CN109525684A - Message forwarding method and device - Google Patents

Message forwarding method and device Download PDF

Info

Publication number
CN109525684A
CN109525684A CN201811513544.2A CN201811513544A CN109525684A CN 109525684 A CN109525684 A CN 109525684A CN 201811513544 A CN201811513544 A CN 201811513544A CN 109525684 A CN109525684 A CN 109525684A
Authority
CN
China
Prior art keywords
address
server
forwarding
request message
socket connection
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN201811513544.2A
Other languages
Chinese (zh)
Other versions
CN109525684B (en
Inventor
李国帅
朱路
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Hangzhou Dt Dream Technology Co Ltd
Original Assignee
Hangzhou Dt Dream Technology Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Hangzhou Dt Dream Technology Co Ltd filed Critical Hangzhou Dt Dream Technology Co Ltd
Priority to CN201811513544.2A priority Critical patent/CN109525684B/en
Publication of CN109525684A publication Critical patent/CN109525684A/en
Application granted granted Critical
Publication of CN109525684B publication Critical patent/CN109525684B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L61/00Network arrangements, protocols or services for addressing or naming
    • H04L61/09Mapping addresses
    • H04L61/25Mapping addresses of the same type
    • H04L61/2503Translation of Internet protocol [IP] addresses
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/14Session management
    • H04L67/141Setup of application sessions

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)

Abstract

The application provides a kind of message forwarding method and device, applied to the forwarding module in forwarding device, the forwarding device includes multiple forwarding modules, this method comprises: receiving the request message that the client is sent based on connecting with the first socket that client is established;Target ip address corresponding with the five-tuple of the first socket connection is determined from preset IP address network segment;Based on the target ip address and preset forwarding strategy, network address translation is carried out to the request message, the source IP address of the request message is converted to the target ip address, and the purpose IP address of the request message is converted to the IP address of server-side to be visited;It is connect based on the 2nd socket established with the server-side, the request message after conversion is transmitted to the server-side.Technical scheme can increase the quantity for allowing concurrent socket connection, improve the resource utilization of forwarding device.

Description

Message forwarding method and device
Technical field
This application involves field of communication technology more particularly to a kind of message forwarding methods and device.
Background technique
SLB (Server Load Balancing, server-side load balancing) is a kind of to be designed for cloud computing platform Network Load Balance Technology.In practical applications, client can based on SLB equipment VIP (Virtual IP Address, Virtual ip address) access request is sent to SLB equipment, then by SLB equipment based on certain forwarding strategy, by the visit of client Ask that request is transmitted to the corresponding business processing of server-side progress of rear end.As type of business gradually increases, business complexity It is continuously improved, the access request that client is sent to server-side also gradually increases.In this case, how to increase forwarding device Concurrent connection number amount between server-side improves and turns to increase the quantity that can handle the client of access request simultaneously The resource utilization for sending out equipment, becomes urgent problem to be solved.
Summary of the invention
In view of this, the application provides a kind of message forwarding method and device.Specifically, the application is by following technology What scheme was realized:
In a first aspect, the application provides a kind of message forwarding method, the method is applied to the forwarding mould in forwarding device Block, the forwarding device include multiple forwarding modules, which comprises
Based on connecting with the first socket that client is established, the request message that the client is sent is received;
Target ip address corresponding with the five-tuple of the first socket connection is determined from preset IP address network segment;
Based on the target ip address and preset forwarding strategy, network address translation is carried out to the request message, with The source IP address of the request message is converted into the target ip address, and the purpose IP address of the request message is converted For the IP address of server-side to be visited;
It is connect based on the 2nd socket established with the server-side, the request message after conversion is transmitted to the service End.
Second aspect, the application provide a kind of apparatus for forwarding message, and described device is applied to the forwarding mould in forwarding device Block, the forwarding device include multiple forwarding modules, and described device includes:
First receiving unit is sent for based on connecting with the first socket that client is established, receiving the client Request message;
Determination unit, for determining corresponding with the five-tuple of the first socket connection from preset IP address network segment Target ip address;
First converting unit, for be based on the target ip address and preset forwarding strategy, to the request message into The source IP address of the request message is converted to the target ip address, and the request is reported by row network address translation The purpose IP address of text is converted to the IP address of server-side to be visited;
First retransmission unit, for being connect based on the 2nd socket established with the server-side, by the request after conversion Message is transmitted to the server-side.
The third aspect, the application provide a kind of electronic equipment, and the electronic equipment includes: processor and machine readable storage Medium;
The machine readable storage medium is stored with the machine-executable instruction that can be executed by the processor, the place Reason device is promoted to execute the above method by the machine-executable instruction.
Fourth aspect, the application provide a kind of machine readable storage medium, and the machine readable storage medium storage is organic Device executable instruction, when being called and being executed by processor, it is above-mentioned that the machine-executable instruction promotes the processor to execute Method.
In the above-mentioned technical solutions, the forwarding module in forwarding device is in the access for receiving client and being sent to server-side When request, IP address corresponding with the access request can be determined from pre-set IP address network segment, and be based on five-tuple Including the IP address, the corresponding virtual ip address of the forwarding module, and the socket company of corresponding source port and destination port It connects, which is transmitted to the server-side.In this manner, since forwarding module all in forwarding device can be with It is communicated, and is no longer needed based on the same IP address with server-side based on the IP address network segment that one includes multiple IP address It is communicated with server-side, therefore the quantity of socket connection concurrent between all forwarding modules and all server-sides Theoretical maximum is 65535 × N (quantity that N is the IP address in the IP address network segment), it can increasing allows concurrently The quantity of socket connection, improves the resource utilization of forwarding device.
Detailed description of the invention
Fig. 1 is a kind of schematic diagram of message forwarding system;
Fig. 2 is a kind of flow chart of message forwarding method shown in one exemplary embodiment of the application;
Fig. 3 is a kind of hardware structure diagram of apparatus for forwarding message place equipment shown in one exemplary embodiment of the application;
Fig. 4 is a kind of block diagram of apparatus for forwarding message shown in one exemplary embodiment of the application.
Specific embodiment
Example embodiments are described in detail here, and the example is illustrated in the accompanying drawings.Following description is related to When attached drawing, unless otherwise indicated, the same numbers in different drawings indicate the same or similar elements.Following exemplary embodiment Described in embodiment do not represent all embodiments consistent with the application.On the contrary, they be only with it is such as appended The example of the consistent device and method of some aspects be described in detail in claims, the application.
It is only to be not intended to be limiting the application merely for for the purpose of describing particular embodiments in term used in this application. It is also intended in the application and the "an" of singular used in the attached claims, " described " and "the" including majority Form, unless the context clearly indicates other meaning.It is also understood that term "and/or" used herein refers to and wraps It may be combined containing one or more associated any or all of project listed.
It will be appreciated that though various information, but this may be described using term first, second, third, etc. in the application A little information should not necessarily be limited by these terms.These terms are only used to for same type of information being distinguished from each other out.For example, not departing from In the case where the application range, the first information can also be referred to as the second information, and similarly, the second information can also be referred to as One information.Depending on context, word as used in this " if " can be construed to " ... when " or " when ... When " or " in response to determination ".
Referring to FIG. 1, Fig. 1 is a kind of schematic diagram of message forwarding system.As shown in Figure 1, in practical applications, due to clothes Business end is typically deployed in private network, and client is then typically deployed in public network, and the safety in order to guarantee business datum, is led to Often do not allow directly be communicated between client and server-side, therefore usually can be between client and server-side Forwarding device is affixed one's name to, so that client be allow to access server-side by forwarding device, obtains the business datum in server-side.
In order to handle the access request that multiple client is directed to server-side simultaneously, multiple turns can be created in forwarding device Send out module.Wherein, forwarding module can be virtual machine, be also possible to the process for executing forwarding capability, the application to this not It is restricted.
In the related art, it can be respectively that each forwarding module in forwarding device configures a virtual ip address, be The virtual ip address of different forwarding module configurations is not generally also identical, client can based on some virtual ip address with it is corresponding Forwarding module communicated.It on the other hand, can be same for being led to server-side for all forwarding module configurations The IP address of letter, i.e., each forwarding module can be based respectively on the IP address and be communicated with server-side.
Specifically, by taking client 1 shown in FIG. 1 as an example, client 1 can be established with the forwarding module 1 in forwarding device Socket connection 11, to be communicated by socket connection 11 with forwarding module 1.On the other hand, forwarding module 1 can be with clothes Socket connection 21 is established at business end 1, to be communicated by socket connection 21 with server-side 1.
Forwarding module 1 can receive client 1 based on socket connection 11 and access the request report sent when server-side 1 Text.Wherein, the source IP address of the request message is the IP address of client 1, and the purpose IP address of the request message is forwarding mould The corresponding virtual ip address 1 of block 1.
Forwarding module 1 can carry out network address translation (Network Address to the request message Translation, NAT), the source IP address of the request message, which is converted to forwarding module 1 and is communicated with server-side, to be made The purpose IP address of the request message is converted to the IP address of server-side 1 by IP address X.In addition, forwarding module 1 may be used also With to the request message source port and destination port converted accordingly.
Request message after conversion can be transmitted to server-side 1 based on socket connection 21 by forwarding module 1, to make visitor The accessible server-side 1 in family end 1.
It should be noted that five-tuple (source IP address, purpose IP address, source port, the destination port of socket connection 11 And transport layer protocol) be the request message five-tuple, forwarding module 1 can not based on socket connection 11 handle five-tuple and The different message of the five-tuple of socket connection 11.Similarly, the five-tuple of socket connection 21 is the request report after the conversion The five-tuple of text, i.e. forwarding module 1 can not connect based on the processing five-tuple of socket connection 21 with socket 21 five-tuple not Same message.
I.e. for some forwarding module, the forwarding module client different from IP address is needed by different Socket connection is communicated, and the forwarding module server-side different from IP address needs to carry out by different socket connections Communication.Certainly, the different forwarding module of corresponding virtual ip address client identical from IP address is also required to by different Socket connection is communicated.
However, for an IP address, the theory of the quantity for the socket connection which can carry simultaneously Maximum value is 65535.It is communicated since forwarding module all in forwarding device is all based on the same IP address with server-side, Therefore the theoretical maximum of the quantity of socket connection concurrent between all forwarding modules and all server-sides is 65535, that is, allowing the quantity of concurrent socket connection, there are the upper limits.
To solve the above-mentioned problems, the application provides a kind of message forwarding method and device, with increase allow it is concurrent The quantity of socket connection, improves the resource utilization of forwarding device.
Referring to FIG. 2, Fig. 2 is a kind of flow chart of message forwarding method shown in one exemplary embodiment of the application.It should Method can be applied to the forwarding module in forwarding device shown in FIG. 1, include the following steps:
Step 201: based on connecting with the first socket that client is established, receiving the request report that the client is sent Text.
Step 202: mesh corresponding with the five-tuple of the first socket connection is determined from preset IP address network segment Mark IP address.
Step 203: being based on the target ip address and preset forwarding strategy, network address is carried out to the request message The source IP address of the request message is converted to the target ip address by conversion, and by the destination IP of the request message Address conversion is the IP address of server-side to be visited.
Step 204: being connect based on the 2nd socket established with the server-side, the request message after conversion is transmitted to The server-side.
In the present embodiment, it can be pre-configured with an IP address network segment, each forwarding module in forwarding device can be with Select an IP address as the IP address for being communicated with server-side from the IP address network segment, i.e., the forwarding module can To be communicated based on the IP address selected with server-side.
Client can access server-side by the forwarding module in forwarding device.
Specifically, client can send the request message for accessing server-side.Wherein, the source IP of the request message Location is the IP address of the client, and the purpose IP address of the request message is that the corresponding virtual ip address of forwarding module (as should The virtual ip address of forwarding module configuration).
The forwarding module can receive the request message based on connecting with the first socket that the client is established.
After receiving the request message, on the one hand, the forwarding module can based on the five-tuple of the first socket connection, From preconfigured IP address network segment, IP address corresponding with the five-tuple is determined, and the IP address is determined as Target IP Address.
In a kind of embodiment shown, which can be realized using following steps from preset IP address net Target ip address corresponding with the five-tuple of the first socket connection is determined in section:
Step 2021: determining the corresponding address mark of the five-tuple of the first socket connection.
Step 2022: from preset IP address network segment, being identified based on the address, determine the corresponding mesh of the five-tuple Mark IP address.
After receiving the request message, which can determine the five-tuple of the first socket connection correspondingly Location mark.Wherein, address mark and the IP address in preconfigured IP address network segment are one-to-one relationships, i.e. a ground Location mark can uniquely characterize the IP address in the IP address network segment.
It can store the corresponding relationship of address mark and the IP address in preconfigured IP address network segment in forwarding device.
After the corresponding address mark of five-tuple that the first socket connection has been determined, which can be right based on this It should be related to, determine that the address identifies corresponding IP address, so as to which the IP address is determined as the five of the first socket connection The corresponding target ip address of tuple.
Specifically, after receiving the request message, which can be first to the five-tuple of the first socket connection It carries out Hash (hash) to calculate, obtains the cryptographic Hash of the five-tuple of the first socket connection.
Subsequent, which can further the cryptographic Hash to the five-tuple of the first socket connection carry out at data Reason, is converted to key value for the cryptographic Hash.It should be noted that the IP address in key value and preconfigured IP address network segment It is one-to-one relationship, i.e., a key value can uniquely characterize the IP address in the IP address network segment.
It can store the corresponding relationship of the IP address in key value and preconfigured IP address network segment in forwarding device.
After the cryptographic Hash of five-tuple of the first socket connection is calculated, which can be closed based on the correspondence System, determines the corresponding IP address of key value, and the IP address is determined as to the corresponding target of five-tuple of the first socket connection IP address.
On the other hand, which can source IP address based on the request message and preconfigured forwarding plan Slightly, the corresponding forwarding strategy of the request message is determined.
It should be noted that forwarding strategy may include the IP address of server-side to be visited, it can from the request report The IP address for handling the server-side of the request message is determined in the corresponding forwarding strategy of source IP address of text.On the other hand, it forwards Strategy can be determining using modes such as ARP (Address Resolution Protocol, address resolution protocol) study and deposit Storage, be also possible to determining using other modes and store, the application to this with no restriction.
After the corresponding forwarding strategy of the request message has been determined, which can be based on the target ip address, with And the forwarding strategy, network address translation is carried out to the request message, the source IP address of the request message is converted into the mesh IP address is marked, and the purpose IP address of the request message is converted to the IP address of server-side to be visited.In addition, the forwarding mould Block can also source port to the request message and destination port converted accordingly.
In a kind of embodiment shown, the forwarding module in forwarding device can execute SLB function.
In this case, which can source IP address based on the request message and preconfigured turn Hair strategy, determines the corresponding forwarding strategy of the request message, so that it is determined that the IP address of the accessible server-side of the client. On the other hand, it can be based on preconfigured load balancing, select a server-side as wait visit from these server-sides The server-side asked, and the purpose IP address of the request message is converted to the IP address of server-side to be visited.Wherein, load is equal Weighing apparatus strategy can be pre-configured with by user, such as: the smallest server-side of present load can be selected from these server-sides, and will The purpose IP address of the request message is converted to the IP address of the smallest server-side of present load.
Subsequent, which can be connect based on the 2nd socket established with server-side to be visited, after conversion Request message be transmitted to the server-side.
In practical applications, which, can be based on asking after the conversion after receiving the request message after the conversion Message is asked to carry out corresponding business processing, and the business datum obtained based on processing constructs response message.Subsequent, which can The response message to be returned to the client for sending the request message, to make in the available server-side of the client Business datum.
It should be noted that the server-side can be constructed when the business datum obtained based on processing constructs response message The response report for the source IP address that source IP address is the IP address of the server-side, purpose IP address is request message after the conversion Text, and return to the response message.
The forwarding module can receive the response message based on connecting with the 2nd socket that the server-side is established.
After receiving the response message, which can carry out reversed network address to the response message and turn It changes, i.e., the source IP address of the response message is converted into the corresponding virtual ip address of the forwarding module, and by the response message Purpose IP address is converted to the IP address for sending the client of the request message.In addition, the forwarding module can also ask this The source port and destination port for seeking message are converted accordingly.
Subsequent, which can be based on connecting, by the response after conversion with the first socket that the client is established Message is transmitted to the client, to make the business datum in the available server-side of the client.
In the above-mentioned technical solutions, the forwarding module in forwarding device is in the access for receiving client and being sent to server-side When request, IP address corresponding with the access request can be determined from pre-set IP address network segment, and be based on five-tuple Including the IP address, the corresponding virtual ip address of the forwarding module, and the socket company of corresponding source port and destination port It connects, which is transmitted to the server-side.In this manner, since forwarding module all in forwarding device can be with It is communicated, and is no longer needed based on the same IP address with server-side based on the IP address network segment that one includes multiple IP address It is communicated with server-side, therefore the quantity of socket connection concurrent between all forwarding modules and all server-sides Theoretical maximum is 65535 × N (quantity that N is the IP address in the IP address network segment), it can increasing allows concurrently The quantity of socket connection, improves the resource utilization of forwarding device.
Above-mentioned technical proposal is illustrated below.
By taking client 1 shown in FIG. 1 and client 2 as an example, client 1 can establish socket with forwarding module 1 and connect 11, to be communicated by socket connection 11 with forwarding module 1;Client 2 can establish socket with forwarding module 1 and connect 12, to be communicated by socket connection 12 with forwarding module 1.Assuming that the five-tuple of socket connection 11 includes virtual IP address Location 1 (source IP address), the IP address (purpose IP address) of client 1, port 11 (source port) and port 21 (destination port), The five-tuple of socket connection 12 includes virtual ip address 1 (source IP address), the IP address (purpose IP address) of client 2, end 31 (source ports) of mouth and port 22 (destination port).
It on the other hand, can be for forwarding module all in forwarding device with configuring an IP for communicating with server-side Location network segment.Assuming that storing address mark as shown in table 1 below in forwarding device with the IP in preconfigured IP address network segment The corresponding relationship of location:
Address mark IP address in IP address network segment
Address mark 1 IP address 1
Address mark 2 IP address 2
…… ……
Table 1
In one example, forwarding module 1 can be based on socket connection 11, receive the request report of the transmission of client 1 Text.Wherein, the source IP address of the request message is the IP address of client 1, and purpose IP address is that forwarding module 1 is corresponding virtual IP address 1, source port are the port 11 of client, and destination port is the port 21 of forwarding module 1.
After receiving the request message, on the one hand, forwarding module 1 can determine the five-tuple of socket connection 11 (i.e. The five-tuple of the request message) corresponding address mark.Assuming that the corresponding address of five-tuple of socket connection 11 is identified as ground Location mark 1, then based on corresponding relationship as listed in Table 1, can determine that address identifies 1 corresponding IP address is IP address 1, from And IP address 1 can be determined as to the corresponding target ip address of five-tuple of socket connection 11.
On the other hand, forwarding module 1 can the source IP address (i.e. the IP address of client 1) based on the request message, with And preconfigured forwarding strategy, determine the corresponding forwarding strategy of the request message.Assuming that be visited in the forwarding strategy The IP address of server-side is the IP address of server-side 1, then forwarding module 1 can carry out network address translation to the request message, The source IP address of the request message is converted to IP address 1, and the purpose IP address of the request message is converted into server-side 1 IP address.
In addition, forwarding module 1 is also based on the forwarding strategy, the source port and destination port to the request message are carried out Corresponding conversion.Assuming that the source port of the request message is converted to forwarding module 1 by the port 11 of client 1 by forwarding module 1 Port 22, and the destination port of the request message is converted to the port 31 of server-side 1 by the port 21 of forwarding module 1.
Forwarding module 1 can establish socket with server-side 1 and connect 21, with by socket connection 21 and server-side 1 into Row communication.Assuming that the five-tuple of socket connection 21 includes IP address 1 (source IP address), the IP address of server-side 1 (destination IP Location), port 22 (source port) and port 31 (destination port), then forwarding module 1 can be based on socket connection 21, after conversion Request message be transmitted to server-side 1.
Server-side 1 can be carried out corresponding after receiving the request message after the conversion based on the request message after the conversion Business processing, and response message is constructed based on the obtained business datum of processing.Wherein, the source IP address of the response message is clothes The IP address at business end 1, purpose IP address are IP address 1, and source port is the port 31 of server-side 1, and destination port is forwarding module 1 Port 22.
Forwarding module 1 can be based on socket connection 21, receive the response message of the transmission of server-side 1.
After receiving the response message, forwarding module 1 can carry out reversed network address translation to the response message, Will the source IP address of the response message be converted to virtual ip address 1, and the purpose IP address of the response message is converted into visitor The IP address at family end 1.In addition, forwarding module 1 can also be converted to the source port of the response message by the port 31 of server-side 1 The port 21 of forwarding module 1, and the destination port of the response message is converted into client 1 by the port 22 of conversion module 1 Port 11.
Subsequent, forwarding module 1 can be based on socket connection 11, and the response message after conversion is transmitted to client 1, from And make the business datum in the available server-side 1 of client 1.
In another example, forwarding module 1 can be based on socket connection 12, receive the request of the transmission of client 2 Message.Wherein, the source IP address of the request message is the IP address of client 2, and purpose IP address is the corresponding void of forwarding module 1 Quasi- IP address 1, source port are the port 41 of client, and destination port is the port 23 of forwarding module 1.
After receiving the request message, on the one hand, forwarding module 1 can determine the five-tuple of socket connection 12 (i.e. The five-tuple of the request message) corresponding address mark.Assuming that the corresponding address of five-tuple of socket connection 12 is identified as ground Location mark 2, then based on corresponding relationship as listed in Table 1, can determine that address identifies 2 corresponding IP address is IP address 2, from And IP address 2 can be determined as to the corresponding target ip address of five-tuple of socket connection 12.
On the other hand, forwarding module 1 can the source IP address (i.e. the IP address of client 2) based on the request message, with And preconfigured forwarding strategy, determine the corresponding forwarding strategy of the request message.Assuming that be visited in the forwarding strategy The IP address of server-side is the IP address of server-side 1, then forwarding module 1 can carry out network address translation to the request message, The source IP address of the request message is converted to IP address 2, and the purpose IP address of the request message is converted into server-side 1 IP address.
In addition, forwarding module 1 is also based on the forwarding strategy, the source port and destination port to the request message are carried out Corresponding conversion.Assuming that the source port of the request message is converted to forwarding module 1 by the port 41 of client 1 by forwarding module 1 Port 24, and the destination port of the request message is converted to the port 32 of server-side 1 by the port 23 of forwarding module 1.
Forwarding module 1 can establish socket with server-side 1 and connect 22, with by socket connection 22 and server-side 1 into Row communication.Assuming that the five-tuple of socket connection 22 includes IP address 2 (source IP address), the IP address of server-side 1 (destination IP Location), port 24 (source port) and port 32 (destination port), then forwarding module 1 can be based on socket connection 22, after conversion Request message be transmitted to server-side 1.
Server-side 1 can be carried out corresponding after receiving the request message after the conversion based on the request message after the conversion Business processing, and response message is constructed based on the obtained business datum of processing.Wherein, the source IP address of the response message is clothes The IP address at business end 1, purpose IP address are IP address 2, and source port is the port 32 of server-side 1, and destination port is forwarding module 1 Port 24.
Forwarding module 1 can be based on socket connection 22, receive the response message of the transmission of server-side 1.
After receiving the response message, forwarding module 1 can carry out reversed network address translation to the response message, Will the source IP address of the response message be converted to virtual ip address 1, and the purpose IP address of the response message is converted into visitor The IP address at family end 2.In addition, forwarding module 1 can also be converted to the source port of the response message by the port 32 of server-side 1 The port 23 of forwarding module 1, and the destination port of the response message is converted into client 2 by the port 24 of conversion module 1 Port 41.
Subsequent, forwarding module 1 can be based on socket connection 12, and the response message after conversion is transmitted to client 2, from And make the business datum in the available server-side 1 of client 2.
Corresponding with the embodiment of aforementioned message forwarding method, present invention also provides the embodiments of apparatus for forwarding message.
The embodiment of the application apparatus for forwarding message can be applied on forwarding device.Installation practice can pass through software It realizes, can also be realized by way of hardware or software and hardware combining.Taking software implementation as an example, as on a logical meaning Device, be in being read computer program instructions corresponding in nonvolatile memory by the processor of equipment where it Deposit what middle operation was formed.For hardware view, as shown in figure 3, for the one of the application apparatus for forwarding message place forwarding device Kind hardware structure diagram, other than processor shown in Fig. 3, memory, network interface and nonvolatile memory, embodiment The actual functional capability that forwarding device where middle device is forwarded generally according to the message can also include other hardware, no longer to this It repeats.
Referring to FIG. 4, Fig. 4 is a kind of block diagram of apparatus for forwarding message shown in one exemplary embodiment of the application.The dress 400 forwarding modules that can be applied in forwarding device shown in Fig. 3 are set, the forwarding device includes multiple forwarding modules, institute Stating device 400 may include:
First receiving unit 401, for based on connecting with the first socket that client is established, receiving the client hair The request message sent;
Determination unit 402, for determining the five-tuple connecting with the first socket from preset IP address network segment Corresponding target ip address;
First converting unit 403, for being based on the target ip address and preset forwarding strategy, to the request message Network address translation is carried out, the source IP address of the request message is converted into the target ip address, and by the request The purpose IP address of message is converted to the IP address of server-side to be visited;
First retransmission unit 404, for being connect based on the 2nd socket established with the server-side, by asking after conversion Message is asked to be transmitted to the server-side.
In an alternative embodiment, the determination unit 402 specifically can be used for:
Determine the corresponding address mark of the five-tuple of the first socket connection;
From preset IP address network segment, is identified based on the address, determine the corresponding target ip address of the five-tuple.
In an alternative embodiment, the determination unit 402 specifically can be used for:
Based on the calculated result that Hash calculation obtains is carried out to the first socket connection, the first socket is determined The corresponding address mark of the five-tuple of connection.
In an alternative embodiment, first converting unit 403 specifically can be used for:
Based on preset load balancing, the IP address of server-side to be visited is determined;
The purpose IP address of the request message is converted to the IP address of the server-side.
In an alternative embodiment, described device 400 can also include:
Second receiving unit 405 receives the response report that the server-side returns for being based on the 2nd socket connection Text;
Second converting unit 406, for carrying out reversed network address translation to the response message, by the response The source IP address of message is converted to the corresponding virtual ip address of the forwarding module, and by the purpose IP address of the response message Be converted to the IP address of the client;
Response message after conversion is transmitted to institute for being based on the first socket connection by the second retransmission unit 407 State client.
The function of each unit and the realization process of effect are specifically detailed in the above method and correspond to step in above-mentioned apparatus Realization process, details are not described herein.
For device embodiment, since it corresponds essentially to embodiment of the method, so related place is referring to method reality Apply the part explanation of example.The apparatus embodiments described above are merely exemplary, wherein described be used as separation unit The unit of explanation may or may not be physically separated, and component shown as a unit can be or can also be with It is not physical unit, it can it is in one place, or may be distributed over multiple network units.It can be according to actual The purpose for needing to select some or all of the modules therein to realize application scheme.Those of ordinary skill in the art are not paying Out in the case where creative work, it can understand and implement.
A kind of electronic equipment is provided in one exemplary embodiment of the application, the electronic equipment may include: processor And machine readable storage medium;
By the executable finger of machine corresponding with the control logic of message forwarding for reading and executing the memory storage It enables, the processor is prompted to:
Based on connecting with the first socket that client is established, the request message that the client is sent is received;
Target ip address corresponding with the five-tuple of the first socket connection is determined from preset IP address network segment;
Based on the target ip address and preset forwarding strategy, network address translation is carried out to the request message, with The source IP address of the request message is converted into the target ip address, and the purpose IP address of the request message is converted For the IP address of server-side to be visited;
It is connect based on the 2nd socket established with the server-side, the request message after conversion is transmitted to the service End.
In an alternative embodiment, it is patrolled by reading and executing the control with message forwarding of the memory storage Corresponding machine-executable instruction is collected, the processor is prompted to:
Determine the corresponding address mark of the five-tuple of the first socket connection;
From preset IP address network segment, is identified based on the address, determine the corresponding target ip address of the five-tuple.
In an alternative embodiment, it is patrolled by reading and executing the control with message forwarding of the memory storage Corresponding machine-executable instruction is collected, the processor is prompted to:
Based on the calculated result that Hash calculation obtains is carried out to the first socket connection, the first socket is determined The corresponding address mark of the five-tuple of connection.
In an alternative embodiment, it is patrolled by reading and executing the control with message forwarding of the memory storage Corresponding machine-executable instruction is collected, the processor is prompted to:
Based on preset load balancing, the IP address of server-side to be visited is determined;
The purpose IP address of the request message is converted to the IP address of the server-side.
In an alternative embodiment, it is patrolled by reading and executing the control with message forwarding of the memory storage Corresponding machine-executable instruction is collected, the processor is also prompted to:
Based on the 2nd socket connection, the response message that the server-side returns is received;
Reversed network address translation is carried out to the response message, and the source IP address of the response message is converted to The corresponding virtual ip address of the forwarding module, and the purpose IP address of the response message is converted to the IP of the client Address;
Based on the first socket connection, the response message after conversion is transmitted to the client.
A kind of machine readable storage medium is provided in one exemplary embodiment of the application, such as: including computer instruction Memory, the machine-executable instruction can by the processor of apparatus for forwarding message execute to complete the above method, it is described Method may include:
Based on connecting with the first socket that client is established, the request message that the client is sent is received;
Target ip address corresponding with the five-tuple of the first socket connection is determined from preset IP address network segment;
Based on the target ip address and preset forwarding strategy, network address translation is carried out to the request message, with The source IP address of the request message is converted into the target ip address, and the purpose IP address of the request message is converted For the IP address of server-side to be visited;
It is connect based on the 2nd socket established with the server-side, the request message after conversion is transmitted to the service End.
In an alternative embodiment, the determination from preset IP address network segment is connect with the first socket The corresponding target ip address of five-tuple, may include:
Determine the corresponding address mark of the five-tuple of the first socket connection;
From preset IP address network segment, is identified based on the address, determine the corresponding target ip address of the five-tuple.
In an alternative embodiment, the corresponding address label of five-tuple of the determination the first socket connection Know, may include:
Based on the calculated result that Hash calculation obtains is carried out to the first socket connection, the first socket is determined The corresponding address mark of the five-tuple of connection.
In an alternative embodiment, the purpose IP address by the request message is converted to service to be visited The IP address at end may include:
Based on preset load balancing, the IP address of server-side to be visited is determined;
The purpose IP address of the request message is converted to the IP address of the server-side.
In an alternative embodiment, the method can also include:
Based on the 2nd socket connection, the response message that the server-side returns is received;
Reversed network address translation is carried out to the response message, and the source IP address of the response message is converted to The corresponding virtual ip address of the forwarding module, and the purpose IP address of the response message is converted to the IP of the client Address;
Based on the first socket connection, the response message after conversion is transmitted to the client.
The foregoing is merely the preferred embodiments of the application, not to limit the application, all essences in the application Within mind and principle, any modification, equivalent substitution, improvement and etc. done be should be included within the scope of the application protection.

Claims (12)

1. a kind of message forwarding method, which is characterized in that the method is applied to the forwarding module in forwarding device, the forwarding Equipment includes multiple forwarding modules, which comprises
Based on connecting with the first socket that client is established, the request message that the client is sent is received;
Target ip address corresponding with the five-tuple of the first socket connection is determined from preset IP address network segment;
Based on the target ip address and preset forwarding strategy, network address translation is carried out to the request message, by institute The source IP address for stating request message is converted to the target ip address, and by the purpose IP address of the request message be converted to The IP address of the server-side of access;
It is connect based on the 2nd socket established with the server-side, the request message after conversion is transmitted to the server-side.
2. the method according to claim 1, wherein described determining with described the from preset IP address network segment The corresponding target ip address of five-tuple of one socket connection, comprising:
Determine the corresponding address mark of the five-tuple of the first socket connection;
From preset IP address network segment, is identified based on the address, determine the corresponding target ip address of the five-tuple.
3. according to the method described in claim 2, it is characterized in that, the five-tuple pair of the determination the first socket connection The address mark answered, comprising:
Based on the calculated result that Hash calculation obtains is carried out to the first socket connection, the first socket connection is determined Five-tuple corresponding address mark.
4. the method according to claim 1, wherein the purpose IP address by the request message is converted to The IP address of server-side to be visited, comprising:
Based on preset load balancing, the IP address of server-side to be visited is determined;
The purpose IP address of the request message is converted to the IP address of the server-side.
5. the method according to claim 1, wherein the method also includes:
Based on the 2nd socket connection, the response message that the server-side returns is received;
Reversed network address translation is carried out to the response message, the source IP address of the response message is converted to described The corresponding virtual ip address of forwarding module, and with being converted to the IP of the client by the purpose IP address of the response message Location;
Based on the first socket connection, the response message after conversion is transmitted to the client.
6. a kind of apparatus for forwarding message, which is characterized in that described device is applied to the forwarding module in forwarding device, the forwarding Equipment includes multiple forwarding modules, and described device includes:
First receiving unit, for based on connecting with the first socket that client is established, receiving asking for the client transmission Seek message;
Determination unit, for determining mesh corresponding with the five-tuple of the first socket connection from preset IP address network segment Mark IP address;
First converting unit carries out net to the request message for being based on the target ip address and preset forwarding strategy The source IP address of the request message is converted to the target ip address by network address conversion, and by the request message Purpose IP address is converted to the IP address of server-side to be visited;
First retransmission unit, for being connect based on the 2nd socket established with the server-side, by the request message after conversion It is transmitted to the server-side.
7. the apparatus according to claim 1, which is characterized in that the determination unit is specifically used for:
Determine the corresponding address mark of the five-tuple of the first socket connection;
From preset IP address network segment, is identified based on the address, determine the corresponding target ip address of the five-tuple.
8. device according to claim 7, which is characterized in that the determination unit is specifically used for:
Based on the calculated result that Hash calculation obtains is carried out to the first socket connection, the first socket connection is determined Five-tuple corresponding address mark.
9. the apparatus according to claim 1, which is characterized in that first converting unit is specifically used for:
Based on preset load balancing, the IP address of server-side to be visited is determined;
The purpose IP address of the request message is converted to the IP address of the server-side.
10. the apparatus according to claim 1, which is characterized in that described device further include:
Second receiving unit receives the response message that the server-side returns for being based on the 2nd socket connection;
Second converting unit, for carrying out reversed network address translation to the response message, by the response message Source IP address is converted to the corresponding virtual ip address of the forwarding module, and the purpose IP address of the response message is converted to The IP address of the client;
Response message after conversion is transmitted to the client for being based on the first socket connection by the second retransmission unit End.
11. a kind of electronic equipment, which is characterized in that the electronic equipment includes: processor and machine readable storage medium;
The machine readable storage medium is stored with the machine-executable instruction that can be executed by the processor, the processor Promoted to execute method as claimed in claim 1 to 5 by the machine-executable instruction.
12. a kind of machine readable storage medium, which is characterized in that the machine readable storage medium is stored with the executable finger of machine It enables, when being called and being executed by processor, the machine-executable instruction promotes the processor to execute such as claim 1 to 5 Any method.
CN201811513544.2A 2018-12-11 2018-12-11 Message forwarding method and device Active CN109525684B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201811513544.2A CN109525684B (en) 2018-12-11 2018-12-11 Message forwarding method and device

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201811513544.2A CN109525684B (en) 2018-12-11 2018-12-11 Message forwarding method and device

Publications (2)

Publication Number Publication Date
CN109525684A true CN109525684A (en) 2019-03-26
CN109525684B CN109525684B (en) 2022-09-30

Family

ID=65795999

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201811513544.2A Active CN109525684B (en) 2018-12-11 2018-12-11 Message forwarding method and device

Country Status (1)

Country Link
CN (1) CN109525684B (en)

Cited By (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN110868344A (en) * 2019-10-17 2020-03-06 北京全路通信信号研究设计院集团有限公司 Method, system, device and computer readable medium for simulating MVB
CN111158864A (en) * 2019-12-31 2020-05-15 奇安信科技集团股份有限公司 Data processing method, device, system, medium, and program
CN112751786A (en) * 2020-12-28 2021-05-04 长沙星融元数据技术有限公司 SLB acceleration system, method, device, equipment and medium based on programmable switch
CN112929277A (en) * 2019-12-06 2021-06-08 华为技术有限公司 Message processing method and device
WO2021115183A1 (en) * 2019-12-12 2021-06-17 中兴通讯股份有限公司 Address management method, server and computer-readable storage medium
CN115767684A (en) * 2022-11-09 2023-03-07 深圳金信诺高新技术股份有限公司 Data transmission method, device, equipment and medium

Citations (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20030118002A1 (en) * 2001-12-21 2003-06-26 Patrick Bradd Methods and apparatus for setting up telephony connections between two address domains having overlapping address ranges
CN101060493A (en) * 2007-05-14 2007-10-24 中兴通讯股份有限公司 A method of private network user access the server in a private network through domain name
CN102638407A (en) * 2012-04-17 2012-08-15 北京星网锐捷网络技术有限公司 Message forwarding method, device and network equipment
CN103384255A (en) * 2011-12-31 2013-11-06 华为数字技术(成都)有限公司 Load balancing method, server and system for virtual machine cluster
CN103701945A (en) * 2013-12-16 2014-04-02 浙江宇视科技有限公司 Address translation method and address translation device
CN103825976A (en) * 2014-03-04 2014-05-28 杭州华三通信技术有限公司 NAT (network address translation) processing method and device in distributed system architecture
CN106899710A (en) * 2017-04-26 2017-06-27 上海优刻得信息科技有限公司 IP address conversion method, IP address conversion device and gateway system
WO2017113300A1 (en) * 2015-12-31 2017-07-06 华为技术有限公司 Route determining method, network configuration method and related device

Patent Citations (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20030118002A1 (en) * 2001-12-21 2003-06-26 Patrick Bradd Methods and apparatus for setting up telephony connections between two address domains having overlapping address ranges
CN101060493A (en) * 2007-05-14 2007-10-24 中兴通讯股份有限公司 A method of private network user access the server in a private network through domain name
CN103384255A (en) * 2011-12-31 2013-11-06 华为数字技术(成都)有限公司 Load balancing method, server and system for virtual machine cluster
CN102638407A (en) * 2012-04-17 2012-08-15 北京星网锐捷网络技术有限公司 Message forwarding method, device and network equipment
CN103701945A (en) * 2013-12-16 2014-04-02 浙江宇视科技有限公司 Address translation method and address translation device
CN103825976A (en) * 2014-03-04 2014-05-28 杭州华三通信技术有限公司 NAT (network address translation) processing method and device in distributed system architecture
WO2017113300A1 (en) * 2015-12-31 2017-07-06 华为技术有限公司 Route determining method, network configuration method and related device
CN106899710A (en) * 2017-04-26 2017-06-27 上海优刻得信息科技有限公司 IP address conversion method, IP address conversion device and gateway system

Cited By (11)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN110868344A (en) * 2019-10-17 2020-03-06 北京全路通信信号研究设计院集团有限公司 Method, system, device and computer readable medium for simulating MVB
CN110868344B (en) * 2019-10-17 2022-04-19 北京全路通信信号研究设计院集团有限公司 Method, system, device and computer readable medium for simulating MVB
CN112929277A (en) * 2019-12-06 2021-06-08 华为技术有限公司 Message processing method and device
CN112929277B (en) * 2019-12-06 2024-03-05 华为云计算技术有限公司 Message processing method and device
WO2021115183A1 (en) * 2019-12-12 2021-06-17 中兴通讯股份有限公司 Address management method, server and computer-readable storage medium
CN112995349A (en) * 2019-12-12 2021-06-18 中兴通讯股份有限公司 Address management method, server, and computer-readable storage medium
CN111158864A (en) * 2019-12-31 2020-05-15 奇安信科技集团股份有限公司 Data processing method, device, system, medium, and program
CN111158864B (en) * 2019-12-31 2023-05-30 奇安信科技集团股份有限公司 Data processing method, device, system, medium, and program
CN112751786A (en) * 2020-12-28 2021-05-04 长沙星融元数据技术有限公司 SLB acceleration system, method, device, equipment and medium based on programmable switch
CN115767684A (en) * 2022-11-09 2023-03-07 深圳金信诺高新技术股份有限公司 Data transmission method, device, equipment and medium
CN115767684B (en) * 2022-11-09 2023-09-08 深圳金信诺高新技术股份有限公司 Data transmission method, device, equipment and medium

Also Published As

Publication number Publication date
CN109525684B (en) 2022-09-30

Similar Documents

Publication Publication Date Title
CN109525684A (en) Message forwarding method and device
CN105554065B (en) Handle method, converting unit and the applying unit of message
AU2015256010B2 (en) Migration of applications between an enterprise-based network and a multi-tenant network
JP5809696B2 (en) Distributed virtual network gateway
CN107317887B (en) A kind of load-balancing method, device and system
CN106464564B (en) Method, system and the computer-readable medium for encapsulating and routing for network packet
CN108475251A (en) It is put for the virtual network of container, heat exchange, pyrocondensation and disaster recovery
CN108476208A (en) Multi-path transmission designs
CN102185936B (en) DNS (domain name system) service system and method based on Linux operation system
CN109937400A (en) The stream mode of real-time migration for virtual machine transmits
US10333901B1 (en) Policy based data aggregation
CN105577723A (en) Method of realizing load sharing in virtualization network and apparatus thereof
CN111698346B (en) Private network address conversion method and device, private network gateway and storage medium
CN105554176B (en) Send the method, apparatus and communication system of message
CN108737224A (en) A kind of message processing method and device based on micro services framework
JP2013105308A (en) Load distribution system, load distribution device, load distribution method and load distribution program
US20220263793A1 (en) Cloud infrastructure resources for connecting a service provider private network to a customer private network
US11496599B1 (en) Efficient flow management utilizing control packets
US9055117B1 (en) Distributed network address translation
CN109474713A (en) Message forwarding method and device
CN108833472B (en) System is established in the connection of cloud host
CN107547346A (en) A kind of message transmitting method and device
CN106027356A (en) Tunnel identifier conversion method and device
CN103634298B (en) A kind of data base's connection processing method and device
US9641611B2 (en) Logical interface encoding

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant