CN103731356A - Message processing method and device - Google Patents

Message processing method and device Download PDF

Info

Publication number
CN103731356A
CN103731356A CN201310662028.7A CN201310662028A CN103731356A CN 103731356 A CN103731356 A CN 103731356A CN 201310662028 A CN201310662028 A CN 201310662028A CN 103731356 A CN103731356 A CN 103731356A
Authority
CN
China
Prior art keywords
public network
address
network address
message
destination
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN201310662028.7A
Other languages
Chinese (zh)
Other versions
CN103731356B (en
Inventor
邱扩伟
钟岳林
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Ruijie Networks Co Ltd
Original Assignee
Fujian Star Net Communication Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Fujian Star Net Communication Co Ltd filed Critical Fujian Star Net Communication Co Ltd
Priority to CN201310662028.7A priority Critical patent/CN103731356B/en
Publication of CN103731356A publication Critical patent/CN103731356A/en
Application granted granted Critical
Publication of CN103731356B publication Critical patent/CN103731356B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Landscapes

  • Data Exchanges In Wide-Area Networks (AREA)

Abstract

The invention provides a message processing method and a device which are applied to a multi-core routing system including multiple processor cores. Each processor core forwards messages through a flow platform. The message processing method comprises the steps: the first processor core establishes data message forward flows through input service of the flow platform; public network addresses and public network ports which are pre-allocated for data messages are confirmed in a public network address pool through network address translation service, and the situation that the data message reverse flows do not exist in a flow table stored on the flow platform is confirmed; the flow table stored on the flow platform is locked, data message reserve pseudo flows are established and stored in the flow table, the flow table is unlocked to enable the public network addresses and public network ports not be allocated for the processor cores in the multi-core routing system except the first processor core; the data message reverse flows are established through output service of the flow platform, and the reserve pseudo flows age after the reserve flows are established.

Description

Message processing method and device
Technical field
The embodiment of the present invention relates to the communication technology, relates in particular to a kind of message processing method and device.
Background technology
Network address translation (Network Address Translation is called for short NAT) technology is the process for another IP address by the IP address transition in IP data packet head.
In the prior art, NAT technology comprises that (Internet Protocol version is called for short: IPv) conversion of 4/IPv4 and the conversion of IPv6/IPv4, be mainly used in monokaryon route system internet protocol version.Wherein, the transfer process of IPv4/IPv4, is that the source IPv4 address translation of IPv4 data message is become to public network IP v4 address.In the transfer process of IPv6/IPv4, the source address of IPv6 data message is translated into public network IP v4 address, the destination address of IPv6 data message is translated into the destination address of IPv4 datagram.After carrying out address transition, final IPv4 data message or IPv6 data message are usingd public network IP v4 address as outlet, send to destination host.
Yet, in prior art, only provided the implementation that monokaryon route system carries out NAT technology, do not provide multinuclear route system and how to realize NAT technology.
Summary of the invention
The embodiment of the present invention provides a kind of message processing method and device, to realize the NAT technology of multinuclear route system.
First aspect, the invention provides a kind of message processing method, is applied to multinuclear route system, and described multinuclear route system comprises a plurality of processor cores, and each processor core E-Packets by levelling platform, comprising:
First processor core is set up the source address, source port of data message to the positive flow of destination address, destination interface by the incoming traffic of described levelling platform, and described first processor core is the arbitrary processor core in described a plurality of processor core;
Described first processor core is determined public network address, the public network port be pre-assigned to described data message in public network address pond by network address translation business, determine that the destination address that do not have described data message in the stream table of preserving on levelling platform, destination interface are to the reverse flow of described public network address, described public network port;
Described first processor is checked the stream table of preserving on levelling platform and is locked, destination address, destination interface to the reverse puppet of described public network address, described public network port of setting up described data message flow, and described reverse pseudo-stream is saved in described stream table, other processor core except described first processor core described stream table carried out to release, so that cannot distribute described public network address and described public network port in described multiple nucleus system;
Described first processor core is set up described data message destination address, destination interface by the outgoing traffic of described levelling platform is to the reverse flow of described public network address, described public network port and be saved in described stream table, and described reverse pseudo-stream is aging after described reverse flow table is saved in described stream table.
Second aspect, the invention provides a kind of message process device, is applied to multinuclear route system, described multinuclear route system comprises a plurality of processor cores, each processor core E-Packets by levelling platform, and described message process device is integrated on each processor core, comprising:
First builds flow module, for setting up the source address, source port of data message by the incoming traffic of described levelling platform to the positive flow of destination address, destination interface;
Judge module, for determining public network address, the public network port be pre-assigned to described data message by network address translation business in public network address pond, determine that the destination address that do not have described data message in the stream table of preserving on levelling platform, destination interface are to the reverse flow of described public network address, described public network port;
Processing module, for the stream table of preserving on convection current platform, lock, destination address, destination interface to the reverse puppet of described public network address, described public network port of setting up described data message flow, and described reverse pseudo-stream is saved in described stream table, other processor core except described first processor core described stream table carried out to release, so that cannot distribute described public network address and described public network port in described multiple nucleus system;
Second builds flow module, for the destination address, destination interface of setting up described data message by the outgoing traffic of described levelling platform, to the reverse flow of described public network address, described public network port and be saved to described stream table, described reverse pseudo-stream is aging after described reverse flow table is saved in described stream table.
The message processing method that the embodiment of the present invention provides and device, first processor core is set up the source address, source port of data message to the positive flow of destination address, destination interface by the incoming traffic of described levelling platform, and described first processor core is the arbitrary processor core in described a plurality of processor core; Described first processor core is determined public network address, the public network port be pre-assigned to described data message in public network address pond by network address translation business, determine that the destination address that do not have described data message in the stream table of preserving on levelling platform, destination interface are to the reverse flow of described public network address, described public network port; Described first processor is checked the stream table of preserving on levelling platform and is locked, destination address, destination interface to the reverse puppet of described public network address, described public network port of setting up described data message flow, and described reverse pseudo-stream is saved in described stream table, other processor core except described first processor core described stream table carried out to release, so that cannot distribute described public network address and described public network port in described multiple nucleus system; Described first processor core is set up described data message destination address, destination interface by the outgoing traffic of described levelling platform is to the reverse flow of described public network address, described public network port and be saved in described stream table, described reverse pseudo-stream is aging after described reverse flow table is saved in described stream table, not only realize the network address translation of multinuclear route system, also avoided the address conflict problem between each core.
Accompanying drawing explanation
In order to be illustrated more clearly in the embodiment of the present invention or technical scheme of the prior art, to the accompanying drawing of required use in embodiment or description of the Prior Art be briefly described below, apparently, accompanying drawing in the following describes is some embodiments of the present invention, for those of ordinary skills, do not paying under the prerequisite of creative work, can also obtain according to these accompanying drawings other accompanying drawing.
Fig. 1 is the schematic flow sheet of message processing method embodiment mono-of the present invention;
Fig. 2 is embodiment of the present invention flow forwarding schematic diagram;
Fig. 3 is the application IP addresses schematic diagram of message processing method of the present invention;
The structural representation of the message process device embodiment mono-that Fig. 4 provides for the embodiment of the present invention.
Embodiment
For making object, technical scheme and the advantage of the embodiment of the present invention clearer, below in conjunction with the accompanying drawing in the embodiment of the present invention, technical scheme in the embodiment of the present invention is clearly and completely described, obviously, described embodiment is the present invention's part embodiment, rather than whole embodiment.Embodiment based in the present invention, those of ordinary skills, not making the every other embodiment obtaining under creative work prerequisite, belong to the scope of protection of the invention.
Fig. 1 is the schematic flow sheet of message processing method embodiment mono-of the present invention.The message processing method that the embodiment of the present invention provides can be realized by message process device arbitrarily.This message process device can be by software and/or hardware are realized arbitrarily.The message processing method that the embodiment of the present invention provides comprises:
Step 101, first processor core are set up the source address, source port of data message to the positive flow of destination address, destination interface by the incoming traffic of described levelling platform;
Step 102, described first processor core are determined public network address, the public network port that is pre-assigned to described data message in public network address pond by network address translation business, determine that the destination address that do not have described data message in the stream table of preserving on levelling platform, destination interface are to the reverse flow of described public network address, described public network port;
Step 103, described first processor are checked the stream table of preserving on levelling platform and are locked, destination address, destination interface to the reverse puppet of described public network address, described public network port of setting up described data message flow, and described reverse pseudo-stream is saved in described stream table, other processor core except described first processor core described stream table carried out to release, so that cannot distribute described public network address and described public network port in described multiple nucleus system;
Step 104, described first processor core are set up described data message destination address, destination interface by the outgoing traffic of described levelling platform is to the reverse flow of described public network address, described public network port and be saved in described stream table, and described reverse pseudo-stream is aging after described reverse flow table is saved in described stream table.
In specific implementation process, message processing method provided by the invention is applied to multinuclear route system, and wherein, multinuclear route system comprises a plurality of processor cores, and each processor core can receive message, and E-Packets by levelling platform.
Wherein, levelling platform is the basic business of platform character in multinuclear route system, be a kind of general a kind of forwarding platform that is operated in three layers, it is a stream that a packet can come abstract according to its five-tuple (source address, source port, destination address, destination interface and protocol number) information; Five-tuple is incomplete same, is just expressed as not homogeneous turbulence.
In specific implementation process, Fig. 2 is embodiment of the present invention flow forwarding schematic diagram.As shown in Figure 2, levelling platform obtains message, and message is flowed to identification/traffic classification, and stream identification is what by the five-tuple of message, to identify, is responsible for the packet that identification arrives rapidly and whether belongs to the stream having existed.Traffic classification is according to the protocol number of message, message flow to be classified.The incoming traffic of levelling platform is according to five-tuple information, structure positive flow, and positive flow is added in stream table, then message is carried out to routing forwarding, when message is modified, when modified in message source address after routing forwarding, the outgoing traffic of levelling platform is responsible for extracting reverse flow information, structure reverse flow, and add reverse flow in stream table, finally message is carried out to link encapsulation, forward.During non-first packet message that the message obtaining when levelling platform is this message, can not pass through incoming traffic, routing forwarding, outgoing traffic, can directly pass through flow forwarding business, carry out link encapsulation and forwarding.
The source, the object IP address that belong to all data messages of same stream are identical, therefore can forward along identical path, same stream only need to carry out route to the literary composition of reporting for the first time, and by the outcome record of route in stream table, subsequent packet directly forwards according to the result of record, without carrying out again incoming traffic, routing forwarding and outgoing traffic.
Network address translation (Network Address Translation is called for short NAT) is an IP operation module.Wherein, the NAT technology that IPv4/IPv4 is corresponding is called NAT, and the NAT technology that IPv6/IPv4 is corresponding is called NAT64, and levelling platform is the general basic business module of IP operation layer, because a packet can abstractly be a stream, by five-tuple information, is identified; NAT/NAT64 business is carried out address transition, and in five-tuple information, just comprise address, port and protocol information, packet, before carrying out NAT/NAT64 Business Processing, can first be set up positive flow, then carries out NAT/NAT64 business, then sets up reverse flow.
In the present embodiment, the application IP addresses schematic diagram that Fig. 3 is message processing method of the present invention.Suppose that multi-core processor system comprises four processor cores, be respectively first processor core C1, the second processor core C2, the 3rd processor core C3, four-processor core C4.
First, for first processor core C1, message processing method of the present invention is elaborated.In specific implementation process, first processor core C1 receives IPv4/IPv6 message, different according to the type of data message, and processing mode is slightly different.First take data message as IPv4 message is example, describe.
For IPv4 message, first processor core C1 obtains the five-tuple information of described IPv4 message, and described five-tuple information comprises source address 192.168.1.1, source port 3000, destination address 125.2.2.1, destination interface 5000 and the protocol number IPv4 of described IPv4 message.
In step 101, first processor core is set up the source address, source port of IPv4 message to positive flow (192.168.1.1,3000----→ 125.2.2.1,5000 of destination address, destination interface by the incoming traffic of levelling platform; IPv4).
In step 102, described first processor core is determined corresponding public network address, the public network port of source address, source port be pre-assigned to described IPv4 message in IPv4 public network address pond (1.1.1.1~1.1.1.20) by network address translation business, determine that the destination address that do not have described IPv4 message in the stream table of preserving on levelling platform, destination interface are to the reverse flow of described public network address, described public network port.
Particularly, described first processor core determines that the destination address that whether has described IPv4 message in the stream table of preserving on described levelling platform, destination interface are to the reverse flow of described public network address, described public network port;
If not, described first processor core determines that the destination address that do not have described IPv4 message in the stream table of preserving on levelling platform, destination interface are to the reverse flow of described public network address, described public network port;
If, described first processor core determines in public network address pond that by network address translation business other is pre-assigned to public network address, the public network port of described IPv4 message, until determine that the destination address that do not have described IPv4 message in the stream table of preserving on levelling platform, destination interface are to the reverse flow of described public network address, described public network port, for example, if find this stream in stream table, illustrate that this stream exists, this public network address, public network port can not be assigned with, and need again from public network address pond, to select other address and port again to carry out aforesaid operations; Until be allocated successfully.
In the present embodiment, public network address, the public network port of supposing to be pre-assigned to described IPv4 message are 1.1.1.10,2500, the destination address of described IPv4 message, destination interface to the reverse flow of described public network address, described public network port are (125.2.2.1,5000----→ 1.1.1.10,2500; IPv4).
In step 103, when processor core need to be set up reverse pseudo-stream, when convection current table operates, the stream table of preserving on first processor core C1 convection current platform locks, destination address, destination interface to the reverse puppet of described public network address, described public network port of setting up described IPv4 message flow (125.2.2.1,5000----→ 1.1.1.10,2500; IPv4), after first processor core C1 is saved in stream table by reverse pseudo-stream, convection current table carries out release.Before the release of first processor core C1 convection current table, other processor core C2, C3, C4, cannot operate this stream table.Because first processor core C1 convection current table locks, other processor core C2, C3, C4 cannot be used stream table, cannot determine that the destination address that do not have described IPv4 message in the stream table of preserving on levelling platform, destination interface are to the reverse flow of described public network address, described public network port, thereby the process that other processor core C2, C3, C4 can not carry out application IP addresses distribution, finally, in multiple nucleus system, other processor core except described first processor core cannot distribute described public network address and described public network port.
In step 104, first processor core is set up the destination address, destination interface of described IPv4 message to the reverse flow of described public network address, described public network port by the outgoing traffic of described levelling platform, and be kept in described stream table, described reverse pseudo-stream is aging after described reverse flow table is saved in described stream table.
Particularly, first processor core C1 sets up the destination address, destination interface of described IPv4 message to the reverse flow of described public network address, described public network port, (125.2.2.1,5000----→ 1.1.1.10,2500 by the outgoing traffic of described levelling platform; IPv4).After reverse flow is successfully established, oppositely pseudo-stream is aging.
It will be understood by those skilled in the art that the data mode that reverse pseudo-stream and reverse flow show in stream table is identical, but in thing, implication is different.Reverse flow is to set up on the outgoing traffic of levelling platform, and oppositely pseudo-stream is not set up on levelling platform.Reverse flow is the real stream of setting up by levelling platform, and oppositely pseudo-stream is only that the destination address of setting up data message, destination interface are to a kind of data mode of described public network address, described public network port.
In order not affect the operation of other processor core convection current table, it is very short that first processor is checked the time that locks of stream table, adding in the locking time being locked between release, IPv4 message does not also enter into the outgoing traffic of levelling platform, or outgoing traffic is not also set up reverse flow, now set up oppositely pseudo-stream, reverse pseudo-stream is kept in stream table, guaranteed the time after release, other processor core can operate this stream table, but, due to the oppositely existence of pseudo-stream, when other processor core finds this reverse pseudo-stream, cannot carry out preassignment to corresponding public network address and the public network port of this reverse pseudo-stream, when the outgoing traffic of levelling platform is set up reverse flow, and after reverse flow is saved in stream table, oppositely pseudo-stream is aging, thereby avoided when applied address, occurring conflicting between processor core.
The data message of take is below elaborated as IPv6 message.
For IPv6 message, first processor core C1 obtains the five-tuple information of described IPv6 message, and described five-tuple information comprises source address 3000::1, source port 3000, destination address 2001:da8::7d02:201, destination interface 5000 and the protocol number IPv6 of described IPv6 message.First processor core C1 is converted to the destination address of IPv6 message, destination interface destination address, the destination interface of IPv4 message.Particularly, last 32 of the destination address of IPv6 message are extracted, obtain the destination address 125.2.2.1 of IPv4 message.
In step 101, first processor core is set up the source address, source port of IPv6 message to positive flow (3000::1,3000----→ 2001:da8::7d02:201,5000 of destination address, destination interface by the incoming traffic of levelling platform; IPv6).
In step 102, described first processor core is determined corresponding public network address, the public network port of source address, source port be pre-assigned to described IPv6 message in IPv4 public network address pond (1.1.1.1~1.1.1.20) by network address translation business, determine that the destination address that do not have IPv4 message in the stream table of preserving on levelling platform, destination interface are to the reverse flow of described public network address, described public network port.Wherein, the destination address of IPv4 message, destination interface are that destination address, the destination interface of IPv6 message is converted to.
Particularly, first processor core determines that the destination address that whether has IPv4 message in the stream table of preserving on described levelling platform, destination interface are to the reverse flow of public network address, public network port;
If not, first processor core determines that the destination address that do not have IPv4 message in the stream table of preserving on levelling platform, destination interface are to the reverse flow of public network address, public network port;
If, first processor core determines in IPv4 public network address pond that by network address translation business other is pre-assigned to public network address, the public network port of IPv6 message, until determine that the destination address that do not have IPv4 message in the stream table of preserving on levelling platform, destination interface are to the reverse flow of public network address, public network port, for example, if find this stream in stream table, illustrate that this stream exists, this public network address, public network port can not be assigned with, and need again from public network address pond, to select other address and port again to carry out aforesaid operations; Until be allocated successfully.
In the present embodiment, public network address, the public network port of supposing to be pre-assigned to described IPv6 message are 1.1.1.10,2500, and by after the destination address conversion of IPv6 message, the destination address that obtains IPv4 is 125.2.2.1,5000.
The destination address of IPv6 message, destination interface to the reverse flow of public network address, public network port are (125.2.2.1,5000----→ 1.1.1.10,2500; IPv6).
In step 103, when processor core need to be set up reverse pseudo-stream, when convection current table operates, the stream table of preserving on first processor core C1 convection current platform locks, destination address, destination interface to the reverse puppet of public network address, public network port of setting up IPv6 message flow (125.2.2.1,5000----→ 1.1.1.10,2500; IPv6), after first processor core C1 is saved in stream table by reverse pseudo-stream, convection current table carries out release.Before the release of first processor core C1 convection current table, other processor core C2, C3, C4, cannot operate this stream table.Because first processor core C1 convection current table locks, other processor core C2, C3, C4 cannot be used stream table, cannot determine that the destination address that do not have described IPv6 message in the stream table of preserving on levelling platform, destination interface are to the reverse flow of described public network address, described public network port, thereby the process that other processor core C2, C3, C4 can not carry out application IP addresses distribution, finally, in multiple nucleus system, other processor core except described first processor core cannot distribute described public network address and described public network port.
In step 104, first processor core is set up the destination address, destination interface of the IPv4 message after IPv6 message conversion to the reverse flow of public network address, public network port by the outgoing traffic of described levelling platform, and described reverse pseudo-stream is aging after described reverse flow table is saved in described stream table.
Particularly, first processor core C1 sets up the destination address, destination interface of the IPv4 message after IPv6 message conversion to the reverse flow of public network address, public network port, (125.2.2.1,5000----→ 1.1.1.10,2500 by the outgoing traffic of described levelling platform; IPv6).After reverse flow is successfully established, oppositely pseudo-stream is aging.In the present embodiment, set up positive flow and the reverse flow of IPv6 message, in subsequent process, when IPv6 message is converted to after IPv4 message, then set up positive flow and the reverse flow of IPv4 message, for concrete building, flow through journey, the present embodiment repeats no more herein.
It will be appreciated by those skilled in the art that, in order not affect the operation of other processor core convection current table, it is very short that first processor is checked the time that locks of stream table, adding in the locking time being locked between release, IPv6 message does not also enter into the outgoing traffic of levelling platform, or outgoing traffic is not also set up reverse flow, now set up oppositely pseudo-stream, reverse pseudo-stream is kept in stream table, guaranteed the time after release, other processor core can operate this stream table, but, due to the oppositely existence of pseudo-stream, when other processor core finds this reverse pseudo-stream, cannot carry out preassignment to corresponding public network address and the public network port of this reverse pseudo-stream, when the outgoing traffic of levelling platform is set up reverse flow, and after reverse flow is saved in stream table, oppositely pseudo-stream is aging, thereby avoided when applied address, occurring conflicting between processor core.
For the message processing procedure of the second processor core C2, the 3rd processor core C3, four-processor core C4, can be referring to the implementation procedure of first processor core C1, the present embodiment repeats no more herein.
The message processing method that the embodiment of the present invention provides, first processor core is set up the source address, source port of data message to the positive flow of destination address, destination interface by the incoming traffic of described levelling platform, and described first processor core is the arbitrary processor core in described a plurality of processor core; Described first processor core is determined public network address, the public network port be pre-assigned to described data message in public network address pond by network address translation business, determine that the destination address that do not have described data message in the stream table of preserving on levelling platform, destination interface are to the reverse flow of described public network address, described public network port; Described first processor is checked the stream table of preserving on levelling platform and is locked, destination address, destination interface to the reverse puppet of described public network address, described public network port of setting up described data message flow, and described reverse pseudo-stream is saved in described stream table, other processor core except described first processor core described stream table carried out to release, so that cannot distribute described public network address and described public network port in described multiple nucleus system; Described first processor core is set up described data message destination address, destination interface by the outgoing traffic of described levelling platform is to the reverse flow of described public network address, described public network port and be saved in described stream table, described reverse pseudo-stream is aging after described reverse flow table is saved in described stream table, not only realize the network address translation of multinuclear route system, also avoided the address conflict problem between each core.
The structural representation of the message process device embodiment mono-that Fig. 4 provides for the embodiment of the present invention.The message process device that the present embodiment provides, is applied to multinuclear route system, and described multinuclear route system comprises a plurality of processor cores, and each processor core will E-Packet by levelling platform, and described message process device 40 is integrated on each processor core, comprising:
First builds flow module 401, for setting up the source address, source port of data message by the incoming traffic of described levelling platform to the positive flow of destination address, destination interface;
Judge module 402, for determining public network address, the public network port be pre-assigned to described data message by network address translation business in public network address pond, determine that the destination address that do not have described data message in the stream table of preserving on levelling platform, destination interface are to the reverse flow of described public network address, described public network port;
Processing module 403, for the stream table of preserving on convection current platform, lock, destination address, destination interface to the reverse puppet of described public network address, described public network port of setting up described data message flow, and described reverse pseudo-stream is saved in described stream table, other processor core except described first processor core described stream table carried out to release, so that cannot distribute described public network address and described public network port in described multiple nucleus system;
Second builds flow module 404, for the destination address, destination interface of setting up described data message by the outgoing traffic of described levelling platform, to the reverse flow of described public network address, described public network port and be saved to described stream table, described reverse pseudo-stream is aging after described reverse flow table is saved in described stream table.
The message process device that the embodiment of the present invention provides, can be used for carrying out the technical scheme of above-mentioned message processing method, and it realizes principle and technique effect is similar, and the present embodiment repeats no more herein.
Alternatively, described judge module specifically for:
By network address translation business, in public network address pond, determine be pre-assigned to described data message public network address, public network port;
Determine that the destination address that whether has described data message in the stream table of preserving on described levelling platform, destination interface are to the reverse flow of described public network address, described public network port;
If, by network address translation business, in public network address pond, determine that other is pre-assigned to public network address, the public network port of described data message, until determine that the destination address that do not have described data message in the stream table of preserving on levelling platform, destination interface are to the reverse flow of described public network address, described public network port.
Alternatively, described data message is IPv4 message, and described device also comprises:
The first acquisition module, for setting up the source address of data message, source port by the incoming traffic of described levelling platform to before the positive flow of destination address, destination interface, receive IPv4 message, obtain the five-tuple information of described IPv4 message, described five-tuple information comprises source address, source port, destination address, destination interface and the protocol number of described IPv4 message;
Described judge module also specifically for:
By network address translation business, in IPv4 public network address pond, determine public network address, the public network port that is pre-assigned to described IPv4 message.
Alternatively, described data message is IPv6 message, and described device also comprises:
The second acquisition module, for setting up the source address of data message, source port by the incoming traffic of described levelling platform to before the positive flow of destination address, destination interface, receive IPv6 message, obtain the five-tuple information of described IPv6 message, described five-tuple information comprises source address, source port, destination address, destination interface and the protocol number of described IPv6 message;
Modular converter, for being converted to the destination address of described IPv6 message, destination interface destination address, the destination interface of IPv4 message;
Described judge module also specifically for:
By network address translation business, in IPv4 public network address pond, determine public network address, the public network port that is pre-assigned to described IPv6 message;
The destination address of described data message, destination interface to the reverse flow of described public network address, described public network port are specially:
The destination address of the IPv4 message obtaining after described IPv6 message conversion, destination interface be the reverse flow of described public network address, described public network port extremely.
The message process device that the embodiment of the present invention provides, can be used for carrying out the technical scheme of above-mentioned message processing method, and it realizes principle and technique effect is similar, and the present embodiment repeats no more herein.
In several embodiment provided by the present invention, should be understood that disclosed apparatus and method can realize by another way.For example, device embodiment described above is only schematic, for example, the division of described unit, be only that a kind of logic function is divided, during actual realization, can have other dividing mode, for example a plurality of unit or assembly can in conjunction with or can be integrated into another system, or some features can ignore, or do not carry out.Another point, shown or discussed coupling each other or direct-coupling or communication connection can be by some interfaces, indirect coupling or the communication connection of device or unit can be electrically, machinery or other form.
The described unit as separating component explanation can or can not be also physically to separate, and the parts that show as unit can be or can not be also physical locations, can be positioned at a place, or also can be distributed in a plurality of network element.Can select according to the actual needs some or all of unit wherein to realize the object of the present embodiment scheme.
In addition, each functional unit in each embodiment of the present invention can be integrated in a processing unit, can be also that the independent physics of unit exists, and also can be integrated in a unit two or more unit.Above-mentioned integrated unit both can adopt the form of hardware to realize, and the form that also can adopt hardware to add SFU software functional unit realizes.
The integrated unit that the above-mentioned form with SFU software functional unit realizes, can be stored in a computer read/write memory medium.Above-mentioned SFU software functional unit is stored in a storage medium, comprise that some instructions are with so that a computer equipment (can be personal computer, server, or the network equipment etc.) or processor (processor) carry out the part steps of method described in each embodiment of the present invention.And aforesaid storage medium comprises: various media that can be program code stored such as USB flash disk, portable hard drive, read-only memory (Read-Only Memory, ROM), random access memory (Random Access Memory, RAM), magnetic disc or CDs.
One of ordinary skill in the art will appreciate that: all or part of step that realizes above-mentioned each embodiment of the method can complete by the relevant hardware of program command.Aforesaid program can be stored in a computer read/write memory medium.This program, when carrying out, is carried out the step that comprises above-mentioned each embodiment of the method; And aforesaid storage medium comprises: various media that can be program code stored such as ROM, RAM, magnetic disc or CDs.
Finally it should be noted that: each embodiment, only in order to technical scheme of the present invention to be described, is not intended to limit above; Although the present invention is had been described in detail with reference to aforementioned each embodiment, those of ordinary skill in the art is to be understood that: its technical scheme that still can record aforementioned each embodiment is modified, or some or all of technical characterictic is wherein equal to replacement; And these modifications or replacement do not make the essence of appropriate technical solution depart from the scope of various embodiments of the present invention technical scheme.

Claims (8)

1. a message processing method, is characterized in that, is applied to multinuclear route system, and described multinuclear route system comprises a plurality of processor cores, and each processor core E-Packets by levelling platform, comprising:
First processor core is set up the source address, source port of data message to the positive flow of destination address, destination interface by the incoming traffic of described levelling platform, and described first processor core is the arbitrary processor core in described a plurality of processor core;
Described first processor core is determined public network address, the public network port be pre-assigned to described data message in public network address pond by network address translation business, determine that the destination address that do not have described data message in the stream table of preserving on levelling platform, destination interface are to the reverse flow of described public network address, described public network port;
Described first processor is checked the stream table of preserving on levelling platform and is locked, destination address, destination interface to the reverse puppet of described public network address, described public network port of setting up described data message flow, and described reverse pseudo-stream is saved in described stream table, other processor core except described first processor core described stream table carried out to release, so that cannot distribute described public network address and described public network port in described multiple nucleus system;
Described first processor core is set up described data message destination address, destination interface by the outgoing traffic of described levelling platform is to the reverse flow of described public network address, described public network port and be saved in described stream table, and described reverse pseudo-stream is aging after described reverse flow table is saved in described stream table.
2. method according to claim 1, it is characterized in that, described first processor core is determined corresponding public network address, the public network port of source address, source port that is pre-assigned to described data message in public network address pond by network address translation business, determine that the destination address that do not have described data message in the stream table of preserving on levelling platform, destination interface, to the reverse flow of described public network address, described public network port, comprising:
Described first processor core by network address translation business, in public network address pond, determine be pre-assigned to described data message public network address, public network port;
Described first processor core determines that the destination address that whether has described data message in the stream table of preserving on described levelling platform, destination interface are to the reverse flow of described public network address, described public network port;
If, described first processor core determines in public network address pond that by network address translation business other is pre-assigned to public network address, the public network port of described data message, until determine that the destination address that do not have described data message in the stream table of preserving on levelling platform, destination interface are to the reverse flow of described public network address, described public network port.
3. method according to claim 1 and 2, it is characterized in that, described data message is IPv4 message, and described first processor core is set up data message source address, source port by the incoming traffic of described levelling platform, to before the positive flow of destination address, destination interface, also comprises:
Described first processor core receives IPv4 message, obtains the five-tuple information of described IPv4 message, and described five-tuple information comprises source address, source port, destination address, destination interface and the protocol number of described IPv4 message;
Described first processor core is determined public network address, the public network port that is pre-assigned to described data message in public network address pond by network address translation business, comprising:
Described first processor core is determined public network address, the public network port that is pre-assigned to described IPv4 message in IPv4 public network address pond by network address translation business.
4. method according to claim 1 and 2, it is characterized in that, described data message is IPv6 message, and described first processor core is set up data message source address, source port by the incoming traffic of described levelling platform, to before the positive flow of destination address, destination interface, also comprises:
Described first processor core receives IPv6 message, obtains the five-tuple information of described IPv6 message, and described five-tuple information comprises source address, source port, destination address, destination interface and the protocol number of described IPv6 message;
Described first processor core is converted to the destination address of described IPv6 message, destination interface destination address, the destination interface of IPv4 message;
Described first processor core is determined public network address, the public network port that is pre-assigned to described data message in public network address pond by network address translation business, comprising:
Described first processor core is determined public network address, the public network port that is pre-assigned to described IPv6 message in IPv4 public network address pond by network address translation business;
The destination address of described data message, destination interface to the reverse flow of described public network address, described public network port are specially:
The destination address of the IPv4 message obtaining after described IPv6 message conversion, destination interface be the reverse flow of described public network address, described public network port extremely.
5. a message process device, is characterized in that, is applied to multinuclear route system, and described multinuclear route system comprises a plurality of processor cores, and each processor core E-Packets by levelling platform, and described message process device is integrated on each processor core, comprising:
First builds flow module, for setting up the source address, source port of data message by the incoming traffic of described levelling platform to the positive flow of destination address, destination interface;
Judge module, for determining public network address, the public network port be pre-assigned to described data message by network address translation business in public network address pond, determine that the destination address that do not have described data message in the stream table of preserving on levelling platform, destination interface are to the reverse flow of described public network address, described public network port;
Processing module, for the stream table of preserving on convection current platform, lock, destination address, destination interface to the reverse puppet of described public network address, described public network port of setting up described data message flow, and described reverse pseudo-stream is saved in described stream table, other processor core except described first processor core described stream table carried out to release, so that cannot distribute described public network address and described public network port in described multiple nucleus system;
Second builds flow module, for the destination address, destination interface of setting up described data message by the outgoing traffic of described levelling platform, to the reverse flow of described public network address, described public network port and be saved to described stream table, described reverse pseudo-stream is aging after described reverse flow table is saved in described stream table.
6. device according to claim 5, is characterized in that, described judge module specifically for:
By network address translation business, in public network address pond, determine be pre-assigned to described data message public network address, public network port;
Determine that the destination address that whether has described data message in the stream table of preserving on described levelling platform, destination interface are to the reverse flow of described public network address, described public network port;
If, by network address translation business, in public network address pond, determine that other is pre-assigned to public network address, the public network port of described data message, until determine that the destination address that do not have described data message in the stream table of preserving on levelling platform, destination interface are to the reverse flow of described public network address, described public network port.
7. according to the device described in claim 5 or 6, it is characterized in that, described data message is IPv4 message, and described device also comprises:
The first acquisition module, for setting up the source address of data message, source port by the incoming traffic of described levelling platform to before the positive flow of destination address, destination interface, receive IPv4 message, obtain the five-tuple information of described IPv4 message, described five-tuple information comprises source address, source port, destination address, destination interface and the protocol number of described IPv4 message;
Described judge module also specifically for:
By network address translation business, in IPv4 public network address pond, determine public network address, the public network port that is pre-assigned to described IPv4 message.
8. according to the device described in claim 5 or 6, it is characterized in that, described data message is IPv6 message, and described device also comprises:
The second acquisition module, for setting up the source address of data message, source port by the incoming traffic of described levelling platform to before the positive flow of destination address, destination interface, receive IPv6 message, obtain the five-tuple information of described IPv6 message, described five-tuple information comprises source address, source port, destination address, destination interface and the protocol number of described IPv6 message;
Modular converter, for being converted to the destination address of described IPv6 message, destination interface destination address, the destination interface of IPv4 message;
Described judge module also specifically for:
By network address translation business, in IPv4 public network address pond, determine public network address, the public network port that is pre-assigned to described IPv6 message;
The destination address of described data message, destination interface to the reverse flow of described public network address, described public network port are specially:
The destination address of the IPv4 message obtaining after described IPv6 message conversion, destination interface be the reverse flow of described public network address, described public network port extremely.
CN201310662028.7A 2013-12-09 2013-12-09 Message processing method and device Active CN103731356B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201310662028.7A CN103731356B (en) 2013-12-09 2013-12-09 Message processing method and device

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201310662028.7A CN103731356B (en) 2013-12-09 2013-12-09 Message processing method and device

Publications (2)

Publication Number Publication Date
CN103731356A true CN103731356A (en) 2014-04-16
CN103731356B CN103731356B (en) 2017-05-24

Family

ID=50455291

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201310662028.7A Active CN103731356B (en) 2013-12-09 2013-12-09 Message processing method and device

Country Status (1)

Country Link
CN (1) CN103731356B (en)

Cited By (9)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN104836738A (en) * 2015-04-02 2015-08-12 福建星网锐捷网络有限公司 Router hardware item resource management method and device, and network equipment
CN107079060A (en) * 2014-09-09 2017-08-18 思杰系统有限公司 The system and method optimized for carrier-class NAT
CN107566549A (en) * 2017-09-30 2018-01-09 东软集团股份有限公司 A kind of processing method, device and the equipment of network address translation mapping table
CN108390954A (en) * 2018-03-26 2018-08-10 新华三信息安全技术有限公司 A kind of message transmitting method and equipment
CN109067935A (en) * 2018-08-16 2018-12-21 深圳市风云实业有限公司 Packet message processing method and multi-core processor system
CN112333298A (en) * 2020-12-01 2021-02-05 武汉绿色网络信息服务有限责任公司 Message transmission method and device, computer equipment and storage medium
CN112737957A (en) * 2020-12-30 2021-04-30 锐捷网络股份有限公司 Flow table aging method and device
CN112929277A (en) * 2019-12-06 2021-06-08 华为技术有限公司 Message processing method and device
CN113098858A (en) * 2021-03-29 2021-07-09 上海辰锐信息科技公司 Lock-free processing system and method for link establishment message

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1592886A (en) * 2000-11-24 2005-03-09 凯萨罗恩产品公司 Method and device for implementing computer multi-tasking via virtual threading
CN101276294A (en) * 2008-05-16 2008-10-01 杭州华三通信技术有限公司 Method and apparatus for parallel processing heteromorphism data
CN101299773A (en) * 2008-06-02 2008-11-05 华为技术有限公司 Method, processor and system for implementing network address conversion
CN102821165A (en) * 2012-04-13 2012-12-12 中兴通讯股份有限公司 Method and device for converting internet protocol (IP) address

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1592886A (en) * 2000-11-24 2005-03-09 凯萨罗恩产品公司 Method and device for implementing computer multi-tasking via virtual threading
CN101276294A (en) * 2008-05-16 2008-10-01 杭州华三通信技术有限公司 Method and apparatus for parallel processing heteromorphism data
CN101299773A (en) * 2008-06-02 2008-11-05 华为技术有限公司 Method, processor and system for implementing network address conversion
CN102821165A (en) * 2012-04-13 2012-12-12 中兴通讯股份有限公司 Method and device for converting internet protocol (IP) address

Cited By (13)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN107079060A (en) * 2014-09-09 2017-08-18 思杰系统有限公司 The system and method optimized for carrier-class NAT
CN104836738B (en) * 2015-04-02 2018-05-22 福建星网锐捷网络有限公司 Routing hardware list item method for managing resource, device and the network equipment
CN104836738A (en) * 2015-04-02 2015-08-12 福建星网锐捷网络有限公司 Router hardware item resource management method and device, and network equipment
CN107566549A (en) * 2017-09-30 2018-01-09 东软集团股份有限公司 A kind of processing method, device and the equipment of network address translation mapping table
CN108390954B (en) * 2018-03-26 2021-09-21 新华三信息安全技术有限公司 Message transmission method and device
CN108390954A (en) * 2018-03-26 2018-08-10 新华三信息安全技术有限公司 A kind of message transmitting method and equipment
CN109067935A (en) * 2018-08-16 2018-12-21 深圳市风云实业有限公司 Packet message processing method and multi-core processor system
CN112929277B (en) * 2019-12-06 2024-03-05 华为云计算技术有限公司 Message processing method and device
CN112929277A (en) * 2019-12-06 2021-06-08 华为技术有限公司 Message processing method and device
CN112333298A (en) * 2020-12-01 2021-02-05 武汉绿色网络信息服务有限责任公司 Message transmission method and device, computer equipment and storage medium
CN112737957A (en) * 2020-12-30 2021-04-30 锐捷网络股份有限公司 Flow table aging method and device
CN113098858A (en) * 2021-03-29 2021-07-09 上海辰锐信息科技公司 Lock-free processing system and method for link establishment message
CN113098858B (en) * 2021-03-29 2023-07-14 上海辰锐信息科技有限公司 Lock-free processing system and method for link establishment message

Also Published As

Publication number Publication date
CN103731356B (en) 2017-05-24

Similar Documents

Publication Publication Date Title
CN103731356A (en) Message processing method and device
CN103118149B (en) Communication control method between same tenant's server and the network equipment
CN106686085A (en) Load balancing method, apparatus and system
CN105706391A (en) Multicast increasing through index localization
CN103491010A (en) Method, device and system transmitting messages in virtual network
CN103118148B (en) A kind of ARP buffering updating method and equipment
CN106254281B (en) A kind of message processing method and device based on 802.1BR
US10038624B1 (en) Flexible packet replication and filtering for multicast/broadcast
CN102752147A (en) Method and device for creating network equipment
CN103746944A (en) Stacking realization method and stackable equipment
CN105763472A (en) Trans-board forwarding method and device
US10880109B2 (en) Forwarding multicast data packet
CN103685032A (en) Message forwarding method and network address conversion server
CN104994022A (en) Message transmission method and service board
CN105530159A (en) Cross-IPv6 and IPv4 VPN inter-access method and system
CN109756411B (en) Message forwarding method and device, first VTEP device and storage medium
CN105812221A (en) Data transmission device and method in virtual extensible local area network
CN108156034B (en) Message forwarding method and message forwarding system based on deep neural network assistance
CN101938411A (en) Method and equipment for processing ND snooping item
CN105450432A (en) Method for positioning port connection error and associated equipment
US10833990B2 (en) Transmitting packet
CN112019361A (en) Migration method and device of access control list, storage medium and electronic equipment
CN103220224B (en) The processing method of message repeating and device and the network equipment
CN113472799B (en) Interconnection management method, device and equipment based on cloud platform
CN103457864A (en) Method, device and network equipment for processing next-hop of routing

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant
CP01 Change in the name or title of a patent holder

Address after: Cangshan District of Fuzhou City, Fujian province 350002 Jinshan Road No. 618 Garden State Industrial Park 19 floor

Patentee after: RUIJIE NETWORKS CO., LTD.

Address before: Cangshan District of Fuzhou City, Fujian province 350002 Jinshan Road No. 618 Garden State Industrial Park 19 floor

Patentee before: Fujian Xingwangruijie Network Co., Ltd.

CP01 Change in the name or title of a patent holder