CN114884810A - Network data transmission method, access method and storage medium based on SDN - Google Patents

Abstract

The invention discloses a network data transmission method, an access method and a storage medium based on an SDN. Wherein, the method comprises the following steps: controlling a first elastic network card for transmitting data to access a Software Defined Network (SDN); determining a gateway related to a first elastic network card in a Software Defined Network (SDN), wherein the elastic network card information of the first elastic network card is configured on the gateway; acquiring first configuration information between a gateway and a Virtual Private Cloud (VPC) system, wherein the first configuration information is used for representing that data are allowed to be transmitted between the gateway and the VPC system; and transmitting data associated with the first flexible network card between the gateway and the VPC system based on the first configuration information. The invention solves the technical problem of low efficiency of data transmission.

Description

SDN-based network data transmission method, access method and storage medium

technical field

The present invention relates to the field of computers, and in particular, to an SDN-based network data transmission method, an access method and a storage medium.

Background technique

At present, in the allocation and processing of resources, Network Functions Virtualization (NFV) is usually deployed in the Elastic Cloud Server (ECS), because the elastic network card usually depends on the computing node. Therefore, limited by the resources on the node, the number of elastic network cards is limited. At the same time, this method cannot realize the intercommunication between the elastic network card and the VPC network, and there is a technical problem of low data transmission efficiency.

For the above problems, no effective solution has been proposed yet.

SUMMARY OF THE INVENTION

Embodiments of the present invention provide an SDN-based network data transmission method, access method, and storage medium, so as to at least solve the technical problem of low data transmission efficiency.

According to an aspect of the embodiments of the present invention, an SDN-based network data transmission method is provided. The method may include: controlling a first elastic network card for data transmission to access a software-defined network SDN; determining a gateway associated with the first elastic network card in the software-defined network SDN, wherein the elastic network card information of the first elastic network card is configured in on the gateway; obtain the first configuration information between the gateway and the virtual private cloud VPC system, wherein the first configuration information is used to represent the data that is allowed to be transmitted between the gateway and the VPC system; based on the first configuration information, between the gateway and the VPC system Data associated with the first ENIC is transmitted.

According to another aspect of the embodiments of the present invention, an SDN-based network data access method is provided. The method may include: determining a first elastic network card corresponding to the client and used to transmit data; controlling the first elastic network card to access the software-defined network SDN; determining a gateway associated with the first elastic network card in the software-defined network SDN, Wherein, the elastic network card information of the first elastic network card is configured on the gateway; the first configuration information between the gateway and the virtual private cloud VPC system is obtained, wherein the first configuration information is used to indicate that data transmission is allowed between the gateway and the VPC system; Based on the first configuration information, data associated with the first elastic network card is transmitted between the gateway and the VPC system, so as to access the client to the network function virtualization NFV resource on the VPC system.

According to another aspect of the embodiments of the present invention, another SDN-based network data transmission method is also provided. The method may include: determining a gateway associated with the first elastic network card in the accessed software-defined network SDN by invoking a first interface, wherein the first interface includes a first parameter, the parameter value of the first parameter is the gateway, and the first The elastic network card information of the elastic network card is configured on the gateway; the first configuration information between the gateway and the virtual private cloud VPC system is obtained, wherein the first configuration information is used to indicate that data transmission is allowed between the gateway and the VPC system; based on the first configuration The information determines the data associated with the first elastic network card to be transmitted between the gateway and the VPC system; the data associated with the first elastic network card is output by calling the second interface, wherein the second interface includes the second parameter, and the second parameter The parameter value is the data associated with the first ENIC.

According to an aspect of the embodiments of the present invention, an SDN-based network data transmission apparatus is provided. The apparatus may include: a first control unit, configured to control the first elastic network card used for data transmission to access the software-defined network SDN; a first determination unit, configured to determine the associated first elastic network card in the software-defined network SDN a gateway, wherein the elastic network card information of the first elastic network card is configured on the gateway; the first obtaining unit is used to obtain the first configuration information between the gateway and the virtual private cloud VPC system, wherein the first configuration information is used to represent the gateway Data transmission is allowed between the gateway and the VPC system; the first transmission unit is configured to transmit the data associated with the first elastic network card between the gateway and the VPC system based on the first configuration information.

According to another aspect of the embodiments of the present invention, an SDN-based network data access device is provided. The apparatus may include: a second determination unit for determining a first elastic network card corresponding to the client and used for transmitting data; a second control unit for controlling the first elastic network card to access a software-defined network SDN; a third a determining unit, configured to determine the gateway associated with the first elastic network card in the software-defined network SDN, wherein the elastic network card information of the first elastic network card is configured on the gateway; the second obtaining unit is configured to obtain the gateway and the virtual private cloud VPC The first configuration information between the systems, wherein the first configuration information is used to represent that data is allowed to be transmitted between the gateway and the VPC system; the second transmission unit is used to transmit the first configuration information between the gateway and the VPC system based on the first configuration information The data associated with the elastic network card is used to connect clients to the network function virtualization NFV resources on the VPC system.

According to another aspect of the embodiments of the present invention, another SDN-based network data transmission device is also provided. The apparatus may include: a fourth determining unit, configured to determine a gateway associated with the first elastic network card in the accessed software-defined network SDN by invoking a first interface, wherein the first interface includes a first parameter, and the value of the first parameter The parameter value is the gateway, and the elastic network card information of the first elastic network card is configured on the gateway; the third obtaining unit is used to obtain the first configuration information between the gateway and the virtual private cloud VPC system, wherein the first configuration information is used to represent Data transmission is allowed between the gateway and the VPC system; the fifth determining unit is used for determining the data associated with the first elastic network card to be transmitted between the gateway and the VPC system based on the first configuration information; the output unit is used for calling the first elastic network card The second interface outputs the data associated with the first elastic network card, wherein the second interface includes a second parameter, and the parameter value of the second parameter is the data associated with the first elastic network card.

According to another aspect of the embodiments of the present invention, a computer-readable storage medium is also provided, where the computer-readable storage medium includes a stored program, wherein, when the program runs, the device where the storage medium is located is controlled to execute any of the above-mentioned SDN-based network data transmission method.

According to another aspect of the embodiments of the present invention, a processor is also provided, where the processor is configured to run a program, wherein any one of the foregoing SDN-based network data transmission methods is executed when the program runs.

According to another aspect of the embodiments of the present invention, an SDN-based network data transmission system is also provided, including: a processor; a memory connected to the processor and configured to provide the processor with instructions for processing the following processing steps: controlling The first elastic network card used for data transmission is connected to the software-defined network SDN; the gateway associated with the first elastic network card in the SDN is determined, wherein the elastic network card information of the first elastic network card is configured on the gateway; the gateway and the virtual private cloud are obtained The first configuration information between the VPC systems, where the first configuration information is used to indicate that data transmission between the gateway and the VPC system is allowed; based on the first configuration information, the data associated with the first elastic network card is transmitted between the gateway and the VPC system .

According to another aspect of the embodiments of the present invention, an SDN-based network data access system is also provided. The SDN-based network data transmission device includes: a first elastic network card, connected to the client; a gateway in the software-defined network SDN, used for configuring elastic network card information of the first elastic network card; a virtual private cloud VPC system, based on and The first configuration information between the gateways receives data associated with the first elastic network card, so as to access the client to the network function virtualization NFV resource on the VPC system, wherein the first configuration information is used to represent the gateway and the VPC system. Data transfer is allowed between them.

According to another aspect of the embodiments of the present invention, an SDN-based network data transmission device is also provided. The SDN-based network data transmission device includes: a gateway for configuring elastic network card information of a first elastic network card connected to the software-defined network SDN; a third interface, connected to the gateway, for obtaining the gateway and the virtual private cloud The first configuration information between the VPC systems, and based on the first configuration information, the gateway is controlled to transmit data associated with the first elastic network card to the VPC system, wherein the first configuration information is used to indicate that data transmission is allowed between the gateway and the VPC system.

In the embodiment of the present invention, the first elastic network card used for data transmission is controlled to access the software-defined network SDN; the gateway associated with the first elastic network card in the software-defined network SDN is determined, wherein the elastic network card information of the first elastic network card Configure on the gateway; obtain first configuration information between the gateway and the virtual private cloud VPC system, where the first configuration information is used to indicate that data transmission between the gateway and the VPC system is allowed; based on the first configuration information, the gateway and the VPC system The data associated with the first elastic network card is transmitted between them. That is to say, in this application, by deploying the first elastic network card on the SDN gateway, it is only limited by the resources of the SDN gateway and does not occupy the resources of computing nodes, and the first elastic network card can be intercommunicated with the VPC network, thereby achieving improved performance. The technical effect of data transmission efficiency solves the technical problem of low data transmission efficiency.

Description of drawings

The accompanying drawings described herein are used to provide a further understanding of the present invention and constitute a part of the present application. The exemplary embodiments of the present invention and their descriptions are used to explain the present invention and do not constitute an improper limitation of the present invention. In the attached image:

1 is a hardware structural block diagram of a computer terminal (or mobile device) of an SDN-based network data transmission method according to an embodiment of the present invention;

2 is a flowchart of a method for transmitting network data based on SDN according to an embodiment of the present invention;

3 is a flowchart of an SDN-based network data access method according to an embodiment of the present invention;

4 is a flowchart of another SDN-based network data transmission method according to an embodiment of the present invention;

FIG. 5 is a schematic diagram of interworking between a multi-tenant and NFV according to the related art;

6 is a schematic diagram of another multi-tenant and NFV interworking according to the related art;

7 is a schematic diagram of implementing NFV access based on a gateway elastic network card according to an embodiment of the present invention;

8 is a schematic diagram of a multi-tenant access according to an embodiment of the present invention;

9 is a schematic diagram of a multi-tenant allocation tunnel information according to an embodiment of the present invention;

10 is a schematic diagram of an NFV elastic network card directly interworking with an infrastructure service layer according to an embodiment of the present invention;

11 is a schematic diagram of an SDN-based network data transmission device according to an embodiment of the present invention;

12 is a schematic diagram of an SDN-based network data access device according to an embodiment of the present invention;

13 is a schematic diagram of another SDN-based network data transmission apparatus according to an embodiment of the present invention;

FIG. 14 is a structural block diagram of a computer terminal according to an embodiment of the present invention.

Detailed ways

In order to make those skilled in the art better understand the solutions of the present invention, the technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the accompanying drawings in the embodiments of the present invention. Obviously, the described embodiments are only Embodiments are part of the present invention, but not all embodiments. Based on the embodiments of the present invention, all other embodiments obtained by persons of ordinary skill in the art without creative efforts shall fall within the protection scope of the present invention.

It should be noted that the terms "first", "second" and the like in the description and claims of the present invention and the above drawings are used to distinguish similar objects, and are not necessarily used to describe a specific sequence or sequence. It is to be understood that the data so used may be interchanged under appropriate circumstances such that the embodiments of the invention described herein can be practiced in sequences other than those illustrated or described herein. Furthermore, the terms "comprising" and "having" and any variations thereof, are intended to cover non-exclusive inclusion, for example, a process, method, system, product or device comprising a series of steps or units is not necessarily limited to those expressly listed Rather, those steps or units may include other steps or units not expressly listed or inherent to these processes, methods, products or devices.

First of all, some nouns or terms that appear in the process of describing the embodiments of the present application are suitable for the following explanations:

Network Functions Virtualization (NFV for short), a concept for network architecture, uses virtualization technology to divide the functions of network nodes into several functional blocks, which are implemented in software, not in limited to the hardware structure;

Software Defined Network (SDN for short) is a new type of network architecture. It uses network protocols to separate the control plane of the router from the data plane and implements it in software, so that it can be dispersed on various network devices. The centralized management of the control plane becomes possible;

The Elastic Network Interface (ENI) is an elastic network interface bound to a cloud server in a private network and can be freely migrated between multiple cloud servers;

Gateway (Gateway, referred to as GW), also known as inter-network connector, protocol converter, realizes network interconnection above the network layer, is a complex network connection device, only used for network interconnection of two different high-level protocols , in this application, it refers specifically to the SDN gateway;

Virtual Private Cloud (VPC for short) is a private cloud that exists in a shared or public cloud, and can be an isolated and private virtual network environment that users can apply for on the cloud;

A tenant can be a client of the system or computer computing resources, and can be a client.

Example 1

According to an embodiment of the present invention, an embodiment of an SDN-based network data transmission method is provided. It should be noted that the steps shown in the flowchart of the accompanying drawings may be executed in a computer system such as a set of computer-executable instructions. and, although a logical order is shown in the flowcharts, in some cases the steps shown or described may be performed in an order different from that herein.

The method embodiment provided in Embodiment 1 of the present application may be executed in a mobile terminal, a computer terminal, or a similar computing device. FIG. 1 is a hardware structural block diagram of a computer terminal (or mobile device) of an SDN-based network data transmission method according to an embodiment of the present invention. As shown in FIG. 1 , the computer terminal 10 (or the mobile device 10 ) may include one or more processors (102a, 102b, . A processing device such as an MCU or a programmable logic device FPGA), a memory 104 for storing data, and a transmission module 106 for communication functions. In addition, may also include: display, input/output interface (I/O interface), universal serial bus (USB) port (may be included as one of the ports of the BUS bus), network interface, power supply and/or or camera. Those of ordinary skill in the art can understand that the structure shown in FIG. 1 is only a schematic diagram, which does not limit the structure of the above electronic device. For example, the computer terminal 10 may also include more or fewer components than shown in FIG. 1 , or have a different configuration than that shown in FIG. 1 .

It should be noted that the one or more processors and/or other signal processing circuits described above may generally be referred to herein as "SDN-based network data transmission circuits". The SDN-based network data transmission circuit may be embodied in whole or in part as software, hardware, firmware or any other combination. Furthermore, the SDN-based network data transmission circuitry may be a single, stand-alone processing module, or incorporated in whole or in part into any of the other elements in the computer terminal 10 (or mobile device). As involved in the embodiments of the present application, the SDN-based network data transmission circuit acts as a kind of processor control (eg, selection of a variable resistance termination path connected to an interface).

The memory 104 can be used to store software programs and modules of application software, such as a program instruction/data storage device corresponding to the SDN-based network data transmission method in the embodiment of the present invention, the processor runs the software programs and modules stored in the memory 104 by running the software programs and modules. , so as to perform various functional applications and SDN-based network data transmission, that is, to implement the above-mentioned SDN-based network data transmission method. Memory 104 may include high-speed random access memory, and may also include non-volatile memory, such as one or more magnetic storage devices, flash memory, or other non-volatile solid-state memory. In some instances, memory 104 may further include memory located remotely from the processor, and these remote memories may be connected to computer terminal 10 through a network. Examples of such networks include, but are not limited to, the Internet, an intranet, a local area network, a mobile communication network, and combinations thereof.

Transmission means 106 are used to receive or transmit data via a network. A specific example of the above-mentioned network may include a wireless network provided by a communication provider of the computer terminal 10 . In one example, the transmission device 106 includes a network adapter (Network Interface Controller, NIC), which can be connected to other network devices through a base station so as to communicate with the Internet. In one example, the transmission device 106 may be a radio frequency (Radio Frequency, RF) module, which is used for wirelessly communicating with the Internet.

The display may be, for example, a touch screen type liquid crystal display (LCD) that enables a user to interact with the user interface of the computer terminal 10 (or mobile device).

It should be noted here that, in some optional embodiments, the computer device (or mobile device) shown in FIG. 1 may include hardware elements (including circuits), software elements (including a computer stored on a computer-readable medium) code), or a combination of both hardware and software elements. It should be noted that FIG. 1 is only one example of a specific embodiment, and is intended to illustrate the types of components that may be present in a computer device (or mobile device) as described above.

Under the operating environment shown in FIG. 1 , the present application provides the SDN-based network data transmission method shown in FIG. 2 . It should be noted that the SDN-based network data transmission method in this embodiment may be executed by the mobile terminal of the embodiment shown in FIG. 1 .

FIG. 2 is a flowchart of a method for transmitting network data based on SDN according to an embodiment of the present invention. As shown in FIG. 2 , the method may include the following steps:

Step S202, controlling the first elastic network card used for data transmission to access the software-defined network SDN.

In the technical solution provided by the above step S202 of the present invention, the first elastic network card may be a gateway elastic network card (GW ENI), which may be called a virtual ENI, used for data transmission, and can control the first elastic network card to access the software-defined network SDN , so that the first elastic network card works in the SDN, that is, this embodiment is a network data transmission method implemented based on the SDN.

Step S204, determining the gateway associated with the first elastic network card in the software-defined network SDN.

In the technical solution provided by the above step S204 of the present invention, the elastic network card information of the first elastic network card is configured on the gateway, the location information of the first elastic network card is stored on the SDN gateway, and it is determined that the first elastic network card is located in the software-defined network SDN. Associated gateway; the gateway can be an SDN gateway; the location information can be used to determine which SDN gateway the gateway elastic network card is on.

Optionally, the information of the gateway elastic network card can be configured on the SDN gateway through the SDN controller in the static configuration mode, or the SDN gateway custom protocol can be learned from the SDN controller and other forwarding components to the gateway in the dynamic configuration mode. Elastic network card, on this basis, determine the gateway associated with the first elastic network card in the software-defined network SDN, wherein the gateway associated with the first elastic network card may be statically or dynamically configured with the first elastic network card. .

Optionally, the first elastic network card may configure the location information of the first elastic network card in the SDN network on the SDN gateway through static configuration, dynamic learning, etc., and determine the location information of the first elastic network card in the software-defined network SDN. Gateway, it should be noted that the configuration methods here include but are not limited to static configuration, dynamic learning

Optionally, the static configuration method may be to configure the information of the gateway elastic network card on the SDN gateway through the SDN controller, etc.; the dynamic configuration method may be to learn the information of the gateway elastic network card from the SDN controller and other forwarding components by customizing the protocol of the SDN gateway. Way.

Step S206: Obtain first configuration information between the gateway and the virtual private cloud VPC system, where the first configuration information is used to represent that data transmission between the gateway and the VPC system is allowed.

In the technical solution provided by the above step S206 of the present invention, a first elastic network card is created, the information of the first elastic network card in the software-defined network is configured on the SDN gateway, and the gateway associated with the first elastic network card in the software-defined network SND is determined , to obtain the first configuration information between the gateway and the virtual private cloud VPC system, where the first configuration information is used to indicate that data transmission is allowed between the gateway and the VPC system, for example, it can be VPC 888192.168.1.1--->SDN gateway , which can be used to specify data transmission rules; the VPC system can be represented by VPC888. It should be noted that the numbers here are only examples and do not impose specific restrictions.

Step S208, based on the first configuration information, the data associated with the first elastic network card is transmitted between the gateway and the VPC system.

In the technical solution provided by the above step S208 of the present invention, a tunnel information can be allocated to the first elastic network card and stored in the gateway associated with the elastic network card in the software-defined network SDN. The tunnel information can be extended by virtual local area network and general routing encapsulation. (generic routing encapsulation, referred to as gre) and other solutions for configuration, can obtain tunnel information according to the first elastic network card, encapsulate the tunnel information in data packets, NFV return packets and other data, based on the first configuration information in the gateway and VPC system The tunnel information can be used to distinguish multiple clients in the NFV of the VPC888 system, and can correspond to at least one client. It should be noted that the numbers here are only examples and do not impose specific limitations.

Through the above steps S202 to S208 of the present application, the gateway associated with the first elastic network card in the software-defined network SDN is determined; the first configuration information between the gateway and the virtual private cloud VPC system is obtained, wherein the first configuration information is used for Indicates that data transmission is allowed between the gateway and the VPC system; based on the first configuration information, the data associated with the first elastic network card is transmitted between the gateway and the VPC system. That is to say, in this application, by deploying the first elastic network card on the SDN gateway, it is only limited by the resources of the SDN gateway and does not occupy the resources of computing nodes, and the first elastic network card can be intercommunicated with the VPC network, thereby achieving improved performance. The technical effect of data transmission efficiency solves the technical problem of low data transmission efficiency.

The above method of this embodiment will be further described below.

As an optional implementation manner, in step S208, transmitting the data associated with the first elastic network card between the gateway and the VPC system based on the first configuration information includes: determining, on the VPC system, a network function virtual machine corresponding to the first configuration information NFV resources; based on NFV resources, the data associated with the first elastic network card is transmitted between the gateway and the VPC system.

In this embodiment, the network function virtualization NFV resource corresponding to the first configuration information on the VPC system is determined based on the first configuration information. .1.1--->NFV resources corresponding to SDN gateway rules, based on NFV resources, transmit the data associated with the first elastic network card between the gateway and the VPC system.

Optionally, the elastic network card of NFV directly communicates with the infrastructure service layer (Infrastructure as a Service, IaaS for short), and the gateway associated with the first elastic network card in the software-defined network SDN is used as an infrastructure service layer device. After the first elastic network card can directly communicate with the VPC where the NFC is located, the network function virtualized NFV resources corresponding to the first configuration information are determined on the VPC system, when the elastic gateway (NAT gateway), the egress gateway established in the virtual private cloud When the functions of devices such as (VPN gateway) need to be implemented on NFV, configure the corresponding first elastic network card on the SDN gateway, and transmit the data associated with the first elastic network card between the gateway and the VPC system based on NFV resources.

As an optional implementation manner, determine the first elastic network card corresponding to the client; step S204, determine the gateway associated with the first elastic network card in the software-defined network SDN, including: based on the first elastic network card between the client and the gateway The second configuration information is to determine the gateway where the first elastic network card is located, wherein the second configuration information is used to represent that data transmission is allowed between the client and the gateway.

In this embodiment, the gateway where the first elastic network card is located is determined based on the second configuration information between the client and the gateway, where the second configuration information may be used to indicate that data transmission is allowed between the client and the gateway, and may be It is VPC111 192.168.11.1--->SDN gateway, VPC 222 192.168.22.1--->SDN gateway, etc. It should be noted that only the second configuration information is calculated as an example here, and no specific limitation is made; the client can for the corresponding tenant.

Optionally, create second configuration information for the client (for example, a tenant), through the second configuration information (for example, VPC111 192.168.11.1--->SDN gateway, VPC 222 192.168.22.1--->SDN gateway), Intercommunication between the client and the gateway is implemented, and the gateway where the first elastic network card is located is determined based on the second configuration information.

Optionally, the second configuration information is configured on the SDN gateway in the SDN network, and the gateway where the first elastic network card is located may be determined based on the second configuration information between the client and the gateway.

As an optional implementation manner, the number of the first elastic network adapters is determined based on gateway resources of the gateway.

In this embodiment, since the number of the first elastic network cards is limited by the gateway resources, the number of the first elastic network cards may be determined based on the number of gateway resources of the gateway.

Optionally, the number of the first elastic network card may be determined based on the gateway resources of the gateway, wherein, because the first elastic network card does not occupy the resources of the computing node and is only limited by the gateway resources, therefore, when there are many gateway resources, more The first elastic NIC.

In the related art, multiple clients can be connected to NFV through the cross-VPC plugging and unplugging technology of elastic network cards. However, the number of network cards that can be plugged in a single virtual machine is severely limited by this method, and the interface (PCI) of the elastic cloud server is limited. ) addresses, the network cards that can be inserted into a single virtual machine are severely limited, and multiple virtual machines (VM) access through a single elastic network card is not supported for multi-active and mutual backup. This application proposes a gateway-based gateway resource determination method. A method for the number of elastic network cards, since the first elastic network card does not occupy the resources of the computing node, it is only limited by the gateway resources, and there are many gateway resources, so based on the gateway resources of the gateway, more first elastic network cards can be determined. .

As an optional implementation manner, assign identification information to the first elastic network card, where the identification information is used to identify the client corresponding to the first elastic network card in the NFV resources deployed on the VPC system; determine the first elastic network card based on the identification information Data associated with the network card.

In this embodiment, identification information is allocated to the first elastic network card of the client. The identification information is stored on the network card and can be used to distinguish different clients. Different clients can be determined in NFV based on the identification information. Obtain identification information, and encapsulate the identification information in a data packet, so as to determine the data associated with the first elastic network card based on the representation information, wherein the identification information can be the tunnel information allocated by the first virtual network card of the client, which can be used in the VPC The client corresponding to the first elastic network card is identified in the NFV resources deployed on the system.

Optionally, the first virtual network card of each client assigns a piece of identification information, and the identification information is encapsulated in a data packet and stored on the gateway, wherein the identification information can be configured by means of virtual local area network extension, general routing encapsulation, etc. For the client 1 gateway elastic network card (gweni1)--->tunnel information 1; the client 2 gateway elastic network card (gweni2)--->tunnel information 2, the data associated with the first elastic network card is determined based on the identification information.

Optionally, the tunnel information in the identification information is used to identify the client in the NFV resource of the VPC system, and is used to distinguish multiple tenants. For example, the tunnel information can be used to identify which tenant it is, and the tunnel information corresponds to the tenant one-to-one. .

As an optional implementation manner, determining the first elastic network card corresponding to the client includes: creating a corresponding first elastic network card for each of the multiple clients to be accessed to the NFV resource.

In this embodiment, a corresponding first elastic network card is created for each of the multiple clients to be accessed to the NFV resource, so as to determine the first elastic network card corresponding to the client.

Optionally, a first elastic network card is created for each tenant, and the location information of the first elastic network card created for each tenant in the SDN network is configured on the SDN gateway.

As an optional implementation manner, transmitting the data associated with the first elastic network card between the gateway and the VPC system based on the first configuration information includes: based on the first configuration information, between the gateway and the second elastic network card on the VPC system During this time, the data associated with the first elastic network card is transmitted.

In this embodiment, the second elastic network card can directly communicate with the infrastructure service layer, wherein the second elastic network card can be represented by eni001, which can be an elastic network card in NFV; as a device of the infrastructure service layer, the gateway is inserted into the second elastic network card. After the ENIC can directly communicate with the VPC where NFV is located, configure the corresponding second ENIC on the gateway, and transmit the information associated with the first ENIC between the gateway and the second ENIC on the VPC system based on the first configuration information. The data.

Optionally, based on the first configuration information (for example, VPC 888 192.168.1.1--->SDN gateway), the data associated with the first elastic network card may be transmitted between the gateway and the second elastic network card on the VPC system. .

As an optional implementation manner, the address information of the second elastic network card is obtained in the SDN; the second elastic network card is determined on the VPC system based on the address information.

In this embodiment, the address information of the second elastic network card is obtained in the SDN, and the second elastic network card is determined on the VPC system based on the address information, wherein the address information may be similar to the media access control address (Media Access Control, referred to as the media access control address in network forwarding). for MAC).

Optionally, each second elastic network card has location information in the SDN network, similar to the media access control address in network forwarding, and the corresponding second elastic network card is configured on the SDN gateway based on the address information.

As an optional implementation manner, transmitting data associated with the first elastic network card between the gateway and the second elastic network card on the VPC system based on the first configuration information includes: transmitting data associated with the first elastic network card between the gateway and the second elastic network card based on the first configuration information Between the elastic network cards, data associated with the first elastic network card is transmitted via a third elastic network card, where the third elastic network card is deployed on the VPC system.

In this embodiment, based on the first configuration information, the data associated with the first elastic network card is transmitted between the gateway and the second elastic network card via the third elastic network card, wherein the third elastic network card may be represented by gweni888, which may be a deployment Gateway ENIC on the VPC system.

Optionally, the data associated with the first elastic network card is sent to the third elastic network card, and the third elastic network card encapsulates the client information in the data packet according to the location information of the second elastic network card, and sends it to the SDN gateway. The router at the end finds the second elastic network card, obtains the tunnel information according to the second elastic network card, encapsulates the tunnel information in a data packet, modifies the outer client information to the system VPC, and sends it to the virtual machine where the NFV is located. The data associated with the second elastic network card is sent back to the SDN gateway corresponding to the second elastic network card through the location information of the second elastic network card.

The embodiment of the present invention also provides an SDN-based network data access method, which will be further introduced below.

FIG. 3 is a flowchart of a method for accessing network data based on SDN according to an embodiment of the present invention. As shown in FIG. 3 , the method may include the following steps:

Step S302, determining a first elastic network card corresponding to the client and used for data transmission.

In the technical solution provided by the above step S302 of the present invention, a first elastic network card is created for each client, wherein the location information of the first elastic network card in the SDN network can be configured in the SDN network through static configuration, dynamic learning, etc. on the SDN gateway.

Optionally, to create a first elastic network card for each client, you can follow the rules of VPC 111192.168.11.1--->SDN gateway, VPC 222 192.168.22.1--->SDN gateway and other rules, put the first elastic network card in the SDN The location information in the network is configured on the SDN gateway.

Optionally, the static configuration method may be to configure the information of the gateway elastic network card on the SDN gateway through the SDN controller, etc.; the dynamic configuration method may be to learn the information of the gateway elastic network card from the SDN controller and other forwarding components by customizing the protocol of the SDN gateway. Way.

Step S304, controlling the first elastic network card to access the software-defined network SDN.

In the technical solution provided by the above step S304 of the present invention, the first elastic network card may be a gateway elastic network card (GW ENI), which is used for data transmission. After determining the first elastic network card corresponding to the client and used for data transmission, This embodiment can control the first elastic network card to access the software-defined network SDN, so that the first elastic network card works in the SDN.

Step S306: Determine the gateway associated with the first elastic network card in the software-defined network SDN.

In the technical solution provided by the above step S306 of the present invention, the location information of the first elastic network card is stored on the SDN gateway, and the gateway associated with the first elastic network card in the software-defined network SDN is determined, wherein the first elastic network card may be a gateway. Elastic network card; the gateway can be an SDN gateway; the location information can be used to determine which SDN gateway the gateway elastic network card is on.

Optionally, the information of the gateway elastic network card can be configured on the SDN gateway through the SDN controller by using the static configuration method, or the SDN gateway custom protocol can be learned from the SDN controller and other forwarding components to the gateway by using the dynamic configuration method. The elastic network card, and on this basis, determine the gateway associated with the first elastic network card in the software-defined network SDN, wherein the gateway associated with the first elastic network card may be a gateway configured with the first elastic network card through static settings and dynamic settings .

Step S308: Acquire first configuration information between the gateway and the virtual private cloud VPC system, where the first configuration information is used to indicate that data transmission is allowed between the gateway and the VPC system.

In the technical solution provided by the above step S308 of the present invention, a first elastic network card is created, the information of the first elastic network card in the software-defined network is configured on the SDN gateway, and the gateway associated with the first elastic network card in the software-defined network SND is determined , to obtain the first configuration information between the gateway and the virtual private cloud VPC system, where the first configuration information is used to indicate that data transmission is allowed between the gateway and the VPC system, for example, it can be VPC 888192.168.1.1--->SDN gateway , which can be used to specify data transmission rules; the VPC system can be represented by VPC888, VPC111, etc. It should be noted that the numbers here are only examples and do not impose specific restrictions.

Optionally, the location information of the first elastic network card in the software-defined network is configured on the SDN gateway, the gateway associated with the first elastic network card in the software-defined network SDN is determined, the SDN gateway is configured with the first configuration information, and the gateway virtual private The first configuration information between the cloud VPC systems, based on the first configuration information, transmits data between the gateway and the VPC system.

Step S310, based on the first configuration information, transmit the data associated with the first elastic network card between the gateway and the VPC system, so as to connect the client to the network function virtualization NFV resource on the VPC system.

In the technical solution provided by the above step S310 of the present invention, a tunnel information can be allocated to the first elastic network card and stored in the gateway associated with the elastic network card in the software-defined network SDN. The tunnel information can be extended by virtual local area network and general routing encapsulation. It can obtain tunnel information according to the first elastic network card, encapsulate the tunnel information in data packets, NFV return packets and other data, and transmit it between the gateway and the VPC system based on the first configuration information, so as to achieve customer The purpose of accessing the network function virtualized NFV resources on the VPC system, where the tunnel information can be used to distinguish multiple clients in the NFV of the VPC888 system, and can correspond to at least one client one-to-one. It should be noted that The numbers here are for illustration only and not for specific limitations.

Optionally, the information of the client is enclosed in a data packet based on the first configuration information, and sent to the SDN gateway to determine the data associated with the first elastic network card according to the client, and encapsulate the data associated with the first elastic network card in the data packet. , the outer client information is modified to the system VPC, and then sent to the network function virtualization NFV resource.

Optionally, NFV returns the data packets associated with the first elastic network card to the SDN gateways corresponding to the first elastic network card and the second elastic network card through the location information of the first elastic network card and the second elastic network card, and the SDN gateway according to the tunnel information Find the corresponding client VPC information, encapsulate the client information in the data packet, determine the client route, and forward it to the corresponding client.

Through the above steps S302 to S310 of the present application, the first elastic network card corresponding to the client is determined; the gateway associated with the first elastic network card in the software-defined network SDN is determined; the first elastic network card between the gateway and the virtual private cloud VPC system is obtained. Configuration information, where the first configuration information is used to represent data that is allowed to be transmitted between the gateway and the VPC system; based on the first configuration information, the data associated with the first elastic network card is transmitted between the gateway and the VPC system to connect the client into the network function virtualization NFV resources on the VPC system. That is to say, in this application, by deploying the first elastic network card on the SDN gateway, it is only limited by the resources of the SDN gateway and does not occupy the resources of computing nodes, and the first elastic network card can be intercommunicated with the VPC network, thereby achieving improved performance. The technical effect of data transmission efficiency solves the technical problem of low data transmission efficiency.

The embodiment of the present invention also provides an SDN-based network data transmission method.

FIG. 4 is a flowchart of a method for transmitting network data based on SDN according to an embodiment of the present invention. As shown in FIG. 4 , the method may include the following steps.

Step S402: Determine the gateway associated with the first elastic network card in the accessed software-defined network SDN by invoking a first interface, where the first interface includes a first parameter, and the parameter value of the first parameter is the gateway.

In the technical solution provided by the above step S402 of the present invention, the elastic network card information of the first elastic network card is configured on the gateway.

In this embodiment, the first interface may be an interface for data interaction between the server and the client. The client can determine the gateway associated with the first elastic network card in the software-defined network SDN and transmit it to the first interface as a first parameter of the first interface, so as to realize the determination of the gateway associated with the first elastic network card in the software-defined network SDN. The purpose of the gateway.

Step S404: Obtain first configuration information between the gateway and the virtual private cloud VPC system, where the first configuration information is used to represent that data transmission is allowed between the gateway and the VPC system.

Step S406, based on the first configuration information, determine the data associated with the first elastic network card to be transmitted between the gateway and the VPC system.

Step S408 , output the data associated with the first elastic network card by calling the second interface, wherein the second interface includes a second parameter, and the parameter value of the second parameter is the data associated with the first elastic network card.

In the technical solution provided in the above step S408 of the present invention, the second interface may be an interface for data interaction between the server and the client, and the server may output the data associated with the first elastic network card by calling the second interface as the second interface is a parameter to achieve the purpose of outputting the data associated with the first elastic network card. Optionally, the platform outputs data associated with the first elastic network card by invoking a second interface, where the second interface is used to output data associated with the first elastic network card.

In the embodiment of the present invention, the present application determines the gateway associated with the first elastic network card in the software-defined network SDN by invoking the first interface, wherein the first interface includes a first parameter, and the parameter value of the first parameter is the gateway; obtain The first configuration information between the gateway and the virtual private cloud VPC system, where the first configuration information is used to represent data that is allowed to be transmitted between the gateway and the VPC system; based on the first configuration information, the data to be transmitted between the gateway and the VPC system is determined The data associated with the first elastic network card; output the data associated with the first elastic network card by calling the second interface, wherein the second interface includes a second parameter, and the parameter value of the second parameter is the data associated with the first elastic network card. That is to say, in this application, by deploying the first elastic network card on the SDN gateway, it is only limited by the resources of the SDN gateway and does not occupy the resources of computing nodes, and the first elastic network card can be intercommunicated with the VPC network, thereby achieving improved performance. The technical effect of data transmission efficiency solves the technical problem of low data transmission efficiency.

Example 2

The preferred implementation of the above method in this embodiment will be further introduced below, and a method for NFV access based on a network card elastic gateway in an SDN network will be specifically described as an example.

Currently, NFV is deployed in ECS. Generally, NFV instances and client instances can communicate with each other through the solution of elastic network cards. However, this solution has the following problems: limited by the implementation of elastic network cards, dependent on resources on computing nodes, and the number of elastic network cards. Restricted; in some scenarios, NFV implements the capabilities of the infrastructure service layer network and directly communicates with the infrastructure service layer, and the current NFV access cannot implement this scenario.

In order to solve the above problems, the present application provides a multi-tenant solution. FIG. 5 is a schematic diagram of a multi-tenant and NFV interworking according to an embodiment of the present invention. As shown in FIG. Multiple clients connect to NFV, but this method severely limits the number of NICs that can be inserted into a single virtual machine, the number of PCI addresses of the elastic cloud server, and the NICs that can be inserted into a single virtual machine. , does not support multiple virtual machine (VM) access through a single elastic NIC for multi-active and mutual backup.

The present application also provides another multi-tenant solution. FIG. 6 is a schematic diagram of another multi-tenant and NFV interworking according to an embodiment of the present invention. As shown in FIG. 6, NFV is deployed in an elastic cloud server, and the The port trunking (ENITrunking) technology realizes isolation between multiple tenants, and the ENI Bonding technology of the elastic network card is used to realize the access of multiple NFV virtual machines. However, due to the port aggregation technology is limited by the virtual local area network (virtual local area network, referred to as vlan) The number of ) is only 4096 and the number of virtualized resources of computing nodes is limited, and the number of tenants that can be supported is limited; in some scenarios, NFV implements the network capabilities of the infrastructure service layer and directly communicates with the infrastructure service layer. Direct interworking between NFV and the infrastructure service layer is not supported.

This application proposes a method for implementing NFV access based on a gateway elastic network card. FIG. 7 is a schematic diagram of implementing NFV access based on a gateway elastic network card according to an embodiment of the present invention. As shown in FIG. 7 , the gateway elastic network card The location information can be set on the SDN gateway through static setting, dynamic learning, etc. The static configuration method can be configuring the information of the gateway elastic network card on the SDN gateway through the SDN controller; the dynamic configuration method can be the SDN gateway automatically Define the way the protocol learns the gateway ENIC from the SDN controller and other forwarding components; the location information can be used to determine which SDN gateway the gateway ENIC is in, by configuring rules (for example, VPC 888 192.168.1.1--->SDN gateway rules ) to realize the intercommunication between the elastic network card of the system gateway and the VPC network of NFV resources (for example, VPC888 in Figure 7).

Optionally, the method does not need to use ENI to distinguish multiple clients. FIG. 8 is a schematic diagram of a multi-tenant access according to an embodiment of the present invention. As shown in FIG. 8 , when multiple clients access, the Each client creates a gateway elastic network card. The location information of the gateway elastic network card can be set on the SDN gateway through static settings, dynamic learning, etc. Since the gateway elastic network card does not occupy the resources of the computing node, it is only limited by the resources of the SDN gateway. Since there are many SDN gateway resources, more can be configured. By configuring rules (for example, VPC111192.168.11.1--->SDN gateway, VPC 222192.168.22.1--->SDN gateway), the system client can communicate with Interworking of SDN gateways.

Optionally, FIG. 9 is a schematic diagram of assigning tunnel information to multiple tenants according to an embodiment of the present invention. As shown in FIG. 9 , a tunnel is assigned to the gateway elastic network card of each client, wherein the tunnel information can be used in the system. There are multiple clients in the NFV of VPC888, which correspond one-to-one with system VPC111 and VPC222.

Optionally, assign a tunnel information to the gateway elastic network card of each client, and store the tunnel information on the SDN gateway. The tunnel information can be determined by schemes such as virtual local area network extension and gre. >Tunnel information 1, NIC 2--->Tunnel information 2), to realize the intercommunication between the system client and the NFV resources corresponding to the VPC888, and identify different tenants through the tunnel information in NFV.

Optionally, the intercommunication process of client information to NFV resources is as follows: the data packet is sent from the virtual machine to the virtual switch; the virtual switch encapsulates the client information in the data packet according to the location information of the network card elastic gateway, and sends it to the SDN gateway; The gateway finds the gateway elastic network card according to the tenant's route, obtains the tunnel information according to the gateway elastic network card, encapsulates the tunnel information in the data packet, modifies the outer tenant information to the system VPC888, and sends it to the virtual machine where the NFV is located; NFV will The data packet with the tunnel information is sent back to the SDN gateway corresponding to the gateway elastic network card through the location information of the gateway elastic network card; the SDN gateway finds the corresponding tenant VPC information according to the tunnel information, and encapsulates the client information in the data packet; finds the client The route is forwarded to the corresponding client virtual machine.

In this embodiment, the SDN gateway, as an infrastructure service layer device, can directly communicate with the VPC where NFV is located after inserting the gateway elastic network card, so that the NFV elastic network card can directly communicate with the infrastructure service layer. FIG. 10 is according to the present invention. A schematic diagram of the direct intercommunication between the elastic network card of NFV and the infrastructure service layer according to the embodiment, as shown in Figure 10, when the SDN gateway confirms that it needs to forward the data packet to NFV after receiving the data packet, it searches for the information of the network card of NFV and the information of the elastic network card of the gateway. information; encapsulate the client information of the system VPC888 into a data packet and forward it to NFV; when the NFV gateway processes the data packet, confirm that it needs to be forwarded to the SDN gateway, find the information of the SDN gateway elastic network card, and use the address information of the gateway elastic network card as the address information of the gateway elastic network card. Destination address; the virtual switch where NFV is located finds the SDN gateway where the gateway elastic network card is located according to the destination address and forwards it to the SDN gateway, where each network card has location information in the SDN network, similar to the media access control address in network forwarding.

Optionally, when the functions of the elastic gateway and the egress gateway established in the virtual private cloud need to be implemented on NFV, configure the corresponding gateway elastic network card on the SDN gateway. , the egress is the network card 888, and the next hop is the location information of the NFV network card in the SDN network; the inbound direction: VPC 888192.168.1.1--->SDN gateway) rules, so that the elastic network card of NFV can be directly connected to the infrastructure service layer. Intercommunication.

In this embodiment, since the resources of the SDN gateway are much larger than that of the computing nodes, and the gateway elastic network card is lighter in weight and occupies less resources, the ENI is carried on the gateway elastic network card, and the gateway elastic network card is carried on the SDN gateway. Realize the increase of the number of network cards that can be inserted in a single virtual machine, so as to connect client information and NFV, and realize multi-client access; directly configure the gateway elastic network card on the corresponding infrastructure service layer device to solve the problem of VPC and infrastructure. The problem of device interworking at the service layer realizes the interworking between the infrastructure service layer and the VPC.

In this embodiment, based on the virtual network card implemented by the SDN gateway, by deploying the first elastic network card on the SDN gateway, it is only limited by the resources of the SDN gateway and does not occupy the resources of the computing nodes, so as to realize the elastic network card of the system gateway and the NFV resources. The VPC network is interconnected, and the multi-client and NFV intercommunication is realized through multiple gateway elastic network cards, and the NFV directly communicates with the infrastructure service layer, thus achieving the technical effect of improving the efficiency of data transmission and solving the low efficiency of data transmission. technical issues.

Example 3

According to an embodiment of the present invention, an SDN-based network data transmission apparatus for implementing the SDN-based network data transmission method shown in FIG. 2 is also provided.

FIG. 11 is a schematic diagram of an SDN-based network data transmission apparatus according to an embodiment of the present invention. As shown in FIG. 11 , the SDN-based network data transmission 110 may include: a first control unit 112 , a first determination unit 114 , a first acquisition unit 116 and a first transmission unit 118 .

a first control unit 112, configured to control the first elastic network card used for data transmission to access the software-defined network SDN;

The first determining unit 114 is configured to determine a first control unit of a gateway associated with the first elastic network card in the software-defined network SDN, and is configured to control the first elastic network card for transmitting data to access the software-defined network SDN.

The first obtaining unit 116 is configured to obtain first configuration information between the gateway and the virtual private cloud VPC system, where the first configuration information is used to represent that data transmission is allowed between the gateway and the VPC system.

The first transmission unit 118 is configured to transmit data associated with the first elastic network card between the gateway and the VPC system based on the first configuration information.

It should be noted here that the above-mentioned first control unit 112, first determination unit 114, first acquisition unit 116, and first transmission unit 118 correspond to steps S202 to S208 in Embodiment 1, and the three units correspond to The examples and application scenarios implemented by the steps are the same, but are not limited to the content disclosed in the first embodiment above. It should be noted that, as a part of the apparatus, the above-mentioned unit may run in the computer terminal 10 provided in the first embodiment.

According to an embodiment of the present invention, an SDN-based network data transmission apparatus for implementing the SDN-based network data access method shown in FIG. 3 is also provided.

FIG. 12 is a schematic diagram of an SDN-based network data access device according to an embodiment of the present invention. As shown in FIG. 12 , the SDN-based network data access apparatus 120 may include: a second determination unit 122 , a second control unit 124 , a third determination unit 126 , a second acquisition unit 128 and a second transmission unit 130 .

The second determining unit 122 is configured to determine the first elastic network card corresponding to the client and used for transmitting data.

The second control unit 124 is configured to control the first elastic network card to access the software-defined network SDN.

The third determining unit 126 is configured to determine the gateway associated with the first elastic network card in the software-defined network SDN.

The second obtaining unit 128 is configured to obtain the first configuration information between the gateway and the virtual private cloud VPC system, wherein the first configuration information is used to represent that data transmission is allowed between the gateway and the VPC system.

The second transmission unit 130 is configured to transmit data associated with the first elastic network card between the gateway and the VPC system based on the first configuration information, so as to access the client to the network function virtualization NFV resource on the VPC system.

It should be noted here that the above-mentioned second determination unit 122 , second control unit 124 , third determination unit 126 , second acquisition unit 128 , and second transmission unit 130 correspond to steps S302 to S310 in Embodiment 1 , the examples and application scenarios implemented by the four units and the corresponding steps are the same, but are not limited to the content disclosed in the first embodiment. It should be noted that, as a part of the apparatus, the above-mentioned unit may run in the computer terminal 10 provided in the first embodiment.

According to an embodiment of the present invention, another SDN-based network data transmission apparatus for implementing the SDN-based network data transmission method shown in FIG. 4 is further provided.

FIG. 13 is a schematic diagram of another SDN-based network data transmission apparatus according to an embodiment of the present invention. As shown in FIG. 13 , the SDN-based network data transmission apparatus 130 may include: a fourth determination unit 132 , a third acquisition unit 134 , a fifth determination unit 136 and an output unit 138 .

The fourth determining unit 132 is configured to determine the gateway associated with the first elastic network card in the accessed software-defined network SDN by invoking the first interface, wherein the first interface includes a first parameter, and the parameter value of the first parameter is the gateway , the elastic network card information of the first elastic network card is configured on the gateway.

The third obtaining unit 134 is configured to obtain the first configuration information between the gateway and the virtual private cloud VPC system, wherein the first configuration information is used to represent that data transmission is allowed between the gateway and the VPC system.

The fifth determining unit 136 is configured to determine, based on the first configuration information, data associated with the first elastic network card to be transmitted between the gateway and the VPC system.

The output unit 138 is configured to output the data associated with the first elastic network card by calling a second interface, wherein the second interface includes a second parameter, and the parameter value of the second parameter is the data associated with the first elastic network card.

It should be noted here that the above-mentioned fourth determination unit 132, third acquisition unit 134, fifth determination unit 136, and output unit 138 correspond to steps S402 to S408 in Embodiment 1, and the four units correspond to the corresponding steps. The implementation examples and application scenarios are the same, but are not limited to the content disclosed in the first embodiment. It should be noted that, as a part of the apparatus, the above-mentioned unit may run in the computer terminal 10 provided in the first embodiment.

In the SDN-based network data transmission device of this embodiment, by deploying the first elastic network card on the SDN gateway, it is only limited by the resources of the SDN gateway and does not occupy the resources of the computing node, and the first elasticity can be realized The network card communicates with the VPC network, thereby achieving the technical effect of improving the efficiency of data transmission and solving the technical problem of low data transmission efficiency.

Example 4

Embodiments of the present invention can provide an SDN-based network data transmission system, the SDN-based network data transmission system can include a computer terminal, and the computer terminal can be any computer terminal device in a computer terminal group. Optionally, in this embodiment, the above-mentioned computer terminal may also be replaced by a terminal device such as a mobile terminal.

Optionally, in this embodiment, the above-mentioned computer terminal may be located in at least one network device among multiple network devices of a computer network.

In this embodiment, the above-mentioned computer terminal can execute the program code of the following steps in the SDN-based network data transmission method of the application program: control the first elastic network card used for data transmission to access the software-defined network SDN; determine the first elastic network card The gateway associated in the SDN, wherein the elastic network card information of the first elastic network card is configured on the gateway; the first configuration information between the gateway and the virtual private cloud VPC system is obtained, wherein the first configuration information is used to represent the gateway and the virtual private cloud VPC system. Data transmission is allowed between VPC systems; data associated with the first elastic network card is transmitted between the gateway and the VPC system based on the first configuration information.

Optionally, FIG. 14 is a structural block diagram of a computer terminal according to an embodiment of the present invention. As shown in FIG. 14 , the computer terminal A may include: one or more (only one is shown in the figure) processor 142 , memory 144 , and transmission device 146 .

The memory can be used to store software programs and modules, such as program instructions/modules corresponding to the SDN-based network data transmission method and device in the embodiments of the present invention, and the processor executes the software programs and modules stored in the memory by running the software programs and modules. Various functional applications and signal processing implement the above-mentioned SDN-based network data transmission method. The memory may include high-speed random access memory, and may also include non-volatile memory, such as one or more magnetic storage devices, flash memory, or other non-volatile solid-state memory. In some instances, the memory may further include memory located remotely from the processor, and these remote memories may be connected to the computer terminal A through a network. Examples of such networks include, but are not limited to, the Internet, an intranet, a local area network, a mobile communication network, and combinations thereof.

The processor may call the information and application programs stored in the memory through the SDN-based network data transmission device to perform the following steps: control the first elastic network card used for data transmission to access the software-defined network SDN; determine that the first elastic network card is in the SDN The gateway associated with , wherein the elastic network card information of the first elastic network card is configured on the gateway; the first configuration information between the gateway and the virtual private cloud VPC system is obtained, wherein the first configuration information is used to represent the gateway and the VPC system. Data transmission is allowed between them; data associated with the first elastic network card is transmitted between the gateway and the VPC system based on the first configuration information.

Optionally, the above-mentioned processor may further execute the program code of the following steps: determine the network function virtualization NFV resource corresponding to the first configuration information on the VPC system; transmit the first elastic network card between the gateway and the VPC system based on the NFV resource. associated data.

Optionally, the above-mentioned processor may further execute the program code of the following steps: determine the gateway where the first elastic network card is located based on the second configuration information between the client and the gateway, where the second configuration information is used to represent the client Data transfer to and from the gateway is allowed.

Optionally, the above-mentioned processor may further execute the program code of the following steps: determining the number of the first elastic network card based on the gateway resource of the gateway.

Optionally, the above-mentioned processor may further execute the program code of the following steps: allocating identification information to the first elastic network card, wherein the identification information is used to identify the client corresponding to the first elastic network card in the NFV resources deployed on the VPC system; The data associated with the first elastic network card is determined based on the identification information.

Optionally, the above-mentioned processor may further execute the program code of the steps of: creating a corresponding first elastic network card for each of the multiple clients to be accessed to the NFV resource.

Optionally, the above-mentioned processor may further execute the program code of the following steps: based on the first configuration information, between the gateway and the second elastic network card on the VPC system, transmit data associated with the first elastic network card.

Optionally, the above-mentioned processor may further execute the program code of the following steps: acquiring address information of the second elastic network card in the SDN; and determining the second elastic network card on the VPC system based on the address information.

Optionally, the above-mentioned processor may further execute the program code of the following steps: based on the first configuration information, between the gateway and the second elastic network card, transmit the data associated with the first elastic network card via the third elastic network card, wherein the third elastic network card ENICs are deployed on VPC systems.

As an optional example, the processor may call the information and application programs stored in the memory through the SDN-based network data access device to perform the following steps: determine the first elasticity corresponding to the client and used for data transmission network card; controlling the first elastic network card to access the software-defined network SDN; determining the gateway associated with the first elastic network card in the software-defined network SDN, wherein the elastic network card information of the first elastic network card is configured on the gateway; obtaining the gateway and the virtual private The first configuration information between cloud VPC systems, where the first configuration information is used to indicate that data transmission between the gateway and the VPC system is allowed; based on the first configuration information, the first configuration information is transmitted between the gateway and the VPC system associated with the first elastic network card data to connect clients to network function virtualization NFV resources on the VPC system.

As an optional example, the processor may use the SDN-based network data transmission device to call the information and application programs stored in the memory to perform the following steps: determine, by calling the first interface, the software-defined access status of the first elastic network card The gateway associated in the network SDN, wherein the first interface includes a first parameter, the parameter value of the first parameter is the gateway, and the elastic network card information of the first elastic network card is configured on the gateway; obtain the connection between the gateway and the virtual private cloud VPC system The first configuration information of , wherein the first configuration information is used to represent data that is allowed to be transmitted between the gateway and the VPC system; based on the first configuration information, determine the data associated with the first elastic network card to be transmitted between the gateway and the VPC system; The data associated with the first elastic network card is output by calling the second interface, wherein the second interface includes a second parameter, and the parameter value of the second parameter is the data associated with the first elastic network card.

In an embodiment of the present invention, an SDN-based network data transmission method is provided, the gateway associated with the first elastic network card in the software-defined network SDN is determined; the first configuration information between the gateway and the virtual private cloud VPC system is obtained , wherein the first configuration information is used to indicate that data transmission between the gateway and the VPC system is allowed; based on the first configuration information, the data associated with the first elastic network card is transmitted between the gateway and the VPC system. That is to say, in this application, by deploying the first elastic network card on the SDN gateway, it is only limited by the resources of the SDN gateway and does not occupy the resources of computing nodes, and the first elastic network card can be intercommunicated with the VPC network, thereby achieving improved performance. The technical effect of data transmission efficiency solves the technical problem of low data transmission efficiency.

Those of ordinary skill in the art can understand that the structure shown in FIG. 14 is for illustration only, and the computer terminal A can also be a smart phone (such as an Android mobile phone, an iOS mobile phone, etc.), a tablet computer, an applause computer, and a Mobile Internet Devices (MID) , PAD and other terminal equipment. FIG. 14 does not limit the structure of the computer terminal A described above. For example, the computer terminal A may also include more or less components than those shown in FIG. 14 (eg, a network interface, a display device, etc.), or have a different configuration than that shown in FIG. 14 .

Those of ordinary skill in the art can understand that all or part of the steps in the various methods of the above embodiments can be completed by instructing the hardware related to the terminal device through a program, and the program can be stored in a computer-readable storage medium, and the storage medium can Including: flash disk, read-only memory (Read-Only Memory, ROM), random access device (RandomAccess Memory, RAM), magnetic disk or optical disk, etc.

According to another aspect of the embodiments of the present invention, an SDN-based network data access system may be provided. The SDN-based network data access system may include a computer terminal, and the computer terminal may be any computer in a computer terminal group. Terminal Equipment. Optionally, the SDN-based network data transmission device includes: a first elastic network card connected to the client; a gateway in the software-defined network SDN for configuring elastic network card information of the first elastic network card; a virtual private cloud VPC system, is used to receive data associated with the first elastic network card based on the first configuration information between the gateway, so as to access the client to the network function virtualization NFV resource on the VPC system, wherein the first configuration information is used to represent Data transmission is allowed between the gateway and the VPC system.

In this embodiment, the first elastic network card in the SDN-based network data access system is connected to the client, and the client segment may correspond to a tenant; the gateway in the software-defined network SDN is used to configure the elasticity of the first elastic network card. Network card information, so that the first elastic network card is deployed on the gateway. The VPC system can obtain the first configuration information between the VPC system and the gateway, where the first configuration information is used to indicate that data transmission is allowed between the gateway and the VPC system, and can receive data associated with the first elastic network card based on the first configuration information, To connect clients to network function virtualized NFV resources on the VPC system. Therefore, the SDN-based network data access system of this embodiment can deploy the first elastic network card on the SDN gateway, which is only limited by the resources of the SDN gateway and does not occupy the resources of computing nodes, and can realize the first elastic network card It communicates with the VPC network, thereby achieving the technical effect of improving the efficiency of data transmission and solving the technical problem of low data transmission efficiency.

According to another aspect of the embodiments of the present invention, an SDN-based network data transmission device may be provided. The SDN-based network data transmission device may include a computer terminal, and the computer terminal may be any computer terminal device in a computer terminal group. . Optionally, the SDN-based network data transmission device includes: a gateway for configuring elastic network card information of the first elastic network card connected to the software-defined network SDN; a third interface, connected to the gateway, for obtaining the gateway and the first configuration information between the virtual private cloud VPC system, and control the gateway to transmit data associated with the first elastic network card to the VPC system based on the first configuration information, where the first configuration information is used to represent the gateway and the VPC system. Data transfer is allowed.

In this embodiment, the gateway in the SDN-based network data transmission device can be used to configure the elastic network card information of the first elastic network card connected to the software-defined network SDN, and then obtain the gateway through a third interface connected to the gateway The first configuration information between the virtual private cloud VPC system and the virtual private cloud VPC system. Since the first configuration information is used to indicate that data transmission is allowed between the gateway and the VPC system, the gateway can be controlled to transmit the first elastic network card to the VPC system based on the first configuration information. associated data. Therefore, the SDN-based network data transmission device in this embodiment can deploy the first elastic network card on the SDN gateway, which is only limited by the resources of the SDN gateway and does not occupy the resources of the computing node, and can realize the connection between the first elastic network card and the SDN gateway. The VPC network is interconnected, thereby achieving the technical effect of improving the efficiency of data transmission, and solving the technical problem of low data transmission efficiency.

Example 5

Embodiments of the present invention also provide a computer-readable storage medium. Optionally, in this embodiment, the above-mentioned computer-readable storage medium may be used to store the program code executed by the SDN-based network data transmission method provided in the above-mentioned first embodiment.

Optionally, in this embodiment, the computer-readable storage medium may be located in any computer terminal in a computer terminal group in a computer network, or in any mobile terminal in a mobile terminal group.

As an optional example, the computer-readable storage medium is configured to store program codes for performing the following steps: controlling the first elastic network card for transmitting data to access the software-defined network SDN; determining that the first elastic network card is in software Define the gateway associated in the network SDN, where the elastic network card information of the first elastic network card is configured on the gateway; obtain the first configuration information between the gateway and the virtual private cloud VPC system, where the first configuration information is used to represent the gateway Data transmission is allowed between the VPC system and the gateway; the data associated with the first elastic network card is transmitted between the gateway and the VPC system based on the first configuration information.

Optionally, in this embodiment, the above-mentioned computer-readable storage medium is configured to store program codes for executing the following steps: determining, on the VPC system, network function virtualization NFV resources corresponding to the first configuration information; The resource transmits data associated with the first elastic network card between the gateway and the VPC system.

Optionally, in this embodiment, the above-mentioned computer-readable storage medium is configured to store program codes for executing the following steps: based on the second configuration information between the client and the gateway, determine the location where the first elastic network card is located. The gateway, wherein the second configuration information is used to represent that data transmission is allowed between the client and the gateway.

Optionally, in this embodiment, the above-mentioned computer-readable storage medium is configured to store program codes for executing the following steps: determining the number of the first elastic network cards based on gateway resources of the gateway.

Optionally, in this embodiment, the above-mentioned computer-readable storage medium is configured to store program codes for performing the following steps: assigning identification information to the first elastic network card, wherein the identification information is used for the software deployed on the VPC system. The client corresponding to the first elastic network card is identified in the NFV resource; the data associated with the first elastic network card is determined based on the identification information.

Optionally, in this embodiment, the above-mentioned computer-readable storage medium is configured to store program codes for performing the following steps: creating a corresponding The first elastic NIC.

Optionally, in this embodiment, the above-mentioned computer-readable storage medium is configured to store program codes for executing the following steps: based on the first configuration information, between the gateway and the second elastic network card on the VPC system, transmit the first Data associated with an elastic network card.

Optionally, in this embodiment, the above-mentioned computer-readable storage medium is configured to store program codes for executing the following steps: obtaining address information of the second elastic network card in the SDN; determining the first elastic network card on the VPC system based on the address information Two elastic network cards.

Optionally, in this embodiment, the above-mentioned computer-readable storage medium is configured to store program codes for executing the following steps: based on the first configuration information, between the gateway and the second elastic network card, via the third elastic network card for transmission Data associated with the first elastic network card, wherein the third elastic network card is deployed on the VPC system.

As an optional example, the computer-readable storage medium is configured to store program codes for performing the following steps: determining a first elastic network card corresponding to the client and used for transmitting data; controlling the access of the first elastic network card software-defined network SDN; determine the gateway associated with the first elastic network card in the software-defined network SDN, wherein the elastic network card information of the first elastic network card is configured on the gateway; obtain the first configuration between the gateway and the virtual private cloud VPC system information, wherein the first configuration information is used to indicate that data transmission is allowed between the gateway and the VPC system; based on the first configuration information, the data associated with the first elastic network card is transmitted between the gateway and the VPC system, so as to connect the client to the Network functions on VPC systems are virtualized in NFV resources.

As an optional example, the computer-readable storage medium is configured to store program codes for performing the following steps: determining a gateway associated with the first elastic network card in the accessed software-defined network SDN by invoking the first interface, The first interface includes a first parameter, the parameter value of the first parameter is the gateway, and the elastic network card information of the first elastic network card is configured on the gateway; the first configuration information between the gateway and the virtual private cloud VPC system is obtained, wherein, The first configuration information is used to represent data that is allowed to be transmitted between the gateway and the VPC system; the data associated with the first elastic network card to be transmitted between the gateway and the VPC system is determined based on the first configuration information; the first elastic network card is output by calling the second interface The data associated with the elastic network card, wherein the second interface includes a second parameter, and the parameter value of the second parameter is the data associated with the first elastic network card.

The above-mentioned serial numbers of the embodiments of the present invention are only for description, and do not represent the advantages or disadvantages of the embodiments.

In the above-mentioned embodiments of the present invention, the description of each embodiment has its own emphasis. For parts that are not described in detail in a certain embodiment, reference may be made to related descriptions of other embodiments.

In the several embodiments provided in this application, it should be understood that the disclosed technical content can be implemented in other ways. The apparatus embodiments described above are only illustrative, for example, the division of the units is only a logical function division, and there may be other division methods in actual implementation, for example, multiple units or components may be combined or Integration into another system, or some features can be ignored, or not implemented. On the other hand, the shown or discussed mutual coupling or direct coupling or communication connection may be through some interfaces, indirect coupling or communication connection of units or modules, and may be in electrical or other forms.

The units described as separate components may or may not be physically separated, and components displayed as units may or may not be physical units, that is, may be located in one place, or may be distributed to multiple network units. Some or all of the units may be selected according to actual needs to achieve the purpose of the solution in this embodiment.

In addition, each functional unit in each embodiment of the present invention may be integrated into one processing unit, or each unit may exist physically alone, or two or more units may be integrated into one unit. The above-mentioned integrated units may be implemented in the form of hardware, or may be implemented in the form of software functional units.

The integrated unit, if implemented in the form of a software functional unit and sold or used as an independent product, may be stored in a computer-readable storage medium. Based on this understanding, the technical solution of the present invention is essentially or the part that contributes to the prior art, or all or part of the technical solution can be embodied in the form of a software product, and the computer software product is stored in a storage medium , including several instructions for causing a computer device (which may be a personal computer, a server, or a network device, etc.) to execute all or part of the steps of the methods described in the various embodiments of the present invention. The aforementioned storage medium includes: U disk, read-only memory (ROM, Read-Only Memory), random access memory (RAM, Random Access Memory), mobile hard disk, magnetic disk or optical disk and other media that can store program codes .

The above are only the preferred embodiments of the present invention. It should be pointed out that for those skilled in the art, without departing from the principles of the present invention, several improvements and modifications can be made. It should be regarded as the protection scope of the present invention.

Claims (16)

1. A network data transmission method based on SDN is characterized by comprising the following steps:

controlling a first elastic network card for transmitting data to access a Software Defined Network (SDN);

determining a gateway associated with the first elastic network card in the SDN, wherein elastic network card information of the first elastic network card is configured on the gateway;

acquiring first configuration information between the gateway and a Virtual Private Cloud (VPC) system, wherein the first configuration information is used for representing that data transmission is allowed between the gateway and the VPC system;

and transmitting data associated with the first elastic network card between the gateway and the VPC system based on the first configuration information.

2. The method of claim 1, wherein transmitting the data associated with the first resilient network card between the gateway and the VPC system based on the first configuration information comprises:

determining, on the VPC system, Network Function Virtualization (NFV) resources corresponding to the first configuration information;

transmitting data associated with the first resilient network card between the gateway and the VPC system based on the NFV resources.

3. The method of claim 2,

the method further comprises the following steps: determining the first elastic network card corresponding to the client;

determining a gateway associated with the first resilient network card in the SDN, comprising: and determining the gateway where the first elastic network card is located based on second configuration information between the client and the gateway, wherein the second configuration information is used for representing that data transmission is allowed between the client and the gateway.

4. The method of claim 3, further comprising:

and determining the number of the first elastic network cards based on the gateway resources of the gateway.

5. The method of claim 3, further comprising:

allocating identification information to the first elastic network card, wherein the identification information is used for identifying the client corresponding to the first elastic network card in NFV resources deployed on the VPC system;

and determining data associated with the first elastic network card based on the identification information.

6. The method of claim 3, wherein determining the first resilient network card corresponding to a client comprises:

and creating the corresponding first elastic network card for each client in the plurality of clients to be accessed with the NFV resources.

7. The method of claim 1, wherein transmitting data associated with the first resilient network card between the gateway and the VPC system based on the first configuration information comprises:

and transmitting data associated with the first flexible network card between the gateway and a second flexible network card on the VPC system based on the first configuration information.

8. The method of claim 7, further comprising:

acquiring address information of the second elastic network card in the SDN;

determining the second resilient network card on the VPC system based on the address information.

9. The method of claim 7, wherein transmitting data associated with the first resilient network card between the gateway and a second resilient network card on the VPC system based on the first configuration information comprises:

and transmitting data associated with the first flexible network card between the gateway and the second flexible network card through a third flexible network card based on the first configuration information, wherein the third flexible network card is deployed on the VPC system.

10. A network data access method based on SDN is characterized by comprising the following steps:

determining a first elastic network card which corresponds to the client and is used for transmitting data;

controlling the first elastic network card to access a Software Defined Network (SDN);

determining a gateway associated with the first elastic network card in the SDN, wherein elastic network card information of the first elastic network card is configured on the gateway;

acquiring first configuration information between the gateway and a Virtual Private Cloud (VPC) system, wherein the first configuration information is used for representing that data transmission is allowed between the gateway and the VPC system;

transmitting data associated with the first resilient network card between the gateway and the VPC system based on the first configuration information to access the client into Network Function Virtualization (NFV) resources on the VPC system.

11. A network data transmission method based on SDN is characterized by comprising the following steps:

determining a gateway associated with a first elastic network card in an accessed Software Defined Network (SDN) by calling a first interface, wherein the first interface comprises a first parameter, a parameter value of the first parameter is the gateway, and elastic network card information of the first elastic network card is configured on the gateway;

acquiring first configuration information between the gateway and a Virtual Private Cloud (VPC) system, wherein the first configuration information is used for representing that data transmission is allowed between the gateway and the VPC system;

determining data associated with the first flexible network card to be transmitted between the gateway and the VPC system based on the first configuration information;

and outputting data associated with the first elastic network card by calling a second interface, wherein the second interface comprises a second parameter, and the parameter value of the second parameter is the data associated with the first elastic network card.

12. A computer-readable storage medium, comprising a stored program, wherein the program, when executed by a processor, controls an apparatus in which the computer-readable storage medium is located to perform the method of any of claims 1-11.

13. A processor, characterized in that the processor is configured to run a program, wherein the program when running performs the method of any of claims 1 to 11.

14. An SDN-based network data transmission system, comprising:

a processor;

a memory coupled to the processor for providing instructions to the processor for processing the following processing steps: controlling a first elastic network card for transmitting data to access a Software Defined Network (SDN); determining a gateway associated with the first elastic network card in the SDN, wherein elastic network card information of the first elastic network card is configured on the gateway; acquiring first configuration information between the gateway and a Virtual Private Cloud (VPC) system, wherein the first configuration information is used for representing that data transmission is allowed between the gateway and the VPC system; and transmitting data associated with the first elastic network card between the gateway and the VPC system based on the first configuration information.

15. An SDN-based network data access system, comprising:

the first elastic network card is connected to the client;

a gateway in a Software Defined Network (SDN) and used for configuring the elastic network card information of the first elastic network card;

the virtual private cloud VPC system is used for receiving data associated with the first elastic network card based on first configuration information between the virtual private cloud VPC system and the gateway so as to enable the client to access Network Function Virtualization (NFV) resources on the VPC system, wherein the first configuration information is used for representing that data transmission between the gateway and the VPC system is allowed.

16. An SDN-based network data transmission device, comprising:

the gateway is used for configuring elastic network card information of a first elastic network card accessed in a Software Defined Network (SDN);

and the third interface is connected with the gateway and is used for acquiring first configuration information between the gateway and a Virtual Private Cloud (VPC) system and controlling the gateway to transmit data associated with the first elastic network card to the VPC system based on the first configuration information, wherein the first configuration information is used for representing that data transmission is allowed between the gateway and the VPC system.

Images