CN110177128A - Data transmission system and method for establishing VPN connection, terminal and VPN proxy thereof - Google Patents

Data transmission system and method for establishing VPN connection, terminal and VPN proxy thereof Download PDF

Info

Publication number
CN110177128A
CN110177128A CN201910301355.7A CN201910301355A CN110177128A CN 110177128 A CN110177128 A CN 110177128A CN 201910301355 A CN201910301355 A CN 201910301355A CN 110177128 A CN110177128 A CN 110177128A
Authority
CN
China
Prior art keywords
vpn
terminal
agent client
http
connection
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN201910301355.7A
Other languages
Chinese (zh)
Other versions
CN110177128B (en
Inventor
王华涛
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Cloudminds Shanghai Robotics Co Ltd
Original Assignee
Cloudminds Shenzhen Robotics Systems Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Cloudminds Shenzhen Robotics Systems Co Ltd filed Critical Cloudminds Shenzhen Robotics Systems Co Ltd
Priority to CN201910301355.7A priority Critical patent/CN110177128B/en
Publication of CN110177128A publication Critical patent/CN110177128A/en
Application granted granted Critical
Publication of CN110177128B publication Critical patent/CN110177128B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L12/00Data switching networks
    • H04L12/28Data switching networks characterised by path configuration, e.g. LAN [Local Area Networks] or WAN [Wide Area Networks]
    • H04L12/46Interconnection of networks
    • H04L12/4641Virtual LANs, VLANs, e.g. virtual private networks [VPN]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/14Session management
    • H04L67/141Setup of application sessions
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/50Network services
    • H04L67/56Provisioning of proxy services
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L69/00Network arrangements, protocols or services independent of the application payload and not provided for in the other groups of this subclass
    • H04L69/26Special purpose or proprietary protocols or architectures

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Security & Cryptography (AREA)
  • Computing Systems (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)

Abstract

The present disclosure relates to a data transmission system and a method, a terminal and a VPN agent for establishing VPN connection, wherein the data transmission system comprises: a terminal, a virtual private network, VPN, server, and a VPN agent for establishing a VPN connection between said terminal and said VPN server; the terminal comprises a first http proxy client supporting a QUIC protocol and used for establishing connection with the VPN proxy based on the QUIC protocol; the VPN agent is used for establishing connection with the VPN server based on a Transmission Control Protocol (TCP) protocol so as to establish VPN connection between the terminal and the VPN server. The method and the device are used for solving the technical problems that the efficiency of network data transmission by using a classical protocol is low and the upgrading difficulty is high in the related technology.

Description

Data transmission system and its method, terminal, the VPN agency for establishing VPN connection
Technical field
This disclosure relates to technical field of data transmission, and in particular, to a kind of data transmission system and it establishes VPN connection Method, terminal, VPN agency.
Background technique
With the rapid development of mobile Internet with the gradually rise of Internet of Things, the scene of network interaction is more and more abundant, The content of network transmission is also more and more huger, and user wants network transmission efficiency and WEB (World WideWeb) response speed Ask also higher and higher.
In the related technology, classical protocols such as TCP and tls protocol, classical protocols are used in the application scenarios of network transmission Efficiency of transmission it is low, it is difficult to meet requirement to efficient network transmission, on the other hand, classical protocols are dependent on operation system The support of system, intermediate equipment, upgrading difficulty are big.
Summary of the invention
Purpose of this disclosure is to provide a kind of data transmission systems and its method, terminal, VPN of establishing VPN connection to act on behalf of, For solving to carry out network data transmission inefficiency using classical protocols in the related technology, and upgrades the big technology of difficulty and ask Topic.
To achieve the goals above, the embodiment of the present disclosure in a first aspect, providing a kind of data transmission system, comprising:
Terminal, Virtual Private Network vpn server, and for being established between the terminal and the vpn server The VPN of VPN connection is acted on behalf of;
Wherein, the terminal include support QUIC agreement the first http agent client, for based on QUIC agreement with The VPN agency establishes connection;
The VPN agency is used for, and establishes connection based on transmission control protocol TCP agreement and the vpn server, to establish Play the VPN connection between the terminal and the vpn server.
Optionally, the VPN agency includes the http proxy server for supporting QUIC agreement, and the terminal includes configuration mould Block, for obtaining the address information for the http proxy server that the VPN agency includes, and according to the address information pair The first http agent client is configured.
Optionally, the terminal includes supporting the 2nd http agent client of Transmission Control Protocol;
The terminal is also used to, and when receiving vpn tunneling foundation instruction, determines that the first http agent client is It is no to be in initiate mode;
If the first http agent client is not in initiate mode, based on the 2nd http agent client with The VPN agency establishes connection.
Optionally, the terminal is also used to, when the first http agent client is in initiate mode, described in foundation TCP connection between 2nd http agent client and the first http agent client, the 2nd http proxy client Hold the data for sending Transmission Control Protocol to the first http agent client.
Optionally, the VPN agency is deployed on same electronic equipment with the vpn server.
The second aspect of the embodiment of the present disclosure, provides a kind of VPN agency, and the VPN agency is to appoint in above-mentioned first aspect The agency of VPN described in one.
The third aspect of the embodiment of the present disclosure, provides a kind of terminal, and the terminal is any one of above-mentioned first aspect institute The terminal stated.
The fourth aspect of the embodiment of the present disclosure provides a kind of VPN establishment of connection method, is applied to terminal, comprising:
When receiving VPN connection foundation instruction, determine whether the first http agent client in the terminal is in Initiate mode, the first http agent client are the http agent clients for supporting QUIC agreement;
If the first http agent client is in initiate mode, based on the first http agent client with VPN agency establishes connection, and the VPN agency is for establishing connection based on Transmission Control Protocol and vpn server, to set up the end VPN connection between end and the vpn server.
Optionally, it is acted on behalf of described based on the first http agent client and VPN before establishing connection, comprising:
The TCP established between the 2nd http agent client and the first http agent client in the terminal connects It connects, the 2nd http agent client is the http agent client that Transmission Control Protocol is supported in the terminal.
Optionally, the method also includes:
Obtain the address information of the http proxy server for the support QUIC agreement that the VPN agency includes;
The first http agent client is configured according to the address information;
It is described that connection is established based on the first http agent client and VPN agency, comprising:
The http proxy server for the support QUIC agreement for including according to the address information and VPN agency, which is established, to be connected It connects.
Through the above technical solutions, the first http agent client of the support QUIC agreement that terminal includes is assisted based on QUIC View establishes connection with VPN agency, and VPN agency establishes connection based on Transmission Control Protocol and the vpn server, so that terminal obtained Information can be transmitted to VPN agency based on QUIC agreement, and the transmission rate of QUIC agreement is fast, and independent of operating system in Between equipment, can satisfy requirement to efficient network transmission in the application scenarios of subnetwork transmission.
Other feature and advantage of the disclosure will the following detailed description will be given in the detailed implementation section.
Detailed description of the invention
Attached drawing is and to constitute part of specification for providing further understanding of the disclosure, with following tool Body embodiment is used to explain the disclosure together, but does not constitute the limitation to the disclosure.In the accompanying drawings:
Fig. 1 is a kind of block diagram of data transmission system shown according to an exemplary embodiment.
Fig. 2 is a kind of another block diagram of data transmission system shown according to an exemplary embodiment.
Fig. 3 is a kind of another block diagram of data transmission system shown according to an exemplary embodiment.
Fig. 4 is a kind of flow chart of VPN establishment of connection method shown according to an exemplary embodiment.
Fig. 5 is a kind of another flow chart of VPN establishment of connection method shown according to an exemplary embodiment.
Fig. 6 is a kind of another flow chart of VPN establishment of connection method shown according to an exemplary embodiment.
Fig. 7 is a kind of block diagram of terminal shown according to an exemplary embodiment.
Specific embodiment
It is described in detail below in conjunction with specific embodiment of the attached drawing to the disclosure.It should be understood that this place is retouched The specific embodiment stated is only used for describing and explaining the disclosure, is not limited to the disclosure.
It being risen since internet the 1990s, most of Internet data transmission all uses some classical protocols, Such as it is routed, using IPV4 (Internet Protocol version 4) using TCP (Transmission Control Protocol) it carries out the flow control of linking layer, guarantee to pass using TLS (Transport Layer Security) Defeated safety etc..
On the other hand, with the rapid development of mobile Internet with the gradually rise of Internet of Things, user is to network transmission effect The requirement of rate and WEB response speed is also higher and higher, however most of Internet data transmission still uses classical protocols at present, Transmission rate is difficult to meet the needs of high efficiency data transmission applications scene, if realized on existing TCP, tls protocol One completely new application layer protocol, dependent on the support of operating system, intermediate equipment, lower deployment cost is high, realizes that difficulty is big.
To solve the above-mentioned problems, the embodiment of the present disclosure proposes a kind of data transmission system, as shown in Figure 1, the system packet It includes:
Terminal 10, Virtual Private Network vpn server 30, and in the terminal 10 and the vpn server 30 Between establish VPN connection VPN agency 20;
Wherein, the terminal 10 includes supporting the first http agent client 110 of QUIC agreement, for being assisted based on QUIC View establishes connection with VPN agency 20;
The VPN agency 20 is used for, and establishes connection based on transmission control protocol TCP agreement and the vpn server 30, with Set up the VPN connection between the terminal 10 and the vpn server 30.
Compared to present widely applied HTTP/2.0 agreement and tls protocol, QUIC (Quick UDPInternet Connection) agreement is a kind of agreement that multipath concurrence transmission is carried out using UDP (User Datagram Protocol), Reduce the three-way handshake of TCP and shaking hands the time for TLS, and due to using udp protocol, so that the efficiency of transmission of data is high.
Specifically, terminal 10 can be the electronic equipment that user uses, such as computer, and the quantity of terminal 10 can be one Or it is multiple.VPN agency 20 is virtual module, for constructing vpn tunneling, such as can be the mould based on OpenVPN software building Block.First http agent client 110 is the agent client for supporting QUIC agreement, can be for based on OpenVPN software building Module, such as QUIC Http-Proxy Client module.First http agent client 110 is deployed in terminal 10, is used for Connection is established based on QUIC agreement and VPN agency 20.In addition, VPN agency 20 is based on Transmission Control Protocol and the vpn server 30 establish connection, wherein vpn server 30 is to provide the electronic equipment of calculating, the quantity of vpn server 30 can for one or It is multiple.
As shown in Figure 1, terminal 10 has 2, and vpn server 30 has 2, VPN agency in a kind of possible embodiment 20 are deployed in independent server.Connection, VPN agency are established based on QUIC agreement between VPN agency 20 and each terminal 10 Connection is established based on Transmission Control Protocol between 20 and each vpn server 30.And then terminal 10 needs to transmit number to vpn server 30 According to when, VPN agency 20 first can be sent data to based on QUIC agreement, then VPN agency 20 is again based on Transmission Control Protocol by data It is transmitted to vpn server 30, due to having used the faster QUIC agreement of speed, Jin Erjia between VPN agency 20 and terminal 10 Fast data transmission efficiency.On the other hand, in the embodiment shown in FIG. 1, due to VPN agency 20 and vpn server 30 It is deployed in the same IDC (Internet Data Center, Internet data center), is transmitted using other agreement brings The raising of rate is not obvious, therefore still uses Transmission Control Protocol between VPN agency 20 and vpn server 30, without taking to VPN Business device 30 is transformed, and reduces system holistic conformation difficulty.Furthermore it can be with by vpn tunneling transmission data using VPN agency 20 So that the transmission of data is safer, terminal 10 only needs to connect VPN and acts on behalf of 20 corresponding ports, and different terminals 10 can lead to The different vpn server 30 of 20 connection of VPN agency is crossed, load balancing can be played the role of and reduced to external port.
First http agent client 110 of the support QUIC agreement that terminal 10 includes is based on QUIC agreement and VPN is acted on behalf of 20 establish connection, and VPN agency 20 establishes connection based on Transmission Control Protocol and the vpn server 30, so that the information that terminal 10 obtains The transmission rate that VPN agency's 20, QUIC agreement can be transmitted to based on QUIC agreement is fast, and independent of operating system and centre Equipment can satisfy the requirement in the application scenarios of subnetwork transmission to efficient network transmission.
Optionally, as shown in Fig. 2, VPN agency 20 includes the http proxy server 210 for supporting QUIC agreement, institute Stating terminal 10 includes configuration module 130, for obtaining the ground for the http proxy server 210 that the VPN agency 20 includes Location information, and the first http agent client 110 is configured according to the address information.
Specifically, http proxy server 210 can be the module established based on OpenVPN, such as QUIC Http- Proxy Server module, configuration module 130 can be the module established based on OpenVPN.OpenVPN is that a open source is soft Part, easy to use, the property be transformed height.Configuration module 130 is on the ground for obtaining the http proxy server 210 that VPN agency 20 includes After location information such as IP and port, the first http agent client 110 is configured according to the address information of acquisition, so that Http proxy server 210 in first http agent client 110 and VPN agency 20 establishes connection.
Optionally, as shown in Fig. 2, the terminal 10 includes supporting the 2nd http agent client 120 of Transmission Control Protocol;
The terminal 10 is also used to, and when receiving vpn tunneling foundation instruction, determines the first http agent client Whether 110 be in initiate mode;
If the first http agent client 110 is not in initiate mode, it is based on the 2nd http proxy client End 120 and VPN agency 20 establishes connection.
As shown in Fig. 2, the 2nd http agent client 120 can be the OpenVPNClient mould established based on OpenVPN Block, OpenVPN Client module 20 can establish connection based on Transmission Control Protocol and VPN agency, can also be based on Transmission Control Protocol and the One http agent client 110 establishes connection.When receiving vpn tunneling foundation instruction, the first http agent client is detected Whether 110, which be in initiate mode, shows that terminal 10 cannot be based on if the first http agent client 110 is not in initiate mode QUIC agreement and VPN agency 20 establish connection, and then select based on the 2nd http agent client 120 and VPN agency 20 Connection is established, so that establishing connection based on Transmission Control Protocol between terminal 10 and VPN agency 20, guarantees that the foundation of vpn tunneling makes total According to being transmitted, can also select not enabling the first http agent client in the case where of less demanding to data transmission efficiency 110, and then data are transmitted between terminal 10 and VPN agency 20 using Transmission Control Protocol based on the 2nd http agent client 120, Multiple choices are provided.
Optionally, the terminal 10 is also used to, and when the first http agent client 110 is in initiate mode, is built Found the TCP connection between the 2nd http agent client 120 and the first http agent client 110, described second Http agent client 120 is used to send the data of Transmission Control Protocol to the first http agent client 110.
Specifically, when detecting that the first http agent client 110 is in initiate mode, the 2nd http is established TCP connection between agent client 120 and the first http agent client 110 so that terminal 10 and VPN agency 20 it Between data can be transmitted based on QUIC agreement, efficiency of transmission is high.For example, it needs to transmit to vpn server 30 in terminal 10 When data, the 2nd http agent client 120 is based on Transmission Control Protocol and sends data to the first http agent client 110, and first Http agent client 110 sends data to VPN agency 20 based on QUIC agreement again, and last VPN agency 20 is based on Transmission Control Protocol Vpn server 30 is sent data to, transmission of the terminal 10 to server data is completed.2nd http agent client more than 120 For the OpenVPN Client module in existing module, such as OpenVPN, so only need to increase by the 2nd http agent client 120 connection to establish between terminal 10 and VPN agency 20, implementation are easy, and improvement cost is low.
Optionally, as shown in figure 3, VPN agency 20 is deployed in same electronic equipment 40 with the vpn server 30 On.
As shown in figure 3, VPN agency 20 is 30 private of vpn server, multiple VPN services are connected to compared to VPN agency 20 Device 30 (referring to Fig. 1 or Fig. 2) can reduce the load of VPN agency 20, and electronic equipment 40 overloads delay machine where avoiding it.Terminal 10 address informations that can be directly based upon vpn server 30 establish the connection with vpn server 30.
It, can also be in addition, each functional unit in each embodiment of the disclosure can integrate in one processing unit It is that the independent physics of each unit includes, can also be integrated in one unit with two or more units.Above-mentioned integrated list Member both can take the form of hardware realization, can also realize in the form of hardware adds SFU software functional unit.
The another aspect of the embodiment of the present disclosure, also provides a kind of VPN agency, and VPN agency is configured as described above The agency of VPN described in any one of data transmission system, the VPN agency 20 of example as shown in figure 1, specifically can refer in above embodiments For the explanation of Fig. 1, details are not described herein again.
The another aspect of the embodiment of the present disclosure also provides a kind of terminal, which is configured as data as described above and passes Terminal described in any one of defeated system, the terminal 10 of example as shown in figure 1, specifically can refer to saying for Fig. 1 in above embodiments Bright, details are not described herein again.
As shown in figure 4, the embodiment of the present disclosure also provides a kind of VPN establishment of connection method, can be applied to as shown in Figure 1 Terminal 10, as shown in Figure 1, this method comprises:
S11 determines whether is the first http agent client in the terminal when receiving VPN connection and establishing instruction In initiate mode.
The first http agent client is the http agent client for supporting QUIC agreement.
S12 is based on the first http agent client if the first http agent client is in initiate mode Connection is established with VPN agency, the VPN agency is described to set up for establishing connection based on Transmission Control Protocol and vpn server VPN connection between terminal and the vpn server.
Terminal receives VPN connection and establishes instruction, and determines that the first http agent client in terminal is in and enable shape When state, connection is established based on the first http agent client and VPN agency, the information that terminal is obtained is based on QUIC agreement is transmitted to VPN agency, and the transmission rate of QUIC agreement is fast, and independent of operating system and intermediate equipment, can Meet the requirement in the application scenarios of subnetwork transmission to efficient network transmission.
Fig. 5 is a kind of another flow chart of VPN establishment of connection method shown according to an exemplary embodiment, such as Fig. 5 It is shown, this method comprises:
S21 determines whether is the first http agent client in the terminal when receiving VPN connection and establishing instruction In initiate mode.
The first http agent client is the http agent client for supporting QUIC agreement.
S22 establishes the 2nd http generation in the terminal if the first http agent client is in initiate mode Manage the TCP connection between client and the first http agent client.
The 2nd http agent client is the http agent client that Transmission Control Protocol is supported in the terminal.
S23 establishes connection based on the first http agent client and VPN agency, and the VPN agency is for being based on Transmission Control Protocol and vpn server establish connection, to set up the VPN connection between the terminal and the vpn server.
Fig. 6 is a kind of another flow chart of VPN establishment of connection method shown according to an exemplary embodiment, such as Fig. 6 It is shown, this method comprises:
S31 determines whether is the first http agent client in the terminal when receiving VPN connection and establishing instruction In initiate mode.
The first http agent client is the http agent client for supporting QUIC agreement.
S32 establishes the 2nd http generation in the terminal if the first http agent client is in initiate mode Manage the TCP connection between client and the first http agent client.
The 2nd http agent client is the http agent client that Transmission Control Protocol is supported in the terminal.
S33 obtains the address information of the http proxy server for the support QUIC agreement that the VPN agency includes.
S34 configures the first http agent client according to the address information.
The http proxy server of S35, the support QUIC agreement for including with VPN agency according to the address information are built Vertical connection, the VPN agency is for establishing connection based on Transmission Control Protocol and vpn server, to set up the terminal and described VPN connection between vpn server.
About the method in above-described embodiment, wherein each step is in the related embodiment of above-mentioned data transmission system In be described in detail, no detailed explanation will be given here.
Fig. 7 is a kind of block diagram of terminal shown according to an exemplary embodiment.As shown in fig. 7, the terminal 700 can wrap It includes: processor 701, memory 702.The terminal 700 can also include multimedia component 703, input/output (I/O) interface One or more of 704 and communication component 705.
Wherein, processor 701 is used to control the integrated operation of the terminal 700, to complete the above-mentioned establishment of connection side VPN All or part of the steps in method.Memory 702 is used to store various types of data to support the operation in the terminal 700, These data for example may include the instruction of any application or method for operating in the terminal 700, and application The relevant data of program, such as contact data, the message of transmitting-receiving, picture, audio, video etc..The memory 702 can be by Any kind of volatibility or non-volatile memory device or their combination are realized, such as static random access memory (Static Random Access Memory, abbreviation SRAM), electrically erasable programmable read-only memory (Electrically Erasable Programmable Read-Only Memory, abbreviation EEPROM), Erasable Programmable Read Only Memory EPROM (Erasable Programmable Read-Only Memory, abbreviation EPROM), programmable read only memory (Programmable Read-Only Memory, abbreviation PROM), and read-only memory (Read-Only Memory, referred to as ROM), magnetic memory, flash memory, disk or CD.Multimedia component 703 may include screen and audio component.Wherein Screen for example can be touch screen, and audio component is used for output and/or input audio signal.For example, audio component may include One microphone, microphone is for receiving external audio signal.The received audio signal can be further stored in storage Device 702 is sent by communication component 705.Audio component further includes at least one loudspeaker, is used for output audio signal.I/O Interface 704 provides interface between processor 701 and other interface modules, other above-mentioned interface modules can be keyboard, mouse, Button etc..These buttons can be virtual push button or entity button.Communication component 705 is used for the terminal 700 and other equipment Between carry out wired or wireless communication.Wireless communication, such as Wi-Fi, bluetooth, near-field communication (Near Field Communication, abbreviation NFC), 2G, 3G, 4G, NB-IOT, eMTC or other 5G etc. or they one or more of Combination, it is not limited here.Therefore the corresponding communication component 705 may include: Wi-Fi module, bluetooth module, NFC mould Block etc..
In one exemplary embodiment, terminal 700 can be by one or more application specific integrated circuit (Application Specific Integrated Circuit, abbreviation ASIC), digital signal processor (Digital Signal Processor, abbreviation DSP), digital signal processing appts (Digital Signal Processing Device, Abbreviation DSPD), programmable logic device (Programmable Logic Device, abbreviation PLD), field programmable gate array (Field Programmable Gate Array, abbreviation FPGA), controller, microcontroller, microprocessor or other electronics member Part is realized, for executing above-mentioned VPN establishment of connection method.
In a further exemplary embodiment, a kind of computer readable storage medium including program instruction is additionally provided, it should The step of above-mentioned VPN establishment of connection method is realized when program instruction is executed by processor.For example, the computer-readable storage Medium can be the above-mentioned memory 702 including program instruction, and above procedure instruction can be executed by the processor 701 of terminal 700 To complete above-mentioned VPN establishment of connection method.
The preferred embodiment of the disclosure is described in detail in conjunction with attached drawing above, still, the disclosure is not limited to above-mentioned reality The detail in mode is applied, in the range of the technology design of the disclosure, a variety of letters can be carried out to the technical solution of the disclosure Monotropic type, these simple variants belong to the protection scope of the disclosure.Example
It is further to note that specific technical features described in the above specific embodiments, in not lance In the case where shield, can be combined in any appropriate way, in order to avoid unnecessary repetition, the disclosure to it is various can No further explanation will be given for the combination of energy.
In addition, any combination can also be carried out between a variety of different embodiments of the disclosure, as long as it is without prejudice to originally Disclosed thought equally should be considered as disclosure disclosure of that.

Claims (10)

1. a kind of data transmission system characterized by comprising
Terminal, Virtual Private Network vpn server, and connect for establishing VPN between the terminal and the vpn server The VPN agency connect;
Wherein, the terminal include support QUIC agreement the first http agent client, for based on QUIC agreement with it is described VPN agency establishes connection;
The VPN agency is used for, and connection is established based on transmission control protocol TCP agreement and the vpn server, to set up State the VPN connection between terminal and the vpn server.
2. system according to claim 1, which is characterized in that the VPN agency includes the http generation for supporting QUIC agreement Server is managed, the terminal includes configuration module, for obtaining the ground for the http proxy server that the VPN agency includes Location information, and the first http agent client is configured according to the address information.
3. system according to claim 2, which is characterized in that the terminal includes supporting the 2nd http generation of Transmission Control Protocol Manage client;
The terminal is also used to, and when receiving vpn tunneling foundation instruction, determines whether the first http agent client is located In initiate mode;
If the first http agent client is not in initiate mode, based on the 2nd http agent client with it is described VPN agency establishes connection.
4. system according to claim 3, which is characterized in that the terminal is also used to, and acts on behalf of visitor in the first http When family end is in initiate mode, establish between the 2nd http agent client and the first http agent client TCP connection, the 2nd http agent client are used to send the data of Transmission Control Protocol to the first http agent client.
5. system according to any one of claim 1 to 4, which is characterized in that the VPN agency services with the VPN Device is deployed on same electronic equipment.
6. a kind of VPN agency, which is characterized in that the VPN agency is the agency of VPN described in any one of claims 1 to 5.
7. a kind of terminal, which is characterized in that the terminal is terminal described in any one of claims 1 to 5.
8. a kind of VPN establishment of connection method, which is characterized in that be applied to terminal, comprising:
When receiving VPN connection foundation instruction, determine whether the first http agent client in the terminal is in enabling State, the first http agent client are the http agent clients for supporting QUIC agreement;
If the first http agent client is in initiate mode, based on the first http agent client and VPN generation Reason establishes connection, the VPN agency for establishing connection based on Transmission Control Protocol and vpn server, with set up the terminal and VPN connection between the vpn server.
9. according to the method described in claim 8, it is characterized in that, it is described based on the first http agent client with VPN agency establishes before connection, comprising:
The TCP connection between the 2nd http agent client and the first http agent client in the terminal is established, The 2nd http agent client is the http agent client that Transmission Control Protocol is supported in the terminal.
10. method according to claim 8 or claim 9, which is characterized in that the method also includes:
Obtain the address information of the http proxy server for the support QUIC agreement that the VPN agency includes;
The first http agent client is configured according to the address information;
It is described that connection is established based on the first http agent client and VPN agency, comprising:
The http proxy server for the support QUIC agreement for including according to the address information and VPN agency establishes connection.
CN201910301355.7A 2019-04-15 2019-04-15 Data transmission system and method for establishing VPN connection, terminal and VPN proxy thereof Active CN110177128B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201910301355.7A CN110177128B (en) 2019-04-15 2019-04-15 Data transmission system and method for establishing VPN connection, terminal and VPN proxy thereof

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201910301355.7A CN110177128B (en) 2019-04-15 2019-04-15 Data transmission system and method for establishing VPN connection, terminal and VPN proxy thereof

Publications (2)

Publication Number Publication Date
CN110177128A true CN110177128A (en) 2019-08-27
CN110177128B CN110177128B (en) 2022-02-01

Family

ID=67689651

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201910301355.7A Active CN110177128B (en) 2019-04-15 2019-04-15 Data transmission system and method for establishing VPN connection, terminal and VPN proxy thereof

Country Status (1)

Country Link
CN (1) CN110177128B (en)

Cited By (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN110838967A (en) * 2019-11-22 2020-02-25 深圳前海达闼云端智能科技有限公司 Virtual private network connection method, server, client and storage medium
CN110891008A (en) * 2019-11-21 2020-03-17 成都云智天下科技股份有限公司 IP proxy method based on L2TP/IPSEC
CN111865940A (en) * 2020-07-01 2020-10-30 四川速宝网络科技有限公司 Transmission optimization method and device
CN111885093A (en) * 2020-09-27 2020-11-03 腾讯科技(深圳)有限公司 Event request transmission method and device, storage medium and electronic equipment
CN114979261A (en) * 2021-02-24 2022-08-30 华为技术有限公司 Service interaction method, terminal, server and system

Citations (16)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101345741A (en) * 2007-07-13 2009-01-14 盛大计算机(上海)有限公司 Proxy system and proxy connecting method based on internet
CN103840994A (en) * 2012-11-23 2014-06-04 华耀(中国)科技有限公司 System and method for user side to access intranet through VPN
CN106685956A (en) * 2016-12-27 2017-05-17 上海斐讯数据通信技术有限公司 Method and system for router VPN network connection
CN206313803U (en) * 2016-12-16 2017-07-07 青岛蘑菇网络技术有限公司 A kind of router for realizing network game acceleration
CN106973107A (en) * 2017-03-29 2017-07-21 小沃科技有限公司 A kind of mobile client orientation flow agency plant realized based on hook modes and method
CN107154865A (en) * 2017-04-13 2017-09-12 上海寰创通信科技股份有限公司 A kind of method based on outer net managing intranet equipment
US20170339729A1 (en) * 2014-12-30 2017-11-23 Telefonaktiebolaget Lm Ericsson (Publ) Technique for Providing Quality Enhancements to an Application Residing On a User Terminal
US20180041613A1 (en) * 2016-08-03 2018-02-08 Anchorfree Inc System And Method For Virtual Multipath Data Transport
WO2018087721A1 (en) * 2016-11-11 2018-05-17 Ologn Technologies Ag Systems, apparatuses and methods for cooperating routers
CN108063714A (en) * 2016-11-09 2018-05-22 北京国双科技有限公司 A kind of processing method and processing device of network request
CN108650061A (en) * 2018-04-24 2018-10-12 达闼科技(北京)有限公司 VPN Proxy Methods, device, storage medium and system based on FEC
WO2018210428A1 (en) * 2017-05-19 2018-11-22 Telefonaktiebolaget Lm Ericsson (Publ) Technique for enabling multipath transmission
CN109155744A (en) * 2016-04-01 2019-01-04 诺基亚通信公司 Dynamic experience management in communication
CN109309685A (en) * 2018-10-31 2019-02-05 北京百度网讯科技有限公司 Information transferring method and device
CN109547824A (en) * 2018-11-27 2019-03-29 亦非云互联网技术(上海)有限公司 A kind of video traffic method of servicing and system, storage medium and vpn server
CN112586086A (en) * 2018-08-22 2021-03-30 特萨雷斯股份有限公司 Multi-path access network

Patent Citations (16)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101345741A (en) * 2007-07-13 2009-01-14 盛大计算机(上海)有限公司 Proxy system and proxy connecting method based on internet
CN103840994A (en) * 2012-11-23 2014-06-04 华耀(中国)科技有限公司 System and method for user side to access intranet through VPN
US20170339729A1 (en) * 2014-12-30 2017-11-23 Telefonaktiebolaget Lm Ericsson (Publ) Technique for Providing Quality Enhancements to an Application Residing On a User Terminal
CN109155744A (en) * 2016-04-01 2019-01-04 诺基亚通信公司 Dynamic experience management in communication
US20180041613A1 (en) * 2016-08-03 2018-02-08 Anchorfree Inc System And Method For Virtual Multipath Data Transport
CN108063714A (en) * 2016-11-09 2018-05-22 北京国双科技有限公司 A kind of processing method and processing device of network request
WO2018087721A1 (en) * 2016-11-11 2018-05-17 Ologn Technologies Ag Systems, apparatuses and methods for cooperating routers
CN206313803U (en) * 2016-12-16 2017-07-07 青岛蘑菇网络技术有限公司 A kind of router for realizing network game acceleration
CN106685956A (en) * 2016-12-27 2017-05-17 上海斐讯数据通信技术有限公司 Method and system for router VPN network connection
CN106973107A (en) * 2017-03-29 2017-07-21 小沃科技有限公司 A kind of mobile client orientation flow agency plant realized based on hook modes and method
CN107154865A (en) * 2017-04-13 2017-09-12 上海寰创通信科技股份有限公司 A kind of method based on outer net managing intranet equipment
WO2018210428A1 (en) * 2017-05-19 2018-11-22 Telefonaktiebolaget Lm Ericsson (Publ) Technique for enabling multipath transmission
CN108650061A (en) * 2018-04-24 2018-10-12 达闼科技(北京)有限公司 VPN Proxy Methods, device, storage medium and system based on FEC
CN112586086A (en) * 2018-08-22 2021-03-30 特萨雷斯股份有限公司 Multi-path access network
CN109309685A (en) * 2018-10-31 2019-02-05 北京百度网讯科技有限公司 Information transferring method and device
CN109547824A (en) * 2018-11-27 2019-03-29 亦非云互联网技术(上海)有限公司 A kind of video traffic method of servicing and system, storage medium and vpn server

Non-Patent Citations (2)

* Cited by examiner, † Cited by third party
Title
程光等: "加密流量测量与分析", 《读秀》 *
陈振波: "QUIC 协议研究", 《电子测试》 *

Cited By (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN110891008A (en) * 2019-11-21 2020-03-17 成都云智天下科技股份有限公司 IP proxy method based on L2TP/IPSEC
CN110838967A (en) * 2019-11-22 2020-02-25 深圳前海达闼云端智能科技有限公司 Virtual private network connection method, server, client and storage medium
CN110838967B (en) * 2019-11-22 2021-12-24 达闼机器人有限公司 Virtual private network connection method, server, client and storage medium
CN111865940A (en) * 2020-07-01 2020-10-30 四川速宝网络科技有限公司 Transmission optimization method and device
CN111865940B (en) * 2020-07-01 2022-10-11 四川速宝网络科技有限公司 Transmission optimization method and device
CN111885093A (en) * 2020-09-27 2020-11-03 腾讯科技(深圳)有限公司 Event request transmission method and device, storage medium and electronic equipment
CN111885093B (en) * 2020-09-27 2021-03-26 腾讯科技(深圳)有限公司 Event request transmission method and device, storage medium and electronic equipment
CN114979261A (en) * 2021-02-24 2022-08-30 华为技术有限公司 Service interaction method, terminal, server and system

Also Published As

Publication number Publication date
CN110177128B (en) 2022-02-01

Similar Documents

Publication Publication Date Title
CN110177128A (en) Data transmission system and method for establishing VPN connection, terminal and VPN proxy thereof
CN104580192B (en) The treating method and apparatus of the network access request of application program
KR20200006104A (en) Session Management Method and Device
US9973581B2 (en) System and method for extended wireless access gateway service provider Wi-Fi offload
US10498831B2 (en) Communication sessions at a CoAP protocol layer
WO2018233485A1 (en) Session management method and device
EP2230822A1 (en) Establishing a connection traversing a network address translation gateway
CN105049413A (en) Authentication method for free wireless Internet access
JP6082156B1 (en) COMMUNICATION SYSTEM, ADDRESS NOTIFICATION DEVICE, COMMUNICATION CONTROL DEVICE, TERMINAL, COMMUNICATION METHOD, AND PROGRAM
KR20150013860A (en) Clientless cloud computing
CN112838966A (en) UDP link monitoring method and system and electronic equipment
CN112119673B (en) Electronic device supporting multiple wireless communication protocols and method thereof
US11949579B2 (en) Method and device for network path probe
US8965274B2 (en) Session continuity in wireless local area networks with internet protocol level mobility
RU2690756C1 (en) Method of transmitting data and associated device and system
US20220131797A1 (en) Method and device for data packet forwarding
CN109587028B (en) Method and device for controlling flow of client
CN112398685B (en) Host equipment acceleration method, device, equipment and medium based on mobile terminal
US10091635B2 (en) Method and apparatus for communication using IP address exchanged via NFC
CN105556928A (en) Access to data source via proxy
CN103974456B (en) Communication system and method
US10375175B2 (en) Method and apparatus for terminal application accessing NAS
WO2017161866A1 (en) Network connection method and device
CN107431965A (en) A kind of method and device for realizing transmission control protocol TCP transmission
EP3044929B1 (en) A mobile-device based proxy for browser-originated procedures

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
TA01 Transfer of patent application right

Effective date of registration: 20210305

Address after: 201111 2nd floor, building 2, no.1508, Kunyang Road, Minhang District, Shanghai

Applicant after: Dalu Robot Co.,Ltd.

Address before: 518000 Room 201, building A, No. 1, Qian Wan Road, Qianhai Shenzhen Hong Kong cooperation zone, Shenzhen, Guangdong (Shenzhen Qianhai business secretary Co., Ltd.)

Applicant before: Shenzhen Qianhaida Yunyun Intelligent Technology Co.,Ltd.

TA01 Transfer of patent application right
GR01 Patent grant
GR01 Patent grant
CP03 Change of name, title or address

Address after: 201111 Building 8, No. 207, Zhongqing Road, Minhang District, Shanghai

Patentee after: Dayu robot Co.,Ltd.

Address before: 201111 2nd floor, building 2, no.1508, Kunyang Road, Minhang District, Shanghai

Patentee before: Dalu Robot Co.,Ltd.

CP03 Change of name, title or address