Currently, a cloud computing technology is a research hotspot in the network field. In large-scale cloud computing, to allow a tenant to customize a network address has become an irresistible tendency. An operation mode in which service lease and service isolation of multiple users need to be supported in an environment of a cloud data center network is briefly referred to as a multi-tenant application mode. In the multi-tenant application mode, packet forwarding between multiple tenants is completed by using a tunneling technology.
The tunneling technology may be: a virtual local area network (VLAN) isolation technology and a generic routing encapsulation (GRE) tunneling technology.
The VLAN isolation technology is a common technology for service and module division in a conventional cloud data center network, and is used to allocate a VLAN ID to each virtual network during cloud computing virtual network isolation. Therefore, a same virtual network is in a layer 2 isolation state. In this case, a tenant may customize IP (Internet Protocol, Internet Protocol) address space of a virtual network of the tenant without worrying collision and overlap with IP address space of another tenant. A main problem of the VLAN isolation technology is: A VLAN ID range is small, and only 4094 independent VLANs are supported.
The GRE tunneling technology is encapsulating a virtual network label for a packet sent by a source host, forwarding the packet to a corresponding destination virtual server, performing decapsulation on the destination virtual server, and identifying a corresponding virtual network, so as to send the packet to a destination host. A virtual network label of the GRE tunneling technology is much longer than a VLAN ID. Therefore, a scale is no longer limited to the quantity 4094. However, in the GRE tunneling technology, different switches each have a unique tunnel label in an entire network, and a tunnel label cannot be reused for different switches.