CN109525684A - Message forwarding method and device - Google Patents
Message forwarding method and device Download PDFInfo
- Publication number
- CN109525684A CN109525684A CN201811513544.2A CN201811513544A CN109525684A CN 109525684 A CN109525684 A CN 109525684A CN 201811513544 A CN201811513544 A CN 201811513544A CN 109525684 A CN109525684 A CN 109525684A
- Authority
- CN
- China
- Prior art keywords
- address
- server
- forwarding
- request message
- socket connection
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L61/00—Network arrangements, protocols or services for addressing or naming
- H04L61/09—Mapping addresses
- H04L61/25—Mapping addresses of the same type
- H04L61/2503—Translation of Internet protocol [IP] addresses
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/14—Session management
- H04L67/141—Setup of application sessions
Landscapes
- Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Data Exchanges In Wide-Area Networks (AREA)
Abstract
The application provides a kind of message forwarding method and device, applied to the forwarding module in forwarding device, the forwarding device includes multiple forwarding modules, this method comprises: receiving the request message that the client is sent based on connecting with the first socket that client is established;Target ip address corresponding with the five-tuple of the first socket connection is determined from preset IP address network segment;Based on the target ip address and preset forwarding strategy, network address translation is carried out to the request message, the source IP address of the request message is converted to the target ip address, and the purpose IP address of the request message is converted to the IP address of server-side to be visited;It is connect based on the 2nd socket established with the server-side, the request message after conversion is transmitted to the server-side.Technical scheme can increase the quantity for allowing concurrent socket connection, improve the resource utilization of forwarding device.
Description
Technical field
This application involves field of communication technology more particularly to a kind of message forwarding methods and device.
Background technique
SLB (Server Load Balancing, server-side load balancing) is a kind of to be designed for cloud computing platform
Network Load Balance Technology.In practical applications, client can based on SLB equipment VIP (Virtual IP Address,
Virtual ip address) access request is sent to SLB equipment, then by SLB equipment based on certain forwarding strategy, by the visit of client
Ask that request is transmitted to the corresponding business processing of server-side progress of rear end.As type of business gradually increases, business complexity
It is continuously improved, the access request that client is sent to server-side also gradually increases.In this case, how to increase forwarding device
Concurrent connection number amount between server-side improves and turns to increase the quantity that can handle the client of access request simultaneously
The resource utilization for sending out equipment, becomes urgent problem to be solved.
Summary of the invention
In view of this, the application provides a kind of message forwarding method and device.Specifically, the application is by following technology
What scheme was realized:
In a first aspect, the application provides a kind of message forwarding method, the method is applied to the forwarding mould in forwarding device
Block, the forwarding device include multiple forwarding modules, which comprises
Based on connecting with the first socket that client is established, the request message that the client is sent is received;
Target ip address corresponding with the five-tuple of the first socket connection is determined from preset IP address network segment;
Based on the target ip address and preset forwarding strategy, network address translation is carried out to the request message, with
The source IP address of the request message is converted into the target ip address, and the purpose IP address of the request message is converted
For the IP address of server-side to be visited;
It is connect based on the 2nd socket established with the server-side, the request message after conversion is transmitted to the service
End.
Second aspect, the application provide a kind of apparatus for forwarding message, and described device is applied to the forwarding mould in forwarding device
Block, the forwarding device include multiple forwarding modules, and described device includes:
First receiving unit is sent for based on connecting with the first socket that client is established, receiving the client
Request message;
Determination unit, for determining corresponding with the five-tuple of the first socket connection from preset IP address network segment
Target ip address;
First converting unit, for be based on the target ip address and preset forwarding strategy, to the request message into
The source IP address of the request message is converted to the target ip address, and the request is reported by row network address translation
The purpose IP address of text is converted to the IP address of server-side to be visited;
First retransmission unit, for being connect based on the 2nd socket established with the server-side, by the request after conversion
Message is transmitted to the server-side.
The third aspect, the application provide a kind of electronic equipment, and the electronic equipment includes: processor and machine readable storage
Medium;
The machine readable storage medium is stored with the machine-executable instruction that can be executed by the processor, the place
Reason device is promoted to execute the above method by the machine-executable instruction.
Fourth aspect, the application provide a kind of machine readable storage medium, and the machine readable storage medium storage is organic
Device executable instruction, when being called and being executed by processor, it is above-mentioned that the machine-executable instruction promotes the processor to execute
Method.
In the above-mentioned technical solutions, the forwarding module in forwarding device is in the access for receiving client and being sent to server-side
When request, IP address corresponding with the access request can be determined from pre-set IP address network segment, and be based on five-tuple
Including the IP address, the corresponding virtual ip address of the forwarding module, and the socket company of corresponding source port and destination port
It connects, which is transmitted to the server-side.In this manner, since forwarding module all in forwarding device can be with
It is communicated, and is no longer needed based on the same IP address with server-side based on the IP address network segment that one includes multiple IP address
It is communicated with server-side, therefore the quantity of socket connection concurrent between all forwarding modules and all server-sides
Theoretical maximum is 65535 × N (quantity that N is the IP address in the IP address network segment), it can increasing allows concurrently
The quantity of socket connection, improves the resource utilization of forwarding device.
Detailed description of the invention
Fig. 1 is a kind of schematic diagram of message forwarding system;
Fig. 2 is a kind of flow chart of message forwarding method shown in one exemplary embodiment of the application;
Fig. 3 is a kind of hardware structure diagram of apparatus for forwarding message place equipment shown in one exemplary embodiment of the application;
Fig. 4 is a kind of block diagram of apparatus for forwarding message shown in one exemplary embodiment of the application.
Specific embodiment
Example embodiments are described in detail here, and the example is illustrated in the accompanying drawings.Following description is related to
When attached drawing, unless otherwise indicated, the same numbers in different drawings indicate the same or similar elements.Following exemplary embodiment
Described in embodiment do not represent all embodiments consistent with the application.On the contrary, they be only with it is such as appended
The example of the consistent device and method of some aspects be described in detail in claims, the application.
It is only to be not intended to be limiting the application merely for for the purpose of describing particular embodiments in term used in this application.
It is also intended in the application and the "an" of singular used in the attached claims, " described " and "the" including majority
Form, unless the context clearly indicates other meaning.It is also understood that term "and/or" used herein refers to and wraps
It may be combined containing one or more associated any or all of project listed.
It will be appreciated that though various information, but this may be described using term first, second, third, etc. in the application
A little information should not necessarily be limited by these terms.These terms are only used to for same type of information being distinguished from each other out.For example, not departing from
In the case where the application range, the first information can also be referred to as the second information, and similarly, the second information can also be referred to as
One information.Depending on context, word as used in this " if " can be construed to " ... when " or " when ...
When " or " in response to determination ".
Referring to FIG. 1, Fig. 1 is a kind of schematic diagram of message forwarding system.As shown in Figure 1, in practical applications, due to clothes
Business end is typically deployed in private network, and client is then typically deployed in public network, and the safety in order to guarantee business datum, is led to
Often do not allow directly be communicated between client and server-side, therefore usually can be between client and server-side
Forwarding device is affixed one's name to, so that client be allow to access server-side by forwarding device, obtains the business datum in server-side.
In order to handle the access request that multiple client is directed to server-side simultaneously, multiple turns can be created in forwarding device
Send out module.Wherein, forwarding module can be virtual machine, be also possible to the process for executing forwarding capability, the application to this not
It is restricted.
In the related art, it can be respectively that each forwarding module in forwarding device configures a virtual ip address, be
The virtual ip address of different forwarding module configurations is not generally also identical, client can based on some virtual ip address with it is corresponding
Forwarding module communicated.It on the other hand, can be same for being led to server-side for all forwarding module configurations
The IP address of letter, i.e., each forwarding module can be based respectively on the IP address and be communicated with server-side.
Specifically, by taking client 1 shown in FIG. 1 as an example, client 1 can be established with the forwarding module 1 in forwarding device
Socket connection 11, to be communicated by socket connection 11 with forwarding module 1.On the other hand, forwarding module 1 can be with clothes
Socket connection 21 is established at business end 1, to be communicated by socket connection 21 with server-side 1.
Forwarding module 1 can receive client 1 based on socket connection 11 and access the request report sent when server-side 1
Text.Wherein, the source IP address of the request message is the IP address of client 1, and the purpose IP address of the request message is forwarding mould
The corresponding virtual ip address 1 of block 1.
Forwarding module 1 can carry out network address translation (Network Address to the request message
Translation, NAT), the source IP address of the request message, which is converted to forwarding module 1 and is communicated with server-side, to be made
The purpose IP address of the request message is converted to the IP address of server-side 1 by IP address X.In addition, forwarding module 1 may be used also
With to the request message source port and destination port converted accordingly.
Request message after conversion can be transmitted to server-side 1 based on socket connection 21 by forwarding module 1, to make visitor
The accessible server-side 1 in family end 1.
It should be noted that five-tuple (source IP address, purpose IP address, source port, the destination port of socket connection 11
And transport layer protocol) be the request message five-tuple, forwarding module 1 can not based on socket connection 11 handle five-tuple and
The different message of the five-tuple of socket connection 11.Similarly, the five-tuple of socket connection 21 is the request report after the conversion
The five-tuple of text, i.e. forwarding module 1 can not connect based on the processing five-tuple of socket connection 21 with socket 21 five-tuple not
Same message.
I.e. for some forwarding module, the forwarding module client different from IP address is needed by different
Socket connection is communicated, and the forwarding module server-side different from IP address needs to carry out by different socket connections
Communication.Certainly, the different forwarding module of corresponding virtual ip address client identical from IP address is also required to by different
Socket connection is communicated.
However, for an IP address, the theory of the quantity for the socket connection which can carry simultaneously
Maximum value is 65535.It is communicated since forwarding module all in forwarding device is all based on the same IP address with server-side,
Therefore the theoretical maximum of the quantity of socket connection concurrent between all forwarding modules and all server-sides is
65535, that is, allowing the quantity of concurrent socket connection, there are the upper limits.
To solve the above-mentioned problems, the application provides a kind of message forwarding method and device, with increase allow it is concurrent
The quantity of socket connection, improves the resource utilization of forwarding device.
Referring to FIG. 2, Fig. 2 is a kind of flow chart of message forwarding method shown in one exemplary embodiment of the application.It should
Method can be applied to the forwarding module in forwarding device shown in FIG. 1, include the following steps:
Step 201: based on connecting with the first socket that client is established, receiving the request report that the client is sent
Text.
Step 202: mesh corresponding with the five-tuple of the first socket connection is determined from preset IP address network segment
Mark IP address.
Step 203: being based on the target ip address and preset forwarding strategy, network address is carried out to the request message
The source IP address of the request message is converted to the target ip address by conversion, and by the destination IP of the request message
Address conversion is the IP address of server-side to be visited.
Step 204: being connect based on the 2nd socket established with the server-side, the request message after conversion is transmitted to
The server-side.
In the present embodiment, it can be pre-configured with an IP address network segment, each forwarding module in forwarding device can be with
Select an IP address as the IP address for being communicated with server-side from the IP address network segment, i.e., the forwarding module can
To be communicated based on the IP address selected with server-side.
Client can access server-side by the forwarding module in forwarding device.
Specifically, client can send the request message for accessing server-side.Wherein, the source IP of the request message
Location is the IP address of the client, and the purpose IP address of the request message is that the corresponding virtual ip address of forwarding module (as should
The virtual ip address of forwarding module configuration).
The forwarding module can receive the request message based on connecting with the first socket that the client is established.
After receiving the request message, on the one hand, the forwarding module can based on the five-tuple of the first socket connection,
From preconfigured IP address network segment, IP address corresponding with the five-tuple is determined, and the IP address is determined as Target IP
Address.
In a kind of embodiment shown, which can be realized using following steps from preset IP address net
Target ip address corresponding with the five-tuple of the first socket connection is determined in section:
Step 2021: determining the corresponding address mark of the five-tuple of the first socket connection.
Step 2022: from preset IP address network segment, being identified based on the address, determine the corresponding mesh of the five-tuple
Mark IP address.
After receiving the request message, which can determine the five-tuple of the first socket connection correspondingly
Location mark.Wherein, address mark and the IP address in preconfigured IP address network segment are one-to-one relationships, i.e. a ground
Location mark can uniquely characterize the IP address in the IP address network segment.
It can store the corresponding relationship of address mark and the IP address in preconfigured IP address network segment in forwarding device.
After the corresponding address mark of five-tuple that the first socket connection has been determined, which can be right based on this
It should be related to, determine that the address identifies corresponding IP address, so as to which the IP address is determined as the five of the first socket connection
The corresponding target ip address of tuple.
Specifically, after receiving the request message, which can be first to the five-tuple of the first socket connection
It carries out Hash (hash) to calculate, obtains the cryptographic Hash of the five-tuple of the first socket connection.
Subsequent, which can further the cryptographic Hash to the five-tuple of the first socket connection carry out at data
Reason, is converted to key value for the cryptographic Hash.It should be noted that the IP address in key value and preconfigured IP address network segment
It is one-to-one relationship, i.e., a key value can uniquely characterize the IP address in the IP address network segment.
It can store the corresponding relationship of the IP address in key value and preconfigured IP address network segment in forwarding device.
After the cryptographic Hash of five-tuple of the first socket connection is calculated, which can be closed based on the correspondence
System, determines the corresponding IP address of key value, and the IP address is determined as to the corresponding target of five-tuple of the first socket connection
IP address.
On the other hand, which can source IP address based on the request message and preconfigured forwarding plan
Slightly, the corresponding forwarding strategy of the request message is determined.
It should be noted that forwarding strategy may include the IP address of server-side to be visited, it can from the request report
The IP address for handling the server-side of the request message is determined in the corresponding forwarding strategy of source IP address of text.On the other hand, it forwards
Strategy can be determining using modes such as ARP (Address Resolution Protocol, address resolution protocol) study and deposit
Storage, be also possible to determining using other modes and store, the application to this with no restriction.
After the corresponding forwarding strategy of the request message has been determined, which can be based on the target ip address, with
And the forwarding strategy, network address translation is carried out to the request message, the source IP address of the request message is converted into the mesh
IP address is marked, and the purpose IP address of the request message is converted to the IP address of server-side to be visited.In addition, the forwarding mould
Block can also source port to the request message and destination port converted accordingly.
In a kind of embodiment shown, the forwarding module in forwarding device can execute SLB function.
In this case, which can source IP address based on the request message and preconfigured turn
Hair strategy, determines the corresponding forwarding strategy of the request message, so that it is determined that the IP address of the accessible server-side of the client.
On the other hand, it can be based on preconfigured load balancing, select a server-side as wait visit from these server-sides
The server-side asked, and the purpose IP address of the request message is converted to the IP address of server-side to be visited.Wherein, load is equal
Weighing apparatus strategy can be pre-configured with by user, such as: the smallest server-side of present load can be selected from these server-sides, and will
The purpose IP address of the request message is converted to the IP address of the smallest server-side of present load.
Subsequent, which can be connect based on the 2nd socket established with server-side to be visited, after conversion
Request message be transmitted to the server-side.
In practical applications, which, can be based on asking after the conversion after receiving the request message after the conversion
Message is asked to carry out corresponding business processing, and the business datum obtained based on processing constructs response message.Subsequent, which can
The response message to be returned to the client for sending the request message, to make in the available server-side of the client
Business datum.
It should be noted that the server-side can be constructed when the business datum obtained based on processing constructs response message
The response report for the source IP address that source IP address is the IP address of the server-side, purpose IP address is request message after the conversion
Text, and return to the response message.
The forwarding module can receive the response message based on connecting with the 2nd socket that the server-side is established.
After receiving the response message, which can carry out reversed network address to the response message and turn
It changes, i.e., the source IP address of the response message is converted into the corresponding virtual ip address of the forwarding module, and by the response message
Purpose IP address is converted to the IP address for sending the client of the request message.In addition, the forwarding module can also ask this
The source port and destination port for seeking message are converted accordingly.
Subsequent, which can be based on connecting, by the response after conversion with the first socket that the client is established
Message is transmitted to the client, to make the business datum in the available server-side of the client.
In the above-mentioned technical solutions, the forwarding module in forwarding device is in the access for receiving client and being sent to server-side
When request, IP address corresponding with the access request can be determined from pre-set IP address network segment, and be based on five-tuple
Including the IP address, the corresponding virtual ip address of the forwarding module, and the socket company of corresponding source port and destination port
It connects, which is transmitted to the server-side.In this manner, since forwarding module all in forwarding device can be with
It is communicated, and is no longer needed based on the same IP address with server-side based on the IP address network segment that one includes multiple IP address
It is communicated with server-side, therefore the quantity of socket connection concurrent between all forwarding modules and all server-sides
Theoretical maximum is 65535 × N (quantity that N is the IP address in the IP address network segment), it can increasing allows concurrently
The quantity of socket connection, improves the resource utilization of forwarding device.
Above-mentioned technical proposal is illustrated below.
By taking client 1 shown in FIG. 1 and client 2 as an example, client 1 can establish socket with forwarding module 1 and connect
11, to be communicated by socket connection 11 with forwarding module 1;Client 2 can establish socket with forwarding module 1 and connect
12, to be communicated by socket connection 12 with forwarding module 1.Assuming that the five-tuple of socket connection 11 includes virtual IP address
Location 1 (source IP address), the IP address (purpose IP address) of client 1, port 11 (source port) and port 21 (destination port),
The five-tuple of socket connection 12 includes virtual ip address 1 (source IP address), the IP address (purpose IP address) of client 2, end
31 (source ports) of mouth and port 22 (destination port).
It on the other hand, can be for forwarding module all in forwarding device with configuring an IP for communicating with server-side
Location network segment.Assuming that storing address mark as shown in table 1 below in forwarding device with the IP in preconfigured IP address network segment
The corresponding relationship of location:
Address mark | IP address in IP address network segment |
Address mark 1 | IP address 1 |
Address mark 2 | IP address 2 |
…… | …… |
Table 1
In one example, forwarding module 1 can be based on socket connection 11, receive the request report of the transmission of client 1
Text.Wherein, the source IP address of the request message is the IP address of client 1, and purpose IP address is that forwarding module 1 is corresponding virtual
IP address 1, source port are the port 11 of client, and destination port is the port 21 of forwarding module 1.
After receiving the request message, on the one hand, forwarding module 1 can determine the five-tuple of socket connection 11 (i.e.
The five-tuple of the request message) corresponding address mark.Assuming that the corresponding address of five-tuple of socket connection 11 is identified as ground
Location mark 1, then based on corresponding relationship as listed in Table 1, can determine that address identifies 1 corresponding IP address is IP address 1, from
And IP address 1 can be determined as to the corresponding target ip address of five-tuple of socket connection 11.
On the other hand, forwarding module 1 can the source IP address (i.e. the IP address of client 1) based on the request message, with
And preconfigured forwarding strategy, determine the corresponding forwarding strategy of the request message.Assuming that be visited in the forwarding strategy
The IP address of server-side is the IP address of server-side 1, then forwarding module 1 can carry out network address translation to the request message,
The source IP address of the request message is converted to IP address 1, and the purpose IP address of the request message is converted into server-side 1
IP address.
In addition, forwarding module 1 is also based on the forwarding strategy, the source port and destination port to the request message are carried out
Corresponding conversion.Assuming that the source port of the request message is converted to forwarding module 1 by the port 11 of client 1 by forwarding module 1
Port 22, and the destination port of the request message is converted to the port 31 of server-side 1 by the port 21 of forwarding module 1.
Forwarding module 1 can establish socket with server-side 1 and connect 21, with by socket connection 21 and server-side 1 into
Row communication.Assuming that the five-tuple of socket connection 21 includes IP address 1 (source IP address), the IP address of server-side 1 (destination IP
Location), port 22 (source port) and port 31 (destination port), then forwarding module 1 can be based on socket connection 21, after conversion
Request message be transmitted to server-side 1.
Server-side 1 can be carried out corresponding after receiving the request message after the conversion based on the request message after the conversion
Business processing, and response message is constructed based on the obtained business datum of processing.Wherein, the source IP address of the response message is clothes
The IP address at business end 1, purpose IP address are IP address 1, and source port is the port 31 of server-side 1, and destination port is forwarding module 1
Port 22.
Forwarding module 1 can be based on socket connection 21, receive the response message of the transmission of server-side 1.
After receiving the response message, forwarding module 1 can carry out reversed network address translation to the response message,
Will the source IP address of the response message be converted to virtual ip address 1, and the purpose IP address of the response message is converted into visitor
The IP address at family end 1.In addition, forwarding module 1 can also be converted to the source port of the response message by the port 31 of server-side 1
The port 21 of forwarding module 1, and the destination port of the response message is converted into client 1 by the port 22 of conversion module 1
Port 11.
Subsequent, forwarding module 1 can be based on socket connection 11, and the response message after conversion is transmitted to client 1, from
And make the business datum in the available server-side 1 of client 1.
In another example, forwarding module 1 can be based on socket connection 12, receive the request of the transmission of client 2
Message.Wherein, the source IP address of the request message is the IP address of client 2, and purpose IP address is the corresponding void of forwarding module 1
Quasi- IP address 1, source port are the port 41 of client, and destination port is the port 23 of forwarding module 1.
After receiving the request message, on the one hand, forwarding module 1 can determine the five-tuple of socket connection 12 (i.e.
The five-tuple of the request message) corresponding address mark.Assuming that the corresponding address of five-tuple of socket connection 12 is identified as ground
Location mark 2, then based on corresponding relationship as listed in Table 1, can determine that address identifies 2 corresponding IP address is IP address 2, from
And IP address 2 can be determined as to the corresponding target ip address of five-tuple of socket connection 12.
On the other hand, forwarding module 1 can the source IP address (i.e. the IP address of client 2) based on the request message, with
And preconfigured forwarding strategy, determine the corresponding forwarding strategy of the request message.Assuming that be visited in the forwarding strategy
The IP address of server-side is the IP address of server-side 1, then forwarding module 1 can carry out network address translation to the request message,
The source IP address of the request message is converted to IP address 2, and the purpose IP address of the request message is converted into server-side 1
IP address.
In addition, forwarding module 1 is also based on the forwarding strategy, the source port and destination port to the request message are carried out
Corresponding conversion.Assuming that the source port of the request message is converted to forwarding module 1 by the port 41 of client 1 by forwarding module 1
Port 24, and the destination port of the request message is converted to the port 32 of server-side 1 by the port 23 of forwarding module 1.
Forwarding module 1 can establish socket with server-side 1 and connect 22, with by socket connection 22 and server-side 1 into
Row communication.Assuming that the five-tuple of socket connection 22 includes IP address 2 (source IP address), the IP address of server-side 1 (destination IP
Location), port 24 (source port) and port 32 (destination port), then forwarding module 1 can be based on socket connection 22, after conversion
Request message be transmitted to server-side 1.
Server-side 1 can be carried out corresponding after receiving the request message after the conversion based on the request message after the conversion
Business processing, and response message is constructed based on the obtained business datum of processing.Wherein, the source IP address of the response message is clothes
The IP address at business end 1, purpose IP address are IP address 2, and source port is the port 32 of server-side 1, and destination port is forwarding module 1
Port 24.
Forwarding module 1 can be based on socket connection 22, receive the response message of the transmission of server-side 1.
After receiving the response message, forwarding module 1 can carry out reversed network address translation to the response message,
Will the source IP address of the response message be converted to virtual ip address 1, and the purpose IP address of the response message is converted into visitor
The IP address at family end 2.In addition, forwarding module 1 can also be converted to the source port of the response message by the port 32 of server-side 1
The port 23 of forwarding module 1, and the destination port of the response message is converted into client 2 by the port 24 of conversion module 1
Port 41.
Subsequent, forwarding module 1 can be based on socket connection 12, and the response message after conversion is transmitted to client 2, from
And make the business datum in the available server-side 1 of client 2.
Corresponding with the embodiment of aforementioned message forwarding method, present invention also provides the embodiments of apparatus for forwarding message.
The embodiment of the application apparatus for forwarding message can be applied on forwarding device.Installation practice can pass through software
It realizes, can also be realized by way of hardware or software and hardware combining.Taking software implementation as an example, as on a logical meaning
Device, be in being read computer program instructions corresponding in nonvolatile memory by the processor of equipment where it
Deposit what middle operation was formed.For hardware view, as shown in figure 3, for the one of the application apparatus for forwarding message place forwarding device
Kind hardware structure diagram, other than processor shown in Fig. 3, memory, network interface and nonvolatile memory, embodiment
The actual functional capability that forwarding device where middle device is forwarded generally according to the message can also include other hardware, no longer to this
It repeats.
Referring to FIG. 4, Fig. 4 is a kind of block diagram of apparatus for forwarding message shown in one exemplary embodiment of the application.The dress
400 forwarding modules that can be applied in forwarding device shown in Fig. 3 are set, the forwarding device includes multiple forwarding modules, institute
Stating device 400 may include:
First receiving unit 401, for based on connecting with the first socket that client is established, receiving the client hair
The request message sent;
Determination unit 402, for determining the five-tuple connecting with the first socket from preset IP address network segment
Corresponding target ip address;
First converting unit 403, for being based on the target ip address and preset forwarding strategy, to the request message
Network address translation is carried out, the source IP address of the request message is converted into the target ip address, and by the request
The purpose IP address of message is converted to the IP address of server-side to be visited;
First retransmission unit 404, for being connect based on the 2nd socket established with the server-side, by asking after conversion
Message is asked to be transmitted to the server-side.
In an alternative embodiment, the determination unit 402 specifically can be used for:
Determine the corresponding address mark of the five-tuple of the first socket connection;
From preset IP address network segment, is identified based on the address, determine the corresponding target ip address of the five-tuple.
In an alternative embodiment, the determination unit 402 specifically can be used for:
Based on the calculated result that Hash calculation obtains is carried out to the first socket connection, the first socket is determined
The corresponding address mark of the five-tuple of connection.
In an alternative embodiment, first converting unit 403 specifically can be used for:
Based on preset load balancing, the IP address of server-side to be visited is determined;
The purpose IP address of the request message is converted to the IP address of the server-side.
In an alternative embodiment, described device 400 can also include:
Second receiving unit 405 receives the response report that the server-side returns for being based on the 2nd socket connection
Text;
Second converting unit 406, for carrying out reversed network address translation to the response message, by the response
The source IP address of message is converted to the corresponding virtual ip address of the forwarding module, and by the purpose IP address of the response message
Be converted to the IP address of the client;
Response message after conversion is transmitted to institute for being based on the first socket connection by the second retransmission unit 407
State client.
The function of each unit and the realization process of effect are specifically detailed in the above method and correspond to step in above-mentioned apparatus
Realization process, details are not described herein.
For device embodiment, since it corresponds essentially to embodiment of the method, so related place is referring to method reality
Apply the part explanation of example.The apparatus embodiments described above are merely exemplary, wherein described be used as separation unit
The unit of explanation may or may not be physically separated, and component shown as a unit can be or can also be with
It is not physical unit, it can it is in one place, or may be distributed over multiple network units.It can be according to actual
The purpose for needing to select some or all of the modules therein to realize application scheme.Those of ordinary skill in the art are not paying
Out in the case where creative work, it can understand and implement.
A kind of electronic equipment is provided in one exemplary embodiment of the application, the electronic equipment may include: processor
And machine readable storage medium;
By the executable finger of machine corresponding with the control logic of message forwarding for reading and executing the memory storage
It enables, the processor is prompted to:
Based on connecting with the first socket that client is established, the request message that the client is sent is received;
Target ip address corresponding with the five-tuple of the first socket connection is determined from preset IP address network segment;
Based on the target ip address and preset forwarding strategy, network address translation is carried out to the request message, with
The source IP address of the request message is converted into the target ip address, and the purpose IP address of the request message is converted
For the IP address of server-side to be visited;
It is connect based on the 2nd socket established with the server-side, the request message after conversion is transmitted to the service
End.
In an alternative embodiment, it is patrolled by reading and executing the control with message forwarding of the memory storage
Corresponding machine-executable instruction is collected, the processor is prompted to:
Determine the corresponding address mark of the five-tuple of the first socket connection;
From preset IP address network segment, is identified based on the address, determine the corresponding target ip address of the five-tuple.
In an alternative embodiment, it is patrolled by reading and executing the control with message forwarding of the memory storage
Corresponding machine-executable instruction is collected, the processor is prompted to:
Based on the calculated result that Hash calculation obtains is carried out to the first socket connection, the first socket is determined
The corresponding address mark of the five-tuple of connection.
In an alternative embodiment, it is patrolled by reading and executing the control with message forwarding of the memory storage
Corresponding machine-executable instruction is collected, the processor is prompted to:
Based on preset load balancing, the IP address of server-side to be visited is determined;
The purpose IP address of the request message is converted to the IP address of the server-side.
In an alternative embodiment, it is patrolled by reading and executing the control with message forwarding of the memory storage
Corresponding machine-executable instruction is collected, the processor is also prompted to:
Based on the 2nd socket connection, the response message that the server-side returns is received;
Reversed network address translation is carried out to the response message, and the source IP address of the response message is converted to
The corresponding virtual ip address of the forwarding module, and the purpose IP address of the response message is converted to the IP of the client
Address;
Based on the first socket connection, the response message after conversion is transmitted to the client.
A kind of machine readable storage medium is provided in one exemplary embodiment of the application, such as: including computer instruction
Memory, the machine-executable instruction can by the processor of apparatus for forwarding message execute to complete the above method, it is described
Method may include:
Based on connecting with the first socket that client is established, the request message that the client is sent is received;
Target ip address corresponding with the five-tuple of the first socket connection is determined from preset IP address network segment;
Based on the target ip address and preset forwarding strategy, network address translation is carried out to the request message, with
The source IP address of the request message is converted into the target ip address, and the purpose IP address of the request message is converted
For the IP address of server-side to be visited;
It is connect based on the 2nd socket established with the server-side, the request message after conversion is transmitted to the service
End.
In an alternative embodiment, the determination from preset IP address network segment is connect with the first socket
The corresponding target ip address of five-tuple, may include:
Determine the corresponding address mark of the five-tuple of the first socket connection;
From preset IP address network segment, is identified based on the address, determine the corresponding target ip address of the five-tuple.
In an alternative embodiment, the corresponding address label of five-tuple of the determination the first socket connection
Know, may include:
Based on the calculated result that Hash calculation obtains is carried out to the first socket connection, the first socket is determined
The corresponding address mark of the five-tuple of connection.
In an alternative embodiment, the purpose IP address by the request message is converted to service to be visited
The IP address at end may include:
Based on preset load balancing, the IP address of server-side to be visited is determined;
The purpose IP address of the request message is converted to the IP address of the server-side.
In an alternative embodiment, the method can also include:
Based on the 2nd socket connection, the response message that the server-side returns is received;
Reversed network address translation is carried out to the response message, and the source IP address of the response message is converted to
The corresponding virtual ip address of the forwarding module, and the purpose IP address of the response message is converted to the IP of the client
Address;
Based on the first socket connection, the response message after conversion is transmitted to the client.
The foregoing is merely the preferred embodiments of the application, not to limit the application, all essences in the application
Within mind and principle, any modification, equivalent substitution, improvement and etc. done be should be included within the scope of the application protection.
Claims (12)
1. a kind of message forwarding method, which is characterized in that the method is applied to the forwarding module in forwarding device, the forwarding
Equipment includes multiple forwarding modules, which comprises
Based on connecting with the first socket that client is established, the request message that the client is sent is received;
Target ip address corresponding with the five-tuple of the first socket connection is determined from preset IP address network segment;
Based on the target ip address and preset forwarding strategy, network address translation is carried out to the request message, by institute
The source IP address for stating request message is converted to the target ip address, and by the purpose IP address of the request message be converted to
The IP address of the server-side of access;
It is connect based on the 2nd socket established with the server-side, the request message after conversion is transmitted to the server-side.
2. the method according to claim 1, wherein described determining with described the from preset IP address network segment
The corresponding target ip address of five-tuple of one socket connection, comprising:
Determine the corresponding address mark of the five-tuple of the first socket connection;
From preset IP address network segment, is identified based on the address, determine the corresponding target ip address of the five-tuple.
3. according to the method described in claim 2, it is characterized in that, the five-tuple pair of the determination the first socket connection
The address mark answered, comprising:
Based on the calculated result that Hash calculation obtains is carried out to the first socket connection, the first socket connection is determined
Five-tuple corresponding address mark.
4. the method according to claim 1, wherein the purpose IP address by the request message is converted to
The IP address of server-side to be visited, comprising:
Based on preset load balancing, the IP address of server-side to be visited is determined;
The purpose IP address of the request message is converted to the IP address of the server-side.
5. the method according to claim 1, wherein the method also includes:
Based on the 2nd socket connection, the response message that the server-side returns is received;
Reversed network address translation is carried out to the response message, the source IP address of the response message is converted to described
The corresponding virtual ip address of forwarding module, and with being converted to the IP of the client by the purpose IP address of the response message
Location;
Based on the first socket connection, the response message after conversion is transmitted to the client.
6. a kind of apparatus for forwarding message, which is characterized in that described device is applied to the forwarding module in forwarding device, the forwarding
Equipment includes multiple forwarding modules, and described device includes:
First receiving unit, for based on connecting with the first socket that client is established, receiving asking for the client transmission
Seek message;
Determination unit, for determining mesh corresponding with the five-tuple of the first socket connection from preset IP address network segment
Mark IP address;
First converting unit carries out net to the request message for being based on the target ip address and preset forwarding strategy
The source IP address of the request message is converted to the target ip address by network address conversion, and by the request message
Purpose IP address is converted to the IP address of server-side to be visited;
First retransmission unit, for being connect based on the 2nd socket established with the server-side, by the request message after conversion
It is transmitted to the server-side.
7. the apparatus according to claim 1, which is characterized in that the determination unit is specifically used for:
Determine the corresponding address mark of the five-tuple of the first socket connection;
From preset IP address network segment, is identified based on the address, determine the corresponding target ip address of the five-tuple.
8. device according to claim 7, which is characterized in that the determination unit is specifically used for:
Based on the calculated result that Hash calculation obtains is carried out to the first socket connection, the first socket connection is determined
Five-tuple corresponding address mark.
9. the apparatus according to claim 1, which is characterized in that first converting unit is specifically used for:
Based on preset load balancing, the IP address of server-side to be visited is determined;
The purpose IP address of the request message is converted to the IP address of the server-side.
10. the apparatus according to claim 1, which is characterized in that described device further include:
Second receiving unit receives the response message that the server-side returns for being based on the 2nd socket connection;
Second converting unit, for carrying out reversed network address translation to the response message, by the response message
Source IP address is converted to the corresponding virtual ip address of the forwarding module, and the purpose IP address of the response message is converted to
The IP address of the client;
Response message after conversion is transmitted to the client for being based on the first socket connection by the second retransmission unit
End.
11. a kind of electronic equipment, which is characterized in that the electronic equipment includes: processor and machine readable storage medium;
The machine readable storage medium is stored with the machine-executable instruction that can be executed by the processor, the processor
Promoted to execute method as claimed in claim 1 to 5 by the machine-executable instruction.
12. a kind of machine readable storage medium, which is characterized in that the machine readable storage medium is stored with the executable finger of machine
It enables, when being called and being executed by processor, the machine-executable instruction promotes the processor to execute such as claim 1 to 5
Any method.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201811513544.2A CN109525684B (en) | 2018-12-11 | 2018-12-11 | Message forwarding method and device |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201811513544.2A CN109525684B (en) | 2018-12-11 | 2018-12-11 | Message forwarding method and device |
Publications (2)
Publication Number | Publication Date |
---|---|
CN109525684A true CN109525684A (en) | 2019-03-26 |
CN109525684B CN109525684B (en) | 2022-09-30 |
Family
ID=65795999
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201811513544.2A Active CN109525684B (en) | 2018-12-11 | 2018-12-11 | Message forwarding method and device |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN109525684B (en) |
Cited By (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN110868344A (en) * | 2019-10-17 | 2020-03-06 | 北京全路通信信号研究设计院集团有限公司 | Method, system, device and computer readable medium for simulating MVB |
CN111158864A (en) * | 2019-12-31 | 2020-05-15 | 奇安信科技集团股份有限公司 | Data processing method, device, system, medium, and program |
CN112751786A (en) * | 2020-12-28 | 2021-05-04 | 长沙星融元数据技术有限公司 | SLB acceleration system, method, device, equipment and medium based on programmable switch |
CN112929277A (en) * | 2019-12-06 | 2021-06-08 | 华为技术有限公司 | Message processing method and device |
WO2021115183A1 (en) * | 2019-12-12 | 2021-06-17 | 中兴通讯股份有限公司 | Address management method, server and computer-readable storage medium |
CN115767684A (en) * | 2022-11-09 | 2023-03-07 | 深圳金信诺高新技术股份有限公司 | Data transmission method, device, equipment and medium |
Citations (8)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20030118002A1 (en) * | 2001-12-21 | 2003-06-26 | Patrick Bradd | Methods and apparatus for setting up telephony connections between two address domains having overlapping address ranges |
CN101060493A (en) * | 2007-05-14 | 2007-10-24 | 中兴通讯股份有限公司 | A method of private network user access the server in a private network through domain name |
CN102638407A (en) * | 2012-04-17 | 2012-08-15 | 北京星网锐捷网络技术有限公司 | Message forwarding method, device and network equipment |
CN103384255A (en) * | 2011-12-31 | 2013-11-06 | 华为数字技术(成都)有限公司 | Load balancing method, server and system for virtual machine cluster |
CN103701945A (en) * | 2013-12-16 | 2014-04-02 | 浙江宇视科技有限公司 | Address translation method and address translation device |
CN103825976A (en) * | 2014-03-04 | 2014-05-28 | 杭州华三通信技术有限公司 | NAT (network address translation) processing method and device in distributed system architecture |
CN106899710A (en) * | 2017-04-26 | 2017-06-27 | 上海优刻得信息科技有限公司 | IP address conversion method, IP address conversion device and gateway system |
WO2017113300A1 (en) * | 2015-12-31 | 2017-07-06 | 华为技术有限公司 | Route determining method, network configuration method and related device |
-
2018
- 2018-12-11 CN CN201811513544.2A patent/CN109525684B/en active Active
Patent Citations (8)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20030118002A1 (en) * | 2001-12-21 | 2003-06-26 | Patrick Bradd | Methods and apparatus for setting up telephony connections between two address domains having overlapping address ranges |
CN101060493A (en) * | 2007-05-14 | 2007-10-24 | 中兴通讯股份有限公司 | A method of private network user access the server in a private network through domain name |
CN103384255A (en) * | 2011-12-31 | 2013-11-06 | 华为数字技术(成都)有限公司 | Load balancing method, server and system for virtual machine cluster |
CN102638407A (en) * | 2012-04-17 | 2012-08-15 | 北京星网锐捷网络技术有限公司 | Message forwarding method, device and network equipment |
CN103701945A (en) * | 2013-12-16 | 2014-04-02 | 浙江宇视科技有限公司 | Address translation method and address translation device |
CN103825976A (en) * | 2014-03-04 | 2014-05-28 | 杭州华三通信技术有限公司 | NAT (network address translation) processing method and device in distributed system architecture |
WO2017113300A1 (en) * | 2015-12-31 | 2017-07-06 | 华为技术有限公司 | Route determining method, network configuration method and related device |
CN106899710A (en) * | 2017-04-26 | 2017-06-27 | 上海优刻得信息科技有限公司 | IP address conversion method, IP address conversion device and gateway system |
Cited By (11)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN110868344A (en) * | 2019-10-17 | 2020-03-06 | 北京全路通信信号研究设计院集团有限公司 | Method, system, device and computer readable medium for simulating MVB |
CN110868344B (en) * | 2019-10-17 | 2022-04-19 | 北京全路通信信号研究设计院集团有限公司 | Method, system, device and computer readable medium for simulating MVB |
CN112929277A (en) * | 2019-12-06 | 2021-06-08 | 华为技术有限公司 | Message processing method and device |
CN112929277B (en) * | 2019-12-06 | 2024-03-05 | 华为云计算技术有限公司 | Message processing method and device |
WO2021115183A1 (en) * | 2019-12-12 | 2021-06-17 | 中兴通讯股份有限公司 | Address management method, server and computer-readable storage medium |
CN112995349A (en) * | 2019-12-12 | 2021-06-18 | 中兴通讯股份有限公司 | Address management method, server, and computer-readable storage medium |
CN111158864A (en) * | 2019-12-31 | 2020-05-15 | 奇安信科技集团股份有限公司 | Data processing method, device, system, medium, and program |
CN111158864B (en) * | 2019-12-31 | 2023-05-30 | 奇安信科技集团股份有限公司 | Data processing method, device, system, medium, and program |
CN112751786A (en) * | 2020-12-28 | 2021-05-04 | 长沙星融元数据技术有限公司 | SLB acceleration system, method, device, equipment and medium based on programmable switch |
CN115767684A (en) * | 2022-11-09 | 2023-03-07 | 深圳金信诺高新技术股份有限公司 | Data transmission method, device, equipment and medium |
CN115767684B (en) * | 2022-11-09 | 2023-09-08 | 深圳金信诺高新技术股份有限公司 | Data transmission method, device, equipment and medium |
Also Published As
Publication number | Publication date |
---|---|
CN109525684B (en) | 2022-09-30 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN109525684A (en) | Message forwarding method and device | |
CN105554065B (en) | Handle method, converting unit and the applying unit of message | |
AU2015256010B2 (en) | Migration of applications between an enterprise-based network and a multi-tenant network | |
JP5809696B2 (en) | Distributed virtual network gateway | |
CN107317887B (en) | A kind of load-balancing method, device and system | |
CN106464564B (en) | Method, system and the computer-readable medium for encapsulating and routing for network packet | |
CN108475251A (en) | It is put for the virtual network of container, heat exchange, pyrocondensation and disaster recovery | |
CN108476208A (en) | Multi-path transmission designs | |
CN102185936B (en) | DNS (domain name system) service system and method based on Linux operation system | |
CN109937400A (en) | The stream mode of real-time migration for virtual machine transmits | |
US10333901B1 (en) | Policy based data aggregation | |
CN105577723A (en) | Method of realizing load sharing in virtualization network and apparatus thereof | |
CN111698346B (en) | Private network address conversion method and device, private network gateway and storage medium | |
CN105554176B (en) | Send the method, apparatus and communication system of message | |
CN108737224A (en) | A kind of message processing method and device based on micro services framework | |
JP2013105308A (en) | Load distribution system, load distribution device, load distribution method and load distribution program | |
US20220263793A1 (en) | Cloud infrastructure resources for connecting a service provider private network to a customer private network | |
US11496599B1 (en) | Efficient flow management utilizing control packets | |
US9055117B1 (en) | Distributed network address translation | |
CN109474713A (en) | Message forwarding method and device | |
CN108833472B (en) | System is established in the connection of cloud host | |
CN107547346A (en) | A kind of message transmitting method and device | |
CN106027356A (en) | Tunnel identifier conversion method and device | |
CN103634298B (en) | A kind of data base's connection processing method and device | |
US9641611B2 (en) | Logical interface encoding |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
GR01 | Patent grant | ||
GR01 | Patent grant |