Infrastructure as a Service (IaaS) using cloud computing has been available as a new way of application of an Information and Communication Technology (ICT) system configuration. The IaaS is a service that provides users with a platform implemented by a virtual server (hereinafter referred to as a “virtual machine (VM)”) configured using computing resources on a network).
Users at companies and so on using the IaaS utilize VMs provided thereby to construct a desired ICT system. For example, when a user constructs a task system accessed over the Internet, a web server serving as a front-end system is constructed using a VM, and an application (AP) server and a database (DB) server serving as a back-end system are constructed using VMs.
Even in such an ICT system using VMs, the user performs firewall installation and network-zone division to execute security protection, as in typical ICT systems. For example, by using virtual local area networks (VLANs), the user divides a segment into a demilitarized zone (DMZ) to which a web server belongs and a secure zone to which a DB server belongs. The user then uses a VM (hereinafter referred to as a “virtual FW”) that executes firewall functions, to control communication between the zones and communication from outside to each zone.
When a VM is migrated in a system using VMs, Gratuitous Address Resolution Protocol (GARP) is used to update setting information in network devices, such as layer 2 switches, thereby continuing the system operation.
For example, for maintenance work for a physical server, a VM that operates on this physical server is migrated to another physical server. When the migration of the VM is completed, a hypervisor executed on the migration-destination physical server broadcasts a GARP packet in which a media access control (MAC) address and an internet protocol (IP) address of the migrated VM are contained in payload. Upon receiving the GARP packet, each layer 2 switch updates a forwarding database (FDB) based on received port information and payload information in the GARP packet.
Related technologies are disclosed in Japanese Laid-open Patent Publication No. 2012-65015, Japanese Laid-open Patent Publication No. 2011-198299, Japanese Laid-open Patent Publication No. 2009-232207, and Japanese Laid-open Patent Publication No. 2000-134248.