U.S. patent application number 13/208526 was filed with the patent office on 2012-04-12 for virtual network and management method of virtual network.
This patent application is currently assigned to Hitachi, Ltd.. Invention is credited to Takashige Baba, Akihiko Takase.
Application Number | 20120089707 13/208526 |
Document ID | / |
Family ID | 44674257 |
Filed Date | 2012-04-12 |
United States Patent
Application |
20120089707 |
Kind Code |
A1 |
Baba; Takashige ; et
al. |
April 12, 2012 |
Virtual Network and Management Method of Virtual Network
Abstract
There is a need to generate a virtual network across multiple
physical networks without the need for users to understand
information about the respective physical networks. A network
system includes: multiple communication systems for communication
with a user; multiple physical network management servers that
manage multiple physical networks including multiple routers; and a
virtual network management server that manages a virtual network
connecting the communication systems with each other through the
physical networks. The virtual network management server acquires
physical network configuration information. The virtual network
management server generates management information in order to
manage the physical networks as one abstraction network. The
virtual network management server configures the abstraction
network by transmitting the generated management information to
each of the physical network management servers and the
routers.
Inventors: |
Baba; Takashige; (Inagi,
JP) ; Takase; Akihiko; (Tokyo, JP) |
Assignee: |
Hitachi, Ltd.
Tokyo
JP
|
Family ID: |
44674257 |
Appl. No.: |
13/208526 |
Filed: |
August 12, 2011 |
Current U.S.
Class: |
709/220 |
Current CPC
Class: |
H04L 45/60 20130101;
H04L 45/04 20130101; H04L 41/0806 20130101; H04L 41/0853 20130101;
H04L 41/046 20130101; H04L 41/022 20130101 |
Class at
Publication: |
709/220 |
International
Class: |
G06F 15/177 20060101
G06F015/177 |
Foreign Application Data
Date |
Code |
Application Number |
Oct 7, 2010 |
JP |
2010-227832 |
Claims
1. A network system comprising: a plurality of communication
systems for communication with a user; a plurality of physical
network management servers that manage a plurality of physical
networks including a plurality of routers; and a virtual network
management server that manages a virtual network as a logical
network connecting the communication systems with each other
through the physical networks, wherein the physical network
management servers each include a first processor, first memory
connected to the first processor, and a first network interface
connected to the first processor; wherein the virtual network
management server includes a second processor, second memory
connected to the second processor, and a second network interface
connected to the second processor; wherein each of the physical
network management servers connects with the virtual network
management server; wherein the virtual network management server
acquires physical network configuration information indicating a
configuration of the physical network from each of the physical
network management servers; wherein the virtual network management
server generates abstraction network management information based
on the acquired physical network configuration information in order
to manage the physical networks as one abstraction network; wherein
the virtual network management server transmits the generated
abstraction network management information to each of the physical
network management servers and each of the routers and configure
the abstraction network; wherein the virtual network management
server receives a virtual network generation request containing
input information about the communication system and the router and
converts the input information into virtual network definition
information for generating the virtual network; wherein the virtual
network management server selects the router for configuring the
virtual network based on the abstraction network management
information and the virtual network definition information; wherein
the virtual network management server generates virtual network
setting information for configuring the virtual network; and
wherein the virtual network management server transmits the
generated virtual network setting information to the selected
router to configure the virtual network.
2. The network system according to claim 1, wherein the physical
network configuration information contains first position
information indicating a placing position of the router in the
physical network and first communication function information
indicating a communication function available for the router;
wherein the virtual network management server generates the
abstraction network management information by generating abstract
node identification information that uniquely identifies the router
as an abstract node included in the abstraction network; wherein
the virtual network management server generates second position
information about the abstract node in the abstraction network
based on the physical network configuration information; wherein
the virtual network management server generates second
communication function information indicating a communication
function available for the abstract node in the abstraction network
based on the physical network configuration information; wherein
the virtual network management server generates one network group
including the abstract node corresponding to the router included in
the same physical network and generates network group
identification information for identifying the network group; and
wherein the virtual network management server generates the
abstraction network management information by making correspondence
among the abstract node identification information, the second
position information, the second communication function
information, and the network group identification information.
3. The network system according to claim 1, wherein the input
information contains user identification information about a user
who requests generation of the virtual network, third position
information indicating a placing position of the communication
system in the physical network, and third communication function
information indicating a communication function used for the
virtual network; wherein the virtual network management server
converts the input information into the virtual network definition
information by generating virtual network identification
information for identifying the generated virtual network based on
the user identification information contained in the input
information; wherein the virtual network management server
references the physical network configuration information and
converts the third communication function information contained in
the input information into fourth communication function
information indicating a communication function available for the
abstract node in the abstraction network; wherein the virtual
network management server references the physical network
configuration information and converts the third position
information contained in the input information into fourth position
information indicating a placing position of the abstract node in
the abstraction network; wherein the virtual network management
server generates the virtual network definition information based
on the virtual network identification information, the fourth
communication function information, and the fourth position
information; wherein the virtual network management server selects
the router based on the abstraction network management information
and the virtual network definition information by referencing the
abstraction network management information based on the fourth
communication function information and selecting the network group
capable of setting the virtual network corresponding to the
received virtual network generation request; wherein the virtual
network management server references the abstraction network
management information based on the fourth position information and
selects the abstract node capable of configuring the virtual
network from the selected network group; wherein the virtual
network management server generates the virtual network setting
information by determining allocation of the virtual network
corresponding to the received virtual network generation request
based on the selected network group and the selected abstract node;
and wherein the virtual network management server generates the
virtual network setting information based on the determined virtual
network allocation and transmits the virtual network setting
information to each of the physical network management servers and
the routers.
4. The network system according to claim 3, wherein the router
includes a virtual function that provides one of a virtual computer
and a virtual switch; wherein the physical network configuration
information contains first virtual function information indicating
the virtual function provided for the router; wherein the input
information contains second virtual function information indicating
a virtual function requested in the virtual network; wherein the
virtual network management server converts the input information
into the virtual network definition information and also converts
the second virtual function information contained in the input
information into third virtual function information indicating the
virtual function provided for the abstract node in the abstraction
network; and wherein the virtual network management server selects
the router based on the virtual network definition information,
accordingly references abstraction network management information
based on the third virtual function information, and selects the
abstract node provided with the virtual function corresponding to
the second virtual function information out of the selected
abstract nodes included in the virtual network.
5. The network system according to claim 2, wherein the router
includes an edge router that connects the different physical
networks with each other; wherein the abstraction network
management information and the network setting information are
transmitted to the edge router; wherein the edge router receives
the virtual network setting information and then acquires adjacent
network group identification information, namely, information for
identifying the network group including the abstract node
corresponding to the other edge router, from the other edge router
included in the adjacent network; wherein the edge router transmits
the acquired adjacent network group identification information to
the virtual network management server; and wherein the virtual
network management server stores the adjacent network group
information in the abstraction network management information.
6. The network system according to claim 5, wherein the virtual
network management server generates the virtual network setting
information and then generates first address management information
for managing a first address indicating an address of the abstract
node in the abstraction network; wherein the virtual network
management server transmits the first address management
information to the edge router; wherein the virtual network
management server acquires second address management information
for managing a second address indicating an address of the edge
router in the physical network from each of the physical network
management servers and the edge router; wherein the virtual network
management server generates routing information in the abstraction
network based on the second address management information acquired
and the first address management information; and wherein the
virtual network management server transmits the generated routing
information to each of the physical network management servers and
the edge routers.
7. The network system according to claim 6, wherein the edge router
receives a communication packet from the communication system and
analyzes the received communication packet; wherein the edge router
supplies the received communication packet with the first address
based on the first address management information and the routing
information; and wherein the edge router performs a routing process
in the abstraction network based on the first address.
8. A virtual network management method for a network system
including: a plurality of communication systems for communication
with a user; a plurality of physical network management servers
that manage a plurality of physical networks including a plurality
of routers; and a virtual network management server that manages a
virtual network as a logical network connecting the communication
systems with each other through the physical networks, wherein the
physical network management servers each include a first processor,
first memory connected to the first processor, and a first network
interface connected to the first processor; wherein the virtual
network management server includes a second processor, second
memory connected to the second processor, and a second network
interface connected to the second processor; wherein each of the
physical network management servers connects with the virtual
network management server; wherein the method includes: a first
step at which the virtual network management server acquires
physical network configuration information indicating a
configuration of the physical network from each of the physical
network management servers; a second step at which the virtual
network management server generates abstraction network management
information based on the acquired physical network configuration
information in order to manage the physical networks as one
abstraction network; a third step at which virtual network
management server transmits the generated abstraction network
management information to each of the physical network management
servers and each of the routers and configure the abstraction
network; a fourth step at which the virtual network management
server receives a virtual network generation request containing
input information about the communication system and the router and
converts the input information into virtual network definition
information for generating the virtual network; a fifth step at
which the virtual network management server selects the router for
configuring the virtual network based on the abstraction network
management information and the virtual network definition
information; a sixth step at which the virtual network management
server generates virtual network setting information for
configuring the virtual network; a seventh step at which the
virtual network management server transmits the generated virtual
network setting information to the selected router to configure the
virtual network; and an eighth step of configuring the virtual
network by transmitting virtual network setting information for
configuring the virtual network to the selected router.
9. The virtual network management method according to claim 8,
wherein the physical network configuration information contains
first position information indicating a placing position of the
router in the physical network and first communication function
information indicating a communication function available for the
router; and wherein the second step includes the steps of:
generating abstract node identification information that uniquely
identifies the router as an abstract node included in the
abstraction network; generating second position information about
the abstract node in the abstraction network based on the physical
network configuration information; generating second communication
function information indicating a communication function available
for the abstract node in the abstraction network based on the
physical network configuration information; generating one network
group including the abstract node corresponding to the router
included in the same physical network and generates network group
identification information for identifying the network group; and
generating the abstraction network management information by making
correspondence among the abstract node identification information,
the second position information, the second communication function
information, and the network group identification information.
10. The virtual network management method according to claim 8,
wherein the input information contains user identification
information about a user who requests generation of the virtual
network, third position information indicating a placing position
of the communication system in the physical network, and third
communication function information indicating a communication
function used for the virtual network; wherein the fourth step
includes the steps of: generating virtual network identification
information for identifying the generated virtual network based on
the user identification information contained in the input
information; referencing the physical network configuration
information and converting the third communication function
information contained in the input information into fourth
communication function information indicating a communication
function available for the abstract node in the abstraction
network; referencing the physical network configuration information
and converting the third position information contained in the
input information into fourth position information indicating a
placing position of the abstract node in the abstraction network;
and generating the virtual network definition information based on
the virtual network identification information, the fourth
communication function information, and the fourth position
information; wherein the fifth step includes the steps of:
referencing the abstraction network management information based on
the fourth communication function information and selecting the
network group capable of setting the virtual network corresponding
to the received virtual network generation request; and referencing
the abstraction network management information based on the fourth
position information and selecting the abstract node capable of
configuring the virtual network from the selected network group;
wherein the sixth step includes the steps of: determining
allocation of the virtual network corresponding to the received
virtual network generation request based on the selected network
group and the selected abstract node; and generating the virtual
network setting information based on the determined virtual network
allocation; and wherein the seventh step includes the step of:
transmitting the virtual network setting information to each of the
physical network management servers and the routers.
11. The virtual network management method according to claim 10,
wherein the router includes a virtual function that provides one of
a virtual computer and a virtual switch; wherein the physical
network configuration information contains first virtual function
information indicating the virtual function provided for the
router; wherein the input information contains second virtual
function information indicating a virtual function requested in the
virtual network; wherein the fourth step further includes the step
of converting the second virtual function information contained in
the input information into third virtual function information
indicating the virtual function provided for the abstract node in
the abstraction network; and wherein the fifth step further
includes the step of referencing abstraction network management
information based on the third virtual function information and
selecting the abstract node provided with the virtual function
corresponding to the second virtual function information out of the
selected abstract nodes included in the virtual network.
12. The virtual network management method according to claim 9,
wherein the router includes an edge router that connects the
different physical networks with each other; wherein the
abstraction network management information and the network setting
information are transmitted to the edge router; and wherein the
method further includes: a ninth step of at which the edge router
receives the virtual network setting information and then acquires
adjacent network group identification information, namely,
information for identifying the network group including the
abstract node corresponding to the other edge router, from the
other edge router included in the adjacent network; a tenth step at
which the edge router transmits the acquired adjacent network group
identification information to the virtual network management
server; and an eleventh step at which the virtual network
management server stores the adjacent network group information in
the abstraction network management information.
13. The virtual network management method according to claim 12,
further comprising: a twelfth step at which the virtual network
management server generates the virtual network setting information
and then generates first address management information for
indicating an address of the abstract node in the abstraction
network; a thirteenth step at which the virtual network management
server transmits the first address management information to the
edge router; a fourteenth step at which the virtual network
management server acquires second address management information
for indicating an address of the edge router in the physical
network from each of the physical network management servers and
the edge router; a fifteenth step at which the virtual network
management server generates routing information in the abstraction
network based on the second address management information acquired
and the first address management information; and a sixteenth step
at which the virtual network management server transmits the
generated routing information to each of the physical network
management servers and the edge routers.
14. The virtual network management method according to claim 13,
further comprising: a seventeenth step at which the edge router
receives a communication packet from the communication system and
analyzes the received communication packet; an eighteenth step at
which the edge router supplies the received communication packet
with the first address based on the first address management
information and the routing information; and a nineteenth step at
which the edge router performs a routing process in the abstraction
network based on the first address.
15. The network system according to claim 2, wherein the input
information contains user identification information about a user
who requests generation of the virtual network, third position
information indicating a placing position of the communication
system in the physical network, and third communication function
information indicating a communication function used for the
virtual network; wherein the virtual network management server
converts the input information into the virtual network definition
information by generating virtual network identification
information for identifying the generated virtual network based on
the user identification information contained in the input
information; wherein the virtual network management server
references the physical network configuration information and
converts the third communication function information contained in
the input information into fourth communication function
information indicating a communication function available for the
abstract node in the abstraction network; wherein the virtual
network management server references the physical network
configuration information and converts the third position
information contained in the input information into fourth position
information indicating a placing position of the abstract node in
the abstraction network; wherein the virtual network management
server generates the virtual network definition information based
on the virtual network identification information, the fourth
communication function information, and the fourth position
information; wherein the virtual network management server selects
the router based on the abstraction network management information
and the virtual network definition information by referencing the
abstraction network management information based on the fourth
communication function information and selecting the network group
capable of setting the virtual network corresponding to the
received virtual network generation request; wherein the virtual
network management server references the abstraction network
management information based on the fourth position information and
selects the abstract node capable of configuring the virtual
network from the selected network group; wherein the virtual
network management server generates the virtual network setting
information by determining allocation of the virtual network
corresponding to the received virtual network generation request
based on the selected network group and the selected abstract node;
and wherein the virtual network management server generates the
virtual network setting information based on the determined virtual
network allocation and transmits the virtual network setting
information to each of the physical network management servers and
the routers.
16. The virtual network management method according to claim 9,
wherein the input information contains user identification
information about a user who requests generation of the virtual
network, third position information indicating a placing position
of the communication system in the physical network, and third
communication function information indicating a communication
function used for the virtual network; wherein the fourth step
includes the steps of: generating virtual network identification
information for identifying the generated virtual network based on
the user identification information contained in the input
information; referencing the physical network configuration
information and converting the third communication function
information contained in the input information into fourth
communication function information indicating a communication
function available for the abstract node in the abstraction
network; referencing the physical network configuration information
and converting the third position information contained in the
input information into fourth position information indicating a
placing position of the abstract node in the abstraction network;
and generating the virtual network definition information based on
the virtual network identification information, the fourth
communication function information, and the fourth position
information; wherein the fifth step includes the steps of:
referencing the abstraction network management information based on
the fourth communication function information and selecting the
network group capable of setting the virtual network corresponding
to the received virtual network generation request; and referencing
the abstraction network management information based on the fourth
position information and selecting the abstract node capable of
configuring the virtual network from the selected network group;
wherein the sixth step includes the steps of: determining
allocation of the virtual network corresponding to the received
virtual network generation request based on the selected network
group and the selected abstract node; and generating the virtual
network setting information based on the determined virtual network
allocation; and wherein the seventh step includes the step of:
transmitting the virtual network setting information to each of the
physical network management servers and the routers.
Description
CLAIM OF PRIORITY
[0001] The present application claims priority from Japanese patent
application JP 2010-227832 filed on Oct. 7, 2010, the content of
which is hereby incorporated by reference into this
application.
FIELD OF THE INVENTION
[0002] The present invention relates to a virtual network
technology that enables multiple users to share the network and to
configure logical networks independent of each other. More
particularly, the invention relates to a virtual network management
method for physical networks using different control methods.
BACKGROUND OF THE INVENTION
[0003] A wide area network service provides communication services
that connect information systems for users including companies at
distant locations such as cities. The information technology for
corporate jobs has remarkably advanced in recent years. Various
types of information are computerized and are exchanged between
corporate locations through communication.
[0004] To satisfy the above-mentioned demand, there is an
increasing trend to use wide-area Ethernet (registered trademark)
easily connectable with user information systems at low costs or
IP-VPN or other IP/Ethernet-based wide-area network services (e.g.,
see U.S. Pat. No. 7,307,990).
[0005] An IP/Ethernet-based wide-area network provides easy
connectivity with user locations using a router apparatus
(hereafter referred to as a router) based on IP as a network
standard protocol and Ethernet technologies used for user
information systems.
[0006] The 10 Gbps broadband transmission technology is used as an
interface for connection between routers. The IP/Ethernet-based
wide-area network can provide services at low costs while allowing
users to share the broadband interface.
[0007] The IP/Ethernet-based wide-area network is configured as a
physical network including core routers as a basis for the
wide-area network and edge routers to connect user locations. The
following description assumes the physical network to be a basic
network for the wide-area network.
[0008] The edge router encapsulates a communication packet used for
communication between user locations. A core network header is
added to the communication packet and is used for communication in
the core network. A router in the core network references the core
network header to transfer a communication packet. Communication is
available using the wide-area network without modifying an original
communication packet from the user.
[0009] A user identification label for identifying a user is
attached to the core network header in order to share the wide-area
network among users. Routers in the core network and edge routers
form a virtual private network for each user based on the user
identification label in the core network header. The security is
ensured in order to prevent confusion in communication packets
exchanged between users.
[0010] Improvement of wide-area network services changes functions
to be supplied and users' utilization forms.
[0011] The wide-area network services provide diversified types of
communication protocols to be encapsulated during encapsulation of
user communication packets and server and network functions
separated for each of users.
[0012] The users' utilization forms now include communication
between the data center of a service provider or a contents
provider and a corporate user location in addition to the
conventional communication between corporate user locations.
SUMMARY OF THE INVENTION
[0013] As described above, the wide-area network configuration
becomes complicated in accordance with changes in functions
supplied from the wide-area network services and users' utilization
forms. The network management method needs to configure a virtual
network, i.e., a virtual private network across multiple physical
networks using different network protocols operating on the router
apparatuses.
[0014] The following problems arise when the virtual network is
configured across multiple physical networks.
[0015] Management software called a network management system
manages physical networks individually. In terms of a virtual
network to be configured, respective physical networks differ from
each other in methods of managing supplied functions and names,
methods of managing physical network locations, and methods of
keeping correspondence between a network address at the user
location and an address in the physical network.
[0016] A virtual network and a physical network must be associated
with each other using different techniques for respective physical
networks. Conversion between the virtual network and the physical
network becomes complicated. The size of a conversion table
increases while a server for managing the virtual network and an
edge router in the physical network manage the conversion table.
There are problems in that a virtual network cannot be generated
instantly and operating and managing the virtual network increases
costs.
[0017] Objects of the invention may be readily ascertained by
referring to the following description and appended drawings.
[0018] The following describes representative examples of the
present invention. A network system includes: multiple
communication systems for communication with a user; multiple
physical network management servers that manage multiple physical
networks including multiple routers; and a virtual network
management server that manages a virtual network as a logical
network connecting the communication systems with each other
through the physical networks, The physical network management
servers each include a first processor, first memory connected to
the first processor, and a first network interface connected to the
first processor. The virtual network management server includes a
second processor, second memory connected to the second processor,
and a second network interface connected to the second processor.
Each of the physical network management servers connects with the
virtual network management server. The virtual network management
server acquires physical network configuration information
indicating a configuration of the physical network from each of the
physical network management servers. The virtual network management
server generates abstraction network management information based
on the acquired physical network configuration information in order
to manage the physical networks as one abstraction network. The
virtual network management server transmits the generated
abstraction network management information to each of the physical
network management servers and each of the routers and configure
the abstraction network. The virtual network management server
receives a virtual network generation request containing input
information about the communication system and the router and
converts the input information into virtual network definition
information for generating the virtual network. The virtual network
management server selects the router for configuring the virtual
network based on the abstraction network management information and
the virtual network definition information. The virtual network
management server generates virtual network setting information for
configuring the virtual network. The virtual network management
server transmits the generated virtual network setting information
to the selected router to configure the virtual network.
[0019] According to the present embodiment, multiple physical
networks are managed as a single abstraction network. A virtual
network is generated across multiple physical networks while the
virtual network management server can generate information about
the virtual network by converting information about the physical
network into information about the abstraction network.
Accordingly, a user can easily and instantly generate the virtual
network without needing to understand respective physical network
configurations.
BRIEF DESCRIPTION OF THE DRAWINGS
[0020] FIG. 1 is a block diagram illustrating a configuration
example of the physical network as a basis for a virtual network
system according to a first embodiment of the invention;
[0021] FIG. 2 is a block diagram illustrating a configuration of
the physical network according to the first embodiment of the
invention;
[0022] FIG. 3A is an explanatory diagram illustrating an example
configuration of the virtual network in the virtual network system
according to the first embodiment of the invention;
[0023] FIG. 3B is an explanatory diagram illustrating another
example configuration of the virtual network in the virtual network
system according to the first embodiment of the invention;
[0024] FIG. 3C is an explanatory diagram illustrating still another
example configuration of the virtual network in the virtual network
system according to the first embodiment of the invention;
[0025] FIG. 4 is a block diagram illustrating a hardware
configuration of an edge router according to the first embodiment
of the invention;
[0026] FIG. 5 is a block diagram illustrating a software
configuration of a virtual network management server according to
the first embodiment of the invention;
[0027] FIG. 6 is an explanatory diagram illustrating an example of
a virtual network generated from a user request according to the
first embodiment of the invention;
[0028] FIG. 7 is an explanatory diagram illustrating an abstraction
network generated from abstracting the virtual network system
according to the first embodiment of the invention;
[0029] FIG. 8 is an explanatory diagram illustrating an example of
user request information according to the first embodiment of the
invention;
[0030] FIG. 9 is an explanatory diagram illustrating an example of
virtual network definition information according to the first
embodiment of the invention;
[0031] FIG. 10 is an explanatory diagram illustrating an example of
virtual network allocation information according to the first
embodiment of the invention;
[0032] FIG. 11 is an explanatory diagram illustrating mapping
information according to the first embodiment of the invention;
[0033] FIG. 12 is an explanatory diagram illustrating an example of
abstraction layer information according to the first embodiment of
the invention;
[0034] FIG. 13 is a block diagram illustrating software
configuration of a physical network management server according to
the first embodiment of the invention;
[0035] FIG. 14A is an explanatory diagram illustrating another
example of abstraction layer information according to the first
embodiment of the invention;
[0036] FIG. 14B is an explanatory diagram illustrating an example
of physical network configuration information according to the
first embodiment of the invention;
[0037] FIG. 15 is a block diagram illustrating a software
configuration of an edge router according to the first embodiment
of the invention;
[0038] FIG. 16 is an explanatory diagram illustrating still another
example of abstraction layer information according to the first
embodiment of the invention;
[0039] FIG. 17A is a flowchart illustrating an example of an
initialization process for the virtual network system according to
the first embodiment of the invention;
[0040] FIG. 17B is a flowchart illustrating an example of an
initialization process for the virtual network system according to
the first embodiment of the invention;
[0041] FIG. 18 is a flowchart illustrating an example process to
generate the virtual network according to the first embodiment of
the invention;
[0042] FIG. 19A is a flowchart illustrating an example of a virtual
network system changing process performed when an edge router is
added to the virtual network system according to the first
embodiment of the invention;
[0043] FIG. 19B is a flowchart illustrating an example of a virtual
network system changing process performed when an edge router is
added to the virtual network system according to the first
embodiment of the invention;
[0044] FIG. 20 is a flowchart illustrating a deletion process
performed when a physical router is deleted from the virtual
network system according to the first embodiment of the
invention;
[0045] FIG. 21 is a flowchart illustrating an example of a user
location addition process performed when a user location is added
to a virtual network 301 in the virtual network system according to
the first embodiment of the invention;
[0046] FIG. 22 is a block diagram illustrating an example of
installing software for the edge router according to the first
embodiment of the invention;
[0047] FIG. 23 is a block diagram illustrating an example
configuration between two edge routers connecting different
physical networks according to the first embodiment of the
invention;
[0048] FIG. 24 is a block diagram illustrating an example
configuration of an edge router connecting a physical network and a
user location according to the first embodiment of the
invention;
[0049] FIG. 25 is a block diagram illustrating a software
configuration of an edge router according to a second embodiment of
the invention;
[0050] FIG. 26A is an explanatory diagram illustrating an example
of abstraction layer address conversion information according to
the second embodiment of the invention;
[0051] FIG. 26B is an explanatory diagram illustrating an example
of abstraction layer address correspondence information according
to the second embodiment of the invention;
[0052] FIG. 27 is an explanatory diagram illustrating an example of
abstraction layer information according to the second embodiment of
the invention;
[0053] FIG. 28 is a flowchart illustrating an example of a virtual
network system initialization process according to the second
embodiment of the invention;
[0054] FIG. 29 is a flowchart illustrating an example of a
communication path for communication packets between locations for
user B in the virtual network system according to the second
embodiment of the invention;
[0055] FIG. 30 is an explanatory diagram illustrating an example of
a communication packet structure for the physical network according
to the second embodiment of the invention;
[0056] FIG. 31 is an explanatory diagram illustrating another
example of a communication packet structure for the physical
network according to the second embodiment of the invention;
[0057] FIG. 32 is a block diagram illustrating a configuration of a
physical network according to a third embodiment of the
invention;
[0058] FIG. 33A is a block diagram illustrating an example
configuration of the virtual network for each user in the virtual
network system according to the third embodiment of the
invention;
[0059] FIG. 33B is a block diagram illustrating another example
configuration of the virtual network for each user in the virtual
network system according to the third embodiment of the
invention;
[0060] FIG. 33C is a block diagram illustrating still another
example configuration of the virtual network for each user in the
virtual network system according to the third embodiment of the
invention;
[0061] FIG. 34 is an explanatory diagram illustrating an
abstraction network generated from abstracting the virtual network
system according to the third embodiment of the invention;
[0062] FIG. 35 is an explanatory diagram illustrating an example of
abstraction layer information according to the third embodiment of
the invention;
[0063] FIG. 36 is an explanatory diagram illustrating an example of
user request information according to the third embodiment of the
invention;
[0064] FIG. 37 is an explanatory diagram illustrating an example of
virtual network definition information according to the third
embodiment of the invention;
[0065] FIG. 38 is an explanatory diagram illustrating mapping
information according to the third embodiment of the invention;
[0066] FIG. 39 is an explanatory diagram illustrating an example of
abstraction layer information according to the third embodiment of
the invention;
[0067] FIG. 40 is a block diagram illustrating a software
configuration of a router according to the third embodiment of the
invention;
[0068] FIG. 41 is an explanatory diagram illustrating an example of
abstraction layer information provided for a router according to
the third embodiment of the invention;
[0069] FIG. 42 is a flowchart illustrating an example of a virtual
network generation process in the virtual network system according
to the third embodiment of the invention;
[0070] FIG. 43 is a block diagram illustrating an example of
installing software for the edge router according to a fourth
embodiment of the invention; and
[0071] FIG. 44 is a block diagram illustrating an example of
installing software for the edge router according to a fifth
embodiment of the invention.
DETAILED DESCRIPTION OF THE PREFERRED EMBODIMENTS
[0072] Embodiments of the present invention will be described in
further detail with reference to the accompanying drawings.
Throughout the drawings illustrating the embodiments, the same
configurations are depicted by the same reference numerals as a
general rule and a detailed description is omitted for
simplicity.
First Embodiment
[0073] The following describes a virtual network system according
to the first embodiment of the invention.
[0074] The virtual network system includes one or more physical
networks as a basis. With reference to FIGS. 1 through 3, the
following describes a configuration of the physical network as a
basis for the virtual network system according to the first
embodiment of the invention.
[0075] FIG. 1 is a block diagram illustrating a configuration
example of the physical network as a basis for a virtual network
system according to the first embodiment of the invention.
[0076] As shown in FIG. 1, the virtual network system according to
the embodiment includes multiple physical networks 1 (1011), 2
(1012), and 3 (1013). The physical networks 1011, 1012, and 1013
are connected to each other through edge routers 102 provided at
edges of the physical networks 1011, 1012, and 1013.
[0077] In FIG. 1, the physical networks 1011, 1012, and 1013 are
all connected to each other for simplicity. The configuration of
the physical networks 1011, 1012, and 1013 will be described later
with reference to FIG. 2.
[0078] Through the edge routers 102, the physical networks 1011,
1012, and 1013 are connected to user locations each containing a
communication system of a user who uses the virtual network
system.
[0079] FIG. 1 shows connections of a user location 1031 for user A,
a user location 1032 for user B, and a user location 1033 for user
C for simplicity. The user location 1031 for user A may or may not
use the same configuration for the physical networks 1011, 1012,
and 1013. The same applies to the user location 1032 for user B and
the user location 1033 for user C.
[0080] The virtual network system includes a physical network
management server 1041 for managing the physical network 1 (1011),
a physical network management server 1042 for managing the physical
network 2 (1012), and a physical network management server 1043 for
managing the physical network 3 (1013).
[0081] The virtual network system includes a virtual network
management server 105 that manages the entire virtual network
system.
[0082] The physical network management servers 1041, 1042, and 1043
are respectively connected to the physical networks 1011, 1012, and
1013 through a management network 106. The virtual network
management server 105 is connected to the physical network
management servers 1041, 1042, and 1043 through the management
network 106.
[0083] The physical networks 1011, 1012, and 1013 use different
methods of configuring a virtual network. The physical network
management server 1041, 1042, and 1043 use different methods to
manage the virtual network.
[0084] For example, the physical networks 1011, 1012, and 1013 can
use MPLS (Multi-Protocol Label Switching), IEEE802.1Q Tag-VLAN, and
IEEE802.1ah EoE (Ethernet over Ethernet) as methods of configuring
and managing the virtual network.
[0085] The following describes internal configurations of the
physical networks 1011, 1012, and 1013.
[0086] In the following description, a physical network 101
represents the physical networks 1011, 1012, and 1013 unless needed
to be distinguished from each other. A physical network management
server 104 represents the physical network management servers 1041,
1042, and 1043 unless needed to be distinguished from each other. A
user location 103 represents user locations 1031, 1032, and 1033
unless needed to be distinguished from each other.
[0087] FIG. 2 is a block diagram illustrating a configuration of
the physical network 101 according to the first embodiment of the
invention. The example of FIG. 2 shows the configuration of the
physical network 1 (1011)
[0088] The physical network 1 (1011) includes an edge router 102
and a core router 201. The edge router 102 is provided at the edge
of the physical network 1 (1011). The core router 201 connects
between edge routers 102.
[0089] As described above, the physical network 1 (1011) connects
with the physical network management server 1041. In the example of
FIG. 2, the physical network 1 (1011) connects with the core router
201 included in the physical network 1 (1011) and the physical
network management server 1041.
[0090] The physical network management server 1041 can communicate
with all core routers 201 and all edge routers 102 that configure
the physical network 1 (1011) through the management network 106.
The physical network management server 1041 controls the core
routers 201 and the edge routers 102 through the management network
106.
[0091] FIGS. 3A, 3B, and 3C are explanatory diagrams illustrating
example configurations of the virtual network in the virtual
network system according to the first embodiment of the
invention.
[0092] According to the embodiment, the virtual network system
configures the virtual network for each user.
[0093] FIG. 3A is an explanatory diagram illustrating a virtual
network 3011 for user A. FIG. 3B is an explanatory diagram
illustrating a virtual network 3012 for user B. FIG. 3C is an
explanatory diagram illustrating a virtual network 3013 for user C.
In the following description, a virtual network 301 represents the
virtual networks 3011, 3012, and 3013 unless needed to be
distinguished from each other.
[0094] As shown in FIGS. 3A through 3C, the user-based virtual
network 301 independently connects with the user locations 103 for
corresponding users. That is, the virtual network 301 is provided
as a logically divided network for each of users.
[0095] For example, a virtual network for user A is configured on
the physical network 101 in order to generate the virtual network
3011 for user A. Virtual networks for user A configured on the
physical networks 101 are connected through the edge routers 102 to
configure a virtual network across the physical networks 101. The
user-A virtual networks are connected to the user-A locations 1031
through the edge routers 102 to configure the virtual network 3011
shown in FIG. 3.
[0096] The embodiment assumes that the independent virtual networks
301 are allocated to users. Instead, the virtual network may be
allocated to each service supplied from a carrier or service
provider or to each application owned by a user.
[0097] The following describes hardware configurations of the
physical network management server 104, the virtual network
management server 105, and the edge router 102.
[0098] The virtual network management server 105 includes a
processor (not shown), memory (not shown), a nonvolatile storage
medium (not shown), and a network interface (not shown). These
components are connected through an internal bus (not shown). The
virtual network management server 105 may be configured
otherwise.
[0099] Executing programs stored in the memory (not shown) can
provide functions of the virtual network management server 105. The
configuration of software supplied for the virtual network
management server 105 will be described later with reference to
FIG. 5.
[0100] The physical network management server 104 includes a
processor (not shown), memory (not shown), a nonvolatile storage
medium (not shown), and a network interface (not shown). These
components are connected through an internal bus (not shown). The
physical network management server 104 may be configured
otherwise.
[0101] Executing programs stored in the memory (not shown) can
provide functions of the physical network management server 104.
The configuration of software supplied for the physical network
management server 104 will be described later with reference to
FIG. 13.
[0102] FIG. 4 is a block diagram illustrating a hardware
configuration of the edge router 102 according to the first
embodiment of the invention.
[0103] The edge router 102 includes a packet processing board 3904,
a switch 3903, and a network interface (NIF) 3902.
[0104] The network interface (NIF) 3902 enables communication with
external apparatuses and includes a port (PORT) 3905 for external
communication. The port 3905 connects with a communication cable
3906 such as an optical cable or a metal cable.
[0105] The switch 3903 connects the network interface (NIF) 3902
with the packet processing board 3904 through an internal wiring
3907. This connection can communicate communication packets and
control information in apparatuses with each other.
[0106] The packet processing board 3904 processes communication
packets. For example, the packet processing board 3904 includes a
network processor (NPU) 3909 as a programmable processor, memory
3910, and an interface (I/O) 3908 for connection with the switch
3903. The packet processing board 3904 may include more than one
network processor (NPU) 3909 and memory 3910.
[0107] The edge router 102 may include one packet processing board
3904 or more and one network interface (NIF) 3902 or more.
[0108] The software configuration for the edge router 102 will be
described later with reference to FIG. 15.
[0109] FIG. 5 is a block diagram illustrating a software
configuration of the virtual network management server 105
according to the first embodiment of the invention.
[0110] The virtual network management server 105 includes a user
request accepting portion 401, a virtual network allocation
managing portion 402, a virtual network managing portion 403, and
an abstraction layer managing portion 404 as function blocks.
[0111] The virtual network management server 105 maintains user
request information 405, virtual network definition information
406, virtual network allocation information 407, mapping
information 408, and abstraction layer information 409 as virtual
network system management information.
[0112] The user request accepting portion 401 accepts a user
request to generate, delete, or change the virtual network 301 from
an operator who manages the virtual network. The following
description assumes the operator to be a person who manages the
virtual network.
[0113] Specifically, the user request accepting portion 401 accepts
a user request that contains configuration information for
configuring the virtual network 301. The user request accepting
portion 401 stores that configuration information in user request
information 405. The user request accepting portion 401 converts
information stored in the user request information 405 into
abstraction layer information and stores the abstraction layer
information in virtual network definition information 406.
[0114] The operator requests to generate the virtual network 301 by
transmitting a user request containing configuration information as
shown in FIG. 6, for example.
[0115] FIG. 6 is an explanatory diagram illustrating an example of
the virtual network 301 generated from a user request according to
the first embodiment of the invention. FIG. 6 shows configuration
information for generating the virtual network 3012 for user B.
[0116] According to the example in FIG. 6, the user location 1032
for user B includes city 1 (10321), city 2 (10322), and city 4
(10323). An L2 network 801 provides communication among the user
locations 10321, 10322, and 10323. A transfer location 802 is
provided in city 3 and enables or disables communication between
the L2 networks 801.
[0117] In this example, information indicating places is equivalent
to city names such as city 1, city 2, and city 3. Information
indicating the transport function is equivalent to the L2 network.
Generally, however, the operator-requested configuration
information about the virtual network 301 depends on service types
using the virtual network 301. For example, information indicating
places includes identifiers specific to the physical networks 101,
unique names, geographical names, and city names. Information
indicating the transport function includes network layer names such
as L2 and L3, protocol type names such as Ethernet and IP, and
technical names for virtual networks such as MPLS and EoE.
[0118] Now let us return to the description of FIG. 5.
[0119] The virtual network allocation managing portion 402 manages
allocation of the virtual network 301 based on the virtual network
definition information 406 and the abstraction layer information
409. Specifically, the virtual network allocation managing portion
402 maps the virtual network 301 to the physical networks 101 while
the virtual network 301 is allocated to the user. The virtual
network allocation managing portion 402 then stores the mapping
result in the mapping information 408.
[0120] The virtual network managing portion 403 manages the virtual
network 301 configured in the virtual network system. Specifically,
the virtual network managing portion 403 acquires necessary
information from the physical network management servers 104 and
the edge routers 102 and controls the configuration of the virtual
network 301 based on the acquired information.
[0121] The abstraction layer managing portion 404 manages the
virtual network system as an abstraction network. The abstraction
network is described below.
[0122] FIG. 7 is an explanatory diagram illustrating an abstraction
network generated from abstracting the virtual network system
according to the first embodiment of the invention.
[0123] The abstraction network uses the edge routers 102 connecting
the physical networks 101 in the virtual network system and manages
the edge routers 102 as a common abstract node 702 in one network.
The abstract node 702 corresponding to the edge routers 102
belonging to the same physical network 101 is managed as a network
group in order to manage which physical network 101 includes the
edge router 102 corresponding to the abstract node 702.
[0124] In the example of FIG. 7, the physical network 1 (1011)
belongs to a network group 1 (7011). The physical network 2 (1012)
belongs to a network group 2 (7012). The physical network 3 (1013)
belongs to a network group 3 (7013). A network group 701 represents
the network groups 7011, 7012, and 7013 unless needed to be
distinguished from each other.
[0125] According to the invention, the virtual network system
including multiple physical networks 101 is configured as one
abstraction network including the abstract node 702 and the network
group 701.
[0126] As shown in FIG. 6, the invention provides abstraction layer
information between information in the physical network 101
information in the virtual network 301. The abstraction layer
information can be used to easily manage mapping between the
physical network 101 and the virtual network 301.
[0127] Now let us return to the description of FIG. 5.
[0128] The user request information 405 stores configuration
information contained in a user request accepted from the operator.
The user request information 405 will be described in detail with
reference to FIG. 8.
[0129] The virtual network definition information 406 stores the
abstraction layer information that is equivalent to a converted
version of information stored in the user request information 405.
The virtual network definition information 406 will be described in
detail with reference to FIG. 9.
[0130] The virtual network allocation information 407 stores
correspondence relation between the virtual network 301 and the
user. The virtual network allocation information 407 will be
described in detail with reference to FIG. 10.
[0131] The mapping information 408 stores a result of mapping the
virtual network 301 to the abstraction network. The mapping
information 408 will be described in detail with reference to FIG.
11.
[0132] The abstraction layer information 409 stores configuration
information about the abstraction network. The abstraction layer
information 409 will be described in detail with reference to FIG.
12.
[0133] According to the embodiment, processes to be described later
manage the virtual network system including multiple physical
networks 101 as one network, i.e., the abstraction network.
[0134] The following describes information maintained in the
virtual network management server 105.
[0135] FIG. 8 is an explanatory diagram illustrating an example of
the user request information 405 according to the first embodiment
of the invention. The example in FIG. 8 stores configuration
information for generating the virtual network 3012 shown in FIG.
6.
[0136] The embodiment represents the user request information 405
as tabular data T901.
[0137] The user request information 405 contains a user name
(K902), a transport function (K903), a user location (K904), and a
transfer location (K905).
[0138] The user name (K902) stores information for identifying a
user to whom the virtual network 301 is allocated.
[0139] The transport function (K903) stores information for
identifying a protocol type used for the virtual network 301.
[0140] The user location (K904) stores information for identifying
the user location 103. The embodiment stores a city name.
[0141] The transfer location (K905) stores information for
identifying a transfer location. The embodiment stores a city
name.
[0142] As shown in FIG. 8, the user request information 405 stores
information needed to configure the user-requested virtual network
301.
[0143] FIG. 9 is an explanatory diagram illustrating an example of
the virtual network definition information 406 according to the
first embodiment of the invention.
[0144] The embodiment represents the virtual network definition
information 406 as tabular data T1001.
[0145] The virtual network definition information 406 contains a
virtual network ID (K1002), a transport function (K1003), a user
location LID (K1004), and a transfer location LID (K1005).
[0146] The virtual network ID (K1002) stores an identifier for
identifying the virtual network 301.
[0147] The transport function (K1003) stores information for
identifying a protocol type used for the virtual network 301. The
transport function (K1003) equals the transport function
(K903).
[0148] The user location LID (K1004) stores an LID (Location ID),
i.e., an identifier that represents the user location as
information about the abstract layer.
[0149] The transfer location LID (K1005) stores an LID, i.e., an
identifier that represents the transfer location as information
about the abstract layer.
[0150] As shown in FIG. 9, the virtual network definition
information 406 stores information resulting from converting
information about the physical network 101 into information about
the abstraction network.
[0151] FIG. 10 is an explanatory diagram illustrating an example of
the virtual network allocation information 407 according to the
first embodiment of the invention.
[0152] The embodiment represents the virtual network allocation
information 407 as tabular data T1101.
[0153] The virtual network allocation information 407 contains a
virtual network ID (K1102) and a user name (K1103).
[0154] The virtual network ID (K1102) stores an identifier for
identifying the virtual network 301. The virtual network ID (K1102)
equals the virtual network ID (K1002).
[0155] The User name (K1103) stores information for identifying a
user to whom the virtual network 301 is allocated. The user name
(K1103) equals the user name (K902).
[0156] FIG. 11 is an explanatory diagram illustrating the mapping
information 408 according to the first embodiment of the invention.
The mapping information 408 in FIG. 11 stores information about the
virtual network 3012 to be allocated to user B.
[0157] The embodiment represents the mapping information 408 as
tabular data T1201.
[0158] The mapping information 408 contains a virtual network ID
(K1202), a transport function (K1203), and mapping information
(K1204).
[0159] The virtual network ID (K1202) stores an identifier for
identifying the virtual network 301. The virtual network ID (K1202)
equals the virtual network ID (K1002).
[0160] The transport function (K1203) stores information for
identifying a protocol type used for the virtual network 301. The
transport function (K1203) equals the transport function
(K903).
[0161] The mapping information (K1204) stores information
indicating correspondence relation between the abstract node 702
and the user location or the transfer location allocated to the
virtual network 301. Specifically, the mapping information (K1204)
contains a location LID (K1205) and an abstract node ID
(K1206).
[0162] The location LID (K1205) stores an LID that represents the
user location or the transfer location as abstraction layer
information. The abstract node ID (K1206) stores an identifier for
identifying an abstract node 702 to which the location LID (K1205)
is mapped.
[0163] According to the example in FIG. 11, the transport function
(K1203) stores "Ethernet" as a protocol used for the virtual
network 3012 allocated to user B.
[0164] The location LID (K1205) of mapping information K1204 stores
"101" indicating user location 10321 for city 1 in FIG. 8. The
corresponding abstract node ID (K1206) of the mapping information
K1204 stores "1".
[0165] The location LID (K1205) of the mapping information K1204
stores "102" indicating user location 10322 for city 2 in FIG. 8.
The corresponding abstract node ID (K1206) of the mapping
information K1204 stores "3".
[0166] The location LID (K1205) of the mapping information K1204
stores "104" indicating user location 10323 for city 3 in FIG. 8.
The corresponding abstract node ID (K1206) of the mapping
information K1204 stores "11". The location LID (K1205) of the
mapping information K1204 stores "103" indicating transfer location
802 for city 3 in FIG. 8. The corresponding abstract node ID
(K1206) of the mapping information K1204 stores "4" and "10".
[0167] As shown in FIG. 11, the mapping information 408 stores
information about the abstraction network and information about the
virtual network associated with each other.
[0168] FIG. 12 is an explanatory diagram illustrating an example of
the abstraction layer information 409 according to the first
embodiment of the invention.
[0169] The embodiment represents the abstraction layer information
409 as tabular data T1301.
[0170] The abstraction layer information 409 includes an abstract
node ID (K1302), a transport function (K1303), an LID (K1304), a
network group (K1305), and a physical network connection
(K1306).
[0171] The abstract node ID (K1302) stores an identifier for
identifying the abstract node 702.
[0172] The transport function (K1303) stores a protocol type
available for the abstract node 702 corresponding to the abstract
node ID (K1302).
[0173] The LID (K1304) stores identification information indicating
a place that is included in the abstraction network and is used to
provide the abstract node 702 corresponding to the abstract node ID
(K1302).
[0174] The network group (K1305) stores an identifier for
identifying the network group 701 to which the abstract node 702
corresponding to the abstract node ID (K1302) belongs.
[0175] The physical network connection (K1306) stores an identifier
for identifying the adjacent physical network 101 connected to the
abstract node 702 corresponding to the abstract node ID
(K1302).
[0176] As a feature of the invention, the edge routers 102 are
included in each of the physical networks 101 configuring the
virtual network system and are indivisibly managed as the common
abstract node 702 in the abstraction network as shown in FIG.
12.
[0177] The abstraction network configuration only requires at least
one of the transport function (K1303) and the LID (K1304).
[0178] The following describes the software configuration of the
physical network management server 104.
[0179] FIG. 13 is a block diagram illustrating the software
configuration of the physical network management server 104
according to the first embodiment of the invention.
[0180] The physical network management server 104 includes a
virtual network management interface 501 and a physical network
management portion 502 as function blocks.
[0181] The physical network management server 104 maintains
abstraction layer information 503 and physical network
configuration information 504 as management information about the
physical network 101.
[0182] The virtual network management interface 501 enables
communication with the virtual network management server 105. The
virtual network management interface 501 transmits the
configuration information about the physical network 101 to the
virtual network management server 105. The virtual network
management interface 501 receives control information for
generating, deleting, or modifying the virtual network 301 or
information about the abstraction network from the virtual network
management server 105.
[0183] The physical network management portion 502 provides
management needed to configure the virtual network 301 on the
physical network 101 to which the physical network management
server 104 is connected for management.
[0184] To configure the virtual network 301, the physical network
management portion 502 acquires configuration information about the
edge router 102 and the core router 201 in the physical network 101
and provides the edge router 102 and the core router 201 with
information for configuring the virtual network 301.
[0185] The physical network configuration information 504 stores
information for managing the virtual network 301.
[0186] The abstraction layer information 503 stores configuration
information about an abstraction network. The abstraction layer
information 503 will be described in detail with reference to FIG.
14A.
[0187] The physical network configuration information 504 stores
configuration information about the edge router 102 and the core
router 201 for the physical network 101 managed by the physical
network management server 104. The physical network configuration
information 504 will be described in detail with reference to FIG.
14B.
[0188] The physical network management portion 502 and the physical
network configuration information 504 manage the physical network
101. The respective physical networks 101 use different management
methods.
[0189] The virtual network management interface 501 and the
abstraction layer information 503 are one of the features of the
invention and allow the virtual network management server 105 to
generate the virtual network 301 across multiple physical networks
101.
[0190] FIG. 14A is an explanatory diagram illustrating another
example of the abstraction layer information 503 according to the
first embodiment of the invention. The abstraction layer
information 503 in FIG. 14A is maintained in the physical network
management server 1041 that manages the physical network 1
(1011).
[0191] The embodiment represents the abstraction layer information
503 as tabular data T1501.
[0192] The abstraction layer information 503 includes a physical
node ID (K1502), an abstract node ID (K1503), a transport function
(K1504), an LID (K1505), and a network group (K1506).
[0193] The physical node ID (K1502) stores an identifier for
identifying a physical node such as the edge router 102 in the
physical network 1 (1011).
[0194] The abstract node ID (K1503) stores an identifier for
identifying a physical node corresponding to the ID (K1502) as the
abstract node 702 in an abstraction layer.
[0195] The transport function K1504 stores a protocol type
available for a physical node corresponding to the physical node ID
(K1502).
[0196] The LID (K1505) stores an identifier indicating a place that
is provided with a physical node corresponding to the physical node
ID (K1502) in the abstraction network.
[0197] The network group (K1506) stores an identifier for
identifying the network group 701 containing a physical node
corresponding to the physical node ID (K1502) in the abstraction
network.
[0198] FIG. 14B is an explanatory diagram illustrating an example
of the physical network configuration information 504 according to
the first embodiment of the invention.
[0199] The physical network configuration information 504 includes
anode ID (K1512), a type (K1513), a provision location (K1514), an
adjacent node (K1515), a transport function (K1516), an LID
(K1517), and a physical network address (K1518).
[0200] The node ID (K1512) stores an identifier for identifying a
physical node such as the edge router 102 in the physical network 1
(1011).
[0201] The type (K1513) stores the type of a physical node
corresponding to the node ID (K1512).
[0202] The provision location (K1514) stores information indicating
a location where a physical node corresponding to the node ID
(K1512) in the physical network 101.
[0203] The adjacent node (K1515) stores an identifier of another
physical node adjacent to a physical node corresponding to the node
ID (K1512).
[0204] The transport function (K1516) stores a protocol type
available for a physical node corresponding to the node ID
(K1512).
[0205] The LID (K1517) is identification information indicating the
provision location of a physical node corresponding to the node ID
(K1512). For example, the LID (K1517) provides identification
information settled when the physical network 101 is
configured.
[0206] The physical network address (K1518) provides address
information of a physical node corresponding to the node ID
(K1512).
[0207] The software configuration of the edge router 102 is
described below.
[0208] FIG. 15 is a block diagram illustrating the software
configuration of the edge router 102 according to the first
embodiment of the invention.
[0209] The edge router 102 includes an abstraction layer processing
portion 601 and a physical network edge function portion 602 as
function blocks.
[0210] The edge router 102 maintains abstraction layer information
603 and edge router configuration information 604 as management
information.
[0211] The abstraction layer processing portion 601 manages an
abstraction network based on the abstraction layer information 603.
A request from the virtual network management server 105 activates
the abstraction layer processing portion 601.
[0212] The physical network edge function portion 602 includes a
routing resolving function and an encapsulation function. The
routing resolving function correctly routes a communication packet
in the physical network 101 when the packet comes from the outside
to the physical network 101. The encapsulation function
encapsulates a communication packet in the physical network
101.
[0213] The encapsulation function encapsulates an incoming
communication packet and decapsulates an outgoing communication
packet.
[0214] The abstraction layer information 603 stores information
about the edge router in the abstraction network. The abstraction
layer information 603 will be described in detail with reference to
FIG. 16.
[0215] The edge router configuration information 604 stores
configuration information about the physical network 101 needed for
the routing resolving function and the encapsulation function
provided for the physical network edge function portion 602.
[0216] The physical network edge function portion 602 and the edge
router configuration information 604 provide functions for the edge
routers 102 configuring the physical network 101. Functions to be
provided depend on the physical networks 101.
[0217] The abstraction layer processing portion 601 and the
abstraction layer information 603 are one of the features of the
invention and allow the virtual network management server 105 to
generate the virtual network 301 across multiple physical networks
101.
[0218] FIG. 16 is an explanatory diagram illustrating still another
example of the abstraction layer information 603 according to the
first embodiment of the invention. The abstraction layer
information 603 in FIG. 16 is maintained in the edge router 102
configuring the physical network 1 (1011).
[0219] The embodiment represents the abstraction layer information
603 as tabular data T1401.
[0220] The abstraction layer information 603 includes an abstract
node ID (K1402), a transport function (K1403), an LID (K1404), a
network group (K1405), and a physical network connection
(K1406).
[0221] The abstract node ID (K1402) stores an identifier for
identifying the edge router 102 in the abstraction network as the
abstract node 702.
[0222] The transport function (K1403) stores a protocol type
available for the edge router 102.
[0223] The LID (K1404) an identifier indicating a place where the
edge router 102 is provided in the abstraction network.
[0224] The network group (K1405) stores an identifier for
identifying the network group 701 containing the edge router 102 in
the abstraction network.
[0225] The physical network connection (K1406) stores an identifier
for identifying the adjacent physical network 101 connected to the
edge router 102 as the network group 701.
[0226] The following describes the management method for the
virtual network 301 in the virtual network system.
[0227] An initialization process for the virtual network system
will be described first.
[0228] FIGS. 17A and 17B are flowcharts illustrating an example of
the initialization process for the virtual network system according
to the first embodiment of the invention.
[0229] FIGS. 17A and 17B describe the physical networks 1 (1011)
and 2 (1012) for simplicity.
[0230] The virtual network management server 105 starts the
initialization process for the virtual network system when an
operator enters a system initialization request.
[0231] The virtual network management server 105 transmits an
acquisition request for configuration information about the
physical networks 1 (1011) and 2 (1012) to the physical network
management servers 1041 and 1042 (step 1601).
[0232] The physical network management servers 1041 and 1042
receive the acquisition request from the virtual network management
server 105 and transmit the configuration information about the
physical networks 1 (1011) and 2 (1012) to the virtual network
management server 105 (step 1602). Specifically, the information
about the edge router 102 in the physical network 101 is
transmitted. For example, the information to be transmitted may
include the physical network configuration information 504 and the
edge router configuration information 604.
[0233] The information to be transmitted to the virtual network
management server 105 includes at least the identification
information (e.g., location names) indicating provision locations
of the edge routers in each physical network 101 and the
information about transport functions available for the edge router
102.
[0234] The virtual network management server 105 determines the
abstraction layer information based on the information about the
edge router 102 received from the physical network management
servers 1041 and 1042 (step 1603). That is, the abstraction network
information is generated.
[0235] Specifically, the virtual network management server 105
determines the abstract node ID (K1302), i.e., an identifier of the
abstract node 702 for identifying the edge router 102 in the
abstraction network. An example method of determining the abstract
node ID (K1302) allocates identifiers to the edge routers 102 from
the one nearest to the virtual network management server 105. In
addition, the abstract node ID (K1302) may be determined
otherwise.
[0236] The virtual network management server 105 determines the
transport function (K1303) available from the edge router 102 based
on the information about the edge router 102 received from the
physical network management server 104.
[0237] The virtual network management server 105 determines the LID
(K1304) based on the information about the edge router 102 received
from the physical network management server 104. The LID (K1304) is
an identifier that indicates the provision location of the edge
router 102 in the abstraction network.
[0238] The virtual network management server 105 determines the
network group (K1305), i.e., an identifier for identifying the
physical network 101 containing the edge router 102 in the
abstraction network.
[0239] The virtual network management server 105 stores the
determined abstract node ID (K1302), transport function (K1303),
LID (K1304), and network group K1305 in the abstraction layer
information 409.
[0240] At this time, no information is stored in the physical
network connection (K1306).
[0241] The virtual network management server 105 then provides each
of the physical networks 101 with the determined abstraction layer
information (step 1604).
[0242] Specifically, virtual network management server 105
transmits the determined abstraction layer information to the
physical network management servers 1041 and 1042. The physical
network management servers 1041 and 1042 receive the abstraction
layer information and store it in the abstraction layer information
503.
[0243] The physical network management server 104 stores the
physical node ID (K1502) as an identifier of the edge router 102 in
the physical network 101 to be managed. The physical network
management server 104 stores the received abstraction layer
information in association with the physical node ID (K1502). In
this manner, the physical network management server 104 can
maintain the abstraction layer information 503 as shown in FIG.
14A.
[0244] The virtual network management server 105 then transmits a
request to activate the abstraction layer processing portion 601 to
all edge routers 102 such as 1021, 1022, 1023, and 1024 included in
the physical networks 1 (1011) and 2 (1012) (step 1605). As a
result, the abstraction layer processing portion 601 provided for
the edge router 102 starts a process.
[0245] The virtual network management server 105 provides the
abstraction layer information determined at step 1603 for all the
edge routers 102 included in the physical networks 1 (1011) and 2
(1012) (step 1606). Specifically, the virtual network management
server 105 transmits the determined abstraction layer information
to each edge router 102.
[0246] Each edge router 102 receives the abstraction layer
information from the virtual network management server 105 and
stores necessary information in the abstraction layer information
603. Specifically, the information is stored in the abstract node
ID (K1402), the LID (K1404), and the network group (K1405). The
edge router 102 maintains the transport function (K1403) in
advance. At this point, no information is stored in the physical
network connection (K1406).
[0247] The edge router 102 corresponding to the activated
abstraction layer processing portion 601 performs a discovery
process (steps 1607 and 1611) in order to determine connection to
another edge router 102 (adjacent edge router 102) for the adjacent
physical network 101.
[0248] Specifically, the edge router 102 transmits a discovery
signal and determines connection to the adjacent edge router 102
when the signal returns a response.
[0249] The edge router 102 terminates the discovery process when
the adjacent edge router 102 is not determined to be connected. On
the other hand, the edge routers 102 communicate with each other
when the adjacent edge router 102 is determined to be
connected.
[0250] In FIG. 17B, the edge router 1023 receives the discovery
signal from the edge router 1021 and transmits a response signal to
the edge router 1021 (step 1608).
[0251] The edge routers 1021 and 1023 transmit the abstraction
layer information 603 maintained in them to each other (steps 1609
and 1610).
[0252] In this manner, the edge routers can identify the adjacent
network group 701. The edge router 102 receives the abstraction
layer information 603 that contains the network group (K1405). The
edge router 102 stores identification information about that
network group (K1405) in the physical network connection (K1405)
contained in the abstraction layer information 603 maintained in
the edge router 102.
[0253] The virtual network management server 105 verifies the
discovery process state through polling, for example, and transmits
a request to acquire the abstraction layer information 603 to all
the edge routers 102 (step 1612).
[0254] The edge routers 102 receive the request to acquire the
abstraction layer information 603 and transmit the abstraction
layer information 603 to the virtual network management server 105
(step 1613). Specifically, the edge router transmits the
information about the physical network connection (K1405) in the
abstraction layer information 603.
[0255] The information is stored in the physical network connection
(K1306) of the abstraction layer information 409.
[0256] The virtual network management server 105 enables a function
to provide the virtual network 301 and terminates the
initialization process for the virtual network system (step
1614).
[0257] The above-mentioned process enables the abstraction layer
information 409 for the virtual network management server 150, the
abstraction layer information 503 for the physical network
management server 104, and the abstraction layer information 603
for the edge router 102. That is, the abstraction network
information is generated.
[0258] According to the embodiment, the abstraction network
information is used for mapping between the virtual network 301 and
the physical network 101.
[0259] The process shown in FIGS. 17A and 17B configures the
abstraction layer information 409, the abstraction layer
information 509, and the abstraction layer information 603.
[0260] The following describes a process performed when the new
virtual network 301 is generated in the virtual network system
according to the embodiment.
[0261] FIG. 18 is a flowchart illustrating an example process to
generate the virtual network 301 according to the first embodiment
of the invention.
[0262] The virtual network management server 105 starts the process
when receiving a request to generate the virtual network from an
operator of the virtual network system (step 1701).
[0263] The virtual network management server 105 updates the user
request information 405 based on the received virtual network
generation request (step 1702). Specifically, the user request
information 405 stores the information contained in the received
virtual network generation request.
[0264] The virtual network management server 105 further updates
the virtual network definition information 406 based on the
information stored in the user request information 405 (step
1703).
[0265] For example, the virtual network management server 105
acquires the physical network configuration information 504 from
each physical network management server 104. The virtual network
management server 105 converts the information stored in the user
request information 405 into information for configuring the
virtual network based on the received physical network
configuration information 504 and the user request information 405.
The virtual network management server 105 stores the information in
the virtual network definition information 406. The virtual network
management server 105 may acquire the edge router configuration
information 604 as well.
[0266] For example, the virtual network management server 105
searches the acquired physical network configuration information
503 for a location name entry corresponding to the user location
(K904) of the user request information 405. The virtual network
management server 105 converts the transport function (K903) of the
user request information 405 into the transport function (K1516).
The virtual network management server 105 also converts the user
location (K904) into the corresponding LID (K1517).
[0267] The virtual network management server 105 references the
virtual network definition information 406 and the abstraction
layer information 409 to select the network group 701 for
generating the requested virtual network 301 (step 1704). That is,
the virtual network management server 105 selects the network group
701 the transfer function corresponding to the transport function
(K1003) can provide.
[0268] Specifically, the virtual network management server 105
references the transport function (K1303), identifies the network
group (K1305) containing a transport function entry corresponding
to the transport function (K1003), and selects the network group
(K1305) as the network group 701 for generating the virtual network
301.
[0269] The virtual network management server 105 references the
abstraction layer information 409 and selects the abstract node 702
having LIDs corresponding to the user location LID (K1004) and the
transfer location LID (K1005) for the requested virtual network 301
(step 1705).
[0270] Specifically, the virtual network management server 105
references the LID (K1304) and selects the abstract node 702 for
generating the virtual network 301 out of the abstract nodes 702
contained in the selected network group 701.
[0271] The virtual network management server 105 operates based on
the network group 701 and the abstract node 702 selected at steps
1703 and 1705 and determines whether the requested virtual network
301 can be mapped to the abstraction layer information 409 (step
1706).
[0272] When the mapping is determined to be unsuccessful, the
virtual network management server 105 notifies the operator of
unsuccessful generation of the virtual network 301 (step 1711) and
terminates the process.
[0273] When the mapping is determined to be successful, the virtual
network management server 105 updates the mapping information 408
based on the mapping result (step 1707). Specifically, the virtual
network management server 105 stores the mapping result in the
mapping information 408.
[0274] The virtual network management server 105 transmits the
setting information about the virtual network 301 to the abstract
node 702 to which the requested virtual network 301 is mapped (step
1708).
[0275] The setting information about the virtual network 301
contains at least the virtual network ID, the transport function,
and the mapping information.
[0276] The virtual network management server 105 transmits the
setting information about the virtual network 301 to the physical
network management server 104 in the network group 701 to which the
requested virtual network is mapped (step 1709).
[0277] The above-mentioned process generates the virtual network
301 across multiple physical networks 101 in the virtual network
system.
[0278] The virtual network management server 105 notifies the
operator of completion of the virtual network generation (step
1710) and terminates the process.
[0279] At step 1706, the virtual network management server 105
selects one of candidates, if any, for the requested virtual
network 301 to be mapped to the abstraction layer information 409.
As one method, the operator can directly select one of candidates.
As another method, the virtual network management server 105 can
automatically select one of candidates based on network costs or
the network traffic. The embodiment may use any method.
[0280] The following describes a virtual network system changing
process performed when a new edge router 1802 is added to the
operating virtual network system according to the embodiment.
[0281] FIGS. 19A and 19B are flowcharts illustrating an example of
a virtual network system changing process performed when the edge
router 102 is added to the virtual network system according to the
first embodiment of the invention.
[0282] FIGS. 19A and 19B describe the physical networks 1 (1011)
and 2 (1012) for simplicity.
[0283] The following describes a case where an edge router 1801 is
added to the physical network 1 (1011).
[0284] The physical network management server 1041 transmits a
request to acquire information about the edge router 1801 to it
when the edge router 1801 is newly added to the physical network 1
(1011) (step 1801).
[0285] The edge router 1801 receives the request and transmits the
edge router configuration information 604 to the physical network
management server 1041 (step 1802).
[0286] The physical network management server 1041 transmits the
acquired edge router configuration information 604 to the virtual
network management server 105 (step 1803).
[0287] The virtual network management server 105 determines the
abstraction layer information based on the received edge router
configuration information 604 (step 1804). Step 1804 may use the
same method as step 1603.
[0288] The process so far determines the abstract node ID (K1302),
the transport function (K1303), the LID (K1304), and the network
group (K1305). The abstraction layer information 409 stores the
determined abstract node ID (K1302), transport function (K1303),
LID (K1304), and network group (K1305).
[0289] The virtual network management server 105 provides the
determined abstraction layer information for the physical network
management server 1041 (step 1805).
[0290] Specifically, the virtual network management server 105
transmits the determined abstraction layer information to the
physical network management server 1041. The physical network
management server 1041 stores the received abstraction layer
information in the abstraction layer information 503.
[0291] The virtual network management server 105 transmits a
request to activate the abstraction layer processing portion 601 to
the edge router 1801 (step 1806). The abstraction layer processing
portion 601 provided for the edge router 102 starts processing.
[0292] The virtual network management server 105 provides the edge
router 1801 with the abstraction layer information stored in the
abstraction layer information 409 (step 1807).
[0293] Specifically, the virtual network management server 105
transmits the abstraction layer information stored in the
abstraction layer information 409 to the edge router 1801. The edge
router 1801 receives the abstraction layer information from the
virtual network management server 105 and stores necessary
information in the abstraction layer information 603.
[0294] Step 1807 equals step 1606.
[0295] The edge router 1801 performs a discovery process (step
1808) in order to determine connection to the edge router 102 for
the adjacent physical network 101. Step 1808 equals steps 1609 and
1610.
[0296] The edge router 1801 terminates the discovery process when
the adjacent edge router 102 is not determined to be connected. On
the other hand, the edge routers 1801 and 102 communicate with each
other when the adjacent edge router 102 is determined to be
connected.
[0297] In FIG. 18B, the edge router 1024 receives the discovery
signal from the edge router 1801 and transmits a response signal to
the edge router 1801 (step 1809). Step 1809 equals step 1608.
[0298] The edge routers 1801 and 1024 transmit their abstraction
layer information 603 to each other (steps 1810 and 1811). Steps
1810 and 1811 equal steps 1609 and 1610.
[0299] The virtual network management server 105 verifies the
discovery process state through polling, for example, and transmits
a request to acquire the abstraction layer information 603 to the
added edge router 1801 (step 1812). Step 1812 equals step 1612.
[0300] The edge router 1801 receives the request to acquire the
abstraction layer information 603 and transmits the physical
network connection (K1405) of the abstraction layer information 603
to the virtual network management server 105 (step 1813). Step 1813
equals step 1613.
[0301] The above-mentioned process completes addition of the edge
router 1801 to the virtual network system.
[0302] The virtual network management server 105 enables a function
to provide the virtual network 301 for the virtual network system
including the added edge router 1801 and terminates the process
(step 1814). Step 1814 equals step 1614.
[0303] The following describes a deletion process that deletes a
physical router such as the edge router 102 or the core router 201
from the virtual network system according to the embodiment.
[0304] FIG. 20 is a flowchart illustrating a deletion process
performed when a physical router is deleted from the virtual
network system according to the first embodiment of the
invention.
[0305] The physical network management server 104 receives a
request to delete a physical router from the operator and starts
the process (step 1901). The operator uses the virtual network
management server 105 to transmit the deletion request to the
physical network management server 104 for the physical network 101
to which the physical router to be deleted belongs.
[0306] The physical network management server 104 receives the
deletion request and determines whether deleting the physical
router influences the virtual network 301 (step 1902).
[0307] For example, the virtual network 301 is determined to be
influenced when the edge router 102 configuring the virtual network
301 is deleted.
[0308] The physical network management server 104 changes the
configuration of the physical network 101 (step 1903) when deleting
the physical router is not determined to influence the virtual
network 301. The physical network management server 104 deletes the
requested physical router and terminates the process (step
1908).
[0309] The physical network management server 104 requests the
virtual network management server 105 to change the mapping of the
virtual network 301 (step 1904) when deleting the physical network
is determined to influence the virtual network 301. Specifically,
the physical network management server 104 transmits a mapping
change request to the virtual network management server 105.
[0310] The virtual network management server 105 receives the
mapping change request and remaps the virtual network 301 suspected
of being influenced to the abstraction layer information 409.
[0311] The virtual network management server 105 determines whether
the remapping influences the virtual network 301 to disconnect the
network or degrade the performance (step 1905).
[0312] When the remapping is determined to influence the virtual
network 301, the virtual network management server 105 notifies the
influence to the user of the virtual network 301 and determines
whether to permit the influence on the virtual network 301 (step
1906).
[0313] For example, the influence on the virtual network 301 is
determined to be permitted when the virtual network management
server 105 receives a notification to permit the influence from the
user.
[0314] The virtual network management server 105 changes the
mapping of the virtual network 301 (step 1907) when no influence is
determined to occur on the virtual network 301 at step 1905 or when
the influence on the virtual network 301 is permitted at step
1906.
[0315] Specifically, the virtual network management server 105
reflects the mapping result at step 1904 on the mapping information
408.
[0316] The virtual network management server 105 notifies the
physical network management server 104 that the mapping has been
changed.
[0317] The physical network management server 104 receives the
notification indicating the completion of mapping change, deletes
the physical router, and terminates the process (step 1908).
[0318] The virtual network management server 105 needs to stop
deleting the physical router when the determination at step 1906
does not permit the influence on the virtual network 301. The
virtual network management server 105 transmits a deletion stop
instruction to the physical network management server 104 and
terminates the process (step 1909).
[0319] The following describes a user location addition process
performed when the user location 103 is newly added to the virtual
network 301 in the virtual network system according to the
embodiment.
[0320] FIG. 21 is a flowchart illustrating an example of the user
location addition process performed when a user location is added
to the virtual network 301 in the virtual network system according
to the first embodiment of the invention.
[0321] The virtual network management server 105 receives a request
to newly add the user location 103 to the virtual network 301 from
the operator and starts the process (step 2001).
[0322] The virtual network management server 105 maps the virtual
network 301 provided with the added user location 103 to the
abstraction layer information 409 and determines whether the
mapping is successful. To do this, the virtual network management
server 105 follows the same steps as steps 1702 through 1707 in
FIG. 18 and a description is omitted for simplicity. The following
mainly describes differences from FIG. 18.
[0323] It may be determined at step 1706 that the requested virtual
network 301 cannot be mapped to the abstraction layer information
409. In this case, the virtual network management server 105
notifies the operator of an unsuccessful change of the virtual
network 301 and terminates the process (step 2007).
[0324] It may be determined at step 1706 that the requested virtual
network 301 is mapped to the abstraction layer information 409. In
this case, the virtual network management server 105 determines
whether the mapping change influences the virtual network 301 (step
2002).
[0325] When an influence on the virtual network 301 is determined,
the virtual network management server 105 notifies the influence to
the user of the virtual network 301 and determines whether to
permit the influence on the virtual network 301 (step 2003).
[0326] When no influence on the virtual network 301 is permitted,
the virtual network management server 105 notifies an unsuccessful
change of the virtual network 301 to the operator and terminates
the process (step 2007).
[0327] The virtual network management server 105 updates the
mapping information 408 based on the mapping result (step 1707)
when no influence on the virtual network 301 is determined at step
2002 or when the influence on the virtual network 301 is permitted
at step 2003.
[0328] The virtual network management server 105 transmits the
setting information about the virtual network 301 to the edge
router 102 mapped to the virtual network 301 (step 2004).
[0329] The virtual network management server 105 transmits the
setting information about the virtual network 301 to the physical
network management server 104 that manages the network group 701
mapped to the virtual network (step 2005).
[0330] The above-mentioned process can configure the virtual
network 301 provided with the added user location 103.
[0331] The virtual network management server 105 notifies the
operator of completion of changing the virtual network 301 and
terminates the process (step 2006).
[0332] At step 1706, the virtual network management server 105
selects one of candidates, if any, for the requested virtual
network 301 to be mapped to the abstraction layer information 409.
As one method, the operator can directly select one of candidates.
As another method, the virtual network management server 105 can
automatically select one of candidates based on network costs or
the network traffic. The embodiment may use any method.
[0333] The following describes a configuration of the edge router
102 in the virtual network system according to the first
embodiment.
[0334] FIG. 22 is a block diagram illustrating an example of
installing software for the edge router 102 according to the first
embodiment of the invention. The edge router 102 in FIG. 22 belongs
to the physical network 1 (1011).
[0335] As shown in FIG. 22, the edge router 102 connects with the
physical network 1 (1011) through a port 3905.
[0336] The network interface 3902 of the edge router 102 includes
the physical network edge function portion 602 and the edge router
configuration information 604 for the physical network 1 (1011).
The packet processing board 3904 of the edge router 102 includes
the abstraction layer processing portion 601 and the abstraction
layer information 603.
[0337] FIG. 23 is a block diagram illustrating an example
configuration between two edge routers 102 connecting different
physical networks 101 according to the first embodiment of the
invention.
[0338] As shown in FIG. 23, an edge router 1021 is connected to the
physical network 1 (1011). An edge router 1022 is connected to the
physical network 2 (1012). The edge routers 1021 and 1022 are
connected to each other through a communication cable 3906.
[0339] The network interface 3902 of the edge router 1022 includes
the physical network edge function portion 602 and the edge router
configuration information 604 for the physical network 2
(1022).
[0340] FIG. 24 is a block diagram illustrating an example
configuration of the edge router 102 connecting the physical
network 101 and the user location 103 according to the first
embodiment of the invention.
[0341] As shown in FIG. 24, the network interface 3902 connects
with the user location 1032 for user B when the edge router 102
connects with the physical network 1 (1011) and the user location
1032 for user B.
[0342] Conventionally, it has been necessary to confirm
configurations of the physical networks 101 and map them to each
other in order to generate the virtual network 301. Accurate
management of information has been necessary when the physical
networks 101 manage different information or use different
management methods.
[0343] The abstraction network according to the first embodiment of
the invention can use the common information to indivisibly manage
the virtual network system including multiple physical networks
101. It is possible to solve the problem of conventional
technologies.
[0344] The physical networks 101 are managed as an abstraction
network using the common information. It is possible to
automatically and instantly generate the virtual network 301 that
satisfies operator's needs.
Second Embodiment
[0345] The following describes a virtual network system according
to the second embodiment of the invention.
[0346] The second embodiment provides the abstract node 702 with a
function that processes a unique abstraction layer address in the
virtual network system. The other configurations equal those of the
first embodiment. The following mainly describes differences from
the first embodiment.
[0347] FIG. 25 is a block diagram illustrating a software
configuration of the edge router 102 according to the second
embodiment of the invention.
[0348] The edge router 102 according to the second embodiment
includes a transfer address resolving portion 2102 added to the
abstraction layer processing portion 601 of the edge router 102
according to the first embodiment. Abstraction layer address
conversion information 2103 and abstraction layer address
correspondence information 2104 are added to the abstraction layer
information 603.
[0349] The transfer address resolving portion 2102 supplies or
deletes an abstraction address from a communication packet. The
transfer address resolving portion 2102 resolves addresses using an
abstraction layer address. A process of the transfer address
resolving portion 2102 will be described in detail with reference
to FIG. 30.
[0350] The abstraction layer address conversion information 2103
stores an abstraction layer address that uniquely identifies the
abstract node 702 in the virtual network system. The abstraction
layer address conversion information 2103 will be described in
detail with reference to FIG. 26A.
[0351] The abstraction layer address correspondence information
2104 stores correspondence relation between the abstraction address
and the user location 103 connected to the edge router 102. The
abstraction layer address correspondence information 2104 will be
described in detail with reference to FIG. 26B.
[0352] FIG. 26A is an explanatory diagram illustrating an example
of the abstraction layer address conversion information 2103
according to the second embodiment of the invention.
[0353] The embodiment represents the abstraction layer address
conversion information 2103 as tabular data T2301.
[0354] The abstraction layer address conversion information 2103
contains an abstraction layer address (K2302) and a physical
network address (K2303).
[0355] The abstraction layer address (K2302) stores an address that
uniquely identifies the abstract node 702 included in the network
group 701 in the abstraction network.
[0356] The physical network address (K2303) stores the address of a
node such as the edge router 102 corresponding to the abstract node
702 in the physical network 101.
[0357] Information about the abstraction layer address is added to
the abstraction layer information 409.
[0358] FIG. 26B is an explanatory diagram illustrating an example
of the abstraction layer address correspondence information 2104
according to the second embodiment of the invention.
[0359] The embodiment represents the abstraction layer address
correspondence information 2104 as tabular data T2401.
[0360] The abstraction layer address correspondence information
2104 contains an MAC address (K2402) and an abstraction layer
address (K2403).
[0361] The MAC address (K2402) stores an MAC address for
identifying the user location 103 connected to edge router 102.
[0362] The abstraction layer address (K2403) equals the abstraction
layer address (K1302).
[0363] According to the embodiment, the edge router 102 references
the abstraction layer address correspondence information 2104 to
provide the communication packet with an abstraction address.
[0364] There may be two methods of providing the abstraction layer
address correspondence information 2104. As the first method, the
edge router 102 learns communication packets and generates the
abstraction layer address correspondence information 2104. As the
second method, the operator uses predetermined information as the
abstraction layer address correspondence information 2104. The
following description is based on the second method.
[0365] While the embodiment uses the MAC address, the present
invention is not limited thereto. The MAC address may be replaced
by information corresponding to ports, VLAN, or higher-order
layers, for example.
[0366] The edge router 102 may maintain the abstraction layer
address conversion information 2103 and the abstraction layer
address correspondence information 2104 as one piece of management
information.
[0367] FIG. 27 is an explanatory diagram illustrating an example of
the abstraction layer information 409 according to the second
embodiment of the invention.
[0368] The embodiment represents the abstraction layer information
409 as tabular data T2201.
[0369] The abstraction layer information 409 contains the abstract
node ID (K1302), the transport function (K1303), the LID (K1304),
the network group (K1305), the physical network connection (K1306),
and an abstraction layer address (K2202). As shown in FIG. 27, the
second embodiment differs from the first embodiment in the
abstraction layer address (K2202), a new column added to store an
abstraction layer address.
[0370] The following describes a virtual network system
initialization process according to the second embodiment.
[0371] FIG. 28 is a flowchart illustrating an example of the
virtual network system initialization process according to the
second embodiment of the invention.
[0372] The initialization process (steps 1601 through 1614) in FIG.
17 is first performed. Then, the following process is
performed.
[0373] The virtual network management server 105 determines the
abstraction layer address of each abstract node 702 based on the
information predetermined by the operator. The virtual network
management server 105 stores the determined abstraction layer
address in the abstraction layer address (K2202) of the abstraction
layer information 409 (step 2401).
[0374] The virtual network management server 105 specifies the
determined abstraction layer address for edge routers 24011 and
24012 connected to the user location 103 (step 2402).
[0375] Specifically, the determined abstraction layer address is
transmitted to the edge routers 24011 and 24012. The edge routers
24011 and 24012 store the received abstraction address in an
abstraction address (K2302) of the abstraction layer address
conversion information 2103 and an abstraction address (K2402) of
the abstraction layer address correspondence information 2104.
[0376] The virtual network management server 105 transmits a
request to the edge routers 1021, 1023, 24011, and 24012 so as to
acquire the address information about these edge routers (step
2403) in the physical network 101.
[0377] The edge routers 1021, 1023, 24011, and 24012 receive the
address information acquisition request and transmit the address
information in the physical network 101 to the virtual network
management server 105 (step 2404).
[0378] The virtual network management server 105 computes routing
information in the abstraction network based on the abstraction
layer address and the addresses in the physical network 101 (step
2405).
[0379] The virtual network management server 105 transmits the
computed routing information to the edge routers 1021, 1023, 24011,
and 24012 (step 2406).
[0380] The edge routers 1021, 1023, 24011, and 24012 store the
received routing information in the abstraction layer address
conversion information 2103 and the abstraction layer address
correspondence information 2104.
[0381] The above-mentioned process completes the configuration of
the abstraction layer address conversion information 2103 and the
abstraction layer address correspondence information 2104 for the
edge routers 1021, 1023, 24011, and 24012. This makes it possible
to verify the correspondence relation between the abstraction layer
address and the address in the physical network 101.
[0382] The following describes a process performed by the transfer
address resolving portion 2102 of an edge router 2101 according to
the second embodiment.
[0383] FIG. 29 is a flowchart illustrating an example of a
communication path for communication packets between locations 1032
for user B in the virtual network system according to the second
embodiment of the invention.
[0384] The virtual network 301 includes the physical network 1
(1011) and the physical network 3 (1013) and connects the locations
1032 for user B to each other. A communication packet for user B is
transferred between the locations 1032 for user B over a
communication path 2501 in FIG. 29, for example.
[0385] The physical network 101 uses different methods to configure
virtual networks. In the physical network 1 (1011), for example,
the physical network edge function portion 602 of the edge routers
1021 and 1022 changes a communication packet into a communication
packet 2502 transferable in the physical network 1 (1011) based on
the abstraction layer address conversion information 2103 and the
abstraction layer address correspondence information 2104.
[0386] In the 3 (1013), the physical network edge function portion
602 of the edge routers 1023 and 1024 changes a communication
changes a communication packet into a communication packet 2503
transferable in the physical network 3 (1013) based on the
abstraction layer address conversion information 2103 and the
abstraction layer address correspondence information 2104.
[0387] The embodiment supplies header information unchanged in the
virtual network to communication packets exchanged in the virtual
network system. The following describes communication packet
structures according to the embodiment.
[0388] FIG. 30 is an explanatory diagram illustrating an example
structure of the communication packet 2502 for the physical network
1 (1011) according to the second embodiment of the invention. FIG.
31 is an explanatory diagram illustrating an example structure of
the communication packet 2503 for the physical network 3 (1013)
according to the second embodiment of the invention.
[0389] The communication packet 2502 contains a user packet 2601,
an abstraction layer header 2602, and a header 2603 for the
physical network 1.
[0390] The user packet 2601 indicates a communication packet for
the user within the user location 103.
[0391] The abstraction layer header 2602 indicates header
information unchanged in the virtual network 301. For example, the
abstraction layer header 2602 contains: an abstraction layer
address E (destination address) 2606 for the edge router 1024
connected to the location 1032 for user B as a destination in the
virtual network 301; an abstraction layer address B (source
address) 2605 for the edge router 1021 connected to the location
1032 for user B as a transmission origin; and a virtual network
identifier 2604 as other control information.
[0392] The header 2603 for the physical network 1 provides header
information in the physical network 1 (1011). For example, the
header to the physical network 1 contains address A4 in the
physical network 1 (1011) as a destination address.
[0393] The communication packet 2503 contains a user packet 2701,
an abstraction layer header 2602, and a header 2703 for the
physical network 3.
[0394] The abstraction layer header 2602 contains: an abstraction
layer address E (destination address) 2606 for the edge router 1024
connected to the location 1032 for user B as a destination in the
virtual network 301; an abstraction layer address B (source
address) 2605 for the edge router 1021 connected to the location
1032 for user B as a transmission origin; and a virtual network
identifier 2604 as other control information.
[0395] As shown in FIG. 31, the abstraction layer header 2602
remains unchanged in any physical network 101.
[0396] The header 2703 for the physical network 3 contains address
B3 in the physical network 3 (1013) as a destination address.
[0397] The edge routers 1021, 1022, 1023, and 1024 according to the
embodiment use the abstraction layer addresses and the addresses in
the physical network 101 as described below.
[0398] The edge router 1021 maintains address A2 in the physical
network 1 and abstraction layer address B.
[0399] The edge router 1022 maintains address A4 in the physical
network 1 but no abstraction layer address.
[0400] The edge router 1023 maintains address D3 in the physical
network 3 but no abstraction layer address.
[0401] The edge router 1024 maintains address B2 in the physical
network 3 and abstraction layer address D.
[0402] The transfer address resolving portion 2102 of the edge
router 1023 references the abstraction layer address conversion
information 2103 based on the abstraction layer header 2602 in the
communication packet and resolves the routing in the physical
network 3 (1013) for the communication packet.
[0403] For example, let us assume that the communication packet
contains a destination address 2606 set to "E" in the abstraction
layer header 2602. The transfer address resolving portion 2102 of
the edge router 1023 identifies the address of the physical network
3 (1013) as "B3" from the row containing the abstraction layer
address K1302 set to "E" in the abstraction layer address
conversion information 2103. The edge router performs a routing
process on the assumption that the communication packet 2503
corresponds to the destination address B3 for the header 2703 in
the physical network 3 (1013).
[0404] The edge router 102 supplies an abstraction address as
follows, for example.
[0405] The edge router 102 first analyzes a received communication
packet. Based on the analysis result, the edge router then
references the abstraction layer address conversion information
2103 and the abstraction layer address correspondence information
2104 and supplies the received communication packet with an
abstraction layer header containing the abstraction address.
[0406] The edge router 102 deletes the abstraction layer header
from the communication packet when transmitting the communication
packet to each location 103.
[0407] Conventionally, each of edge routers 102 needs to maintain
addresses in the user space and addresses in the physical network
101 to which the edge router belongs. The edge router 102 may need
to maintain too large a table for address resolution. The number of
entries equals the product of the number of edge routers multiplied
by that of user addresses and users.
[0408] However, the second embodiment of the invention uses the
unique abstraction layer address throughout the virtual network
system including multiple physical networks and adds an abstraction
header for the abstraction layer address to a communication packet.
The virtual network system can resolve an address using the
abstraction layer address. The virtual network system can decrease
the amount of information about addresses to be converted. It is
possible to reduce costs for the router apparatus and the operation
and maintenance control.
Third Embodiment
[0409] The following describes a virtual network system according
to the third embodiment of the invention.
[0410] The virtual network system according to the third embodiment
differs from the virtual network system according to the first
embodiment in that the physical network 101 includes an additional
router provided with the virtual function such as a virtual
computer (server) or a virtual switch. The other configurations
equal those of the first embodiment. The following mainly describes
differences from the first embodiment.
[0411] As shown in FIGS. 3A through 3C, the virtual networks 3011,
3012, and 3013 are logically separated for each of users and
independently connect the user locations 1031, 1032, and 1033 for
the corresponding users.
[0412] For example, the virtual network 3011 for user A is
configured as follows. A virtual network for user A is configured
in each of the physical networks 1 (1011), 2 (1012), and 3 (1013).
The edge routers 102 connect the user-A virtual networks configured
in the physical networks 1 (1011), 2 (1012), and 3 (1013) to
configure a virtual network across the physical networks 1011,
1012, and 1013. The edge routers 102 connect the configured virtual
network for user A with the location 1031 for user A to configure
the virtual network 3011 for user A as shown in FIG. 3.
[0413] The embodiment assumes that the independent virtual networks
301 are allocated to users. Instead, the virtual network 301 may be
allocated to each service supplied from a carrier or service
provider or to each application owned by a user.
[0414] FIG. 32 is a block diagram illustrating a configuration of
the physical network 101 according to the third embodiment of the
invention.
[0415] As shown in FIG. 32, the physical network 1 (1011) according
to the third embodiment includes a router 2801 provided with the
virtual function such as a virtual computer or a virtual
switch.
[0416] FIGS. 33A, 33B, and 33C are block diagrams illustrating
example configurations of the virtual network 301 for each user in
the virtual network system according to the third embodiment of the
invention.
[0417] Similarly to FIGS. 3A through 3C, the virtual networks 3011,
3012, and 3013 are logically separated for each of users and
independently connect the user locations 1031, 1032, and 1033 for
the corresponding users.
[0418] According to the embodiment, the virtual function provided
for the router 2801 allows a virtual L3 switch 2901 and a virtual
server 2902 to be connected to the virtual networks 3011, 3012, and
3013 for corresponding users.
[0419] In the example of FIG. 33B, the virtual network 3012 for
user B can use functions of the virtual L3 switch 2901 and the
virtual server 2902.
[0420] In the example, the router 2801 is added to the physical
network 1 (1011) for simplicity. The other physical networks 1012
and 1013 may include the router 2801.
[0421] The following describes the software configuration of
apparatuses included in the virtual network system according to the
third embodiment of the invention.
[0422] FIG. 34 is an explanatory diagram illustrating an
abstraction network generated from abstracting the virtual network
system according to the third embodiment of the invention.
[0423] The abstraction layer managing portion 404 of the virtual
network management server 105 uses the abstraction layer
information 409 to manage the virtual network system including the
physical network 101 shown in FIG. 32 as an abstraction network
shown in FIG. 34.
[0424] The abstraction network according to the embodiment manages
the router 2801 as an abstract node 3101 similarly to the edge
router 102.
[0425] The following describes information provided for the virtual
network management server 105.
[0426] The virtual network management server 105 according to the
third embodiment uses the same hardware configuration as the
virtual network management server 105 according to the first
embodiment. A difference is that the virtual network management
server 105 according to the third embodiment maintains the virtual
function supplied from the router 2801.
[0427] FIG. 35 is an explanatory diagram illustrating an example of
the abstraction layer information 409 according to the third
embodiment of the invention.
[0428] The embodiment represents the abstraction layer information
409 as tabular data T3501.
[0429] A new column of virtual function (K3502) is added to the
abstraction layer information 409 (see FIG. 12) according to the
first embodiment.
[0430] The virtual function (3502) stores information about the
virtual function supplied from the router 2801 corresponding to the
abstract node 3101.
[0431] As a feature of the invention, the abstraction network can
use the common information to manage all the abstract nodes 702 and
3101 configuring the virtual network system as shown in FIG.
35.
[0432] FIG. 36 is an explanatory diagram illustrating an example of
the user request information 405 according to the third embodiment
of the invention.
[0433] The embodiment represents the user request information 405
as tabular data T3201.
[0434] The user request information 405 stores information about
the requested virtual function in addition to a request from the
operator for the virtual network 301.
[0435] A new column of virtual function (K3202) is added to the
user request information 405 (see FIG. 8) according to the first
embodiment.
[0436] The virtual function (K3202) stores information about an
operator-requested virtual function. That is, the virtual function
(K3202) indicates the virtual function connected to the virtual
network 301 requested by the operator.
[0437] FIG. 37 is an explanatory diagram illustrating an example of
the virtual network definition information 406 according to the
third embodiment of the invention.
[0438] The embodiment represents the virtual network definition
information 406 as tabular data T3301.
[0439] The user request accepting portion 401 converts information
stored in the user request information 405 into information about
the abstraction network. The virtual network definition information
406 stores that converted information.
[0440] A new column of virtual function (K3302) is added to the
virtual network definition information 406 (see FIG. 9) according
to the first embodiment.
[0441] The virtual function (K3302) stores information about an
operator-requested virtual function in the abstraction network.
That is, the virtual function (K3302) indicates the virtual
function connected to the virtual network 301 requested by the
operator.
[0442] FIG. 38 is an explanatory diagram illustrating the mapping
information 408 according to the third embodiment of the invention.
FIG. 38 shows the mapping information 408 about the virtual network
3012 allocated to user B.
[0443] The embodiment represents the mapping information 408 as
tabular data T3401.
[0444] The virtual network allocation managing portion 402 maps the
virtual network 301 allocated to the user to an abstraction network
and stores the mapping result in the mapping information 408.
[0445] The mapping information 408 according to the third
embodiment contains a new column of virtual function mapping
information (K3402) added to the mapping information 408 (see FIG.
11) according to the first embodiment.
[0446] The virtual function mapping information (K3402) stores
information about the virtual function supplied from the abstract
node 3101 allocated to the virtual network 301.
[0447] The virtual function mapping information (K3402) contains
virtual function (K3403) and abstract node ID (K3404).
[0448] The virtual function (K3403) stores information about the
virtual function requested by the operator in the abstraction
network. That is, the virtual function (K3403) indicates the
virtual function connected to the virtual network 301 requested by
the operator.
[0449] The abstract node ID (K3404) stores an identifier to
identify the abstract node 3101 that supplies the virtual function
corresponding to the virtual function (K3403).
[0450] The example in FIG. 38 shows that the virtual L3 switch
function is supplied from the abstract node 3101 having the
abstract node ID (K3404) set to "101." The example also shows that
the virtual server function is supplied from the abstract node 3101
having the abstract node ID (K3404) set to "102."
[0451] The physical network management server 104 is described
below.
[0452] The physical network management server 104 according to the
third embodiment stores information about the virtual function
supplied from the router 2801 in the abstraction layer information
503.
[0453] FIG. 39 is an explanatory diagram illustrating an example of
the abstraction layer information 503 according to the third
embodiment of the invention.
[0454] The embodiment represents the abstraction layer information
503 as tabular data T3701.
[0455] The abstraction layer information 503 according to the third
embodiment contains a new virtual function (K3702) added to the
abstraction layer information 503 (see FIG. 14A) according to the
first embodiment.
[0456] The virtual function (K3702) stores information about the
virtual function supplied from the router 2801 in the abstraction
network. That is, the virtual function (K3702) indicates the
virtual function connected to the virtual network 301.
[0457] The example in FIG. 39 shows that the router 2801 with the
physical node ID (K1502) set to "router e" uses the abstract node
ID (K1503) set to "101" and the virtual function (K3502) set to
"virtual L3 switch." The example also shows that the router 2801
with the physical node ID (K1502) set to "router f" uses the
abstract node ID (K1503) set to "102" and the virtual function
(K3502) set to "virtual server."
[0458] The router 2801 is described below.
[0459] The router 2801 has the same hardware configuration as the
edge router 102 and a description is omitted.
[0460] FIG. 40 is a block diagram illustrating a software
configuration of the router 2801 according to the third embodiment
of the invention.
[0461] The router 2801 differs from the edge router 102 in that a
virtual function portion 3002 is provided.
[0462] The virtual function portion 3002 has a function that
supplies the virtual network 301 with the virtual function such as
the virtual switch or the virtual server. The abstraction layer
information 603 of the router 2801 contains information different
from the abstraction layer information 603 of the edge router
102.
[0463] FIG. 41 is an explanatory diagram illustrating an example of
the abstraction layer information 603 provided for the router 2801
according to the third embodiment of the invention.
[0464] The embodiment represents the abstraction layer information
603 provided for the router 2801 as tabular data T3601.
[0465] The abstraction layer information 603 according to the third
embodiment contains a new column of virtual function (K3602) added
to the abstraction layer information 603 (see FIG. 16) according to
the first embodiment.
[0466] The virtual function (K3602) stores information about the
virtual function supplied from the router 2801 in the abstraction
network. That is, the virtual function (K3602) indicates the
virtual function connected to the virtual network 301.
[0467] According to the embodiment, the virtual function portion
3002 is provided for the edge router 102 but may be provided for
the other apparatuses. For example, a server apparatus included in
the physical network 101 may be provided with the virtual function
portion 3002.
[0468] The following describes a process of generating the virtual
network 301 in the virtual network system according to the third
embodiment.
[0469] FIG. 42 is a flowchart illustrating an example process of
generating the virtual network 301 in the virtual network system
according to the third embodiment of the invention.
[0470] Steps 1701 through 1711 equal those in the first embodiment
and a description is omitted for simplicity.
[0471] After step 1705 according to the third embodiment, the
virtual network management server 105 references the abstraction
layer information 409 and selects the abstract node 3101 capable of
providing the requested virtual function from the abstract nodes
3010 selected at step 1705.
[0472] At step 1706, the virtual network management server 105 maps
the virtual network 301 based on the network group 701 selected at
step 1704 and the abstract node 3101 selected at step 3801.
Fourth Embodiment
[0473] The following describes a virtual network system according
to the fourth embodiment of the invention.
[0474] In the virtual network system according to the fourth
embodiment, the function block for the edge router 102 is installed
differently from the first embodiment. The following mainly
describes differences from the first embodiment.
[0475] FIG. 43 is a block diagram illustrating an example of
installing software for the edge router 102 according to the fourth
embodiment of the invention.
[0476] The edge router 102 according to the fourth embodiment
includes multiple physical network edge function portions 602.
[0477] In the example of FIG. 43, the edge router 102 is connected
to the physical networks 1011 and 1012.
[0478] A network interface 39021 is connected to the physical
network 1 (1011) and includes a physical network edge function
portion 6021 and an edge router configuration information 604
corresponding to the physical network 1 (1011). A network interface
39022 is connected to the physical network 2 (1012) and includes a
physical network edge function portion 6022 and an edge router
configuration information 604 corresponding to the physical network
2 (1012). The packet processing board 3904 includes the abstraction
layer processing portion 601 and the abstraction layer information
603.
Fifth Embodiment
[0479] The following describes a virtual network system according
to the fifth embodiment of the invention.
[0480] In the virtual network system according to the fifth
embodiment, the function block for the edge router 102 is installed
differently from the first embodiment. The following mainly
describes differences from the first embodiment.
[0481] FIG. 44 is a block diagram illustrating an example of
installing software for the edge router 102 according to the fifth
embodiment of the invention.
[0482] According to the fifth embodiment, the network interface
3902 of the edge router 102 includes the physical network edge
function portion 602 and the edge router configuration information
604 corresponding to the physical network 1 (1011)
[0483] A computer 4402 includes the abstraction layer processing
portion 601 and the abstraction layer information 603 and is
connected to the edge router 102 through the communication cable
3906. The computer 4402 also includes a processor (not shown),
memory (not shown), and a network interface (not shown).
[0484] In the example of FIG. 44, the edge router 102 does not
include the packet processing board 3904 but may include it.
[0485] While there have been described specific preferred
embodiments of the present invention, it is to be distinctly
understood that the present invention is not limited thereto but
may be otherwise variously embodied within the spirit and scope of
the invention.
[0486] The embodiments of the invention provide the following
effects.
[0487] (1) There may be a case where a virtual network is
configured across multiple physical networks that use different
methods of configuring and managing the network. In such a case,
the virtual network management server 105 can indivisibly manage
the virtual network system including multiple physical networks 101
as an abstraction network. The virtual network 301 compliant with
operator's requests can be generated on demand.
[0488] (2) The virtual network management server 105 can
indivisibly manage the virtual network system including multiple
physical networks 101 as an abstraction network and therefore
manage the overall state of the virtual network 301. Consequently,
the virtual network management server 105 can keep track of network
states in real time and in detail and provide the highly reliable
virtual network 301.
[0489] (3) A communication packet uses the abstraction header
containing a unique abstraction layer address across the virtual
network system including multiple physical networks 101. The
abstraction layer address can be used to resolve addresses in the
virtual network system. The virtual network system can decrease the
amount of information about addresses to be converted in order to
resolve addresses. It is possible to reduce costs for the router
apparatus and the operation and maintenance control.
* * * * *