System and method for routing network frames between virtual machines

US 10,341,263 B2
Filed: 06/27/2016
Issued: 07/02/2019
Est. Priority Date: 12/10/2012
Status: Active Grant

First Claim

Patent Images

1. A method of routing network frames between virtual machines on a common physical server comprising a plurality of central processing units (CPUs), the method comprising:

associating a virtual machine-to-virtual machine (VM-to-VM) switch embedded in a network interface card (NIC) with a physical port of the NIC;

establishing two or more virtual ports of the VM-to-VM switch;

associating at least one virtual machine (VM) of a first CPU with a first one of the virtual ports of the VM-to-VM switch and associating at least one virtual machine (VM) of a second CPU with a second one of the virtual ports of the VM-to-VM switch, wherein the first CPU and the second CPU are on a common physical server;

receiving network frames from the physical port of the NIC and from the virtual ports of the VM-to-VM switch, wherein the network frames comprise a Quality of Service (QoS) written into an Internet Protocol (IP) packet header of the network frames, wherein the QoS identifies a routing path for the network frames;

reading, at the VM-to-VM switch, the QoS written in the IP packet header of the network frames to determine if the QoS of the network frames is consistent with a QoS assigned to the network frames by a user configuration module;

modifying the QoS of the network frames by rewriting the QoS in the IP packet header of the network frames, using hardware in the VM-to-VM switch, to be consistent with the QoS assigned to the network frames by the user configuration module if it is determined that the QoS of the network frames is not consistent with the QoS assigned to the network frames by the user configuration module; and

routing network frames between the VMs associated with the virtual ports through the VM-to-VM switch based upon the QoS modified by the VM-to-VM switch.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

VM-to-VM switching is an enhancement to Ethernet card technology that enables virtual machines on the same hardware server platform to switch Ethernet Frames (or IP Packets) directly without exiting the server or using a slower and bandwidth limited software process in the hypervisor. The method does not require new network switch hardware. The invention creates a unique switching ability that allows users to modify parameters applied to Ethernet Frames passing between Virtual Machines, such as quality of service or firewall rules without adding considerable latency to the switching process. The hardware switching method enriches the functionality of the Ethernet Card and permits more advanced switching architectures in servers and thus increases density of VMs and reduces complexity of planning the location of virtual machines in a virtualized infrastructure.

46 Citations

View as Search Results

20 Claims

1. A method of routing network frames between virtual machines on a common physical server comprising a plurality of central processing units (CPUs), the method comprising:
- associating a virtual machine-to-virtual machine (VM-to-VM) switch embedded in a network interface card (NIC) with a physical port of the NIC;
  
  establishing two or more virtual ports of the VM-to-VM switch;
  
  associating at least one virtual machine (VM) of a first CPU with a first one of the virtual ports of the VM-to-VM switch and associating at least one virtual machine (VM) of a second CPU with a second one of the virtual ports of the VM-to-VM switch, wherein the first CPU and the second CPU are on a common physical server;
  
  receiving network frames from the physical port of the NIC and from the virtual ports of the VM-to-VM switch, wherein the network frames comprise a Quality of Service (QoS) written into an Internet Protocol (IP) packet header of the network frames, wherein the QoS identifies a routing path for the network frames;
  
  reading, at the VM-to-VM switch, the QoS written in the IP packet header of the network frames to determine if the QoS of the network frames is consistent with a QoS assigned to the network frames by a user configuration module;
  
  modifying the QoS of the network frames by rewriting the QoS in the IP packet header of the network frames, using hardware in the VM-to-VM switch, to be consistent with the QoS assigned to the network frames by the user configuration module if it is determined that the QoS of the network frames is not consistent with the QoS assigned to the network frames by the user configuration module; and
  
  routing network frames between the VMs associated with the virtual ports through the VM-to-VM switch based upon the QoS modified by the VM-to-VM switch.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13)
- - 2. The method of claim 1, wherein associating the one VM with each of the virtual ports of the VM-to-VM switch further comprises storing the association between the VMs and the virtual ports of the VM-to-VM switch in a look-up table.
  - 3. The method of claim 1, wherein associating one VM with each of the virtual ports of the VM-to-VM switch further comprises:
    - identifying a virtual media access control (vMAC) address of each VM; and
      
      associating the vMAC address of the VM with one of the virtual ports of the VM-to-VM switch.
  - 4. The method of claim 1, wherein routing network frames between the VMs associated with the virtual ports through the VM-to-VM switch further comprises:
    - storing the association between the VMs and the virtual ports of the VM-to-V switch in a look-up table;
      
      receiving a network frame originating from a source VM, at the VM-to-VM switch, the network frame identifying a destination VM;
      
      accessing the look-up table to identify the virtual port associated with the destination VM; and
      
      routing the network frame to the destination VM through the VM-to-VM switch.
  - 5. The method of claim 1, wherein the VM-to-VM Switch is a single root I/O virtualization (SR-IOV) enabled switch.
  - 6. The method of claim 1, wherein the VM-to-VM switch is a single root I/O virtualization (SR-IOV) enabled switch, and associating one VM with each of the virtual ports of the VM-to-VM switch further comprises:
    - assigning a virtual Media Access Control (vMAC) address to the VM;
      
      associating the assigned vMAC addresses with a Virtual Function (VF) associated with the Physical Function (PF) of the SR-IOV enabled switch; and
      
      storing the assigned vMAC address and the associated VF in a look-up table.
  - 7. The method of claim 3, wherein the VM-to-VM switch is a single root I/O virtualization (SR-IOV) enabled switch and wherein each vMAC address includes an Organizationally Unique Identifier (OUI) identifying a Physical Function (PF) of the SR-IOV enabled switch.
  - 8. The method of claim 1, wherein the VM-to-VM switch is a single root I/O virtualization (SR-IOV) enabled switch and routing network frames between the VMs associated with the virtual ports through the VM-to-VM switch further comprises:
    - receiving a network frame originating from a source VM, the network frame including a vMAC address of the source VM and a vMAC address of the destination VM, wherein each vMAC address includes an Organizationally Unique Identifier (OUI) identifying a Physical Function (PF) of the SR-IOV enabled switch;
      
      comparing the vMAC address of the source VM and the vMAC address of the destination VM of the network frame;
      
      if the OUI of the vMAC address of the source VM is equal to the OUI of the vMAC address of the destination VM of the network frame, using the vMAC address of the destination VM to identify the VF associated with the destination VM; and
      
      routing the network frame to the VF associated with the destination VM.
  - 9. The method of claim 1, further comprising prioritizing the network frames prior to routing the network frames.
  - 10. The method of claim 1, further comprising assigning security, features to the network frames using the VM-to-VM switch.
  - 11. The method of claim 1, further comprising monitoring the network frames using the VM-to-VM switch.
  - 12. The method of claim 1, wherein the VMs associated with the virtual ports are located on different virtual local area networks (VLANs), the method further comprising utilizing a router protocol of the VM-to-VM switch to route the network frames between the VMs associated with the virtual ports.
  - 13. The method of claim 1, further comprising:
    - intercepting a network frame between a source VM and a destination VM;
      
      identifying the virtual local network identification (VLAN ID) of the source VM within the intercepted network frame;
      
      rewriting the VLAN ID of the source VM in the intercepted network frame to the VIAND of the destination VM; and
      
      routing the intercepted network frame from the source VM to the destination VM.

14. A virtual machine-to-virtual machine (VM-to-VM) switch embedded in a network interface card (NIC), the switch comprising:
- initialization circuitry configured for associating the virtual machine-to-virtual machine (VM-to-VM) switch with a physical port of the NIC, for establishing two or more virtual ports of the VM-to-VM switch and for associating at least one virtual machine (VM) of a first CPU with a first one of the virtual ports of the VM-to-VM switch and associating at least one virtual machine (VM) of a second CPU with a second one of the virtual ports of the VM-to-VM switch, wherein the first CPU and the second CPU are on a common physical server;
  
  receiving circuitry configured for receiving network frames from the physical port of the NIC and from the virtual ports of the VM-to-VM switch, wherein the network frames comprise a Quality of Service (QoS) written into an Internet Protocol (IP) header of the network frames, wherein the QoS identifies a routing path for the network frames;
  
  circuitry configured for reading the QoS written in the IP packet header of the network frames to determine if the QoS of the network frames is consistent with a QoS assigned to the network frames by a user configuration module;
  
  circuitry configured for modifying the QoS of the network frames by rewriting the QoS in the IP packet header of the network frames, using hardware in the VM-to-VM switch, to be consistent with the QoS assigned to the network frames by the user configuration module if it is determined that the QoS of the network frames is not consistent with the QoS assigned to the network frames by the user configuration module; and
  
  routing circuitry configured for routing network frames between the VMs associated with the virtual ports through the VM-to-VM switch based upon the QoS modified by the circuitry of the VM-to-VM switch.
- View Dependent Claims (15, 16, 17, 18, 19)
- - 15. The VM-to-VM switch of claim 14, wherein the initialization circuitry is further configured for identifying a virtual media access control (vMAC) address of each VM and for associating the vMAC address of the VM with one of the virtual ports of the VM-to-VM switch.
  - 16. The VM-to-VM switch of claim 14, wherein the routing circuitry is further configured for receiving a network frame originating from a source VM, at the VM-to-VM switch, the network frame identifying a destination VM, and for accessing the look-up table to identify the virtual port associated with the destination VM and routing the network frame to the destination VM through the VM-to-VM switch.
  - 17. The VM-to-VM switch of claim 14, wherein the VM-to-VM switch is a single root I/O virtualization (SR-IOV) enabled switch and the initialization circuitry is further configured for assigning a virtual Media Access Control (vMAC) address to the VM, for associating the assigned vMAC addresses with a Virtual Function (VF) associated with the Physical Function (PF) of the SR-IOV enabled switch and for storing the assigned vMAC address and the associated VF in a look-up table.
  - 18. The VM-to-VM switch of claim 17, wherein the VM-to-VM switch is a single root I/O virtualization (SR-IOV) switch and wherein each vMAC address includes an Organizationally Unique Identifier (OUI) identifying a Physical Function (PF) of the SR-IOV enabled switch.
  - 19. The VM-to-VM switch of claim 15, wherein the VM-to-VM switch is an SR-IOV enabled switch and the routing circuitry is further configured for receiving a network frame originating from a source VM, the network frame including a vMAC address of the source VM and a vMAC address of the destination VM, wherein each vMAC address includes an Organizationally Unique Identifier (OUI) identifying a Physical Function (PF) of the SR-IOV enabled switch, for comparing the vMAC address of the source VM and the vMAC address of the destination VM of the network frame and if the OUI of the vMAC address of the source VM is equal to the OUI of the vMAC address of the destination VM of the network frame, using the vMAC address of the destination VM to identify the VF associated with the destination VM and for routing the network frame to the VF associated with the destination VM.

20. A method of routing network frames between virtual machines on a common physical server comprising a plurality of central processing units (CPUs), the method embodied in software embedded in a non-transitory software medium operable on a network interface card (NIC), the method comprising:
- associating a virtual machine-to-virtual machine (VM-to-VM) switch embedded in a network interface card (NIC) with a physical port of the NIC;
  
  establishing two or more virtual ports of the VM-to-VM switch;
  
  associating at least one virtual machine (VM) of a first CPU with a first one of the virtual ports of the VM-to-VM switch and associating at least one virtual machine (VM) of a second CPU with a second one of the virtual ports of the VM-to-VM switch, wherein the first CPU and the second CPU are on a common physical server;
  
  receiving network frames from the physical port of the NIC and from the virtual ports of the VM-to-VM switch, wherein the network frames comprise a Quality of Service (QoS) written into an Internet Protocol (IP) packet header of the network frames, wherein the QoS identifies a routing path for the network frames;
  
  reading, at the VM-to-VM switch, the QoS written in the IP packet header of the network frames to determine if the QoS of the network frames is consistent with a QoS assigned to the network frames by a user configuration module;
  
  modifying the QoS of the network frames by rewriting the QoS in the IP packet header of the network frames, using hardware in the VM-to-VM switch, to be consistent with the QoS assigned to the network frames by the user configuration module if it is determined that the QoS of the network frames is not consistent with the QoS assigned to the network frames by the user configuration module; and
  
  routing network frames between the VMs associated with the virtual ports through the VM-to-VM switch based upon the QoS modified by the VM-to-VM switch.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
University of Central Florida Research Foundation Inc. (State University System of Florida)
Original Assignee
University of Central Florida Research Foundation Inc. (State University System of Florida)
Inventors
Zou, Changchun, Bardgett, Jim
Primary Examiner(s)
Dascomb, Jacob D

Application Number

US15/193,772
Publication Number

US 20160350151A1
Time in Patent Office

1,100 Days
Field of Search
US Class Current
CPC Class Codes

G06F 2009/45575   Starting, stopping, suspend...

G06F 2009/45579   I/O management, e.g. provid...

G06F 2009/45595   Network integration; Enabli...

G06F 9/45558   Hypervisor-specific managem...

H04L 45/302   Route determination based o...

H04L 45/586   of virtual routers

H04L 45/745   Address table lookup; Addre...

H04L 49/70   Virtual switches

H04L 67/61   taking into account QoS or ...

System and method for routing network frames between virtual machines

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

46 Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

System and method for routing network frames between virtual machines

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

46 Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links