Traitement en cours

Veuillez attendre...

Paramétrages

Paramétrages

Aller à Demande

1. US20160350151 - System and method for routing network frames between virtual machines

Note: Texte fondé sur des processus automatiques de reconnaissance optique de caractères. Seule la version PDF a une valeur juridique

[ EN ]

Claims

1. A method of routing network frames between virtual machines on a common physical server comprising a plurality of central processing units (CPUs), the method comprising:
associating a virtual machine-to-virtual machine (VM-to-VM) switch embedded in a network interface card (NIC) with a physical port of the NIC;
establishing two or more virtual ports of the VM-to-VM switch;
associating at least one virtual machine (VM) of a first CPU with a first one of the virtual ports of the VM-to-VM switch and associating at least one virtual machine (VM) of a second CPU with a second one of the virtual ports of the VM-to-VM switch, wherein the first CPU and the second CPU are on a common physical server;
receiving network frames from the physical port of the NIC and from the virtual ports of the VM-to-VM switch, wherein the network frames comprise a Quality of Service (QoS) written into an Internet Protocol (IP) packet header of the network frames, wherein the QoS identifies a routing path for the network frames;
reading, at the VM-to-VM switch, the QoS written in the IP packet header of the network frames to determine if the QoS of the network frames is consistent with a QoS assigned to the network frames by a user configuration module;
modifying the QoS of the network frames by rewriting the QoS in the IP packet header of the network frames, using hardware in the VM-to-VM switch, to be consistent with the QoS assigned to the network frames by the user configuration module if it is determined that the QoS of the network frames is not consistent with the QoS assigned to the network frames by the user configuration module; and
routing network frames between the VMs associated with the virtual ports through the VM-to-VM switch based upon the QoS modified by the VM-to-VM switch.
2. The method of claim 1, wherein associating the one VM with each of the virtual ports of the VM-to-VM switch further comprises storing the association between the VMs and the virtual ports of the VM-to-VM switch in a look-up table.
3. The method of claim 1, wherein associating one VM with each of the virtual ports of the VM-to-VM switch further comprises:
identifying a virtual media access control (vMAC) address of each VM; and
associating the vMAC address of the VM with one of the virtual ports of the VM-to-VM switch.
4. The method of claim 1, wherein routing network frames between the VMs associated with the virtual ports through the VM-to-VM switch further comprises:
storing the association between the VMs and the virtual ports of the VM-to-V switch in a look-up table;
receiving a network frame originating from a source VM, at the VM-to-VM switch, the network frame identifying a destination VM;
accessing the look-up table to identify the virtual port associated with the destination VM; and
routing the network frame to the destination VM through the VM-to-VM switch.
5. The method of claim 1, wherein the VM-to-VM Switch is a single root I/O virtualization (SR-IOV) enabled switch.
6. The method of claim 1, wherein the VM-to-VM switch is a single root I/O virtualization (SR-IOV) enabled switch, and associating one VM with each of the virtual ports of the VM-to-VM switch further comprises:
assigning a virtual Media Access Control (vMAC) address to the VM;
associating the assigned vMAC addresses with a Virtual Function (VF) associated with the Physical Function (PF) of the SR-IOV enabled switch; and
storing the assigned vMAC address and the associated VF in a look-up table.
7. The method of claim 3, wherein the VM-to-VM switch is a single root I/O virtualization (SR-IOV) enabled switch and wherein each vMAC address includes an Organizationally Unique Identifier (OUI) identifying a Physical Function (PF) of the SR-IOV enabled switch.
8. The method of claim 1, wherein the VM-to-VM switch is a single root I/O virtualization (SR-IOV) enabled switch and routing network frames between the VMs associated with the virtual ports through the VM-to-VM switch further comprises:
receiving a network frame originating from a source VM, the network frame including a vMAC address of the source VM and a vMAC address of the destination VM, wherein each vMAC address includes an Organizationally Unique Identifier (OUI) identifying a Physical Function (PF) of the SR-IOV enabled switch;
comparing the vMAC address of the source VM and the vMAC address of the destination VM of the network frame;
if the OUI of the vMAC address of the source VM is equal to the OUI of the vMAC address of the destination VM of the network frame, using the vMAC address of the destination VM to identify the VF associated with the destination VM; and
routing the network frame to the VF associated with the destination VM.
9. The method of claim 1, further comprising prioritizing the network frames prior to routing the network frames.
10. The method of claim 1, further comprising assigning security, features to the network frames using the VM-to-VM switch.
11. The method of claim 1, further comprising monitoring the network frames using the VM-to-VM switch.
12. The method of claim 1, wherein the VMs associated with the virtual ports are located on different virtual local area networks (VLANs), the method further comprising utilizing a router protocol of the VM-to-VM switch to route the network frames between the VMs associated with the virtual ports.
13. The method of claim 1, further comprising:
intercepting a network frame between a source VM and a destination VM;
identifying the virtual local network identification (VLAN ID) of the source VM within the intercepted network frame;
rewriting the VLAN ID of the source VM in the intercepted network frame to the VIAND of the destination VM; and
routing the intercepted network frame from the source VM to the destination VM.
14. A virtual machine-to-virtual machine (VM-to-VM) switch embedded in a network interface card (NIC), the switch comprising:
initialization circuitry configured for associating the virtual machine-to-virtual machine (VM-to-VM) switch with a physical port of the NIC, for establishing two or more virtual ports of the VM-to-VM switch and for associating at least one virtual machine (VM) of a first CPU with a first one of the virtual ports of the VM-to-VM switch and associating at least one virtual machine (VM) of a second CPU with a second one of the virtual ports of the VM-to-VM switch, wherein the first CPU and the second CPU are on a common physical server;
receiving circuitry configured for receiving network frames from the physical port of the NIC and from the virtual ports of the VM-to-VM switch, wherein the network frames comprise a Quality of Service (QoS) written into an Internet Protocol (IP) header of the network frames, wherein the QoS identifies a routing path for the network frames;
circuitry configured for reading the QoS written in the IP packet header of the network frames to determine if the QoS of the network frames is consistent with a QoS assigned to the network frames by a user configuration module;
circuitry configured for modifying the QoS of the network frames by rewriting the QoS in the IP packet header of the network frames, using hardware in the VM-to-VM switch, to be consistent with the QoS assigned to the network frames by the user configuration module if it is determined that the QoS of the network frames is not consistent with the QoS assigned to the network frames by the user configuration module; and
routing circuitry configured for routing network frames between the VMs associated with the virtual ports through the VM-to-VM switch based upon the QoS modified by the circuitry of the VM-to-VM switch.
15. The VM-to-VM switch of claim 14, wherein the initialization circuitry is further configured for identifying a virtual media access control (vMAC) address of each VM and for associating the vMAC address of the VM with one of the virtual ports of the VM-to-VM switch.
16. The VM-to-VM switch of claim 14, wherein the routing circuitry is further configured for receiving a network frame originating from a source VM, at the VM-to-VM switch, the network frame identifying a destination VM, and for accessing the look-up table to identify the virtual port associated with the destination VM and routing the network frame to the destination VM through the VM-to-VM switch.
17. The VM-to-VM switch of claim 14, wherein the VM-to-VM switch is a single root I/O virtualization (SR-IOV) enabled switch and the initialization circuitry is further configured for assigning a virtual Media Access Control (vMAC) address to the VM, for associating the assigned vMAC addresses with a Virtual Function (VF) associated with the Physical Function (PF) of the SR-IOV enabled switch and for storing the assigned vMAC address and the associated VF in a look-up table.
18. The VM-to-VM switch of claim 17, wherein the VM-to-VM switch is a single root I/O virtualization (SR-IOV) switch and wherein each vMAC address includes an Organizationally Unique Identifier (OUI) identifying a Physical Function (PF) of the SR-IOV enabled switch.
19. The VM-to-VM switch of claim 15, wherein the VM-to-VM switch is an SR-IOV enabled switch and the routing circuitry is further configured for receiving a network frame originating from a source VM, the network frame including a vMAC address of the source VM and a vMAC address of the destination VM, wherein each vMAC address includes an Organizationally Unique Identifier (OUI) identifying a Physical Function (PF) of the SR-IOV enabled switch, for comparing the vMAC address of the source VM and the vMAC address of the destination VM of the network frame and if the OUI of the vMAC address of the source VM is equal to the OUI of the vMAC address of the destination VM of the network frame, using the vMAC address of the destination VM to identify the VF associated with the destination VM and for routing the network frame to the VF associated with the destination VM.
20. A method of routing network frames between virtual machines on a common physical server comprising a plurality of central processing units (CPUs), the method embodied in software embedded in a non-transitory software medium operable on a network interface card (NIC), the method comprising:
associating a virtual machine-to-virtual machine (VM-to-VM) switch embedded in a network interface card (NIC) with a physical port of the NIC;
establishing two or more virtual ports of the VM-to-VM switch;
associating at least one virtual machine (VM) of a first CPU with a first one of the virtual ports of the VM-to-VM switch and associating at least one virtual machine (VM) of a second CPU with a second one of the virtual ports of the VM-to-VM switch, wherein the first CPU and the second CPU are on a common physical server;
receiving network frames from the physical port of the NIC and from the virtual ports of the VM-to-VM switch, wherein the network frames comprise a Quality of Service (QoS) written into an Internet Protocol (IP) packet header of the network frames, wherein the QoS identifies a routing path for the network frames;
reading, at the VM-to-VM switch, the QoS written in the IP packet header of the network frames to determine if the QoS of the network frames is consistent with a QoS assigned to the network frames by a user configuration module;
modifying the QoS of the network frames by rewriting the QoS in the IP packet header of the network frames, using hardware in the VM-to-VM switch, to be consistent with the QoS assigned to the network frames by the user configuration module if it is determined that the QoS of the network frames is not consistent with the QoS assigned to the network frames by the user configuration module; and
routing network frames between the VMs associated with the virtual ports through the VM-to-VM switch based upon the QoS modified by the VM-to-VM switch.