A virtual machine isolation method and device

A technology of isolation device and virtual machine, applied in the field of communication, can solve the problem that the data center cannot perform security isolation protection, and achieve the effect of improving application flexibility and security

Active Publication Date: 2019-08-06
HANGZHOU DPTECH TECH
View PDF9 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0004] In view of this, the present invention provides a virtual machine isolation method and device to solve the problem that the data center cannot perform security isolation protection

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • A virtual machine isolation method and device
  • A virtual machine isolation method and device
  • A virtual machine isolation method and device

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0040] Please refer to figure 1 , is a schematic diagram of a network in the prior art, in which one side of the gateway is connected to the user's PC, the other side is connected to a switch, the switch is connected to a physical server, and vPC1 and vPC2 are virtual machines in the physical server. Since vPC1 and vPC2 provide services for different tenants or services, for the sake of communication security, traffic between virtual machines is not allowed to communicate directly at Layer 2. In order to isolate traffic between vPC1 and vPC2, a private VLAN needs to be configured for each virtual machine on the physical server and switch. In the prior art, after the traffic in the private VLAN is transparently transmitted to the switch, the switch will upload the traffic to the gateway through the promiscuous port P1 to realize the communication between the virtual machine and the gateway. However, the promiscuous port P1 is usually bound to a private VLAN, so the traffic sen...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The present invention provides a virtual machine isolation method and device. The method is applied to network forwarding equipment. The network forwarding equipment includes service boards and ports, and multiple private VLANs are pre-configured on the service boards. The method includes : When the port receives the upstream traffic sent by the virtual machine, it forwards the upstream traffic to the service board; when the service board receives the upstream traffic, it replaces the sub-VLAN tag in the upstream traffic with the private The private VLAN tag corresponding to the VLAN; the service board forwards the replaced upstream traffic to the upper-layer network forwarding device. Therefore, the present invention can realize the identification of different private VLANs by a single physical port, and can be applied to the security isolation networking environment of virtual machines, thereby improving the application flexibility and security of the data center.

Description

technical field [0001] The present invention relates to the field of communication technologies, and in particular, to a method and device for isolating a virtual machine. Background technique [0002] With the continuous development of network technology, virtual machines gradually replace traditional devices to provide users with business services. Building a data center through virtual machines can reduce procurement, operation and maintenance costs, improve system efficiency, simplify device management, and provide the system with elastic expansion capabilities. [0003] Since traditional information security protection methods are not suitable for virtual machines, the virtual data center cannot be protected by security isolation, which is likely to cause security risks to users. SUMMARY OF THE INVENTION [0004] In view of this, the present invention provides a virtual machine isolation method and device to solve the problem that the data center cannot perform secur...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Patents(China)
IPC IPC(8): H04L29/06H04L12/723H04L12/911H04L45/50
CPCH04L45/50H04L47/825H04L63/02H04L63/101H04L12/4641
Inventor 张鹏
Owner HANGZHOU DPTECH TECH
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap