CN111835859B - Method for operating local area network equipment controller in cross-network segment mode and intelligent optical network equipment - Google Patents
Method for operating local area network equipment controller in cross-network segment mode and intelligent optical network equipment Download PDFInfo
- Publication number
- CN111835859B CN111835859B CN202010700087.9A CN202010700087A CN111835859B CN 111835859 B CN111835859 B CN 111835859B CN 202010700087 A CN202010700087 A CN 202010700087A CN 111835859 B CN111835859 B CN 111835859B
- Authority
- CN
- China
- Prior art keywords
- server
- tcp connection
- intelligent optical
- optical network
- message
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/14—Session management
- H04L67/141—Setup of application sessions
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
- H04L63/0428—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
- H04L63/0428—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
- H04L63/0442—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload wherein the sending and receiving network entities apply asymmetric encryption, i.e. different keys for encryption and decryption
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/14—Session management
- H04L67/146—Markers for unambiguous identification of a particular session, e.g. session cookie or URL-encoding
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04Q—SELECTING
- H04Q11/00—Selecting arrangements for multiplex systems
- H04Q11/0001—Selecting arrangements for multiplex systems using optical switching
- H04Q11/0062—Network aspects
Landscapes
- Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Computer Security & Cryptography (AREA)
- Signal Processing (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Data Exchanges In Wide-Area Networks (AREA)
Abstract
The invention discloses a method for operating a local area network device controller across network segments and intelligent optical network equipment, which comprises the steps of establishing TCP connection with a wide area network server; receiving an operation message sent by a server, wherein the operation message comprises an MAC address of an operated device controller; analyzing the operation message to obtain the MAC address of the operated device controller; inquiring a connection mapping table of the equipment controller and the intelligent optical network equipment port to obtain a port to be forwarded by the operation message; forwarding operation data acquired by analyzing the operation message to the port of the intelligent optical network equipment; the invention realizes the receiving of the control operation instruction data of the wide area network server and the forwarding to the equipment controller of the local area network through the intelligent optical network equipment, and realizes the centralized management and control of the local area network equipment by the wide area network server.
Description
Technical Field
The invention relates to the field of data communication, in particular to a method for operating a local area network device controller in a cross-network section mode and intelligent optical network equipment.
Background
At present, in order to realize that a software platform in a wide area network can control devices under a local area network, a private network needs to be configured for a software server in the wide area network, or network devices in the local area network need to be connected under a device supporting an intranet penetration function.
The above method has the following drawbacks:
1. configuring a private network for a software server in a wide area network adds additional cost to using the private network, and some network device controllers do not support communication with software platforms in the wide area network.
2. Connecting network equipment in a local area network to equipment supporting the intranet penetration function also requires additional expense in using such a strategy.
Disclosure of Invention
In view of the problems in the prior art, the invention provides a method for operating a local area network device controller across network segments and an intelligent optical network device, which utilize the developed intelligent optical network device to realize the operation data communication between a wide area network server and a device controller connected with an intelligent optical network unit in a local area network, thereby realizing the control operation of the wide area network server on the local area network device controller.
Specifically, the invention provides a method for operating a local area network device controller across network segments, which is applied to intelligent optical network devices located in a local area network and comprises the following steps:
establishing a TCP connection with a wide area network server;
receiving an operation message sent by a server, wherein the operation message comprises an MAC address of an operated device controller;
analyzing the operation message to obtain an MAC address of the operated device controller;
inquiring a connection mapping table of an equipment controller and an intelligent optical network equipment port to obtain a port to be forwarded by an operation message;
forwarding operation data acquired by analyzing the operation message to the port of the intelligent optical network equipment;
and receiving an operation result of the operated device controller, packaging the data and sending the data to the server.
As a further optimization of the foregoing solution, the step of establishing a TCP connection with the wan server includes:
sending a TCP connection request to a server, and establishing a first TCP connection with the server;
sending a first data packet to a server through a first TCP connection, wherein the first data packet is used for sending a polling request to the server;
and receiving a polling response of the server, and sending a second data packet to the server through the first TCP connection, wherein the second data packet is used for sending a TCP connection request to the server and establishing a second TCP connection with the server.
As a further optimization of the above scheme, the operation packet sent by the receiving server is received through the second TCP connection, and is sent to the server through the second TCP connection after being encapsulated by the operation result of the operation device controller.
As a further optimization of the foregoing solution, the sending a polling request to a server further includes: after the polling request is sent based on the first preset polling configuration, if the polling response of the server is not received, switching to a second preset polling configuration, wherein the polling configuration comprises a polling interval and a round-robin frequency.
As a further optimization of the above solution, the parsing operation packet obtains an MAC address of the operated device controller, including a decryption operation on the packet, and the receiving and data encapsulating operation on the operation result of the operated device controller includes an encryption operation on encapsulated data, specifically:
the decryption operation includes:
the method comprises the steps that the intelligent optical network equipment decrypts a first secret key encrypted data part in a received operation message based on a private key given by an asymmetric secret key encryption algorithm to obtain a first secret key of the first secret key encrypted data part, wherein the first secret key is randomly generated for a server;
decrypting the encrypted message data part in the operation message by using the first secret key;
the encryption operation comprises the following steps:
the intelligent optical network equipment encrypts the operation result message based on a second secret key corresponding to the symmetric secret key encryption method to generate encrypted message data, wherein the second secret key is randomly generated by the intelligent optical network equipment;
and encrypting the secret key through a public key given by an asymmetric secret key encryption algorithm to generate second secret key encrypted data, and sending the encrypted message data and the second secret key encrypted data to the server.
The invention also provides an intelligent optical network device for operating the local area network device controller across network segments, which comprises:
a TCP connection establishing unit for establishing a TCP connection with a wide area network server;
an operation message receiving unit, configured to receive an operation message sent by a server, where the operation message includes an MAC address of an operated device controller;
the message analysis unit is used for analyzing the operation message to obtain the MAC address of the operated device controller;
the port mapping query unit is used for querying a connection mapping table between the equipment controller and the port of the intelligent optical network equipment to acquire the port to be forwarded by the operation message;
a message forwarding unit, configured to forward operation data obtained by parsing the operation message to the port;
and the operation result processing unit is used for receiving the operation result of the operated equipment controller, packaging the data and forwarding the data to the server.
As a further optimization of the above scheme, the TCP connection establishing unit includes:
the first TCP connection establishment request subunit is used for sending a TCP connection request to the server and establishing a first TCP connection with the server;
the polling request subunit is used for sending a first data packet to the server through a first TCP connection, wherein the first data packet is used for sending a polling request to the server;
and the second TCP connection establishment request subunit is used for receiving the polling response of the server, sending a second data packet to the server through the first TCP connection, and the second data packet is used for sending a TCP connection request to the server and establishing a second TCP connection with the server.
As a further optimization of the above scheme, the operation packet sent by the receiving server is received through the second TCP connection, and is forwarded to the server through the second TCP connection after being encapsulated by the operation result of the operating device controller.
The invention also provides a method for operating the local area network equipment controller across network segments, which is applied to a server of a wide area network and comprises the following steps:
receiving a TCP connection request of intelligent optical network equipment, and establishing a first TCP connection with the intelligent optical network equipment;
acquiring information of an operated equipment controller according to an operation instruction input by a user, and inquiring an equipment controller and an intelligent optical network equipment affiliated relationship data table to acquire an intelligent optical network equipment for managing the operated equipment controller and an MAC address of the equipment controller;
sending a polling response to intelligent optical network equipment managing an operated equipment controller, wherein the polling response is used for sending a data transmission request to the intelligent optical network equipment;
receiving a TCP connection request of the intelligent optical network equipment, and establishing a second TCP connection with the intelligent optical network equipment;
generating an operation message according to the operation instruction and the information of the operated device controller, wherein the operation message comprises operation data and an MAC address of the operated device controller;
sending the generated operation message to the intelligent optical network equipment through a second TCP connection;
and receiving an operation result message sent by the intelligent optical network equipment, analyzing and then forwarding the operation result message to the corresponding user side.
The invention also provides a server for operating the local area network equipment controller across network segments, which comprises the following steps:
the first TCP connection establishing unit is used for receiving a TCP connection request of the intelligent optical network equipment and establishing first TCP connection with the intelligent optical network equipment;
the operation message sending path acquiring unit is used for acquiring information of the operated equipment controller according to an operation instruction input by a user, inquiring an equipment controller and an intelligent optical network equipment affiliated relationship data table to acquire an intelligent optical network equipment for managing the operated equipment controller and an MAC address of the equipment controller;
the data transmission request unit is used for sending a polling response to the intelligent optical network equipment managing the operated equipment controller, and the polling response is used for sending a data transmission request to the intelligent optical network equipment;
the second TCP connection establishing unit is used for receiving a TCP connection request of the intelligent optical network equipment and establishing second TCP connection with the intelligent optical network equipment;
the operation message generating unit is used for generating an operation message according to the operation instruction and the information of the operated device controller, wherein the operation message comprises operation data and an MAC address of the operated device controller;
the operation message sending unit is used for sending the generated operation message to the intelligent optical network equipment through a second TCP connection;
and the operation result receiving and processing unit is used for receiving the operation result message sent by the intelligent optical network equipment, analyzing the operation result message and then forwarding the analyzed operation result message to the corresponding user side.
The method for operating the local area network equipment controller in a cross-network section and the intelligent optical network equipment have the following beneficial effects:
1. the invention actively establishes a connection channel through the intelligent optical network equipment and the server to timely acquire the operation control message of the server, and simultaneously realizes the transmission of the control message data transmitted by the wide area network to the local area network equipment controller through the connection of the intelligent optical network equipment and the equipment controller in the local area network, so that the user remote control equipment controller is not limited by the cross-network segment network environment, the application range of the user remote control is expanded, and the working efficiency of a user using the remote control equipment controller function is improved.
2. The method receives the operation message data of the server through the intelligent optical network equipment of the local area network, obtains the MAC address of the operated equipment controller carried in the message data through analysis, obtains the port to be forwarded of the message through the connection mapping table of the equipment controller in the intelligent optical network equipment and the intelligent optical network equipment port, forwards the control instruction to the corresponding equipment controller, receives the operation result response data of the equipment controller and sends the operation result response data to the server, and achieves the control operation of the wide area network server to the local area network equipment controller.
Drawings
Fig. 1 is a system block diagram of an equipment controller, an intelligent optical network device and a server in the method for operating a local area network equipment controller across network segments according to the present invention;
fig. 2 is a flow chart of a method of the present invention applied to a controller of an intelligent optical network device for operating a lan device across network segments;
FIG. 3 is a flow diagram of a two establish connection request process for establishing a TCP connection with a WAN server of FIG. 2;
fig. 4 is a block diagram of an intelligent optical network device for cross-network segment operation of a lan device controller according to the present invention;
FIG. 5 is a flow diagram of a method of operating a LAN device controller across network segments for a WAN server in accordance with the present invention;
FIG. 6 is a block diagram of a server operating a LAN device controller across network segments in accordance with the present invention;
Detailed Description
The technical solution of the present invention is further explained below with reference to the specific embodiments and the accompanying drawings.
The invention provides an operation control method of a wide area network server and equipment controllers of different local area networks, which is characterized in that intelligent optical network equipment is developed, the intelligent optical network equipment is arranged in the local area networks and is connected with the equipment controllers of a plurality of local area networks, the communication transmission of operation control data of the server and the equipment controllers of different local area networks is realized, and the equipment controllers of the local area networks can be broadcast/music players, RFID detection equipment, large-screen equipment, environment monitoring equipment and the like.
Specifically, the invention provides a method for operating a local area network device controller across network segments, which is applied to intelligent optical network devices located in a local area network and comprises the following steps:
establishing a TCP connection with a wide area network server, specifically comprising two connection request processes:
the method comprises the steps that the intelligent optical network equipment sends a TCP connection request to a server and establishes first TCP connection with the server;
sending a first data packet to a server through a first TCP connection, wherein the first data packet is used for sending a polling request to the server and requesting the server whether operation message data needing to be transmitted exist or not;
when the server side has data needing to be sent to the intelligent optical network device, the server responds to the polling request, the intelligent optical network device receives the polling response of the server and sends a second data packet to the server through the first TCP connection, and the second data packet is used for sending a TCP connection request to the server and establishing a second TCP connection with the server;
receiving an operation message sent by a server through a second TCP connection, wherein the operation message comprises an MAC address of an operated device controller;
the operation message comprises operation instruction data, an MAC address of an operated device controller and header data of which a server address serves as a source address and an intelligent optical network device serves as a destination address, and is encrypted data;
the intelligent optical network equipment analyzes the operation message to obtain an MAC address and operation instruction data of the operated equipment controller; the step comprises the decryption operation of the operation message data, and the MAC address and the operation instruction data of the operated device controller are obtained after the decryption;
inquiring a connection mapping table of the equipment controller and the intelligent optical network equipment port to obtain a port to be forwarded by the operation message; the mapping table comprises MAC addresses of all equipment controllers connected with the intelligent optical network equipment and port information connected with the corresponding equipment controllers; specifically, the intelligent optical network device may perform an add/delete update operation on the mapping table;
transmitting the operation data obtained by analyzing the operation message to the port of the intelligent optical network equipment, and sending the operation data to an equipment controller connected with the port through the port;
the equipment controller receives the operation instruction and then carries out corresponding operation processing, and sends operation result response data to the intelligent optical network equipment;
the method comprises the steps that the intelligent optical network equipment receives an operation result of an operated equipment controller, packages data, and sends the data to a server through a second TCP connection, wherein the data packaging process comprises an encryption operation process, specifically, data are packaged firstly, the address of the intelligent optical network equipment is used as a source address, the address of the server is used as a destination address, a server port connected with the second TCP is used as a destination port, and the port of the intelligent optical network equipment connected with the second TCP is used as a source port, packaged into a data packet, and then the encryption operation process is carried out.
In addition, in the process that the intelligent optical network device sends the polling request to the server, after the polling request is sent to the server based on the first preset polling configuration and no polling response of the server is received, the intelligent optical network device is switched to the second preset polling configuration, wherein the polling configuration comprises a polling interval and a polling frequency, the polling interval in the first preset polling configuration is larger than the polling interval in the second preset polling configuration, invalid polling requests can be reduced, and the polling efficiency is improved.
After the first TCP connection is established between the intelligent optical network device and the server, the connection identifier sent by the server is received, the connection identifier is used for identifying that the intelligent optical network device is a legal intelligent optical network device which is already connected with the server, when the intelligent optical network device sends a second TCP connection establishment request to the server, the connection identifier is carried, the server determines that the intelligent optical network device is the legal device which is already connected with the first TCP according to the connection identifier, and the server preferentially responds to the second TCP connection establishment request sent by the intelligent optical network device to establish the second TCP connection with the intelligent optical network device, so that the transmission of operation message data is carried out, and the efficiency of the WAN server operating the local area network device controller in a cross-network segment manner is improved.
The decrypting the operation message sent by the server includes:
the method comprises the steps that the intelligent optical network equipment decrypts a first secret key encrypted data part in a received operation message based on a private key given by an asymmetric secret key encryption algorithm to obtain a first secret key of the first secret key encrypted data part, wherein the first secret key is randomly generated by a server;
decrypting the encrypted message data part in the operation message by using the first secret key;
the encryption operation after the operation result data is encapsulated specifically includes: the encryption operation comprises the following steps:
the intelligent optical network equipment encrypts the operation result message based on a second secret key corresponding to the symmetric secret key encryption method to generate encrypted message data, wherein the second secret key is randomly generated by the intelligent optical network equipment;
and encrypting the secret key through a public key given by an asymmetric secret key encryption algorithm to generate second secret key encrypted data, and sending the encrypted message data and the second secret key encrypted data to the server.
Specifically, the asymmetric key algorithm may adopt a national key SM2, the symmetric key algorithm adopts a national key SM4, in the encryption and decryption process of the operation data, the message application based on the operation data is encrypted by using the symmetric key algorithm, the key of the symmetric key algorithm is encrypted by using the asymmetric key algorithm, the data volume of the key is small, the requirement on transmission efficiency is not high, but the requirement on security is higher. For the message of the operation data, the symmetric key algorithm is adopted for encryption and decryption, so that the data processing efficiency can be ensured to be higher.
The invention also provides intelligent optical network equipment for operating a local area network equipment controller in a cross-network section based on the method for operating the local area network equipment controller in the cross-network section applied to the intelligent optical network equipment, and the intelligent optical network equipment realizes the method and comprises the following steps:
a TCP connection establishing unit for establishing a TCP connection with a wide area network server, the TCP connection establishing unit comprising:
the first TCP connection establishment request subunit is used for sending a TCP connection request to the server and establishing a first TCP connection with the server;
the polling request subunit is used for sending a first data packet to the server through a first TCP connection, wherein the first data packet is used for sending a polling request to the server;
and the second TCP connection establishment request subunit is used for receiving the polling response of the server, sending a second data packet to the server through the first TCP connection, and the second data packet is used for sending a TCP connection request to the server and establishing a second TCP connection with the server.
The message analysis unit comprises a decryption unit and a message sending unit, wherein the decryption unit is used for decrypting the received operation message sent by the server;
the message analysis unit is used for analyzing the operation message to obtain the MAC address of the operated device controller;
the port mapping query unit is used for querying a connection mapping table between the equipment controller and the port of the intelligent optical network equipment to acquire the port to be forwarded by the operation message;
a message forwarding unit, configured to forward operation data obtained by parsing the operation message to the port;
and the operation result processing unit is used for receiving the operation result of the operated device controller, packaging the data and sending the packaged data to the server, and comprises an encryption unit used for encrypting the packaged operation result data.
And the operation message sent by the receiving server is received through the second TCP connection, and is transmitted to the server through the second TCP connection after being encapsulated by the operation result of the operation equipment controller.
The invention also provides a method for operating the local area network equipment controller across network segments, which is applied to a server of a wide area network and comprises the following steps:
receiving a TCP connection request of intelligent optical network equipment, and establishing a first TCP connection with the intelligent optical network equipment;
acquiring information of an operated equipment controller according to an operation instruction input by a user, and inquiring an equipment controller and an intelligent optical network equipment affiliated relationship data table to acquire an intelligent optical network equipment for managing the operated equipment controller and an MAC address of the equipment controller; the data table includes all intelligent optical network device information and device controller information to which each intelligent optical network device is connected,
sending a polling response to the intelligent optical network equipment managing the operated equipment controller according to the information acquired by the query data table, wherein the polling response is used for sending a data transmission request to the intelligent optical network equipment, and the intelligent optical network unit sends a request for establishing a second TCP connection to the server based on the response;
the server receives a TCP connection request of the intelligent optical network equipment and establishes a second TCP connection with the intelligent optical network equipment;
generating an operation message according to the operation instruction and the information of the operated device controller, wherein the operation message comprises operation data and an MAC address of the operated device controller; the operation message is encrypted, specifically, the server address is used as a source address, the intelligent optical network device address is used as a destination address, the server port connected with the second TCP is used as a source port, the intelligent optical network device port connected with the second TCP is used as a destination port, the operation message is encapsulated into a data packet, and then an encryption operation process is performed, wherein the encryption operation process comprises:
the server encrypts the operation instruction data based on a first secret key corresponding to a symmetric key encryption method to generate encrypted message data, wherein the first secret key is randomly generated by the server;
and encrypting the first secret key through a public key given by an asymmetric secret key encryption algorithm to generate second secret key encrypted data, and sending the encrypted message data and the second secret key encrypted data to the intelligent optical network equipment.
After encryption, sending the generated encrypted operation message to the intelligent optical network equipment through a second TCP connection;
the information of the operation message is transmitted to the corresponding equipment controller through the second TCP connection and the intelligent optical network equipment, and the equipment controller returns operation response result data after a qualitative operation instruction and transmits the operation response result data through the intelligent optical network equipment and the second TCP connection;
and the server receives the operation result message sent by the intelligent optical network equipment, and forwards the operation result message to the corresponding user side after analysis. The analysis process includes a decryption operation process, specifically, the server decrypts a second secret key encrypted data part in the received operation result message based on a private key given by an asymmetric secret key encryption algorithm to obtain a second secret key of the second secret key encrypted data part, wherein the second secret key is randomly generated by the intelligent optical network equipment;
and decrypting the encrypted message data part in the operation result message by using the second secret key.
In addition, after the server establishes the first TCP connection with the intelligent optical network device, the method further includes: generating a connection identifier; and sending a connection identifier to the intelligent optical network equipment through the first TCP connection, so that the intelligent optical network equipment preferentially responds to the establishment request information and timely transmits the operation message data when sending a second TCP connection establishment request to the server.
Based on the method for operating the local area network device controller across network segments applied to the server, the invention also provides the server for operating the local area network device controller across network segments, which comprises the following steps:
the first TCP connection establishing unit is used for receiving a TCP connection request of the intelligent optical network equipment and establishing a first TCP connection with the intelligent optical network equipment, and the first TCP connection establishing unit comprises a connection identifier generating subunit and is used for generating a connection identifier and sending the connection identifier to the intelligent optical network equipment through the first TCP connection after the first TCP connection is established with the intelligent optical network equipment. (ii) a
An operation message sending path obtaining unit, configured to obtain information of an operated device controller according to an operation instruction input by a user, and query a device controller and an intelligent optical network device affiliated relationship data table to obtain an intelligent optical network device that manages the operated device controller and an MAC address of the device controller;
the data transmission request unit is used for sending a polling response to the intelligent optical network equipment managing the operated equipment controller, and the polling response is used for sending a data transmission request to the intelligent optical network equipment;
the second TCP connection establishing unit is used for receiving a TCP connection request of the intelligent optical network equipment and establishing second TCP connection with the intelligent optical network equipment;
the operation message generating unit generates an operation message according to the operation instruction and the information of the operated device controller, wherein the operation message comprises operation data and an MAC (media access control) address of the operated device controller, and the operation message generating unit comprises an encryption sub-unit which is used for encrypting the operation message; (ii) a
The operation message sending unit is used for sending the generated operation message to the intelligent optical network equipment through a second TCP connection;
and the operation result receiving and processing unit is used for receiving the operation result message sent by the intelligent optical network equipment, analyzing the operation result message and then forwarding the analyzed operation result message to the corresponding user side, and comprises a decryption subunit used for decrypting the received operation result message.
The present invention is not limited to the above-described embodiments, and those skilled in the art will be able to make various modifications without creative efforts from the above-described conception, and fall within the scope of the present invention.
Claims (9)
1. A method for operating a local area network device controller across network segments is characterized in that: the intelligent optical network equipment applied to the local area network comprises the following steps:
establishing a TCP connection with a wide area network server;
receiving an operation message sent by a server, wherein the operation message comprises an MAC address of an operated device controller;
analyzing the operation message to obtain an MAC address of the operated device controller;
inquiring a connection mapping table of the equipment controller and the intelligent optical network equipment port to obtain a port to be forwarded by the operation message;
forwarding operation data acquired by analyzing the operation message to the port of the intelligent optical network equipment;
receiving an operation result of an operated device controller, packaging data and sending the data to a server;
the step of establishing a TCP connection with a wide area network server comprises:
sending a TCP connection request to a server, and establishing a first TCP connection with the server;
sending a first data packet to a server through a first TCP connection, wherein the first data packet is used for sending a polling request to the server;
and receiving a polling response of the server, and sending a second data packet to the server through the first TCP connection, wherein the second data packet is used for sending a TCP connection request to the server and establishing a second TCP connection with the server.
2. A method of operating a local area network device controller across network segments according to claim 1, wherein: and the operation message sent by the receiving server is received through the second TCP connection, and is packaged by the operation result of the operation equipment controller and then is sent to the server through the second TCP connection.
3. A method of operating a local area network device controller across network segments according to claim 1, wherein: the sending a polling request to a server further comprises: after the polling request is sent based on the first preset polling configuration, if the polling response of the server is not received, switching to a second preset polling configuration, wherein the polling configuration comprises a polling interval and a round-robin frequency.
4. A method of operating a local area network device controller across network segments according to claim 1, wherein: the analyzing operation message obtains the MAC address of the operated device controller, including a decryption operation on the message, and the receiving and data encapsulation of the operation result of the operated device controller, including an encryption operation on encapsulated data, specifically:
the decryption operation includes:
the method comprises the steps that the intelligent optical network equipment decrypts a first secret key encrypted data part in a received operation message based on a private key given by an asymmetric secret key encryption algorithm to obtain a first secret key of the first secret key encrypted data part, wherein the first secret key is randomly generated by a server;
decrypting the encrypted message data part in the operation message by using the first secret key;
the encryption operation includes:
the intelligent optical network equipment encrypts the operation result message based on a second secret key corresponding to the symmetric key encryption method to generate encrypted message data, wherein the second secret key is randomly generated for the intelligent optical network equipment;
and encrypting the secret key through a public key given by an asymmetric secret key encryption algorithm to generate second secret key encrypted data, and sending the encrypted message data and the second secret key encrypted data to the server.
5. An intelligent optical network device of a local area network device controller operated across network segments is characterized in that: the method comprises the following steps:
a TCP connection establishing unit for establishing a TCP connection with a wide area network server;
an operation message receiving unit, configured to receive an operation message sent by a server, where the operation message includes an MAC address of an operated device controller;
the message analysis unit is used for analyzing the operation message to obtain the MAC address of the operated device controller;
the port mapping query unit is used for querying a connection mapping table between the equipment controller and the port of the intelligent optical network equipment to obtain the port to be forwarded by the operation message;
a message forwarding unit, configured to forward operation data obtained by parsing the operation message to the port;
the operation result processing unit is used for receiving the operation result of the operated device controller, performing data encapsulation and forwarding the operation result to the server;
the step of establishing a TCP connection with a wide area network server comprises:
sending a TCP connection request to a server, and establishing a first TCP connection with the server;
sending a first data packet to a server through a first TCP connection, wherein the first data packet is used for sending a polling request to the server;
and receiving a polling response of the server, and sending a second data packet to the server through the first TCP connection, wherein the second data packet is used for sending a TCP connection request to the server and establishing a second TCP connection with the server.
6. An intelligent optical network device for operating a local area network device controller across network segments as claimed in claim 5, wherein: the TCP connection establishment unit includes:
the first TCP connection establishment request subunit is used for sending a TCP connection request to the server and establishing a first TCP connection with the server;
the polling request subunit is used for sending a first data packet to the server through a first TCP connection, and the first data packet is used for sending a polling request to the server;
and the second TCP connection establishment request subunit is used for receiving the polling response of the server, sending a second data packet to the server through the first TCP connection, and the second data packet is used for sending a TCP connection request to the server and establishing a second TCP connection with the server.
7. The intelligent optical network device of claim 6, wherein the local area network device controller is operated across network segments, and wherein: and the operation message sent by the receiving server is received through the second TCP connection, and is transmitted to the server through the second TCP connection after being encapsulated by the operation result of the operation equipment controller.
8. A method for operating a local area network device controller across network segments is characterized in that: a server for use in a wide area network, comprising the steps of:
receiving a TCP connection request of intelligent optical network equipment, and establishing a first TCP connection with the intelligent optical network equipment;
acquiring information of an operated equipment controller according to an operation instruction input by a user, and inquiring an equipment controller and an intelligent optical network equipment affiliated relationship data table to acquire an intelligent optical network equipment for managing the operated equipment controller and an MAC address of the equipment controller;
sending a polling response to intelligent optical network equipment managing an operated equipment controller, wherein the polling response is used for sending a data transmission request to the intelligent optical network equipment;
receiving a TCP connection request of the intelligent optical network equipment, and establishing a second TCP connection with the intelligent optical network equipment;
generating an operation message according to the operation instruction and information of the operated device controller, wherein the operation message comprises operation data and an MAC address of the operated device controller;
sending the generated operation message to the intelligent optical network equipment through a second TCP connection;
and receiving an operation result message sent by the intelligent optical network equipment, analyzing and then forwarding the operation result message to the corresponding user side.
9. A server for operating a local area network device controller across network segments, comprising: the method comprises the following steps:
the first TCP connection establishing unit is used for receiving a TCP connection request of the intelligent optical network equipment and establishing first TCP connection with the intelligent optical network equipment;
the operation message sending path acquiring unit is used for acquiring information of the operated equipment controller according to an operation instruction input by a user, inquiring an equipment controller and an intelligent optical network equipment affiliated relationship data table to acquire an intelligent optical network equipment for managing the operated equipment controller and an MAC address of the equipment controller;
the data transmission request unit is used for sending a polling response to the intelligent optical network equipment managing the operated equipment controller, and the polling response is used for sending a data transmission request to the intelligent optical network equipment;
the second TCP connection establishing unit is used for receiving a TCP connection request of the intelligent optical network equipment and establishing second TCP connection with the intelligent optical network equipment;
the operation message generating unit is used for generating an operation message according to the operation instruction and the information of the operated equipment controller, wherein the operation message comprises operation data and an MAC (media access control) address of the operated equipment controller;
the operation message sending unit is used for sending the generated operation message to the intelligent optical network equipment through a second TCP connection;
and the operation result receiving and processing unit is used for receiving the operation result message sent by the intelligent optical network equipment, analyzing the operation result message and then forwarding the analyzed operation result message to the corresponding user side.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202010700087.9A CN111835859B (en) | 2020-07-20 | 2020-07-20 | Method for operating local area network equipment controller in cross-network segment mode and intelligent optical network equipment |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202010700087.9A CN111835859B (en) | 2020-07-20 | 2020-07-20 | Method for operating local area network equipment controller in cross-network segment mode and intelligent optical network equipment |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN111835859A CN111835859A (en) | 2020-10-27 |
| CN111835859B true CN111835859B (en) | 2022-11-15 |
Family
ID=72923064
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202010700087.9A Active CN111835859B (en) | 2020-07-20 | 2020-07-20 | Method for operating local area network equipment controller in cross-network segment mode and intelligent optical network equipment |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN111835859B (en) |
Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN105847147A (en) * | 2016-03-17 | 2016-08-10 | 浙江宇视科技有限公司 | Data transmission method and device |
| CN107465617A (en) * | 2016-06-02 | 2017-12-12 | 中兴通讯股份有限公司 | The message transmission control method and communication network device of communication network device |
| CN109450791A (en) * | 2018-11-30 | 2019-03-08 | 四川安迪科技实业有限公司 | The method and system of the host intercommunication of the host and main website side of remote station side |
Family Cites Families (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101127681B (en) * | 2007-09-05 | 2011-01-19 | 杭州华三通信技术有限公司 | Method and device for binding server MAC address with uplink port |
| CN106161457B (en) * | 2016-07-26 | 2019-09-27 | 刘昱 | Network domains isolating device and method based on SDN |
| CN108696431B (en) * | 2018-06-27 | 2021-09-17 | 深圳市普威技术有限公司 | Local area network port configuration method and device, switching chip and route switching equipment |
| CN110365778B (en) * | 2019-07-17 | 2021-09-07 | 腾讯科技(深圳)有限公司 | Communication control method and device, electronic equipment and storage medium |
-
2020
- 2020-07-20 CN CN202010700087.9A patent/CN111835859B/en active Active
Patent Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN105847147A (en) * | 2016-03-17 | 2016-08-10 | 浙江宇视科技有限公司 | Data transmission method and device |
| CN107465617A (en) * | 2016-06-02 | 2017-12-12 | 中兴通讯股份有限公司 | The message transmission control method and communication network device of communication network device |
| CN109450791A (en) * | 2018-11-30 | 2019-03-08 | 四川安迪科技实业有限公司 | The method and system of the host intercommunication of the host and main website side of remote station side |
Non-Patent Citations (1)
| Title |
|---|
| 局域网IP冲突分析与解决方法研究;高君丰等;《科学之友》;20111025(第20期);全文 * |
Also Published As
| Publication number | Publication date |
|---|---|
| CN111835859A (en) | 2020-10-27 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| JP3263878B2 (en) | Cryptographic communication system | |
| FI108827B (en) | A method for implementing connection security in a wireless network | |
| CN110971626B (en) | Enterprise branch office access request processing method, device and system | |
| EP2355401A1 (en) | Key distribution system | |
| CA2419853A1 (en) | Location-independent packet routing and secure access in a short-range wireless networking environment | |
| CN106464596A (en) | Openflow communication method, system, controller, and service gateway | |
| RU2005132301A (en) | SECURITY IN ARRIVAL LOCALIZATION NETWORKS | |
| KR101686015B1 (en) | DATA TRANSFERRING METHOD USING MULTIPLE SECRET KEYS IN IoT NETWORK | |
| CN110855634A (en) | Cross-network switching service system and method based on secure network | |
| JP2011205244A (en) | Information processing device, route control device, data relay method, and program | |
| JPH07107082A (en) | Cipher gateway device | |
| CN107659930A (en) | A kind of AP connection control methods and device | |
| CN114143050B (en) | Video data encryption system | |
| JP3296514B2 (en) | Encryption communication terminal | |
| US20030007645A1 (en) | Method and system for allowing a sender to send an encrypted message to a recipient from any data terminal | |
| CN111835859B (en) | Method for operating local area network equipment controller in cross-network segment mode and intelligent optical network equipment | |
| CN111787514B (en) | Method and device for acquiring equipment control data, storage medium and electronic device | |
| WO2007112824A1 (en) | Method for transferring messages comprising extensible markup language information | |
| CN104038930B (en) | A kind of method of Duan Dao centers IP packets encryption | |
| JP3263879B2 (en) | Cryptographic communication system | |
| CN101834722B (en) | Communication method for encrypted equipment and unencrypted equipment hybrid networking | |
| CN114070606A (en) | Network security terminal device based on domestic operating system and working method | |
| EP4348929A1 (en) | Protocol translation for encrypted data traffic | |
| CN109194558B (en) | Tunnel message authentication forwarding method and system | |
| CN101783791B (en) | System and method for realizing network access authentication, transmission encryption and UTM |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| CB02 | Change of applicant information |
Address after: Room 510, R&D Center Building, China (Hefei) International Intelligent Voice Industrial Park, No. 3333 Xiyou Road, High-tech Zone, Hefei City, Anhui Province, 230088 Applicant after: ANHUI HUASUDA ELECTRONIC TECHNOLOGY Co.,Ltd. Address before: Room 506, R & D center building, China (Hefei) international intelligent voice Industrial Park, 3333 Xiyou Road, high tech Zone, Hefei, Anhui 230088 Applicant before: ANHUI HUASUDA ELECTRONIC TECHNOLOGY Co.,Ltd. |
|
| CB02 | Change of applicant information | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |