(19)
(11)EP 3 197 107 B1

(12)EUROPEAN PATENT SPECIFICATION

(45)Mention of the grant of the patent:
22.07.2020 Bulletin 2020/30

(21)Application number: 15852122.9

(22)Date of filing:  02.09.2015
(51)International Patent Classification (IPC): 
H04L 12/701(2013.01)
H04L 29/12(2006.01)
(86)International application number:
PCT/CN2015/088892
(87)International publication number:
WO 2016/062169 (28.04.2016 Gazette  2016/17)

(54)

MESSAGE TRANSMISSION METHOD AND APPARATUS

VERFAHREN ZUM SENDEN VON NACHRICHTEN UND VORRICHTUNG

PROCÉDÉ ET APPAREIL D'ÉMISSION DE MESSAGES


(84)Designated Contracting States:
AL AT BE BG CH CY CZ DE DK EE ES FI FR GB GR HR HU IE IS IT LI LT LU LV MC MK MT NL NO PL PT RO RS SE SI SK SM TR

(30)Priority: 22.10.2014 CN 201410568124

(43)Date of publication of application:
26.07.2017 Bulletin 2017/30

(73)Proprietor: Huawei Technologies Co., Ltd.
Longgang District Shenzhen, Guangdong 518129 (CN)

(72)Inventors:
  • ZHANG, Mingui
    Shenzhen Guangdong 518129 (CN)
  • HE, Jianfei
    Shenzhen Guangdong 518129 (CN)
  • CHEN, Guoyi
    Shenzhen Guangdong 518129 (CN)
  • DONG, Jie
    Shenzhen Guangdong 518129 (CN)
  • MIAO, Fuyou
    Shenzhen Guangdong 518129 (CN)

(74)Representative: Pfenning, Meinig & Partner mbB 
Patent- und Rechtsanwälte Theresienhöhe 11a
80339 München
80339 München (DE)


(56)References cited: : 
CN-A- 103 916 317
US-A1- 2013 148 657
US-A1- 2012 201 124
US-A1- 2014 126 422
  
  • BLACK J HUDSON BROCADE L KREEGER CISCO M LASSERRE ALCATEL-LUCENT T NARTEN D: "An Architecture for Overlay Networks (NVO3); draft-ietf-nvo3-arch-01.txt", AN ARCHITECTURE FOR OVERLAY NETWORKS (NVO3); DRAFT-IETF-NVO3-ARCH-01.TXT, INTERNET ENGINEERING TASK FORCE, IETF; STANDARDWORKINGDRAFT, INTERNET SOCIETY (ISOC) 4, RUE DES FALAISES CH- 1205 GENEVA, SWITZERLAND, 14 February 2014 (2014-02-14), pages 1-32, XP015097013, [retrieved on 2014-02-14]
  • NABIL BITAR VERIZON MARC LASSERRE FLORIN BALUS ALCATEL-LUCENT THOMAS MORIN FRANCE TELECOM ORANGE LIZHONG JIN BHUMIP KHASNABISH: "NVO3 Data Plane Requirements; draft-ietf-nvo3-dataplane-requirements-03. txt", NVO3 DATA PLANE REQUIREMENTS; DRAFT-IETF-NVO3-DATAPLANE-REQUIREMENTS-03. TXT, INTERNET ENGINEERING TASK FORCE, IETF; STANDARDWORKINGDRAFT, INTERNET SOCIETY (ISOC) 4, RUE DES FALAISES CH- 1205 GENEVA, SWITZERLAND, 15 April 2014 (2014-04-15), pages 1-19, XP015098687, [retrieved on 2014-04-15]
  
Note: Within nine months from the publication of the mention of the grant of the European patent, any person may give notice to the European Patent Office of opposition to the European patent granted. Notice of opposition shall be filed in a written reasoned statement. It shall not be deemed to have been filed until the opposition fee has been paid. (Art. 99(1) European Patent Convention).


Description

TECHNICAL FIELD



[0001] The present invention relates to the field of communications technologies, and in particular, to a packet transmission method and apparatus.

BACKGROUND



[0002] An overlay network (English: overlay network) technology is a virtualization technology in which network overlay is performed based on an existing network architecture. For example, an overlay network may be overlaid on an IP network to form Network Virtualization over Layer 3 (NVo3). Specifically, the overlay network may be a centralized network, such as a virtual extensible local area network (English: Virtual Extensible Local Area Network, VXLAN for short) and Network Virtualization using Generic Routing Encapsulation (NVGRE).

[0003] A link aggregation (English: link aggregation) technology may improve bandwidth and robustness of data transmission. The link aggregation technology aggregates two or more network connections into a logical link with higher bandwidth.

[0004] To further improve network performance, the overlay network technology and the link aggregation technology may be combined, and a problem accompanying this combination is how to properly transmit a packet in a network combining the two technologies.

[0005] Document D1 "An Architecture for Overlay Networks (NVO3) draft-ietf-nvo3-arch-01" presents a high-level overview architecture for building overlay networks in NVO3. The architecture is given at a high-level, showing the major components of an overall system. An important goal is to divide the space into individual smaller components that can be implemented independently and with clear interfaces and interactions with other components. It should be possible to build and implement individual components in isolation and have them work with other components with no changes to other components. That way implementer have flexibility in implementing individual components and can optimize and innovate within their respective components without requiring changes to other components.

SUMMARY



[0006] According to a packet transmission method per claim 1 and apparatus per claim 7 and preferred embodiments of the invention in the dependent claims, a solution for implementing packet transmission in a network that combines an overlay network technology and a link aggregation technology is provided.

[0007] According to the packet transmission method and apparatus in the embodiments of the present invention, when active-active access configuration is performed, an active-active access configuration information list may be delivered to each NVE device in an NVo3 network, and when a first NVE device needs to send a packet, the first NVE device may obtain a VNI according to a stored active-active access configuration information list, and find a second NVE device according to the VNI, and further properly forwards the packet to the second NVE device after encapsulating the packet. Correspondingly, when the first NVE device needs to receive a packet, the first NVE device performs decapsulation processing on the received packet to restore a destination address included in the packet, and further forwards the packet to a VM corresponding to the destination address. After such a process, correct transmission of a packet is implemented.

BRIEF DESCRIPTION OF DRAWINGS



[0008] To describe the technical solutions in the embodiments of the present invention more clearly, the following briefly describes the accompanying drawings required for describing the embodiments. Apparently, the accompanying drawings in the following description show merely some embodiments of the present invention, and a person of ordinary skill in the art may still derive other drawings from these accompanying drawings.

FIG. 1 is a schematic diagram of an NVo3 network according to an embodiment of the present invention;

FIG. 2 is a schematic diagram of a tree-like structure of an active-active access configuration information list according to an embodiment of the present invention;

FIG. 3 is a flowchart of Embodiment 1 of a packet transmission method according to an embodiment of the present invention;

FIG. 4 is a flowchart of Embodiment 2 of a packet transmission method according to an embodiment of the present invention;

FIG. 5 is a flowchart of Embodiment 3 of a packet transmission method according to an embodiment of the present invention;

FIG. 6 is a schematic diagram of a packet transmission apparatus according to an embodiment of the present invention; and

FIG. 7 is a schematic diagram of a packet transmission device according to an embodiment of the present invention.


DESCRIPTION OF EMBODIMENTS



[0009] To enable a person skilled in the art to better understand the solutions in the present invention, the following describes embodiments of the present invention in more detail with reference to accompanying drawings and implementation manners.

[0010] Before the technical solutions in the embodiments of the present invention are described, specific application scenarios in the embodiments of the present invention are illustrated.

[0011] To resolve a conflict between a service requirement and a processing capability of a network, an overlay network may be established on the basis of a traditional network to improve the processing capability of the network. For example, an overlay network may be established on the basis of a traditional IP network to form an NVo3 network. In comparison with a processing capability of the traditional IP network, data packet transmission at an overlay network layer is added to the NVo3 network, that is, a data packet format supported by the network is added to improve the processing capability of the network. In addition, the NVo3 network further provides a large quantity of Network Virtualization Edge (NVE) devices that may be used by a tenant (tenant), that is, a quantity of access nodes of the network is increased to improve the processing capability of the network. Currently, the overlay network of the NVo3 may be presented as a centralized and virtualized network such as a VXLAN or an NVGRE established on the basis of the IP network. For example, an NVE device in the embodiments of the present invention may be a network entity that is located on a network edge and that may implement a layer 2 and/or layer 3 virtual network function. For details, refer to description in the Request for Comments (RFC) 7365, which is not described herein.

[0012] To further optimize the NVo3 network and improve data transmission performance of the NVo3 network, in a research and development process, the inventor finds that an active-active access technology may be used to implement active-active access of a virtual machine (VM) to an NVE device of the NVo3 network, so as to improve bandwidth and robustness of data transmission in the NVo3 network. For this purpose, the embodiments of the present invention are put forward. The following separately illustrates an active-active access configuration manner and a data transmission manner after completion of configuration that are involved in a process of active-active access to the NVo3 network.

[0013] Referring to a schematic diagram of a network shown in FIG. 1, an NVE device 1, an NVE device 2, an NVE device 3, an NVE device 4, and an NVE device 5 are all edge devices of an NVo3 network; a VM 1, a VM 2, and a VM 3 are virtual machines obtained by a physical server server 1 by performing operating system-level virtualization; and a VM 4 is a virtual machine obtained by a physical server server 2 by performing operating system-level virtualization. The server 1 and server 2 are servers in a data center (DC). The server 1 may be connected to the NVo3 network by using a local area network (LAN) device LAN 10, and the server 2 may be connected to the NVo3 network by using a LAN 20. The LAN 10 and the LAN 20 may be physical devices, or may be virtual devices. Optionally, the local area network device may be a switch, or may be a router.

[0014] For example, link aggregation is performed on a link between the NVE device 1 and the LAN 10, a link between the NVE device 2 and the LAN 10, and a link between the NVE device 3 and the LAN 10. For example, link bundling is performed on the foregoing three links by using a Multi-Chassis Link Aggregation Group (MC-LAG) technology, and the NVE device 1, the NVE device 2, and the NVE device 3 belong to one active-active-edge device group (active-active-edge device group). The active-active-edge device group is a first active-active group, and the NVE device 1, the NVE device 2, and the NVE device 3 are all active-active members of the first active-active group. Likewise, active-active members of a second active-active group that is formed based on a link aggregation technology may be the NVE device 4 and the NVE device 5.

[0015] Active-active access may be understood as follows: in a packet transmission process, a VM may be connected to any one of multiple active-active members included in an active-active group, so as to send or receive a packet. For example, when the VM 1 provided by the server 1 needs to be connected to the NVo3 network, the VM 1 may be connected to any one of the NVE device 1, the NVE device 2, and the NVE device 3.

[0016] In addition, with reference to an actual application requirement, a tenant may classify the VM 1, the VM 2, and the VM 3 into a first user group, and assign an identifier VLAN 10 of a virtual local area network (VLAN) of the LAN 10 to the first user group, that is, the VM 1, the VM 2, and the VM 3 may send a data packet to the LAN 10 by using the VLAN 10 of the LAN 10, and the LAN 10 may also forward the data packet to an NVE device by using the VLAN 10. Likewise, the tenant may further classify the VM 4 into a second user group, and assign the VLAN 10 of the LAN 20 to the second user group.

[0017] In actual application, the first user group may be connected in an active-active manner to the first active-active group, and the second user group may be connected in an active-active manner to the second active-active group. The following illustrates an active-active configuration manner in the embodiments of the present invention by using an example in which the first user group may be connected in an active-active manner to the first active-active group.

[0018] (1) An active-active access configuration information list is generated, and the list stores configuration information of each NVE device in the NVo3 network.

[0019] When the NVE device serves as a data sender, configuration information may include at least: an identifier of an active-active group, a Virtual Network Instance (VNI), and identifiers of at least two NVE devices that belong to the active-active group. When the NVE device serves as a data receiver, the configuration information may include at least: an identifier of an active-active group, a VNI, identifiers of at least two NVE devices that belong to the active-active group, and an address of a VM. Certainly, the NVE devices in the network may not be differentiated in the embodiments of the present invention, that is, whether the NVE device is a data sender or a data receiver, the configuration information of the NVE device may be presented as: the identifier of the active-active group, the VNI, the identifiers of the at least two NVE devices that belong to the active-active group, and the address of the VM. As a possible implementation manner, a correspondence between the foregoing configuration information may be established, that is, the active-active access configuration information list stores the configuration information of each NVE device in an entry format.

[0020] For example, from a perspective of the NVE device, the VNI in the embodiments of the present invention may be a specific instance of an overlay. For details, refer to description in the RFC7365 standard, which is not described herein.

[0021] For example, an identifier of the VM may be presented as a name of the VM and/or the address of the VM, where the address of the VM may be a MAC address of the VM or an IP address of the VM.

[0022] For example, an identifier of the NVE device may be presented as a name of the NVE device and/or an address of the NVE device, where the address of the NVE device may be an IP address of the NVE device. For example, the IP address may be an IPv4 address or an IPv6 address.

[0023] For example, the identifier of the active-active group may be a number of the active-active group, for example, the first active-active group may be represented by a number 1, and the second active-active group may be represented by a number 2. Alternatively, considering that a VM in the user group is connected to the NVE device by using a configured LAN, the identifier of the active-active group may further be a LAN identifier used when the VM is connected to this active-active group, for example, the first active-active group may be represented by a LAN 10, and the second active-active group may be represented by a LAN 20.

[0024] For example, the VNI is mainly used for the NVE device to identify an active-active group having a data transmission requirement, and the VNI may be presented as a preset number such as a VNI 100. Optionally, identifying an active-active group having a data transmission requirement may be presented as: if the virtual network instance in the configuration information of the NVE device 1 is a VNI 100, the virtual network instance in the configuration information of the NVE device 4 is also a VNI 100. In this case, it may be determined that data transmission may be performed between the first active-active group to which the NVE device 1 belongs and the second active-active group to which the NVE device 4 belongs.

[0025] It should be noted that no specific limitation is imposed on a specific representation form of the identifiers of the NVE devices, the VNI, and the identifiers of the active-active groups in the embodiments of the present invention. In addition, a function of the VNI is not described in detail herein. For details, refer to the following illustration of an example shown in FIG. 3.

[0026] With reference to the foregoing description, the schematic diagram of the network shown in FIG. 1 is used as an example, and the active-active access configuration information list may include at least entries corresponding to the NVE device 1, the NVE device 2, the NVE device 3, the NVE device 4, and the NVE device 5. For example, an entry corresponding to each NVE device may be presented as follows:

[0027] The entry corresponding to the NVE device 1 may include: the LAN 10, the VNI 100, the IP address of the NVE device 1, and MAC addresses of the VM 1 to the VM 3.

[0028] The entry corresponding to the NVE device 2 may include: the LAN 10, the VNI 100, the IP address of the NVE device 2, and the MAC addresses of the VM 1 to the VM 3.

[0029] The entry corresponding to the NVE device 3 may include: the LAN 10, the VNI 100, the IP address of the NVE device 3, and the MAC addresses of the VM 1 to the VM 3.

[0030] The entry corresponding to the NVE device 4 may include: the LAN 20, the VNI 100, the IP address of the NVE device 4, and a MAC address of the VM 4.

[0031] The entry corresponding to the NVE device 5 may include: the LAN 20, the VNI 100, the IP address of the NVE device 5, and the MAC address of the VM 4.

[0032] Optionally, no specific limitation is imposed on a manner of generating the active-active access configuration information list in the embodiments of the present invention. As an example, the active-active access information configuration list may be described in a Yet Another Next Generation (YANG) language. Correspondingly, the configuration information in the foregoing entries may be presented as a tree-like structure shown in FIG. 2. In the figure, a hierarchical relationship between a root node and subnodes in the tree-like structure is represented by different indentation depths. It may be learned from the figure that the identifier of the active-active group is the root node, and a list of the VM, a list of the NVE device, and the VNI are the subnodes. The list of the VM includes an address of a VM that can be connected in an active-active manner to this active-active group, and the list of the NVE device includes identifiers of active-active members included in this active-active group. Optionally, to perform split horizon and port load balancing inside the NVE device, the list of the NVE device may further include an interface number.

[0033] (2) The foregoing generated active-active access configuration information list is sent to each NVE device in the NVo3 network.

[0034] As a possible implementation manner, the foregoing active-active access configuration information list may be generated by any device in the NVo3 network and sent, in a broadcast manner, to each NVE device. Alternatively, considering that the overlay in the embodiments of the present invention is a centralized and virtualized network, after the device generates the active-active access configuration information list, the list may be sent to a controller (controller) in a centralized network, and then the controller pushes the list to each NVE device in a broadcast manner. Furthermore, to maximize efficiency of performing active-active configuration in the embodiments of the present invention, the controller may further generate an active-active access configuration information list and deliver the active-active access configuration information list to each NVE device. No specific limitation is imposed on processes and manners of generating and delivering the list in the embodiments of the present invention, provided that each NVE device in the NVo3 network stores an active-active access configuration information list.

[0035] Correspondingly, the NVE device receiving the list may obtain at least the following information by using identifiers of the active-active groups in the list, so as to complete an active-active access configuration process:
  1. (a) Determine whether this NVE device is an active-active device or a single-active device. If no other NVE device having a same active-active group identifier as this NVE device exists in the list, this NVE device is a single-active device; if another NVE device having a same active-active group identifier as this NVE device exists in the list, this NVE device is an active-active device.
    It should be noted that the single-active device is a concept relative to the active-active device, which may be understood as follows: link bundling is not performed on another link and a link connected between a single-active NVE device and a switch, that is, the VM can be connected only to the single-active NVE device by using the switch.
  2. (b) Determine an active-active group. NVE devices having a same active-active group identifier may be determined as an active-active group, and in this case, the NVE devices may learn active-active groups that exist in the network and active-active members included in each active-active group.


[0036] In actual application, the single-active device may also be considered as an active-active group, but the active-active group includes only one NVE device, and no specific limitation is imposed on this in the embodiments of the present invention.

[0037] It may be learned from the foregoing active-active access configuration process that, in the embodiments of the present invention, when active-active access configuration is performed, control signaling interaction is not required between the NVE devices, which may reduce consumption of network resources in the configuration process, and implement active-active access configuration simply and quickly.

[0038] The packet transmission solution provided in the embodiments of the present invention is mainly applied to a scenario in which there is a packet transmission requirement between virtual machines provided by different servers. For interaction between virtual machines provided by a same server, a packet may be forwarded by a forwarding device, for example, a data packet exchanged between the VM 1 and the VM 2 may be forwarded by using the LAN 10. The following illustrates a packet transmission method in the embodiments of the present invention with reference to a specific example.

[0039] Refer to FIG. 3. FIG. 3 shows a flowchart of Embodiment 1 of a packet transmission method according to an embodiment of the present invention, where the method may include:
101. A first NVE device receives a first packet, where the first packet includes a first source address and a first destination address, the first source address is an address of a first virtual machine, and the first destination address is an address of a second virtual machine, where the first virtual machine is virtualized by a first physical server and the second virtual machine is virtualized by a second physical server.

[0040] Embodiment 1 shows an implementation manner in which the NVE device sends a packet, and the following uses a scenario in which the VM 1 sends a packet to the VM 4 in FIG. 1 as an example to illustrate a packet sending process of the NVE device in this embodiment of the present invention. In this example, a forwarding device may be presented as a switch.

[0041] When there is a data transmission requirement, the VM 1 may send a first packet to the LAN 10 by using a preconfigured VLAN 10. The first packet includes a first source address, a first destination address, and first load, where the first source address may be an address of the VM 1 and the first destination address may be an address of the VM 4. The switch stores a correspondence between a LAN and an NVE device, and aggregation information of a link connected between the LAN and the NVE device. Therefore, after the LAN 10 receives the first packet sent by using the VLAN 10, the LAN 10 may select an NVE device from the first active-active group, and forward, by using the VLAN 10, the first packet to the selected NVE device. For example, the LAN 10 may select an NVE device from the first active-active group by using a load balancing technology and according to current load statuses of the NVE device 1 to the NVE device 3.

[0042] For example, the NVE device selected by the LAN 10 is the NVE device 1, that is, the foregoing first NVE device is the NVE device 1, and Embodiment 1 shows a processing procedure of packet sending by the NVE device 1.

[0043] 102. The first NVE device obtains an active-active access configuration information list, where the active-active access configuration information list includes a first entry and a second entry, where the first entry includes an identifier of a first active-active group, a virtual network instance, and an identifier of the first NVE device, and the second entry includes an identifier of a second active-active group, the virtual network instance, and identifiers of at least two NVE devices that belong to the second active-active group.

[0044] 103. The first NVE device obtains the virtual network instance according to the first entry and the identifier of the first NVE device.

[0045] 104. The first NVE device searches for at least one active-active group corresponding to the virtual network instance, where the at least one active-active group includes the second active-active group; and selects a second NVE device from the at least two NVE devices belonging to the second active-active group.

[0046] 105. The first NVE device encapsulates the first packet by using an identifier of the second NVE device and the virtual network instance, and sending the encapsulated first packet to the second NVE device.

[0047] After receiving the first packet forwarded by the LAN 10, the NVE device 1 may obtain an active-active access configuration information list locally stored in the NVE device 1, and perform the following processing:
  1. (1) The NVE device 1 reads an entry corresponding to the NVE device 1 in the list, and obtains a virtual network instance VNI 100 corresponding to the identifier of the NVE device 1.
  2. (2) As a presentation of a function of the virtual network instance, the NVE device 1 may traverse entries in the list to search for at least one active-active group corresponding to the VNI 100, and select a second NVE device from a second active-active group included in the at least one active-active group. For example, the selected second NVE device is the NVE device 4.
    For example, the second NVE device meets at least the following conditions: the second NVE device and the first NVE device belong to different active-active groups, and a virtual machine corresponding to the first destination address may be connected to the second NVE device. A manner of searching for the second NVE device in this embodiment of the present invention is not described in detail herein. For details, refer to three scenarios described below.
    It should be noted that, it may be learned from the configuration information included in the entries that the VNI corresponds to the identifier of the active-active group, and the identifier of the active-active group uniquely corresponds to one active-active group, that is, there is a correspondence between the VNI and the active-active group.
  3. (3) The NVE device 1 encapsulates the first packet by using the VNI 100 and the address of the NVE device 4, and sends the encapsulated first packet to the second NVE device, and the encapsulated first packet includes the VNI 100, the address of the NVE device 4, the address of the VM 1, the address of the VM 4, and the first load.


[0048] In comparison with a solution in the prior art that a tenant is isolated by using a VLAN, in this embodiment of the present invention, the first packet is encapsulated by using the VNI, and the tenant may be isolated in a manner of combining the VLAN with the VNI, so as to increase a quantity of tenants that may be isolated in the NVo3 network. This is another presentation of the function of the virtual network instance in this embodiment of the present invention.

[0049] With reference to actual application, there may be three scenarios of a process of selecting the second NVE device in this embodiment of the present invention:
Scenario 1: the first destination address exists in the list stored by the NVE device 1.

[0050] In this case, the NVE device 1 may find the second active-active group by using the VNI 100 and the address of the VM 4, and the second active-active group includes the NVE device 4 and the NVE device 5. The NVE device 1 may select an NVE device from the NVE device 4 and the NVE device 5 as a second NVE device, for example, the NVE device 1 selects the NVE device 4 as the second NVE device. For example, the NVE device 1 may randomly select the second NVE device from the NVE device 4 and the NVE device 5, or the NVE device 1 may select the second NVE device from the NVE device 4 and the NVE device 5 by using the load balancing technology. No specific limitation is imposed on a manner of selecting the second NVE device by the NVE device 1 in this embodiment of the present invention.

[0051] In this scenario, regardless of whether the first active-active group exchanges data with only one active-active group, the second active-active group may be accurately found, and the second NVE device may be selected form the second active-active group.

[0052] Scenario 2: the first destination address does not exist in the list stored by the NVE device 1, and the first active-active group can exchange data with only one active-active group.

[0053] In this case, the NVE device 1 may find the first active-active group and the second active-active group by using the VNI 100. The first active-active group includes the NVE device 1, the NVE device 2, and the NVE device 3, and the second active-active group includes the NVE device 4 and the NVE device 5. To avoid occurrence of routing loop, the NVE device 1 may screen out the first active-active group and reserve the second active-active group. Likewise, the NVE device 1 may select the second NVE device from the second active-active group.

[0054] Scenario 3: the first destination address does not exist in the list stored by the NVE device 1, and the first active-active group exchanges data with more than one active-active group.

[0055] For example, on the basis of the schematic diagram shown in FIG. 1, an NVE device 6 also exists in the NVo3 network, and if an entry corresponding to the NVE device 6 includes a LAN 30, the VNI 100, and an IP address of the NVE device 6, the NVE device 1 may find the first active-active group, the second active-active group, and a third active-active group by using the VNI 100. To avoid occurrence of routing loop, the NVE device 1 may screen out the first active-active group and reserve the second active-active group and the third active-active group. In this case, temporarily, the NVE device 1 cannot select an NVE device to which the VM 4 is connected, but it may be determined that the VM 4 can be connected to at least one of the second active-active group and the third active-active group, that is, the reserved two active-active groups include the second NVE device.

[0056] It may be understood that the first destination address exists in the list stored by the NVE device 1, that is, the entry corresponding to the NVE device 4 and the entry corresponding to the NVE device 5 in the list include the address of the VM 4. It should be noted that the address of the VM 4 may exist in the list when the list is generated, that is, the NVE device 1 locally stores the address of the VM 4 in a static configuration manner. Alternatively, the address of the VM 4 may be stored in the list by the NVE device 1 after dynamic learning, for example, the NVE device 1 may obtain, by using an Address Resolution Protocol (ARP) frame, a Reverse Address Resolution Protocol (RARP) frame, and a data frame, an address of a VM 4 that can be connected to the NVE device 4 and the NVE device 5. No specific limitation is imposed on a manner of obtaining the address of the VM 4 by the NVE device 1, and a manner of dynamic learning by the NVE device 1 in this embodiment of the present invention.

[0057] For the foregoing three scenarios in which the second NVE device is searched for, this embodiment of the present invention provides the following two manners of sending the encapsulated first packet.

[0058] Manner 1: If the NVE device 1 obtains the NVE device 4 in the scenario 1 or the scenario 2, that is, the NVE device 1 can determine an NVE device to which the VM 4 can be connected, the NVE device 1 may send the encapsulated first packet to the NVE device 4. Correspondingly, in this manner, an identifier that is of the second NVE device and that is used to encapsulate the first packet may be an IP address of the NVE device 4.

[0059] Manner 2: If the NVE device 1 obtains at least two active-active groups in the scenario 3, that is, the NVE device 1 cannot determine the NVE device to which the VM 4 can be connected, the NVE device 1 may send the encapsulated first packet to NVE devices belonging to the at least two active-active groups. Specifically, the NVE device 1 may send, by using a multicast technology, the encapsulated first packet to the NVE devices belonging to the at least two active-active groups, and correspondingly, in this manner, the identifier that is of the second NVE device and that is used to encapsulate the first packet may be an IP address of a multicast group. Alternatively, the NVE device 1 may send the encapsulated first packet to each of the NVE devices belonging to the at least two active-active groups, and correspondingly, in this manner, the identifier that is of the second NVE device and that is used to encapsulate the first packet may be an IP address of a corresponding NVE device. For example, the multicast group may include all NVE devices having the VNI 100, for example, the multicast group includes the NVE device 1, the NVE device 2, the NVE device 3, the NVE device 4, the NVE device 5, and the NVE device 6; or the multicast group may include all NVE devices that are reserved by the NVE device 1 and that have the VNI 100, for example, the multicast group includes the NVE device 4, the NVE device 5, and the NVE device 6. No specific limitation is imposed on multicast members included in the multicast group in this embodiment of the present invention.

[0060] In conclusion, a process of data exchange between virtual machines provided by two servers in an NVo3 network is implemented by using the solution provided in this embodiment of the present invention, particularly an implementation solution for packet sending involved in the exchange process.

[0061] Refer to FIG. 4. FIG. 4 shows a flowchart of Embodiment 2 of a packet transmission method according to an embodiment of the present invention, where the method may include:
201. A first NVE device receives a second packet sent by a fourth NVE device, where the second packet includes an identifier of the first NVE device, a virtual network instance, a second source address, and a second destination address, where the second source address is an address of a third virtual machine, the second destination address is an address of a first virtual machine, and the third virtual machine is virtualized by a third physical server.

[0062] The first NVE device may not only send a packet to the second NVE device according to the process shown in FIG. 3, but also receive a packet sent by the fourth NVE device, and properly forward the received packet to a corresponding virtual machine. Embodiment 2 shows an implementation manner of receiving a packet by the NVE device.

[0063] For example, according to an actual communication requirement, the fourth NVE device may be the second NVE device in the embodiment shown in FIG. 3; or the fourth NVE device may be another NVE device except the second NVE device, and no specific limitation is imposed on this in this embodiment of the present invention. The following uses an example in which the VM 1 receives the packet sent by the VM 4 in FIG. 1 to illustrate a process of receiving the packet by the NVE device in this embodiment of the present invention. For example, the first NVE device may be the NVE device 1, the fourth NVE device may be the NVE device 4, the first virtual machine may be the VM 1, and the third virtual machine may be the VM 4.

[0064] When there is a data transmission requirement, the VM 4 may send a packet to the LAN 20 by using the preconfigured VLAN 10, and further forward the packet to the NVE device 4 by using the LAN 20. The NVE device 4 may encapsulate the packet according to the solution shown in FIG. 3 to generate a second packet. The second packet includes the VNI 100, the address of the NVE device 1, the address of VM 4, the address of the VM 1, and second load. In addition, the NVE device 4 may further find the NVE device 1 to the NVE device 3, and the NVE device 6 by using the VNI 100 and according to the locally stored active-active access configuration information list (the address of the VM 1 does not exist in the list), and learn, according to the LAN, that the NVE device 1 to the NVE device 3, and the NVE device 6 do not belong to a same active-active group. Temporarily, the NVE device 4 cannot determine an NVE device to which the VM 1 is connected. Therefore, as an example, the NVE device 4 may send the second packet to the NVE device 1 to the NVE device 3, and the NVE device 6 by using the multicast technology, and correspondingly, the address of the NVE device 1 may be presented as an address of a multicast group to which the NVE device 1 belongs. This step is that the NVE device 1 receives the second packet that is sent by the NVE device 4 by using the multicast technology.

[0065] 202. The first NVE device decapsulates the second packet to obtain a decapsulated second packet, where the decapsulated second packet includes the second source address and the second destination address.

[0066] 203. The first NVE device determines whether the second destination address is the address of the first virtual machine in a first entry.

[0067] 204. If the second destination address is the address of the first virtual machine in the first entry, the first NVE device sends the decapsulated second packet according to the second destination address.

[0068] After receiving the second packet forwarded by the NVE device 4, the NVE device 1 may determine, according to the identifier of the first NVE device included in the second packet, whether the second packet is a packet that is sent to the NVE device 1. If the identifier of the first NVE device is the address of the NVE device 1, it may be determined that the NVE device 1 is an authorized receiver of the second packet, and the NVE device 1 may perform subsequent processing on the second packet according to the solution in this embodiment of the present invention. If the identifier of the first NVE device is not the address of the NVE device 1, it may be determined that the NVE device 1 is not an authorized receiver of the second packet, and the NVE device 1 may discard the second packet, and no specific limitation is imposed on this in this embodiment of the present invention.

[0069] If the NVE device 1 determines that the NVE device 1 is the authorized receiver of the second packet, the NVE device 1 may perform the following subsequent processing on the second packet according to the solution in this embodiment of the present invention:
  1. (1) To implement packet transmission from the NVE device 1 to the VM 1, the NVE device 1 may perform decapsulation processing on the second packet, and remove a VNI 100 and an address of the multicast group that are encapsulated by the NVE device 4, so as to obtain the decapsulated second packet. The decapsulated second packet includes the address of the VM 4, the address of the VM 1, and third load.
  2. (2) The NVE device 1 reads the entry corresponding to the NVE device 1 in the locally stored list, and determines whether the VM 1 can be connected to the NVE device 1. If the VM 1 can be connected to the NVE device 1, the NVE device 1 may send the decapsulated second packet to the VM 1 by using the LAN 10, so as to complete receiving and forwarding of the second packet. For example, a manner of determining whether the VM 1 can be connected to the NVE device 1 is determining whether the list of the VM in the entry corresponding to the NVE device 1 includes the address of the VM 1. If the list includes the address of the VM 1, it indicates that the VM 1 can be connected to the NVE device 1. If the list does not include the address of the VM 1, it indicates that the VM 1 cannot be connected to the NVE device 1. Optionally, no specific limitation is imposed on a processing procedure in a scenario in which the VM 1 cannot be connected to the NVE device 1 in this embodiment of the present invention. As an example, when determining that the VM 1 cannot be connected to the NVE device 1, the NVE device 1 may discard the second packet.


[0070] Optionally, to prevent multiple active-active members that belong to one active-active group from repeatedly sending the decapsulated second packet to the first virtual machine, the active-active members may further store priority information. If the fourth NVE device sends, by using the multicast technology, a second packet to the at least two NVE devices belonging to the second active-active group and at least two NVE devices belonging to the third active-active group, after receiving the second packet, the first NVE device may first determine, according to the priority information, whether the first NVE device has a highest priority in the active-active group to which the first NVE device belongs. If the first NVE device has a highest priority, the first NVE device may perform decapsulation processing on the second packet, and send the decapsulated second packet to the first virtual machine. If the first NVE device does not have a highest priority, the first NVE device may discard the second packet, and no specific limitation is imposed on this in this embodiment of the present invention.

[0071] In conclusion, a process of data exchange between virtual machines provided by two servers in an NVo3 network is implemented by using the solution provided in this embodiment of the present invention, particularly an implementation solution for packet receiving involved in the exchange process.

[0072] Refer to FIG. 5. FIG. 5 shows a flowchart of Embodiment 3 of a packet transmission method according to an embodiment of the present invention, where the method may include:

[0073] 301. A first NVE device receives a third packet sent by a fifth NVE device, where the third packet includes an identifier of the first NVE device, a virtual network instance, a third source address, and a third destination address, where the third source address is an address of a fourth virtual machine, the third destination address is an address of a first virtual machine, and the fourth virtual machine is obtained by means of virtualization by a fourth physical server.

[0074] The first NVE device may not only send a packet to the second NVE device according to the process shown in FIG. 3, but also receive a packet sent by the fifth NVE device, and properly forward the received packet to a corresponding virtual machine. Embodiment 3 shows an implementation manner of receiving a packet by the NVE device.

[0075] For example, according to an actual communication requirement, the fifth NVE device may be the second NVE device in the embodiment shown in FIG. 3; or the fifth NVE device may be another NVE device except the second NVE device, and no specific limitation is imposed on this in this embodiment of the present invention. The following uses an example in which the VM 1 receives the packet sent by the VM 4 in FIG. 1 to illustrate a process of receiving the packet by the NVE device in this embodiment of the present invention. For example, the first NVE device may be the NVE device 1, the fifth NVE device may be the NVE device 4, the first virtual machine may be the VM 1, and the fourth virtual machine may be the VM 4.

[0076] When there is a data transmission requirement, the VM 4 may send a packet to the LAN 20 by using the preconfigured VLAN 10, and further forward the packet to the NVE device 4 by using the LAN 20. The NVE device 4 may encapsulate the packet according to the solution shown in FIG. 3 to generate a third packet. The third packet includes the VNI 100, the address of the NVE device 1, the address of VM 4, the address of the VM 1, and the third load. In addition, the NVE device 4 may further find the NVE device 1 to the NVE device 3 by using the VNI 100 and the address of the VM 1, and according to the locally stored active-active access configuration information list (the address of the VM 1 exists in the list), and learn, according to the LAN 10, that the NVE device 1 to the NVE device 3 belong to a same active-active group. Therefore, the NVE device 4 may select the NVE device 1 by using a load balancing technology, and route the third packet to the NVE device 1 by using a unicast technology. This step is that the NVE device 1 receives the third packet that is sent by the NVE device 4 by using the unicast technology.

[0077] 302. The first NVE device decapsulates the third packet to obtain a decapsulated third packet, where the decapsulated third packet includes the third source address and the third destination address.

[0078] 303. The first NVE device sends the decapsulated third packet according to the third destination address.

[0079] After receiving the third packet forwarded by the NVE device 4, the NVE device 1 may determine, according to the identifier of the first NVE device included in the third packet, whether the NVE device 1 is an authorized receiver of the third packet. For a specific determining manner, refer to the description in FIG. 4, and details are not described herein.

[0080] If the NVE device 1 is the authorized receiver of the third packet, the NVE device 1 may perform the following subsequent processing on the third packet according to the solution in this embodiment of the present invention:
If the NVE device 1 determines that the NVE device 1 is the authorized receiver of the third packet, the NVE device 1 may perform the following subsequent processing on the third packet according to the solution in this embodiment of the present invention:
  1. (1) To implement packet transmission from the NVE device 1 to the VM 1, the NVE device 1 may perform decapsulation processing on the third packet, and remove the VNI 100 and the address of the NVE device 1 that are encapsulated by the NVE device 4, so as to obtain a decapsulated third packet. The decapsulated third packet includes the address of the VM 4, the address of the VM 1, and the third load.
  2. (2) The NVE device 1 sends the decapsulated third packet to the VM 1 by using the LAN 10 and by using the address of the VM 1, so as to complete receiving and forwarding of the third packet.


[0081] In conclusion, a process of data exchange between virtual machines provided by two servers in an NVo3 network is implemented by using the solution provided in this embodiment of the present invention, particularly an implementation solution for packet receiving involved in the exchange process.

[0082] In the foregoing description, FIG. 3, FIG. 4, and FIG. 5 show a packet transmission solution of combining an NVo3 technology and an active-active access technology. The following further illustrates a packet transmission process in the embodiments of the present invention with reference to a specific example.
  1. 1. An active-active access configuration information list is generated according to active-active access information that is set by a tenant.
    Considering that a YANG data model language may be easily converted into an Extensible Markup Language (XML) format, and a relationship between data may be concisely described by using a tree-like structure. In this embodiment of the present invention, the YANG data model language may be used to compile the active-active access information that is set by the tenant, so as to generate an active-active access configuration information list.
    As an example, a manner in which the controller generates a list based on the YANG data model language may be presented as follows:
    1. (1) defining a data type typedef NVE-ID { type union { type inet:ipv4-address; type inet:ipv6-address; } description "Defines addresses of different nves, MAC, IPv4 or IPv6"; } typedef END-DEVICE-ID{ type string; description "The identification of the end device that is multi-attached to those NVEs given by the 'nve-list'; If the end device is an MC-LAG, it's an 8-octet value ID according to Section 5.3.2 in 802.1ax-2008"; } typedef VNI { type uint32{ range "1 .. 16777215"; } description "Virtual Network Instance (VNI)"; } typedef TS-ADDRESS{ type union { type yang:mac-address; type inet:ipv4-address; ype inet:ipv6-address; } description "The address of the Tenant System"; }
    2. (2) establishing an association relationship between data list active-active-nve-groups{ key "end-id"; leaf end-id { type END-DEVICE-ID; description "The identification of the end device that is multi-attached to the NVEs given in the 'nve-list'."; } container multi-attached-info { list nve-list{ key "nve-id"; leaf nve-id{ type NVE-ID; } description "Any NVE can deliver traffic of any VNI in the 'vni-list' in this container"; leaf priority { type enumeration { enum primary { value "1"; description "Primary egress NVE."; } enum backup { value "2"; description "Backup egress NVE."; } } description "Simple priority for distinguishing between primary and backup egress NVEs in an AANVE for BUM packets. Backup egress NVEs MUST NOT egress a BUM packet."; } leaf-list vap-list{ type if:interface-ref; description "This nve uses these interfaces to attach the end device link identified by the 'end-id'. These interfaces MUST NOT egress any packet whose source NVE is listed in the 'nve-list"';//split horizon } } leaf vni { type VNI; description "A VNI enabled for the end device identified by the 'end-id'"; } leaf-list attached-ts-addresses{ type TS-ADDRESS; description "The list of the Tenant System Addresses that are connected to the end device identified by the 'end-id'. For any address in this list, the remote nve can sent traffic towards it within the 'vni' via any nve given in the nve-list'"; } }
  2. 2. The active-active access configuration information list is delivered to each NVE device in the NVo3 network, and active-active access information of the NVo3 network is configured.
    The controller delivers the generated list to each NVE device in the NVo3 network in a broadcast manner. All NVE devices in the NVo3 network may support the Network Configuration (Netconf) protocol, may analyze the tree-like structure described in the YANG data model language, and may identify active-active groups that exist in the NVo3 network and active-active members included in each active-active group.
    For example, in the foregoing example in FIG. 1, it may be identified that two active-active groups exist in the NVo3 network, where the active-active members included in the first active-active group are the NVE device 1 to the NVE device 3, and the active-active members included in the second active-active group are the NVE device 4 and the NVE device 5.
    The following uses a process of interaction between the VM 1 and the VM 4 as an example to illustrate the solution in this embodiment of the present invention.
  3. 3. The VM 1 sends a request packet to the VM 4, where the request packet includes the MAC address of the VM 1, the MAC address of the VM 4, and request data.


[0083] First, the VM 1 sends, by using the VLAN 10, the request packet to a LAN 10 connected to the VM 1, and the LAN 10 learns, according to a correspondence between a LAN and an NVE device stored in the LAN 10, and link bundling information, that the request packet may be sent, by using any NVE device of the NVE device 1 to the NVE device 3, to a remote NVE device to which the VM 4 is connected. In this case, if the LAN 10 selects, according to the load balancing technology, the NVE device 1 as a processing device for packet forwarding this time, the LAN 10 may forward the request packet to the NVE device 1 by using the VLAN 10. It should be noted that in the foregoing manner of generating the list based on the YANG data model language, end-id may be presented as a LAN identifier.

[0084] It should be noted that, that the VM 1 may be connected in an active-active manner to the NVE device 1 to the NVE device 3 may be understood as follows: the VM 1 may be connected to any one of the NVE device 1 to the NVE device 3; or more specifically, a data flow (English: flow) transmitted by the VM 1 may be connected to any one of the NVE device 1 to the NVE device 3, that is, more specifically to a data flow sent to a specified VLAN and VM. For example, when the VM 1 sends a flow 1 to the VM 4 by using the VLAN 10, the VM 1 may be connected to the NVE device 1, and forward the flow 1 by using the NVE device 1; or when the VM 1 sends a flow 2 to the VM 4 by using the VLAN 20, the VM 1 may be connected to the NVE device 2, and forward the flow 2 by using the NVE device 2, and so on. No specific limitation is imposed on this in this embodiment of the present invention.

[0085] Then, the NVE device 1 receives the request packet, reads the locally stored active-active access configuration information list, and searches for the remote NVE device.

[0086] For example, the list locally stored in the NVE device 1 records the following entries:
The entry corresponding to the NVE device 1 includes: the LAN 10, the VNI 100, the IP address of the NVE device 1, and the MAC addresses of the VM 1 to the VM 3.

[0087] The entry corresponding to the NVE device 4 includes: the LAN 20, the VNI 100, and the IP address of the NVE device 4.

[0088] The entry corresponding to the NVE device 5 includes: the LAN 20, the VNI 100, and the IP address of the NVE device 5.

[0089] That is, an address of the VM in the list that is generated by the controller is blank, and the NVE device 1 may know a MAC address of a VM that can be connected to the NVE device 1. In addition, the NVE device 1 needs to perform dynamic learning to know a MAC address of a VM that can be connected to the NVE device 4, and a MAC address of a VM that can be connected to the NVE device 5.

[0090] Therefore, the NVE device 1 may find, according to the VNI 100, an NVE device 4 and an NVE device 5 that can exchange data with the active-active group to which the NVE device 1 belongs, and may learn, according to the LAN 20, that the NVE device 4 and the NVE device 5 belong to a same active-active group, and therefore, the NVE device 1 may select, according to the load balancing technology, the NVE device 4 as the remote NVE device for packet forwarding this time.

[0091] Next, the NVE device 1 encapsulates the request packet, and routes the encapsulated request packet to the remote NVE device.

[0092] To implement request packet transmission between the NVE device 1 and the NVE device 4, the NVE device 1 may encapsulate, in the request packet, the IP address of the NVE device 4; and in addition, to increase a quantity of tenants that may be isolated in this embodiment of the present invention, the VNI 100 may be encapsulated in the request packet, and a tenant is identified in a manner of combining the VLAN 10 with the VNI 100. After the processing, the NVE device 1 may forward the encapsulated request to the NVE device 4 in a unicast manner.

[0093] It should be noted that only an entry corresponding to the processing device that may be involved in a process of packet forwarding this time is illustrated herein, which does not indicate that the list locally stored in the NVE device 1 records only the above-listed entries.

[0094] In addition, after finding the NVE device 4 and the NVE device 5, the NVE device 1 may further determine the NVE device 4 and the NVE device 5 as remote NVE devices, and send the request packet to the NVE device 4 and the NVE device 5 by using the multicast technology. No specific limitation is imposed on this in this embodiment of the present invention, provided that the request packet is sent to an NVE device to which the VM 4 can be connected.

[0095] Finally, the NVE device 4 receives the encapsulated request packet forwarded by the NVE device 1, and sends the encapsulated request packet to the VM 4.

[0096] The NVE device 4 may determine, according to an IP address of the NVE device 4 in the encapsulated request packet, that the NVE device 4 is an authorized receiver of the encapsulated request packet. The NVE device 4 may perform decapsulation to restore the request packet, and forward the request packet to the VM 4 by using the LAN 20 and according to the MAC address of the VM 4 included in the request packet, so as to implement the packet transmission from the VM 1 to the VM 4.

[0097] 3. The VM 4 sends a response packet to the VM 1, where the response packet includes the MAC address of the VM 4, the MAC address of the VM 1, and response data.

[0098] After receiving the request packet sent by the VM 1, the VM 4 may perform a series of processing (which may be determined according to an actual requirement, and no specific limitation is imposed on this in this embodiment of the present invention) according to the request packet, and return response data to the VM 1 by using the response packet.

[0099] First, the VM 4 sends, by using the VLAN 10, the response packet to the LAN 20 connected to the VM 4, and the LAN 20 determines, according to the correspondence between a LAN and an NVE device stored in the LAN 20, and the link bundling information, that either of the NVE device 4 and the NVE device 5 can send the response packet to a remote NVE device to which the VM 1 is connected. In this case, if the LAN 20 selects, according to the load balancing technology, the NVE device 5 as a processing device for packet forwarding this time, the LAN 20 may forward the response packet to the NVE device 5 by using the VLAN 10.

[0100] Then, the NVE device 5 receives the response packet, reads the locally stored active-active access configuration information list, and searches for the remote NVE device. For example, after finding the NVE device 1 to the NVE device 3 that belong to the same active-active group, the NVE device 5 may select, according to the load balancing technology, the NVE device 2 as the remote NVE device for packet forwarding this time.

[0101] For a manner of searching for the remote NVE device by the NVE device 5, refer to the foregoing description, and details are not described herein.

[0102] Next, the NVE device 5 encapsulates the response packet, and sends the encapsulated response packet to the remote NVE device. The encapsulated response packet includes the VNI 100, the IP address of the NVE device 2, the MAC address of the VM 4, the MAC address of the VM 1, and the response data.

[0103] Finally, after the NVE device 2 receives the encapsulated response packet forwarded by the NVE device 5, and performs decapsulation to restore the response packet. The NVE device 2 forwards the response packet to the VM 1 by using the LAN 10 and according to the MAC address of the VM 1 included in the response packet, so as to implement the packet transmission from the VM 4 to the VM 1.

[0104] In conclusion, a process of data exchange between virtual machines provided by two servers in an NVo3 network is implemented by using the solution provided in this embodiment of the present invention. It should be noted that in the foregoing examples, both the source address and the destination address in the packet are illustrated by using the MAC address as an example. According to different network layers at which the VM is located, the source address and the destination address may further be presented as IP addresses, and no specific limitation is imposed on this in this embodiment of the present invention. It should be noted that if the source address and the destination address are presented as IP addresses, the forwarding device should be a router. For a specific packet transmission solution, refer to the foregoing description, and details are not described herein.

[0105] In addition, in the foregoing examples, the two servers belong to a same data center. In an actual application process, there may be a requirement of interaction crossing data centers. For example, the server 1 belongs to a data center 1 and the server 2 belongs to a data center 2, and in this case, when encapsulating the request packet, the NVE device 1 may further encapsulate an identifier of the data center 2 into the request packet. Therefore, the NVE device 1 may send the encapsulated request packet to the NVE device 4 by using the identifier of the data center 2 and the identifier of the NVE device 4, so as to implement packet forwarding crossing data centers. For example, the NVE device 1 may obtain the identifier of the data center 2 from a router crossing data centers, and no specific limitation is imposed on this in this embodiment of the present invention.

[0106] Corresponding to the method shown in FIG. 3, an embodiment of the present invention further provides a packet transmission apparatus. Referring to a schematic diagram shown in FIG. 6, the apparatus may include:

a first receiving unit 401, configured to receive a first packet, where the first packet includes a first source address and a first destination address, the first source address is an address of a first virtual machine, and the first destination address is an address of a second virtual machine, where the first virtual machine is virtualized by a first physical server and the second virtual machine is virtualized by a second physical server;

a first obtaining unit 402, configured to obtain an active-active access configuration information list after the first receiving unit receives the first packet, where the active-active access configuration information list includes a first entry and a second entry, where the first entry includes an identifier of a first active-active group, a virtual network instance, and an identifier of a first NVE device, and the second entry includes an identifier of a second active-active group, the virtual network instance, and identifiers of at least two NVE devices that belong to the second active-active group;

a second obtaining unit 403, configured to obtain, according to the first entry and the identifier of the first NVE device, the virtual network instance from the active-active access configuration information list obtained by the first obtaining unit;

a search unit 404, configured to search for at least one active-active group corresponding to the virtual network instance in the active-active access configuration information list obtained by the first obtaining unit, where the at least one active-active group includes the second active-active group; and select a second NVE device from the at least two NVE devices belonging to the second active-active group;

an encapsulation unit 405, configured to encapsulate the first packet by using an identifier of the second NVE device and the virtual network instance; and

a first sending unit 406, configured to send the first packet encapsulated by the encapsulation unit to the second NVE device.



[0107] The packet transmission apparatus in this embodiment of the present invention may be integrated into an NVE device in an NVo3 network, and be applied to the method embodiment shown in FIG. 3 to implement a function of the first NVE device. When a packet needs to be forwarded, the packet transmission apparatus may find the second NVE device by using a locally stored active-active access configuration information list, and forward a packet to the second NVE, so as to implement a process of data exchange between virtual machines provided by two servers in the NVo3 network, particularly an implementation solution for packet sending involved in the exchange process.

[0108] Optionally, the first obtaining unit is specifically configured to receive the active-active access configuration information list from a controller.

[0109] Optionally, the active-active access configuration information list obtained by the first obtaining unit is described in a Yet Another Next Generation YANG language, and the first entry carries the identifier of the first active-active group, the virtual network instance, and the identifier of the first NVE device by using a tree-like structure, where the identifier of the first active-active group is a root node, and the identifier of the first NVE device and the virtual network instance are subnodes.

[0110] Optionally, the active-active access configuration information list further includes a third entry, where the third entry includes an identifier of a third active-active group, the virtual network instance, and identifiers of at least two NVE devices that belong to the third active-active group; and the at least one active-active group includes the second active-active group and the third active-active group; and
the first sending unit is specifically configured to determine whether the second entry further includes the address of the second virtual machine; and when the second entry further includes the address of the second virtual machine, search for the second active-active group corresponding to the address of the second virtual machine, and send the encapsulated first packet to the second NVE device.

[0111] Optionally, the first sending unit is further configured to: when the second entry does not include the address of the second virtual machine, send the encapsulated first packet to the at least two NVE devices belonging to the second active-active group, and the at least two NVE devices belonging to the third active-active group.

[0112] Optionally, the first entry includes the identifier of the first active-active group, the virtual network instance, the identifier of the first NVE device, and the address of the first virtual machine, and the apparatus further includes:

a second receiving unit, configured to receive a second packet sent by a fourth NVE device, where the second packet includes the identifier of the first NVE device, the virtual network instance, a second source address, and a second destination address, where the second source address is an address of a third virtual machine, the second destination address is the address of the first virtual machine, and the third virtual machine is virtualized by a third physical server;

a decapsulation unit, configured to decapsulate the second packet to obtain a decapsulated second packet, where the decapsulated second packet includes the second source address and the second destination address;

a determining unit, configured to determine whether the second destination address is the address of the first virtual machine in the first entry; and

a second sending unit, configured to: when the determining unit determines that the second destination address is the address of the first virtual machine in the first entry, send the decapsulated second packet according to the second destination address.



[0113] Optionally, the apparatus further includes:

a third receiving unit, configured to receive a third packet sent by a fifth NVE device, where the third packet includes the identifier of the first NVE device, the virtual network instance, a third source address, and a third destination address, where the third source address is an address of a fourth virtual machine, the third destination address is the address of the first virtual machine, and the fourth virtual machine is obtained by means of virtualization by a fourth physical server;

a second decapsulation unit, configured to decapsulate the third packet received by the third receiving unit, so as to obtain a decapsulated third packet, where the decapsulated third packet includes the third source address and the third destination address; and

a third sending unit, configured to send the decapsulated third packet according to the third destination address.



[0114] In the foregoing optional solution, for an additional function that may be implemented by the packet transmission apparatus in this embodiment of the present invention, refer to description of an additional function of the first NVE in the method embodiment, and details are not described herein.

[0115] In addition, when the packet transmission apparatus provided in the foregoing embodiment sends a packet, description is given only by using division of the foregoing functional modules as an example. In actual application, the functions may be allocated to different functional modules for implementation according to a requirement. That is, an internal structure of the apparatus is divided into different functional modules to implement all or a part of the functions described above.

[0116] Corresponding to the method shown in FIG. 3, an embodiment of the present invention further provides a packet transmission device 500. Referring to a schematic diagram shown in FIG. 7, the device may include: a processor 501, a memory 502, a network interface 503, and a bus system 504.

[0117] The bus system 504 is configured to connect the processor 501, the memory 502, and the network interface 503.

[0118] The network interface 503 is configured to implement a communication connection between the device and another network device. The network interface 503 may be implemented by an optical transceiver, an electrical transceiver, a wireless transceiver, or any combination thereof. For example, the optical transceiver may be a small form-factor pluggable transceiver (SFP), an enhanced small form-factor pluggable (SFP+) transceiver, or a 10 Gigabit small form-factor pluggable (XFP) transceiver. The electrical transceiver may be an Ethernet (Ethernet) network interface controller (NIC). The wireless transceiver may be a wireless network interface controller (WNIC).

[0119] The memory 502 is configured to store a program instruction and data. The memory 502 may include a volatile memory (volatile memory), for example, a random access memory (RAM). The memory may also include a non-volatile memory (non-volatile memory), for example, a flash memory (flash memory), a hard disk drive (HDD), or a solid-state drive (SSD). The memory may further include a combination of the foregoing types of memories.

[0120] The processor 501 is a central processing unit (CPU), or may be a combination of a CPU and a hardware chip. The hardware chip may be one or a combination of the following: an application-specific integrated circuit (ASIC), a field-programmable gate array (FPGA), a complex programmable logic device (CPLD), or a network processor (NP). The processor 501 is configured to read the program instruction and the data that are stored in the memory 502, and execute the following operations:

receiving, by the processor, a first packet by using the network interface, where the first packet includes a first source address and a first destination address, the first source address is an address of a first virtual machine, and the first destination address is an address of a second virtual machine, where the first virtual machine is virtualized by a first physical server and the second virtual machine is virtualized by a second physical server;

obtaining, by the processor, an active-active access configuration information list, where the active-active access configuration information list includes a first entry and a second entry, where the first entry includes an identifier of a first active-active group, a virtual network instance, and an identifier of a first NVE device, and the second entry includes an identifier of a second active-active group, the virtual network instance, and identifiers of at least two NVE devices that belong to the second active-active group;

obtaining, by the processor, the virtual network instance according to the first entry and the identifier of the first NVE device;

searching, by the processor, for at least one active-active group corresponding to the virtual network instance, where the at least one active-active group includes the second active-active group; and selecting a second NVE device from the at least two NVE devices belonging to the second active-active group; and

encapsulating, by the first processor, the first packet by using an identifier of the second NVE device and the virtual network instance, and sending the encapsulated first packet to the second NVE device by using the network interface.



[0121] The packet transmission device in this embodiment of the present invention may be presented as an NVE device in the NVo3 network. When a packet needs to be forwarded, the packet transmission device may find the second NVE by using a locally stored active-active access configuration information list, and forward a packet to the second NVE, so as to implement a process of data exchange between virtual machines provided by two servers in the NVo3 network, particularly an implementation solution for packet sending involved in the exchange process.

[0122] Optionally, the obtaining, by the processor, an active-active access configuration information list includes: obtaining, by the processor, the active-active access configuration information list from a controller.

[0123] Optionally, the active-active access configuration information list obtained by the processor is described in a Yet Another Next Generation YANG language, and the first entry carries the identifier of the first active-active group, the virtual network instance, and the identifier of the first NVE device by using a tree-like structure, where the identifier of the first active-active group is a root node, and the identifier of the first NVE device and the virtual network instance are subnodes.

[0124] Optionally, the active-active access configuration information list further includes a third entry, where the third entry includes an identifier of a third active-active group, the virtual network instance, and identifiers of at least two NVE devices that belong to the third active-active group; and the at least one active-active group includes the second active-active group and the third active-active group; and the sending, by the processor, the encapsulated first packet to the second NVE device includes:

determining, by the processor, whether the second entry further includes the address of the second virtual machine; and

if the second entry further includes the address of the second virtual machine, searching, by the processor, for the second active-active group corresponding to the address of the second virtual machine, and sending the encapsulated first packet to the second NVE device.



[0125] Optionally, if the second entry does not include the address of the second virtual machine, the processor sends the encapsulated first packet to the at least two NVE devices belonging to the second active-active group, and the at least two NVE devices belonging to the third active-active group.

[0126] Optionally, the first entry includes the identifier of the first active-active group, the virtual network instance, the identifier of the first NVE device, and the address of the first virtual machine, and the processor may further execute the following operations:

receiving, by the processor, a second packet sent by a fourth NVE device, where the second packet includes the identifier of the first NVE device, the virtual network instance, a second source address, and a second destination address, where the second source address is an address of a third virtual machine, the second destination address is the address of the first virtual machine, and the third virtual machine is virtualized by a third physical server;

decapsulating, by the processor, the second packet to obtain a decapsulated second packet, where the decapsulated second packet includes the second source address and the second destination address;

determining, by the processor, whether the second destination address is the address of the first virtual machine in the first entry; and

if the second destination address is the address of the first virtual machine in the first entry, sending, by the processor, the decapsulated second packet by using the network interface and according to the second destination address.



[0127] Optionally, the processor may further execute the following operations:

receiving, by the processor by using the network interface, a third packet sent by a fifth NVE device, where the third packet includes the identifier of the first NVE device, the virtual network instance, a third source address, and a third destination address, where the third source address is an address of a fourth virtual machine, the third destination address is the address of the first virtual machine, and the fourth virtual machine is obtained by means of virtualization by a fourth physical server;

decapsulating, by the processor, the third packet to obtain a decapsulated third packet, where the decapsulated third packet includes the third source address and the third destination address; and

sending, by the processor, the decapsulated third packet by using the network interface and according to the third destination address.



[0128] For implementation details of the packet transmission device shown in FIG. 7, refer to the foregoing description of the method embodiment shown in FIG. 3, and details are not described herein.

[0129] From the foregoing descriptions of the implementation manners, a person skilled in the art may clearly understand that some or all steps of the methods in the embodiments may be implemented by software in addition to a universal hardware platform. Based on such an understanding, the technical solutions of the present invention essentially or the part contributing to the prior art may be implemented in a form of a software product. The software product may be stored in a storage medium, such as a read-only memory (ROM), a RAM, a magnetic disk, or an optical disc, and includes several instructions for instructing a computer device (which may be a personal computer, a server, or a network communications device such as a media gateway) to perform the methods described in the embodiments or some parts of the embodiments of the present invention.

[0130] It should be noted that the embodiments in this specification are all described in a progressive manner, for same or similar parts in the embodiments, reference may be made to these embodiments, and each embodiment focuses on a difference from other embodiments. Especially, apparatus and device embodiments are basically similar to a method embodiment, and therefore is described briefly; for related parts, reference may be made to partial descriptions in the method embodiment. The described apparatus and device embodiments are merely exemplary. The units described as separate parts may or may not be physically separate, and parts displayed as units may or may not be physical units, may be located in one position, or may be distributed on a plurality of network units. Some or all of the modules may be selected according to actual needs to achieve the objectives of the solutions of the embodiments. A person of ordinary skill in the art may understand and implement the embodiments of the present invention without creative efforts.

[0131] The foregoing descriptions are merely optional embodiments of the present invention, but are not intended to limit the protection scope of the present invention. It should be noted that a person of ordinary skill in the art may make certain improvements and polishing without departing from the principle of the present application and the improvements and polishing shall fall within the protection scope of the present application.


Claims

1. A packet transmission method, wherein the method comprises:

receiving (101), by a first Network Virtualization Edge, NVE, device, a first packet, wherein the first packet comprises a first source address and a first destination address, the first source address is an address of a first virtual machine, and the first destination address is an address of a second virtual machine, wherein the first virtual machine is virtualized by a first physical server and the second virtual machine is virtualized by a second physical server;

obtaining (102), by the first NVE device, an active-active access configuration information list, wherein the active-active access configuration information list comprises a first entry and a second entry, wherein the first entry comprises an identifier of a first active-active group, a virtual network instance, and an identifier of the first NVE device, and the second entry comprises an identifier of a second active-active group, the virtual network instance, and identifiers of at least two NVE devices that belong to the second active-active group, and wherein the active-active access configuration information list is obtained by receiving the active-active access configuration information list;

obtaining (103), by the first NVE device, the virtual network instance according to the first entry and the identifier of the first NVE device;

searching (104), by the first NVE device, for at least one active-active group corresponding to the virtual network instance, wherein the at least one active-active group comprises the second active-active group; and selecting a second NVE device from the at least two NVE devices belonging to the second active-active group; and

encapsulating (105), by the first NVE device, the first packet by using an identifier of the second NVE device and the virtual network instance, and sending the encapsulated first packet to the second virtual machine via the second NVE device.


 
2. The method according to claim 1, wherein the obtaining, by the first NVE device, an active-active access configuration information list comprises: receiving, by the first NVE device, the active-active access configuration information list from a controller.
 
3. The method according to claim 1 or 2, wherein the active-active access configuration information list is described in a Yet Another Next Generation, YANG, language, and the first entry carries the identifier of the first active-active group, the virtual network instance, and the identifier of the first NVE device by using a tree-like structure, wherein the identifier of the first active-active group is a root node, and the identifier of the first NVE device and the virtual network instance are subnodes.
 
4. The method according to any one of claims 1 to 3, wherein the active-active access configuration information list further comprises a third entry, wherein the third entry comprises an identifier of a third active-active group, the virtual network instance, and identifiers of at least two NVE devices that belong to the third active-active group; and the at least one active-active group comprises the second active-active group and the third active-active group; and
the sending the encapsulated first packet to the second NVE device comprises:

determining, by the first NVE device, whether the second entry further comprises the address of the second virtual machine; and

if the second entry further comprises the address of the second virtual machine, searching, by the first NVE device, for the second active-active group corresponding to the address of the second virtual machine, and sending the encapsulated first packet to the second NVE device.


 
5. The method according to claim 4, wherein the method further comprises:
if the second entry does not comprise the address of the second virtual machine, sending, by the first NVE device, the encapsulated first packet to the at least two NVE devices belonging to the second active-active group, and the at least two NVE devices belonging to the third active-active group.
 
6. The method according to any one of claims 1 to 5, wherein the first entry comprises the identifier of the first active-active group, the virtual network instance, the identifier of the first NVE device, and the address of the first virtual machine, and the method further comprises:

receiving (201), by the first NVE device, a second packet sent by a fourth NVE device, wherein the second packet comprises the identifier of the first NVE device, the virtual network instance, a second source address, and a second destination address, wherein the second source address is an address of a third virtual machine, the second destination address is the address of the first virtual machine, and the third virtual machine is virtualized by a third physical server;

decapsulating (202), by the first NVE device, the second packet to obtain a decapsulated second packet, wherein the decapsulated second packet comprises the second source address and the second destination address;

determining (203), by the first NVE device, whether the second destination address is the address of the first virtual machine in the first entry; and

if the second destination address is the address of the first virtual machine in the first entry, sending (204), by the first NVE device, the decapsulated second packet according to the second destination address.


 
7. A packet transmission apparatus, wherein the apparatus comprises:

a first receiving unit (401), configured to receive a first packet, wherein the first packet comprises a first source address and a first destination address, the first source address is an address of a first virtual machine, and the first destination address is an address of a second virtual machine, wherein the first virtual machine is virtualized by a first physical server and the second virtual machine is virtualized by a second physical server;

a first obtaining unit (402), configured to obtain an active-active access configuration information list after the first receiving unit (401) receives the first packet, wherein the active-active access configuration information list comprises a first entry and a second entry, wherein the first entry comprises an identifier of a first active-active group, a virtual network instance, and an identifier of a first Network Virtualization Edge, NVE, device, and the second entry comprises an identifier of a second active-active group, the virtual network instance, and identifiers of at least two NVE devices that belong to the second active-active group, and wherein the first obtaining unit is configure to obtain the active-active access configuration information list by receiving the active-active access configuration information list;

a second obtaining unit (403), configured to obtain, according to the first entry and the identifier of the first NVE device, the virtual network instance from the active-active access configuration information list obtained by the first obtaining unit (402);

a search unit (404), configured to search for at least one active-active group corresponding to the virtual network instance in the active-active access configuration information list obtained by the first obtaining unit (402), wherein the at least one active-active group comprises the second active-active group; and select a second NVE device from the at least two NVE devices belonging to the second active-active group;

an encapsulation unit (405), configured to encapsulate the first packet by using an identifier of the second NVE device and the virtual network instance; and

a first sending unit (406), configured to send the first packet encapsulated by the encapsulation unit (405) to the second virtual machine via the second NVE device.


 
8. The apparatus according to claim 7, wherein:
the first obtaining unit (402) is specifically configured to receive the active-active access configuration information list from a controller.
 
9. The apparatus according to claim 7 or 8, wherein:
the active-active access configuration information list obtained by the first obtaining unit (402) is described in a Yet Another Next Generation, YANG, language, and the first entry carries the identifier of the first active-active group, the virtual network instance, and the identifier of the first NVE device by using a tree-like structure, wherein the identifier of the first active-active group is a root node, and the identifier of the first NVE device and the virtual network instance are subnodes.
 
10. The apparatus according to any one of claims 7 to 9, wherein the active-active access configuration information list further comprises a third entry, wherein the third entry comprises an identifier of a third active-active group, the virtual network instance, and identifiers of at least two NVE devices that belong to the third active-active group; and the at least one active-active group comprises the second active-active group and the third active-active group; and
the first sending unit (406) is specifically configured to determine whether the second entry further comprises the address of the second virtual machine; and when the second entry further comprises the address of the second virtual machine, search for the second active-active group corresponding to the address of the second virtual machine, and send the encapsulated first packet to the second NVE device.
 
11. The apparatus according to claim 10, wherein:
the first sending unit (406) is further configured to: when the second entry does not comprise the address of the second virtual machine, send the encapsulated first packet to the at least two NVE devices belonging to the second active-active group, and the at least two NVE devices belonging to the third active-active group.
 
12. The apparatus according to any one of claims 7 to 11, wherein the first entry comprises the identifier of the first active-active group, the virtual network instance, the identifier of the first NVE device, and the address of the first virtual machine, and the apparatus further comprises:

a second receiving unit, configured to receive a second packet sent by a fourth NVE device, wherein the second packet comprises the identifier of the first NVE device, the virtual network instance, a second source address, and a second destination address, wherein the second source address is an address of a third virtual machine, the second destination address is the address of the first virtual machine, and the third virtual machine is virtualized by a third physical server;

a decapsulation unit, configured to decapsulate the second packet to obtain a decapsulated second packet, wherein the decapsulated second packet comprises the second source address and the second destination address;

a determining unit, configured to determine whether the second destination address is the address of the first virtual machine in the first entry; and

a second sending unit, configured to: when the determining unit determines that the second destination address is the address of the first virtual machine in the first entry, send the decapsulated second packet according to the second destination address.


 


Ansprüche

1. Paketübertragungsverfahren, wobei das Verfahren Folgendes umfasst:

Empfangen (101) eines ersten Pakets durch eine erste Netzwerkvirtualisierungskanten (Network Virtualization Edge - NVE)vorrichtung, wobei das erste Paket eine erste Quelladresse und eine erste Zieladresse umfasst, die erste Quelladresse eine Adresse einer ersten virtuellen Maschine ist und die erste Zieladresse eine Adresse einer zweiten virtuellen Maschine ist, wobei die erste virtuelle Maschine von einem ersten physischen Server virtualisiert wird und die zweite virtuelle Maschine von einem zweiten physischen Server virtualisiert wird;

Erhalten (102) einer Aktiv-Aktiv-Zugriffskonfigurationsinformationenliste durch die erste NVE-Vorrichtung, wobei die Aktiv-Aktiv-Zugriffskonfigurationsinformationenliste einen ersten Eintrag und einen zweiten Eintrag umfasst, wobei der erste Eintrag eine Kennung einer ersten Aktiv-Aktiv-Gruppe, eine virtuelle Netzwerkinstanz und eine Kennung der ersten NVE-Vorrichtung umfasst, und der zweite Eintrag eine Kennung einer zweiten Aktiv-Aktiv-Gruppe, die virtuelle Netzwerkinstanz und Kennungen von wenigstens zwei NVE-Vorrichtungen umfasst, die zu der zweiten Aktiv-Aktiv-Gruppe gehören, und wobei die Aktiv-Aktiv-Zugriffskonfigurationsinformationenliste durch Empfangen der Aktiv-Aktiv-Zugriffskonfigurationsinformationenliste erhalten wird;

Erhalten (103) der virtuellen Netzwerkinstanz durch die erste NVE-Vorrichtung gemäß dem ersten Eintrag und der Kennung der ersten NVE-Vorrichtung;

Suchen (104) nach wenigstens einer Aktiv-Aktiv-Gruppe, die der virtuellen Netzwerkinstanz entspricht, durch die erste NVE-Vorrichtung, wobei die wenigstens eine Aktiv-Aktiv-Gruppe die zweite Aktiv-Aktiv-Gruppe umfasst; und

Auswählen einer zweiten NVE-Vorrichtung aus den wenigstens zwei NVE-Vorrichtungen, die zu der zweiten Aktiv-Aktiv-Gruppe gehören; und

Einkapseln (105) des ersten Pakets durch die erste NVE-Vorrichtung unter Verwendung einer Kennung der zweiten NVE-Vorrichtung und der virtuellen Netzwerkinstanz, und Senden des eingekapselten ersten Pakets an die zweite virtuelle Maschine über die zweite NVE-Vorrichtung.


 
2. Verfahren nach Anspruch 1, wobei das Erhalten einer Aktiv-Aktiv-Zugriffskonfigurationsinformationenliste durch die erste NVE-Vorrichtung Folgendes umfasst:
Empfangen der Aktiv-Aktiv-Zugriffskonfigurationsinformationenliste durch die erste NVE-Vorrichtung von einer Steuervorrichtung.
 
3. Verfahren nach Anspruch 1 oder 2, wobei die Aktiv-Aktiv-Zugriffskonfigurationsinformationenliste in einer Yet Another Next Generation(YANG)-Sprache beschrieben wird, und der erste Eintrag die Kennung der ersten Aktiv-Aktiv-Gruppe, die virtuelle Netzwerkinstanz und die Kennung der ersten NVE-Kennung durch Verwenden einer baumähnlichen Struktur trägt, wobei die Kennung der ersten Aktiv-Aktiv-Gruppe ein Wurzelknoten ist und die Kennung der ersten NVE-Vorrichtung und die virtuelle Netzwerkinstanz Unterknoten sind.
 
4. Verfahren nach einem der Ansprüche 1 bis 3, wobei die Aktiv-Aktiv-Zugriffskonfigurationsinformationenliste ferner einen dritten Eintrag umfasst, wobei der dritte Eintrag eine Kennung einer dritten Aktiv-Aktiv-Gruppe, die virtuelle Netzwerkinstanz, und Kennungen von wenigstens zwei NVE-Vorrichtungen umfasst, die zu der dritten Aktiv-Aktiv-Gruppe gehören; und
die wenigstens eine Aktiv-Aktiv-Gruppe die zweite Aktiv-Aktiv-Gruppe und die dritte Aktiv-Aktiv-Gruppe umfasst; und
das Senden des eingekapselten ersten Pakets zu der zweiten NVE-Vorrichtung Folgendes umfasst:

Bestimmen, durch die erste NVE-Vorrichtung, ob der zweite Eintrag ferner die Adresse der zweiten virtuellen Maschine umfasst; und

sofern der zweite Eintrag ferner die Adresse der zweiten virtuellen Maschine umfasst, Suchen nach der zweiten Aktiv-Aktiv-Gruppe, die der Adresse der zweiten virtuellen Maschine entspricht, durch die erste NVE-Vorrichtung und Senden des eingekapselten ersten Pakets zu der zweiten NVE-Vorrichtung.


 
5. Verfahren nach Anspruch 4, wobei das Verfahren ferner Folgendes umfasst:
sofern der zweite Eintrag nicht die Adresse der zweiten virtuellen Maschine umfasst, Senden des eingekapselten ersten Pakets zu den wenigstens zwei NVE-Vorrichtungen, die zu der zweiten Aktiv-Aktiv-Gruppe gehören, durch die erste NVE-Vorrichtung, und den wenigstens zwei NVE-Vorrichtungen, die zu der dritten Aktiv-Aktiv-Gruppe gehören.
 
6. Verfahren nach einem der Ansprüche 1 bis 5, wobei der erste Eintrag die Kennung der ersten Aktiv-Aktiv-Gruppe, die virtuelle Netzwerkinstanz, die Kennung der ersten NVE-Vorrichtung und die Adresse der ersten virtuellen Maschine umfasst, und das Verfahren ferner Folgendes umfasst:

Empfangen (201) eines zweiten von einer vierten NVE-Vorrichtung gesendeten Pakets durch die erste NVE-Vorrichtung, wobei das zweite Paket die Kennung der ersten NVE-Vorrichtung, die virtuelle Netzwerkinstanz, eine zweite Quelladresse und eine zweite Zieladresse umfasst, wobei die zweite Quelladresse eine Adresse einer dritten virtuellen Maschine ist, die zweite Zieladresse die Adresse der ersten virtuellen Maschine ist und die dritte virtuelle Maschine von einem dritten physischen Server virtualisiert wird;

Entkapseln (202) des zweiten Pakets durch die erste NVE-Vorrichtung, um ein entkapseltes zweites Paket zu erhalten, wobei das entkapselte zweite Paket die zweite Quelladresse und die zweite Zieladresse umfasst;

Bestimmen (203) durch die erste NVE-Vorrichtung, ob die zweite Zieladresse die Adresse der ersten virtuellen Maschine in dem ersten Eintrag ist; und

sofern die zweite Zieladresse die Adresse der ersten virtuellen Maschine in dem ersten Eintrag ist, Senden (204) des entkapselten zweiten Pakets durch die erste NVE-Vorrichtung, gemäß der zweiten Zieladresse.


 
7. Paketübertragungseinrichtung, wobei die Einrichtung Folgendes umfasst:

eine erste Empfangseinheit (401), die konfiguriert ist, um ein erstes Paket zu empfangen, wobei das erste Paket eine erste Quelladresse und eine erste Zieladresse umfasst, die erste Quelladresse eine Adresse einer ersten virtuellen Maschine ist, und die erste Zieladresse eine Adresse einer zweiten virtuellen Maschine ist, wobei die erste virtuelle Maschine von einem ersten physischen Server virtualisiert wird und die zweite virtuelle Maschine von einem zweiten physischen Server virtualisiert wird;

eine erste Erhaltungseinheit (402), die konfiguriert ist, um eine Aktiv-Aktiv-Zugriffskonfigurationsinformationenliste zu erhalten, nachdem die erste Empfangseinheit (401) das erste Paket empfangen hat, wobei die Aktiv-Aktiv-Zugriffskonfigurationsinformationenliste einen ersten Eintrag und einen zweiten Eintrag umfasst; wobei der erste Eintrag eine Kennung einer ersten Aktiv-Aktiv-Gruppe, eine virtuelle Netzwerkinstanz und eine Kennung einer ersten Netzwerkvirtualisierungskanten(NVE)vorrichtung umfasst, und der zweite Eintrag eine Kennung einer zweiten Aktiv-Aktiv-Gruppe, die virtuelle Netzwerkinstanz, und Kennungen von wenigstens zwei NVE-Vorrichtungen umfasst, die zu der zweiten Aktiv-Aktiv-Gruppe gehören, und wobei die erste Erhaltungseinheit konfiguriert ist, um die Aktiv-Aktiv-Zugriffskonfigurationsinformationenliste durch Empfangen der Aktiv-Aktiv-Zugriffskonfigurationsinformationenliste zu erhalten;

eine zweite Erhaltungseinheit (403), die konfiguriert ist, um gemäß dem ersten Eintrag und der Kennung der ersten NVE-Vorrichtung die virtuelle Netzwerkinstanz aus der Aktiv-Aktiv-Zugriffskonfigurationsinformationenliste zu erhalten, die von der ersten Erhaltungseinheit (402) erhalten wurde;

eine Sucheinheit (404), die konfiguriert ist, um nach wenigstens einer Aktiv-Aktiv-Gruppe zu suchen, die der virtuellen Netzwerkinstanz in der Aktiv-Aktiv-Zugriffskonfigurationsinformationenliste entspricht, die von der ersten Erhaltungseinheit (402) erhalten wird, wobei die wenigstens eine Aktiv-Aktiv-Gruppe die zweite Aktiv-Aktiv-Gruppe umfasst; und

Auswählen einer zweiten NVE-Vorrichtung aus den wenigstens zwei NVE-Vorrichtungen, die zu der zweiten Aktiv-Aktiv-Gruppe gehören;

eine Einkapselungseinheit (405), die konfiguriert ist, um das erste Packet durch Verwenden einer Kennung der zweiten NVE-Vorrichtung und der virtuellen Netzwerkinstanz einzukapseln; und

eine erste Sendeeinheit (406), die konfiguriert ist, um das erste von der Einkapselungseinheit (405) eingekapselte Paket über die zweite NVE-Vorrichtung an die zweite virtuelle Maschine zu senden.


 
8. Einrichtung nach Anspruch 7, wobei:
die zweite Erhaltungseinheit (402) speziell konfiguriert ist, um die Aktiv-Aktiv-Zugriffskonfigurationsinformationenliste von einer Steuervorrichtung zu empfangen.
 
9. Einrichtung nach Anspruch 7 oder 8, wobei:
die Aktiv-Aktiv-Zugriffskonfigurationsinformationenliste, die von der ersten Erhaltungseinheit (402) erhalten wurde, in einer Yet Another Next Generation(YANG)-Sprache beschrieben wird und der erste Eintrag die Kennung der ersten Aktiv-Aktiv-Gruppe, die virtuelle Netzwerkinstanz und die Kennung der ersten NVE-Vorrichtung durch Verwenden einer baumähnlichen Struktur trägt, wobei die Kennung der ersten Aktiv-Aktiv-Gruppe ein Wurzelknoten ist und die Kennung der ersten NVE-Vorrichtung und der virtuellen Netzwerkinstanz Unterknoten sind.
 
10. Vorrichtung nach einem der Ansprüche 7 bis 9, wobei die Aktiv-Aktiv-Zugriffskonfigurationsinformationenliste ferner einen dritten Eintrag umfasst, wobei der dritten Eintrag eine Kennung einer dritten Aktiv-Aktiv-Gruppe, die virtuelle Netzwerkinstanz und Kennungen von wenigstens zwei NVE-Vorrichtungen umfasst, die zu der dritten Aktiv-Aktiv-Gruppe gehören; und
die wenigstens eine Aktiv-Aktiv-Gruppe die zweite Aktiv-Aktiv-Gruppe und die dritte Aktiv-Aktiv-Gruppe umfasst; und
die erste Sendungseinheit (406) speziell konfiguriert ist, um zu bestimmen, ob der zweite Eintrag ferner die Adresse der zweiten virtuellen Maschine umfasst; und
sofern der zweite Eintrag ferner die Adresse der zweiten virtuellen Maschine umfasst, Suchen nach der zweiten Aktiv-Aktiv-Gruppe, die der Adresse der zweiten virtuellen Maschine entspricht, und Senden des eingekapselten Pakets zu der zweiten NVE- Vorrichtung.
 
11. Einrichtung nach Anspruch 10, wobei:
die erste Sendeeinheit (406) ferner für Folgendes konfiguriert ist:
wenn der zweite Eintrag nicht die Adresse der zweiten virtuellen Maschine umfasst, Senden des eingekapselten ersten Pakets zu den wenigstens zwei NVE-Vorrichtungen, die zu der zweiten Aktiv-Aktiv-Gruppe gehören, und den wenigstens zwei NVE-Vorrichtungen, die zu der dritten Aktiv-Aktiv-Gruppe gehören.
 
12. Vorrichtung nach einem der Ansprüche 7 bis 11, wobei der erste Eintrag die Kennung der ersten Aktiv-Aktiv-Gruppe, die virtuelle Netzwerkinstanz, die Kennung der ersten NVE-Vorrichtung und die Adresse der ersten virtuellen Maschine umfasst, und wobei die Einrichtung ferner Folgendes umfasst:

eine zweite Empfangseinheit, die konfiguriert ist, um ein von der NVE-Vorrichtung gesendetes zweites Paket zu empfangen, wobei das zweite Paket die Kennung der ersten NVE-Vorrichtung, die virtuelle Netzwerkinstanz, eine zweite Quelladresse und eine zweite Zieladresse umfasst, wobei die zweite Quelladresse eine Adresse einer dritten virtuellen Maschine ist, die zweite Zieladresse die Adresse der ersten virtuellen Maschine ist und die dritte virtuelle Maschine von einem dritten physischen Server virtualisiert wird;

eine Entkapselungseinheit, die konfiguriert ist, um das zweite Paket zu entkapseln, um ein entkapseltes zweites Paket zu erhalten, wobei das entkapselte zweite Paket die zweite Quelladresse und die zweite Zieladresse umfasst;

eine Bestimmungseinheit, die konfiguriert ist, um zu bestimmen, ob die zweite Zieladresse die Adresse der ersten virtuellen Maschinen in dem ersten Eintrag ist; und

eine zweite Sendeeinheit, die für Folgendes konfiguriert ist:
wenn die Bestimmungseinheit bestimmt, dass die zweite Zieladresse die Adresse der ersten virtuellen Maschine in dem ersten Eintrag ist, Senden des entkapselten zweiten Pakets gemäß der zweiten Zieladresse.


 


Revendications

1. Procédé de transmission de paquets, le procédé comprenant :

la réception (101), par un premier dispositif d'accès de virtualisation de réseau, NVE, d'un premier paquet, le premier paquet comprenant une première adresse source et une première adresse de destination, la première adresse source étant une adresse d'une première machine virtuelle, et la première adresse de destination étant une adresse d'une deuxième machine virtuelle, la première machine virtuelle étant virtualisée par un premier serveur physique et la deuxième machine virtuelle étant virtualisée par un deuxième serveur physique ;

l'obtention (102), par le premier dispositif NVE, d'une liste d'informations de configuration d'accès active-active, la liste d'informations de configuration d'accès active-active comprenant une première entrée et une deuxième entrée, la première entrée comprenant un identifiant d'un premier groupe actif-actif, une instance de réseau virtuel et un identifiant du premier dispositif NVE, et la deuxième entrée comprenant un identifiant d'un deuxième groupe actif-actif, l'instance de réseau virtuel et les identifiants d'au moins deux dispositifs NVE qui appartiennent au deuxième groupe actif-actif, et la liste d'informations de configuration d'accès active-active étant obtenue en recevant la liste d'informations de configuration d'accès active-active ;

l'obtention (103), par le premier dispositif NVE, de l'instance de réseau virtuel selon la première entrée et l'identifiant du premier dispositif NVE ;

la recherche (104), par le premier dispositif NVE, d'au moins un groupe actif-actif correspondant à l'instance de réseau virtuel, l'au moins un groupe actif-actif comprenant le deuxième groupe actif-actif ; et

la sélection d'un second dispositif NVE parmi les au moins deux dispositifs NVE appartenant au deuxième groupe actif-actif ; et

l'encapsulation (105), par le premier dispositif NVE, du premier paquet en utilisant un identifiant du second dispositif NVE et l'instance de réseau virtuel, et l'envoi du premier paquet encapsulé à la deuxième machine virtuelle par l'intermédiaire du second dispositif NVE.


 
2. Procédé selon la revendication 1, dans lequel l'obtention, par le premier dispositif NVE, d'une liste d'informations de configuration d'accès active-active comprend :
la réception, par le premier dispositif NVE, de la liste d'informations de configuration d'accès active-active en provenance d'un contrôleur.
 
3. Procédé selon la revendication 1 ou 2, dans lequel la liste d'informations de configuration d'accès active-active est décrite en langage dit Yet Another Next Generation, YANG, et la première entrée étant porteuse de l'identifiant du premier groupe actif-actif, de l'instance de réseau virtuel et de l'identifiant du premier dispositif NVE en utilisant une structure arborescente, l'identifiant du premier groupe actif-actif étant un nœud racine, et l'identifiant du premier dispositif NVE et l'instance de réseau virtuel étant des sous-nœuds.
 
4. Procédé selon l'une quelconque des revendications 1 à 3, dans lequel la liste d'informations de configuration d'accès active-active comprend en outre une troisième entrée, dans lequel la troisième entrée comprend un identifiant d'un troisième groupe actif-actif, l'instance de réseau virtuel et des identifiants d'au moins deux dispositifs NVE qui appartiennent au troisième groupe actif-actif ; et
l'au moins un groupe actif-actif comprend le deuxième groupe actif-actif et le troisième groupe actif-actif ; et
l'envoi du premier paquet encapsulé au second dispositif NVE comprend :
la détermination, par le premier dispositif NVE, du fait de savoir si la deuxième entrée comprend en outre l'adresse de la deuxième machine virtuelle ; et
si la deuxième entrée comprend en outre l'adresse de la deuxième machine virtuelle, la recherche, par le premier dispositif NVE, du deuxième groupe actif-actif correspondant à l'adresse de la deuxième machine virtuelle, et l'envoi du premier paquet encapsulé au second dispositif NVE.
 
5. Procédé selon la revendication 4, le procédé comprenant en outre :
si la deuxième entrée ne comprend pas l'adresse de la deuxième machine virtuelle, l'envoi, par le premier dispositif NVE, du premier paquet encapsulé auxdits au moins deux dispositifs NVE appartenant au deuxième groupe actif-actif, et auxdits au moins deux dispositifs NVE appartenant au troisième groupe actif-actif.
 
6. Procédé selon l'une quelconque des revendications 1 à 5, dans lequel la première entrée comprend l'identifiant du premier groupe actif-actif, l'instance de réseau virtuel, l'identifiant du premier dispositif NVE et l'adresse de la première machine virtuelle, et le procédé comprend en outre :

la réception (201), par le premier dispositif NVE, d'un second paquet envoyé par un quatrième dispositif NVE, le second paquet comprenant l'identifiant du premier dispositif NVE, l'instance de réseau virtuel, une seconde adresse source et une seconde adresse de destination, la seconde adresse source étant une adresse d'une troisième machine virtuelle, la seconde adresse de destination étant l'adresse de la première machine virtuelle, et la troisième machine virtuelle étant virtualisée par un troisième serveur physique ;

la décapsulation (202), par le premier dispositif NVE, du second paquet pour obtenir un second paquet décapsulé, le second paquet décapsulé comprenant la seconde adresse source et la seconde adresse de destination ;

la détermination (203), par le premier dispositif NVE, du fait de savoir si la seconde adresse de destination est l'adresse de la première machine virtuelle dans la première entrée ; et

si la seconde adresse de destination est l'adresse de la première machine virtuelle dans la première entrée, l'envoi (204), par le premier dispositif NVE, du second paquet décapsulé selon la seconde adresse de destination.


 
7. Appareil de transmission de paquets, l'appareil comprenant :

une première unité de réception (401), configurée pour recevoir un premier paquet, le premier paquet comprenant une première adresse source et une première adresse de destination, la première adresse source étant une adresse d'une première machine virtuelle, et la première adresse de destination étant une adresse d'une deuxième machine virtuelle, la première machine virtuelle étant virtualisée par un premier serveur physique et la deuxième machine virtuelle étant virtualisée par un deuxième serveur physique ;

une première unité d'obtention (402), configurée pour obtenir une liste d'informations de configuration d'accès active-active après que la première unité de réception (401) a reçu le premier paquet, la liste d'informations de configuration d'accès active-active comprenant une première entrée et une deuxième entrée, la première entrée comprenant un identifiant d'un premier groupe actif-actif, une instance de réseau virtuel et un identifiant d'un premier dispositif d'accès de virtualisation de réseau, NVE, et la deuxième entrée comprenant un identifiant d'un deuxième groupe actif-actif, l'instance de réseau virtuel et des identificateurs d'au moins deux dispositifs NVE qui appartiennent au deuxième groupe actif-actif, et la première unité d'obtention étant configurée pour obtenir la liste d'informations de configuration d'accès active-active en recevant la liste d'informations de configuration d'accès active-active ;

une seconde unité d'obtention (403), configurée pour obtenir, selon la première entrée et l'identifiant du premier dispositif NVE, l'instance de réseau virtuel issue de la liste d'informations de configuration d'accès active-active obtenue par la première unité d'obtention (402) ;

une unité de recherche (404), configurée pour rechercher au moins un groupe actif-actif correspondant à l'instance de réseau virtuel dans la liste d'informations de configuration d'accès active-active obtenue par la première unité d'obtention (402), l'au moins un groupe actif-actif comprenant le deuxième groupe actif-actif ; et

sélectionner un second dispositif NVE parmi les au moins deux dispositifs NVE appartenant au deuxième groupe actif-actif ;

une unité d'encapsulation (405), configurée pour encapsuler le premier paquet en utilisant un identifiant du second dispositif NVE et l'instance de réseau virtuel ; et

une première unité d'envoi (406), configurée pour envoyer le premier paquet encapsulé par l'unité d'encapsulation (405) à la deuxième machine virtuelle par l'intermédiaire du second dispositif NVE.


 
8. Appareil selon la revendication 7, dans lequel :
la première unité d'obtention (402) est configurée spécifiquement pour recevoir la liste d'informations de configuration d'accès active-active en provenance d'un contrôleur.
 
9. Appareil selon la revendication 7 ou 8, dans lequel :
la liste d'informations de configuration d'accès active-active obtenue par la première unité d'obtention (402) est décrite en langage dit Yet Another Next Generation, YANG, et la première entrée est porteuse de l'identifiant du premier groupe actif-actif, de l'instance de réseau virtuel et de l'identifiant du premier dispositif NVE en utilisant une structure arborescente, l'identifiant du premier groupe actif-actif étant un nœud racine, et l'identifiant du premier dispositif NVE et l'instance de réseau virtuel étant des sous-nœuds.
 
10. Appareil selon l'une quelconque des revendications 7 à 9, dans lequel la liste d'informations de configuration d'accès active-active comprend en outre une troisième entrée, dans lequel la troisième entrée comprend un identifiant d'un troisième groupe actif-actif, l'instance de réseau virtuel et des identifiants d'au moins deux dispositifs NVE qui appartiennent au troisième groupe actif-actif ; et
l'au moins un groupe actif-actif comprend le deuxième groupe actif-actif et le troisième groupe actif-actif ; et
la première unité d'envoi (406) est configurée spécifiquement pour déterminer si la deuxième entrée comprend en outre l'adresse de la deuxième machine virtuelle ; et
lorsque la deuxième entrée comprend en outre l'adresse de la deuxième machine virtuelle, rechercher le deuxième groupe actif-actif correspondant à l'adresse de la deuxième machine virtuelle, et envoyer le premier paquet encapsulé au second dispositif NVE.
 
11. Appareil selon la revendication 10, dans lequel :
la première unité d'envoi (406) est en outre configurée pour :
lorsque la deuxième entrée ne comprend pas l'adresse de la deuxième machine virtuelle, envoyer le premier paquet encapsulé auxdits au moins deux dispositifs NVE appartenant au deuxième groupe actif-actif et auxdits au moins deux dispositifs NVE appartenant au troisième groupe actif-actif.
 
12. Appareil selon l'une quelconque des revendications 7 à 11, dans lequel la première entrée comprend l'identifiant du premier groupe actif-actif, l'instance de réseau virtuel, l'identifiant du premier dispositif NVE et l'adresse de la première machine virtuelle, et l'appareil comprend en outre :

une seconde unité de réception, configurée pour recevoir un second paquet envoyé par un quatrième dispositif NVE, le second paquet comprenant l'identifiant du premier dispositif NVE, l'instance de réseau virtuel, une seconde adresse source et une seconde adresse de destination, la seconde adresse source étant une adresse d'une troisième machine virtuelle, la seconde adresse de destination étant l'adresse de la première machine virtuelle, et la troisième machine virtuelle étant virtualisée par un troisième serveur physique ;

une unité de décapsulation, configurée pour décapsuler le second paquet pour obtenir un second paquet décapsulé, le second paquet décapsulé comprenant la seconde adresse source et la seconde adresse de destination ;

une unité de détermination, configurée pour déterminer si la seconde adresse de destination est l'adresse de la première machine virtuelle dans la première entrée ; et

une seconde unité d'envoi, configurée pour :
lorsque l'unité de détermination détermine que la seconde adresse de destination est l'adresse de la première machine virtuelle dans la première entrée, envoyer le second paquet décapsulé selon la seconde adresse de destination.


 




Drawing