Search

CN-116210204-B - System and method for VLAN switching and routing services

CN116210204BCN 116210204 BCN116210204 BCN 116210204BCN-116210204-B

Abstract

Systems and methods for VLAN Switching and Routing Services (VSRS) are disclosed herein. A method may include generating a table for an instance of a VSRS coupling a first virtual layer 2 network (VLAN) with a second network. The table may contain information identifying the IP address, MAC address, and virtual interface identifier of the instance in the virtual layer 2 network. The method may include receiving, with a VSRS, a packet from a first instance, the packet designated for delivery to a second instance within the virtual layer 2 network, identifying, with the VSRS, the second instance within the virtual layer 2 network to deliver the packet based on information received with the packet and information contained within the table, and delivering the packet to the identified second instance.

Inventors

  • BRAR JAGWINDER SINGH
  • L. M. Craig Steakles
  • S. BAKER
  • B.E. Bockman
  • P.C. JONES

Assignees

  • 甲骨文国际公司

Dates

Publication Date
20260512
Application Date
20210714
Priority Date
20200714

Claims (20)

  1. 1.A method, comprising: Generating a table for an instance of a VLAN Switching and Routing Service (VSRS) that couples a first virtual layer 2 network (VLAN) with a second network, wherein the table contains information identifying an IP address, a MAC address, and a virtual interface identifier of the instance within the virtual layer 2 network; receiving, with the VSRS, a packet from the first instance, the packet designated for delivery to a second instance within the virtual layer 2 network; Identifying a second instance within the virtual layer 2 network with the VSRS to deliver the packet based on the information received with the packet and the information contained within the table, and The packet is delivered to the identified second instance.
  2. 2. The method of claim 1, wherein the first virtual layer 2 network comprises a plurality of instances.
  3. 3. The method of claim 2, wherein the VLAN comprises a plurality of layer 2 Virtual Network Interface Cards (VNICs) and a plurality of switches, wherein each instance of the plurality of instances is communicatively coupled with a pair comprising a unique layer 2 Virtual Network Interface Card (VNIC) and a unique switch.
  4. 4. The method of any of claims 1-3, wherein identifying a second instance within the virtual layer 2 network with the VSRS to deliver the packet based on the information received with the packet and the information contained within the table comprises: Determining, with the VSRS, that the table does not include mapping information for the second instance; suspending delivery of packets with VSRS; Broadcasting an ARP request to the VNICs in the VLANs with the VSRS, the ARP request including the IP address of the second instance, and An ARP response is received with the VSRS from the VNIC of the second instance.
  5. 5. The method of claim 4, further comprising updating a table based on the received ARP response.
  6. 6. A method as claimed in claim 2 or 3, wherein the first instance is external to the virtual layer 2 network and in the second network.
  7. 7. The method of claim 6, wherein the second network comprises a layer 3 network.
  8. 8. The method of claim 6, wherein the second network comprises a second virtual layer 2 network.
  9. 9. A method as claimed in claim 2 or 3, wherein the table is generated based on communications received by the VSRS.
  10. 10. The method of claim 9, further comprising instantiating the VSRS as a service on a plurality of hardware nodes.
  11. 11. The method of claim 10, further comprising distributing tables across hardware nodes.
  12. 12. The method of claim 11, wherein a table distributed across hardware nodes is accessible by another VSRS instantiation.
  13. 13. A method as claimed in any one of claims 1 to 3, wherein the first instance is inside a first virtual layer 2 network.
  14. 14. The method of any one of claims 1 to 13, further comprising receiving a packet with the VSRS from a third instance inside the virtual layer 2 network, wherein the packet is designated for delivery to a fourth instance outside the virtual layer 2 network and forwarding the packet to the fourth instance.
  15. 15. The method of any one of claims 1 to 13, further comprising receiving a packet with the VSRS from a third instance inside the virtual layer 2 network, wherein the packet is designated for delivery to a service used by the third instance inside the virtual layer 2 network.
  16. 16. The method of claim 15, wherein the service comprises at least one of DHCP, NTP, and DNS.
  17. 17. The method of any one of claims 1 to 13, further comprising receiving a packet with the VSRS from a third instance within one virtual layer 2 network, wherein the packet is designated for delivery to a fourth instance in a second virtual layer 2 network.
  18. 18. The method of any of claims 1 to 9, further comprising distributing a table of instances for VSRSs having layer 2 and layer 3 network information across clusters of service nodes to provide highly reliable and highly scalable instantiation of VSRSs.
  19. 19. The method of claim 1, further comprising: receiving packets from a third instance within the first virtual layer 2 network with the VSRS, and The mapping of the third instance is learned with VSRS.
  20. 20. A system, comprising: The physical network includes: at least one processor, and The network is virtualized to the extent that the device, Wherein the at least one processor is configured to: Instantiating an instance of a VLAN Switching and Routing Service (VSRS) that couples a first virtual layer 2 network with a second network; generating a table for an instance of the VSRS, wherein the table contains information identifying an IP address, a MAC address, and a virtual interface identifier of the instance within the virtual layer 2 network; receiving, with the VSRS, a packet from the first instance, the packet designated for delivery to a second instance within the virtual layer 2 network; Identifying a second instance within the virtual layer 2 network with the VSRS to deliver the packet based on the information received with the packet and the information contained within the table, and The packet is delivered to the identified second instance.

Description

System and method for VLAN switching and routing services Cross Reference to Related Applications The application claims the benefit of the following applications: (1) U.S. provisional application No.63/051,728, filed on 7.14/2020, and titled "VLAN SWITCHING AND Routing SERVICE AND LAYER-2Networking In A Virtualized Cloud Environment", and (2) U.S. provisional application No.63/132,377, filed 12/30/2020, entitled "Layer-2 Networking In A Virtualized Cloud Environment". The entire contents of the above provisional application are incorporated herein by reference for all purposes. The present application is also related to U.S. application No. __________________ (Attorney Docket No.088325-1203134-276500 US), entitled "VIRTUAL LAYER-2NETWORK," filed on 7 months 14 of 2021, and to U.S. application No. __________________ (Attorney Docket No.088325-1256549-276520 US), entitled "INTERFACE-BASED ACLS IN A LAYER-2NETWORK," filed on 7 months 14 of 2021, the entire contents of each of which are incorporated herein by reference for all purposes. Background Cloud computing provides on-demand availability of computing resources. Cloud computing may be based on a data center accessible to users via the internet. Cloud computing may provide infrastructure as a service (IaaS). A virtual network may be created for use by a user. These virtual networks have limitations that limit their functionality and value. Thus, further improvements are desired. Disclosure of Invention One aspect of the present disclosure relates to a computer-implemented method. The method includes providing a virtual layer 3 network in a virtualized cloud environment and providing a virtual layer 2 network in the virtualized cloud environment, the virtual layer 3 network hosted by an underlying physical network, the virtual layer 2 network hosted by the underlying physical network. In some embodiments, the virtual layer 2 network may be a Virtual Local Area Network (VLAN). In some embodiments, a VLAN includes a plurality of endpoints. In some embodiments, the plurality of endpoints may be a plurality of computing instances. In some embodiments, a VLAN includes a plurality of L2 virtual network interface cards (L2 VNICs) and a plurality of switches. In some embodiments, each of the plurality of computing instances is communicatively coupled with a pair comprising a unique L2 virtual network interface card (L2 VNIC) and a unique switch. In some embodiments, multiple switches together may form a distributed switch. In some embodiments, each of the plurality of switches routes outbound traffic according to a mapping table received from an L2 VNIC paired with the switch. In some embodiments, the mapping table identifies interface-to-MAC address mappings for endpoints within a VLAN. In some embodiments, the method further includes instantiating, on a Network Virtualization Device (NVD), a pair including the unique L2VNIC and the unique switch. In some embodiments, the method includes receiving, from another endpoint within the VLAN, a packet addressed to one of the plurality of computing instances at a unique L2VNIC of the one of the plurality of computing instances, and learning a mapping of the other endpoint with the unique L2VNIC of the one of the plurality of computing instances. In some embodiments, the mapping of the other endpoint includes an interface-to-MAC address mapping of the other endpoint. In some embodiments, the method includes decapsulating the received packet with a unique L2VNIC of one of the plurality of computing instances and forwarding the decapsulated packet to the one of the plurality of computing instances. In some embodiments, the method includes learning an IP address to MAC address mapping of the other endpoint with one of the plurality of computing instances. In some embodiments, the method includes sending an IP packet from a first computing instance in the VLAN, the IP packet including a destination IP address of a second computing instance in the VLAN, receiving the IP packet at a first L2VNIC associated with the first computing instance, encapsulating the IP packet at the first L2VNIC, and forwarding the IP packet to the second computing instance via the first switch. In some embodiments, the first switch and the first L2VNIC are used together for a pair communicatively coupled with the first computing instance. In some embodiments, the method further includes receiving the IP packet at a second VNIC, the second VNIC being associated with a second computing instance, decapsulating the IP packet at the second VNIC, and forwarding the IP packet from the second VNIC to the second computing instance. In some embodiments, the virtual layer 2 network includes a plurality of Virtual Local Area Networks (VLANs). In some embodiments, each of the plurality of VLANs includes a plurality of endpoints. In some embodiments, the plurality of VLANs includes a first VLAN and a second VLAN. In some embodiments, the first VLAN includes a plur