公开(公告)号：US20240275740A1

公开(公告)日：2024-08-15

申请号：US18598357

申请日：2024-03-07

Applicant: Huawei Technologies Co., Ltd.

Inventor： Huichun Qu ,  Jun Qiu ,  Xueping Wu ,  Jinbin Zhang ,  Pei Wu

IPC: H04L49/00 ,  H04L49/104

CPC classification number: H04L49/3036 ,  H04L49/107

Abstract: A remote direct memory access (RDMA) data transmission system includes a first network device in a first host and a second network device in a second host. The first network device may create a shared send queue (SSQ) used by a plurality of processes run by the first host, obtain an RDMA data transmission message of a first process from the SSQ, and encapsulate a first identifier corresponding to the first process into a first packet in which the RDMA data transmission message is encapsulated. The second network device is configured to encapsulate the first identifier into a second packet in which a feedback message is encapsulated.

公开(公告)号：US20150106913A1

公开(公告)日：2015-04-16

申请号：US14575592

申请日：2014-12-18

Applicant: Huawei Technologies Co., Ltd.

Inventor： Yuchen Wang ,  Xueping Wu

IPC: H04L29/06 ,  H04L12/46

CPC classification number: H04L63/0236 ,  H04L12/4625 ,  H04L63/0209 ,  H04L63/0272

Abstract: A method, an apparatus, a host, and a network system for processing a packet. The method includes receiving, by a physical host through a virtual bridge in the physical host, a network packet sent by a source virtual machine in the physical host, where the network packet carries a source media access control (MAC) address and a target MAC address; obtaining, by the physical host according to the source MAC address and the target MAC address by querying correspondence between each virtual machine MAC address and a security domain, a security domain to which the source virtual machine corresponds and a security domain to which a target virtual machine corresponds; and controlling, by the physical host, the virtual bridge to discard the network packet, when the security domain to which the source virtual machine corresponds is different from a security domain corresponding to the virtual bridge.

Abstract translation: 一种用于处理分组的方法，装置，主机和网络系统。 该方法包括由物理主机通过物理主机中的虚拟桥接收由物理主机中的源虚拟机发送的网络分组，其中网络分组携带源媒体访问控制（MAC）地址和目标MAC 地址; 通过查询每个虚拟机MAC地址和安全域之间的对应关系，通过物理主机根据源MAC地址和目标MAC地址获取源虚拟机对应的安全域和目标虚拟机 机对应; 并且当虚拟虚拟机所对应的安全域与对应于虚拟桥的安全域不同时，由物理主机控制虚拟网桥以丢弃网络分组。

公开(公告)号：US09634991B2

公开(公告)日：2017-04-25

申请号：US14575592

申请日：2014-12-18

Applicant: Huawei Technologies Co., Ltd.

Inventor： Yuchen Wang ,  Xueping Wu

IPC: H04L29/06 ,  H04L12/46

CPC classification number: H04L63/0236 ,  H04L12/4625 ,  H04L63/0209 ,  H04L63/0272

Abstract: A method, an apparatus, a host, and a network system for processing a packet. The method includes receiving, by a physical host through a virtual bridge in the physical host, a network packet sent by a source virtual machine in the physical host, where the network packet carries a source media access control (MAC) address and a target MAC address; obtaining, by the physical host according to the source MAC address and the target MAC address by querying correspondence between each virtual machine MAC address and a security domain, a security domain to which the source virtual machine corresponds and a security domain to which a target virtual machine corresponds; and controlling, by the physical host, the virtual bridge to discard the network packet, when the security domain to which the source virtual machine corresponds is different from a security domain corresponding to the virtual bridge.