CN101325553B - Method for ISCSI data to traverse NAT and inner network memory system - Google Patents
Method for ISCSI data to traverse NAT and inner network memory system Download PDFInfo
- Publication number
- CN101325553B CN101325553B CN2008101177094A CN200810117709A CN101325553B CN 101325553 B CN101325553 B CN 101325553B CN 2008101177094 A CN2008101177094 A CN 2008101177094A CN 200810117709 A CN200810117709 A CN 200810117709A CN 101325553 B CN101325553 B CN 101325553B
- Authority
- CN
- China
- Prior art keywords
- address
- outer net
- target
- storage system
- corresponding relation
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Expired - Fee Related
Links
Images
Landscapes
- Data Exchanges In Wide-Area Networks (AREA)
Abstract
The invention discloses a data traversing NAT method for an internet small computer system interface ISCSI, applied in network disposing NAT apparatus between an external network client terminal and an internal network storage system. The method includes: the internal network storage system establishing a corresponding relationship between the external network IP address of NAT apparatus and the object side of the internal network storage system; the internal network storage system, according to the corresponding relationship, determining the external network IP address of NAT apparatus corresponding to the target to be requested, after receiving ISCSI packet of external network client terminal request target information; and taking the determined NAT apparatus external network IP address as the target address of the target to be requested, to return back to the external network client terminal. The invention also discloses an internal network storage system. The invention can realize ISCSI data interaction between the external network client terminal and the internal network storage system.
Description
Technical field
The present invention relates to technical field of memory, be specifically related to a kind of internet small computer system interface (ISCSI, Internet Small Computer System Interface) method and a kind of Intranet storage system of data passing through NAT (NetworkAddress Translation, network address translation).
Background technology
Internet small computer system interface (ISCSI, Internet Small Computer SystemInterface) be a kind of based on transmission control protocol/Internet Protocol (TCP/IP, Transport ControlProtocol/Internet Protocol) small computer system interface (SCSI, Small ComputerSystem Interface) host-host protocol, this host-host protocol also transmit scsi command reliably with the TCP/IP encapsulation between client and storage system.
Fig. 1 is the typical applied environment of an ISCSI agreement, as shown in Figure 1.Client need be installed an ISCSI initiator (initiator) module, then needs an integrated ISCSI target side (target) module in the storage system.Transmit scsi command and data by IP network between client and the storage system.
Fig. 2 is in the message schematic flow sheet that client in the same subnet and storage system are carried out the ISCSI transfer of data for existing, and as shown in Figure 2, its concrete steps are as follows:
Step 201: client sends ISCSI connection request (login) message to storage system, this message carries initiator name and initiator IP address, storage system is received ISCSI login message, preserves initiator name and initiator IP address in this message.
Step 202: client and storage system are carried out parameter negotiation.Parameter negotiation in this step refers to the negotiation of security parameter etc.
Step 203: client sends ISCSI text (text) message of request target information to storage system; After storage system receives this message, target name and the target IP address of target that client is asked sent to client.Wherein, the storage system target IP address that returns to client is filled in Target address (Address) field of response message.
Comprise a plurality of storage network interface cards in the storage system, the corresponding a plurality of target of storage network interface card possibility, these a plurality of target use corresponding storage network interface card IP address as target IP.In this step, after storage system receives ISCSI text message, will receive the IP of storage network interface card of this message as the target IP address of request target.
Step 204: client is recorded as the targetIP address with the Target Address field contents in the response message.
At the ISCSI access phase, when client-requested set up with certain target between ISCSI when being connected, will be to all messages of storage system transmission with the target IP of client records as purpose IP address.
Step 205: client sends ISCSI to storage system and connects and finish (logout) message, with finish with storage system between ISCSI be connected.
Below just finished the exchange of initiator information and target information between client and the storage system, this process is called discovery (DISCOVERY) process.
Step 206: client is initiated ISCSI login message to storage system, when request is set up with being connected of target, the target IP address of the purpose IP address of this message target that will connect that to be step 203 obtain from storage system, this message carries initiator name and target name simultaneously.Initiatorname is to be used to set up the parameter that ISCSI is connected with target name.
Step 207: storage system is received this ISCSI login message, determines that target is connected foundation with ISCSI between the initiator.
Step 208: client is connected mutual ISCSI data with storage system by the ISCSI that sets up.
So far, this flow process finishes.
In general the application, client and storage system all are in the internal network of the same network segment.But development along with business, the client of external network may need to visit the storage system of internal network, at this moment, because external network does not have directly can reach the IP route of internal network, the client of external network can't be set up ISCSI with the storage system of internal network and be connected, thereby can't carry out data interaction.Prior art does not provide the solution of this aspect.
Summary of the invention
In view of this, the invention provides a kind of method and a kind of Intranet storage system of ISCSI data passing through NAT, to realize the ISCSI data interaction between outer net client and the Intranet storage system.
The present invention is achieved in that
A kind of method of ISCSI data passing through NAT is applied to be provided with in the network of network address translation device between the net client and Intranet storage system outside, and this method comprises:
The Intranet storage system is set up the corresponding relation between the target side target in NAT device outer net IP address and the Intranet storage system;
After the Intranet storage system receives the ISCSI message of outer net client-requested target information,, determine the NAT device outer net IP address of requested target correspondence according to described corresponding relation; Determined NAT device outer net IP address is returned to described outer net client as the target address that is requested target, so that described outer net client at the ISCSI access phase, adopts the NAT device outer net IP address that receives as the purpose IP address that sends the ISCSI message to storage system.
Wherein, described Intranet storage system sets up that the corresponding relation between the target is in NAT device outer net IP address and the Intranet storage system: the Intranet storage system receives the described corresponding relation of manual input, sets up the corresponding relation between the target in NAT device outer net IP address and the Intranet storage system according to the described corresponding relation of manual input.
Wherein, described Intranet storage system sets up that the corresponding relation between the target comprises in NAT device outer net IP address and the Intranet storage system:
The mapping relations between the IP address of storage network interface card in configuration NAT device outer net IP address and the Intranet storage system in NAT device;
Described Intranet storage system is obtained described mapping relations from NAT device, with storing the target IP address of the IP address of network interface card as the target corresponding with this storage network interface card, sets up the corresponding relation between NAT device outer net IP address and the target IP address;
Described according to described corresponding relation, determine that the NAT device outer net IP address of requested target correspondence is: the Intranet storage system is determined the target IP address of requested target; According to the corresponding relation between described NAT device outer net IP address and the target IP address, search the NAT device outer net IP address of determined target IP address correspondence.
Preferably, described Intranet storage system sets up that the corresponding relation between the target also comprises in NAT device outer net IP address and the Intranet storage system:
The Intranet storage system receives the described corresponding relation of manual input and is recorded as static corresponding relation; To be recorded as dynamic corresponding relation according to the corresponding relation that the mapping relations of obtaining from NAT device are set up;
Described according to described corresponding relation, the NAT device outer net IP address of determining requested target correspondence is: when same target IP address has corresponding static corresponding relation and dynamic corresponding relation, determine the NAT device outer net IP address of described correspondence according to the static corresponding relation of correspondence.
Wherein, described foundation in NAT device outer net IP address and the Intranet storage system after the corresponding relation between the target side target, this method further comprises:
The Intranet storage system is obtained the source IP address of the ISCSI message that is received, and judges that described source IP address whether in default Intranet IP address range, if do not exist, judges that then the Intranet storage system receives the ISCSI message of outer net client-requested target information; Otherwise then the IP address with requested target sends to described outer net client as the target address.
A kind of Intranet storage system comprises:
The corresponding relation maintenance unit is used for setting up the corresponding relation between NAT device outer net IP address and the Intranet storage system target;
Outer net IP determining unit is used for behind the ISCSI message that receives outer net client-requested target information, according to the corresponding relation that described corresponding relation maintenance module is set up, determines the NAT device outer net IP address of requested target correspondence;
Revise transmitting element, be used for the target address of the determined NAT device outer net of described outer net IP determining unit IP address as requested target sent to described outer net client, so that described outer net client at the ISCSI access phase, adopts the NAT device outer net IP address that receives as the purpose IP address that sends the ISCSI message to the Intranet storage system.
Wherein, the corresponding relation of described corresponding relation maintenance unit foundation is the outside input of system.
According to above technical scheme as seen, find the stage at ISCSI, when the Intranet storage system is returned target information according to the outside net client of the request of outer net client, corresponding N AT equipment outer net IP address is filled in the target Address field returns the outer net client, like this, the outer net client is at the ISCSI access phase, can be with NAT device outer net IP address as the destination address that sends the ISCSI message, make the ISCSI message that sends be transmitted to the Intranet storage system, realized the ISCSI data interaction between outer net client and the Intranet storage system by NAT device.
Description of drawings
Fig. 1 is the typical applied environment of an existing ISCSI agreement.
Fig. 2 is in the message schematic flow sheet that client in the same subnet and storage system are carried out the ISCSI transfer of data for existing.
Fig. 3 is the exemplary process diagram of the method for ISCSI data passing through NAT provided by the invention.
Fig. 4 A is one of flow chart of the method for ISCSI data passing through NAT in the embodiment of the invention.
Fig. 4 B be the method for ISCSI data passing through NAT in the embodiment of the invention flow chart two.
The system that outer net client that Fig. 5 provides for the embodiment of the invention and Intranet storage system are carried out the ISCSI data interaction forms schematic diagram.
Fig. 6 is the structural representation of corresponding relation maintenance unit 531 among Fig. 5.
Fig. 7 is the structural representation of outer net IP determining unit 532 among Fig. 5.
Embodiment
Below in conjunction with the accompanying drawing embodiment that develops simultaneously, describe the present invention.
In order to realize the ISCSI data interaction between outer net client and the Intranet storage system, the embodiment of the invention is provided with NAT device between net client and the Intranet storage system outside, participates in the ISCSI transfer of data.
Fig. 3 is the exemplary process diagram of the method for ISCSI data passing through NAT provided by the invention.As shown in Figure 3, this method may further comprise the steps:
Step 301: the Intranet storage system is set up the corresponding relation between the target in NAT device outer net IP address and this Intranet storage system.
Step 302:, after the Intranet storage system receives the ISCSI text message of outer net client-requested target information,, determine the NAT device outer net IP address of requested target correspondence according to the corresponding relation of setting up in the ISCSI DISCOVERY stage.
Step 303: determined NAT device outer net IP address is sent to the outer net client as the Target Address of requested target, so that the outer net client at the ISCSI access phase, adopts the NAT device outer net IP address that receives as the purpose IP that sends message to storage system.
According to above-mentioned flow process, adopt the processing method of Fig. 3, in the ISCSI DISCOVERY stage, the Intranet storage system is outside during net client-requested target information, determined NAT device outer net IP address is filled in the target Address field of returning, return to the outer net client, make the outer net client think that NAT device outer net IP address is target IP.So, at the ISCSI access phase, the outer net client can be issued all the message of storage system and issue NAT device.Because external network possesses the IP route that directly can reach NAT device, so the ISCSI message can arrive NAT device smoothly, have processing by NAT device after, send to the Intranet storage system.Thereby realized the ISCSI data interaction between outer net client and the Intranet storage system.
Fig. 4 A and Fig. 4 B are the flow chart of the method for ISCSI data passing through NAT in the embodiment of the invention.This method may further comprise the steps:
At first, shown in Fig. 4 A, the mapping relations of the pre-configured NAT device outer net of step 401:NAT equipment IP address and NAT device Intranet IP address, and the mapping relations of storing the IP address of network interface card in NAT device Intranet IP address and the Intranet storage system.
Step 402:NAT equipment is according to the mapping relations of configuration, and the network interface card of respectively storing in the Intranet storage system sends corresponding NAT device outer net IP address.
For example, the outer net IP address of NAT device comprises 1,2,3, and Intranet IP address comprises 4,5,6, and the storage network interface card IP in the storage system comprises A, B and C.Suppose that the mapping relations of NAT device configuration comprise: 1-4 shines upon mutually, and 2-5 shines upon mutually, and 3-6 shines upon mutually, and 4-A shines upon mutually, and 5-B shines upon mutually, and 6-C shines upon mutually; So in this step, send 1 from the port that uses IP=4 to the storage network interface card of Intranet storage system IP=A, send 2 from the port that uses IP=5 to the storage network interface card of Intranet storage system IP=B, send 3 to the storage network interface card of Intranet storage system IP=C from the port that uses IP=6.
Step 403: the Intranet storage system is safeguarded the corresponding relation between the target IP address in NAT device outer net IP address and this Intranet storage system according to the NAT device outer net IP address that receives.
In this step, the Intranet storage system is obtained the mapping relations between NAT device outer net IP address and the storage network interface card IP address according to NAT device outer net IP address that receives and the storage network interface card that receives this NAT device outer net IP address;
After obtaining mapping relations, the Intranet storage system will be stored the target IP address of the IP address of network interface card as the target corresponding with this storage network interface card, set up the corresponding relation between NAT device outer net IP address and the target IP address.
For example, the storage network interface card of IP=A obtains the mapping relations of 1-A when receiving NAT device outer net IP address 1; With the target IP of A as the target of correspondence, then 1-A is the corresponding relation between NAT device outer net IP address and the target IP then.As seen, just mapping relations can be stored as corresponding relation after obtaining mapping relations, and with the storage network interface card IP in the mapping relations as targetIP.
Certainly, in practice, NAT device also can directly generate 1-A according to 1-4 and 4-A, sends to the Intranet storage system then; Perhaps 1-4 and 4-A are sent to the Intranet storage system, generate 1-A by the Intranet storage system; In practice, NAT device can also send to 4-A the Intranet storage system, the Intranet storage system according to NAT device between link is connected and obtains 1-4 automatically, thereby generation 1-A.Certainly, NAT device can also pass through other network interface, and 1-4 and 4-A are sent in the storage system.
Preferably, in the present embodiment, set up the IP mapping table that is used to store corresponding relation.The field of this IP mapping table comprises: target IP address (storing the IP address of network interface card in other words), NAT outer net IP address and state.Wherein, state comprises dynamic and static.When the Intranet storage system when generating corresponding relation from NAT device outer net IP address that NAT device obtains and being recorded in the IP mapping table, mode field is labeled as " dynamically ".When the Intranet storage system receives the corresponding relation of manual input, the corresponding relation that receives is recorded in the IP mapping table, simultaneously mode field is labeled as " static state ".Come into force after the static corresponding relation configuration always.The priority of static corresponding relation is greater than the priority of dynamic corresponding relation, when a target IP address has corresponding dynamic corresponding relation and static corresponding relation simultaneously, determine the NAT device outer net IP address that outside net client is returned according to static corresponding relation, and report and alarm, thereby prevent to attack.
In the present embodiment, in order to realize real-time update to dynamic corresponding relation, NAT device regularly sends NAT device outer net IP address or comprises the mapping relations of NAT device outer net IP address to the Intranet storage system, for example send once every 5s, make the Intranet storage system can regularly obtain up-to-date mapping relations, and upgrade corresponding corresponding relation.In addition, will delete, guarantee the validity of each corresponding relation above the corresponding relation that the default stand-by period is not updated.
In practice, the corresponding relation of Intranet storage system maintenance can all be static corresponding relation; It perhaps all is dynamic corresponding relation.In this case, the IP mapping table needn't comprise mode field.
Step 404: the outer net client is initiated ISCSI login message to NAT device, and the purpose IP address of this message is the outer net IP address of NAT device, and this message comprises information such as initiator name, initiator IP address.
Need to prove that in the ISCSI DISCOVERY stage, the outer net client all adopts NAT device outer net IP address as message purpose IP by NAT device to the message that the Intranet storage system sends.
Step 405:NAT equipment is received ISCSI login message, mapping relations according to the Intranet IP address of the outer net IP address of self pre-configured NAT device and NAT device, and the mapping relations of storing the IP address of network interface card in the Intranet IP address of NAT device and the interior net storage device, the purpose IP address of message is replaced with the storage network interface card IP address of Intranet storage system by the outer net IP address of NAT device, ISCSI login message is issued the Intranet storage system.
Step 406: the Intranet storage system receives ISCSI login message, from this message, obtain the information such as initiator name, initiator IP address of outer net client, return ISCSI connection response (login response) message by the outside net client of NAT device.
Step 407: outer net client and Intranet storage system are carried out parameter negotiation by the ISCSI message.
Step 408: the outer net client is to the ISCSI text message that sends acquisition request target information by NAT device to the Intranet storage system.
Step 409: after the Intranet storage system receives ISCSI text message, judge whether the source client that sends this message is the outer net client, if then execution in step 410; Otherwise, have now and return the target information processing, wherein fill target IP in the Target Address field.
In this step, the Intranet storage system is safeguarded an access control list ACL, all network segments of this acl logging Intranet.After the Intranet storage system received ISCSI text message, whether the source address of judging the ISCSItext message that receives was in ACL; If in ACL, think that then the client that sends ISCSI text message is the Intranet client; If not in the ACL table, judge that then the client that sends ISCSI text message is the outer net client.
Step 410: the Intranet storage system is determined the target IP address of requested target, with definite target IP address is index, according to the corresponding relation of self maintained, search the NAT device outer net IP address of the targetIP address correspondence that is requested target.
In this step, the Intranet storage system is determined the target of outer net client-requested according to the ISCSI text message that is received; Then, determine to be requested the target IP of target; Be specially: the IP address conduct that will receive the storage network interface card of ISCSItext message is requested the target IP address of target, and this is same as the prior art; At last, according to the corresponding relation that the Intranet storage system is safeguarded, search the NAT device outer net IP address of determined target IP correspondence.
Step 411: the Intranet storage system is returned ISCSI connection response message by the outside net client of NAT device, and the Target Address in this message is filled to the NAT device outer net IP address that step 410 finds.
Step 412: after the outer net client receives ISCSI connection response message, obtain NAT device outer net IP address, and be recorded as the IP address of the target that asks from Target Address field.
Step 413: the outer net client sends ISCSI to the Intranet storage system and connects and finish (logout) message, with finish with the Intranet storage system between ISCSI be connected.
Below just finished the ISCSI DISCOVERY stage.After this stage finishes, the outer net client thinks that the NAT device outer net IP address that obtains is exactly target IP address, then the outer net client is in follow-up ISCSI connects, can be with the destination address of NAT device outer net IP address as transmission ISCSI message, thereby the ISCSI message is sent to NAT device, be transmitted to the Intranet storage system by NAT device.
Below be the ISCSI connection procedure, shown in Fig. 4 B:
Step 414: the outer net client sends ISCSI login message to NAT device, and the purpose IP address of this message is the NAT device outer net IP address of thinking target IP address that the outer net client is write down.
After step 415:NAT equipment receives ISCSI login message, mapping relations according to the Intranet IP address of self pre-configured NAT device outer net IP address and NAT device, and the mapping relations of storing network interface card IP address in the Intranet IP address of NAT device and the interior net storage device, the purpose IP address of message is replaced with the IP address of respective stored network interface card by NAT device outer net IP address, then ISCSI login message is issued the Intranet storage system.
Step 416: the Intranet storage system receives ISCSI login message, returns ISCSI loginresponse message.
Step 417: outer net client and Intranet storage system are carried out parameter negotiation by NAT device.
Step 418: parameter negotiation finishes, and the ISCSI between the target of the initiator of outer net client and Intranet storage system is connected foundation.
Step 419: the outer net client is connected mutual ISCSI data with the Intranet storage system by the ISCSI that sets up.
So far, this flow process finishes.
Adopt the passing through NAT scheme of the embodiment of the invention, if storage system is only safeguarded static corresponding relation, then the outer net client does not need to revise and adopts prior NAT equipment to get final product.If storage system is safeguarded dynamic corresponding relation, then the outer net client is without any need for modification, gets final product for NAT device increases the function that NAT device outer net IP address or the mapping relations that comprise NAT device outer net IP address are sent to the Intranet storage system.
System's composition diagram that outer net client that Fig. 5 provides for the embodiment of the invention and Intranet storage system are carried out the ISCSI data interaction, as shown in Figure 5, it mainly comprises: outer net client 51, NAT device 52 and Intranet storage system 53, wherein,
Outer net client 51, be used for finding the stage at ISCSI, initiate the ISCSI text message of request target information to NAT device 52, after receiving the ISCSI response message, Target Address field contents in the record ISCSI response message, when the Intranet storage system sends the ISCSI connection request, with the Target Address field contents of record, as the purpose IP address of ISCSI connection request message.
Wherein, dispensing unit 521 is used for storing pre-configured NAT device outer net IP address and Intranet storage system and respectively stores mapping relations between the network interface card; These mapping relations comprise the mapping relations of NAT device outer net IP address and NAT device Intranet IP address, and the mapping relations between NAT device Intranet IP address and the storage network interface card IP.
Wherein, corresponding relation maintenance unit 531 is used for setting up the corresponding relation between NAT device outer net IP address and the Intranet storage system target.In the present embodiment, the corresponding relation in NAT device outer net IP address and the Intranet storage system between the target is the corresponding relation between NAT device outer net IP address and the target IP.
As shown in Figure 6, this corresponding relation maintenance unit 531 specifically comprises acquisition module 61, logging modle 62 and timing module 63; Wherein
Acquisition module 61 is used for obtaining mapping relations between NAT device outer net IP address and the Intranet storage system storage network interface card IP address from NAT device, and sends to logging modle 62.Preferably, acquisition module 61 obtains mapping relations for regularly obtaining.
Logging modle 62 is used for according to the mapping relations that receive, setting up the corresponding relation between NAT device outer net IP address and the targetIP address with storing the target IP address of the IP address of network interface card as the target corresponding with this storage network interface card, and storage.Preferably, from after acquisition module 61 reception mapping relations, upgrade corresponding relation at every turn.Further, this logging modle 62 also is used to receive the corresponding relation of manual input and be recorded as static corresponding relation, and will be recorded as dynamic corresponding relation according to the corresponding relation that the mapping relations of obtaining from NAT device are set up.
Timing module 63 is used to write down each corresponding relation and is recorded the time interval that module 62 is upgraded, when a corresponding relation time corresponding during at interval greater than default stand-by period, and Notification Record module 62 these corresponding relations of deletion.
Outer net IP determining unit 532 is used for the stage at ISCSI, after receiving ISCSI text message, according to corresponding relation maintenance unit 531 stored relation, determines the NAT device outer net IP address of the target IP address correspondence of requested target.
As shown in Figure 7, outer net IP determining unit 532 specifically comprises outer net client judge module 71 and address determination module 72; Wherein,
Outer net client judge module 71 is used for obtaining the source IP address of the ISCSI text message that is received after receiving ISCSI text message, judges that this source IP address is whether in default Intranet IP address range; If do not exist, judge that then the client that sends ISCSI text message is the outer net client, the Notify Address determination module; Otherwise then the IP with requested target sends to the outer net client as the target address.
Revise transmitting element 533, be used for the Target Address of outer net IP determining unit 532 determined NAT device outer net IP addresses as requested target sent to described outer net client, so that the outer net client at the ISCSI access phase, adopts the NAT device outer net IP address that receives as the purpose IP that sends the ISCSI message to the Intranet storage system.
In sum, more than be preferred embodiment of the present invention only, be not to be used to limit protection scope of the present invention.Within the spirit and principles in the present invention all, any modification of being done, be equal to replacement, improvement etc., all should be included within protection scope of the present invention.
Claims (10)
1. the method for an internet small computer system interface ISCSI data passing through NAT is applied to be provided with in the network of network address translation device between the net client and Intranet storage system outside, it is characterized in that this method comprises:
The Intranet storage system is set up the corresponding relation between the target side target in NAT device outer net IP address and the Intranet storage system;
After the Intranet storage system receives the ISCSI message of outer net client-requested target information,, determine the NAT device outer net IP address of requested target correspondence according to described corresponding relation; Determined NAT device outer net IP address is returned to described outer net client as the target address that is requested target, so that described outer net client at the ISCSI access phase, adopts the NAT device outer net IP address that receives as the purpose IP address that sends the ISCSI message to storage system.
2. the method for claim 1, it is characterized in that, described Intranet storage system sets up that the corresponding relation between the target is in NAT device outer net IP address and the Intranet storage system: the Intranet storage system receives the described corresponding relation of manual input, sets up the corresponding relation between the target in NAT device outer net IP address and the Intranet storage system according to the described corresponding relation of manual input.
3. the method for claim 1 is characterized in that, described Intranet storage system sets up that the corresponding relation between the target comprises in NAT device outer net IP address and the Intranet storage system:
The mapping relations between the IP address of storage network interface card in configuration NAT device outer net IP address and the Intranet storage system in NAT device;
Described Intranet storage system is obtained described mapping relations from NAT device, with storing the target IP address of the IP address of network interface card as the target corresponding with this storage network interface card, sets up the corresponding relation between NAT device outer net IP address and the target IP address;
Described according to described corresponding relation, determine that the NAT device outer net IP address of requested target correspondence is: the Intranet storage system is determined the target IP address of requested target; According to the corresponding relation between described NAT device outer net IP address and the target IP address, search the NAT device outer net IP address of determined target IP address correspondence.
4. method as claimed in claim 3 is characterized in that, described Intranet storage system sets up that the corresponding relation between the target comprises in NAT device outer net IP address and the Intranet storage system:
The Intranet storage system receives the described corresponding relation of manual input and is recorded as static corresponding relation; To be recorded as dynamic corresponding relation according to the corresponding relation that the mapping relations of obtaining from NAT device are set up;
Described according to described corresponding relation, the NAT device outer net IP address of determining requested target correspondence is: when same target IP address has corresponding static corresponding relation and dynamic corresponding relation, determine the NAT device outer net IP address of described correspondence according to the static corresponding relation of correspondence.
5. the method for claim 1 is characterized in that, described foundation in NAT device outer net IP address and the Intranet storage system after the corresponding relation between the target side target, and this method further comprises:
The Intranet storage system is obtained the source IP address of the ISCSI message that is received, and judges that described source IP address whether in default Intranet IP address range, if do not exist, judges that then the Intranet storage system receives the ISCSI message of outer net client-requested target information; Otherwise then the IP address with requested target sends to described outer net client as the target address.
6. an Intranet storage system is characterized in that, comprising:
The corresponding relation maintenance unit is used for setting up the corresponding relation between NAT device outer net IP address and the Intranet storage system target;
Outer net IP determining unit is used for behind the ISCSI message that receives outer net client-requested target information, according to the corresponding relation that described corresponding relation maintenance module is set up, determines the NAT device outer net IP address of requested target correspondence;
Revise transmitting element, be used for the target address of the determined NAT device outer net of described outer net IP determining unit IP address as requested target sent to described outer net client, so that described outer net client at the ISCSI access phase, adopts the NAT device outer net IP address that receives as the purpose IP address that sends the ISCSI message to the Intranet storage system.
7. Intranet storage system as claimed in claim 6 is characterized in that, the corresponding relation that described corresponding relation maintenance unit is set up is the outside input of system.
8. Intranet storage system as claimed in claim 6 is characterized in that, described corresponding relation maintenance unit comprise acquisition module and and logging modle;
Described acquisition module is used for obtaining mapping relations between the IP address of NAT device outer net IP address and Intranet storage system storage network interface card from NAT device, and sends to described logging modle;
Described logging modle is used for according to the mapping relations that receive, setting up the corresponding relation between NAT device outer net IP address and the target IP address with storing the target IP address of the IP address of network interface card as the target corresponding with this storage network interface card.
9. Intranet storage system as claimed in claim 8 is characterized in that described logging modle is further used for, and receives the described corresponding relation of manual input and is recorded as static corresponding relation; To be recorded as dynamic corresponding relation according to the corresponding relation that the mapping relations of obtaining from NAT device are set up;
Described outer net IP determining unit is further used for, and when a target IP has corresponding static corresponding relation and dynamic corresponding relation simultaneously, determines the NAT device outer net IP address of described correspondence according to static corresponding relation.
10. Intranet storage system as claimed in claim 6 is characterized in that, described outer net IP address determining unit comprises outer net client judge module and address determination module;
Described outer net client judge module, be used for behind the ISCSI message that receives request target information, obtain the source IP address of the ISCSI message that is received, judge that described source IP address is whether in default Intranet IP address range, if do not exist, judge that then the client that sends described ISCSI message is the outer net client, notifies described address determination module; Otherwise then the IP address with requested target sends to described outer net client as the target address;
Described address determination module is used for when receiving notice, according to the corresponding relation that described corresponding relation maintenance module is set up, determines the NAT device outer net IP address of requested target correspondence.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN2008101177094A CN101325553B (en) | 2008-08-04 | 2008-08-04 | Method for ISCSI data to traverse NAT and inner network memory system |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN2008101177094A CN101325553B (en) | 2008-08-04 | 2008-08-04 | Method for ISCSI data to traverse NAT and inner network memory system |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN101325553A CN101325553A (en) | 2008-12-17 |
| CN101325553B true CN101325553B (en) | 2010-08-25 |
Family
ID=40188886
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN2008101177094A Expired - Fee Related CN101325553B (en) | 2008-08-04 | 2008-08-04 | Method for ISCSI data to traverse NAT and inner network memory system |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN101325553B (en) |
Families Citing this family (8)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102325197B (en) * | 2011-05-23 | 2014-03-12 | 杭州华三通信技术有限公司 | Method for communication between intranet equipment and internet equipment and network address transformation equipment |
| CN102843284B (en) * | 2011-06-23 | 2015-08-12 | 北京飞杰信息技术有限公司 | ISCSI memory node, framework and reading, wiring method |
| CN102347990B (en) * | 2011-11-17 | 2014-06-25 | 杭州华三通信技术有限公司 | Method and equipment for establishing TCP (Transmission Control Protocol) connection |
| CN102664948B (en) * | 2012-04-18 | 2015-05-27 | 杭州海康威视数字技术股份有限公司 | Inter-gateway data storing system and method |
| CN104363235A (en) * | 2014-11-20 | 2015-02-18 | 成都博高科技有限责任公司 | Communication method, device and system and communication channel establishing method and device |
| CN110943937B (en) * | 2018-09-21 | 2023-04-11 | 金山云(深圳)边缘计算科技有限公司 | Local area network equipment utilization method and device |
| CN111107119B (en) * | 2018-10-29 | 2022-08-09 | 杭州海康威视系统技术有限公司 | Data access method, device and system based on cloud storage system and storage medium |
| CN113225409A (en) * | 2021-05-27 | 2021-08-06 | 北京天融信网络安全技术有限公司 | NAT load balancing access method, device and storage medium |
Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| EP1533972A2 (en) * | 2003-11-19 | 2005-05-25 | Hitachi, Ltd. | Storage subsystem, storage system, and communication control method |
| CN101119374A (en) * | 2007-09-10 | 2008-02-06 | 杭州华三通信技术有限公司 | iSCSI communication method and corresponding initiation equipment and objective equipment |
| CN101136929A (en) * | 2007-10-19 | 2008-03-05 | 杭州华三通信技术有限公司 | Internet small computer system interface data transmission method and apparatus |
-
2008
- 2008-08-04 CN CN2008101177094A patent/CN101325553B/en not_active Expired - Fee Related
Patent Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| EP1533972A2 (en) * | 2003-11-19 | 2005-05-25 | Hitachi, Ltd. | Storage subsystem, storage system, and communication control method |
| CN101119374A (en) * | 2007-09-10 | 2008-02-06 | 杭州华三通信技术有限公司 | iSCSI communication method and corresponding initiation equipment and objective equipment |
| CN101136929A (en) * | 2007-10-19 | 2008-03-05 | 杭州华三通信技术有限公司 | Internet small computer system interface data transmission method and apparatus |
Also Published As
| Publication number | Publication date |
|---|---|
| CN101325553A (en) | 2008-12-17 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN101325553B (en) | Method for ISCSI data to traverse NAT and inner network memory system | |
| CN113596184B (en) | Hybrid cloud system, gatekeeper, network access method and storage medium | |
| EP3739826B1 (en) | Communication method, system and apparatus | |
| TWI431978B (en) | Methods, devices and systems for obtaining resources | |
| KR101317178B1 (en) | ZigBee Gateway and method for identifying message of the same | |
| CN101335765B (en) | Storage service middleware based on mobile caching | |
| CN100518125C (en) | Communication apparatus, system, method | |
| CN101594376B (en) | Method and corresponding device for registering CIM provider to CIMOM | |
| CN101136929B (en) | Internet small computer system interface data transmission method and apparatus | |
| JP2011154622A (en) | Access control system and access control method | |
| CN111314450B (en) | Data transmission method and device, electronic equipment and computer storage medium | |
| CN106844489A (en) | A kind of file operation method, device and system | |
| CN106470251A (en) | Domain name analytic method and virtual DNS authority server | |
| CN112543108A (en) | Network isolation policy management method and network isolation policy management system | |
| CN106411742A (en) | Message transmission method and device | |
| CN111107119B (en) | Data access method, device and system based on cloud storage system and storage medium | |
| CN103856435A (en) | Address resolution protocol cache and caching method | |
| CN103888288A (en) | Registration method, administrator, register and system | |
| CN101656722B (en) | Method for generating dynamic host configuration protocol (DHCP) snooping binding information, and device thereof | |
| US20120110655A1 (en) | Data transmission management server and method | |
| US20160028856A1 (en) | Method, system and apparatus for providing services across networks | |
| EP3176986A1 (en) | Method, device and system for remote desktop protocol gateway to conduct routing and switching | |
| CN108228318B (en) | Method, host, system and storage medium for communication between cloud container and management device | |
| CN109104465B (en) | Multi-party file transmission method and agent management system | |
| CN103457959A (en) | Equipment configuration method and system |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C14 | Grant of patent or utility model | ||
| GR01 | Patent grant | ||
| CP03 | Change of name, title or address |
Address after: 310052 Binjiang District Changhe Road, Zhejiang, China, No. 466, No. Patentee after: NEW H3C TECHNOLOGIES Co.,Ltd. Address before: 310053 Hangzhou hi tech Industrial Development Zone, Zhejiang province science and Technology Industrial Park, No. 310 and No. six road, HUAWEI, Hangzhou production base Patentee before: HANGZHOU H3C TECHNOLOGIES Co.,Ltd. |
|
| CP03 | Change of name, title or address | ||
| CF01 | Termination of patent right due to non-payment of annual fee |
Granted publication date: 20100825 |
|
| CF01 | Termination of patent right due to non-payment of annual fee |