联网协议)地址。When the server acts as a source server and sends a packet, the intelligent switch corresponding to the server can receive the packet sent by the server. The message carries IP (Internet Protocol, Internet Protocol) addresses of the source server and the destination server.

步骤202,通过源服务器对应的源智能交换机和目的服务器对应的目的智能交换机,确定表征虚拟网络中用于转发报文的虚拟通信路径的隧道规则。Step 202: Determine a tunnel rule representing a virtual communication path used for forwarding packets in the virtual network through the source intelligent switch corresponding to the source server and the destination intelligent switch corresponding to the destination server.

本实施例中,上述执行主体可以通过源服务器对应的源智能交换机和目的服务器对应的目的智能交换机,确定表征虚拟网络中用于转发报文的虚拟通信路径的隧道规则。其中,源智能交换机和目的智能交换机中的中央处理器通过多个报文收发单元与交换芯片通信连接。需要说明的是,源智能交换机和目的智能交换机均是智能交换机,仅是基于其所处的位置属性(例如源头、目的)进行的区分性描述。In this embodiment, the above-mentioned execution subject may determine a tunnel rule representing a virtual communication path used for forwarding packets in the virtual network through the source intelligent switch corresponding to the source server and the destination intelligent switch corresponding to the destination server. The central processing unit in the source intelligent switch and the destination intelligent switch communicates and connects with the switching chip through a plurality of message sending and receiving units. It should be noted that both the source smart switch and the destination smart switch are smart switches, and are only differentiated descriptions based on their location attributes (eg, source, destination).

具体的,智能交换机包括中央处理器、多个报文收发单元和交换芯片。报文收发单元为具有报文收发功能的处理单元,作为示例,报文收发单元为网卡。中央处理器和多个报文收发单元之间采用总线连接,而多个报文收发单元和交换芯片之间则采用以太网连接。总线例如可以是PCIE(peripheral component interconnect express,高速串行计算机扩展总线标准)总线。Specifically, the intelligent switch includes a central processing unit, a plurality of message sending and receiving units, and a switching chip. The message sending and receiving unit is a processing unit with a message sending and receiving function. As an example, the message sending and receiving unit is a network card. The central processing unit and the multiple message sending and receiving units are connected by bus, while the multiple message sending and receiving units and the switching chip are connected by Ethernet. The bus may be, for example, a PCIE (peripheral component interconnect express, high-speed serial computer expansion bus standard) bus.

在普通交换机,中央处理器并不做数据处理,仅仅具有管控的功能,因此采用性能较弱的型号即可,通常为嵌入式级别的中央处理器。而智能交换机的中央处理器则需要参与数据处理,因此,需要采用性能强大的型号,通常为服务器级别的中央处理器。In ordinary switches, the central processing unit does not do data processing, but only has the function of management and control. Therefore, a model with weaker performance can be used, usually an embedded-level central processing unit. The central processing unit of the smart switch needs to participate in data processing, therefore, a model with powerful performance, usually a server-level central processing unit, is required.

本实施例中,虚拟网络例如是在Underlay网络上构建的Overlay网络。其中,Underlay网络是由各类物理设备构成,通过使用路由协议保证其设备之间的IP连通性的承载网络。Overlay网络是通过网络虚拟化技术,在同一张Underlay网络上构建出的一张或者多张虚拟的逻辑网络。不同的Overlay网络虽然共享Underlay网络中的设备和线路,但是Overlay网络中的业务与Underlay网络中的物理组网和互联技术相互解耦。In this embodiment, the virtual network is, for example, an Overlay network constructed on an Underlay network. Among them, the Underlay network is a bearer network that is composed of various physical devices, and uses routing protocols to ensure IP connectivity between the devices. Overlay network is one or more virtual logical networks constructed on the same Underlay network through network virtualization technology. Although different overlay networks share the devices and lines in the underlay network, the services in the overlay network are decoupled from the physical networking and interconnection technologies in the underlay network.

本实施例中,虚拟网络的网络控制器在管理虚拟网络的过程中,负责虚拟网络中节点的创建、删除、迁移、IP(Internet Protocol,互联网协议)地址的分配绑定等操作,并对管理过程中发生变化的节点对应的隧道规则进行调整,从而确定虚拟网络中的所有计算节点之间的全量隧道规则。在管理虚拟网络的过程中,网络控制器确定虚拟网络所涉及的隧道规则,并将隧道规则同步至各智能交换机。In this embodiment, in the process of managing the virtual network, the network controller of the virtual network is responsible for operations such as creation, deletion, migration, allocation and binding of IP (Internet Protocol, Internet Protocol) addresses in the virtual network, and management of the virtual network. Tunnel rules corresponding to nodes that have changed in the process are adjusted, so as to determine full tunnel rules between all computing nodes in the virtual network. In the process of managing the virtual network, the network controller determines the tunnel rules involved in the virtual network, and synchronizes the tunnel rules to each smart switch.

隧道表征在虚拟网络中的两个节点之间构建的一条虚拟通信路径。在路径的起点,把报文整体作为载荷封装在另一个外层报文头内部,然后在路径的终点,把添加的外层报文头再剥离。这样在起点和终点之间就可以使用外层报文头(具体为起点和终点的物理网络的IP地址)进行路由,而不需要修改内层的虚拟网络报文。隧道规则表征报文在虚拟通信路径的转发规则。A tunnel represents a virtual communication path built between two nodes in a virtual network. At the start of the path, the entire packet is encapsulated as a payload inside another outer header, and then at the end of the path, the added outer header is stripped. In this way, the outer packet header (specifically, the IP addresses of the physical network of the origin and the destination) can be used for routing between the origin and the destination, without modifying the inner virtual network packet. Tunnel rules represent packet forwarding rules on virtual communication paths.

通过源服务器发出的报文中携带的源服务器和目的服务器的IP地址,源智能交换机和目的智能交换机可以确定起点为源服务器、终点为目的服务器的隧道规则。Based on the IP addresses of the source server and the destination server carried in the packets sent by the source server, the source intelligent switch and the destination intelligent switch can determine the tunnel rule that the origin is the source server and the destination is the destination server.

在本实施例的一些可选的实现方式中,智能交换机中包括具有缓存一致性的多个中央处理器,多个中央处理器分别通过多个报文收发单元与交换芯片通信连接。In some optional implementation manners of this embodiment, the intelligent switch includes multiple central processing units with cache coherence, and the multiple central processing units are respectively connected to the switch chip in communication through multiple message sending and receiving units.

如图3所示,示出了智能交换机的结构示意图。智能交换机300中包括两个性能强大的中央处理器(简称为强中央处理器)301,每个强中央处理器均通过多个报文收发单元302与交换芯片303通信连接,并且,强中央处理器设置有大容量的内存(简称为大内存)304。As shown in FIG. 3 , a schematic structural diagram of an intelligent switch is shown. Theintelligent switch 300 includes two powerful central processing units (referred to as strong central processing units) 301. Each strong central processing unit communicates with theswitching chip 303 through a plurality of message sending and receivingunits 302, and the strong central processing unit The device is provided with a large-capacity memory (referred to as large memory for short) 304 .

强中央处理器除了可以对接收到的报文进行数据面处理以外,基于智能交换机的内部结构,还具有以下功能:具有更宽的外设总线,可以连接更多的报文收发单元;具有更多的内存通道,可以连接更多的内存并使用更大的内存带宽;具有缓存一致性总线能力(如QPI/UPI等),可以把多个强中央处理器连接起来。相比于普通交换机,智能交换机具备了更强的数据处理能力与存储能力,能够灵活地完成复杂的报文处理功能。In addition to processing the data plane of the received messages, the strong central processing unit also has the following functions based on the internal structure of the smart switch: it has a wider peripheral bus, which can connect more message sending and receiving units; More memory channels can connect more memory and use larger memory bandwidth; with cache coherence bus capability (such as QPI/UPI, etc.), it can connect multiple strong central processing units. Compared with ordinary switches, smart switches have stronger data processing and storage capabilities, and can flexibly complete complex packet processing functions.

智能交换机中的网卡,主要功能是帮助中央处理器快速收发报文,因此可以称为报文收发单元。一些现代的网卡芯片除了具有报文收发功能以外,本身也具备了一定的报文处理功能(如隧道报文的封装与解封装)。此时,网卡本身除了作为报文收发单元外,也可以作为报文处理单元。如此,可以减轻中央处理器的计算压力,进一步保证数据面转发的带宽和时延性能。同样是报文处理功能,网卡芯片相比于交换芯片的主要优势在于其可以通过DMA(Direct Memory Access,直接内存存取)引擎,直接读写内存中的数据,从而获得更大的存储空间。可以理解,本实现方式中,网卡的报文处理功能为非必须功能。The main function of the network card in the smart switch is to help the central processor to send and receive messages quickly, so it can be called a message sending and receiving unit. In addition to the function of sending and receiving packets, some modern network card chips also have certain packet processing functions (such as encapsulation and decapsulation of tunnel packets). At this time, the network card itself can also be used as a message processing unit in addition to serving as a message sending and receiving unit. In this way, the calculation pressure of the central processor can be reduced, and the bandwidth and delay performance of data plane forwarding can be further guaranteed. The same is the message processing function. The main advantage of the network card chip compared to the switch chip is that it can directly read and write data in the memory through the DMA (Direct Memory Access) engine, thereby obtaining a larger storage space. It can be understood that, in this implementation manner, the packet processing function of the network card is an optional function.

对于智能交换机的设计,从硬件形态上看,网卡既可以是内置的芯片,也可以是外插的标准卡。如果是前者,那么网卡芯片和交换芯片之间就可以直接在PCB(PrintedCircuit Board,印制电路板)上通过电信号互连。如果是后者,网卡和交换芯片之间需要通过线缆(光纤或铜缆等)进行互连,并占用智能交换机的外面板网口。本实施例中,可以根据实际情况具体选择网卡的硬件形态,在此不做限定。通过智能交换机强大的数据处理能力与存储能力,上述执行主体进行报文跟踪、统计。For the design of the intelligent switch, from the perspective of hardware form, the network card can be either a built-in chip or an externally inserted standard card. If it is the former, then the network card chip and the switching chip can be directly interconnected by electrical signals on a PCB (Printed Circuit Board, printed circuit board). If it is the latter, the network card and the switch chip need to be interconnected through cables (optical fibers or copper cables, etc.), and occupy the network ports on the outer panel of the smart switch. In this embodiment, the hardware form of the network card may be specifically selected according to the actual situation, which is not limited herein. Through the powerful data processing capability and storage capability of the intelligent switch, the above-mentioned executive body performs packet tracking and statistics.

本实现方式中,智能交换机具有强大的数据处理能力,可以支持超大规模的虚拟网络中的物理服务器的接入,也可以支持诸如报文连接跟踪、精确统计等云计算中重要的功能,提高了智能交换机的实用性,以及在大规模虚拟网络下的适用性。In this implementation, the smart switch has powerful data processing capabilities, can support access to physical servers in a super-large virtual network, and can also support important functions in cloud computing such as packet connection tracking, accurate statistics, etc. The practicality of smart switches and their applicability in large-scale virtual networks.

步骤203,通过源智能交换机和目的智能交换机,基于隧道规则,对报文进行数据面处理,并根据数据面处理结果,将报文从源服务器,经由虚拟网络,转发至目的服务器。Step 203 , the source intelligent switch and the destination intelligent switch process the data plane of the packet based on the tunnel rules, and forward the packet from the source server to the destination server via the virtual network according to the data plane processing result.

本实施例中,上述执行主体可以通过源智能交换机和目的智能交换机,基于隧道规则,对报文进行数据面处理,并将报文从源服务器,经由虚拟网络,转发至目的服务器。其中,数据面处理包括智能交换机的各不同端口上的各种类型的数据的处理和转发操作,包括但不限于是报文的封装、解封装、发送、接收等处理操作。对应的,数据面处理结果可以是在源智能交换机中对报文封装得到封装后报文,在目的智能交换机中对封装后报文解封装,得到原本的报文。In this embodiment, the above-mentioned executive body may process the data plane of the packet through the source intelligent switch and the destination intelligent switch based on tunnel rules, and forward the packet from the source server to the destination server via the virtual network. The data plane processing includes processing and forwarding operations of various types of data on different ports of the intelligent switch, including but not limited to processing operations such as packet encapsulation, decapsulation, sending, and receiving. Correspondingly, the data plane processing result may be that the source intelligent switch encapsulates the packet to obtain the encapsulated packet, and the destination intelligent switch decapsulates the encapsulated packet to obtain the original packet.

作为示例,上述执行主体可以通过所确定的隧道规则所表征的源服务器和目的服务器之间的虚拟通信路径,将源服务器发出的报文经由源智能交换机、虚拟网络、目的智能交换机转发至目的服务器。在虚拟网络中,报文可能还会基于上层交换机在多个节点之间进行转发。As an example, the above-mentioned executive body may forward the packets sent by the source server to the destination server via the source intelligent switch, the virtual network, and the destination intelligent switch through the virtual communication path between the source server and the destination server represented by the determined tunnel rule. . In a virtual network, packets may also be forwarded between multiple nodes based on upper-layer switches.

继续参见图4,图4是根据本实施例的网络虚拟化的实现方法的应用场景的一个示意图400。在图4的应用场景中,虚拟网络401通过两个智能交换机402、403将裸金属服务器404、405接入虚拟网络。裸金属服务器404作为源服务器,待向作为目的服务器的裸金属服务器405发送报文。智能交换机402在获取到源服务器404的报文后,根据报文中携带的裸金属服务器404、405的IP地址,智能交换机402、403确定表征虚拟网络中用于转发报文的虚拟通信路径的隧道规则;进而,通过智能交换机402、403,基于隧道规则,对报文进行数据面处理,并将报文从源服务器404,经由虚拟网络401,转发至目的服务器405。Continue to refer to FIG. 4 , FIG. 4 is a schematic diagram 400 of an application scenario of the method for implementing network virtualization according to this embodiment. In the application scenario of FIG. 4 , thevirtual network 401 connects thebare metal servers 404 and 405 to the virtual network through twointelligent switches 402 and 403 . The bare metal server 404 acts as a source server and is to send a packet to thebare metal server 405 as a destination server. After theintelligent switch 402 obtains the packet of the source server 404, according to the IP addresses of thebare metal servers 404 and 405 carried in the packet, theintelligent switches 402 and 403 determine the information representing the virtual communication path in the virtual network for forwarding the packet. Tunnel rules; further, through theintelligent switches 402 and 403, based on the tunnel rules, the packets are processed on the data plane, and the packets are forwarded from the source server 404 to thedestination server 405 via thevirtual network 401.

本实施例中,提供了一种网络虚拟化的实现方法,智能交换机中的中央处理器通过多个报文收发单元与交换芯片通信连接,具有较强的数据面处理能力,能够直接将物理服务器接入虚拟网络,提高了物理服务器的网络虚拟化过程的灵活性和便捷性。In this embodiment, a method for realizing network virtualization is provided. The central processing unit in the intelligent switch is connected to the switching chip through a plurality of message sending and receiving units. It has strong data plane processing capability and can directly convert the physical server Accessing the virtual network improves the flexibility and convenience of the network virtualization process of physical servers.

在本实施例的一些可选的实现方式中,上述执行主体可以通过如下方式执行上出步骤202:In some optional implementation manners of this embodiment, the above-mentioned execution body may perform the uploadingstep 202 in the following manner:

第一,通过源智能交换机,确定表征源智能交换机和目的智能交换机之间的虚拟通信路径的第一隧道规则。First, through the source intelligent switch, a first tunnel rule that characterizes the virtual communication path between the source intelligent switch and the destination intelligent switch is determined.

作为示例,上述执行主体可以基于报文中携带的目的服务器的IP地址,确定目的服务器;进而,确定目的服务器对应的目的智能交换机;进而,从源智能交换机中注入的隧道规则中,确定出表征源智能交换机和目的智能交换机之间的虚拟通信路径的第一隧道规则。As an example, the above-mentioned execution body may determine the destination server based on the IP address of the destination server carried in the message; further, determine the destination intelligent switch corresponding to the destination server; and further, from the tunnel rules injected into the source intelligent switch, determine the characteristic The first tunnel rule for the virtual communication path between the source intelligent switch and the destination intelligent switch.

第二,通过目的智能交换机,确定表征目的智能交换机和目的服务器之间的虚拟通信路径的第二隧道规则。Second, through the destination intelligent switch, a second tunnel rule that characterizes the virtual communication path between the destination intelligent switch and the destination server is determined.

本实现方式中,目的智能交换机可以根据报文中携带的目的服务器的IP地址,确定目的服务器;进而,从目的智能交换机中注入的隧道规则中,确定出表征目的智能交换机和目的服务器之间的虚拟通信路径的第二隧道规则。In this implementation manner, the destination intelligent switch can determine the destination server according to the IP address of the destination server carried in the message; and further, from the tunnel rules injected into the destination intelligent switch, determine the relationship between the destination intelligent switch and the destination server. The second tunnel rule for the virtual communication path.

本实现方式中,首先确定源智能交换机和目的智能交换机之间的第一隧道规则,然后确定出目的智能交换机和目的服务器之间的第二隧道规则,以通过第一隧道规则、第二隧道规则进行报文转发,有助于提高报文转发过程的准确度。In this implementation manner, the first tunnel rule between the source intelligent switch and the destination intelligent switch is determined first, and then the second tunnel rule between the destination intelligent switch and the destination server is determined, so as to pass the first tunnel rule and the second tunnel rule Forwarding packets helps to improve the accuracy of the packet forwarding process.

在本实施例的一些可选的实现方式中,上述执行主体可以通过如下方式执行上述步骤203:In some optional implementation manners of this embodiment, the foregoing execution subject may perform the foregoingstep 203 in the following manner:

第一,通过源智能交换机,根据第一隧道规则,对报文进行数据面处理,得到封装后报文,并将封装后报文经由虚拟网络,转发至目的智能交换机。First, through the source intelligent switch, according to the first tunnel rule, the packet is processed on the data plane to obtain the encapsulated packet, and the encapsulated packet is forwarded to the destination intelligent switch through the virtual network.

本实现方式中,上述执行主体可以通过源智能交换机对报文进行外层封装。具体的,把这个报文整体作为载荷,在外层添加一个新的隧道报文头,在报文头中,源IP地址为源智能交换机的IP地址,目的IP地址为目的智能交换机的IP地址。In this implementation manner, the above-mentioned executive body may perform outer layer encapsulation on the message through the source intelligent switch. Specifically, take the whole packet as the payload, and add a new tunnel packet header in the outer layer. In the packet header, the source IP address is the IP address of the source intelligent switch, and the destination IP address is the IP address of the destination intelligent switch.

进而,将封装后报文通过源智能交换机的上联口转发出去,经由虚拟网络,传输至目的智能交换机。作为示例,源智能交换机在封装后报文上标记源智能交换机的上联口对应的VLAN(Virtual Local Area Network,虚拟局域网)ID(Identity document,身份标识号),以指示交换芯片通过VLAN ID对应的上联口将报文转发出去。本实现方式中,源智能交换机的上联口的VLAN ID相同。Further, the encapsulated packet is forwarded through the uplink port of the source intelligent switch, and transmitted to the destination intelligent switch through the virtual network. As an example, the source intelligent switch marks the VLAN (Virtual Local Area Network, virtual local area network) ID (Identity document, identity number) corresponding to the uplink port of the source intelligent switch on the encapsulated packet to instruct the switch chip to correspond to the VLAN ID The uplink port forwards the packet. In this implementation manner, the VLAN IDs of the uplink ports of the source intelligent switch are the same.

第二,通过目的智能交换机,解封装封装后报文,得到报文,并根据第二隧道规则,确定目的智能交换机的目标下联口,并通过目标下联口将报文转发至目的服务器。Second, the destination intelligent switch decapsulates the encapsulated packet to obtain the packet, determines the target downlink port of the destination intelligent switch according to the second tunnel rule, and forwards the packet to the destination server through the target downlink port.

本实现方式中,上述执行主体可以将封装后报文中的外层报文头剥离,根据内层报文的目的IP地址,结合网络控制器所注入的隧道规则,找到真实的目的服务器,并在报文上标记目标下联口对应的VLAN ID,进而通过目标下联口将报文转发至目的服务器。目标下联口可以是目的智能交换机中连接目的服务器的下联口。本实现方式中,每个下联口的VLAN ID不同。In this implementation manner, the above-mentioned execution body can strip the outer packet header in the encapsulated packet, find the real destination server according to the destination IP address of the inner packet and combine with the tunnel rules injected by the network controller, and The VLAN ID corresponding to the target downlink port is marked on the packet, and then the packet is forwarded to the destination server through the target downlink port. The target downlink port may be the downlink port in the target smart switch that is connected to the target server. In this implementation manner, the VLAN IDs of each downlink port are different.

本实现方式中,源智能交换机根据第一隧道规则将报文经由虚拟网络转发至目的智能交换机,目的智能交换机根据第二隧道规则将报文转发至目的服务器,基于源智能交换机和目的智能交换机在原有虚拟网络的基础上将服务器接入虚拟网络,并提高了报文转发过程的准确度。In this implementation, the source intelligent switch forwards the packet to the destination intelligent switch via the virtual network according to the first tunnel rule, and the destination intelligent switch forwards the packet to the destination server according to the second tunnel rule. Based on the virtual network, the server is connected to the virtual network, and the accuracy of the message forwarding process is improved.

在本实施例的一些可选的实现方式中,上述执行主体可以通过如下方式确定第一隧道规则:In some optional implementation manners of this embodiment, the foregoing executive body may determine the first tunnel rule in the following manner:

首先,通过源智能交换机中的源交换芯片,将报文经由多个源报文收发单元中的目标源报文收发单元传输至源中央处理器;然后,通过源中央处理器,确定表征源智能交换机和目的智能交换机之间的虚拟通信路径的第一隧道规则。First, through the source switching chip in the source intelligent switch, the message is transmitted to the source central processing unit through the target source message sending and receiving unit in the multiple source message sending and receiving units; then, through the source central processing unit, determine the source intelligence The first tunnel rule for the virtual communication path between the switch and the destination smart switch.

本实现方式中,源智能交换机中的中央处理器、报文收发单元、交换芯片分别视为源中央处理器、源报文收发单元、源交换芯片。具体的,源交换芯片将下联口接收到的报文进过多个网卡中的目标网卡传输至源中央处理器;源中央处理器从由网络控制器注入的隧道规则中确定出表征源智能交换机和目的智能交换机之间的虚拟通信路径的第一隧道规则。In this implementation manner, the central processing unit, the message sending and receiving unit, and the switching chip in the source intelligent switch are regarded as the source central processing unit, the source message sending and receiving unit, and the source switching chip, respectively. Specifically, the source switching chip transmits the packets received by the downlink port through the target network card among the multiple network cards to the source central processing unit; the source central processing unit determines from the tunnel rules injected by the network controller to characterize the source intelligent switch and the first tunnel rule of the virtual communication path between the destination intelligent switch.

本实现方式中,提供了智能交换机接收报文并根据报文确定第一隧道规则的具体实现方式,基于智能交换机强大的数据处理能力,提高了将服务器直接接入虚拟网络的可行性。In this implementation manner, a specific implementation manner in which the intelligent switch receives the message and determines the first tunnel rule according to the message is provided. Based on the powerful data processing capability of the intelligent switch, the feasibility of directly connecting the server to the virtual network is improved.

在本实施例的一些可选的实现方式中,上述执行主体可以通过如下方式将报文转发至目的智能交换机:In some optional implementation manners of this embodiment, the foregoing executive body may forward the packet to the destination intelligent switch in the following manner:

首先,通过源中央处理器,基于第一隧道规则所表征的虚拟通信路径,对报文进行封装,得到封装后报文;然后,通过多个源报文收发单元中的目标源报文收发单元,将封装后报文传输至源交换芯片;最后,通过源交换芯片,将封装后报文通过源智能交换机的上联口转发至虚拟网络中的上层交换机,以将封装后报文经由虚拟网络转发至目的智能交换机。First, the source central processing unit encapsulates the message based on the virtual communication path represented by the first tunnel rule to obtain an encapsulated message; then, the target source message sending and receiving unit among the multiple source message sending and receiving units is used to encapsulate the message. , and transmit the encapsulated packet to the source switching chip; finally, through the source switching chip, the encapsulated packet is forwarded to the upper-layer switch in the virtual network through the uplink port of the source intelligent switch, so that the encapsulated packet can pass through the virtual network. Forwarded to the destination smart switch.

本实现方式中,提供了智能交换机对报文进行数据面处理和转发的具体实现方式,基于智能交换机强大的数据处理能力,提高了将服务器直接接入虚拟网络的可行性。In this implementation manner, a specific implementation manner for the intelligent switch to process and forward packets on the data plane is provided. Based on the powerful data processing capability of the intelligent switch, the feasibility of directly connecting the server to the virtual network is improved.

在本实施例的一些可选的实现方式中,上述执行主体可以通过如下方式确定第二隧道规则:首先,通过目的智能交换机中的目的交换芯片,将接收到的封装后报文经由多个目的报文收发单元中的目标目的报文收发单元发送至目的中央处理器;然后,通过目的中央处理器对封装后报文进行解封装,得到报文,并根据报文确定表征目的智能交换机和目的服务器之间的虚拟通信路径的第二隧道规则。In some optional implementation manners of this embodiment, the above-mentioned execution body may determine the second tunnel rule in the following manner: First, through the destination switching chip in the destination intelligent switch, the received encapsulated message is routed through multiple destinations. The target message sending and receiving unit in the message sending and receiving unit sends the message to the target central processing unit; then, the target central processing unit decapsulates the encapsulated message to obtain the message, and determines and characterizes the target smart switch and the target according to the message. A second tunnel rule for virtual communication paths between servers.

本实现方式中,目的智能交换机中的中央处理器、报文收发单元、交换芯片分别视为目的中央处理器、目的报文收发单元、目的交换芯片。具体的,目的交换芯片将上联口接收到的封装后报文经过多个网卡中的目标网卡传输至目的中央处理器;目的中央处理器解封装得到内层报文,从由网络控制器注入的隧道规则中确定出表征目的智能交换机和目的服务器之间的虚拟通信路径的第二隧道规则。In this implementation manner, the central processing unit, the message sending and receiving unit, and the switching chip in the destination intelligent switch are regarded as the destination central processing unit, the destination message sending and receiving unit, and the destination switching chip, respectively. Specifically, the destination switching chip transmits the encapsulated packets received by the uplink port to the destination central processing unit through the target network card among the multiple network cards; the destination central processing unit decapsulates the inner layer packets, and injects them from the network controller. The second tunnel rule representing the virtual communication path between the destination intelligent switch and the destination server is determined in the tunnel rule.

本实现方式中,提供了智能交换机接收封装后报文并根据报文确定第二隧道规则的具体实现方式,基于智能交换机强大的数据处理能力,提高了将服务器直接接入虚拟网络的可行性。In this implementation manner, a specific implementation manner in which the intelligent switch receives the encapsulated packet and determines the second tunnel rule according to the packet is provided. Based on the powerful data processing capability of the intelligent switch, the feasibility of directly connecting the server to the virtual network is improved.

在本实施例的一些可选的实现方式中,上传执行主体可以通过如下方式将报文转发至目的服务器:首先,通过目的智能交换机中的中央处理器,结合报文对应的目的服务器的网络地址和第二隧道规则,标记报文对应的虚拟局域网标识;然后,通过目的交换芯片,根据虚拟局域网标识确定目的智能交换机中的目标下联口;最后,通过目标下联口将报文转发至目标服务器。In some optional implementations of this embodiment, the upload execution body may forward the message to the destination server in the following manner: First, through the central processing unit in the destination intelligent switch, combined with the network address of the destination server corresponding to the message and the second tunnel rule, mark the virtual local area network identifier corresponding to the message; then, through the destination switching chip, determine the target downlink port in the destination intelligent switch according to the virtual local area network identifier; finally, forward the message to the target server through the target downlink port.

本实现方式中,提供了智能交换机对报文进行数据面处理和转发的具体实现方式,基于智能交换机强大的数据处理能力,提高了将服务器直接接入虚拟网络的可行性。In this implementation manner, a specific implementation manner for the intelligent switch to process and forward packets on the data plane is provided. Based on the powerful data processing capability of the intelligent switch, the feasibility of directly connecting the server to the virtual network is improved.

继续参考图5,示出了根据本公开的网络虚拟化的实现方法的又一个实施例的示意性流程500,包括以下步骤:Continuing to refer to FIG. 5 , aschematic flow 500 of another embodiment of a method for implementing network virtualization according to the present disclosure is shown, including the following steps:

步骤501,获取待从源服务器转发至目的服务器的报文。Step 501: Obtain a packet to be forwarded from the source server to the destination server.

步骤502,通过源智能交换机中的源交换芯片,将报文经由多个源报文收发单元中的目标源报文收发单元传输至源中央处理器。Step 502 , through the source switching chip in the source intelligent switch, transmit the message to the source central processing unit via the target source message sending and receiving unit in the multiple source message sending and receiving units.

步骤503,通过源中央处理器,确定表征源智能交换机和目的智能交换机之间的虚拟通信路径的第一隧道规则。Step 503: Determine, by the source central processing unit, a first tunnel rule representing the virtual communication path between the source intelligent switch and the destination intelligent switch.

步骤504,通过源中央处理器,基于第一隧道规则所表征的虚拟通信路径,对报文进行封装,得到封装后报文。Instep 504, the source central processing unit encapsulates the packet based on the virtual communication path represented by the first tunnel rule to obtain an encapsulated packet.

步骤505,通过多个源报文收发单元中的目标源报文收发单元,将封装后报文传输至源交换芯片。Step 505 , the packaged message is transmitted to the source switching chip through the target source message sending and receiving unit in the multiple source message sending and receiving units.

步骤506,通过源交换芯片,将封装后报文通过源智能交换机的上联口转发至虚拟网络中的上层交换机,以将封装后报文经由虚拟网络转发至目的智能交换机。Step 506: The source switching chip forwards the encapsulated packet to the upper-layer switch in the virtual network through the uplink port of the source intelligent switch, so as to forward the encapsulated packet to the destination intelligent switch through the virtual network.

步骤507,通过目的智能交换机中的目的交换芯片,将接收到的封装后报文经由多个目的报文收发单元中的目标目的报文收发单元发送至目的中央处理器。Step 507 , through the destination switching chip in the destination intelligent switch, the received encapsulated message is sent to the destination central processing unit via the target destination message transceiving unit in the multiple destination message transceiving units.

步骤508,通过目的中央处理器对封装后报文进行解封装,得到报文,并根据报文确定表征目的智能交换机和目的服务器之间的虚拟通信路径的第二隧道规则。Step 508: Decapsulate the encapsulated packet by the destination central processing unit to obtain the packet, and determine a second tunnel rule representing the virtual communication path between the destination intelligent switch and the destination server according to the packet.

步骤509,通过目的智能交换机中的中央处理器,结合报文对应的目的服务器的网络地址和第二隧道规则,标记报文对应的虚拟局域网标识。Step 509: Mark the virtual local area network identifier corresponding to the message by combining the network address of the destination server corresponding to the message and the second tunnel rule by the central processing unit in the destination intelligent switch.

步骤510,通过目的交换芯片,根据虚拟局域网标识确定目的智能交换机中的目标下联口。Instep 510, the target downlink port in the target intelligent switch is determined according to the virtual local area network identifier through the target switch chip.

步骤511,通过目标下联口将报文转发至目标服务器。Step 511, forward the packet to the target server through the target downlink port.

从本实施例中可以看出,与图2对应的实施例相比,本实施例中的网络虚拟化的实现方法的流程500具体说明了通过智能交换机将服务器接入虚拟网络的过程,进一步提高了物理服务器的网络虚拟化过程的灵活性和便捷性。It can be seen from this embodiment that, compared with the embodiment corresponding to FIG. 2 , theprocess 500 of the method for implementing network virtualization in this embodiment specifically describes the process of connecting a server to a virtual network through an intelligent switch, which further improves the The flexibility and convenience of the network virtualization process of physical servers are realized.

继续参考图6,示出了根据本公开的网络虚拟化的实现方法的一个具体实施例所适用的系统结构示意图600。实现系统600中包括物理服务器601、602,ToR智能交换机603、604,上层交换机605、606和网络控制器607。物理服务器601、602属于同一个租户的虚拟网络,其拥有的虚拟网络IP地址分别为a和b。需要说明的是,其中的上层交换机、ToR智能交换机、物理服务器的数量仅是示例性说明。具体的,物理服务器601、602之间的报文转发过程如下:Continuing to refer to FIG. 6 , a schematic diagram 600 of a system structure to which a specific embodiment of the method for realizing network virtualization according to the present disclosure is applied is shown. Theimplementation system 600 includesphysical servers 601 and 602 , ToRintelligent switches 603 and 604 , upper-layer switches 605 and 606 and a network controller 607 . Thephysical servers 601 and 602 belong to the virtual network of the same tenant, and their virtual network IP addresses are a and b, respectively. It should be noted that the numbers of upper-layer switches, ToR smart switches, and physical servers are merely illustrative. Specifically, the packet forwarding process between thephysical servers 601 and 602 is as follows:

1、物理服务器601待向物理服务器602发送一个网络报文,网络报文中的源IP地址是a,目的IP地址是b。1. Thephysical server 601 is to send a network packet to thephysical server 602. The source IP address in the network packet is a and the destination IP address is b.

2、ToR智能交换机603上的交换芯片收到报文,将其通过网卡转发给中央处理器。2. The switch chip on the ToRintelligent switch 603 receives the message and forwards it to the central processing unit through the network card.

3、ToR智能交换机603的中央处理器上的虚拟交换机收到报文,根据网络控制器注入的隧道规则,把收到的报文整体作为载荷,在外层添加一个新的隧道报文头,隧道报文头中的源IP地址为ToR智能交换机603的IP地址S,而目的IP地址为ToR智能交换机604的IP地址D。最后将封装后的报文打上上联口对应的VLAN ID,通过网卡发给ToR智能交换机603上的交换芯片。3. The virtual switch on the central processing unit of the ToRintelligent switch 603 receives the packet, and according to the tunnel rules injected by the network controller, the received packet is taken as a payload as a whole, and a new tunnel header is added to the outer layer. The source IP address in the packet header is the IP address S of the ToRintelligent switch 603 , and the destination IP address is the IP address D of the ToRintelligent switch 604 . Finally, the encapsulated packet is marked with the VLAN ID corresponding to the uplink port, and is sent to the switching chip on the ToRintelligent switch 603 through the network card.

4、ToR智能交换机603上的交换芯片去除VLAN ID信息后,将封装后的报文通过上联口转发给上层交换机606。4. After removing the VLAN ID information, the switching chip on the ToRintelligent switch 603 forwards the encapsulated packet to the upper-layer switch 606 through the uplink port.

5、封装后的报文根据ToR智能交换机604的物理网络IP地址D进行路由,最终经过上层交换机606转发到ToR智能交换机604。5. The encapsulated packet is routed according to the physical network IP address D of the ToRintelligent switch 604, and finally forwarded to the ToRintelligent switch 604 through the upper-layer switch 606.

6、ToR智能交换机604上的交换芯片收到报文,将其通过网卡转发给中央处理器。6. The switch chip on the ToRintelligent switch 604 receives the message and forwards it to the central processing unit through the network card.

7、ToR智能交换机604上的中央处理器收到报文,将添加的外层报文头剥离,通过内层报文的目的IP地址b,结合网络控制器所注入的隧道规则,找到真实的目的物理服务器602及其在ToR智能交换机604上对应的VLAN ID,然后将内层报文添加上对应的VLAN ID,通过网卡发给ToR智能交换机604上的交换芯片。7. The central processing unit on the ToRintelligent switch 604 receives the packet, strips the added outer packet header, and finds the real packet through the destination IP address b of the inner packet and the tunnel rules injected by the network controller. The destinationphysical server 602 and its corresponding VLAN ID on the ToRintelligent switch 604, then add the corresponding VLAN ID to the inner layer packet, and send it to the switching chip on the ToRintelligent switch 604 through the network card.

8、ToR智能交换机604上的交换芯片通过VLAN ID找到物理服务器602对应的端口,将VLAN ID信息去除后转发给目的物理服务器602。至此,完成物理服务器601、602之间的网络通信。8. The switch chip on the ToRintelligent switch 604 finds the port corresponding to thephysical server 602 through the VLAN ID, removes the VLAN ID information and forwards it to the destinationphysical server 602 . So far, the network communication between thephysical servers 601 and 602 is completed.

继续参考图7,示出了根据本公开的网络虚拟化的实现系统的结构示意图,其中,数据转发系统700包括:包括网络控制器701、智能交换机702、703和服务器704、705,其中:网络控制器,用于管理虚拟网络涉及的隧道规则,并将隧道规则同步至虚拟网络中对应的智能交换机,其中,智能交换机中的中央处理器通过多个报文收发单元与交换芯片通信连接;智能交换机,用于获取待从源服务器转发至目的服务器的报文;通过源服务器对应的源智能交换机和目的服务器对应的目的智能交换机,确定表征虚拟网络中用于转发报文的虚拟通信路径的隧道规则,并基于隧道规则,对报文进行数据面处理,以根据数据面处理结果将报文从源服务器,经由虚拟网络,转发至目的服务器。Continuing to refer to FIG. 7 , there is shown a schematic structural diagram of a system for implementing network virtualization according to the present disclosure, wherein thedata forwarding system 700 includes: anetwork controller 701 ,intelligent switches 702 , 703 andservers 704 , 705 , wherein: a network The controller is used for managing the tunnel rules involved in the virtual network, and synchronizing the tunnel rules to the corresponding intelligent switch in the virtual network, wherein the central processing unit in the intelligent switch communicates and connects with the switching chip through a plurality of message sending and receiving units; The switch is used to obtain the message to be forwarded from the source server to the destination server; through the source intelligent switch corresponding to the source server and the destination intelligent switch corresponding to the destination server, determine the tunnel representing the virtual communication path in the virtual network for forwarding the message Based on the tunnel rules, data plane processing is performed on packets, so as to forward packets from the source server to the destination server via the virtual network according to the data plane processing results.

在本实施例的一些可选的实现方式中,源智能交换机,用于确定表征源智能交换机和目的智能交换机之间的虚拟通信路径的第一隧道规则;目的智能交换机,用于确定表征目的智能交换机和目的服务器之间的虚拟通信路径的第二隧道规则。In some optional implementations of this embodiment, the source intelligent switch is used to determine the first tunnel rule representing the virtual communication path between the source intelligent switch and the destination intelligent switch; the destination intelligent switch is used to determine the destination intelligent switch A second tunnel rule for the virtual communication path between the switch and the destination server.

在本实施例的一些可选的实现方式中,源智能交换机,还用于根据第一隧道规则,对报文进行数据面处理,得到封装后报文,并将封装后报文经由虚拟网络,转发至目的智能交换机;目的智能交换机,还用于解封装封装后报文,得到报文,并根据第二隧道规则,确定目的智能交换机的目标下联口,并通过目标下联口将报文转发至目的服务器。In some optional implementations of this embodiment, the source intelligent switch is further configured to process the data plane of the packet according to the first tunnel rule to obtain the encapsulated packet, and pass the encapsulated packet through the virtual network, Forwarding to the destination intelligent switch; the destination intelligent switch is also used to decapsulate the encapsulated packet to obtain the packet, and according to the second tunnel rule, determine the target downlink port of the destination intelligent switch, and forward the packet to the destination via the target downlink port. destination server.

在本实施例的一些可选的实现方式中,源智能交换机,进一步用于:通过源智能交换机中的源交换芯片,将报文经由多个源报文收发单元中的目标源报文收发单元传输至源中央处理器;通过源中央处理器,确定表征源智能交换机和目的智能交换机之间的虚拟通信路径的第一隧道规则。In some optional implementations of this embodiment, the source intelligent switch is further configured to: through the source switching chip in the source intelligent switch, send the message through the target source message sending and receiving unit in the multiple source message sending and receiving units Transmitting to the source central processing unit; by the source central processing unit, determining a first tunnel rule characterizing the virtual communication path between the source intelligent switch and the destination intelligent switch.

在本实施例的一些可选的实现方式中,源智能交换机,进一步用于:通过源中央处理器,基于第一隧道规则所表征的虚拟通信路径,对报文进行封装,得到封装后报文;通过多个源报文收发单元中的目标源报文收发单元,将封装后报文传输至源交换芯片;通过源交换芯片,将封装后报文通过源智能交换机的上联口转发至虚拟网络中的上层交换机,以将封装后报文经由虚拟网络转发至目的智能交换机。In some optional implementations of this embodiment, the source intelligent switch is further configured to: through the source central processing unit, encapsulate the packet based on the virtual communication path represented by the first tunnel rule, and obtain the encapsulated packet ;Transmit the encapsulated packet to the source switching chip through the target source packet transceiver unit in the multiple source packet transceiver units; through the source switching chip, forward the encapsulated packet to the virtual switch through the upstream port of the source intelligent switch The upper-layer switch in the network forwards the encapsulated packet to the destination intelligent switch via the virtual network.

在本实施例的一些可选的实现方式中,目的智能交换机,进一步用于:通过目的智能交换机中的目的交换芯片,将接收到的封装后报文经由多个目的报文收发单元中的目标目的报文收发单元发送至目的中央处理器;通过目的中央处理器对封装后报文进行解封装,得到报文,并根据报文确定表征目的智能交换机和目的服务器之间的虚拟通信路径的第二隧道规则。In some optional implementation manners of this embodiment, the destination intelligent switch is further configured to: pass the received encapsulated message through the destination switching chip in the destination intelligent switch through the destination in the multiple destination message sending and receiving units The destination message transceiver unit is sent to the destination central processing unit; the encapsulated message is decapsulated by the destination central processing unit to obtain the message, and the first number representing the virtual communication path between the destination intelligent switch and the destination server is determined according to the message. Two tunnel rules.

在本实施例的一些可选的实现方式中,目的智能交换机,进一步用于:通过目的智能交换机中的中央处理器,结合报文对应的目的服务器的网络地址和第二隧道规则,标记报文对应的虚拟局域网标识;通过目的交换芯片,根据虚拟局域网标识确定目的智能交换机中的目标下联口;通过目标下联口将报文转发至目标服务器。In some optional implementations of this embodiment, the destination intelligent switch is further configured to: through the central processing unit in the destination intelligent switch, in combination with the network address of the destination server corresponding to the packet and the second tunnel rule, mark the packet The corresponding virtual local area network identifier; through the destination switching chip, the target downlink port in the destination intelligent switch is determined according to the virtual local area network identifier; the message is forwarded to the target server through the target downlink port.

在本实施例的一些可选的实现方式中,智能交换机中包括具有缓存一致性的多个中央处理器,多个中央处理器分别通过多个报文收发单元与交换芯片通信连接。In some optional implementation manners of this embodiment, the intelligent switch includes multiple central processing units with cache coherence, and the multiple central processing units are respectively connected to the switch chip in communication through multiple message sending and receiving units.

本实施例中的各实现方式可以参照上述实施例200、500、600中的各实现方式执行,在此不再赘述。The implementation manners in this embodiment may be implemented with reference to the implementation manners in the foregoingembodiments 200 , 500 , and 600 , and details are not described herein again.

本实施例中,提供了一种网络虚拟化的实现系统,智能交换机中的中央处理器通过多个报文收发单元与交换芯片通信连接,具有较强的数据面处理能力,能够直接将物理服务器接入虚拟网络,提高了物理服务器的网络虚拟化过程的灵活性和便捷性。In this embodiment, a system for realizing network virtualization is provided. The central processing unit in the intelligent switch is connected to the switching chip through a plurality of message sending and receiving units. It has strong data plane processing capability and can directly convert the physical server Accessing the virtual network improves the flexibility and convenience of the network virtualization process of physical servers.

继续参考图8,作为对上述各图所示方法的实现,本公开提供了一种网络虚拟化的实现装置的一个实施例,该装置实施例与图2所示的方法实施例相对应,该装置具体可以应用于各种电子设备中。Continuing to refer to FIG. 8 , as an implementation of the methods shown in the above figures, the present disclosure provides an embodiment of an apparatus for implementing network virtualization. The apparatus embodiment corresponds to the method embodiment shown in FIG. 2 . The device can be specifically applied to various electronic devices.

如图8所示,网络虚拟化的实现装置包括:获取单元801,被配置成获取待从源服务器转发至目的服务器的报文;确定单元802,被配置成通过源服务器对应的源智能交换机和目的服务器对应的目的智能交换机,确定表征虚拟网络中用于转发报文的虚拟通信路径的隧道规则,其中,源智能交换机和目的智能交换机中的中央处理器通过多个报文收发单元与交换芯片通信连接;转发单元803,被配置成通过源智能交换机和目的智能交换机,基于隧道规则,对报文进行数据面处理,并根据数据面处理结果,将报文从源服务器,经由虚拟网络,转发至目的服务器。As shown in FIG. 8 , the device for realizing network virtualization includes: an obtainingunit 801, configured to obtain a packet to be forwarded from a source server to a destination server; a determiningunit 802, configured to obtain a packet through the source intelligent switch corresponding to the source server and the destination server; The destination intelligent switch corresponding to the destination server determines the tunnel rule that characterizes the virtual communication path used to forward the message in the virtual network. communication connection; theforwarding unit 803 is configured to process the data plane of the packet based on the tunnel rules through the source intelligent switch and the destination intelligent switch, and forward the packet from the source server via the virtual network according to the data plane processing result. to the destination server.

在本实施例的一些可选的实现方式中,确定单元802,进一步被配置成:通过源智能交换机,确定表征源智能交换机和目的智能交换机之间的虚拟通信路径的第一隧道规则;通过目的智能交换机,确定表征目的智能交换机和目的服务器之间的虚拟通信路径的第二隧道规则。In some optional implementations of this embodiment, the determiningunit 802 is further configured to: determine, through the source intelligent switch, a first tunnel rule representing a virtual communication path between the source intelligent switch and the destination intelligent switch; The intelligent switch determines a second tunnel rule that characterizes the virtual communication path between the destination intelligent switch and the destination server.

在本实施例的一些可选的实现方式中,转发单元803,进一步被配置成:通过源智能交换机,根据第一隧道规则,对报文进行数据面处理,得到封装后报文,并将封装后报文经由虚拟网络,转发至目的智能交换机;通过目的智能交换机,解封装封装后报文,得到报文,并根据第二隧道规则,确定目的智能交换机的目标下联口,并通过目标下联口将报文转发至目的服务器。In some optional implementations of this embodiment, theforwarding unit 803 is further configured to: through the source intelligent switch, according to the first tunnel rule, perform data plane processing on the packet, obtain the encapsulated packet, and encapsulate the packet. After that, the packet is forwarded to the destination intelligent switch through the virtual network; through the destination intelligent switch, the encapsulated packet is decapsulated to obtain the packet, and the target downlink port of the destination intelligent switch is determined according to the second tunnel rule, and the target downlink port is passed through the destination intelligent switch. Forward the message to the destination server.

本实施例的一些可选的实现方式中,确定单元802,进一步被配置成:通过源智能交换机中的源交换芯片,将报文经由多个源报文收发单元中的目标源报文收发单元传输至源中央处理器;通过源中央处理器,确定表征源智能交换机和目的智能交换机之间的虚拟通信路径的第一隧道规则。In some optional implementations of this embodiment, the determiningunit 802 is further configured to: through the source switching chip in the source intelligent switch, send the message through the target source message sending and receiving unit in the multiple source message sending and receiving units Transmitting to the source central processing unit; by the source central processing unit, determining a first tunnel rule characterizing the virtual communication path between the source intelligent switch and the destination intelligent switch.

本实施例的一些可选的实现方式中,转发单元803,进一步被配置成:通过源中央处理器,基于第一隧道规则所表征的虚拟通信路径,对报文进行封装,得到封装后报文;通过多个源报文收发单元中的目标源报文收发单元,将封装后报文传输至源交换芯片;通过源交换芯片,将封装后报文通过源智能交换机的上联口转发至虚拟网络中的上层交换机,以将封装后报文经由虚拟网络转发至目的智能交换机。In some optional implementations of this embodiment, theforwarding unit 803 is further configured to: through the source central processing unit, based on the virtual communication path represented by the first tunnel rule, encapsulate the packet to obtain the encapsulated packet ;Transmit the encapsulated packet to the source switching chip through the target source packet transceiver unit in the multiple source packet transceiver units; through the source switching chip, forward the encapsulated packet to the virtual switch through the upstream port of the source intelligent switch The upper-layer switch in the network forwards the encapsulated packet to the destination intelligent switch via the virtual network.

本实施例的一些可选的实现方式中,确定单元802,进一步被配置成:通过目的智能交换机中的目的交换芯片,将接收到的封装后报文经由多个目的报文收发单元中的目标目的报文收发单元发送至目的中央处理器;通过目的中央处理器对封装后报文进行解封装,得到报文,并根据报文确定表征目的智能交换机和目的服务器之间的虚拟通信路径的第二隧道规则。In some optional implementations of this embodiment, the determiningunit 802 is further configured to: pass the received encapsulated message through the destination switching chip in the destination intelligent switch through the destination in the multiple destination message sending and receiving units The destination message transceiver unit is sent to the destination central processing unit; the encapsulated message is decapsulated by the destination central processing unit to obtain the message, and the first number representing the virtual communication path between the destination intelligent switch and the destination server is determined according to the message. Two tunnel rules.

本实施例的一些可选的实现方式中,转发单元803,进一步被配置成:通过目的智能交换机中的中央处理器,结合报文对应的目的服务器的网络地址和第二隧道规则,标记报文对应的虚拟局域网标识;通过目的交换芯片,根据虚拟局域网标识确定目的智能交换机中的目标下联口;通过目标下联口将报文转发至目标服务器。In some optional implementations of this embodiment, theforwarding unit 803 is further configured to: through the central processing unit in the destination intelligent switch, in combination with the network address of the destination server corresponding to the packet and the second tunnel rule, mark the packet The corresponding virtual local area network identifier; through the destination switching chip, the target downlink port in the destination intelligent switch is determined according to the virtual local area network identifier; the message is forwarded to the target server through the target downlink port.

本实施例的一些可选的实现方式中,智能交换机中包括具有缓存一致性的多个中央处理器,多个中央处理器分别通过多个报文收发单元与交换芯片通信连接。In some optional implementation manners of this embodiment, the intelligent switch includes multiple central processing units with cache coherence, and the multiple central processing units are respectively connected to the switching chip in communication through multiple message sending and receiving units.

本实施例中,提供了一种网络虚拟化的实现装置,智能交换机中的中央处理器通过多个报文收发单元与交换芯片通信连接,具有较强的数据面处理能力,能够直接将物理服务器接入虚拟网络,提高了物理服务器的网络虚拟化过程的灵活性和便捷性。In this embodiment, a device for realizing network virtualization is provided. The central processing unit in the intelligent switch is connected to the switching chip through a plurality of message sending and receiving units. Accessing the virtual network improves the flexibility and convenience of the network virtualization process of physical servers.

根据本公开的实施例,本公开还提供了一种电子设备,该电子设备包括:至少一个处理器;以及与至少一个处理器通信连接的存储器;其中,存储器存储有可被至少一个处理器执行的指令,该指令被至少一个处理器执行,以使至少一个处理器执行时能够实现上述任意实施例所描述的网络虚拟化的实现方法。According to an embodiment of the present disclosure, the present disclosure also provides an electronic device, the electronic device includes: at least one processor; and a memory communicatively connected to the at least one processor; wherein, the memory stores data executable by the at least one processor. The instruction is executed by at least one processor, so that the implementation method of network virtualization described in any of the foregoing embodiments can be implemented when the at least one processor is executed.

根据本公开的实施例,本公开还提供了一种可读存储介质,该可读存储介质存储有计算机指令,该计算机指令用于使计算机执行时能够实现上述任意实施例所描述的网络虚拟化的实现方法。According to an embodiment of the present disclosure, the present disclosure further provides a readable storage medium, where the readable storage medium stores computer instructions, and the computer instructions are used to enable the computer to implement the network virtualization described in any of the foregoing embodiments when executed. implementation method.

本公开实施例提供了一种计算机程序产品,该计算机程序在被处理器执行时能够实现上述任意实施例所描述的网络虚拟化的实现方法。Embodiments of the present disclosure provide a computer program product, which, when executed by a processor, can implement the method for implementing network virtualization described in any of the foregoing embodiments.

图9示出了可以用来实施本公开的实施例的示例电子设备900的示意性框图。电子设备旨在表示各种形式的数字计算机,诸如,膝上型计算机、台式计算机、工作台、个人数字助理、服务器、刀片式服务器、大型计算机、和其它适合的计算机。电子设备还可以表示各种形式的移动装置,诸如,个人数字处理、蜂窝电话、智能电话、可穿戴设备和其它类似的计算装置。本文所示的部件、它们的连接和关系、以及它们的功能仅仅作为示例,并且不意在限制本文中描述的和/或者要求的本公开的实现。FIG. 9 shows a schematic block diagram of an exampleelectronic device 900 that may be used to implement embodiments of the present disclosure. Electronic devices are intended to represent various forms of digital computers, such as laptops, desktops, workstations, personal digital assistants, servers, blade servers, mainframe computers, and other suitable computers. Electronic devices may also represent various forms of mobile devices, such as personal digital processors, cellular phones, smart phones, wearable devices, and other similar computing devices. The components shown herein, their connections and relationships, and their functions are by way of example only, and are not intended to limit implementations of the disclosure described and/or claimed herein.

如图9所示,设备900包括计算单元901,其可以根据存储在只读存储器(ROM)902中的计算机程序或者从存储单元908加载到随机访问存储器(RAM)903中的计算机程序,来执行各种适当的动作和处理。在RAM 903中,还可存储设备900操作所需的各种程序和数据。计算单元901、ROM 902以及RAM 903通过总线904彼此相连。输入/输出(I/O)接口905也连接至总线904。As shown in FIG. 9 , thedevice 900 includes acomputing unit 901 that can be executed according to a computer program stored in a read only memory (ROM) 902 or a computer program loaded from astorage unit 908 into a random access memory (RAM) 903 Various appropriate actions and handling. In theRAM 903, various programs and data necessary for the operation of thedevice 900 can also be stored. Thecomputing unit 901 , theROM 902 , and theRAM 903 are connected to each other through abus 904 . An input/output (I/O)interface 905 is also connected tobus 904 .

设备900中的多个部件连接至I/O接口905,包括:输入单元906,例如键盘、鼠标等;输出单元907,例如各种类型的显示器、扬声器等;存储单元908,例如磁盘、光盘等;以及通信单元909,例如网卡、调制解调器、无线通信收发机等。通信单元909允许设备900通过诸如因特网的计算机网络和/或各种电信网络与其他设备交换信息/数据。Various components in thedevice 900 are connected to the I/O interface 905, including: aninput unit 906, such as a keyboard, mouse, etc.; anoutput unit 907, such as various types of displays, speakers, etc.; astorage unit 908, such as a magnetic disk, an optical disk, etc. ; and acommunication unit 909, such as a network card, a modem, a wireless communication transceiver, and the like. Thecommunication unit 909 allows thedevice 900 to exchange information/data with other devices through a computer network such as the Internet and/or various telecommunication networks.

计算单元901可以是各种具有处理和计算能力的通用和/或专用处理组件。计算单元901的一些示例包括但不限于中央处理单元(CPU)、图形处理单元(GPU)、各种专用的人工智能(AI)计算芯片、各种运行机器学习模型算法的计算单元、数字信号处理器(DSP)、以及任何适当的处理器、控制器、微控制器等。计算单元901执行上文所描述的各个方法和处理,例如网络虚拟化的实现方法。例如,在一些实施例中,网络虚拟化的实现方法可被实现为计算机软件程序,其被有形地包含于机器可读介质,例如存储单元908。在一些实施例中,计算机程序的部分或者全部可以经由ROM 902和/或通信单元909而被载入和/或安装到设备900上。当计算机程序加载到RAM 903并由计算单元901执行时,可以执行上文描述的网络虚拟化的实现方法的一个或多个步骤。备选地,在其他实施例中,计算单元901可以通过其他任何适当的方式(例如,借助于固件)而被配置为执行网络虚拟化的实现方法。Computing unit 901 may be various general-purpose and/or special-purpose processing components with processing and computing capabilities. Some examples of computingunits 901 include, but are not limited to, central processing units (CPUs), graphics processing units (GPUs), various specialized artificial intelligence (AI) computing chips, various computing units that run machine learning model algorithms, digital signal processing processor (DSP), and any suitable processor, controller, microcontroller, etc. Thecomputing unit 901 performs the various methods and processes described above, such as the implementation method of network virtualization. For example, in some embodiments, the method of implementing network virtualization may be implemented as a computer software program tangibly embodied on a machine-readable medium, such asstorage unit 908 . In some embodiments, part or all of the computer program may be loaded and/or installed ondevice 900 viaROM 902 and/orcommunication unit 909 . When the computer program is loaded into theRAM 903 and executed by thecomputing unit 901, one or more steps of the method for implementing network virtualization described above may be performed. Alternatively, in other embodiments, computingunit 901 may be configured in any other suitable manner (eg, by means of firmware) to perform network virtualization implementations.

本文中以上描述的系统和技术的各种实施方式可以在数字电子电路系统、集成电路系统、场可编程门阵列(FPGA)、专用集成电路(ASIC)、专用标准产品(ASSP)、芯片上系统的系统(SOC)、负载可编程逻辑设备(CPLD)、计算机硬件、固件、软件、和/或它们的组合中实现。这些各种实施方式可以包括:实施在一个或者多个计算机程序中,该一个或者多个计算机程序可在包括至少一个可编程处理器的可编程系统上执行和/或解释,该可编程处理器可以是专用或者通用可编程处理器,可以从存储系统、至少一个输入装置、和至少一个输出装置接收数据和指令,并且将数据和指令传输至该存储系统、该至少一个输入装置、和该至少一个输出装置。Various implementations of the systems and techniques described herein above may be implemented in digital electronic circuitry, integrated circuit systems, field programmable gate arrays (FPGAs), application specific integrated circuits (ASICs), application specific standard products (ASSPs), systems on chips system (SOC), load programmable logic device (CPLD), computer hardware, firmware, software, and/or combinations thereof. These various embodiments may include being implemented in one or more computer programs executable and/or interpretable on a programmable system including at least one programmable processor that The processor, which may be a special purpose or general-purpose programmable processor, may receive data and instructions from a storage system, at least one input device, and at least one output device, and transmit data and instructions to the storage system, the at least one input device, and the at least one output device an output device.

用于实施本公开的方法的程序代码可以采用一个或多个编程语言的任何组合来编写。这些程序代码可以提供给通用计算机、专用计算机或其他可编程数据处理装置的处理器或控制器,使得程序代码当由处理器或控制器执行时使流程图和/或框图中所规定的功能/操作被实施。程序代码可以完全在机器上执行、部分地在机器上执行,作为独立软件包部分地在机器上执行且部分地在远程机器上执行或完全在远程机器或服务器上执行。Program code for implementing the methods of the present disclosure may be written in any combination of one or more programming languages. These program codes may be provided to a processor or controller of a general purpose computer, special purpose computer or other programmable data processing apparatus, such that the program code, when executed by the processor or controller, performs the functions/functions specified in the flowcharts and/or block diagrams. Action is implemented. The program code may execute entirely on the machine, partly on the machine, partly on the machine and partly on a remote machine as a stand-alone software package or entirely on the remote machine or server.

在本公开的上下文中,机器可读介质可以是有形的介质,其可以包含或存储以供指令执行系统、装置或设备使用或与指令执行系统、装置或设备结合地使用的程序。机器可读介质可以是机器可读信号介质或机器可读储存介质。机器可读介质可以包括但不限于电子的、磁性的、光学的、电磁的、红外的、或半导体系统、装置或设备,或者上述内容的任何合适组合。机器可读存储介质的更具体示例会包括基于一个或多个线的电气连接、便携式计算机盘、硬盘、随机存取存储器(RAM)、只读存储器(ROM)、可擦除可编程只读存储器(EPROM或快闪存储器)、光纤、便捷式紧凑盘只读存储器(CD-ROM)、光学储存设备、磁储存设备、或上述内容的任何合适组合。In the context of the present disclosure, a machine-readable medium may be a tangible medium that may contain or store a program for use by or in connection with the instruction execution system, apparatus or device. The machine-readable medium may be a machine-readable signal medium or a machine-readable storage medium. Machine-readable media may include, but are not limited to, electronic, magnetic, optical, electromagnetic, infrared, or semiconductor systems, devices, or devices, or any suitable combination of the foregoing. More specific examples of machine-readable storage media would include one or more wire-based electrical connections, portable computer disks, hard disks, random access memory (RAM), read only memory (ROM), erasable programmable read only memory (EPROM or flash memory), fiber optics, compact disk read only memory (CD-ROM), optical storage, magnetic storage, or any suitable combination of the foregoing.

为了提供与用户的交互,可以在计算机上实施此处描述的系统和技术,该计算机具有:用于向用户显示信息的显示装置(例如,CRT(阴极射线管)或者LCD(液晶显示器)监视器);以及键盘和指向装置(例如,鼠标或者轨迹球),用户可以通过该键盘和该指向装置来将输入提供给计算机。其它种类的装置还可以用于提供与用户的交互;例如,提供给用户的反馈可以是任何形式的传感反馈(例如,视觉反馈、听觉反馈、或者触觉反馈);并且可以用任何形式(包括声输入、语音输入或者、触觉输入)来接收来自用户的输入。To provide interaction with a user, the systems and techniques described herein may be implemented on a computer having a display device (eg, a CRT (cathode ray tube) or LCD (liquid crystal display) monitor) for displaying information to the user ); and a keyboard and pointing device (eg, a mouse or trackball) through which a user can provide input to the computer. Other kinds of devices can also be used to provide interaction with the user; for example, the feedback provided to the user can be any form of sensory feedback (eg, visual feedback, auditory feedback, or tactile feedback); and can be in any form (including acoustic input, voice input, or tactile input) to receive input from the user.

可以将此处描述的系统和技术实施在包括后台部件的计算系统(例如,作为数据服务器)、或者包括中间件部件的计算系统(例如,应用服务器)、或者包括前端部件的计算系统(例如,具有图形用户界面或者网络浏览器的用户计算机,用户可以通过该图形用户界面或者该网络浏览器来与此处描述的系统和技术的实施方式交互)、或者包括这种后台部件、中间件部件、或者前端部件的任何组合的计算系统中。可以通过任何形式或者介质的数字数据通信(例如,通信网络)来将系统的部件相互连接。通信网络的示例包括:局域网(LAN)、广域网(WAN)和互联网。The systems and techniques described herein may be implemented on a computing system that includes back-end components (eg, as a data server), or a computing system that includes middleware components (eg, an application server), or a computing system that includes front-end components (eg, a user computer having a graphical user interface or web browser through which a user may interact with implementations of the systems and techniques described herein), or including such backend components, middleware components, Or any combination of front-end components in a computing system. The components of the system may be interconnected by any form or medium of digital data communication (eg, a communication network). Examples of communication networks include: Local Area Networks (LANs), Wide Area Networks (WANs), and the Internet.

计算机系统可以包括客户端和服务器。客户端和服务器一般远离彼此并且通常通过通信网络进行交互。通过在相应的计算机上运行并且彼此具有客户端-服务器关系的计算机程序来产生客户端和服务器的关系。服务器可以是云服务器,又称为云计算服务器或云主机,是云计算服务体系中的一项主机产品,以解决传统物理主机与虚拟专用服务器(VPS,Virtual Private Server)服务中存在的管理难度大,业务扩展性弱的缺陷;也可以为分布式系统的服务器,或者是结合了区块链的服务器。A computer system can include clients and servers. Clients and servers are generally remote from each other and usually interact through a communication network. The relationship of client and server arises by computer programs running on the respective computers and having a client-server relationship to each other. The server can be a cloud server, also known as a cloud computing server or a cloud host. It is a host product in the cloud computing service system to solve the management difficulties in traditional physical host and virtual private server (VPS, Virtual Private Server) services. The defect is large and weak in business scalability; it can also be a server of a distributed system, or a server combined with blockchain.

根据本公开实施例的技术方案,提供了一种网络虚拟化的实现方法,智能交换机中的中央处理器通过多个报文收发单元与交换芯片通信连接,具有较强的数据面处理能力,能够直接将物理服务器接入虚拟网络,提高了物理服务器的网络虚拟化过程的灵活性和便捷性。According to the technical solutions of the embodiments of the present disclosure, a method for realizing network virtualization is provided. The central processing unit in the intelligent switch is connected to the switching chip through a plurality of message sending and receiving units, and has strong data plane processing capability and can Directly connecting the physical server to the virtual network improves the flexibility and convenience of the network virtualization process of the physical server.

应该理解,可以使用上面所示的各种形式的流程,重新排序、增加或删除步骤。例如,本发公开中记载的各步骤可以并行地执行也可以顺序地执行也可以不同的次序执行,只要能够实现本公开提供的技术方案所期望的结果,本文在此不进行限制。It should be understood that steps may be reordered, added or deleted using the various forms of flow shown above. For example, the steps described in the present disclosure can be executed in parallel, sequentially, or in different orders. As long as the desired results of the technical solutions provided in the present disclosure can be achieved, no limitation is imposed herein.

上述具体实施方式,并不构成对本公开保护范围的限制。本领域技术人员应该明白的是,根据设计要求和其他因素,可以进行各种修改、组合、子组合和替代。任何在本公开的精神和原则之内所作的修改、等同替换和改进等,均应包含在本公开保护范围之内。The above-mentioned specific embodiments do not constitute a limitation on the protection scope of the present disclosure. It should be understood by those skilled in the art that various modifications, combinations, sub-combinations and substitutions may occur depending on design requirements and other factors. Any modifications, equivalent replacements, and improvements made within the spirit and principles of the present disclosure should be included within the protection scope of the present disclosure.

Claims (20)

CN202210727754.1A2022-06-222022-06-22 Implementation method, system, device and program product of network virtualizationPendingCN115189987A (en)

Priority Applications (1)

Application NumberPriority DateFiling DateTitle
CN202210727754.1ACN115189987A (en)2022-06-222022-06-22 Implementation method, system, device and program product of network virtualization

Applications Claiming Priority (1)

Application NumberPriority DateFiling DateTitle
CN202210727754.1ACN115189987A (en)2022-06-222022-06-22 Implementation method, system, device and program product of network virtualization

Publications (1)

Publication NumberPublication Date
CN115189987Atrue CN115189987A (en)2022-10-14

Family

ID=83516349

Family Applications (1)

Application NumberTitlePriority DateFiling Date
CN202210727754.1APendingCN115189987A (en)2022-06-222022-06-22 Implementation method, system, device and program product of network virtualization

Country Status (1)

CountryLink
CN (1)CN115189987A (en)

Cited By (2)

* Cited by examiner, † Cited by third party
Publication numberPriority datePublication dateAssigneeTitle
CN116232987A (en)*2023-01-312023-06-06苏州盛科通信股份有限公司Message forwarding method, device, switch and computer readable storage medium
WO2025073178A1 (en)*2023-10-072025-04-10华为云计算技术有限公司Packet forwarding method and apparatus based on bus network technology, and readable storage medium

Citations (5)

* Cited by examiner, † Cited by third party
Publication numberPriority datePublication dateAssigneeTitle
CN103414626A (en)*2013-08-282013-11-27盛科网络(苏州)有限公司Message processing method and device based on network virtualization
CN108293022A (en)*2015-12-302018-07-17华为技术有限公司 Method, device and system for message transmission
CN108768817A (en)*2018-05-222018-11-06腾讯科技(深圳)有限公司 A virtualized network networking system and data packet sending method
CN114024799A (en)*2022-01-062022-02-08杭州优云科技有限公司Method and device for interconnecting bare metal server and virtualization network
CN114070723A (en)*2020-07-312022-02-18中移(苏州)软件技术有限公司 Virtual network configuration method, system and intelligent network card of bare metal server

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication numberPriority datePublication dateAssigneeTitle
CN103414626A (en)*2013-08-282013-11-27盛科网络(苏州)有限公司Message processing method and device based on network virtualization
CN108293022A (en)*2015-12-302018-07-17华为技术有限公司 Method, device and system for message transmission
CN108768817A (en)*2018-05-222018-11-06腾讯科技(深圳)有限公司 A virtualized network networking system and data packet sending method
CN114070723A (en)*2020-07-312022-02-18中移(苏州)软件技术有限公司 Virtual network configuration method, system and intelligent network card of bare metal server
CN114024799A (en)*2022-01-062022-02-08杭州优云科技有限公司Method and device for interconnecting bare metal server and virtualization network

Non-Patent Citations (2)

* Cited by examiner, † Cited by third party
Title
梁凡: "《云计算中的大数据技术与应用》", 30 June 2018, 吉林大学出版社, pages: 133*
黄风华: "《云计算技术与应用》", 31 March 2020, 东北林业大学出版社, pages: 186*

Cited By (3)

* Cited by examiner, † Cited by third party
Publication numberPriority datePublication dateAssigneeTitle
CN116232987A (en)*2023-01-312023-06-06苏州盛科通信股份有限公司Message forwarding method, device, switch and computer readable storage medium
CN116232987B (en)*2023-01-312024-11-29苏州盛科通信股份有限公司 Message forwarding method, device, switch and computer-readable storage medium
WO2025073178A1 (en)*2023-10-072025-04-10华为云计算技术有限公司Packet forwarding method and apparatus based on bus network technology, and readable storage medium

Similar Documents

PublicationPublication DateTitle
CN110506411B (en)Method and system for providing packet enforcement using logical ports in a virtualized computing environment
US10664301B2 (en)Methods and systems for establishing connections associated with virtual machine migrations
CN106533890B (en) A message processing method, device and system
CN109412922B (en) Method, forwarding device, controller and system for transmitting message
WO2019076047A1 (en)Traffic forwarding method and traffic forwarding apparatus
CN115225634B (en)Data forwarding method, device and computer program product under virtual network
WO2015113410A1 (en)Data packet processing method and apparatus
CN106603550B (en)A kind of Network Isolation method and device
US20150163072A1 (en)Virtual Port Extender
CN115189987A (en) Implementation method, system, device and program product of network virtualization
CN108123819B (en) A Simulation Method for Seamless Integration of Virtual and Real Networks
CN111865810A (en) Congestion information collection method, system, related equipment and computer storage medium
CN112787913B (en)Intelligent network card assembly, physical machine, cloud service system and message sending method
WO2023050667A1 (en)Method and system for implementing bare metal inspection process, device, and storage medium
CN114513485A (en) Method, apparatus, device, system and readable storage medium for obtaining mapping rules
CN113986969B (en) Data processing method, device, electronic device and storage medium
CN118300994B (en) Virtual network management method, device, equipment and storage medium based on cloud phone
CN110417573A (en) A method and system for data transmission
CN118488122A (en) Communication method, device, electronic device, storage medium and program product
CN114826898A (en)Cross-host communication method, device, equipment, system and readable storage medium
CN118118443A (en)Virtual machine access method, device, equipment and storage medium
CN118802410A (en) Communication tunnel creation method, device, equipment and storage medium
CN115134194A (en) Implementation method, system, device and program product of network virtualization
CN115664920A (en)Network communication management method, device, equipment and storage medium of cloud platform
CN116828024A (en)Service connection identification method, device, system and storage medium

Legal Events

DateCodeTitleDescription
PB01Publication
PB01Publication
SE01Entry into force of request for substantive examination
SE01Entry into force of request for substantive examination
[8]ページ先頭
©2009-2025 Movatter.jp