CN100423513C - Merging method with TCP connection - Google Patents
Merging method with TCP connection Download PDFInfo
- Publication number
- CN100423513C CN100423513C CNB2006100660083A CN200610066008A CN100423513C CN 100423513 C CN100423513 C CN 100423513C CN B2006100660083 A CNB2006100660083 A CN B2006100660083A CN 200610066008 A CN200610066008 A CN 200610066008A CN 100423513 C CN100423513 C CN 100423513C
- Authority
- CN
- China
- Prior art keywords
- tcp
- address
- connects
- main equipment
- equipment
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Images
Landscapes
- Data Exchanges In Wide-Area Networks (AREA)
Abstract
The present invention discloses a merging method for TCP connection. The present invention is characterized in that the method comprises A, a first and a second secondary devices respectively send out TCP connection establishment requests to a main device, and the main device uses a cheat method to immediately transmit confirmation messages to the first and the second secondary devices; under the condition of the main device not starting-up TCP processing flow, the first and the second secondary devices respectively establish TCP connection of TCPI and TCPII with the main device; B, coincidence relation of the TCP connection of the TCPI and the TCPII is arranged on the main device; C, the first and the second secondary devices transmit data via the forward of the main device. Intermediate nodes do not need to process complicated TCP protocols and state machines, so the TCP connection merging method of the present invention greatly reduces the processing load of the intermediate nodes. The present invention can realize high-speed forward via a network processor or hardware logic and can realize end-to-end reliable transmission via combining more than two types of TCP connection.
Description
Technical field
The present invention relates to technical field of the computer network, be specifically related to the processing method that TCP connects.
Technical background
Transmission control protocol (TCP) is the transport layer protocol in the ICP/IP protocol stack, and it is confirmed by sequence and the bag retransmission mechanism, and the virtual Connection Service of reliable data flow transmission and application program is provided.When the network layer quality of service amount can not meet the demands, improved by the TCP service, to satisfy high-rise requirement.In network, must guarantee on the computer that the software program on the machine of destination can obtain packet from the source address machine, and source computer can be received correct answer, for this reason, TCP connects between end points or virtual circuit carries out reliable communication, and the TCP process can send and receive bag simultaneously.TCP by connection-oriented, authentic data newspaper sends the assurance reliability end to end.In addition, TCP provides effective current control, when returning the affirmation response to the sender, receives the TCP process and will illustrate that it can receive and guarantee that buffer memory flooding information can not take place.
Most of network services all are based on transmission control protocol (TCP) as file transfer services, remote login service, WEB service etc. and connect.When two computers carry out data communication by network, also need to carry out TCP and connect.
But in using, TCP often runs into such situation, two computers all are arranged in private network, they are surfed the Internet by network address translation apparatus, transmit if will carry out data between these two computers, need a server that is positioned at public network to realize switching usually.As shown in Figure 1, at first, computer A, B set up TCP with server C respectively and are connected, and server C receives a TCP earlier and connects the data that TCP1 sends, and re-send to another one TCP and connect on the TCP2, and data could arrive the other side's computer like this.On server, monitor and set up two TCP connections, connect from a TCP by server forwards then and receive that another one connects.
Need to set up two TCP on the server and connect, because TCP is the agreement of individual more complicated, the foundation of TCP and maintenance need to consume a large amount of computer resources, so TCP connects the quantity of foundation and the index that speed is normally weighed a server handling ability.
The another one shortcoming is exactly that the possibility that server exists data to be mistakenly rewritten when carrying out the tcp data forwarding in theory can not realize end-to-end reliability truly.
Summary of the invention
Given this, the technical problem to be solved in the present invention is, the processing method that provides a kind of TCP to connect is to realize the efficient, reliable of transfer of data end to end.
The invention provides the merging method that a kind of TCP connects, first, second slave unit is registered to main equipment by the TCP connection in advance, and this method comprises:
A. described main equipment notifies first, second slave unit to set up the TCP connection, receive first, second slave unit respectively to main equipment send set up the TCP connection request after, respond this request and send acknowledge message, set up TCP with first, second slave unit respectively and be connected TCP I, TCP II;
B. setting up the mapping relations that these two TCP connect source IP address between TCP I, TCP II, source port, purpose IP address, destination interface on the main equipment;
C. main equipment will be given second, first slave unit from the data forwarding of first, second slave unit according to described mapping relations.
The affirmation message that main equipment described in the steps A sends is pseudo-acknowledge message, so that described slave unit proceeds to set up the subsequent step that TCP connects after receiving this acknowledge message.
Described TCP connection is identified by source IP address, source port address, purpose IP address, destination interface address.
TCP connects after TCP I, TCP II set up, and the TCP interface channel of main equipment during by registration sends to connect and set up success message and issue first, second slave unit, and described subsequently main equipment enters data forward state.
Ground preferably, wherein step C comprises:
D. main equipment carries out conversion to the source IP address of the packet received and source port address and purpose IP address and destination interface address;
E. poor according to send sequence number difference and the acknowledged sequence number of TCP I and TCP II, adjustment the sending sequence number and acknowledged sequence number of packet;
F. main equipment carries out data forwarding.
Ground preferably, wherein step D comprises:
The source IP address of the packet that will receive from TCP I and IP address and the port address that the source port address replaces with the main equipment side of TCP II correspondence, IP address and port address that the purpose IP address and the destination interface address of described packet replaced with the second slave unit end of TCP II record;
The source IP address of the packet that will receive from TCP II and IP address and the port address that the source port address replaces with the main equipment side of TCP I correspondence, IP address and port address that the purpose IP address and the destination interface address of described packet replaced with the first slave unit end of TCP I record.
After packet is modified, need recomputate IP and TCP check and.
When TCP II termination, main equipment deletion TCP I connects, the forwarding record that deletion simultaneously is correlated with, and when the TCPI termination, main equipment deletion TCP II connects the forwarding record that deletion simultaneously is correlated with.
The merging method that a kind of TCP provided by the invention connects by the 3rd device forwards data, realizes the exchanges data between two equipment, and this method comprises:
First, second equipment connects described the 3rd equipment that is registered to by TCP in advance;
Described first, second equipment of described the 3rd device responds sends sets up the TCP connection request, the employing mode of cheating sends acknowledge message respectively to described first, second equipment that sends the TCP connection request, and sets up pseudo-TCP with described first, second equipment respectively and be connected;
Set up the mapping relations of the source I P address of two pseudo-TCP between connecting, source port, purpose IP address, destination interface;
Described the 3rd equipment is that two pseudo-TCP connect corresponding described first, second device forwards data according to described mapping relations.
Ground preferably, described the 3rd equipment carries out conversion to the source IP address of the packet received and source port and purpose IP address and destination interface;
Described the 3rd equipment is poor according to send sequence number difference and acknowledged sequence number that described two pseudo-TCP connect, the sending sequence number and acknowledged sequence number of adjustment packet.
Because the method according to this invention is initiated two TCP by slave unit to main equipment respectively and connected, slave unit is not connected by address-translating device and firewall restriction and main equipment, is fit to various network environments.The TCP that the mode that main equipment sends pseudo-confirmation in time responds slave unit sets up request, make TCP connect smooth and easy foundation, transmit the data between the slave unit immediately,, reduce the processing load of intermediate node greatly because intermediate node need not be handled complicated Transmission Control Protocol and state machine.Can adopt network processing unit or hardware logic to realize transmitting at a high speed, thereby the merging that two above TCP are connected realize reliable transmission end to end.
Description of drawings
Fig. 1 is the existing schematic diagram that transmits data that connects based on TCP;
Fig. 2 is for the operation principle schematic diagram of method provided by the present invention is described;
Fig. 3 is the method according to this invention flow chart;
Fig. 4 is operation principle schematic diagram according to an embodiment of the invention.
Embodiment
Below in conjunction with Figure of description principle of the present invention is described.With reference to Fig. 2 and Fig. 3, the merging processing procedure that connects according to TCP of the present invention is as follows:
1, slave unit I, II are registered to main equipment by the TCP connection, and main equipment notice slave unit I, II initiate to connect and set up.
2, slave unit I, II send beginning TCP connection to main equipment respectively and set up request (TCP SYN), main equipment sends pseudo-(SYN ACK) message of confirming respectively to slave unit I, II, but the inreal handling process that starts TCP of main equipment this moment, its purpose is cheated slave unit I exactly, this equipment of II has been finished TCP and set up processing, so that slave unit I, II proceed to set up the subsequent step that TCP connects after receiving this acknowledge message.
3, set up the corresponding relation that these two TCP connect on main equipment, the source IP, source port, purpose IP, the destination interface that are about to two TCP connections are set up mapping relations.
4, after two TCP connections are all set up well, main equipment is sent out to connect and is set up successful notification message to issuing slave unit I, II, because being pseudo-TCP, main equipment connects, can't guarantee really that the message that sends can send to the opposite end accurately and reliably, so the TCP interface channel when sending success message by registration sends.Main equipment enters data forward state subsequently.
5, the normal data that send between slave unit I, II, main equipment is transmitted the data of slave unit I, II, the description that the process of forwarding is seen below.
If 6 have a TCP to stop, main equipment will be deleted another TCP and connect, simultaneously the relevant forwarding record of deletion.
Data forwarding process on main equipment is as follows:
As shown in Figure 2, suppose that data mail to equipment I I by slave unit I.TCP linkage flag between slave unit I and the main equipment is TCP I, and the TCP linkage flag between slave unit II and the main equipment is TCP II.
After main equipment is received the data that slave unit I sends from TCP I, find another TCP II link information of the slave unit II corresponding with it, the source IP of replacement data bag and source port are the IP and the port of the main equipment side of TCP II correspondence, and the purpose IP of replacement data bag and port are the IP and the port of the slave unit II end of TCP II record.
The sequence number that writes down initial transmission that two TCP connect and acknowledged sequence number is poor, adjust sequence number and the check code of TCP, these two TCP are connected, transmission, the acknowledged sequence number of packet detect, adjust if there are differences then need, correspondingly recomputate simultaneously IP and TCP check and.For example, if the sending sequence number of TCP I than the little N of sequence number of TCP II, the little M of acknowledged sequence number, then transmission, the acknowledged sequence number with packet adds N and M respectively.
Afterwards, main equipment is transmitted this packet.
The processing and the said process of packet that is mail to slave unit I by slave unit II is similar, no longer narrates at this.
Embodiment
With a SSL examples of applications merging that how detailed description realizes that two TCP connect is described below.
As shown in Figure 4, PC-B is an Information Service device, and computer PC-A thinks the resource of access computer PC-B, because not directly networking of PC-A, PC-B, can only visit by the internet, so, use SSL to conduct interviews, but because PC-A, PC-B are arranged in private network for safety, surf the Net by address-translating device, and outlet has firewall box, connects so can't directly set up SSL between PC-A, PC-B, need transfer by a server S ERVER-C.Present common solution, be directly to set up two TCP to be connected with SERVER-C, then a connection is received data, send to another one and connect, this method needs two complete TCP of SERVER-C server maintenance to connect, and it is all very limited to insert number of users and speed, but employing the present invention, server S ERVER-C need not safeguard that TCP connects, and only need do one and simply transmit just passablely, sets up speed, inserts number of users, forwarding speed all wants much high.Below we illustrate the concrete course of work
Suppose IP address difference IPA, IPB, the IPC of PC-A, PC-B, SERVER-C correspondence, its basic functional principle is as follows:
At first, PC-A, PC-B sign in to server S ERVER-C earlier, the annexation of PC-A, PC-B is set up in request, SERVER-C notice PC-A, PC-B initiate TCP to SERVER-C and set up, the port of TCP is respectively PORTA, PORTB, PORTC, for the ease of two connections that need merging of SERVER-C identification, can send out a unique connection identifier simultaneously and give PC-A, PC-B.
Secondly, PC-A, PC-B initiate TCP SYN respectively and begin 3 times that TCP sets up and shake hands, and SERVER-C carries out TCP and cheats, and responds TCP SYNACK, and two TCP connect and set up.
At this moment PC-A, PC-B can send the connection identifier of oneself to SERVER-C, and SERVER-C sets up the forwarding relation that two TCP connect according to connection identifier.
Then, the TCP of SERVER-C notice PC-A, PC-B connection identifier correspondence connects and merges successfully, and SERVER-C enters forwarding state, no longer explains the data content of two connections.
Thereafter, PC-A just can initiate SSL to PC-B and set up flow process, and at this moment the complete imperceptible centre of PC-APC-B must change, with PC-A and PC-B directly establish TCP be connected the same, even server S ERVER-C does not support that SSL is not subjected at all to influence yet.
Finish SSL foundation and just can carry out safe transfer of data.
The data forwarding process of SERVER-C is as follows:
(1) SERVER-C receives the packet that PC-A sends, and supposes the sequence number big N of the sequence number of TCPA than TCPB, the big M of acknowledged sequence number.Then the source IPA of replacement data bag, source port PORTA are IPC, PORTC, and the purpose IPC in the replacement data bag, destination interface PORTC are IPB, PORTB.
(2) SERVER-C adjusts transmission, acknowledged sequence number is respectively sequence number-N and sequence number-M, and mould is maximum TCP sequence number number.
(3) send data.
If do not adopt the present invention, SERVER-C must multidimensional protect two complete TCP connections, connects receiving data stream from a TCP earlier, and then writes in another TCP connection, and is much bigger to the consumption of SERVER-C resource.
The foregoing description is exemplary embodiment of the present invention, is not limited to the present invention, and for a person skilled in the art, the present invention can have various changes and variation.Within the spirit and principles in the present invention all, any modification of being done, be equal to replacement, improvement etc., all should be included within the claim scope of the present invention.
Claims (10)
1. the merging method that TCP connects is characterized in that, first, second slave unit is registered to main equipment by the TCP connection in advance, and this method comprises:
A. main equipment is notified first, second slave unit to set up TCP to connect, receive first, second slave unit respectively to main equipment send set up the TCP connection request after, respond this request and send pseudo-acknowledge message, to proceed to set up the subsequent step that TCP connects;
After described first, second slave unit was received this puppet acknowledge message, main equipment was set up TCP with first, second slave unit respectively and is connected TCP I, TCP II;
B. setting up the mapping relations that these two TCP connect source IP address between TCP I, TCP II, source port, purpose I P address, destination interface on the main equipment;
C. main equipment will be transmitted to second, first slave unit from the data of first, second slave unit respectively according to described mapping relations.
2. the merging method that TCP as claimed in claim 1 connects is characterized in that, described TCP connection is identified by source IP address, source port, purpose IP address, destination interface.
3. the merging method that TCP as claimed in claim 1 connects, it is characterized in that, TCP connects after TCPI, the TCP II foundation, the TCP interface channel of main equipment by when registration sends respectively to connect sets up success message to first, second slave unit, and described subsequently main equipment enters data forward state.
4. the merging method that TCP as claimed in claim 1 connects is characterized in that wherein step C comprises:
D. main equipment carries out conversion to the source IP address of the packet received and source port and purpose IP address and destination interface;
E. poor according to send sequence number difference and the acknowledged sequence number of TCP I and TCP II, adjustment the sending sequence number and acknowledged sequence number of packet;
F. main equipment carries out data forwarding.
5. the merging method that TCP as claimed in claim 4 connects is characterized in that wherein step D comprises:
The source IP address of the packet that will receive from TCP I and IP address and the port that source port replaces with the main equipment side of TCP II correspondence, IP address and port that the purpose IP address and the destination interface of described packet replaced with the second slave unit end of TCP II record;
The source IP address of the packet that will receive from TCP II and IP address and the port that source port is changed to the main equipment side of TCP I correspondence, IP address and port that the purpose IP address and the destination interface of described packet replaced with the first slave unit end of TCP I record.
6. the merging method that TCP as claimed in claim 5 connects is characterized in that, after packet is modified, need recomputate IP and TCP check and.
7. as the merging method of claim 1 or 5 described TCP connections, it is characterized in that when the TCPI termination, main equipment deletion TCP II connects the forwarding record that deletion simultaneously is correlated with; When TCP II termination, main equipment deletion TCP I connects, simultaneously the relevant forwarding record of deletion.
8. the merging method that connects of a TCP is characterized in that by the 3rd device forwards data, realize the exchanges data between two equipment, this method comprises:
First, second equipment connects described the 3rd equipment that is registered to by TCP in advance;
Described first, second equipment of described the 3rd device responds sends sets up the TCP connection request, the employing mode of cheating sends acknowledge message respectively to described first, second equipment that sends the TCP connection request, and sets up pseudo-TCP with described first, second equipment respectively and be connected;
Set up the mapping relations of the source IP address of two pseudo-TCP between connecting, source port, purpose IP address, destination interface;
Described the 3rd equipment is that two pseudo-TCP connect corresponding described first, second device forwards data according to described mapping relations.
9. the merging method that TCP as claimed in claim 8 connects is characterized in that, described the 3rd equipment carries out conversion to the source IP address of the packet received and source port and purpose IP address and destination interface;
Described the 3rd equipment is poor according to send sequence number difference and acknowledged sequence number that described two pseudo-TCP connect, the sending sequence number and acknowledged sequence number of adjustment packet.
10. the merging method that TCP as claimed in claim 9 connects is characterized in that wherein said IP address and port conversion comprise:
To replace with IP address and the port address that another pseudo-TCP is connected described the 3rd equipment side of correspondence with the source port address from the source IP address that a pseudo-TCP wherein connects the packet of receiving, the purpose IP address and the destination interface of described packet replaced with IP address and the port that another pseudo-TCP is connected the corresponding equipment end respectively.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CNB2006100660083A CN100423513C (en) | 2006-03-21 | 2006-03-21 | Merging method with TCP connection |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CNB2006100660083A CN100423513C (en) | 2006-03-21 | 2006-03-21 | Merging method with TCP connection |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN1819562A CN1819562A (en) | 2006-08-16 |
| CN100423513C true CN100423513C (en) | 2008-10-01 |
Family
ID=36919251
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CNB2006100660083A Active CN100423513C (en) | 2006-03-21 | 2006-03-21 | Merging method with TCP connection |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN100423513C (en) |
Families Citing this family (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101309285B (en) * | 2007-05-15 | 2012-09-05 | 华为技术有限公司 | Second layer control method,apparatus and system thereof |
| CN105991629B (en) * | 2015-03-26 | 2019-06-04 | 杭州迪普科技股份有限公司 | TCP connection method for building up and device |
Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1391378A (en) * | 2001-06-11 | 2003-01-15 | 华为技术有限公司 | Connection switching system at front end of server cluster and its switching method |
| US6535515B1 (en) * | 1998-05-25 | 2003-03-18 | Kdd Corporation | TCP communication speed improving system |
| CN1505342A (en) * | 2002-11-28 | 2004-06-16 | 深圳市中兴通讯股份有限公司上海第二 | A method for connecting from local area network |
| CN1582583A (en) * | 2001-02-15 | 2005-02-16 | 讯捷通讯公司 | A dual proxy approach to TCP performance improvements over a wireless interface |
| JP2005260715A (en) * | 2004-03-12 | 2005-09-22 | Ntt Communications Kk | Terminal device having packet nat transparent function, and its program |
-
2006
- 2006-03-21 CN CNB2006100660083A patent/CN100423513C/en active Active
Patent Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US6535515B1 (en) * | 1998-05-25 | 2003-03-18 | Kdd Corporation | TCP communication speed improving system |
| CN1582583A (en) * | 2001-02-15 | 2005-02-16 | 讯捷通讯公司 | A dual proxy approach to TCP performance improvements over a wireless interface |
| CN1391378A (en) * | 2001-06-11 | 2003-01-15 | 华为技术有限公司 | Connection switching system at front end of server cluster and its switching method |
| CN1505342A (en) * | 2002-11-28 | 2004-06-16 | 深圳市中兴通讯股份有限公司上海第二 | A method for connecting from local area network |
| JP2005260715A (en) * | 2004-03-12 | 2005-09-22 | Ntt Communications Kk | Terminal device having packet nat transparent function, and its program |
Also Published As
| Publication number | Publication date |
|---|---|
| CN1819562A (en) | 2006-08-16 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| Iren et al. | The transport layer: tutorial and survey | |
| US6563821B1 (en) | Channel bonding in a remote communications server system | |
| US7184445B2 (en) | Architecture and API for of transport and upper layer protocol processing acceleration | |
| US5745685A (en) | Protocol extension in NSPP using an acknowledgment bit | |
| US8732236B2 (en) | Managing network communications between network nodes and stream transport protocol | |
| CN101536417B (en) | Method for eliminating redundant connections | |
| CN100571266C (en) | A kind of data transmission method and system | |
| CN1909507B (en) | Method and system for message transfer | |
| Natarajan et al. | SCTP: An innovative transport layer protocol for the web | |
| WO1998047166A2 (en) | Data communication protocol | |
| WO2006133651A1 (en) | Communication method between communication devices and communication apparatus | |
| AU2007320794B2 (en) | Selective session interception method | |
| CN102315918B (en) | Method and device for intercommunicating TCP (Transmission Control Protocol) connection with SCTP (Stream Control Transmission Protocol) connection | |
| WO2011057525A1 (en) | Http server based on packet processing and data processing method thereof | |
| CN100423513C (en) | Merging method with TCP connection | |
| JP5029685B2 (en) | Backup device | |
| WO2011079743A1 (en) | Data transmission method and associated devices | |
| JP2002190827A (en) | Connection system for internet telephone between different networks | |
| JP2004064490A (en) | Data communication system | |
| US20090052446A1 (en) | Communications Interface | |
| Selvan | A Survey on Modern Innovative Secured Transport Layer Protocols on Recent Advances | |
| JP2002312261A (en) | Network service relay method and relay device | |
| CN105491057A (en) | Data transmission method and device for preventing distributed reject service DDoS attack | |
| Ko et al. | Internet Small Computer System Interface (iSCSI) Extensions for the Remote Direct Memory Access (RDMA) Specification | |
| Rao et al. | Development of a Transport Layer using SMS |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C14 | Grant of patent or utility model | ||
| GR01 | Patent grant | ||
| CP03 | Change of name, title or address |
Address after: 310052 Binjiang District Changhe Road, Zhejiang, China, No. 466, No. Patentee after: Xinhua three Technology Co., Ltd. Address before: 310053 Hangzhou hi tech Industrial Development Zone, Zhejiang province science and Technology Industrial Park, No. 310 and No. six road, HUAWEI, Hangzhou production base Patentee before: Huasan Communication Technology Co., Ltd. |
|
| CP03 | Change of name, title or address |