33 results about "Private VLAN" patented technology

A method for creating a set of virtual machines on a public datacenter. The method, from a first network controller of a private network, commands a second network controller of the public datacenter to create the virtual machines. The method, from the first network controller of the private network, communicates with the second network controller of the public datacenter to determine a type of the second network controller. When the first network controller includes instructions for using application programming interfaces (APIs) of the type of the second network controller, the method uses the APIs to set up a VLAN for the set of virtual machines in order to allow the virtual machines of the set of virtual machines to communicate securely with each other without sending the communications through the private network. In some embodiments, the VLAN is a private VLAN (PVLAN).

A Multicast Listener Discovery (MLD) protocol query and/or report snooping process is modified to appropriately map secondary PVLAN identifiers to corresponding primary PVLAN identifiers, thereby accommodating other system elements that are otherwise unaware of primary/secondary PVLAN distinctions. Special cases are also accommodated where reverse path forwarding (RPF) checks in support of multicast operation might otherwise fail due to primary/secondary PVLAN distinctions. Additional steps are taken to ensure that PVLAN information properly accounts for changes in configuration and/or location of various network hosts.

A PVLAN having a primary and secondary VLAN's where the primary and secondary VLAN's have ports and the users connected to those ports. The MAC addresses of those users are learned in the primary or the secondary VLAN's and together with the port designation are stored preferably in tables associated with the VLAN's and the associated VLAN's. Processes are provided that replicate the tables in the other VLAN's so that the information necessary to transfer packets between source and destination ports is available to the associated VLAN's.

The invention uses a layer 2 switch (L2 switch), or bridge, to separate user's message traffic by use of Virtual Local Area Networks (VLANs) defined within the switch. Three new types of ports are defined, “promiscuous” ports “isolated” ports, and “community” ports. Three types of VLANs internal to the switch are defined, “primary” VLANs, “isolated” VLANs and “community” VLANs. The promiscuous ports are connected to layer 3 or layer 4 devices. Isolated ports and community ports are connected to individual user's servers, etc., and maintain traffic for each user separate from other users. The primary VLAN connects to all promiscuous ports, to all isolated ports, and to all community ports. The primary VLAN is a one way connection from promiscuous ports to isolated or community ports. An isolated VLAN connects to all promiscuous ports and to all isolated ports. The isolated VLAN is a one way connection from an isolated port to the promiscuous ports. A community VLAN is defined as connecting to a group of community ports, and also connecting to all of the promiscuous ports. The group of community ports is referred to as a “community” of community ports. A community VLAN is a one way connection from a community of ports to the promiscuous ports, but allows a packet received by one community port to be transmitted out of the switch, through the other community ports connected to that community VLAN.

The invention provides a method for testing the stability of a switch. The method specifically comprises the following steps of: interconnecting a front port and a tail port of the switch with two communication ports of a network tester respectively, and interconnecting each port of the switch in a serpentine networking way; configuring a corresponding untagged virtual local area network (VLAN) and a port attribute Pvlan on the switch, wherein the untagged VLAN is a VLAN without tags, and the Pvlan is a private VLAN; and transmitting test traffic from one port to the other port of the network tester. Compared with the prior art, the method for testing the stability of the switch has the advantages that a piece of test traffic sequentially flows through all the ports of the switch instantly in a serpentine way to achieve a full load effect, test work is simpler and easier, and the method is easy to popularize and use.

One embodiment of the present invention provides a switch. During operation, in a network with a private VLAN configuration, the switch allows a congestion notification message with an isolated virtual local area network identifier (VLAN ID) to be forwarded via an isolated VLAN port.

The invention discloses a method and a device for private VLAN (virtual local area network) information management. The method and the device are applied to a QinQ network, and a core switching device maintains private VLAN table entries according to private VLAN information carried in exchanged messages by exchanging query messages and report messages related to the private VLAN information between an access switching device and the core switching device. Compared with the prior art, the method and the device have the advantage that VLAN configuration operations of QinQ on the core switching device are decreased.

The invention provides a method and a device for allocating network resources of virtual machines. The method comprises that a first physical host receives virtual information resource request messages sent by a user, and the virtual machine resource request messages are used for requesting for allocating network resources of at least one virtual machine; the first physical host allocates private virtual local area network (VLAN) resources for the user in a private VLAN resource pool of the first physical host if the virtual machine resource request messages request for allocating network resources of one virtual machine, and the private VLAN resources are used for separating the virtual machine in two-layer networks; and if the virtual machine resource request messages request for allocating network resources of at least two virtual machines, the first physical host allocates community VLAN resources for the user in a community VLAN resource pool of the first physical host, and the community VLAN resources are used for being communicated with the virtual machine in the two-layer networks. A great many user demands are met through the method and the device.

The invention discloses a block-box testing case design method based on combination with a basic path method. The method comprises the following steps: S1, according to a chip manual, an internal process flow of a private VIAN of the chip is found out; S2, an internal process flow chart of the private VIAN is drawn; S3, with a basic path method of a white-box testing method, independent path branches of the internal process flow chart of the private VIAN are listed, all independent path branches and a main path form N independent paths, and each independent path in the flow chart is executed at least once; and S4, according to the N independent paths, parameters of a data sending instrument and a data forwarding instrument are set one path by one path, the data sending instrument sends data to the data forwarding instrument successively, and a result of data processing by the data forwarding instruction when the corresponding independent path is executed is obtained. According to the method, the obtained case is close to internal implementation of the product; and the minimized testing efficiency can be realized by using minimal cases.

The invention provides an implementation method of a chip of PVLAN (Private VLAN) in a stacked mode. The implementation method of a chip of PVLAN in a stacking mode is characterized by distributing corresponding VLANS for ports of a stacked chip; setting VLAN filtering rules for the in direction and the out direction for the ports participating PVLAN; and after the chip receives a massage, processing the message according to the VLAN filtering rules on the out port. The implementation method of a chip of PVLAN in a stacked mode greatly expands the application range of the PVLAN technology so as to enable application of PVLAN to be more flexible and efficient.