[go: up one dir, main page]

CN113542421A - Data forwarding method and device based on 5G user plane functional entity - Google Patents

Data forwarding method and device based on 5G user plane functional entity Download PDF

Info

Publication number
CN113542421A
CN113542421A CN202110814602.0A CN202110814602A CN113542421A CN 113542421 A CN113542421 A CN 113542421A CN 202110814602 A CN202110814602 A CN 202110814602A CN 113542421 A CN113542421 A CN 113542421A
Authority
CN
China
Prior art keywords
service request
network
type
forwarding
virtual machine
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN202110814602.0A
Other languages
Chinese (zh)
Inventor
石野
高金龙
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Datang Network Co ltd
Original Assignee
Datang Network Co ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Datang Network Co ltd filed Critical Datang Network Co ltd
Priority to CN202110814602.0A priority Critical patent/CN113542421A/en
Publication of CN113542421A publication Critical patent/CN113542421A/en
Pending legal-status Critical Current

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/50Network services
    • H04L67/60Scheduling or organising the servicing of application requests, e.g. requests for application data transmissions using the analysis and optimisation of the required network resources
    • H04L67/63Routing a service request depending on the request content or context
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F9/00Arrangements for program control, e.g. control units
    • G06F9/06Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
    • G06F9/44Arrangements for executing specific programs
    • G06F9/455Emulation; Interpretation; Software simulation, e.g. virtualisation or emulation of application or operating system execution engines
    • G06F9/45533Hypervisors; Virtual machine monitors
    • G06F9/45558Hypervisor-specific management and integration aspects
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L61/00Network arrangements, protocols or services for addressing or naming
    • H04L61/09Mapping addresses
    • H04L61/25Mapping addresses of the same type
    • H04L61/2503Translation of Internet protocol [IP] addresses
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F9/00Arrangements for program control, e.g. control units
    • G06F9/06Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
    • G06F9/44Arrangements for executing specific programs
    • G06F9/455Emulation; Interpretation; Software simulation, e.g. virtualisation or emulation of application or operating system execution engines
    • G06F9/45533Hypervisors; Virtual machine monitors
    • G06F9/45558Hypervisor-specific management and integration aspects
    • G06F2009/45595Network integration; Enabling network access in virtual machine instances

Landscapes

  • Engineering & Computer Science (AREA)
  • Software Systems (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Theoretical Computer Science (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)

Abstract

The application discloses a data forwarding method and device based on a 5G user plane functional entity. Wherein, the method comprises the following steps: receiving a plurality of service requests from an external data network, wherein each service request is used for requesting to access one virtual machine instance in a user plane functional entity; dividing a plurality of service requests into a first type of service requests and a second type of service requests according to the virtual machine instance requested to be accessed by each service request; forwarding the first class service request to a virtual machine instance which is requested to access by the first class service request from an external data network through a hot-plugging virtual network card, wherein the virtual network card is configured with a public network IP address corresponding to the external data network; and forwarding the second class service request to the virtual machine instance which is requested to access by the second class service request from the external data network through the router instance, wherein the router instance is used for carrying out port forwarding according to the network address translation technology. The method and the device solve the technical problem that data forwarding cost is high when the internal users of the 5G network provide services to the outside in the related technology.

Description

Data forwarding method and device based on 5G user plane functional entity
Technical Field
The present invention relates to the field of data communication technologies, and in particular, to a data forwarding method and apparatus based on a 5G user plane functional entity.
Background
With the rapid development of 5G mobile networks, a 5G core network adopts a service architecture, which can provide a flexible network and an agile service, and in order to satisfy the requirement that an external User accesses a service provided by a User Plane Function (UPF) in the 5G network through an external IP, a computer network technology is required to be used to solve the forwarding of a User data packet.
In recent years, although SDN (Software Defined Network) services have been greatly developed, in an actual application scenario, a traditional hardware manner is still adopted to ensure stability of a Network layer, and a data packet flow direction of an internal data Network is managed by using an SDN technology in an auxiliary manner. How to ensure the stability, high utilization rate, high security and high controllability of the network is still one of the problems that needs to be solved urgently at present. The port forwarding technology is widely applied to the entity router, but the software-defined router usually does not include the port forwarding function, and needs to be configured additionally to implement the corresponding function. Under the framework of a Linuxbridge (bridge) + VLAN (Virtual Local Area Network), a user host is connected with the bridge defined by software, a user can only access an external Network through a Virtual router or a router instance defined by the software, and an internal user cannot provide Network service to the outside due to the adoption of a private IP address, so that the Data communication cost of a service provider in a 5G Network user and DN (Data Network) is increased, and the use difficulty of the user is increased. If each user needs to bind a fixed external IP to provide service, not only the communication cost of the user is increased, but also the use tension of public IP resources is increased.
In view of the above problems, no effective solution has been proposed.
Disclosure of Invention
The embodiment of the application provides a data forwarding method and device based on a 5G user plane functional entity, so as to at least solve the technical problem that in the related art, when a user in a 5G network provides a service to the outside, the data forwarding cost is high.
According to an aspect of the embodiments of the present application, a data forwarding method based on a 5G user plane functional entity is provided, including: receiving a plurality of service requests from an external data network, wherein each service request is used for requesting to access one virtual machine instance in a user plane functional entity; dividing the service requests into a first type of service requests and a second type of service requests according to the virtual machine instance requested to be accessed by each service request; forwarding the first type of service request to a virtual machine instance requested to be accessed by the first type of service request from the external data network through a hot-plug virtual network card, wherein the virtual network card is configured with a public network IP address corresponding to the external data network; and forwarding the second type of service request to the virtual machine instance requested to be accessed by the second type of service request from the external data network through a router instance, wherein the router instance is used for carrying out port forwarding according to a network address translation technology.
Optionally, determining a first number of virtual machine instances requested to be accessed by the plurality of service requests, determining a second number of available public network IP addresses in a public network IP address resource pool corresponding to the external data network, and comparing the first number with the second number; if the first number is smaller than the second number, binding one available public network IP address for each virtual machine instance, and forwarding each service request from the external data network to the virtual machine instance requested to be accessed by each service request directly based on the available public network IP address; if the first number is larger than the second number, the plurality of service requests are triggered to be divided into the first type of service requests and the second type of service requests.
Optionally, determining a target public network IP address from a public network IP address resource pool corresponding to the external data network; calling the virtual network card at a target node through an application program interface, and binding the target public network IP address for the virtual network card; forwarding the first type of service request to the virtual machine instance requested to be accessed by the first type of service request from the external data network through the virtual network card; and releasing the target public network IP address back to the public network IP address resource pool, and deleting the virtual network card.
Optionally, the second type of service request is transmitted to an entity switch by the external data network, transmitted to an entity network card by the entity switch, forwarded to a virtual bridge connected to a virtual switch port corresponding to the entity network card by the entity network card, and transmitted to the router instance associated with the virtual bridge by the virtual bridge; and according to rules recorded by a network address translation table in an IP data packet filtering system configured in the router instance, forwarding control is carried out on the second type of service request, and the second type of service request is forwarded to the virtual machine instance requested to be accessed by the second type of service request.
Optionally, a mapping relationship between the public network IP address and a port of the virtual machine instance is stored in the network address translation table, a target port corresponding to the second class service request is determined according to the public network IP address corresponding to the second class service request and the mapping relationship, the second class service request is forwarded to the target port, where the target port is a port of the virtual machine instance requested to be accessed by the second class service request, and the virtual machine instance performs service data feedback through the target port.
Optionally, forwarding, by the router instance, a third service request in the virtual machine instance to the external data network, where the third service request is used to request access to the external data network.
Optionally, the third service request is transmitted by the virtual machine instance to a private network segment interface of the router instance connected to the first virtual bridge through the first virtual bridge directly connected to the virtual machine instance; routing the third service request to a second virtual bridge connected to the router instance through an external interface of the router instance; and transmitting the third service request to an entity network card through a port of a virtual switch directly connected with the second virtual network bridge, transmitting the third service request to the entity switch through the entity network card, and transmitting the third service request to the external data network through the entity switch.
According to another aspect of the embodiments of the present application, there is also provided a data forwarding apparatus based on a 5G user plane functional entity, including: the system comprises a receiving module, a processing module and a processing module, wherein the receiving module is used for receiving a plurality of service requests from an external data network, and each service request is used for requesting to access one virtual machine instance in a user plane functional entity; the dividing module is used for dividing the service requests into a first class of service requests and a second class of service requests according to the virtual machine instance requested to be accessed by each service request; the first forwarding module is used for forwarding the first type of service request to a virtual machine instance requested to be accessed by the first type of service request from the external data network through a hot-plug virtual network card, wherein the virtual network card is configured with a public network IP address corresponding to the external data network; and the second forwarding module is used for forwarding the second type of service request to the virtual machine instance requested to be accessed by the second type of service request from the external data network through a router instance, wherein the router instance is used for carrying out port forwarding according to a network address translation technology.
According to another aspect of the embodiments of the present application, a nonvolatile storage medium is further provided, where the nonvolatile storage medium includes a stored program, and when the program runs, the apparatus where the nonvolatile storage medium is located is controlled to execute the above data forwarding method based on the 5G user plane functional entity.
According to another aspect of the embodiments of the present application, there is also provided a processor, where the processor is configured to execute a program, where the program executes the above data forwarding method based on a 5G user plane functional entity when running.
In the embodiment of the application, a plurality of service requests from an external data network are divided according to the virtual machine instances requested to be accessed, and then the corresponding service requests are respectively forwarded to the virtual machine instances requested to be accessed from the external data network by adopting a mode of hot plugging a virtual network card or a router instance. In the scheme, the user can flexibly control the data forwarding mode by adjusting the configuration of the relevant interface, and the data forwarding efficiency is improved while excessive public IP resources are avoided being occupied, so that the technical problem that the data forwarding cost is high when the user in the 5G network provides services to the outside in the relevant technology is solved.
Drawings
The accompanying drawings, which are included to provide a further understanding of the application and are incorporated in and constitute a part of this application, illustrate embodiment(s) of the application and together with the description serve to explain the application and not to limit the application. In the drawings:
fig. 1 is a schematic flow chart of a data forwarding method according to an embodiment of the present application;
FIG. 2 is a data flow diagram of a data forwarding process according to an embodiment of the present application;
FIG. 3 is a schematic diagram of port forwarding according to an embodiment of the present application;
fig. 4 is a schematic structural diagram of a data forwarding apparatus according to an embodiment of the present application.
Detailed Description
In order to make the technical solutions better understood by those skilled in the art, the technical solutions in the embodiments of the present application will be clearly and completely described below with reference to the drawings in the embodiments of the present application, and it is obvious that the described embodiments are only partial embodiments of the present application, but not all embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present application.
It should be noted that the terms "first," "second," and the like in the description and claims of this application and in the drawings described above are used for distinguishing between similar elements and not necessarily for describing a particular sequential or chronological order. It is to be understood that the data so used is interchangeable under appropriate circumstances such that the embodiments of the application described herein are capable of operation in sequences other than those illustrated or described herein. Furthermore, the terms "comprises," "comprising," and any other variation thereof, are intended to cover a non-exclusive inclusion, such that a process, method, system, article, or apparatus that comprises a list of steps or elements is not necessarily limited to those steps or elements expressly listed, but may include other steps or elements not expressly listed or inherent to such process, method, article, or apparatus.
Example 1
According to an embodiment of the present application, there is provided an embodiment of a data forwarding method based on a 5G user plane functional entity, it should be noted that the steps shown in the flowchart of the figure may be executed in a computer system such as a set of computer executable instructions, and although a logical order is shown in the flowchart, in some cases, the steps shown or described may be executed in an order different from that here.
Fig. 1 is a data forwarding method according to an embodiment of the present application, and as shown in fig. 1, the method includes at least steps S102-S108, where:
step S102, a plurality of service requests from an external data network are received, wherein each service request is used for requesting to access one virtual machine instance in a user plane functional entity.
Step S104, dividing the service requests into a first type of service requests and a second type of service requests according to the virtual machine instance requested to be accessed by each service request.
In some optional embodiments of the present application, when implementing the network service provided by the virtual machine instance in the 5G UPF to the outside, first receiving a plurality of service requests from the DN, then determining a first number of virtual machine instances requested to be accessed by the plurality of service requests, determining a second number of available public network IP addresses in the public network IP address resource pool corresponding to the DN, and then comparing the first number with the second number.
If the first number is smaller than the second number, it indicates that the resources of the available public network IP address of the DN are sufficient, and at this time, an available public network IP address may be bound for each virtual machine instance, and each service request is directly forwarded from the external data network to the virtual machine instance requested to be accessed by each service request based on the available public network IP address.
If the first number is greater than the second number, it is indicated that the available public network IP address resources of the DN are insufficient, and other data forwarding manners need to be adopted to implement the virtual machine instance to provide the network service to the outside, at this time, the division of the plurality of service requests into the first type of service requests and the second type of service requests may be triggered. Specifically, the service types provided by the virtual machine instances requested to be accessed by each service request can be divided into a first type of service request or a second type of service request, different data forwarding modes are adopted for different service requests, and the data forwarding efficiency can be effectively improved.
Step S106, the first class service request is forwarded to the virtual machine instance requested to be accessed by the first class service request from the external data network through the hot plug virtual network card, wherein the virtual network card is configured with a public network IP address corresponding to the external data network.
In some optional embodiments of the present application, when data forwarding is performed through a hot-plug virtual network card, a target public network IP address is first determined from a public network IP address resource pool corresponding to an external data network; calling a virtual network card dynamically assembled at a target node through an Application Programming Interface (API), and binding the IP address of the target public network for the virtual network card; then, the first type of service request is forwarded to the virtual machine instance which is requested to be accessed by the first type of service request from an external data network through a virtual network card; and finally, releasing the target public network IP address back to the public network IP address resource pool, and deleting the virtual network card.
Step S108, the second type service request is forwarded to the virtual machine instance requested to be accessed by the second type service request from the external data network through the router instance, wherein the router instance is used for carrying out port forwarding according to the network address translation technology.
In some optional embodiments of the present application, when port forwarding is performed through a router instance, first, the second type of service request is transmitted to the entity switch from the external data network, transmitted to the entity network card by the entity switch, transmitted to the virtual bridge connected to the virtual switch port corresponding to the entity network card by the entity network card, and then transmitted to the router instance associated with the virtual bridge by the virtual bridge; and then, according to rules recorded by a network address translation table in an IP data packet filtering system configured in the router instance, forwarding control is carried out on the second type of service request, and the second type of service request is forwarded to the virtual machine instance requested to be accessed by the second type of service request.
Specifically, a mapping relationship between the public network IP address and a port of the virtual machine instance is stored in the network address translation table, a target port corresponding to the second type of service request may be determined according to the public network IP address and the mapping relationship corresponding to the second type of service request, and the second type of service request is forwarded to the target port, where the target port is a port of the virtual machine instance requested to be accessed by the second type of service request, and the virtual machine instance performs service data feedback through the target port.
Fig. 2 shows a schematic data flow diagram of an optional data forwarding process, where 5G UPF is a user plane function entity inside a 5G Network, Instance is a virtual machine Instance, Router is a Router Instance, which performs port forwarding according to NAT (Network Address Translation), tap is a corresponding port, brqf17f4d26-a5 and brq6a9089dc-85 are virtual bridges, virtual Switch is a virtual Switch, Physical Eth is a Physical Network card, Physical Switch is a Physical Switch, net-private-agent and net-public-agent are a private Network agent and a public Network agent, respectively, DN and Internet are external data networks, and MEC is a mobile edge center. Optionally, in the data forwarding system, 2 entity switches and 4 virtual switches may also be used to implement 1+1 redundancy backup, so as to ensure high availability of a specific transmission network.
When an external data network accesses a virtual machine instance, a service request enters a physical switch from DN or Internet, and reaches a router instance through an entity network card enp2s0 f-and a virtual switch enp2s0f1 created by the entity network card, and a virtual bridge brq6a9089dc-85 directly connected with the virtual switch enp2s0f1, forwarding control is carried out on data flow through a rule recorded by an NAT table of IPTAbles (IP packet filtering system), and mainly when a port mapped by external request access is received, a destination address and a port of the service request are adjusted, so that data can access specific services of the corresponding virtual machine instance through a public network IP address, and then service data fed back by the virtual machine instance is transmitted through the port.
In some optional embodiments of the present application, a third service request in the virtual machine instance may further be forwarded to the external data network through the router instance, where the third service request is used to request to access the external data network, so as to implement that the virtual machine instance in the 5G UPF accesses the external network.
Specifically, the third service request is transmitted to a private network segment interface of a router instance connected with the first virtual bridge by the virtual machine instance through the first virtual bridge directly connected with the virtual machine instance; routing the third service request to a second virtual bridge connected to the router instance through an external interface of the router instance; and transmitting the third service request to the entity network card through a port of the virtual switch directly connected with the second virtual network bridge, transmitting the third service request to the entity switch through the entity network card, and transmitting the third service request to an external data network through the entity switch.
When the service request passes through the router instance, a temporary port mapping relation is usually established by using an unoccupied port, the service request is directly transmitted to the DN, when request data are returned, the feedback service data are transmitted to the virtual machine instance through the originally established temporary mapping port, and the temporary port is closed after the session is completed.
Still taking fig. 2 as an example, the virtual machine instance passes the service request to the private network segment interface tap0 of the router instance through the first virtual bridge brqf17f4d26-a5, then to the second virtual bridge brq6a90 9089dc-85 through the external interface tap1 of the router instance, then to the physical network card enp2s0f through the virtual switch enp2s0f1, then to the physical switch, and finally to the external data network through the external router.
Fig. 3 is a schematic diagram illustrating an alternative port forwarding, in which an internal host represents a virtual machine instance in a 5G UPF, and when the 5G UPF internal virtual machine instance accesses a DN or an MEC, the 5G UPF internal virtual machine instance can directly access the DN or the MEC through router temporary port forwarding; when the external host in the DN or MEC needs to access the service provided by the internal host, port forwarding control needs to be performed according to a port forwarding rule defined in advance (i.e., a mapping relationship between the established public network IP address and the port of the virtual machine instance).
In the embodiment of the application, a plurality of service requests from an external data network are divided according to the virtual machine instances requested to be accessed, and then the corresponding service requests are respectively forwarded to the virtual machine instances requested to be accessed from the external data network by adopting a mode of hot plugging a virtual network card or a router instance. In the scheme, the user can flexibly control the data forwarding mode by adjusting the configuration of the relevant interface, and the data forwarding efficiency is improved while excessive public IP resources are avoided being occupied, so that the technical problem that the data forwarding cost is high when the user in the 5G network provides services to the outside in the relevant technology is solved.
Example 2
According to an embodiment of the present application, there is also provided a data forwarding apparatus based on a 5G user plane functional entity for implementing the data forwarding method, as shown in fig. 4, the apparatus includes a receiving module 40, a dividing module 42, a first forwarding module 44, and a second forwarding module 46, where:
a receiving module 40, configured to receive a plurality of service requests from an external data network, where each service request is used to request access to one virtual machine instance in a user plane functional entity.
The dividing module 42 is configured to divide the plurality of service requests into a first class of service requests and a second class of service requests according to the virtual machine instance requested to be accessed by each service request.
The first forwarding module 44 is configured to forward the first type of service request to the virtual machine instance requested to be accessed by the first type of service request through the external data network by hot-plugging the virtual network card, where the virtual network card is configured with a public network IP address corresponding to the external data network.
And a second forwarding module 46, configured to forward the second type of service request to the virtual machine instance requested to be accessed by the second type of service request through the router instance, where the router instance is configured to perform port forwarding according to a network address translation technology.
It should be noted that, modules in the data forwarding apparatus in this embodiment correspond to implementation steps of the data forwarding method in embodiment 1 one to one, and since the detailed description is already performed in embodiment 1, details that are not partially shown in this embodiment may refer to embodiment 1, and are not described herein again.
Example 3
According to the embodiment of the application, a nonvolatile storage medium is further provided, where the nonvolatile storage medium includes a stored program, and when the program runs, a device where the nonvolatile storage medium is located is controlled to execute the above data forwarding method based on the 5G user plane functional entity.
According to an embodiment of the present application, there is also provided a processor, where the processor is configured to execute a program, where the program executes the above data forwarding method based on the 5G user plane functional entity when running
Specifically, the processor executes the following steps when the program runs: receiving a plurality of service requests from an external data network, wherein each service request is used for requesting to access one virtual machine instance in a user plane functional entity; dividing a plurality of service requests into a first type of service requests and a second type of service requests according to the virtual machine instance requested to be accessed by each service request; the method comprises the steps that a first type of service request is forwarded to a virtual machine instance requested to be accessed by the first type of service request from an external data network through a hot-plugging virtual network card, wherein the virtual network card is configured with a public network IP address corresponding to the external data network; and forwarding the second type of service request to the virtual machine instance requested to be accessed by the second type of service request from the external data network through the router instance, wherein the router instance is used for carrying out port forwarding according to the network address translation technology.
The above-mentioned serial numbers of the embodiments of the present application are merely for description and do not represent the merits of the embodiments.
In the above embodiments of the present application, the descriptions of the respective embodiments have respective emphasis, and for parts that are not described in detail in a certain embodiment, reference may be made to related descriptions of other embodiments.
In the embodiments provided in the present application, it should be understood that the disclosed technology can be implemented in other ways. The above-described embodiments of the apparatus are merely illustrative, and for example, a division of a unit may be a division of a logic function, and an actual implementation may have another division, for example, a plurality of units or components may be combined or may be integrated into another system, or some features may be omitted, or may not be executed. In addition, the shown or discussed mutual coupling or direct coupling or communication connection may be an indirect coupling or communication connection through some interfaces, units or modules, and may be in an electrical or other form.
The units described as separate parts may or may not be physically separate, and parts displayed as units may or may not be physical units, may be located in one place, or may be distributed on a plurality of units. Some or all of the units can be selected according to actual needs to achieve the purpose of the solution of the embodiment.
In addition, functional units in the embodiments of the present application may be integrated into one processing unit, or each unit may exist alone physically, or two or more units are integrated into one unit. The integrated unit can be realized in a form of hardware, and can also be realized in a form of a software functional unit.
The integrated unit, if implemented in the form of a software functional unit and sold or used as a stand-alone product, may be stored in a computer readable storage medium. Based on such understanding, the technical solution of the present application may be substantially implemented or contributed to by the prior art, or all or part of the technical solution may be embodied in a software product, which is stored in a storage medium and includes instructions for causing a computer device (which may be a personal computer, a server, or a network device) to execute all or part of the steps of the method of the embodiments of the present application. And the aforementioned storage medium includes: a U-disk, a Read-Only Memory (ROM), a Random Access Memory (RAM), a removable hard disk, a magnetic or optical disk, and other various media capable of storing program codes.
The foregoing is only a preferred embodiment of the present application and it should be noted that those skilled in the art can make several improvements and modifications without departing from the principle of the present application, and these improvements and modifications should also be considered as the protection scope of the present application.

Claims (10)

1. A data forwarding method based on a 5G user plane functional entity is characterized by comprising the following steps:
receiving a plurality of service requests from an external data network, wherein each service request is used for requesting to access one virtual machine instance in a user plane functional entity;
dividing the service requests into a first type of service requests and a second type of service requests according to the virtual machine instance requested to be accessed by each service request;
forwarding the first type of service request to a virtual machine instance requested to be accessed by the first type of service request from the external data network through a hot-plug virtual network card, wherein the virtual network card is configured with a public network IP address corresponding to the external data network;
and forwarding the second type of service request to the virtual machine instance requested to be accessed by the second type of service request from the external data network through a router instance, wherein the router instance is used for carrying out port forwarding according to a network address translation technology.
2. The data forwarding method of claim 1, wherein before the dividing the plurality of service requests into a first class of service requests and a second class of service requests, the method further comprises:
determining a first number of virtual machine instances requested to be accessed by the plurality of service requests, determining a second number of available public network IP addresses in a public network IP address resource pool corresponding to the external data network, and comparing the first number with the second number;
if the first number is smaller than the second number, binding one available public network IP address for each virtual machine instance, and forwarding each service request from the external data network to the virtual machine instance requested to be accessed by each service request directly based on the available public network IP address;
if the first number is larger than the second number, the plurality of service requests are triggered to be divided into the first type of service requests and the second type of service requests.
3. The data forwarding method of claim 1, wherein forwarding the first type of service request from the external data network to the virtual machine instance requested to be accessed by the first type of service request through a hot-plug virtual network card comprises:
determining a target public network IP address from a public network IP address resource pool corresponding to the external data network;
calling the virtual network card at a target node through an application program interface, and binding the target public network IP address for the virtual network card;
forwarding the first type of service request to the virtual machine instance requested to be accessed by the first type of service request from the external data network through the virtual network card;
and releasing the target public network IP address back to the public network IP address resource pool, and deleting the virtual network card.
4. The data forwarding method of claim 1, wherein forwarding the second type of service request from the external data network to the virtual machine instance requested to be accessed by the second type of service request through a router instance comprises:
transmitting the second type of service request to an entity switch through the external data network, transmitting the second type of service request to an entity network card through the entity switch, transmitting the second type of service request to a virtual bridge connected with a virtual switch port corresponding to the entity network card through the entity network card, and transmitting the second type of service request to the router instance associated with the virtual bridge through the virtual bridge;
and according to rules recorded by a network address translation table in an IP data packet filtering system configured in the router instance, forwarding control is carried out on the second type of service request, and the second type of service request is forwarded to the virtual machine instance requested to be accessed by the second type of service request.
5. The data forwarding method according to claim 3, wherein the network address translation table stores a mapping relationship between the public network IP address and a port of the virtual machine instance, and performs forwarding control on the second type of service request according to a rule recorded in a network address translation table in an IP packet filtering system configured in the router instance, the method comprising:
and determining a target port corresponding to the second type of service request according to the public network IP address corresponding to the second type of service request and the mapping relation, and forwarding the second type of service request to the target port, wherein the target port is a port of a virtual machine instance requested to be accessed by the second type of service request, and the virtual machine instance feeds back service data through the target port.
6. The data forwarding method of claim 1, wherein the method further comprises:
forwarding, by the router instance, a third service request in the virtual machine instance to the external data network, wherein the third service request is for requesting access to the external data network.
7. The data forwarding method of claim 6, wherein forwarding, by the router instance, the third service request in the virtual machine instance to the external data network comprises:
transmitting, by a first virtual bridge directly connected to the virtual machine instance, the third service request from the virtual machine instance to a private network segment interface of the router instance connected to the first virtual bridge;
routing the third service request to a second virtual bridge connected to the router instance through an external interface of the router instance;
and transmitting the third service request to an entity network card through a port of a virtual switch directly connected with the second virtual network bridge, transmitting the third service request to the entity switch through the entity network card, and transmitting the third service request to the external data network through the entity switch.
8. A data forwarding device based on a 5G user plane functional entity is characterized by comprising:
the system comprises a receiving module, a processing module and a processing module, wherein the receiving module is used for receiving a plurality of service requests from an external data network, and each service request is used for requesting to access one virtual machine instance in a user plane functional entity;
the dividing module is used for dividing the service requests into a first class of service requests and a second class of service requests according to the virtual machine instance requested to be accessed by each service request;
the first forwarding module is used for forwarding the first type of service request to a virtual machine instance requested to be accessed by the first type of service request from the external data network through a hot-plug virtual network card, wherein the virtual network card is configured with a public network IP address corresponding to the external data network;
and the second forwarding module is used for forwarding the second type of service request to the virtual machine instance requested to be accessed by the second type of service request from the external data network through a router instance, wherein the router instance is used for carrying out port forwarding according to a network address translation technology.
9. A non-volatile storage medium, comprising a stored program, wherein when the program runs, a device in which the non-volatile storage medium is located is controlled to execute the data forwarding method according to any one of claims 1 to 7.
10. A processor, characterized in that the processor is configured to execute a program, wherein the program executes the data forwarding method according to any one of claims 1 to 7.
CN202110814602.0A 2021-07-19 2021-07-19 Data forwarding method and device based on 5G user plane functional entity Pending CN113542421A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202110814602.0A CN113542421A (en) 2021-07-19 2021-07-19 Data forwarding method and device based on 5G user plane functional entity

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202110814602.0A CN113542421A (en) 2021-07-19 2021-07-19 Data forwarding method and device based on 5G user plane functional entity

Publications (1)

Publication Number Publication Date
CN113542421A true CN113542421A (en) 2021-10-22

Family

ID=78128754

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202110814602.0A Pending CN113542421A (en) 2021-07-19 2021-07-19 Data forwarding method and device based on 5G user plane functional entity

Country Status (1)

Country Link
CN (1) CN113542421A (en)

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN114546498A (en) * 2021-12-31 2022-05-27 广州芯德通信科技股份有限公司 Method, system and platform for processing abnormal starting based on optical transmitter and receiver
CN115842697A (en) * 2023-02-01 2023-03-24 阿里巴巴(中国)有限公司 Access control method of private network, control method of virtual reality equipment and equipment

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN114546498A (en) * 2021-12-31 2022-05-27 广州芯德通信科技股份有限公司 Method, system and platform for processing abnormal starting based on optical transmitter and receiver
CN115842697A (en) * 2023-02-01 2023-03-24 阿里巴巴(中国)有限公司 Access control method of private network, control method of virtual reality equipment and equipment
CN115842697B (en) * 2023-02-01 2023-05-23 阿里巴巴(中国)有限公司 Access control method of private network, control method of virtual reality equipment and equipment

Similar Documents

Publication Publication Date Title
JP7701343B2 (en) Virtual private cloud communication and configuration method and related apparatus
US6609153B1 (en) Domain isolation through virtual network machines
CN112470436A (en) Multi-cloud connectivity using SRV6 and BGP
US8717884B2 (en) Address-sharing system
CN109379450B (en) Network interface interaction management method and device, computer equipment and storage medium
CN107342895A (en) A kind of network optimized approach of multi-tenant, system, computing device and storage medium
CN105577632A (en) A secure network connection method and terminal based on network isolation
WO2024113895A1 (en) Load balancing method, apparatus and system, system creation method, and device and medium
CN107181812A (en) One kind accelerates agent equipment, accelerates Proxy Method and a kind of Content Management System
CN113014680B (en) Broadband access method, device, equipment and storage medium
CN113542421A (en) Data forwarding method and device based on 5G user plane functional entity
WO2023016248A1 (en) Method for intercommunication between data centre cloud network and operator network, and communication apparatus
CN114448937A (en) Method and device for responding to access request, and storage medium
CN111654559B (en) Container data transmission method and device
CN107995326B (en) A method and device for managing a container network
WO2014201600A1 (en) Session management method, address management method and relevant device
CN117632353A (en) A virtual instance creation method and cloud management platform based on cloud computing technology
CN111885044A (en) Method, device, equipment and storage medium for configuring multiple network cards of cloud host
CN109450768B (en) Container interconnection method and system for container interconnection
CN115865921A (en) Method, system, storage medium and electronic device for constructing container network
CN112003794B (en) Floating IP current limiting method, system, terminal and storage medium
CN117295047A (en) Communication method and device
CN107634907A (en) A kind of two-layer virtual private network L2VPN data forwarding method and device
CN113852991B (en) Data forwarding method and device of 5G user plane functional entity and electronic equipment
WO2024037619A1 (en) Cloud computing technology-based virtual instance creation method and cloud management platform

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination