Research on Network Isolate Method in Cloud Environment

This paper proposes a network isolation method for large-scale cloud environments. The method run an Envoy-based endpoint program to proxy all network traffic on a physical node. And by configuring a route discovery registration center to uniformly maintain the network meta information of all virtua...

Full description

Saved in:
Bibliographic Details
Published in:Journal of physics. Conference series 2020-05, Vol.1544 (1), p.12050
Main Authors: Lai, Xinming, Wang, Haitao, Jing, Zhao, Fan, Zhang, Chao, Zhao, Wu, Gang
Format: Article
Language:English
Subjects:
Broadcasting
Communications traffic
Virtual environments
Citations: Items that this one cites
Online Access:Get full text
Tags: Add Tag
No Tags, Be the first to tag this record!
Description
Summary:This paper proposes a network isolation method for large-scale cloud environments. The method run an Envoy-based endpoint program to proxy all network traffic on a physical node. And by configuring a route discovery registration center to uniformly maintain the network meta information of all virtual machines, the virtual machine uses the native VLAN technology to divide the user's subnet to ensure the communication performance of the subnet nodes and the virtual machine network maintained by the route discovery center. Meta information improves the speed of virtual machine ARP addressing and improves cross-node network request performance. Envoy's network proxy technology is used in conjunction with the route discovery center to broadcast the subnet broadcast communication of all virtual machines to the route discovery center, which improves the accuracy of the broadcast and greatly improves the utilization efficiency of the public network bandwidth.
ISSN:1742-6588
1742-6596
DOI:10.1088/1742-6596/1544/1/012050