Abstract: A method of transmitting a BGP message and a routing device are provided. According to an example of the method, a queue for holding BGP messages to be transmitted is partitioned into more than two subqueues according to types of BGP routes, where each of the subqueues is used to hold a BGP message carrying a corresponding type of BGP route. A BGP message carrying a BGP route to be advertised is placed into one of the more than two subqueues according to the type of the BGP route. A target subqueue is selected from the more than two subqueues according to a first scheduling algorithm, and a BGP message in the target subqueue is transmitted.
Abstract: A PE and a method of forwarding packet are provided. According to an example of the method, when receiving a packet, the PE may determine a vPort associated to a port through which the packet is received. When a forwarding entry adding condition is satisfied, the PE may add a first forwarding entry in a forwarding table by recording the first vPort as an egress port, a source MAC address of the packet as a MAC address and an VLAN identifier of the VLAN associated with the first vPort as a VLAN identifier. Subsequently, the PE may search the forwarding table for a second forwarding entry matching the destination MAC address of the packet and the VLAN to which the packet belongs. The PE may search a port associating relationship table for a port associated to a second vPort in the second forwarding entry to forward the packet.
Abstract: A Multibit Trie is created for routing distribution of IP prefixes in each Virtual Private Network (VPN); and each Multibit Trie is divided into multiple layers. When routing search is performed for an IP address of a VPN, an input key is generated for each layer respectively, the input key of the layer comprises a VPN identifier of the VPN and bits corresponding to all of at least one layer before the layer in the IP address. A calculation is performed for the generated input key of each layer by using a Hash function of the layer, and routing is searched for according to a data structure information pointer of a Sub_Trie node corresponding to a longest Hash hit result.
Abstract: Disclosed is a line card chassis which includes line card units, optical electrical conversion units and optical fiber interface units. The optical-electrical conversion unit has an onboard optical assembly module used for mutual conversion between an optical signal and an electrical signal; an electrical signal interface of the onboard optical assembly module is connected to the line card unit through an electrical connector, and an optical signal interface of the onboard optical assembly module is connected to the optical fiber interface unit through an optical connector; and the optical fiber interface unit couples the optical signal to a cluster interface of a panel on a router through an optical fiber, and the cluster interface is to concatenate different chassis in the router. Also disclosed is a multi-chassis cluster router and a packet processing method.
Abstract: A Software Defined Network (SDN) controller monitors load of Virtual FireWall (vFW) nodes in a firewall cluster in real time. When detecting that load of one or more vFW nodes is higher than a predefined first threshold, the SDN controller creates a new vFW node. The SDN controller selects a first flow, which is to be migrated, from flows passing through the monitored vFW nodes, updates a first flow entry corresponding to the first flow, and sends the updated first flow entry to a switch. The updated first flow entry indicates the switch to send the first flow to the new vFW node.
Abstract: Provided is a method and device for switching a primary/backup PW. When a primary PW is detected having changed into a Down status by a BFD session corresponding to the primary PW, PE searches for a matching switching information entry. When in the switching information entry indicates transmission switching is supported, and Failover value indicates that a packet is forwarded via a backup PW, the PE updates Failover value in a hardware protection switching entry to the Failover value in the switching information entry. When bRX in the switching information entry indicates reception switching is supported, the PE updates drop identifier in a hardware reception entry to a value indicating that a packet is received, and updates the bFS to a value indicating that transmission switching is not supported; and the PE reports a Down event of the primary PW.
Abstract: In an example, a method of updating Basic Service Set ID (BSSID) is provided. According to the method, a wireless bridge device determines whether a Service Set Identifier (SSID) carried in a received access packet transmitted by a first wireless access point is matched with a target SSID locally saved in the wireless bridge device. The wireless bridge device continues determining whether a BSSID carried in the access packet is identical to a locally saved target BSSID if the decision result is yes. Otherwise, the wireless bridge device determines whether the access packet carries configuration information of a second wireless access point currently associated with the wireless bridge device, and the wireless bridge device saves the BSSID carried in the access packet as the target BSSID if the access packet carries the configuration information.
Abstract: After receiving the packet, an operation type of an operation to be performed for a packet is identified, a key value is extracted from the packet and Hash calculation is performed for the extracted key value; a calculation result of the Hash calculation is taken as a Hash entrance, and at least one Hash index table entry is found from a local Hash index table; match operation is performed between the identified operation type and the at least one Hash index table entry; the packet is processed according to a matched Hash index table entry if the matched Hash index table entry is found.
Abstract: The server may be configured with two or more than two network cards. The server may advertise a route, which may comprise a network segment address of each local network card and an IP address of the server, to a route neighbor of the server via the each local network card. The server may receive route information, which may comprise an address of a device, from the route neighbor of the server via the each network card. The server may determine a route from the server to the device. An outgoing port of the route may be the each network card. When a packet destined for the address of the device is received, the server may forward the packet via the route. When a link connecting to a network card fails, the server may disable all the routes, outgoing interfaces of which may be the network card.
Abstract: In an example, a method for managing a virtual network is provided. According to the method, first and second domains are respectively created for heterogeneous first and second hypervisor mangers. The first hypervisor manager manages a first virtual machine (VM) and first virtual switch (vSwitch) The second hypervisor manager manages a second VM and a second vSwitch. Based on topology of the virtual network, topology management information may be created, which comprises first and second virtual network topology information respectively for the first and second domains, and first and second configuration information respectively for the first and second vSwitches. The topology management information may be distributed to the first and second hypervisor mangers after being associated with the first and second domains, so to the first and second vSwitches implement packet forwarding between the first and second VMs according to the first and second configuration information respectively.
Abstract: A method and device for forwarding a packet are disclosed. When a first access device connected with a database server is to be configured with a mirror image rule, an SDN controller can transmit a mirror image rule adding message carrying the mirror image rule to the first access device. Where, the mirror image rule comprises an IP address of the database server, a MAC address of a database audit device connected with a second access device and a VXLAN tunnel between the first access device and the second access device. When receiving a database access packet whose destination IP address is an IP address of the database server, the first access device may replace a destination MAC address of a mirror packet for the database access packet with a MAC address of the database audit device according to the mirror image rule and forward the encapsulated VXLAN packet.
Abstract: An I/O board of a VXLAN switch receives a multicast data packet from a VLAN, and sends the multicast data packet to the fabric board of the VXLAN switch when at least one multicast group member port corresponding to the multicast data packet is a first virtual port. The fabric board determines that layer 3 multicast forwarding is to be performed by the fabric board. When a multicast group member port corresponding to the multicast data packet is a VXLAN tunnel port, the fabric board modifies a source MAC address of the multicast data packet, and sends the modified multicast data packet to an I/O board corresponding to the multicast group member port on the VXLAN switch. The I/O board corresponding to the multicast group member port adds a VXLAN encapsulation to the multicast data packet and forwards the multicast data packet having the VXLAN encapsulation to a VXLAN.
Abstract: Examples of the present disclosure provide a VM packet controlling method and apparatus, applicable for an OpenStack network. The OpenStack network includes an OpenStack controller node, an OpenStack compute node, and a virtual network system. The OpenStack network is communicatively connected with an SDN controller, the virtual network system includes a VM and a virtual network apparatus responsible for forwarding packets of the virtual machine. The OpenStack controller node creates a port for the VM, informs the SDN controller of a port UUID and a forwarding rule applied on the port; the OpenStack controller node receives a port ID, and transmits a corresponding relationship between the port ID and the port UUID to the SDN controller, the SDN controller generates a flow table according to the forwarding rule applied on the port, and issues the flow table to the virtual network apparatus according to the corresponding relationship.
Abstract: A first VXLAN Tunnel End Point (VTEP) determines a simulation packet for simulating a service forwarding path of a service packet forwarded from a first Virtual Machine (VM) accessing the first VTEP to a second VM accessing a second VTEP when the service packet sent by the first VM does not reach the second VM. A packet character parameter of the simulation packet is the same as a packet character parameter of the service packet. The first VTEP calculates the packet character parameter of the simulation packet to determine a User Datagram Protocol (UDP) source port number, performs VXLAN encapsulation for the simulation packet according to the determined UDP source port number and a VXLAN tunnel identity in a local register entry matching with the simulation packet, and forwards the simulation packet with the VXLAN encapsulation via a VXLAN tunnel corresponding to the VXLAN tunnel identity.
July 8, 2016
Date of Patent:
November 19, 2019
NEW H3C TECHNOLOGIES CO., LTD
Ruichang Gao, Yan Qiao, Neng Yan, Chen Miao
Abstract: A SDN controller obtains and stores a NAT mapping relationship between a private network address and a public network of a host computer in each SDN; receives a flow table request for a data packet from a VTEP device, searching for a NAT mapping relationship corresponding to a target IP address of the data packet when determining that the data packet is forwarded across SDNs; generates a flow table used for forwarding the data packet according to the NAT mapping relationship corresponding to the target IP address searched out and network topology information, and transmits the flow table to the VTEP device, wherein the flow table comprises a NAT processing instruction for a source IP address and encapsulation information, and a target IP address in the encapsulation information is a public network address in the NAT mapping relationship searched out.
Abstract: A Multibit Trie is created for routing distribution of IP prefixes in each Virtual Private Network (VPN). Routing of IP prefixes in the highest level 1˜m of the Multibit Trie is expanded to IP prefixes in level m+1 according to a prefix expansion method, wherein m is an integer larger than 1. Each branch of the IP prefixes in the level m+1 of the Multibit Trie is taken as a Branch_Tree, and data structure information of each Branch_Tree is saved. When routing of an IP address in a VPN is to be searched, a Branch_Tree is searched in a Multibit Trie corresponding to the VPN according to the highest m+1 bits of the IP address, and the routing of the IP address is searched in the Branch_Tree.
Abstract: A method and device for realizing automatic stacking of network devices are disclosed. According to an example of the method, when a network device determines its device role, the network device may send a first neighbor discovery message to a neighbor device and receive a second neighbor discovery message sent by the neighbor device. Next, if it determines that a topological structure between the network device and the neighbor device changes according to the second neighbor discovery message, the network device may determine whether a stacking condition to trigger stacking the network device and the neighbor device is satisfied or not. If the stacking condition is satisfied, the network device may further determine a stacking configuration for stacking the network device and the neighbor device. Then the network device may stack the network device with the neighbor device according to the stacking configuration.
Abstract: A method of forwarding a packet and a network device are provided. According to an example of the method, when serving as a previous-hop device of a destination device of a first tunnel, the network device receives a first notification message from the destination device of the first tunnel, where information relating the first tunnel is carried in the first notification message. The network device configures a forwarding entry, where a match domain of the forwarding entry includes the information relating the first tunnel. After an encapsulated data packet is received, and if the encapsulated data packet matches the forwarding entry, the network device decapsulates the encapsulated data packet and then forwards the decapsulated data packet to the destination device of the first tunnel.
Abstract: A network device may include a first forwarding board, a second forwarding board and an interface board. The interface board may include a control apparatus and a network interface chip. The control apparatus may form a first upstream packet flow which is sent to the first forwarding board via a first I/O bus and a second upstream packet flow which is sent to the second forwarding board via a second I/O bus using data packets received through the network interface chip from the exterior of the network device.