Unlock instant, AI-driven research and patent intelligence for your innovation.

Method for solving multi-network card traffic by using security group

A security group and multi-network card technology, applied in the computer field, can solve problems such as traffic discarding

Active Publication Date: 2021-12-24
UNICLOUD (NANJING) DIGITAL TECH CO LTD
View PDF9 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0004] The purpose of the present invention is to provide a method of using a security group to solve multi-network card traffic, aiming to solve the technical problem in the prior art that the current traffic is discarded when the traffic of the second network card is accessed externally

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Method for solving multi-network card traffic by using security group
  • Method for solving multi-network card traffic by using security group
  • Method for solving multi-network card traffic by using security group

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0019] see Figure 1 to Figure 3 , the present invention provides a method for using a security group to solve multi-network card traffic, comprising the following steps:

[0020] S1: Use the cloud host to bind the network card of the same network segment;

[0021] S2: Unbind the IP and MAC in the flow table of the main network card;

[0022] S3: Deliver the security group of the second network card to the corresponding entry of the primary network card, and add the source IP limit value to the flow table.

[0023] First use the cloud host to bind the network card of the same network segment. For example, the network segment is: 172.16.0.0 / 24, the IP address of the main network card is 172.16.0.2, and the IP address of the second network card is: any one of 172.16.0.3 to 172.16.0.23 Address, when accessing the second network card, unbind the IP and MAC in the flow table of the main network card, and there is no need to match the IP address in the ovs flow table, so as to ens...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention relates to the technical field of computers, in particular to a method for solving multi-network card traffic by using a security group. Binding network cards of the same network segment by using the cloud host; unbinding the IP and the MAC in the main network card flow table; and issuing the security group of the second network card to an entrance corresponding to the main network card, adding a source IP limit value in the flow table, and by adding a new matching rule, taking the source IP as a matching item in the ovs flow table, so that the current flow is prevented from being discarded when the flow of the second network card is accessed externally.

Description

technical field [0001] The invention relates to the field of computer technology, in particular to a method for solving multi-network card traffic by using a security group. Background technique [0002] The security group function mainly provides protection on the host side, and ensures strict control of access to virtual machines in the data center by filtering packet protocols and ports. After the security group is created, users can define various access rules in the security group. When the cloud server joins the security group, it will be protected by these access rules. [0003] When the host is a host with dual network cards, and both network cards are in the same network segment, when the second network card is accessed externally, since they have the same gateway 172.16.0.1, the corresponding traffic goes through the first network card. Due to the limitation of the flow table, only the network card connected to it is allowed to go out. At this time, it will match ...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Applications(China)
IPC IPC(8): H04L29/06H04L12/741H04L29/12H04L45/74
CPCH04L63/0236H04L45/745H04L2101/622
Inventor 刘立京
Owner UNICLOUD (NANJING) DIGITAL TECH CO LTD