Virtual tunnel network router

摘要

A virtual host computer is presented that includes a virtualization software platform, at least one virtual machine executed by the virtualization software platform, a private network segment configured to prevent communications with at least one external computer, a public network segment configured to facilitate communications with the at least one external computer, and a virtual routing module that is executed as a virtual image by the virtualization software platform. The virtual routing module is configured to communicate with the at least one virtual machine via the private network segment, communicate with the public network segment, and execute a tunneling layer to form a private virtual network segment between the at least one virtual machine and the at least one external computer.

主权项

1. A host computer, comprising:
a virtualization software platform operating on the host computer; a virtual machine executed by the virtualization software platform, wherein the virtual machine comprises a network address that is on a subnet that is reserved as non-routable; a public network segment module operating on the host computer configured to facilitate communications with an external computer; a private network segment module operating on the host computer configured to communicate with the virtual machine, enable communications internal to the host computer, and prevent communications with the external computer; and a virtual routing module operating on the host computer that is executed as a virtual image by the virtualization software platform and is configured to: (a) communicate with the virtual machine via the private network segment module, wherein the virtual routing module is separate from the virtual machine; (b) direct data packets from the private network segment module to the public network segment module; and (c) execute a tunneling layer to merge the private network segment module of the host computer and an external private network segment module of the external computer to form a private virtual network segment between the virtual machine and the external computer, wherein the virtual router comprises a network address that is based on the network address of the virtual machine.