CN113556694A - Information sending method, device, system, equipment and medium - Google Patents

Information sending method, device, system, equipment and medium Download PDF

Info

Publication number
CN113556694A
CN113556694A CN202010298839.3A CN202010298839A CN113556694A CN 113556694 A CN113556694 A CN 113556694A CN 202010298839 A CN202010298839 A CN 202010298839A CN 113556694 A CN113556694 A CN 113556694A
Authority
CN
China
Prior art keywords
information
group client
group
firewall
information center
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN202010298839.3A
Other languages
Chinese (zh)
Other versions
CN113556694B (en
Inventor
马龄彤
谢懿
何宇
谢伟
杨梓华
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
China Mobile Communications Group Co Ltd
Original Assignee
China Mobile Communications Group Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by China Mobile Communications Group Co Ltd filed Critical China Mobile Communications Group Co Ltd
Priority to CN202010298839.3A priority Critical patent/CN113556694B/en
Publication of CN113556694A publication Critical patent/CN113556694A/en
Application granted granted Critical
Publication of CN113556694B publication Critical patent/CN113556694B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W4/00Services specially adapted for wireless communication networks; Facilities therefor
    • H04W4/12Messaging; Mailboxes; Announcements
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L61/00Network arrangements, protocols or services for addressing or naming
    • H04L61/09Mapping addresses
    • H04L61/25Mapping addresses of the same type
    • H04L61/2503Translation of Internet protocol [IP] addresses
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/02Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
    • H04L63/0209Architectural arrangements, e.g. perimeter networks or demilitarized zones
    • H04L63/0218Distributed architectures, e.g. distributed firewalls
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/02Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
    • H04L63/0227Filtering policies
    • H04L63/0263Rule management
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/20Network architectures or network communication protocols for network security for managing network security; network security policies in general
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W24/00Supervisory, monitoring or testing arrangements
    • H04W24/04Arrangements for maintaining operational condition
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L61/00Network arrangements, protocols or services for addressing or naming
    • H04L61/09Mapping addresses
    • H04L61/25Mapping addresses of the same type
    • H04L61/2503Translation of Internet protocol [IP] addresses
    • H04L61/2514Translation of Internet protocol [IP] addresses between local and global IP addresses
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/02Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
    • H04L63/0227Filtering policies
    • H04L63/0236Filtering by address, protocol, port number or service, e.g. IP-address or URL

Abstract

The application discloses a method, a device, a system, equipment and a medium for sending information. The method comprises the following steps: receiving information sent by a group client set, wherein the information comprises an internet protocol address (IP) of the group client set, and the IP of the group client set and the IPs of a plurality of group clients have a first mapping relation in advance so that the group clients send the information to the group client set matched with the group clients according to the first mapping relation; and sending the information sent by the group client set to the information center corresponding to the group client set according to a second mapping relation between the pre-stored IP of the group client set and the IP of the information center, so that the information center sends the information to the user. According to the embodiment of the invention, the quantity and the configuration complexity of the network strategies after the information center is constructed in a centralized manner can be reduced.

Description

Information sending method, device, system, equipment and medium
Technical Field
The present invention relates to the field of communications technologies, and in particular, to a method, an apparatus, a system, a device, and a medium for sending information.
Background
With the development of communication services, core network equipment is constructed by centralizing telecommunication cloud large areas, communication services of a plurality of provinces are deployed in the telecommunication cloud large areas, a single telecommunication cloud large area bears the service volume of hundreds of millions of users, and an information center is deployed in a centralized telecommunication cloud resource pool and used for realizing communication between group customers and individual users, such as information sending.
After the telecommunication cloud large area is constructed in a centralized manner, the number of group clients butted by a single information center is increased rapidly, the number and configuration complexity of centralized network strategies are increased synchronously, and the service experience such as time delay is easily and directly influenced. Therefore, when the service requirements are met, the complexity of network configuration is reduced, and the service experience is improved, which is indispensable in the centralized construction of the telecommunication cloud.
Disclosure of Invention
The embodiment of the invention provides an information sending method, an information sending device, an information sending system, information sending equipment and an information sending medium, which can reduce the quantity and the configuration complexity of network strategies after centralized bonding of an information center.
According to a first aspect of the embodiments of the present invention, there is provided a method for sending information, the method including:
receiving information sent by a group client set, wherein the information comprises an internet protocol address (IP) of the group client set, and the IP of the group client set and the IPs of a plurality of group clients have a first mapping relation in advance so that the group clients send the information to the group client set matched with the group clients according to the first mapping relation;
and sending the information sent by the group client set to the information center corresponding to the group client set according to a second mapping relation between the pre-stored IP of the group client set and the IP of the information center, so that the information center sends the information to the user.
In a second aspect of the embodiments of the present invention, there is provided a method for sending information, which is used for a user to send information to a group client, and includes:
receiving information sent by a user, wherein the information comprises a target IP of a group client, and the target IP and the IP of a group client set have a first mapping relation so that the group client set can send the information to a corresponding group client;
determining a special IP corresponding to a corresponding group client set in a plurality of preset IPs according to a prestored third mapping relation and the plurality of preset IPs, wherein the third mapping relation is the corresponding relation between the IPs of the group client set and the preset IPs;
and sending the information to a DMZ firewall corresponding to the information center by using the special IP, so that the DMZ firewall sends the information to the convergence access firewall according to the special IP and sends the information to the group client through the convergence access firewall.
In a third aspect of the embodiments of the present invention, there is provided an information transmission apparatus for enabling a group client to transmit information to a user, the information transmission apparatus including:
the first receiving module is configured to receive information sent by a group client set, wherein the information comprises an internet protocol address (IP) of the group client set, and the IP of the group client set and the IPs of a plurality of group clients have a first mapping relation in advance so that the group clients send the information to the group client set matched with the group clients according to the first mapping relation;
and the first sending module is configured to send the information sent by the group client set to the information center corresponding to the group client set according to a second mapping relation between the pre-stored IP of the group client set and the IP of the information center, so that the information center sends the information to the user.
In a fourth aspect of the embodiments of the present invention, there is provided an information transmission apparatus for allowing a user to transmit information to group clients, the information transmission apparatus including:
the second receiving module is configured to receive information sent by a user, wherein the information comprises a target IP of a group client, and the target IP and the IP of the group client set have a first mapping relation so that the group client set can send the information to a corresponding group client;
the determining module is configured to determine a dedicated IP corresponding to the corresponding group client set in the plurality of preset IPs according to a prestored third mapping relationship and the plurality of preset IPs, wherein the third mapping relationship is a corresponding relationship between the IPs of the group client set and the preset IPs;
and the second sending module is configured to send the information to the DMZ firewall corresponding to the information center by using the private IP, so that the DMZ firewall sends the information to the convergence access firewall according to the private IP and sends the information to the group client through the convergence access firewall.
In a fourth aspect of the embodiments of the present invention, there is provided an information transmission system for transmitting information between a group client and a user, the information transmission system including:
the group client set module comprises a group client set, and the IP of the group client set and the IP of a plurality of group clients have a first mapping relation so that the group clients can send information to the group client set matched with the group clients according to the first mapping relation;
the convergence access firewall is connected with the group client set module and can receive the information sent by the group client set;
the DMZ firewall can be connected with the convergence access firewall;
the information center is connected with the DMZ firewall and can receive information sent by a user, the information center comprises a plurality of preset IPs, and the information center can determine a special IP corresponding to a corresponding group client set in the plurality of preset IPs according to a prestored third mapping relation and the plurality of preset IPs and send the information to the DMZ firewall by utilizing the special IP;
the convergence access firewall can also send the information sent by the group client set to the information center corresponding to the group client set according to a second mapping relation between the pre-stored IP of the group client set and the IP of the information center, the DMZ firewall can receive the information sent by the information center and send the information to the convergence access firewall according to the special IP, and the convergence access firewall can receive the information sent by the DMZ firewall and send the information to the group client.
In a fifth aspect of the embodiments of the present invention, an apparatus for sending information is provided, where the apparatus includes: a processor and a memory storing computer program instructions;
the processor, when executing the computer program instructions, implements the method of transmitting information as described above.
In a fourth aspect of the embodiments of the present invention, a computer storage medium is provided, on which computer program instructions are stored, and the computer program instructions, when executed by a processor, implement the method for transmitting information as described above.
The embodiment of the invention provides a method, a device, a system, equipment and a medium for sending information. By enabling the IP of the group client set and the IP of a plurality of group clients to have a first mapping relation in advance and enabling the IP of the group client set and the IP of the information center to have a second mapping relation, the information can be sent to the information center by configuring the network policy according to the IP of the group client set.
Drawings
In order to more clearly illustrate the technical solutions of the embodiments of the present invention, the drawings required to be used in the embodiments of the present invention will be briefly described below, and for those skilled in the art, other drawings can be obtained according to the drawings without creative efforts.
Fig. 1 is a flow chart illustrating a method for sending information according to an embodiment of the present invention;
fig. 2 is a schematic structural diagram illustrating a method for sending information according to an embodiment of the present invention;
fig. 3 is a flowchart illustrating a method for sending information according to another embodiment of the present invention;
fig. 4 is a schematic structural diagram of an apparatus for transmitting information according to an embodiment of the present invention;
fig. 5 is a schematic structural diagram of an information transmitting apparatus according to another embodiment of the present invention;
fig. 6 is a schematic structural diagram of a system for transmitting information according to an embodiment of the present invention;
fig. 7 illustrates a block diagram of an exemplary hardware architecture of a computing device capable of implementing a method and apparatus for transmitting information according to an embodiment of the present invention.
Detailed Description
Features and exemplary embodiments of various aspects of the present invention will be described in detail below, and in order to make objects, technical solutions and advantages of the present invention more apparent, the present invention will be further described in detail below with reference to the accompanying drawings and embodiments. It should be understood that the specific embodiments described herein are merely illustrative of the invention and are not to be construed as limiting the invention. It will be apparent to one skilled in the art that the present invention may be practiced without some of these specific details. The following description of the embodiments is merely intended to provide a better understanding of the present invention by illustrating examples of the present invention.
It is noted that, herein, relational terms such as first and second, and the like may be used solely to distinguish one entity or action from another entity or action without necessarily requiring or implying any actual such relationship or order between such entities or actions. Also, the terms "comprises," "comprising," or any other variation thereof, are intended to cover a non-exclusive inclusion, such that a process, method, article, or apparatus that comprises a list of elements does not include only those elements but may include other elements not expressly listed or inherent to such process, method, article, or apparatus. Without further limitation, an element defined by the phrase "comprising … …" does not exclude the presence of other identical elements in a process, method, article, or apparatus that comprises the element.
The following describes in detail a method, an apparatus, a device and a system for transmitting information according to an embodiment of the present invention with reference to the accompanying drawings. It should be noted that these examples are not intended to limit the scope of the present disclosure.
Referring to fig. 1 and fig. 2 together, fig. 1 is a schematic flow diagram illustrating a method for sending information according to an embodiment of the present invention, and fig. 2 is a schematic structural diagram illustrating the method for sending information according to an embodiment of the present invention. The embodiment of the invention provides a method for sending information, which can be used for enabling group clients to send information to users, and comprises the following steps:
s110, receiving information sent by a group client set, wherein the information comprises an Internet protocol address (IP) of the group client set, and the IP of the group client set and the IPs of a plurality of group clients have a first mapping relation in advance, so that the group clients send the information to the group client set matched with the group clients according to the first mapping relation.
In some embodiments, the information sent by the group client may be received by the converged access firewall, and then the converged access firewall issues the received information. When a group client SP wants to send information, the information sent by the group client SP can be sent to the group client set according to the first mapping relationship between the group client SP and the group client SP, and the information is sent to the convergent access firewall through the group client set.
And S120, sending the information sent by the group client set to the information center corresponding to the group client set according to a second mapping relation between the pre-stored IP of the group client set and the IP of the information center, so that the information center sends the information to the user.
In some embodiments, a second mapping relationship between the IP of the group client set and the IP of the information center is pre-stored in the converged access firewall, and when the converged access firewall receives the information sent by the group client set, the converged access firewall identifies the IP of the group client set and sends the information sent by the group client set to the information center corresponding to the group client set according to the second mapping relationship, so that the information center sends the information to the user.
Optionally, the sending method of the information in the embodiment of the present invention may be a sending method of a multimedia message, the information center may be a multimedia message center, the multimedia message center is a set of relevant network elements that realize a service of sending and receiving the multimedia message by a user, and the multimedia message system sends a message composed of a plain text, a picture, a video, an audio and other media formats to the system platform of the user by using a communication network.
In some embodiments, the number of the clique customer sets is the same as the number of the information centers, and the second mapping relationship is that the IPs of the clique customer sets correspond to the IPs of the information centers one to one. Through the arrangement, the information centers can be effectively utilized, so that the information centers can respectively transmit and receive information corresponding to a group client set, and the traffic of each information center is balanced and stable.
The number of the group client sets can be smaller than that of the information centers, and the second mapping relation is that the IP of the group client sets selectively corresponds to the IP of the information centers. The selective correspondence means: the IP of the group client set with less quantity can be selected from the IP of the information center with more quantity and correspondingly establishes the mapping relation.
In some embodiments, the number of the clique customer sets is greater than the number of the information centers, and the second mapping relationship is that the IPs of two or more clique customer sets correspond to the IPs of one of the information centers. Through reasonable setting of the second mapping relation, the convergence access firewall can rapidly send information to the information center according to the second mapping relation, and the number of network strategies required to be configured by the convergence access firewall is effectively reduced.
In some embodiments, the information center comprises a first information center and a second information center, the information further comprises a target address of the user, so that the information center can judge the information according to the target address,
if the information center judges that the target address is matched with the IP of the first information center, the first information center sends the information to the user matched with the first information center;
and if the information center judges that the target address is matched with the IP of the second information center, the first information center sends the information to the second information center so that the second information center sends the information to the user matched with the second information center.
Specifically, when the information center includes a first information center and a second information center, for example, the first information center is disposed at a place C, the second information center is disposed at a place D, the first information center and the second information center respectively match with corresponding users, at this time, the first information center sends the information to the first user, and the second information center sends the information to the second user. When the convergent access firewall rapidly sends the information to the first information center according to the second mapping relation, the first information center judges the information according to the target address, the first information center judges that the IP of the target address is matched with the IP of the first information center, the first information center directly sends the information to a first user matched with the first information center, and if the first information center judges that the IP of the target address is matched with the IP of the second information center, the first information center sends the information to the second information center, so that the second information center sends the information to a second user matched with the second information center. Through intercommunication among a plurality of information centers, the group client SP can send information to corresponding target users.
In some embodiments, according to a second mapping relation between the pre-stored IP of the clique customer set and the IP of the information center, the information sent by the clique customer set is sent to the isolation zone DMZ firewall in one-to-one correspondence with the information center, so that the DMZ firewall sends the information to the information center. In a specific embodiment, the convergent access firewall sends the information sent by the group client set to the isolation zone DMZ firewalls in one-to-one correspondence with the information centers according to a second mapping relation between the pre-stored IP of the group client set and the IP of the information center, so that the information sent to the information centers is configured with security policies through the DMZ firewalls.
In order to better understand the information sending method of the embodiment of the invention, the sent information is taken as a multimedia message, and an information center is intensively deployed in two large telecommunication cloud areas as an example for explanation.
And a single telecom cloud large area concentrates multimedia message services of a plurality of provinces, and a multimedia message center is in butt joint with the outside through a DMZ firewall of a telecom cloud resource pool. The SP represents group clients, the group client set is connected with the convergence access firewall, and the group clients are in butt joint with the virtualized multimedia message center through the convergence access firewall. Under normal conditions, the convergence access firewall of the place A is a main firewall, and the multimedia messages descending from the group clients are sent down through the convergence access firewall of the place A. Meanwhile, A, B each deploys a convergent access firewall to perform 1+1 backup of the same local address. The two virtualized multimedia message centers work in a load sharing mode and respectively bear services of different provinces. And the convergence firewall sends the downlink multimedia messages to the first information center or the second information center according to a second mapping relation between the pre-stored IP of the group client set and the IP of the information center, and the first information center or the second information center sends the information to the users managed by each information center.
Because the convergent access firewall needs to be in butt joint with a large number of group clients, the network policy configuration number of the firewall is huge and high in complexity, the IP addresses of the group clients are grouped to form a group client set, the number of the group client set can be consistent with that of the information center, for example, the group client set is divided to map the IP addresses of all group clients SP to any one of the two group client set IPs, the convergent access firewall only needs to configure two policies for the two mapped IPs, namely the two IPs are routed to two virtualized multimedia message centers, the network configuration complexity is greatly reduced, and network maintenance is facilitated. For example, as shown in FIG. 2, one of the clique customer sets includes clique customer SP1, clique customer SP2 … clique customer SPn/2, where n is a positive integer. Another clique customer set includes clique customers SP1(n +1)/2 … clique customers SPn. The newly added group client SP only needs to add the existing grouping without making new network strategy and route. The two virtualized information centers are communicated, namely the first information center and the second information center are communicated, so that the problem that different group customer sets issue and receive uplink information across the information centers is solved.
As shown in fig. 2, if a clique client SP1 needs to send a multimedia message to a first user, the clique client SP1 sends the multimedia message to a first clique client set, the first clique client set sends the multimedia message to a local convergence access firewall (a), the local convergence access firewall (a) forwards the information to a DMZ firewall connected to a first information center according to a second mapping relationship, the DMZ firewall sends the information to the first information center, and the first information center sends the information to the first user.
If the group client SP1 needs to send the multimedia message to the second user, the group client SP1 sends the multimedia message to the first group client set, the first group client set sends the multimedia message to the A place convergence access firewall, the A place convergence access firewall forwards the information to the DMZ firewall connected with the first information center according to the second mapping relation, the DMZ firewall sends the information to the first information center, the first information center judges that the target address is matched with the second information center, the target address is sent to the second information center by the first information center, and finally the second information center sends the information to the second user. And the uplink service is similar, the user firstly sends the multimedia message to the home multimedia message center, and then the transmission of the uplink service is realized through the intercommunication of the multimedia message center. It is understood that the downlink service refers to information transmitted from the group client SP to the user, and the uplink service refers to information transmitted from the user to the group client SP.
Further, the user also needs to send information to a target group client, and for the uplink information, such as an uplink multimedia message, that is, a scene where the user sends information to a group client SP, since the multimedia message uses a short connection, when the information center receives the uplink multimedia message, the original route connection of the downlink multimedia message is interrupted, the information center may reach the group client SP through other routes in the network through the DMZ firewall, instead of the DMZ firewall accessing the group client SP through convergence, a "triangular route" will appear in this case, that is, the uplink service route and the downlink service route are inconsistent, which is not beneficial to subsequent operation and maintenance, and when the information reaches the group client SP through other routes in the network, the group client SP needs to additionally put through a new network policy, and part of the group client SP even needs to be cooperatively transformed. If all services are required to pass through the DMZ firewall and then to pass through the convergence access firewall to the group client SP, the DMZ firewall needs to configure a network policy for each group client SP, and the configuration amount is huge and is not beneficial to service opening.
In order to solve the above problem, an embodiment of the present invention further provides a method for sending information, as shown in fig. 3, fig. 3 is a schematic flow chart illustrating a method for sending information according to another embodiment of the present invention. The method is used for enabling a user to send information to group clients, and comprises the following steps:
s310, receiving information sent by a user, wherein the information comprises a target IP of a group client, and the target IP and the IP of a group client set have a first mapping relation so that the group client set can send the information to a corresponding group client.
In some embodiments, the information center may receive information sent by a user, and then the information center may send the information sent by the user in an uplink. Specifically, when the first user wants to send information, the first user sends the information to the corresponding first information center.
S320, according to a third pre-stored mapping relation and a plurality of preset IPs, determining a special IP corresponding to the corresponding group client set in the plurality of preset IPs, wherein the third mapping relation is the corresponding relation between the IPs of the group client set and the preset IPs.
In some embodiments, each information center is pre-allocated with a plurality of preset IPs, and the preset IPs can enable a user to send information in an uplink manner. And the information center determines a special IP corresponding to the group client set corresponding to the target IP in the preset IPs and sends the uplink information by using the special IP.
S330, the information is sent to the DMZ firewall corresponding to the information center by using the special IP, so that the DMZ firewall sends the information to the convergence access firewall according to the special IP and sends the information to the group client set through the convergence access firewall.
Because each information center is connected with a corresponding DMZ firewall, after the information center sends information to the DMZ firewall corresponding to the information center by using a special IP, the DMZ firewall sends the information to the convergence access firewall according to the special IP, the information center is effectively prevented from reaching group clients through other routes in a network after passing through the DMZ firewall, the generation of triangular routes is effectively avoided, and meanwhile, the safety and the consistency of uplink and downlink routes can be ensured.
In some embodiments, sending the information to a DMZ firewall corresponding to the information center using a private IP, such that the DMZ firewall sends the information to the converged access firewall according to the private IP comprises:
and sending the information to a DMZ firewall corresponding to the information center by using the special IP, so that the DMZ firewall maps the special IP into a virtual IP according to the fourth mapping relation, and sends the information comprising the virtual IP to a corresponding convergence access firewall, wherein the virtual IP and the IP of the convergence access firewall have a corresponding relation.
In specific implementation, for example, the private IP of the first information center is a first network IP, the first network IP may be a customized network (private network), the virtual IP may be a public network (public network), and after the DMZ firewall maps the private IP into the virtual IP according to the fourth mapping relationship, the DMZ firewall sends the information to the convergence access firewall through the virtual IP because the virtual IP and the IP of the convergence access firewall have a corresponding relationship.
In some embodiments, after the DMZ firewall maps the private IP into a virtual IP according to the fourth mapping relationship and sends the information including the virtual IP to the corresponding converged access firewall, the converged access firewall can send the information to the group client set according to the virtual IP of the information, and the virtual IP also has a corresponding relationship with the group client set. The convergence access firewall makes a security policy on the mapped virtual IP, so that the information reaches a corresponding group client set, and the group client set sends the information to the group clients according to the target IP. Through the mapping relation, on one hand, the workload of matching strategies and routing is reduced, and on the other hand, the safety of information sending is improved.
In summary, the method for sending information provided by the embodiment of the present invention can solve the problems of large workload and high complexity of network policy configuration after centralized deployment of an information center, and inconsistent routing of uplink information sending service and downlink information sending service, and is convenient for implementing centralized deployment of an information center, such as a multimedia message center.
Referring to fig. 4, fig. 4 is a schematic structural diagram of an information sending apparatus according to an embodiment of the present invention. The embodiment of the present invention further provides an information sending apparatus 400, configured to enable a group client to send information to a user, where the information sending apparatus includes a first receiving module 410 and a first sending module 420.
The first receiving module 410 is configured to receive information sent by a group client set, where the information includes an internet protocol address IP of the group client set, and the IP of the group client set has a first mapping relationship with the IPs of a plurality of group clients in advance, so that the group clients send information to a group client set matched with the group clients according to the first mapping relationship.
In some embodiments, the first receiving module 410 may be a receiving module in a converged access firewall. And receiving the information sent by the group client set through the convergence access firewall, and then sending the received information by the convergence access firewall.
The first sending module 420 is configured to send the information sent by the group client set to the information center corresponding to the group client set according to a second mapping relationship between the pre-stored IP of the group client set and the IP of the information center, so that the information center sends the information to the user.
In some embodiments, the first sending module 410 may be a sending module in an aggregated access firewall. A second mapping relationship between the IPs of the clique customer set and the IPs of the information center may be stored in the converged access firewall in advance, so that the first sending module 410 sends the information to the corresponding information center according to the second mapping relationship.
In some embodiments, the information sending apparatus 400 includes a first information center and a second information center that are connected to each other, and the information further includes a destination address of the user, so that the information center can determine the information according to the destination address, and if the information center determines that the destination address matches the IP of the first information center, the first information center sends the information to the user matching the first information center; and if the information center judges that the target address is matched with the IP of the second information center, the first information center sends the information to the second information center so that the second information center sends the information to the user matched with the second information center.
In specific implementation, the first information center and the second information center are respectively matched with corresponding users, at the moment, the first information center sends information to the first user, and the second information center sends information to the second user. When the first information center receives the information, the first information center judges the information according to the target address of the information, the first information center judges that the target address is matched with the IP of the first information center, the first information center directly sends the information to a first user matched with the first information center, and if the first information center judges that the target address is matched with the IP of a second information center, the first information center sends the information to the second information center, so that the second information center sends the information to a second user matched with the second information center. Through intercommunication among a plurality of information centers, the group client SP can send information to corresponding target users.
Referring to fig. 5, fig. 5 is a schematic structural diagram of an information sending apparatus according to another embodiment of the present invention. The embodiment of the present invention further provides an information sending apparatus 500, configured to enable a user to send information to a group client, where the information sending apparatus includes a second receiving module 510, a determining module 520, and a second sending module 530.
The second receiving module 510 is configured to receive information sent by a user, where the information includes a target IP of a group client SP, and the target IP has a first mapping relationship with an IP of a group client set, so that the group client set can send the information to a corresponding group client SP.
The determining module 520 is configured to determine a dedicated IP corresponding to the corresponding group client set from the plurality of preset IPs according to a prestored third mapping relationship and a plurality of preset IPs, where the third mapping relationship is a corresponding relationship between IPs of the group client set and the preset IPs.
The second sending module 530 is configured to send the information to a DMZ firewall corresponding to the information center using a private IP, so that the DMZ firewall sends the information to the converged access firewall according to the private IP and sends the information to the group client SP through the converged access firewall.
In some embodiments, the second receiving module 510, the determining module 520, and the second sending module 530 may be integrated in an information center, and the user sends the information to the information center, and the information center sends the information up to the group client SP. Because each information center is connected with a corresponding DMZ firewall, after the information center sends information to the DMZ firewall corresponding to the information center by using a special IP, the DMZ firewall sends the information to the convergence access firewall according to the special IP, the information center is effectively prevented from reaching group clients through other routes in a network after passing through the DMZ firewall, the generation of triangular routes is effectively avoided, and meanwhile, the safety and the consistency of uplink and downlink routes can be ensured.
Referring to fig. 6, fig. 6 is a schematic structural diagram of an information sending system according to an embodiment of the present invention. The embodiment of the present invention further provides an information sending system, which is used for sending information between group clients and users, and the information sending system 600 includes a group client aggregation module 610, a convergence access firewall 620, a DMZ firewall 630 and an information center 640.
The clique customer set module 610 includes a clique customer set having a first mapping relationship between IPs of the clique customer set and IPs of a plurality of clique customers so that the clique customer SP can send information to a clique customer set matching the clique customer SP according to the first mapping relationship. The converged access firewall 620 is connected to the clique customer integration module 610 and can receive information transmitted from the clique customer integration module 610. The DMZ firewall 630 can interface with the converged access firewall 620. The information center 640 is connected with the DMZ firewall 630, the information center 640 can receive information sent by a user, the information center includes a plurality of preset IPs, and the information center can determine a dedicated IP corresponding to the corresponding group client set module 610 from the plurality of preset IPs according to a pre-stored third mapping relationship and the plurality of preset IPs, and send the information to the DMZ firewall 630 by using the dedicated IP. The converged access firewall 630 can also send the information sent by the group client set to the information center 640 corresponding to the group client set according to a second mapping relationship between the pre-stored IP of the group client set and the IP of the information center 640, the DMZ firewall 630 can receive the information sent by the information center 640 and send the information to the converged access firewall 620 according to the dedicated IP, and the converged access firewall 620 can receive the information sent by the DMZ firewall 630 and send the information to the group client.
Other details of the information sending system according to the embodiment of the present invention are similar to those of the information sending method according to the embodiment of the present invention described above with reference to fig. 1 to 3, and are not described again here.
The information sending system of the embodiment of the invention can be suitable for the information sending method of any embodiment, and by the arrangement, the problems of large workload, high complexity and inconsistent routes of uplink information sending service and downlink information sending service after centralized deployment of the information center can be solved, and the centralized deployment of the information center, such as a multimedia message center, can be conveniently realized.
In some embodiments, the information center comprises a first information center and a second information center, and when one of the first information center and the second information center fails, the other of the first information center and the second information center is capable of receiving or forwarding information sent to the first information center and the second information center, respectively. The convergence access firewall comprises a first convergence access firewall and a second convergence access firewall, and when one of the first convergence access firewall and the second convergence access firewall breaks down, the other of the first convergence access firewall and the second convergence access firewall can receive or forward information sent to the first convergence access firewall and the second convergence access firewall respectively. Through the arrangement, the problem of disaster tolerance can be solved by utilizing the floating IP.
The first converged access firewall of the a site and the second converged access firewall of the B site perform different-address active-standby disaster tolerance through a floating IP in the aspect of disaster tolerance, that is, when the first converged access firewall of the a site fails and the second converged access firewall of the B site is enabled, the second converged access firewall of the B site uses the same IP address as the first converged access firewall of the a site to connect to the outside.
The first information center and the second information center share the load under the normal condition, bear the whole network service and simultaneously are in the disaster tolerance local direction. When any information center fails, for example, when a first information center fails, a first convergence access firewall connected with the first information center routes downlink services of the failed information center to a normal second information center, thereby realizing downlink service disaster tolerance. For disaster recovery of uplink services, each information center reserves a group of uplink service dedicated IPs for another information center in addition to the dedicated IP allocated for uplink services. When any one information center fails, the normal information center starts a reserved uplink service IP group, when the normal information center receives a user uplink multimedia message served by the failure information center, the reserved IP group is used for sending the uplink multimedia message, the reserved IP is mapped into another or another group of IP in the DMZ firewall to be sent to the convergence access switch, the convergence access switch is manufactured with a safety strategy in advance and is put through, and therefore information is sent to the corresponding group client SP.
The embodiment of the present invention further provides an apparatus for sending information, where the apparatus includes a processor and a memory storing computer program instructions, and when the processor executes the computer program instructions, the apparatus implements the method for sending information according to any of the above embodiments.
The method, apparatus and system for transmitting information according to the embodiments of the present invention described in conjunction with fig. 1 to 6 may be implemented by a transmitting device of information. Fig. 7 is a diagram showing a hardware configuration 700 of a transmitting apparatus of information according to an embodiment of the present invention.
As shown in fig. 7, computing device 700 includes an input device 701, an input interface 702, a central processor 703, a memory 704, an output interface 705, and an output device 706. The input interface 702, the central processing unit 703, the memory 704, and the output interface 705 are connected to each other via a bus 710, and the input device 701 and the output device 706 are connected to the bus 710 via the input interface 702 and the output interface 705, respectively, and further connected to other components of the computing device 700.
Specifically, the input device 701 receives input information from the outside, and transmits the input information to the central processor 703 through the input interface 702; the central processor 703 processes input information based on computer-executable instructions stored in the memory 704 to generate output information, stores the output information temporarily or permanently in the memory 704, and then transmits the output information to the output device 706 through the output interface 705; the output device 706 outputs output information external to the computing device 700 for use by a user.
That is, the computing device shown in fig. 7 may also be implemented with a method, an apparatus, and a system for transmitting information, and the information transmitting device may include: a memory storing computer-executable instructions; and a processor which, when executing computer executable instructions, may implement the method, apparatus and system of transmitting information described in connection with fig. 1-6.
The embodiment of the invention also provides a computer storage medium, wherein the computer storage medium is stored with computer program instructions; the computer program instructions, when executed by a processor, implement a method of transmitting information provided by an embodiment of the invention.
It is to be understood that the invention is not limited to the specific arrangements and instrumentality described above and shown in the drawings. A detailed description of known methods is omitted herein for the sake of brevity. In the above embodiments, several specific steps are described and shown as examples. However, the method processes of the present invention are not limited to the specific steps described and illustrated, and those skilled in the art can make various changes, modifications and additions or change the order between the steps after comprehending the spirit of the present invention.
The functional blocks shown in the above-described structural block diagrams may be implemented as hardware, software, firmware, or a combination thereof. When implemented in hardware, it may be, for example, an electronic circuit, an Application Specific Integrated Circuit (ASIC), suitable firmware, plug-in, function card, or the like. When implemented in software, the elements of the invention are the programs or code segments used to perform the required tasks. The program or code segments may be stored in a machine-readable medium or transmitted by a data signal carried in a carrier wave over a transmission medium or a communication link. A "machine-readable medium" may include any medium that can store or transfer information. Examples of a machine-readable medium include electronic circuits, semiconductor memory devices, ROM, flash memory, Erasable ROM (EROM), floppy disks, CD-ROMs, optical disks, hard disks, fiber optic media, Radio Frequency (RF) links, and so forth. The code segments may be downloaded via computer networks such as the internet, intranet, etc.
It should also be noted that the exemplary embodiments mentioned in this patent describe some methods or systems based on a series of steps or devices. However, the present invention is not limited to the order of the above-described steps, that is, the steps may be performed in the order mentioned in the embodiments, may be performed in an order different from the order in the embodiments, or may be performed simultaneously.
As described above, only the specific embodiments of the present invention are provided, and it can be clearly understood by those skilled in the art that, for convenience and brevity of description, the specific working processes of the system, the module and the unit described above may refer to the corresponding processes in the foregoing method embodiments, and are not described herein again. It should be understood that the scope of the present invention is not limited thereto, and any person skilled in the art can easily conceive various equivalent modifications or substitutions within the technical scope of the present invention, and these modifications or substitutions should be covered within the scope of the present invention.

Claims (13)

1. A method for a group client to send information to a user, comprising:
receiving information sent by a group client set, wherein the information comprises an internet protocol address (IP) of the group client set, and the IP of the group client set and the IPs of a plurality of group clients have a first mapping relation in advance so that the group clients send information to the group client set matched with the group clients according to the first mapping relation;
and sending the information sent by the group client set to the information center corresponding to the group client set according to a second mapping relation between the pre-stored IP of the group client set and the IP of the information center, so that the information center sends the information to the user.
2. The method according to claim 1, wherein the number of the group client sets is the same as the number of the information centers, and the second mapping relationship is a one-to-one correspondence between IPs of the group client sets and IPs of the information centers;
or the number of the group customer sets is smaller than that of the information centers, and the second mapping relation is that the IP of the group customer sets selectively corresponds to the IP of the information centers;
or, the number of the group customer sets is greater than that of the information centers, and the second mapping relationship is that the IP of more than two group customer sets corresponds to the IP of one of the information centers.
3. The method according to claim 1, wherein the information center comprises a first information center and a second information center, the information further comprises a destination address of the user, so that the information center can determine the information according to the destination address,
if the information center judges that the target address is matched with the IP of the first information center, the first information center sends the information to the user matched with the first information center;
and if the information center judges that the target address is matched with the IP of a second information center, the first information center sends the information to the second information center so that the second information center sends the information to the user matched with the second information center.
4. The method according to claim 1, wherein the information sent by the group client set is sent to a quarantine DMZ firewall in one-to-one correspondence with the information center according to a second mapping relationship between pre-stored IP of the group client set and IP of the information center, so that the DMZ firewall sends the information to the information center.
5. A method for enabling a user to send information to group clients, comprising:
receiving information sent by the user, wherein the information comprises a target IP of the group client, and the target IP and the IP of the group client set have a first mapping relation so that the group client set can send the information to the corresponding group client;
determining a dedicated IP corresponding to the group client set in the preset IPs according to a prestored third mapping relation and the preset IPs, wherein the third mapping relation is the corresponding relation between the IPs of the group client set and the preset IPs;
and sending the information to a DMZ firewall corresponding to the information center by using the special IP so that the DMZ firewall sends the information to a convergence access firewall according to the special IP and sends the information to the group client set through the convergence access firewall.
6. The method of claim 5, wherein the sending the information to the DMZ firewall corresponding to the information center using the private IP, so that the DMZ firewall sends the information to the converged access firewall according to the private IP comprises:
and sending the information to a DMZ firewall corresponding to the information center by using the special IP, so that the DMZ firewall maps the special IP into a virtual IP according to a fourth mapping relation, and sends the information comprising the virtual IP to a corresponding convergence access firewall, wherein the virtual IP and the IP of the convergence access firewall have a corresponding relation.
7. The method according to claim 6, wherein the DMZ firewall maps the private IP into a virtual IP according to a fourth mapping relationship, and after sending the information including the virtual IP to a corresponding converged access firewall, the converged access firewall can send the information to the group client set according to the virtual IP of the information, and the virtual IP has a corresponding relationship with the group client set.
8. An information transmission apparatus for a group client to transmit information to a user, comprising:
the system comprises a first receiving module, a second receiving module and a third receiving module, wherein the first receiving module is configured to receive information sent by a group client set, the information comprises an internet protocol address IP of the group client set, and the IP of the group client set and the IP of a plurality of group clients have a first mapping relation in advance so that the group clients send information to a group client set matched with the group clients according to the first mapping relation;
the first sending module is configured to send the information sent by the group customer set to an information center corresponding to the group customer set according to a second mapping relation between the pre-stored IP of the group customer set and the IP of the information center, so that the information center sends the information to the user.
9. An information transmission apparatus for allowing a user to transmit information to a group client, comprising:
a second receiving module configured to receive information sent by the user, wherein the information includes a target IP of the group client, and the target IP has a first mapping relation with an IP of a group client set, so that the group client set can send the information to the corresponding group client;
a determining module, configured to determine, according to a third pre-stored mapping relationship and a plurality of preset IPs, a dedicated IP corresponding to the group client set among the plurality of preset IPs, where the third mapping relationship is a corresponding relationship between the IPs of the group client set and the preset IPs;
and the second sending module is configured to send the information to a DMZ firewall corresponding to the information center by using the private IP, so that the DMZ firewall sends the information to a convergence access firewall according to the private IP and sends the information to the group client through the convergence access firewall.
10. An information transmission system for transmitting information between group clients and users, the information transmission system comprising:
the system comprises a group client set module and a group client set module, wherein the group client set module comprises a group client set, and the IP of the group client set and the IP of a plurality of group clients have a first mapping relation so that the group clients can send information to a group client set matched with the group clients according to the first mapping relation;
the convergence access firewall is connected with the group client set module and can receive the information sent by the group client set;
a DMZ firewall connectable with the converged access firewall;
the information center is connected with the DMZ firewall and can receive information sent by the user, the information center comprises a plurality of preset IPs, and the information center can determine a special IP corresponding to the corresponding group client set in the preset IPs according to a prestored third mapping relation and the preset IPs and send the information to the DMZ firewall by using the special IP;
the convergent access firewall can also send information sent by the group client set to an information center corresponding to the group client set according to a second mapping relation between the pre-stored IP of the group client set and the pre-stored IP of the information center, the DMZ firewall can receive the information sent by the information center and send the information to the convergent access firewall according to the special IP, and the convergent access firewall can receive the information sent by the DMZ firewall and send the information to the group client.
11. The information transmission system according to claim 10, wherein the information center includes a first information center and a second information center, and when one of the first information center and the second information center malfunctions, the other of the first information center and the second information center can receive or forward information transmitted to the first information center and the second information center, respectively;
the convergence access firewall comprises a first convergence access firewall and a second convergence access firewall, and when one of the first convergence access firewall and the second convergence access firewall breaks down, the other of the first convergence access firewall and the second convergence access firewall can receive or forward information sent to the first convergence access firewall and the second convergence access firewall respectively.
12. An apparatus for transmission of information, the apparatus comprising: a processor and a memory storing computer program instructions;
the processor, when executing the computer program instructions, implements a method of transmitting information as claimed in any of claims 1-4 or as claimed in any of claims 5-7.
13. A computer storage medium having computer program instructions stored thereon which, when executed by a processor, implement a method of transmitting information as claimed in any one of claims 1 to 4 or claims 5 to 7.
CN202010298839.3A 2020-04-16 2020-04-16 Information sending method, device, system, equipment and medium Active CN113556694B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202010298839.3A CN113556694B (en) 2020-04-16 2020-04-16 Information sending method, device, system, equipment and medium

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202010298839.3A CN113556694B (en) 2020-04-16 2020-04-16 Information sending method, device, system, equipment and medium

Publications (2)

Publication Number Publication Date
CN113556694A true CN113556694A (en) 2021-10-26
CN113556694B CN113556694B (en) 2022-12-13

Family

ID=78100933

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202010298839.3A Active CN113556694B (en) 2020-04-16 2020-04-16 Information sending method, device, system, equipment and medium

Country Status (1)

Country Link
CN (1) CN113556694B (en)

Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2009030079A1 (en) * 2007-09-06 2009-03-12 Zte Corporation Method and system of sending and receiving a short message in a trunking communication system
US20090086725A1 (en) * 2006-06-09 2009-04-02 Huawei Technologies Co., Ltd. Method and system for transmitting message service data
CN102868982A (en) * 2012-10-08 2013-01-09 上海帜讯信息技术有限公司 Mobile terminal oriented method for forwarding information and enabling enterprise to acquire mutual information
CN104540105A (en) * 2014-12-31 2015-04-22 北京无线天利移动信息技术股份有限公司 Uplink and downlink transmission method and system for mobile information
CN105898720A (en) * 2015-01-26 2016-08-24 中国移动通信集团广东有限公司 Short message processing method, device and system
WO2016190726A1 (en) * 2015-05-26 2016-12-01 Linkdood Technologies Sdn Bhd Enterprise-level secured instant messaging(im) system and method that supports cloud deployment

Patent Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20090086725A1 (en) * 2006-06-09 2009-04-02 Huawei Technologies Co., Ltd. Method and system for transmitting message service data
WO2009030079A1 (en) * 2007-09-06 2009-03-12 Zte Corporation Method and system of sending and receiving a short message in a trunking communication system
CN102868982A (en) * 2012-10-08 2013-01-09 上海帜讯信息技术有限公司 Mobile terminal oriented method for forwarding information and enabling enterprise to acquire mutual information
CN104540105A (en) * 2014-12-31 2015-04-22 北京无线天利移动信息技术股份有限公司 Uplink and downlink transmission method and system for mobile information
CN105898720A (en) * 2015-01-26 2016-08-24 中国移动通信集团广东有限公司 Short message processing method, device and system
WO2016190726A1 (en) * 2015-05-26 2016-12-01 Linkdood Technologies Sdn Bhd Enterprise-level secured instant messaging(im) system and method that supports cloud deployment

Also Published As

Publication number Publication date
CN113556694B (en) 2022-12-13

Similar Documents

Publication Publication Date Title
CN110401588B (en) Method and system for realizing VPC (virtual private network) peer-to-peer connection in public cloud platform based on openstack
CN110535760B (en) Forwarding detection of aggregated interfaces
KR100680888B1 (en) Virtual multicast routing for a cluster having state synchronization
CN103873378B (en) There is central controlled converging network
JP3286584B2 (en) Multiplexed router device
WO2019076295A1 (en) Method for processing message, device, and system
CN111817869B (en) Network configuration recovery method and related equipment thereof
CN103209108B (en) A kind of route generating method based on DVPN and equipment
KR20120052981A (en) Method and system for deploying at least one virtual network on the fly and on demand
CN110417665B (en) EVPN networking system and method for multiple Fabric scenes of data center
CN113965505A (en) Method for cloud host intercommunication among different virtual private networks and implementation architecture
JP2019519146A (en) Routing establishment, packet transmission
CN109788018B (en) Cross-domain service intercommunication method, network equipment and storage medium
CN110336730A (en) A kind of network system and data transmission method
CN114401274B (en) Communication line creation method, device, equipment and readable storage medium
CN101692654B (en) Method, system and equipment for HUB-Spoken networking
CN112995027B (en) Route publishing method and VTEP node
CN103107942B (en) The tracking of a kind of static routing and equipment
CN113556694B (en) Information sending method, device, system, equipment and medium
CN112671811B (en) Network access method and equipment
CN115665026A (en) Cluster networking method and device
Cisco Introduction to Cisco Router Configuration Cisco Internetwork Operating System Release 10.3
CN111953786A (en) System, method and device for recording messages in whole network, network equipment and storage medium
CN113163276A (en) Method, device and system for issuing routing information
CN116319514B (en) Data processing method and related device

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant