Virtualization technology is one of key technologies in the cloud computing field. According to the virtualization technology, physical resources of a host can be abstracted into a shared resource pool that is to be used by virtual machines (VM) running on the host. The virtual machines running on the host may share a network interface card of the host, to communicate with an external network. In the existing technology, by means of network interface card virtualization, the network interface card may be allocated to the virtual machines for use. Network interface card virtualization may be implemented by means of single-root input/output virtualization (SR-IOV) or multi-root input/output virtualization (MR-IOV). The network interface card virtualization is also referred to as network interface card passthrough. In the following, SR-IOV is used as an example. When the network interface card supports SR-IOV, the virtual machines running on the host may share the network interface card on the host by using the SR-IOV technology.
When a network interface card supporting the SR-IOV is used on the host, a network port of the network interface card is virtualized into at least one physical function (PF) and multiple virtual functions (VF). A virtual machine on the host is connected to at least one VF. The network interface card is internally provided with a switching apparatus that functions as a switch. The switching apparatus forwards a data packet according to a media access control (MAC) table, and forwards a data packet between a physical network port, the PF, and the VF. Because of limited processing and storage capabilities, the switching apparatus cannot provide abundant network functions such as security group, quality of service (QoS), layer 2 tunnel encapsulation, and distributed routing.