Virtual machine isolation method and device

A virtual machine and configuration unit technology, applied in the field of communication, can solve the problem that the data center cannot be isolated and protected, and achieve the effect of improving application flexibility and security

Active Publication Date: 2016-09-14
HANGZHOU DPTECH TECH
View PDF9 Cites 2 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0004] In view of this, the present invention provides a virtual machine isolation method and device to solve the problem that the data center cannot perform security isolation protection

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Virtual machine isolation method and device
  • Virtual machine isolation method and device
  • Virtual machine isolation method and device

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0040] Please refer to figure 1 , is a schematic diagram of a network in the prior art, wherein one side of the gateway is connected to the user's PC, and the other side is connected to the switch, the switch is connected to the physical server, and vPC1 and vPC2 are virtual machines in the physical server. Because vPC1 and vPC2 provide services for different tenants or services, for communication security reasons, traffic between VMs is not allowed to communicate directly at Layer 2. To isolate traffic between vPC1 and vPC2, you need to configure private VLANs for each virtual machine on the physical server and switch. In the prior art, after the traffic in the private VLAN is transparently transmitted to the switch, the switch will send it to the gateway through the promiscuous port P1 to realize the communication between the virtual machine and the gateway. However, the promiscuous port P1 is usually bound to a private VLAN, so the traffic sent by the virtual machine to th...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention provides a virtual machine isolation method and a virtual machine isolation device. The method is applied to a network forwarding device that comprises a business board card and a port, and a plurality of private VLANs are pre-configured on the business board card. The method comprises the steps that when receiving uplink data sent by a virtual machine, the port forwards the uplink data to the business board card; when receiving the uplink data, the business board card replaces a sub-VLAN label in the uplink traffic with a private VLAN label corresponding to the private VLAN to which the sub-VLAN belongs; and the business board card forwards the replaced uplink data to an upper network forwarding device. Therefore, the method can achieve that the single physical port can identify different private VLANs, and can be applied to the security isolation networking environment of the virtual machine, thus improving the application flexibility and security of the data center.

Description

technical field [0001] The present invention relates to the field of communication technology, in particular to a virtual machine isolation method and device. Background technique [0002] With the continuous development of network technology, virtual machines gradually replace traditional devices to provide business services for users. Building a data center through a virtual machine can reduce procurement, operation and maintenance costs, improve system efficiency, simplify device management, and provide elastic scalability for the system. [0003] Because traditional information security protection methods are not suitable for virtual machines, virtual data centers cannot be isolated and protected, which may easily cause security risks to users. Contents of the invention [0004] In view of this, the present invention provides a virtual machine isolation method and device to solve the problem that the data center cannot perform security isolation protection. [0005] ...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): H04L29/06H04L12/723H04L12/911H04L45/50
CPCH04L45/50H04L47/825H04L63/02H04L63/101H04L12/4641
Inventor 张鹏
Owner HANGZHOU DPTECH TECH
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap