Multiple levels of logical routers

US 9,647,883 B2
Filed: 03/21/2014
Issued: 05/09/2017
Est. Priority Date: 03/21/2014
Status: Active Grant

First Claim

Patent Images

1. For a network controller that manages a plurality of managed forwarding elements in a multi-tenant datacenter in which a first logical router for a logical network of a tenant is implemented across a set of the managed forwarding elements, a method comprising:

receiving configuration data from the tenant for the first logical router that specifies (i) a plurality of logical ports of the first logical router, each of the logical ports associated with a particular subnet, and (ii) a connection of the first logical router to a second logical router that is configured by an operator of the multi-tenant datacenter, separately from the first logical router being configured by the tenant;

for the first logical router, automatically generating a connected route for each of the logical ports, wherein a particular connected route for a particular logical port specifies to logically route packets with destination addresses in the particular subnet associated with the particular logical port to the particular logical port;

converting a set of input routes that comprises (i) the automatically generated connected routes and (ii) additional routes for the first logical router to a set of output routes for distribution to the set of managed forwarding elements that implement the logical network of the tenant, wherein the additional routes comprise a default route for the first logical router and at least one dynamic route from the second logical router; and

when the network controller is a master controller of the second logical router, dynamically propagating the connected routes to the second logical router as dynamic routes that specify to logically route packets with destination addresses in any of the particular subnets to the logical port of the first logical router that connects to the second logical router,wherein the receiving, the generating, the converting, and the dynamically propagating are performed by the network controller.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Some embodiments provide a managed network for implementing a logical network for a tenant. The managed network includes a first set of host machines and a second set of host machines. The first set of host machines is for hosting virtual machines (VMs) for the logical network. Each of the first set of host machines operates a managed forwarding element that implements a first logical router for the tenant logical network and a second logical router to which the first logical router connects. The implementation of the second logical router is for processing packets entering and exiting the tenant logical network. The second set of host machines is for hosting L3 gateways for the second logical router. The L3 gateways connect the tenant logical network to at least one external network.

262 Citations

22 Claims

1. For a network controller that manages a plurality of managed forwarding elements in a multi-tenant datacenter in which a first logical router for a logical network of a tenant is implemented across a set of the managed forwarding elements, a method comprising:
- receiving configuration data from the tenant for the first logical router that specifies (i) a plurality of logical ports of the first logical router, each of the logical ports associated with a particular subnet, and (ii) a connection of the first logical router to a second logical router that is configured by an operator of the multi-tenant datacenter, separately from the first logical router being configured by the tenant;
  
  for the first logical router, automatically generating a connected route for each of the logical ports, wherein a particular connected route for a particular logical port specifies to logically route packets with destination addresses in the particular subnet associated with the particular logical port to the particular logical port;
  
  converting a set of input routes that comprises (i) the automatically generated connected routes and (ii) additional routes for the first logical router to a set of output routes for distribution to the set of managed forwarding elements that implement the logical network of the tenant, wherein the additional routes comprise a default route for the first logical router and at least one dynamic route from the second logical router; and
  
  when the network controller is a master controller of the second logical router, dynamically propagating the connected routes to the second logical router as dynamic routes that specify to logically route packets with destination addresses in any of the particular subnets to the logical port of the first logical router that connects to the second logical router,wherein the receiving, the generating, the converting, and the dynamically propagating are performed by the network controller.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
- - 2. The method of claim 1, wherein the set of managed forwarding elements is a first set, the method further comprising, when the network controller is a master controller of the second logical router:
    - generating data for distribution to a second set of managed forwarding elements to provision the managed forwarding elements in the second set to implement the second logical router, including the dynamic routes propagated to the second logical router by the network controller; and
      
      generating data for distribution to at least one host machine that operates a L3 gateway for the second logical router, the L3 gateway for handling traffic entering and exiting the datacenter.
  - 3. The method of claim 2 further comprising generating data for distribution to the first set of managed forwarding elements to implement the first logical router based on the set of output routes.
  - 4. The method of claim 1 further comprising dynamically generating the default route for the first logical router, the default route to logically route all packets that do not match one of the connected routes or dynamic routes to the second logical router.
  - 5. The method of claim 1, wherein the second logical router is for processing packets entering and exiting the tenant logical network.
  - 6. The method of claim 1, wherein the first and second logical routers are different types of logical routers with different properties.
  - 7. The method of claim 6, wherein the first logical router is a first type and the second logical router is a second type, wherein logical routers of the first type are only allowed to connect to one logical router of the second type, while logical routers of the second type connect to multiple logical routers of the first type.
  - 8. The method of claim 7, wherein logical routers of the first type are prevented from connecting with each other.

9. A non-transitory machine readable medium storing a network controller program for execution by at least one processing unit of a network controller computer that manages a plurality of managed forwarding elements in a multi-tenant datacenter in which a first logical router for a logical network of a tenant is implemented across a set of the managed forwarding elements, the program comprising sets of instructions for:
- receiving configuration data for the first logical router that defines (i) a plurality of connected routes for a plurality of logical ports of the first logical router, each connected route for a particular logical port specifying to output packets with destination addresses in a particular subnet to the particular logical port, and (ii) a connection of the first logical router to a second logical router that is configured by an operator of the multi-tenant datacenter;
  
  when the network controller program is a master controller of the second logical router, dynamically propagating the connected routes to the second logical router as dynamic routes that specify to logically route packets with destination addresses in any of the particular subnets to the first logical router; and
  
  when the network controller program is a master controller of the first logical router;
  
  dynamically generating a dynamic default route for the first logical router to logically route all packets that do not match any other routes to the second logical router; and
  
  using a route processing engine executing at the network controller computer to convert a set of input routes that comprises (i) the automatically generated connected routes, (ii) the default route for the first logical router, and (iii) at least one dynamic route propagated from the second logical router to a set of output routes for distribution to the set of managed forwarding elements that implement the logical network of the tenant,wherein the receiving, the dynamically propagating, and the dynamically generating are performed by the network controller computer.
- View Dependent Claims (10, 11, 12, 13, 14)
- - 10. The non-transitory machine readable medium of claim 9, wherein the network controller program is a first network controller that shares the configuration data with a plurality of additional network controllers, wherein when the first network controller is not the master controller of the second logical router and a second network controller is the master controller of the second logical router, the second network controller dynamically propagates the connected routes to the second logical router as dynamic routes.
  - 11. The non-transitory machine readable medium of claim 9, wherein the network controller program is a first network controller that shares the configuration data with a plurality of additional network controllers, wherein when the first network controller is not the master controller of the first logical router and a second network controller is the master controller of the first logical router, the second network controller dynamically generates the dynamic default route for the first logical router and converts the set of input routes to the set of output routes.
  - 12. The non-transitory machine readable medium of claim 9, wherein the program is a table mapping engine that performs a plurality of database join operations to dynamically propagate the routes, wherein the route processing engine executes separately on the network controller computer.
  - 13. The non-transitory machine readable medium of claim 9, wherein the configuration data is received through an application programming interface of the network controller program.
  - 14. The non-transitory machine readable medium of claim 9, wherein the configuration data is received through a state sharing mechanism from another network controller.

15. A non-transitory machine readable medium storing a network controller program which when executed by at least one processing unit of a network controller computer manages a plurality of managed forwarding elements in a multi-tenant datacenter in which a first logical router for a logical network of a tenant is implemented across a set of the managed forwarding elements, the program comprising sets of instructions for:
- receiving configuration data from the tenant for the first logical router that specifies (i) a plurality of logical ports of the first logical router, each of the logical ports associated with a particular subnet, and (ii) a connection of the first logical router to a second logical router that is configured by an operator of the multi-tenant datacenter, separately from the first logical router being configured by the tenant;
  
  for the first logical router, automatically generating a connected route for each of the logical ports, wherein a particular connected route for a particular logical port specifies to logically route packets with destination addresses in the particular subnet associated with the particular logical port to the particular logical port;
  
  using a route processing engine executing at the network controller computer to convert a set of input routes that comprises (i) the automatically generated connected routes and (ii) additional routes for the first logical router to a set of output routes for distribution to the set of managed forwarding elements that implement the logical network of the tenant, wherein the additional routes comprise a default route for the first logical router and at least one dynamic route from the second logical router; and
  
  when the network controller program is a master controller of the second logical router, dynamically propagating the connected routes to the second logical router as dynamic routes that specify to logically route packets with destination addresses in any of the particular subnets to the first logical router,wherein the receiving, the generating, and the dynamically propagating are performed by the network controller computer.
- View Dependent Claims (16, 17, 18, 19, 20, 21, 22)
- - 16. The non-transitory machine readable medium of claim 15, wherein the set of managed forwarding elements is a first set, the program further comprising sets of instructions for, when the network controller program is a master controller of the second logical router:
    - generating data for distribution to a second set of managed forwarding elements to provision the managed forwarding elements in the second set to implement the second logical router, including the dynamic routes propagated to the second logical router; and
      
      generating data for distribution to at least one host machine that operates a L3 gateway for the second logical router, the L3 gateway for handling traffic entering and exiting the datacenter.
  - 17. The non-transitory machine readable medium of claim 16, wherein the program further comprises a set of instructions for generating data for distribution to the first set of managed forwarding elements to implement the first logical router based on the set of output routes.
  - 18. The non-transitory machine readable medium of claim 15, wherein the program further comprises a set of instructions for dynamically generating the default route for the first logical router, the default route to logically route all packets that do not match one of the connected routes or dynamic routes to the second logical router.
  - 19. The non-transitory machine readable medium of claim 15, wherein the second logical router is for processing packets entering and exiting the tenant logical network.
  - 20. The non-transitory machine readable medium of claim 15, wherein the first and second logical routers are different types of logical routers with different properties.
  - 21. The non-transitory machine readable medium of claim 20, wherein the first logical router is a first type and the second logical router is a second type, wherein logical routers of the first type are only allowed to connect to one logical router of the second type, while logical routers of the second type connect to multiple logical routers of the first type.
  - 22. The non-transitory machine readable medium of claim 21, wherein logical routers of the first type are prevented from connecting with each other.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Nicira Incorporated (Broadcom, Inc.)
Original Assignee
Nicria Incorporated
Inventors
Neginhal, Srinivas, Zhang, Ronghua
Primary Examiner(s)
Yao, Kwang B
Assistant Examiner(s)
Jeong, Moo Ryong

Application Number

US14/222,557
Publication Number

US 20150271303A1
Time in Patent Office

1,145 Days
Field of Search
US Class Current
CPC Class Codes

G06F 2009/45595   Network integration; Enabli...

H04L 12/28   characterised by path confi...

H04L 12/46   Interconnection of networks

H04L 41/08   Configuration management of...

H04L 41/0803   Configuration setting

H04L 41/0876   Aspects of the degree of co...

H04L 41/0879   Manual configuration throug...

H04L 41/0883   Semiautomatic configuration...

H04L 41/0886   Fully automatic configuration

H04L 41/0889   Techniques to speed-up the ...

H04L 41/0893   Assignment of logical group...

H04L 41/0894   Policy-based network config...

H04L 41/0895   Configuration of virtualise...

H04L 45/54   Organization of routing tables

H04L 45/566   Routing instructions carrie...

H04L 45/586   of virtual routers

H04L 45/74   Address processing for routing

H04L 49/70   Virtual switches

H04L 67/1097   for distributed storage of ...

H04L 69/22   Parsing or analysis of headers

Multiple levels of logical routers

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

262 Citations

22 Claims

Specification

Solutions

Use Cases

Quick Links

Multiple levels of logical routers

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

262 Citations

22 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links