CN105939404B - The acquisition methods and device of NAT resource - Google Patents

The acquisition methods and device of NAT resource Download PDF

Info

Publication number
CN105939404B
CN105939404B CN201610293183.XA CN201610293183A CN105939404B CN 105939404 B CN105939404 B CN 105939404B CN 201610293183 A CN201610293183 A CN 201610293183A CN 105939404 B CN105939404 B CN 105939404B
Authority
CN
China
Prior art keywords
nat
acquisition
nat resource
resource
message
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN201610293183.XA
Other languages
Chinese (zh)
Other versions
CN105939404A (en
Inventor
袁野
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Hangzhou DPTech Technologies Co Ltd
Original Assignee
Hangzhou DPTech Technologies Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Hangzhou DPTech Technologies Co Ltd filed Critical Hangzhou DPTech Technologies Co Ltd
Priority to CN201610293183.XA priority Critical patent/CN105939404B/en
Publication of CN105939404A publication Critical patent/CN105939404A/en
Application granted granted Critical
Publication of CN105939404B publication Critical patent/CN105939404B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L61/00Network arrangements, protocols or services for addressing or naming
    • H04L61/09Mapping addresses
    • H04L61/25Mapping addresses of the same type
    • H04L61/2503Translation of Internet protocol [IP] addresses
    • H04L61/256NAT traversal
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F9/00Arrangements for program control, e.g. control units
    • G06F9/06Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
    • G06F9/46Multiprogramming arrangements
    • G06F9/50Allocation of resources, e.g. of the central processing unit [CPU]
    • G06F9/5005Allocation of resources, e.g. of the central processing unit [CPU] to service a request
    • G06F9/5011Allocation of resources, e.g. of the central processing unit [CPU] to service a request the resources being hardware resources other than CPUs, Servers and Terminals
    • G06F9/5016Allocation of resources, e.g. of the central processing unit [CPU] to service a request the resources being hardware resources other than CPUs, Servers and Terminals the resource being the memory

Landscapes

  • Engineering & Computer Science (AREA)
  • Software Systems (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)

Abstract

The application provides the acquisition methods and device of a kind of NAT resource, which comprises receives message, and is one NAT resource of Receive message, and adjust NAT resource acquisition number;Judge whether the NAT resource of the acquisition can be used;If unavailable, NAT resource utilization is calculated using NAT resource acquisition number;It is then Receive message one new NAT resource, and adjust NAT resource acquisition number, and continue to execute and judge the whether available process of the NAT resource of the acquisition when NAT resource utilization is less than preset threshold;If available, NAT conversion is carried out to message using the NAT resource of the acquisition.Using the embodiment of the present application, the network equipment just completes the calculating of NAT resource utilization during for Receive message NAT resource, and NAT resource utilization is calculated using NAT resource acquisition number and improves the treatment effeciency of the network equipment to reduce the occupancy to network equipment memory.

Description

The acquisition methods and device of NAT resource
Technical field
This application involves field of communication technology more particularly to a kind of acquisition methods and device of NAT resource.
Background technique
NAT (Network Address Translation, network address translation) conversion refers to that the network equipment will receive Source IP (Internet, Protocol, the Internet protocol) address that carries of message and source port (private net address and private network port) It is converted into IP address and port (public network address and the public network port) of NAT resource record, so that the message can be passed by network Defeated to arrive server, the network equipment can realize that NAT turns by the corresponding relationship of record source IP address and source port and NAT resource It changes.In order to avoid NAT resource is finished by source IP address and source port, the unlimited NAT of proposition can be by utilizing message carrying The corresponding purpose IP address of source IP address, source port, destination port are different, and are multiplexed NAT resource.It follows that NAT resource benefit It is the most intuitive performance of NAT resource service condition with rate.
In the prior art, record has each purpose IP address NAT corresponding with destination port in the session of the network equipment Resource, in preset period of time, for each purpose IP address NAT resource corresponding with destination port recorded in session, Purpose IP address NAT number of resources corresponding with destination port is counted, and calculates NAT resource utilization using total NAT number of resources, Whether exhausted with judging to access the purpose IP address with NAT resource used in destination port.Since the network equipment is when certain Between just need to count the NAT resource utilization of an all purposes IP address and destination port, and also to be judged, in this way The memory that the network equipment will certainly be occupied reduces the treatment effeciency of the network equipment.
Summary of the invention
In view of this, the application provides the acquisition methods and device of a kind of NAT resource, to solve existing calculating NAT resource Utilization rate can occupy the problem of memory of the network equipment.
According to the embodiment of the present application in a first aspect, providing a kind of acquisition methods of NAT resource, the method is applied to net In network equipment, which comprises
Message is received, and is one NAT resource of the Receive message, and adjust NAT resource acquisition number;
Judge whether the NAT resource of the acquisition can be used;
If unavailable, NAT resource utilization is calculated using the NAT resource acquisition number;
It is then one new NAT resource of the Receive message when the NAT resource utilization is less than preset threshold, and The NAT resource acquisition number is adjusted, and continues to execute and judges the whether available process of the NAT resource of the acquisition;
If available, NAT conversion is carried out to the message using the NAT resource of the acquisition.
According to the second aspect of the embodiment of the present application, a kind of acquisition device of NAT resource is provided, described device is applied to net In network equipment, described device includes:
Receiving unit for receiving message, and is one NAT resource of the Receive message, and adjusts NAT resource acquisition time Number;
Judging unit, for judging whether the NAT resource of the acquisition can be used;
Computing unit, for calculating NAT resource using the NAT resource acquisition number when judging result is unavailable Utilization rate;
Acquiring unit is used for when the NAT resource utilization is less than preset threshold, then new for the Receive message one NAT resource, and adjust the NAT resource acquisition number, and continue to execute and judge whether the NAT resource of the acquisition available Process;
Converting unit, for being carried out to the message using the NAT resource of the acquisition when judging result is available NAT conversion.
It is first one NAT resource of the Receive message after the network equipment receives message using the embodiment of the present application, And adjust NAT resource acquisition number;Then judge whether the NAT resource of the acquisition can be used;If unavailable, described in NAT resource acquisition number calculates NAT resource utilization;It is then the report when the NAT resource utilization is less than preset threshold Text obtains a new NAT resource, and adjusts the NAT resource acquisition number, and continues to execute the NAT money for judging the acquisition The whether available process in source;If available, NAT conversion is carried out to the message using the NAT resource of the acquisition.Based on above-mentioned Description it is found that the network equipment during for Receive message NAT resource just completion NAT resource utilization calculating, rather than Per a NAT resource utilization is calculated at regular intervals, so that the treatment effeciency of the network equipment is improved, in addition, network is set It is standby by calculating NAT resource utilization using NAT resource acquisition number, without counting each purpose IP address from session NAT number of resources corresponding with destination port, and it is utilized respectively each purpose IP address NAT number of resources meter corresponding with destination port The NAT resource utilization of each purpose IP address and destination port is calculated, so as to reduce the occupancy to network equipment memory.
Detailed description of the invention
Fig. 1 is a kind of the application embodiment process of the acquisition methods of NAT resource shown according to an exemplary embodiment Figure;
Fig. 2 is a kind of the application hardware structure diagram of the network equipment shown according to an exemplary embodiment;
Fig. 3 is a kind of the application example structure of the acquisition device of NAT resource shown according to an exemplary embodiment Figure.
Specific embodiment
Example embodiments are described in detail here, and the example is illustrated in the accompanying drawings.Following description is related to When attached drawing, unless otherwise indicated, the same numbers in different drawings indicate the same or similar elements.Following exemplary embodiment Described in embodiment do not represent all embodiments consistent with the application.On the contrary, they be only with it is such as appended The example of the consistent device and method of some aspects be described in detail in claims, the application.
It is only to be not intended to be limiting the application merely for for the purpose of describing particular embodiments in term used in this application. It is also intended in the application and the "an" of singular used in the attached claims, " described " and "the" including majority Form, unless the context clearly indicates other meaning.It is also understood that term "and/or" used herein refers to and wraps It may be combined containing one or more associated any or all of project listed.
It will be appreciated that though various information, but this may be described using term first, second, third, etc. in the application A little information should not necessarily be limited by these terms.These terms are only used to for same type of information being distinguished from each other out.For example, not departing from In the case where the application range, the first information can also be referred to as the second information, and similarly, the second information can also be referred to as One information.Depending on context, word as used in this " if " can be construed to " ... when " or " when ... When " or " in response to determination ".
It is shown in Figure 1, it is a kind of the application reality of the acquisition methods of NAT resource shown according to an exemplary embodiment A flow chart is applied, which is applied on the network equipment, and the network equipment can be gateway, is also possible to firewall, should Embodiment the following steps are included:
Step 101: receiving message, and be one NAT resource of the Receive message, and adjust NAT resource acquisition number.
The network equipment receives the message that other network equipments (such as router, interchanger, client etc.) send, and is being this Before one NAT resource of Receive message, the network equipment can use the five-tuple information searching local maintenance of message carrying All sessions;If finding the five-tuple information, the message is carried out using the five-tuple information corresponding NAT resource NAT conversion;If not finding the five-tuple information, the process for one NAT resource of Receive message is executed.
Wherein, the corresponding relationship for having five-tuple information Yu NAT resource is recorded in session, record has IP in the NAT resource The corresponding relationship namely public network address of address and port and the corresponding relationship of public network port, if the network equipment is from all sessions Find message carrying five-tuple information, then it represents that the NAT resource that the message has been had recorded in session, can use this five Tuple corresponding NAT resource carries out NAT conversion, i.e., the source IP address carried message and source port (i.e. private network to the message Location and private network port) it is converted into the IP address and port (i.e. public network address and public network port) of the NAT resource record.The network equipment If not finding the five-tuple information of message carrying from all sessions, then it represents that the message belongs to the flow newly received, needs An available NAT resource is obtained for it, to carry out NAT conversion.
NAT resource acquisition number can be added 1 after for one NAT resource of the Receive message by the network equipment, described NAT resource acquisition number is used to indicate the network equipment currently and be the number of the Receive message NAT resource.
Step 102: judge whether the NAT resource of the acquisition can be used, if available, thens follow the steps 103, if unavailable, Then follow the steps 104.
The network equipment can use purpose IP address, destination port and the NAT resource of the acquisition of message carrying Search all sessions of local maintenance;If not finding the destination IP address, destination port and described from all sessions The corresponding relationship of the NAT resource of acquisition, it is determined that the NAT resource of the acquisition is available, executes step 103;If from all sessions In find the destination IP address, destination port and the acquisition NAT resource corresponding relationship, it is determined that the acquisition NAT resource it is unavailable, execute step 104.
Wherein, the five-tuple information may include source IP address, source port, purpose IP address, destination port and association View number.The network equipment can convert the NAT conversion regime that message carries out using unlimited NAT, and the unlimited NAT conversion refers to net Source IP address, the corresponding purpose IP address of source port, the destination port of network equipment utilization message carrying are different, and are multiplexed NAT money Source, due to purpose IP address it is considered that having infinite, it will also be appreciated that the distribution use of NAT resource is also believed to nothing Poor time.That is, if the source IP address of two messages carrying is different from the combination of source port, as long as and taking in the two messages The purpose IP address of band and the combination of destination port be not also identical, then the two messages can be carried out with the same NAT resource NAT conversion is as shown in table 1 a kind of illustrative conversational list.Thus, the network equipment can use message carrying The NAT resource of purpose IP address, destination port and the acquisition goes to search all sessions of local maintenance, to obtain described in judgement Whether the NAT resource taken can be used.
Source IP address+source port Purpose IP address+destination port Protocol number NAT resource
Source IP 1+ source port 1 Destination IP 100+ destination port 100 Protocol number 1 NAT resource 1
Source IP 1+ source port 2 Destination IP 101+ destination port 100 Protocol number 1 NAT resource 1
Table 1
Step 103: NAT conversion being carried out to the message using the NAT resource of the acquisition, terminates current process.
The network equipment can use the NAT resource record of the acquisition after the NAT resource for determining the acquisition is available IP address and port replace the message carrying source IP address and source port, i.e. NAT conversion.
In addition, the network equipment using the NAT resource of the acquisition to the message carry out NAT conversion after, can be in meeting The corresponding relationship of the five-tuple information of message carrying and the NAT resource of the acquisition is recorded in words, to ensure to receive again below When to the message for carrying identical five-tuple information, the network equipment can directly find corresponding NAT resource from session.Together When, the network equipment resets NAT resource acquisition number.
Step 104: calculating NAT resource utilization using the NAT resource acquisition number.
The network equipment can first obtain NAT number of resources total in the network equipment, then obtain the NAT resource acquisition time Several ratios with total NAT number of resources, and determine that the ratio is the NAT resource utilization.
Wherein, public network address range and public network port range, total NAT number of resources are provided in the network equipment in advance Refer to the product of the number of addresses in the public network address range and the port number in the public network port range.For example, public network address Range is 20.1.1.21 to 20.1.1.23, and public network port range is 10001-60000, and total NAT number of resources is 3*50000= 150000。
Step 105: judge whether the NAT resource utilization is less than preset threshold, if being less than, thens follow the steps 106, if It is not less than, thens follow the steps 107.
If NAT resource utilization is less than preset threshold, then it represents that the NAT resource in the network equipment is held using not transfiniting also Row step 106, if NAT resource utilization is not less than preset threshold, then it represents that the NAT resource use in the network equipment has surpassed Limit executes step 107.
Wherein, the preset threshold can be arranged according to practical experience, such as 0.95, when NAT resource utilization reaches When 0.95, indicate that the NAT resource in the network equipment will exhaust.
Step 106: for one new NAT resource of the Receive message, and the NAT resource acquisition number is adjusted, and after It is continuous to execute step 102.
As described in step 104, the network equipment obtains NAT resource can be in sequence from preconfigured public network address and public affairs Net is chosen in port, for example chooses 20.1.1.21 and 10001 first, then can choose 20.1.1.21 and 10002 again, And so on.NAT resource acquisition number is added 1 after for one new NAT resource of the Receive message by the network equipment.
Step 107: sending alert message, terminate current process.
When NAT resource utilization is not less than preset threshold, the network equipment can send warning message to management equipment, with Remind NAT resource that will exhaust or exhaust to management equipment, thus, management equipment can increase configuration for the network equipment The quantity of public network address, or increase the public network port number of configuration.
It is first one NAT resource of the Receive message after the network equipment receives message as described in above-described embodiment, And adjust NAT resource acquisition number;Then judge whether the NAT resource of the acquisition can be used;If unavailable, described in NAT resource acquisition number calculates NAT resource utilization;It is then the report when the NAT resource utilization is less than preset threshold Text obtains a new NAT resource, and adjusts the NAT resource acquisition number, and continues to execute the NAT money for judging the acquisition The whether available process in source;If available, NAT conversion is carried out to the message using the NAT resource of the acquisition.Based on above-mentioned Description it is found that the network equipment during for Receive message NAT resource just completion NAT resource utilization calculating, rather than Per a NAT resource utilization is calculated at regular intervals, so that the treatment effeciency of the network equipment is improved, in addition, network is set It is standby by calculating NAT resource utilization using NAT resource acquisition number, without counting each purpose IP address from session NAT number of resources corresponding with destination port, and it is utilized respectively each purpose IP address NAT number of resources meter corresponding with destination port The NAT resource utilization of each purpose IP address and destination port is calculated, so as to reduce the occupancy to network equipment memory.
Corresponding with the embodiment of acquisition methods of aforementioned NAT resource, present invention also provides the acquisition device of NAT resource Embodiment.
The embodiment of the acquisition device of the application NAT resource can be using on network devices.Installation practice can lead to Software realization is crossed, can also be realized by way of hardware or software and hardware combining.Taking software implementation as an example, as a logic Device in meaning is to be read computer program instructions corresponding in nonvolatile memory by the processor of equipment where it Get what operation in memory was formed.For hardware view, as shown in Fig. 2, to be set where the acquisition device of the application NAT resource A kind of standby hardware structure diagram, other than processor shown in Fig. 2, memory, network interface and nonvolatile memory, Equipment in embodiment where device can also include other hardware generally according to the actual functional capability of the equipment, no longer superfluous to this It states.
It is shown in Figure 3, it is a kind of the application reality of the acquisition device of NAT resource shown according to an exemplary embodiment A structure chart is applied, which is applied on the network equipment, and described device includes: receiving unit 310, judging unit 320, calculates Unit 330, acquiring unit 340, converting unit 350.
Wherein, the receiving unit 310 for receiving message, and is one NAT resource of the Receive message, and adjust NAT resource acquisition number;
The judging unit 320, for judging whether the NAT resource of the acquisition can be used;
The computing unit 330, for being calculated using the NAT resource acquisition number when judging result is unavailable NAT resource utilization;
The acquiring unit 340, for when the NAT resource utilization is less than preset threshold, then being obtained for the message A new NAT resource is taken, and adjusts the NAT resource acquisition number, and continues to execute and judges that the NAT resource of the acquisition is No available process;
The converting unit 350 is used for when judging result is available, using the NAT resource of the acquisition to the report Text carries out NAT conversion.
In an optional implementation, the network equipment is used to carry out the message received using NAT resource NAT conversion, described device further includes (being not shown in Fig. 3): searching conversation element, reports for receiving in the receiving unit 310 After text, all sessions for the five-tuple information searching local maintenance that the message carries are utilized;If finding the five-tuple Information then carries out NAT conversion to the message using the corresponding NAT resource of the five-tuple information;If not finding described five Tuple information then executes the process for one NAT resource of Receive message;
Described device further includes (being not shown in Fig. 3): recording unit, for the lookup conversation element utilize described in obtain After the NAT resource taken carries out NAT conversion to the message, the five-tuple information and institute that the message carries are recorded in a session State the corresponding relationship of the NAT resource of acquisition.
In another optional implementation, described device further includes (being not shown in Fig. 3): transmission unit, is used for After the computing unit 330 calculates NAT resource utilization using the NAT resource acquisition number, when the NAT utilization of resources When rate is not less than preset threshold, then alert message is sent.
In another optional implementation, the five-tuple information includes source IP address, source port, destination IP Location, destination port and protocol number, the judging unit 320, specifically for the purpose IP address using message carrying, mesh Port and the acquisition NAT resource lookup local maintenance all sessions;If finding the mesh from all sessions IP address, destination port and the NAT resource of the acquisition corresponding relationship, it is determined that the NAT resource of the acquisition can not With;If not finding the corresponding of the NAT resource of the destination IP address, destination port and the acquisition from all sessions to close System, it is determined that the NAT resource of the acquisition is available.
In another optional implementation, the computing unit 330 is specifically used for obtaining total in the network equipment NAT number of resources;The ratio of the NAT resource acquisition number and total NAT number of resources is obtained, and determines that the ratio is The NAT resource utilization;Wherein, public network address range and public network port range, institute are provided in the network equipment in advance It states total NAT number of resources and refers to the number of addresses in the public network address range and the port number in the public network port range Product.
The function of each unit and the realization process of effect are specifically detailed in the above method and correspond to step in above-mentioned apparatus Realization process, details are not described herein.
For device embodiment, since it corresponds essentially to embodiment of the method, so related place is referring to method reality Apply the part explanation of example.The apparatus embodiments described above are merely exemplary, wherein described be used as separation unit The unit of explanation may or may not be physically separated, and component shown as a unit can be or can also be with It is not physical unit, it can it is in one place, or may be distributed over multiple network units.It can be according to actual The purpose for needing to select some or all of the modules therein to realize application scheme.Those of ordinary skill in the art are not paying Out in the case where creative work, it can understand and implement.
It is first one NAT resource of the Receive message after the network equipment receives message as described in above-described embodiment, And adjust NAT resource acquisition number;Then judge whether the NAT resource of the acquisition can be used;If unavailable, described in NAT resource acquisition number calculates NAT resource utilization;It is then the report when the NAT resource utilization is less than preset threshold Text obtains a new NAT resource, and adjusts the NAT resource acquisition number, and continues to execute the NAT money for judging the acquisition The whether available process in source;If available, NAT conversion is carried out to the message using the NAT resource of the acquisition.Based on above-mentioned Description it is found that the network equipment during for Receive message NAT resource just completion NAT resource utilization calculating, rather than Per a NAT resource utilization is calculated at regular intervals, so that the treatment effeciency of the network equipment is improved, in addition, network is set It is standby by calculating NAT resource utilization using NAT resource acquisition number, without counting each purpose IP address from session NAT number of resources corresponding with destination port, and it is utilized respectively each purpose IP address NAT number of resources meter corresponding with destination port The NAT resource utilization of each purpose IP address and destination port is calculated, so as to reduce the occupancy to network equipment memory.
The foregoing is merely the preferred embodiments of the application, not to limit the application, all essences in the application Within mind and principle, any modification, equivalent substitution, improvement and etc. done be should be included within the scope of the application protection.

Claims (10)

1. a kind of acquisition methods of NAT resource, which is characterized in that the method is applied on the network equipment, which comprises
Message is received, and is one network address translation NAT resource of the Receive message, and adjust NAT resource acquisition number;
Judge whether the NAT resource of the acquisition can be used;
If unavailable, NAT resource utilization is calculated using the NAT resource acquisition number;
It is then one new NAT resource of the Receive message, and adjust when the NAT resource utilization is less than preset threshold The NAT resource acquisition number, and continue to execute and judge the whether available process of the NAT resource of the acquisition;
If available, NAT conversion is carried out to the message using the NAT resource of the acquisition.
2. the method according to claim 1, wherein the network equipment is used for using NAT resource to receiving Message carry out NAT conversion, after the reception message, which comprises
Utilize all sessions for the five-tuple information searching local maintenance that the message carries;
If finding the five-tuple information, NAT is carried out to the message using the five-tuple information corresponding NAT resource Conversion;
If not finding the five-tuple information, the process for one NAT resource of Receive message is executed;
The NAT resource using the acquisition carries out the message after NAT conversion, which comprises in a session Record the corresponding relationship of the NAT resource of five-tuple information and the acquisition that the message carries.
3. the method according to claim 1, wherein described calculate NAT money using the NAT resource acquisition number After source utilization rate, which comprises
When the NAT resource utilization is not less than preset threshold, then alert message is sent.
4. according to the method described in claim 2, it is characterized in that, the five-tuple information includes source IP address, source port, mesh IP address, destination port and protocol number, whether the NAT resource for judging the acquisition can be used, comprising:
Purpose IP address, destination port and the NAT of the acquisition resource lookup local maintenance carried using the message All sessions;
If finding the corresponding of the NAT resource of the destination IP address, destination port and the acquisition from all sessions to close System, it is determined that the NAT resource of the acquisition is unavailable;
If not finding the correspondence of the NAT resource of the destination IP address, destination port and the acquisition from all sessions Relationship, it is determined that the NAT resource of the acquisition is available.
5. the method according to claim 1, wherein described calculate NAT money using the NAT resource acquisition number Source utilization rate, comprising:
Obtain NAT number of resources total in the network equipment;
The ratio of the NAT resource acquisition number and total NAT number of resources is obtained, and determines that the ratio is the NAT Resource utilization;Wherein, public network address range and public network port range are provided in the network equipment in advance, it is described total NAT number of resources refers to the product of the number of addresses in the public network address range and the port number in the public network port range.
6. a kind of acquisition device of NAT resource, which is characterized in that described device is applied on the network equipment, and described device includes:
Receiving unit for receiving message, and is one network address translation NAT resource of the Receive message, and adjusts NAT money Source times of acquisition;
Judging unit, for judging whether the NAT resource of the acquisition can be used;
Computing unit, for calculating the NAT utilization of resources using the NAT resource acquisition number when judging result is unavailable Rate;
Acquiring unit is for when the NAT resource utilization is less than preset threshold, then new for the Receive message one NAT resource, and the NAT resource acquisition number is adjusted, and continue to execute and judge the whether available mistake of the NAT resource of the acquisition Journey;
Converting unit, for carrying out NAT to the message using the NAT resource of the acquisition and turning when judging result is available It changes.
7. device according to claim 6, which is characterized in that the network equipment is used for using NAT resource to receiving Message carry out NAT conversion, described device further include:
Conversation element is searched, the five-tuple information for being carried after the receiving unit receives message using the message Search all sessions of local maintenance;If finding the five-tuple information, provided using the corresponding NAT of the five-tuple information Source carries out NAT conversion to the message;If not finding the five-tuple information, executing is one NAT of the Receive message The process of resource;
Described device further include: recording unit, for utilizing the NAT resource of the acquisition to described in the lookup conversation element After message carries out NAT conversion, the NAT resource of five-tuple information and the acquisition that the message carries is recorded in a session Corresponding relationship.
8. device according to claim 6, which is characterized in that described device further include: transmission unit, by based on described After unit is calculated using NAT resource acquisition number calculating NAT resource utilization, when the NAT resource utilization is not less than When preset threshold, then alert message is sent.
9. device according to claim 7, which is characterized in that the five-tuple information includes source IP address, source port, mesh IP address, destination port and protocol number, the judging unit, specifically for the destination IP carried using the message All sessions of the NAT resource lookup local maintenance of location, destination port and the acquisition;If finding institute from all sessions State the corresponding relationship of the NAT resource of purpose IP address, destination port and the acquisition, it is determined that the NAT resource of the acquisition It is unavailable;If not finding pair of the NAT resource of the destination IP address, destination port and the acquisition from all sessions It should be related to, it is determined that the NAT resource of the acquisition is available.
10. device according to claim 6, which is characterized in that the computing unit is set specifically for obtaining the network Total NAT number of resources in standby;The ratio of the NAT resource acquisition number and total NAT number of resources is obtained, and described in determination Ratio is the NAT resource utilization;Wherein, public network address range and public network port model are provided in the network equipment in advance It encloses, total NAT number of resources refers to the number of addresses in the public network address range and the end in the public network port range The product of mouth number.
CN201610293183.XA 2016-05-04 2016-05-04 The acquisition methods and device of NAT resource Active CN105939404B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201610293183.XA CN105939404B (en) 2016-05-04 2016-05-04 The acquisition methods and device of NAT resource

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201610293183.XA CN105939404B (en) 2016-05-04 2016-05-04 The acquisition methods and device of NAT resource

Publications (2)

Publication Number Publication Date
CN105939404A CN105939404A (en) 2016-09-14
CN105939404B true CN105939404B (en) 2019-02-19

Family

ID=57151510

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201610293183.XA Active CN105939404B (en) 2016-05-04 2016-05-04 The acquisition methods and device of NAT resource

Country Status (1)

Country Link
CN (1) CN105939404B (en)

Families Citing this family (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN107547296B (en) * 2017-05-10 2020-09-25 新华三信息安全技术有限公司 Information processing method and device
CN107682470B (en) * 2017-10-16 2021-04-27 杭州迪普科技股份有限公司 Method and device for detecting public network IP availability in NAT address pool
CN112600765B (en) * 2020-12-02 2022-07-29 杭州迪普科技股份有限公司 Method and device for scheduling configuration resources

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1777194A (en) * 2005-12-16 2006-05-24 中国科学院计算技术研究所 Network address converting method for supporting multi-dialogue application-layer protocol under PAT mode
CN101247421A (en) * 2008-03-28 2008-08-20 杭州华三通信技术有限公司 Self-adapting distribution method and system of NAT address pool under distributed structure
CN102299975A (en) * 2010-06-28 2011-12-28 杭州华三通信技术有限公司 Method and system for regulating NAT (Network Address Translation) equipment self-adapting to multilayer NAT environment
CN103560979A (en) * 2013-11-21 2014-02-05 中国联合网络通信集团有限公司 Resource distribution method and device
CN105491171A (en) * 2014-09-17 2016-04-13 中兴通讯股份有限公司 Allocation method and device of network address translation (NAT) resources

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1777194A (en) * 2005-12-16 2006-05-24 中国科学院计算技术研究所 Network address converting method for supporting multi-dialogue application-layer protocol under PAT mode
CN101247421A (en) * 2008-03-28 2008-08-20 杭州华三通信技术有限公司 Self-adapting distribution method and system of NAT address pool under distributed structure
CN102299975A (en) * 2010-06-28 2011-12-28 杭州华三通信技术有限公司 Method and system for regulating NAT (Network Address Translation) equipment self-adapting to multilayer NAT environment
CN103560979A (en) * 2013-11-21 2014-02-05 中国联合网络通信集团有限公司 Resource distribution method and device
CN105491171A (en) * 2014-09-17 2016-04-13 中兴通讯股份有限公司 Allocation method and device of network address translation (NAT) resources

Also Published As

Publication number Publication date
CN105939404A (en) 2016-09-14

Similar Documents

Publication Publication Date Title
CN107948076B (en) Method and device for forwarding message
WO2017005223A1 (en) Information sharing method of smart electricity meter, smart electricity meter and acquisition router
CN105556916B (en) The information statistical method and device of network flow
JP2021530912A (en) Network slice control method and device, computer readable storage medium
CN103416022B (en) Throughput testing approach and system in service in distribution router/exchange board structure
CN106357542B (en) The method and software defined network controller of multicast service are provided
CN105939404B (en) The acquisition methods and device of NAT resource
CN105163071B (en) Obtain the system and method for the monitor video of monitor supervision platform
CN108293200B (en) Device throughput determination
CN106302230B (en) A kind of data transmission method and device
CN109474713A (en) Message forwarding method and device
CN106464670B (en) Network entity and service strategy management method
CN106027354B (en) The reflow method and device of VPN client
CN105187312A (en) Method, device and router for carrying out network communication on batch terminal equipment
CN109995664A (en) A kind of method, apparatus and system sending data flow
CN110855424A (en) Method and device for synthesizing asymmetric flow xDR in DPI field
CN102970391B (en) Inquiry of the domain name processing method, server and system
CN112532466A (en) Flow identification method and device and storage medium
CN107819596A (en) Diagnostic method, the apparatus and system of SDN failure
CN103560970A (en) Method for realizing downlink speed limitation of network device with multiple LAN ports
JP2015154325A (en) Apparatus selection network system, apparatus selection server, and program
CN107409047A (en) Encrypt the coordinate packet delivering of session
US10103950B2 (en) Hub filtering
CN104994178B (en) A kind of method for network address translation and device
CN105099936A (en) Network resource configuration method and apparatus as well as network system

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
CB02 Change of applicant information

Address after: Binjiang District and Hangzhou city in Zhejiang Province Road 310051 No. 68 in the 6 storey building

Applicant after: Hangzhou Dipu Polytron Technologies Inc

Address before: Binjiang District and Hangzhou city in Zhejiang Province Road 310051 No. 68 in the 6 storey building

Applicant before: Hangzhou Dipu Technology Co., Ltd.

CB02 Change of applicant information
GR01 Patent grant
GR01 Patent grant