Data forwarding method, apparatus, device, storage medium, and program product

By establishing multiple network element clusters in the cloud computing platform and adopting equal-cost routing data and flow control strategies, the master-master working state of virtual network elements is realized, which solves the problem of low data forwarding reliability caused by the virtual network element configuration method and improves the reliability and capacity of the network.

CN119484399BActive Publication Date: 2026-06-19CHINA TELECOM CLOUD TECH CO LTD

Patent Information

Authority / Receiving Office
CN · China
Patent Type
Patents(China)
Current Assignee / Owner
CHINA TELECOM CLOUD TECH CO LTD
Filing Date
2024-12-03
Publication Date
2026-06-19

AI Technical Summary

Technical Problem

The existing configuration of virtual network elements results in low data forwarding reliability of cloud computing platforms. In particular, when the scale of cloud computing platforms expands, the interruption time of primary and backup switching causes network reliability problems.

Method used

By establishing multiple network element clusters in the cloud computing platform, each cluster contains multiple virtual network elements. Using equal-cost routing data and traffic control strategies, the virtual network elements achieve a master-master working state, with multiple network elements processing network traffic simultaneously, avoiding interruptions during master-slave switching.

Benefits of technology

It improves the reliability of data forwarding, meets the high capacity requirements of the network, avoids downtime caused by primary/backup switching, and enhances the overall reliability of the network.

✦ Generated by Eureka AI based on patent content.

Smart Images

  • Figure CN119484399B_ABST
    Figure CN119484399B_ABST
Patent Text Reader

Abstract

This application relates to a data forwarding method, apparatus, device, storage medium, and program product. The method includes: acquiring data to be forwarded; determining the IP address of a target network element cluster from multiple network element clusters based on the destination address of the data; acquiring equivalent routing data corresponding to the target network element cluster, the equivalent routing data including a mapping relationship between the cluster IP address of the target network element cluster and the IP addresses of each included virtual network element; determining the IP address of a target virtual network element from among the multiple virtual network elements included in the target network element cluster based on the equivalent routing data; and sending the data to the target virtual network element according to the IP address of the target virtual network element, so that the target virtual network element can forward the data according to a routing policy. This method can improve the reliability of data forwarding.
Need to check novelty before this filing date? Find Prior Art

Description

Technical Field

[0001] This application relates to the field of computer network technology, and in particular to a data forwarding method, apparatus, device, storage medium, and program product. Background Technology

[0002] With the rapid development of cloud computing technology, more and more enterprises are choosing to use open-source cloud computing platforms to build and manage their cloud infrastructure. As a leading open-source cloud computing platform, OpenStack's modular design and flexible architecture make it an ideal choice for building public cloud, private cloud, and hybrid cloud environments.

[0003] OpenStack uses virtual network elements to implement Layer 3 communication between different subnets within a Virtual Private Cloud (VPN) and with networks outside the VPN. However, as cloud computing platforms continue to expand in scale, the existing configuration of virtual network elements results in low reliability of data forwarding. Summary of the Invention

[0004] Therefore, it is necessary to provide a data forwarding method, apparatus, device, storage medium, and program product that can improve the reliability of data forwarding in response to the above-mentioned technical problems.

[0005] Firstly, this application provides a data forwarding method for use in a target data forwarding device within a cloud computing platform. The cloud computing platform includes multiple data forwarding devices, and the target data forwarding device is any one of these multiple data forwarding devices. All or part of the multiple data forwarding devices are deployed with virtual network elements. The multiple virtual network elements deployed in the cloud computing platform form multiple network element clusters, and each network element cluster includes multiple virtual network elements, including:

[0006] Get the data to be forwarded;

[0007] The IP address of the target network element cluster is determined from multiple network element clusters based on the destination address of the data;

[0008] Obtain the equivalent routing data corresponding to the target network element cluster. The equivalent routing data includes the mapping relationship between the cluster IP address of the target network element cluster and the IP addresses of each virtual network element included.

[0009] Based on the equivalent routing data, the IP address of the target virtual network element is determined from the multiple virtual network elements included in the target network element cluster. Data is then sent to the target virtual network element based on its IP address, so that the target virtual network element can forward the data according to the routing policy.

[0010] In one embodiment, determining the IP address of the target network element cluster from multiple network element clusters based on the destination address of the data includes:

[0011] If the data is sent from the cloud computing platform to the external network, the internal network cluster IP address corresponding to the target network element cluster is determined from multiple network element clusters based on the destination address of the data; if the data is sent from the external network to the cloud computing platform, the external network cluster IP address corresponding to the target network element cluster is determined from multiple network element clusters based on the destination address of the data.

[0012] In one embodiment, obtaining the equivalent routing data corresponding to the target network element cluster includes: if the data is sent from the cloud computing platform to the external network, obtaining the internal network equivalent routing data corresponding to the target network element cluster, wherein the internal network equivalent routing data includes the mapping relationship between the internal network cluster IP address of the target network element cluster and the internal network IP addresses of each included virtual network element; if the data is sent from the external network to the cloud computing platform, obtaining the external network equivalent routing data corresponding to the target network element cluster, wherein the external network equivalent routing data includes the mapping relationship between the external network cluster IP address of the target network element cluster and the external network IP addresses of each included virtual network element.

[0013] In one embodiment, the configuration process for equal-cost routing data includes:

[0014] Configure a host for each virtual network element, where virtual network elements on the same host are configured to belong to the same network element cluster; configure an internal network cluster IP address and an external network cluster IP address for each network element cluster, and configure an internal network IP address and an external network IP address for each virtual network element; for each network element cluster, establish OSPF neighbor relationships between the network element cluster and each virtual network element based on the internal network cluster IP address and the internal network IP addresses of each virtual network element included in the network element cluster, and generate internal network equivalent cost route data; for each network element cluster, establish OSPF neighbor relationships between the network element cluster and each virtual network element based on the external network cluster IP address and the external network IP addresses of each virtual network element included in the network element cluster, and generate external network equivalent cost route data.

[0015] In one embodiment, determining the IP address of the target virtual network element from among the multiple virtual network elements included in the target network element cluster includes:

[0016] Obtain the preset traffic control policy; determine the IP address of the target virtual network element from multiple virtual network elements according to the traffic control policy.

[0017] In one embodiment, after obtaining the data to be forwarded, the method further includes:

[0018] Address translation that performs stateless tracking of data includes source address translation and destination address translation.

[0019] Secondly, this application also provides a data forwarding device for use in a target data forwarding device within a cloud computing platform. The cloud computing platform includes multiple data forwarding devices, and the target data forwarding device is any one of the multiple data forwarding devices. All or part of the multiple data forwarding devices are deployed with virtual network elements. The multiple virtual network elements deployed in the cloud computing platform form multiple network element clusters, and each network element cluster includes multiple virtual network elements, including:

[0020] The first acquisition module is used to acquire the data to be forwarded.

[0021] The first determining module is used to determine the IP address of the target network element cluster from multiple network element clusters based on the destination address of the data.

[0022] The second acquisition module is used to acquire the equivalent routing data corresponding to the target network element cluster. The equivalent routing data includes the mapping relationship between the cluster IP address of the target network element cluster and the IP addresses of each virtual network element included.

[0023] The second determining module is used to determine the IP address of the target virtual network element from among the multiple virtual network elements included in the target network element cluster based on the equivalent routing data, and to send data to the target virtual network element according to the IP address of the target virtual network element so that the target virtual network element can forward the data according to the routing policy.

[0024] In one embodiment, the first determining module is specifically used to determine the internal network cluster IP address corresponding to the target network element cluster from multiple network element clusters based on the destination address of the data if the data is sent from the cloud computing platform to the external network; and to determine the external network cluster IP address corresponding to the target network element cluster from multiple network element clusters based on the destination address of the data if the data is sent from the external network to the cloud computing platform.

[0025] In one embodiment, the second acquisition module is specifically used to acquire, if the data is sent from the cloud computing platform to the external network, the intranet equivalent routing data corresponding to the target network element cluster, the intranet equivalent routing data including the mapping relationship between the intranet cluster IP address of the target network element cluster and the intranet IP addresses of each included virtual network element; if the data is sent from the external network to the cloud computing platform, the external network equivalent routing data corresponding to the target network element cluster, the external network equivalent routing data including the mapping relationship between the external cluster IP address of the target network element cluster and the external IP addresses of each included virtual network element.

[0026] In one embodiment, the data forwarding device further includes a configuration module, which is used to configure a host for each virtual network element, wherein virtual network elements with the same host are configured to belong to the same network element cluster; configure an internal network cluster IP address and an external network cluster IP address for each network element cluster, and configure an internal network IP address and an external network IP address for each virtual network element; for each network element cluster, establish an OSPF neighbor relationship between the network element cluster and each virtual network element based on the internal network cluster IP address and the internal network IP address of each virtual network element included in the network element cluster, and generate internal network equivalent cost route data; for each network element cluster, establish an OSPF neighbor relationship between the network element cluster and each virtual network element based on the external network cluster IP address and the external network IP address of each virtual network element included in the network element cluster, and generate external network equivalent cost route data.

[0027] In one embodiment, the second determining module is specifically used to obtain a preset traffic control policy; and determine the IP address of the target virtual network element from multiple virtual network elements according to the traffic control policy.

[0028] In one embodiment, the first acquisition module is further configured to perform stateless address translation on the data, the address translation including source address translation and destination address translation.

[0029] Thirdly, this application also provides a data forwarding device, including a memory and a processor, wherein the memory stores a computer program, and the processor executes the computer program to implement the steps described in any of the above method embodiments.

[0030] Fourthly, this application also provides a computer-readable storage medium having a computer program stored thereon, which, when executed by a processor, implements the steps described in any of the above method embodiments.

[0031] Fifthly, this application also provides a computer program product, including a computer program that, when executed by a processor, implements the steps described in any of the above method embodiments.

[0032] The aforementioned data forwarding method, apparatus, device, storage medium, and program product acquire the data to be forwarded, determine the IP address of the target network element cluster from multiple network element clusters based on the destination address of the data, obtain the equivalent routing data corresponding to the target network element cluster (including the mapping relationship between the cluster IP address of the target network element cluster and the IP addresses of each included virtual network element), determine the IP address of the target virtual network element from the multiple virtual network elements included in the target network element cluster based on the equivalent routing data, and send the data to the target virtual network element according to the target virtual network element's IP address, so that the target virtual network element can forward the data according to the routing policy. In this way, by establishing multiple network element clusters, with each network element cluster including multiple virtual network elements, a master-master working state for virtual network elements can be achieved. Multiple virtual network elements can be in working state simultaneously, jointly bearing network traffic and service responsibilities. Compared to the master-slave working state of virtual network elements, multiple network elements processing services simultaneously avoid the problem of low data forwarding reliability due to the interruption time of master-slave switching, effectively improving the reliability of data forwarding while meeting the requirements of high network capacity. Attached Figure Description

[0033] To more clearly illustrate the technical solutions in the embodiments of this application or related technologies, the drawings used in the description of the embodiments of this application or related technologies will be briefly introduced below. Obviously, the drawings described below are only some embodiments of this application. For those skilled in the art, other related drawings can be obtained based on these drawings without creative effort.

[0034] Figure 1 This is a diagram illustrating the application environment of a data forwarding method in one embodiment.

[0035] Figure 2 This is a flowchart illustrating a data forwarding method in one embodiment;

[0036] Figure 3 This is a flowchart illustrating the configuration process of equal-cost routing data in one embodiment;

[0037] Figure 4 This is a flowchart illustrating the steps for determining the IP address of a target virtual network element in one embodiment.

[0038] Figure 5 This is a flowchart illustrating the data forwarding method in another embodiment;

[0039] Figure 6 This is a flowchart illustrating the data forwarding method in another embodiment;

[0040] Figure 7 This is a structural block diagram of a data forwarding device in one embodiment;

[0041] Figure 8 This is an internal structure diagram of a data forwarding device in one embodiment. Detailed Implementation

[0042] To make the objectives, technical solutions, and advantages of this application clearer, the following detailed description is provided in conjunction with the accompanying drawings and embodiments. It should be understood that the specific embodiments described herein are merely illustrative and not intended to limit the scope of this application.

[0043] With the rapid development of cloud computing technology, more and more enterprises are choosing to use open-source cloud computing platforms to build and manage their cloud infrastructure. As a leading open-source cloud computing platform, OpenStack's modular design and flexible architecture make it an ideal choice for building public cloud, private cloud, and hybrid cloud environments.

[0044] OpenStack uses virtual network elements to implement Layer 3 communication between different subnets within a Virtual Private Cloud (VPN) and with networks outside the VPN. However, as cloud computing platforms continue to expand in scale, the existing configuration of virtual network elements results in low reliability of data forwarding.

[0045] In view of this, this application provides a data forwarding method that can improve the reliability of data forwarding. The data forwarding method provided in the embodiments of this application can be executed by a data forwarding device. This data forwarding method device can be implemented by software, hardware, or a combination of software and hardware. It can be embedded in the processor of the data forwarding device in hardware form or stored in the memory of the data forwarding device in software form. In the following method embodiments, the execution subject is a data forwarding device as an example for description.

[0046] The following describes the system architecture of the data forwarding method provided in this application: This system architecture includes a cloud computing platform and off-cloud computing devices, such as... Figure 1As shown in the application environment diagram, the cloud computing platform includes multiple data forwarding devices 10. The target data forwarding device is any one of the multiple data forwarding devices. All or part of the multiple data forwarding devices 10 are deployed with virtual network elements 110. The multiple virtual network elements 110 deployed in the cloud computing platform form multiple network element clusters. Each network element cluster includes multiple virtual network elements 110. The data forwarding device 10 can be a server or an external network switch. The external network switch includes an OSPF route publishing module 1101. The server includes multiple deployed virtual network elements 110 and a registration module 120. Each virtual network element 110 also includes an OSPF route publishing module 1101, a registration module 120, and a control address translation module. Block 1102 and routing control module 1103 are used, wherein the virtual network element 110 sends registration information to the server's registration module 120 through its own registration module 120, and the server's registration module 120 configures the host for the virtual network element 110 after receiving the registration information; the OSPF route publishing module 1101 is used to configure the internal network cluster IP address and external network cluster IP address of the network element cluster, as well as the internal network IP address and external network IP address of the virtual network element, so as to generate internal network equivalent route and external network equivalent route; the control address translation module 1102 is used to perform address translation and set the flow control policy according to the configuration file; the routing control module 1103 is used to configure the static routing policy according to the configuration file.

[0047] Optionally, the cloud computing platform can be OpenNebula, CloudStack, or OpenStack, etc. This application takes OpenStack as an example. OpenStack is an open-source cloud computing platform that provides an Infrastructure as a Service (IaaS) solution for building and managing public cloud, private cloud, and hybrid cloud environments. It consists of multiple components, each responsible for different cloud computing resource management functions.

[0048] In one exemplary embodiment, such as Figure 2 As shown, a data forwarding method is provided for, for example Figure 1 The target data forwarding device 10 in the cloud computing platform shown includes the following steps 201 to 204. Wherein:

[0049] S201, retrieve the data to be forwarded.

[0050] Optionally, the target data forwarding device can be a server or an external network switch, and the data to be forwarded can also include data sent from the cloud computing platform to the external network and data sent from the external network to the cloud computing platform.

[0051] It is understandable that the network segment where the cloud computing platform is located is not the same network segment as the external network.

[0052] Optionally, the cloud computing platform has multiple servers, each with a virtual switch deployed on it. Data exchange between the servers is achieved through the virtual switches deployed on each server.

[0053] S202, determine the IP address of the target network element cluster from multiple network element clusters based on the destination address of the data.

[0054] Optionally, when a server within a cloud computing platform exchanges data with the external network, the server's virtual switch determines the IP address of the target network element cluster from multiple network element clusters based on preset static routes and the destination address of the data.

[0055] For example, the routing control module 1103 in the virtual network element can configure static routes for the virtual switch. Taking the configuration "ip route add 10.101.64.0 / 24 via 10.101.16.1" as an example, 10.101.64.0 / 24 is the destination address and 10.101.16.1 is the next-hop address.

[0056] Optionally, multiple virtual network elements can be registered as the same network cluster. When a next-hop address is bound to a network element cluster, all virtual network elements in that cluster can be configured with the same next-hop address based on the network element cluster information, thus ensuring consistent forwarding performance among multiple virtual network elements.

[0057] Optionally, the network element cluster may include at least two virtual Ethernet interfaces, each connected to a different network, and each virtual Ethernet interface has an independent IP address. For example, one virtual Ethernet interface of the network element cluster connects to the internal LAN of the cloud computing platform (such as the 10.191.16.0 / 24 network segment), and this virtual Ethernet interface may be configured as 10.191.16.100; the other interface connects to the external wide area network (such as the Internet), and its IP address may be a public IP address assigned by the network service provider (such as 10.101.32.100).

[0058] Optionally, a virtual network element may also include at least two virtual Ethernet interfaces, each connected to a different network, and each virtual Ethernet interface has an independent IP address.

[0059] In one possible implementation, if the data to be forwarded is sent from the cloud computing platform to the external network, the internal network cluster IP address corresponding to the target network element cluster is determined from multiple network element clusters based on the destination address of the data.

[0060] Optionally, the internal network cluster IP address corresponding to the network element cluster can be the Vtep network segment of the virtual network element, and multiple virtual network elements in the same cluster can use the same Vtep IP.

[0061] In another possible implementation, if the data to be forwarded is sent from the external network to the cloud computing platform, the external network cluster IP address corresponding to the target network element cluster is determined from multiple network element clusters based on the destination address of the data.

[0062] Optionally, the external network cluster IP address corresponding to the network element cluster can be the unified gateway network segment of the Elastic IP Address (eip) of each virtual network element, and multiple virtual network elements in the same cluster can be planned to use the same address.

[0063] Optionally, an Elastic IP address is a public IP address that can be configured to be assigned to a virtual machine, instance, or network device. It allows resources to be reallocated without changing the IP address, thus providing greater flexibility and availability.

[0064] S203, obtain the equivalent routing data corresponding to the target network element cluster.

[0065] The equivalent routing data includes the mapping relationship between the cluster IP address of the target network element cluster and the IP addresses of each virtual network element included.

[0066] Optionally, equal-cost routing data can be obtained by the target data forwarding device through routing protocols to discover all paths to the destination network and determine the mapping relationship between the IP addresses at both ends of the path. During this process, each path is measured, and the factors considered may include link bandwidth, latency, and reliability. When multiple paths are found to have equal metric values, these paths are determined to be equal-cost paths. For example, if two links connect to the same network element cluster, and these two links have the same bandwidth and similar latency, the target data forwarding device will calculate that the costs of these two links are the same through routing protocols and will therefore consider them equal-cost paths.

[0067] Optionally, the routing protocol can be Open Shortest Path First (OSPF).

[0068] Optionally, the link cost between each virtual network element in the network element cluster and the network element cluster is the same. The equivalent routing data corresponding to the network element cluster can be determined according to the mapping relationship between the cluster IP address and the IP addresses of the included virtual network elements.

[0069] Optionally, after determining the target network element cluster, the corresponding equivalent routing data can be obtained based on the IP address of the target network element cluster.

[0070] Optionally, if the data is sent from the cloud computing platform to the external network, the internal network equivalent routing data corresponding to the target network element cluster is obtained. The internal network equivalent routing data includes the mapping relationship between the internal network cluster IP address of the target network element cluster and the internal network IP addresses of each virtual network element included.

[0071] Optionally, if the data is sent from the external network to the cloud computing platform, then obtain the external network equivalent routing data corresponding to the target network element cluster. The external network equivalent routing data includes the mapping relationship between the external network cluster IP address of the target network element cluster and the external network IP addresses of each virtual network element included.

[0072] For example, taking a network element cluster that includes two virtual network elements as an example, the equivalent routing data can be as shown in Table 1. The internal network cluster IP of the network element cluster belongs to the 10.101.64.0 / 24 network segment, and the internal network IP addresses of the two virtual network elements included in the network element cluster are 10.101.16.101 and 10.101.16.102, respectively; the external network IP address of the network element cluster belongs to the 10.101.32.0 / 24 network segment, and the external network IP addresses of the two virtual network elements included in the network element cluster are 10.101.128.101 and 10.101.128.102, respectively.

[0073]

[0074] S204. Based on the equivalent routing data, determine the IP address of the target virtual network element from among the multiple virtual network elements included in the target network element cluster, and send the data to the target virtual network element according to the IP address of the target virtual network element so that the target virtual network element can forward the data according to the routing policy.

[0075] Optionally, if the data is sent from the cloud computing platform to the external network, the target virtual network element and its internal network IP address are determined from the multiple virtual network elements included in the target network element cluster based on the internal network equivalent routing data corresponding to the target network element cluster; if the data is sent from the external network to the cloud computing platform, the target virtual network element and its external network IP address are determined from the multiple virtual network elements included in the target network element cluster based on the external network equivalent routing data corresponding to the target network element cluster.

[0076] If there is only one mapping relationship between the target network element cluster and the internal network equivalent routing data or the external network equivalent routing data, the target virtual network element and its IP address are determined according to the mapping relationship. If there are multiple mapping relationships, the target virtual network element and its IP address are determined according to the preset traffic control policy.

[0077] Optionally, after the data is sent to the target virtual network element, the target virtual network element can forward the data according to the routing policy. If the data is sent from the cloud computing platform to the external network, the next-hop address is determined according to the source address of the data and the preset routing policy. The next-hop address can be the IP address of the external network switch. If the data is sent from the external network to the cloud computing platform, the next-hop address is determined according to the source address of the data and the corresponding routing policy. The next-hop address can be the IP address of the virtual switch in the cloud computing platform.

[0078] For example, the routing control module 1103 in the virtual network element can configure routing policies for the virtual network element, as shown in the following configuration example:

[0079] ip rule add from 10.101.32.1 / 24 table external priority 32000

[0080] ip route add default via 10.101.128.1 dev eth2 table external

[0081] In this context, 10.101.32.1 is the elastic public network segment gateway for the virtual network element, and 10.101.128.1 is the IP address of the external network switch. That is, when the source address IP of the data belongs to the 10.101.32.1 / 24 network segment, the external routing table is considered for routing. A default route is added to the external routing table. When the destination address of the data packet does not find a clear matching entry in the external routing table, the default route will be used to forward the data to the external network switch corresponding to the IP address 10.101.128.1.

[0082] The aforementioned data forwarding method involves acquiring the data to be forwarded, determining the IP address of the target network element cluster from multiple network element clusters based on the data's destination address, obtaining the corresponding equivalent routing data for the target network element cluster (including the mapping relationship between the cluster IP address of the target network element cluster and the IP addresses of its constituent virtual network elements), determining the IP address of the target virtual network element from among the multiple virtual network elements included in the target network element cluster based on the equivalent routing data, and sending the data to the target virtual network element according to its IP address so that the target virtual network element can forward the data according to its routing policy. In this way, by establishing multiple network element clusters, with each cluster containing multiple virtual network elements, a master-master working state for virtual network elements can be achieved. Multiple virtual network elements can simultaneously operate, sharing network traffic and service responsibilities. Compared to a master-slave working state, multiple network elements processing services simultaneously avoid the network reliability issues caused by master-slave failover, effectively improving data forwarding reliability and meeting high network capacity requirements.

[0083] In one exemplary embodiment, such as Figure 3 As shown, optionally, the configuration process for equal-cost routing data includes steps 301 to 304. Wherein:

[0084] S301 is used to configure hosts for each virtual network element.

[0085] Virtual network elements on the same host are configured to belong to the same network element cluster.

[0086] Optionally, the registration module in the data forwarding device can receive registration information sent by the registration module in the virtual network element, and configure a host for each virtual network element according to the registration information.

[0087] For example, when the cloud computing platform is OpenStack, the virtual network element agent registers agent information with the data forwarding device through the RPC message of report_state. Among them, the key field host is used to uniquely identify the node. Agents belonging to the same cloud cluster are configured with the same host, such as vrouter01. In this way, when determining the next hop information, the next hop information is bound to vrouter01. When the network element agents in the same cluster obtain the RPC message, they uniformly obtain the next hop information related to vrouter01 for configuring the network element network information.

[0088] S302 configures the internal network cluster IP address and external network cluster IP address for each network element cluster, and configures the internal network IP address and external network IP address for each virtual network element.

[0089] Optionally, the OSPF routing publishing module of the virtual network element can be used to configure the internal network cluster IP address and external network cluster IP address for each network element cluster, and the internal network IP address and external network IP address for each virtual network element.

[0090] S303: For each network element cluster, based on the internal network cluster IP address and the internal network IP address of each virtual network element included in the network element cluster, establish the OSPF neighbor relationship between the network element cluster and each virtual network element, and generate internal network equivalent route data.

[0091] S304. For each network element cluster, based on the external network cluster IP address and the external network IP addresses of each virtual network element included in the network element cluster, establish the OSPF protocol neighbor relationship between the network element cluster and each virtual network element, and generate external network equivalent route data.

[0092] Optionally, the OSPF route publishing module is used to exchange routing information between the virtual network element and the external network switch. When the virtual network element is in a healthy state, it can receive network traffic normally through the route. When the virtual network element is in an abnormal state, the route is deleted so that the switch cannot send network traffic to the virtual network element.

[0093] Optionally, since the OpenStack native operating system does not include a module with routing and forwarding capabilities, the ospfd process can be introduced and installed on the node where the virtual network element resides. The ospfd process should be set to start at boot, and the following configuration should be used to update the ospfd process's configuration file, / etc / quagga / ospfd.conf:

[0094] interface eth1

[0095] ip ospf hello-interval 1

[0096] ip ospf dead-interval 2

[0097] IP OSPF area 0.0.0.0

[0098] The above configuration defines a virtual Ethernet interface eth1, which is used to communicate with servers in the cloud computing platform via VXLAN. The OSPF heartbeat interval is planned to be 1 second, and the overdue exception interval is 2 seconds. The eth1 interface is configured to belong to area 0 in the OSPF network.

[0099] interface eth2

[0100] ip ospf hello-interval 1

[0101] ip ospf dead-interval 2

[0102] IP OSPF area 0.0.0.1

[0103] The above configuration defines a virtual Ethernet interface eth2, which is used for VLAN communication with external networks. The OSPF heartbeat interval is planned to be 1 second, and the overdue exception interval is 2 seconds. The eth2 interface is configured to belong to area1 in the OSPF network.

[0104] router OSPF

[0105] OSPF router-id 10.101.8.101

[0106] network 10.101.16.0 / 24 area 0

[0107] network 10.101.64.0 / 24 area 0

[0108] network 10.101.32.0 / 24 area 1

[0109] network 10.101.128.0 / 24 area 1

[0110] Specifically, the subnets within Region 0 and Region 1 are configured as described above, with 10.101.64.0 / 24 serving as the VTEP segment for the virtual network elements. Multiple virtual network elements within the same network element cluster use the same VTEP. IP addresses, such as 10.101.64.100; 10.101.16.0 are the actual external IP addresses used by virtual network elements. All virtual network elements have different IP addresses; for example, virtual network element 1 is planned as 10.101.16.101, and virtual network element 2 is planned as 10.101.16.102. 10.101.32.0 is the unified gateway network segment for external forwarding of virtual network element EIPs. All virtual network elements are planned with the same address, such as 10.101.32.100. 10.101.128.0 is the actual external IP address used by virtual network elements. All virtual network elements have different IP addresses; for example, virtual network element 1 is planned as 10.101.128.101, and virtual network element 2 is planned as 10.101.128.102.

[0111] Meanwhile, the OSPF module in the external network switch is also configured accordingly. Multiple OSPF modules exchange information and form equal-cost routes to ensure that multiple virtual network elements in the same network element cluster form a master-master mode. At the same time, the OSPF routing publishing module can be used to dynamically publish and delete virtual network elements to achieve dynamic access and removal, thereby realizing seamless horizontal expansion.

[0112] In one exemplary embodiment, such as Figure 4 As shown, optionally, the IP address of the target virtual network element is determined from the multiple virtual network elements included in the target network element cluster, including the following steps 401 to 402. Wherein:

[0113] S401, obtain the preset traffic control policy.

[0114] S402 determines the IP address of the target virtual network element from multiple virtual network elements according to the flow control policy.

[0115] Optionally, the IP address of the target virtual network element can be determined based on the load of each virtual network element according to the above traffic control strategy.

[0116] Optionally, the flow control policy can be configured by the address translation module, and can be configured as follows. Simultaneously, the method of target address translation can also be configured according to the following settings:

[0117] ip netns exec snat-xxx tc qdisc add dev qg-xxx root handle 1: htb

[0118] ip netns exec snat-xxx tc filter add dev qg-xxx parent 1: protocol ipprio 1 u32 match ip src vmip / 32 action nat egress vmip / 32 eip

[0119] ip netns exec snat-xxx tc qdisc add dev qg-xxx ingress handle ffff

[0120] ip netns exec snat-xxx tc filter add dev qg-xxx parent ffff: protocolip prio 1 u32 match ip dst eip / 32 action nat ingress eip / 32 vmip

[0121] The above configuration is for traffic control settings for interfaces within a specific network namespace (snat-xxx). It involves Hierarchical Token Bucket (HTB) queue rules and network address translation filtering and action configurations, which can perform fine-grained management and address translation operations on data of virtual network elements.

[0122] Optionally, the above configuration adds an HTB queue management policy to the interface qg-xxx to control the network address translation of data sent from this interface. When sending data from the cloud computing platform to outside the cloud, the source IP address of the data packet is converted to an elastic public IP address. When sending data from outside the cloud to the cloud computing platform, the destination address is converted to a private IP address that can be recognized internally by the cloud computing platform.

[0123] Optionally, the control address translation module can also perform stateless address translation of data, including source address translation and destination address translation.

[0124] Optionally, address translation can be Network Address Translation (NAT), a technology used in a network to map one IP address space to another. By translating addresses, non-public IP addresses can be used in a private network without being directly exposed to the public network.

[0125] Optionally, source address translation can refer to the process of replacing the source IP address in data with a public IP address when data is sent from a cloud computing platform to the external network. This public IP address can be statically assigned to the internal network or dynamically obtained from a pool of public IP addresses.

[0126] Optionally, destination address translation can refer to the process of converting the destination IP address in the data to the private IP address in the cloud computing platform when the data is sent from the external network to the cloud computing platform.

[0127] Optionally, the control address translation module can be a traffic control (tc) tool used in the Linux system to manage and control network traffic. The tc module can be used to perform stateless tracing address translation, that is, without recording the state information of the data (e.g., session state table, connection tracking distance, etc.). In a session, data entering one virtual network element can be replied to through another virtual network element.

[0128] In the OpenStack operating system, iptables is used to implement NAT for virtual network elements (VNAs) for EIP capabilities. iptables performs NAT translation based on connection tracking. When a network element performs SNAT on incoming traffic, the network element will perform DNANAT on the reply traffic from the other end based on connection tracking. This requires the same network element to be used for service establishment for the same traffic, which does not meet the requirements of multi-network element master-master deployment. However, by using the tc module, which does not record data status information, data entering one VNA can be replied to through another VNA when multiple VNAs are in master-master working states, further improving the reliability of data forwarding.

[0129] As an optional implementation method, such as Figure 5 As shown, taking the data to be forwarded as being sent from the external network to the cloud computing platform as an example, the data forwarding method provided in this application embodiment may include the following specific steps:

[0130] S501, retrieve the data to be forwarded.

[0131] S502 performs stateless address translation on data, which includes source address translation and destination address translation.

[0132] S503 determines the external network cluster IP address corresponding to the target network element cluster from multiple network element clusters based on the destination address of the data.

[0133] S504: Obtain the external network equivalent route data corresponding to the target network element cluster.

[0134] External network equivalent routing data includes the mapping relationship between the external network cluster IP address of the target network element cluster and the external network IP addresses of each included virtual network element.

[0135] S505 determines the external IP address of the target virtual network element from multiple virtual network elements included in the target network element cluster based on equal-cost routing data and preset traffic control policies.

[0136] S506 sends data to the target virtual network element based on its external IP address, so that the target virtual network element can forward the data according to the routing policy.

[0137] As an optional implementation method, such as Figure 6 As shown, taking the data to be forwarded as data sent from a cloud computing platform to the external network as an example, the data forwarding method provided in this application embodiment may include the following specific steps:

[0138] S601, retrieve the data to be forwarded.

[0139] S602 performs stateless address translation on data, which includes source address translation and destination address translation.

[0140] S603 determines the internal network cluster IP address corresponding to the target network element cluster from multiple network element clusters based on the destination address of the data.

[0141] S604, obtain the intranet equivalent routing data corresponding to the target network element cluster.

[0142] The intranet equivalent routing data includes the mapping relationship between the intranet cluster IP address of the target network element cluster and the intranet IP addresses of each included virtual network element.

[0143] S605 determines the internal IP address of the target virtual network element from multiple virtual network elements included in the target network element cluster based on equal-cost routing data and preset traffic control policies.

[0144] S606 sends data to the target virtual network element based on its internal network IP address, so that the target virtual network element can forward the data according to the routing policy.

[0145] It should be understood that although the steps in the flowcharts of the embodiments described above are shown sequentially according to the arrows, these steps are not necessarily executed in the order indicated by the arrows. Unless explicitly stated herein, there is no strict order restriction on the execution of these steps, and they can be executed in other orders. Moreover, at least some steps in the flowcharts of the embodiments described above may include multiple steps or multiple stages. These steps or stages are not necessarily completed at the same time, but can be executed at different times. The execution order of these steps or stages is not necessarily sequential, but can be performed alternately or in turn with other steps or at least some of the steps or stages of other steps.

[0146] Based on the same inventive concept, this application also provides a data forwarding apparatus for implementing the data forwarding method described above. The solution provided by this apparatus is similar to the implementation described in the above method; therefore, the specific limitations in one or more data forwarding apparatus embodiments provided below can be found in the limitations of the data forwarding method described above, and will not be repeated here.

[0147] In one exemplary embodiment, such as Figure 7As shown, a data forwarding device 700 is provided for use in a target data forwarding device in a cloud computing platform. The cloud computing platform includes multiple data forwarding devices, and the target data forwarding device is any one of the multiple data forwarding devices. All or part of the multiple data forwarding devices are deployed with virtual network elements. The multiple virtual network elements deployed in the cloud computing platform form multiple network element clusters, and each network element cluster includes multiple virtual network elements. The device includes a first acquisition module 701, a first determination module 702, a second acquisition module 703, and a second determination module 704. Wherein:

[0148] The first acquisition module 701 is used to acquire data to be forwarded.

[0149] The first determining module 702 is used to determine the IP address of the target network element cluster from multiple network element clusters based on the destination address of the data.

[0150] The second acquisition module 703 is used to acquire the equivalent routing data corresponding to the target network element cluster. The equivalent routing data includes the mapping relationship between the cluster IP address of the target network element cluster and the IP addresses of each virtual network element included.

[0151] The second determining module 704 is used to determine the IP address of the target virtual network element from multiple virtual network elements included in the target network element cluster based on the equivalent routing data, and send data to the target virtual network element according to the IP address of the target virtual network element so that the target virtual network element can forward the data according to the routing policy.

[0152] In one embodiment, the first determining module 702 is specifically used to determine the internal network cluster IP address corresponding to the target network element cluster from multiple network element clusters based on the destination address of the data if the data is sent from the cloud computing platform to the external network; and to determine the external network cluster IP address corresponding to the target network element cluster from multiple network element clusters based on the destination address of the data if the data is sent from the external network to the cloud computing platform.

[0153] In one embodiment, the second acquisition module 703 is specifically used to acquire, if the data is sent from the cloud computing platform to the external network, the intranet equivalent routing data corresponding to the target network element cluster, the intranet equivalent routing data including the mapping relationship between the intranet cluster IP address of the target network element cluster and the intranet IP addresses of each included virtual network element; if the data is sent from the external network to the cloud computing platform, the external network equivalent routing data corresponding to the target network element cluster, the external network equivalent routing data including the mapping relationship between the external cluster IP address of the target network element cluster and the external network IP addresses of each included virtual network element.

[0154] In one embodiment, the data forwarding device further includes a configuration module, which is used to configure a host for each virtual network element, wherein virtual network elements with the same host are configured to belong to the same network element cluster; configure an internal network cluster IP address and an external network cluster IP address for each network element cluster, and configure an internal network IP address and an external network IP address for each virtual network element; for each network element cluster, establish an OSPF neighbor relationship between the network element cluster and each virtual network element based on the internal network cluster IP address and the internal network IP address of each virtual network element included in the network element cluster, and generate internal network equivalent cost route data; for each network element cluster, establish an OSPF neighbor relationship between the network element cluster and each virtual network element based on the external network cluster IP address and the external network IP address of each virtual network element included in the network element cluster, and generate external network equivalent cost route data.

[0155] In one embodiment, the second determining module 704 is specifically used to obtain a preset traffic control policy; and determine the IP address of the target virtual network element from multiple virtual network elements according to the traffic control policy.

[0156] In one embodiment, the first acquisition module 701 is further configured to perform stateless tracking address translation on the data, the address translation including source address translation and destination address translation.

[0157] Each module in the aforementioned data forwarding device can be implemented entirely or partially through software, hardware, or a combination thereof. These modules can be embedded in or independent of the processor in a computer device, or stored in the memory of a computer device as software, so that the processor can call and execute the operations corresponding to each module.

[0158] In one exemplary embodiment, a data forwarding device is provided. This data forwarding device may be a switch, or its internal structure may be as shown in the diagram below. Figure 8 The server shown. (As shown) Figure 8As shown, the data forwarding device includes a processor, memory, input / output (I / O) interfaces, and a communication interface. The processor, memory, and I / O interfaces are connected via a system bus, and the communication interface is also connected to the system bus via the I / O interfaces. The processor provides computational and control capabilities. The memory includes non-volatile storage media and internal memory. The non-volatile storage media stores the operating system, computer programs, and a database. The internal memory provides the environment for the operating system and computer programs stored in the non-volatile storage media. The database stores data. The I / O interfaces are used for exchanging information between the processor and external devices. The communication interface is used for communicating with external terminals via a network connection. When the computer program is executed by the processor, it implements a data forwarding method.

[0159] Those skilled in the art will understand that Figure 8 The structure shown is merely a block diagram of a portion of the structure related to the present application and does not constitute a limitation on the data forwarding device to which the present application is applied. A specific data forwarding device may include more or fewer components than those shown in the figure, or combine certain components, or have different component arrangements.

[0160] In one exemplary embodiment, a data forwarding device is provided, including a memory and a processor, wherein the memory stores a computer program, and the processor executes the computer program to implement the steps described in any of the above method embodiments.

[0161] In one embodiment, a computer-readable storage medium is provided having a computer program stored thereon, which, when executed by a processor, implements the steps described in any of the above method embodiments.

[0162] In one embodiment, a computer program product is provided, including a computer program that, when executed by a processor, implements the steps described in any of the above method embodiments.

[0163] Those skilled in the art will understand that all or part of the processes in the methods of the above embodiments can be implemented by a computer program instructing related hardware. The computer program can be stored in a non-volatile computer-readable storage medium, and when executed, it can include the processes of the embodiments of the above methods. Any references to memory, databases, or other media used in the embodiments provided in this application can include at least one of non-volatile memory and volatile memory. Non-volatile memory can include read-only memory (ROM), magnetic tape, floppy disk, flash memory, optical memory, high-density embedded non-volatile memory, resistive random access memory (ReRAM), magnetic random access memory (MRAM), ferroelectric random access memory (FRAM), phase change memory (PCM), graphene memory, etc. Volatile memory can include random access memory (RAM) or external cache memory, etc. By way of illustration and not limitation, RAM can take many forms, such as Static Random Access Memory (SRAM) or Dynamic Random Access Memory (DRAM). The databases involved in the embodiments provided in this application may include at least one type of relational database and non-relational database. Non-relational databases may include, but are not limited to, blockchain-based distributed databases. The processors involved in the embodiments provided in this application may be general-purpose processors, central processing units, graphics processing units, digital signal processors, programmable logic devices, quantum computing-based data processing logic devices, artificial intelligence (AI) processors, etc., and are not limited to these.

[0164] The technical features of the above embodiments can be combined in any way. For the sake of brevity, not all possible combinations of the technical features in the above embodiments are described. However, as long as there is no contradiction in the combination of these technical features, they should be considered to be within the scope of this application.

[0165] The embodiments described above are merely illustrative of several implementation methods of this application, and while the descriptions are specific and detailed, they should not be construed as limiting the scope of this patent application. It should be noted that those skilled in the art can make various modifications and improvements without departing from the concept of this application, and these all fall within the protection scope of this application. Therefore, the protection scope of this application should be determined by the appended claims.

Claims

1. A data forwarding method, characterized by, In a target data forwarding device used in a cloud computing platform, the cloud computing platform includes multiple data forwarding devices, the target data forwarding device is any one of the multiple data forwarding devices, all or part of the multiple data forwarding devices are deployed with virtual network elements, the multiple virtual network elements deployed in the cloud computing platform form multiple network element clusters, and each network element cluster includes multiple virtual network elements, including: Get the data to be forwarded; The IP address of the target network element cluster is determined from multiple network element clusters based on the destination address of the data; Obtain the equivalent routing data corresponding to the target network element cluster. The equivalent routing data includes the mapping relationship between the cluster IP address of the target network element cluster and the IP addresses of each virtual network element included. Virtual network elements of the same host are configured to belong to the same network element cluster. Based on the equivalent routing data, the IP address of the target virtual network element is determined from the multiple virtual network elements included in the target network element cluster. The data is then sent to the target virtual network element based on the IP address of the target virtual network element, so that the target virtual network element can forward the data according to the routing policy. After acquiring the data to be forwarded, the method further includes: performing stateless address translation on the data using a flow control tool. The address translation includes source address translation and destination address translation. The stateless address translation does not record the session state of the data, so that data entering one virtual network element can be replied to through another virtual network element.

2. The method of claim 1, wherein, The step of determining the IP address of the target network element cluster from multiple network element clusters based on the destination address of the data includes: If the data is sent from the cloud computing platform to the external network, then the internal network cluster IP address corresponding to the target network element cluster is determined from the multiple network element clusters based on the destination address of the data; If the data is sent from the external network to the cloud computing platform, then the external network cluster IP address corresponding to the target network element cluster is determined from the multiple network element clusters based on the destination address of the data.

3. The method of claim 2, wherein, The step of obtaining the equivalent routing data corresponding to the target network element cluster includes: If the data is sent from the cloud computing platform to the external network, then the intranet equivalent routing data corresponding to the target network element cluster is obtained. The intranet equivalent routing data includes the mapping relationship between the intranet cluster IP address of the target network element cluster and the intranet IP addresses of each virtual network element included. If the data is sent from the external network to the cloud computing platform, then the external network equivalent routing data corresponding to the target network element cluster is obtained. The external network equivalent routing data includes the mapping relationship between the external network cluster IP address of the target network element cluster and the external network IP addresses of each virtual network element included.

4. The method of claim 3, wherein, The configuration process for the equivalent routing data includes: Configure a host for each of the aforementioned virtual network elements; Configure internal network cluster IP addresses and external network cluster IP addresses for each of the network element clusters, and configure internal network IP addresses and external network IP addresses for each of the virtual network elements; For each of the aforementioned network element clusters, based on the internal network cluster IP address and the internal network IP address of each virtual network element included in the network element cluster, an OSPF neighbor relationship is established between the network element cluster and each of the aforementioned virtual network elements, and internal network equivalent route data is generated. For each of the aforementioned network element clusters, based on the external network cluster IP address and the external network IP address of each virtual network element included in the network element cluster, an OSPF neighbor relationship is established between the network element cluster and each of the virtual network elements, and external network equivalent route data is generated.

5. The method according to claim 1, characterized in that, Determining the IP address of the target virtual network element from among the multiple virtual network elements included in the target network element cluster includes: Obtain the preset traffic control policy; The IP address of the target virtual network element is determined from multiple virtual network elements according to the traffic control strategy.

6. A data forwarding transpose, comprising: In a target data forwarding device used in a cloud computing platform, the cloud computing platform includes multiple data forwarding devices, the target data forwarding device is any one of the multiple data forwarding devices, all or part of the multiple data forwarding devices are deployed with virtual network elements, the multiple virtual network elements deployed in the cloud computing platform form multiple network element clusters, and each network element cluster includes multiple virtual network elements, including: The first acquisition module is used to acquire the data to be forwarded. The first determining module is used to determine the IP address of the target network element cluster from multiple network element clusters based on the destination address of the data; The second acquisition module is used to acquire the equivalent routing data corresponding to the target network element cluster. The equivalent routing data includes the mapping relationship between the cluster IP address of the target network element cluster and the IP addresses of each virtual network element included. Virtual network elements of the same host are configured to belong to the same network element cluster. The second determining module is used to determine the IP address of the target virtual network element from among the multiple virtual network elements included in the target network element cluster based on the equivalent routing data, and to send the data to the target virtual network element according to the IP address of the target virtual network element, so that the target virtual network element can forward the data according to the routing policy; After acquiring the data to be forwarded, the first acquisition module is also used to perform stateless address translation on the data through a flow control tool. The address translation includes source address translation and destination address translation. The stateless address translation does not record the session state of the data, so that data entering one virtual network element can be replied to through another virtual network element.

7. A data forwarding device comprising a memory and a processor, the memory storing a computer program, characterized in that, When the processor executes the computer program, it implements the steps of the method according to any one of claims 1 to 5.

8. A computer-readable storage medium having stored thereon a computer program, characterized in that, When the computer program is executed by a processor, it implements the steps of the method according to any one of claims 1 to 5.

9. A computer program product comprising a computer program, characterized in that, When the computer program is executed by a processor, it implements the steps of the method according to any one of claims 1 to 5.