CN115378868A - System and method for realizing message processing based on SNAT resource pool - Google Patents
System and method for realizing message processing based on SNAT resource pool Download PDFInfo
- Publication number
- CN115378868A CN115378868A CN202210994213.5A CN202210994213A CN115378868A CN 115378868 A CN115378868 A CN 115378868A CN 202210994213 A CN202210994213 A CN 202210994213A CN 115378868 A CN115378868 A CN 115378868A
- Authority
- CN
- China
- Prior art keywords
- message
- flow table
- session
- snat
- ovn
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L45/00—Routing or path finding of packets in data switching networks
- H04L45/74—Address processing for routing
- H04L45/745—Address table lookup; Address filtering
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L45/00—Routing or path finding of packets in data switching networks
- H04L45/58—Association of routers
- H04L45/586—Association of routers of virtual routers
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L61/00—Network arrangements, protocols or services for addressing or naming
- H04L61/09—Mapping addresses
- H04L61/25—Mapping addresses of the same type
- H04L61/2503—Translation of Internet protocol [IP] addresses
- H04L61/2517—Translation of Internet protocol [IP] addresses using port numbers
Abstract
The invention relates to the technical field of virtualization cloud, and provides a system and a method for realizing message processing based on an SNAT resource pool, wherein the system comprises the following components: the NAT gateway central control service module is used for creating an SNAT resource pool instance and writing the SNAT resource pool instance information into an OVN northbound database; an OVN northbound database for providing SNAT resource pool instance information to OVN Northd flow table translation middleware; the OVN Northd flow table translation middleware is used for translating SNAT resource pool instance information pulled from the OVN southbound database into a logic flow table and writing the logic flow table into the OVN southbound database; an OVN southbound database for providing the logical flow table to the OVN local controller; the OVN local controller is used for translating the logic flow table pulled from the southbound database into a physical flow table and issuing the physical flow table to a local virtual router; and the virtual router is used for processing the messages of the virtual machine or the container according to the physical flow table. The invention can solve the problem that new connection cannot be created due to the exhaustion of the IP ports in a concurrent large-application scene.
Description
Technical Field
The invention relates to the technical field of virtualization cloud, in particular to a system and a method for achieving message processing based on an SNAT resource pool.
Background
At present, a plurality of virtual machines in a VPC intranet in an SDN virtualization cloud platform access a public network by means of a SNAT function in a NAT gateway. The method comprises the steps of establishing an SNAT rule in an NAT gateway, setting an intranet message sent out from a designated VPC network segment, modifying the IP and port of the message into a certain public network IP and port which are configured in advance when the message is forwarded to a public network through the NAT gateway, randomly selecting the port from 1-65535 according to different sessions, and enabling a source IP seen after a device on the public network receives the message to be a real intranet IP of the public network IP but not a virtual machine.
In practical application, when all virtual machines in a VPC go out of a public network to serve as SNATs, only one public network IP can be used to replace a source IP and a source port, but a port in udp or tcp in a four-layer network protocol is 16bit, that is, an available port range is 1-65535, and in a scenario where multiple virtual machines in the VPC go out of the public network at the same time and have a large concurrency, a port of one IP is quickly exhausted, so that a new connection cannot be created.
Therefore, how to provide a message communication method to avoid the defect that a new connection cannot be created due to the fact that an IP port in an application scenario with a large concurrency amount is quickly exhausted becomes a technical problem to be urgently solved.
Disclosure of Invention
In view of this, in order to solve the problem that a new connection cannot be created due to the fact that a port of an IP in an application scenario with large concurrency is quickly exhausted, the present invention creates a public network IP SNAT resource pool based on an OpenFlow flow table, so that when multiple virtual machines in a VPC go out of a public network to serve as a SNAT, one public network EIP and a port can be selected from a SNAT resource pool composed of multiple public network EIPs to replace a source IP and a source port of a message, thereby implementing forwarding of the message.
In one aspect, the present invention provides a system for implementing message processing based on an SNAT resource pool, including:
the NAT gateway central control service module is used for creating an SNAT resource pool instance according to the call request of the client and writing the SNAT resource pool instance information into an OVN north database;
the OVN northbound database is used for storing SNAT resource pool example information written by a central control service module of the NAT gateway and providing the SNAT resource pool example information to OVN Northd flow table translation middleware;
the OVN Northd flow table translation middleware is used for pulling the SNAT resource pool instance information from the OVN northbound database, translating the pulled SNAT resource pool instance information into a logic flow table and writing the logic flow table into the OVN southbound database;
the OVN southbound database is used for storing the logic flow table written by the OVN Northd flow table translation middleware and providing the logic flow table to the OVN local controller;
the OVN local controller is used for pulling the logic flow table from the southbound database, translating the logic flow table into a physical flow table and issuing the physical flow table to a local virtual router;
and the virtual router is used for processing the message of the virtual machine or the container according to the physical flow table.
Further, in the system for implementing message processing based on the SNAT resource pool, the virtual router is used for processing the message of the virtual machine or the container according to the physical flow table, and includes: when the internal virtual machine accesses the flow table of the external network and passes through the virtual router, the virtual router judges whether the session corresponding to the message is a new session according to the hash value of the quintuple of the current message, modifies the message in different modes according to the judgment result, and sends the modified message to the public network.
Further, in the system for implementing message processing based on the SNAT resource pool, the virtual router judges whether the session corresponding to the message is a new session according to the hash value of the quintuple of the current message, including: when the session record corresponding to the message does not exist in the session table, judging that the session corresponding to the message is a new session; and when the session record corresponding to the message exists in the session table, judging that the session corresponding to the message is not a new session.
Furthermore, in the system for implementing message processing based on the SNAT resource pool, the virtual router modifies the message in different ways according to the judgment result, which includes: and when the session corresponding to the message is a new session, the virtual router modifies the source IP and the source port of the message based on the public network EIP and the port recorded in the existing session, and sends the modified message to the public network.
Furthermore, in the system for implementing message processing based on the SNAT resource pool, the virtual router modifies the message in different ways according to the judgment result, and the method further comprises the following steps: when the session corresponding to the message is a new session, the virtual router inquires whether an available EIP and a port exist in a physical flow table; when an available EIP and an available port exist in the physical flow table, replacing a source IP and a source port of the message by the EIP and the port obtained by query, recording the session, and sending the modified message to the public network; and when the physical flow table has no available EIP and port, printing an alarm log and discarding the message.
On the other hand, the invention provides a method for realizing message processing based on an SNAT resource pool, which comprises the following steps:
step S1: creating an SNAT resource pool instance according to a call request of a client through an NAT gateway central control service module, and writing the SNAT resource pool instance information into an OVN north database;
step S2: pulling SNAT resource pool instance information from an OVN northbound database by adopting OVN North flow table translation middleware, translating the pulled SNAT resource pool instance information into an SNAT logic flow table corresponding to the SNAT resource pool, and writing the SNAT logic flow table into an OVN southbound database;
and step S3: an OVN local controller is adopted to pull the logic flow table from the southbound database, translate the logic flow table into a physical flow table and send the physical flow table to a local virtual router;
and step S4: and processing the message of the virtual machine or the container by adopting the virtual router according to the physical flow table.
Further, step S4 of the method for implementing message processing based on the SNAT resource pool of the present invention includes:
step S41: the virtual router judges whether the session corresponding to the message is a new session according to the hash value of the quintuple of the current message;
step S42: and the virtual router modifies the message in different modes according to the judgment result of the step S41 and sends the modified message to the public network.
Further, step S41 of the method for implementing message processing based on the SNAT resource pool of the present invention includes: when an internal virtual machine accesses a flow table of an external network and passes through a virtual router, the virtual router inquires whether a session record corresponding to a message exists in a session table according to a hash value of a quintuple of a current message; when the session record corresponding to the message does not exist in the session table, judging that the session corresponding to the message is a new session; and when the session record corresponding to the message exists in the session table, judging that the session corresponding to the message is not a new session.
Further, in step S42 of the method for implementing message processing based on the SNAT resource pool, the virtual router modifies the message in different ways according to the judgment result of step S41, which includes: and when the message belongs to a new session, modifying the source IP and the source port of the message based on the public network EIP and the port recorded in the existing session, and sending the modified message to the public network.
Further, in step S42 of the method for implementing message processing based on the SNAT resource pool, the virtual router modifies the message in different ways according to the determination result in step S41, and further includes: when the message does not belong to a new session, inquiring whether an available public network EIP and a port exist in a physical flow table; when available public network EIP and port exist in the physical flow table, replacing source IP and source port of the message by the public network EIP and port obtained by query, recording the session, and sending the modified message to the public network; and when the physical flow table does not have available public network EIP and port, printing an alarm log and discarding the message.
The invention discloses a system and a method for realizing message processing based on an SNAT resource pool, which have the following beneficial effects:
1. the method is suitable for application scenes with large concurrency, and avoids the defect that a port of one IP can be exhausted quickly to cause that new connection cannot be established.
2. The SNAT resource pool realized based on the openflow flow table has the characteristics of simple structure, light weight and few dependent components, and is convenient to deploy and later-stage operation and maintenance;
3. the EIP addresses of the public network in the SNAT resource pool can be increased and decreased without influencing the dynamic state of the existing session communication.
Drawings
In order to more clearly illustrate the technical solutions of the embodiments of the present invention, the drawings needed to be used in the embodiments will be briefly described below, and it is obvious that the drawings in the following description are only some embodiments of the present invention, and it is obvious for those skilled in the art to obtain other drawings based on these drawings without creative efforts.
Fig. 1 is an architecture diagram of a system for implementing message processing based on a SNAT resource pool according to an exemplary first embodiment of the present invention.
Fig. 2 is a flowchart of a method for implementing message processing based on a SNAT resource pool according to an exemplary second embodiment of the present invention.
Fig. 3 is a timing diagram illustrating a method for implementing message processing based on a SNAT resource pool according to a second exemplary embodiment of the present invention.
Fig. 4 is a flowchart of a method for implementing message processing based on a SNAT resource pool according to an exemplary third embodiment of the present invention.
Fig. 5 is an application flowchart of a method for implementing message processing based on a SNAT resource pool according to an exemplary third embodiment of the present invention.
Detailed Description
Embodiments of the present invention will be described in detail below with reference to the accompanying drawings.
It should be noted that, in the case of no conflict, the features in the following embodiments and examples may be combined with each other; moreover, all other embodiments that can be derived by one of ordinary skill in the art from the embodiments disclosed herein without making any creative effort fall within the scope of the present disclosure.
It is noted that various aspects of the embodiments are described below within the scope of the appended claims. It should be apparent that the aspects described herein may be embodied in a wide variety of forms and that any specific structure and/or function described herein is merely illustrative. Based on the disclosure, one skilled in the art should appreciate that one aspect described herein may be implemented independently of any other aspects and that two or more of these aspects may be combined in various ways. For example, an apparatus may be implemented and/or a method practiced using any number of the aspects set forth herein. In addition, such an apparatus may be implemented and/or such a method may be practiced using other structure and/or functionality in addition to or other than one or more of the aspects set forth herein.
Fig. 1 is an architecture diagram of a system for implementing message processing based on a SNAT resource pool according to an exemplary first embodiment of the present invention, as shown in fig. 1, the system of this embodiment includes:
the NAT gateway central control service module is used for creating an SNAT resource pool instance according to the call request of the client and writing the SNAT resource pool instance information into an OVN north database;
the OVN northbound database is used for storing SNAT resource pool example information written by a central control service module of the NAT gateway and providing the SNAT resource pool example information to OVN Northd flow table translation middleware;
the OVN Northd flow table translation middleware is used for pulling the SNAT resource pool instance information from the OVN northbound database, translating the pulled SNAT resource pool instance information into a logic flow table and writing the logic flow table into the OVN southbound database;
the OVN southbound database is used for storing the logic flow table written by the OVN Northd flow table translation middleware and providing the logic flow table to the OVN local controller;
the OVN local controller is used for pulling the logic flow table from the southbound database, translating the logic flow table into a physical flow table and issuing the physical flow table to a local virtual router;
and the virtual router is used for processing the messages of the virtual machine or the container according to the physical flow table.
The system for implementing message processing based on the SNAT resource pool provided by the embodiment can be applied to an actual scene in the following way:
when the flow table of the internal network virtual machine accessing the external network passes through the virtual router, the virtual router judges whether the session corresponding to the message is a new session according to the hash value of the quintuple (namely the protocol, the source IP, the source port, the destination IP and the destination port) of the current message, modifies the message in different modes according to the judgment result, and sends the modified message to the public network.
Specifically, when an intranet virtual machine accesses a flow table of an extranet and passes through a virtual router, the virtual router queries whether a session record corresponding to a current message exists in a session table according to a hash value of a quintuple of the message; when the session record corresponding to the message does not exist in the session table, judging that the session corresponding to the message is a new session; and when the session record corresponding to the message exists in the session table, judging that the session corresponding to the message is not a new session.
And when the session corresponding to the message is a new session, the virtual router modifies the source IP and the source port of the message based on the public network EIP and the port recorded in the existing session, and sends the modified message to the public network.
When the session corresponding to the message is not a new session, the virtual router inquires whether an available EIP and a port exist in a physical flow table or not;
when an available EIP and a port exist in the physical flow table, replacing a source IP and a source port of the message by the EIP and the port obtained by inquiry, recording the session, and sending the modified message to the public network; and when no available EIP and port exist in the physical flow table, printing an alarm log and discarding the message.
Fig. 2 is a flowchart of a method for implementing message processing based on a SNAT resource pool according to an exemplary second embodiment of the present invention, where as shown in fig. 2, the method of this embodiment includes:
step S1: creating an SNAT resource pool instance according to a call request of a client through an NAT gateway central control service module, and writing the SNAT resource pool instance information into an OVN northbound database;
step S2: pulling SNAT resource pool instance information from an OVN northbound database by adopting an OVN Northd flow table translation middleware, translating the pulled SNAT resource pool instance information into an SNAT logic flow table corresponding to the SNAT resource pool, and writing the SNAT logic flow table into an OVN southbound database;
and step S3: an OVN local controller is adopted to pull the logic flow table from the southbound database, translate the logic flow table into a physical flow table and send the physical flow table to a local virtual router;
and step S4: and processing the message of the virtual machine or the container by adopting the virtual router according to the physical flow table.
In practical application, the method of this embodiment is implemented according to the timing sequence shown in fig. 3.
Fig. 4 is a flowchart of a method for implementing message processing based on a SNAT resource pool according to a third embodiment of the present invention, where this embodiment is a preferred embodiment of the method shown in fig. 2, and as shown in fig. 4, step S4 of the method of this embodiment includes:
step S41: the virtual router judges whether the session corresponding to the message is a new session according to the hash value of the quintuple of the current message;
step S42: and the virtual router modifies the message in different modes according to the judgment result of the step S41 and sends the modified message to the public network.
In practical applications, step S41 and step S42 of the method of the present embodiment are implemented according to the flow shown in fig. 5.
Step S41 of the method of the present embodiment includes: when an internal virtual machine accesses a flow table of an external network and passes through a virtual router, the virtual router inquires whether a session record corresponding to a message exists in a session table according to a hash value of a quintuple of a current message; when the session record corresponding to the message does not exist in the session table, judging that the session corresponding to the message is a new session; and when the session record corresponding to the message exists in the session table, judging that the session corresponding to the message is not a new session.
In step S42 of the method in this embodiment, the virtual router modifies the packet in different ways according to the determination result in step S41, including: and when the session corresponding to the message is a new session, modifying the source IP and the source port of the message based on the public network EIP and the port recorded in the existing session, and sending the modified message to the public network.
In step S42 of the method in this embodiment, the virtual router modifies the packet in different ways according to the determination result in step S41, and further includes:
when the session corresponding to the message is not a new session, inquiring whether an available public network EIP and a port exist in a physical flow table;
when available public network EIP and port exist in the physical flow table, replacing source IP and source port of the message by the public network EIP and port obtained by query, recording the session, and sending the modified message to the public network;
and when the physical flow table does not have available public network EIP and port, printing an alarm log and discarding the message.
The above description is only for the specific embodiment of the present invention, but the scope of the present invention is not limited thereto, and any changes or substitutions that can be easily conceived by those skilled in the art within the technical scope of the present invention are included in the scope of the present invention. Therefore, the protection scope of the present invention shall be subject to the protection scope of the claims.
Claims (10)
1. A system for realizing message processing based on SNAT resource pool is characterized in that the system comprises:
the NAT gateway central control service module is used for creating an SNAT resource pool instance according to the call request of the client and writing the SNAT resource pool instance information into an OVN north database;
the OVN northbound database is used for storing SNAT resource pool instance information written by the central control service module of the NAT gateway and providing the SNAT resource pool instance information to the OVN Northd flow table translation middleware;
the OVN Northd flow table translation middleware is used for pulling the SNAT resource pool instance information from the OVN northbound database, translating the pulled SNAT resource pool instance information into a logic flow table and writing the logic flow table into the OVN southbound database;
the OVN southbound database is used for storing the logic flow table written by the OVN Northd flow table translation middleware and providing the logic flow table to the OVN local controller;
the OVN local controller is used for pulling the logic flow table from the southbound database, translating the logic flow table into a physical flow table and issuing the physical flow table to a local virtual router;
and the virtual router is used for processing the messages of the virtual machine or the container according to the physical flow table.
2. The system according to claim 1, wherein the virtual router is configured to process the packet of the virtual machine or the container according to the physical flow table, and includes: when the internal virtual machine accesses the flow table of the external network and passes through the virtual router, the virtual router judges whether the session corresponding to the message is a new session according to the hash value of the quintuple of the current message, modifies the message in different modes according to the judgment result, and sends the modified message to the public network.
3. The system according to claim 2, wherein the virtual router determines whether the session corresponding to the packet is a new session according to a hash value of a quintuple of the current packet, and the determining includes: when the session record corresponding to the message does not exist in the session table, judging that the session corresponding to the message is a new session; and when the session record corresponding to the message exists in the session table, judging that the session corresponding to the message is not a new session.
4. The system according to claim 2, wherein the modifying the message in different ways according to the determination result comprises: and when the session corresponding to the message is a new session, the virtual router modifies the source IP and the source port of the message based on the public network EIP and the port recorded in the existing session, and sends the modified message to the public network.
5. The system for implementing message processing based on the SNAT resource pool according to claim 2, wherein the message is modified in different ways according to the determination result, further comprising: when the session corresponding to the message is a new session, the virtual router inquires whether an available EIP and a port exist in a physical flow table; when an available EIP and an available port exist in the physical flow table, replacing a source IP and a source port of the message by the EIP and the port obtained by query, recording the session, and sending the modified message to the public network; and when the physical flow table has no available EIP and port, printing an alarm log and discarding the message.
6. A method for realizing message processing based on SNAT resource pool based on the system of any of claims 1-5, characterized in that the method comprises:
step S1: creating an SNAT resource pool instance according to a call request of a client through an NAT gateway central control service module, and writing the SNAT resource pool instance information into an OVN north database;
step S2: pulling SNAT resource pool instance information from an OVN northbound database by adopting an OVN Northd flow table translation middleware, translating the pulled SNAT resource pool instance information into an SNAT logic flow table corresponding to the SNAT resource pool, and writing the SNAT logic flow table into an OVN southbound database;
and step S3: an OVN local controller is adopted to pull the logic flow table from the southbound database, translate the logic flow table into a physical flow table and send the physical flow table to a local virtual router;
and step S4: and processing the message of the virtual machine or the container by adopting the virtual router according to the physical flow table.
7. The method for implementing message processing based on the SNAT resource pool according to claim 6, wherein the step S4 comprises:
step S41: the virtual router judges whether the session corresponding to the message is a new session according to the hash value of the quintuple of the current message;
step S42: and the virtual router modifies the message in different modes according to the judgment result of the step S41 and sends the modified message to the public network.
8. The method according to claim 7, wherein the step S41 comprises: when the internal virtual machine accesses a flow table of an external network and passes through a virtual router, the virtual router inquires whether a session record corresponding to a message exists in a session table according to a hash value of a quintuple of the current message; when the session record corresponding to the message does not exist in the session table, judging that the session corresponding to the message is a new session; and when the session record corresponding to the message exists in the session table, judging that the session corresponding to the message is not a new session.
9. The method according to claim 7, wherein in step S42, the virtual router modifies the packet in different ways according to the determination result in step S41, and the method includes: and when the message belongs to a new session, modifying the source IP and the source port of the message based on the public network EIP and the port recorded in the existing session, and sending the modified message to the public network.
10. The method according to claim 7, wherein in step S42, the virtual router modifies the packet in different ways according to the determination result in step S41, further comprising: when the message does not belong to a new session, inquiring whether an available public network EIP and a port exist in a physical flow table; when available public network EIP and port exist in the physical flow table, replacing source IP and source port of the message by the public network EIP and port obtained by query, recording the session, and sending the modified message to the public network; and when the available public network EIP and port do not exist in the physical flow table, printing an alarm log and discarding the message.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202210994213.5A CN115378868B (en) | 2022-08-18 | 2022-08-18 | System and method for realizing message processing based on SNAT resource pool |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202210994213.5A CN115378868B (en) | 2022-08-18 | 2022-08-18 | System and method for realizing message processing based on SNAT resource pool |
Publications (2)
Publication Number | Publication Date |
---|---|
CN115378868A true CN115378868A (en) | 2022-11-22 |
CN115378868B CN115378868B (en) | 2023-09-19 |
Family
ID=84066692
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN202210994213.5A Active CN115378868B (en) | 2022-08-18 | 2022-08-18 | System and method for realizing message processing based on SNAT resource pool |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN115378868B (en) |
Citations (12)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN103581324A (en) * | 2013-11-11 | 2014-02-12 | 中国联合网络通信集团有限公司 | Cloud computing resource pool system and implement method thereof |
CN105812340A (en) * | 2014-12-31 | 2016-07-27 | 杭州华三通信技术有限公司 | Access method and device for virtual network to extranet |
CN107453992A (en) * | 2016-05-30 | 2017-12-08 | 北京京东尚科信息技术有限公司 | Data forwarding method and system in a kind of virtual network |
CN107911258A (en) * | 2017-12-29 | 2018-04-13 | 深信服科技股份有限公司 | A kind of realization method and system in the secure resources pond based on SDN network |
US20200259892A1 (en) * | 2019-02-11 | 2020-08-13 | Red Hat Israel, Ltd. | Implementing multiple load balancer drivers for a single load balancer |
CN112383481A (en) * | 2020-11-02 | 2021-02-19 | 科大讯飞股份有限公司 | Flow table generation and port forwarding method, node, electronic device and storage medium |
CN112769829A (en) * | 2021-01-11 | 2021-05-07 | 科大讯飞股份有限公司 | Deployment method of cloud physical machine, related equipment and readable storage medium |
CN113472575A (en) * | 2021-06-30 | 2021-10-01 | 北京凌云雀科技有限公司 | Deployment method and device of open virtual network |
CN113612807A (en) * | 2021-10-09 | 2021-11-05 | 苏州浪潮智能科技有限公司 | Distributed firewall definition method and system |
EP3968675A1 (en) * | 2020-08-21 | 2022-03-16 | INTEL Corporation | Edge computing local breakout |
CN114338496A (en) * | 2020-10-12 | 2022-04-12 | 中移(苏州)软件技术有限公司 | Resource forwarding method, device, terminal and computer storage medium |
CN114363021A (en) * | 2021-12-22 | 2022-04-15 | 绿盟科技集团股份有限公司 | Network shooting range system, virtual network implementation method and device of network shooting range system |
-
2022
- 2022-08-18 CN CN202210994213.5A patent/CN115378868B/en active Active
Patent Citations (12)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN103581324A (en) * | 2013-11-11 | 2014-02-12 | 中国联合网络通信集团有限公司 | Cloud computing resource pool system and implement method thereof |
CN105812340A (en) * | 2014-12-31 | 2016-07-27 | 杭州华三通信技术有限公司 | Access method and device for virtual network to extranet |
CN107453992A (en) * | 2016-05-30 | 2017-12-08 | 北京京东尚科信息技术有限公司 | Data forwarding method and system in a kind of virtual network |
CN107911258A (en) * | 2017-12-29 | 2018-04-13 | 深信服科技股份有限公司 | A kind of realization method and system in the secure resources pond based on SDN network |
US20200259892A1 (en) * | 2019-02-11 | 2020-08-13 | Red Hat Israel, Ltd. | Implementing multiple load balancer drivers for a single load balancer |
EP3968675A1 (en) * | 2020-08-21 | 2022-03-16 | INTEL Corporation | Edge computing local breakout |
CN114338496A (en) * | 2020-10-12 | 2022-04-12 | 中移(苏州)软件技术有限公司 | Resource forwarding method, device, terminal and computer storage medium |
CN112383481A (en) * | 2020-11-02 | 2021-02-19 | 科大讯飞股份有限公司 | Flow table generation and port forwarding method, node, electronic device and storage medium |
CN112769829A (en) * | 2021-01-11 | 2021-05-07 | 科大讯飞股份有限公司 | Deployment method of cloud physical machine, related equipment and readable storage medium |
CN113472575A (en) * | 2021-06-30 | 2021-10-01 | 北京凌云雀科技有限公司 | Deployment method and device of open virtual network |
CN113612807A (en) * | 2021-10-09 | 2021-11-05 | 苏州浪潮智能科技有限公司 | Distributed firewall definition method and system |
CN114363021A (en) * | 2021-12-22 | 2022-04-15 | 绿盟科技集团股份有限公司 | Network shooting range system, virtual network implementation method and device of network shooting range system |
Non-Patent Citations (2)
Title |
---|
RENATO FIGUEIREDO 等: "《Demo: EdgeVPN.io: Open-source Virtual Private Network for Seamless Edge Computing with Kubernets》", 《IEEE》 * |
吴翰禺: "《基于OVN架构的云资源管控***设计与实现》", 《中国优秀硕士学位论文全文数据库》 * |
Also Published As
Publication number | Publication date |
---|---|
CN115378868B (en) | 2023-09-19 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US8422391B2 (en) | Method, media gateway and media gateway controller for maintaining NAT address mapping table | |
US10063470B2 (en) | Data center network system based on software-defined network and packet forwarding method, address resolution method, routing controller thereof | |
US11388082B2 (en) | Methods, systems, and computer readable media for diameter routing using software defined network (SDN) functionality | |
EP1303086A2 (en) | A hierarchical protocol classification engine | |
US7561575B2 (en) | Mechanisms for providing intelligent throttling on a nat session border controller | |
US20080062995A1 (en) | System and Method for Identifying and Forwarding a Data Sequence of a Communications Network | |
JP2014511089A (en) | Private address and public address mapping | |
US9432321B2 (en) | Method and apparatus for messaging in the cloud | |
WO2013126195A1 (en) | System and methods for managing network packet forwarding with a controller | |
US20160241467A1 (en) | Method and system to optimize packet exchange between the control and data plane in a software defined network | |
JP2016528630A (en) | Application-aware network management | |
US10205788B2 (en) | Run-time actionable information exchange system in a secure environment | |
US20130294449A1 (en) | Efficient application recognition in network traffic | |
CN105703970A (en) | telecommunication system and method for generating real time connection (RTC) between first endpoint and second endpoint | |
US9253237B2 (en) | Rich media status and feedback for devices and infrastructure components using in path signaling | |
TW201541919A (en) | Scalable address resolution | |
JP2010531602A (en) | Method and apparatus for communication of diagnostic data in a real-time communication network | |
EP3817308A1 (en) | Method, device and system for responding to request and applied to bt system | |
US20190394088A1 (en) | Network device configuration versioning | |
CN114363410B (en) | Application access method, cloud agent, node agent component, device and medium | |
CN113783910A (en) | Data forwarding method, device and system | |
US20040062257A1 (en) | System and method of maintaining coherent and synchronized address tables on all switches in a software stacking configuration | |
CN113709133A (en) | IPVC6 communication system based on data center | |
CN108924061A (en) | A kind of application identification and management method, system and relevant apparatus | |
CN115378868A (en) | System and method for realizing message processing based on SNAT resource pool |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
GR01 | Patent grant | ||
GR01 | Patent grant |