CN117376662B - Cluster type video safety boundary exchange method and device - Google Patents
Cluster type video safety boundary exchange method and device Download PDFInfo
- Publication number
- CN117376662B CN117376662B CN202311679532.8A CN202311679532A CN117376662B CN 117376662 B CN117376662 B CN 117376662B CN 202311679532 A CN202311679532 A CN 202311679532A CN 117376662 B CN117376662 B CN 117376662B
- Authority
- CN
- China
- Prior art keywords
- node
- signaling
- load balancing
- gateway
- address
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
- 238000000034 method Methods 0.000 title claims abstract description 65
- 230000011664 signaling Effects 0.000 claims abstract description 87
- 238000005516 engineering process Methods 0.000 claims abstract description 8
- 230000008569 process Effects 0.000 claims description 24
- 238000006243 chemical reaction Methods 0.000 claims description 21
- 230000004044 response Effects 0.000 claims description 13
- 238000001514 detection method Methods 0.000 claims description 2
- 230000005540 biological transmission Effects 0.000 abstract description 11
- 230000004907 flux Effects 0.000 abstract description 6
- 230000003993 interaction Effects 0.000 abstract description 4
- 230000000694 effects Effects 0.000 abstract description 3
- 238000011084 recovery Methods 0.000 abstract description 3
- 238000012545 processing Methods 0.000 description 5
- 238000010586 diagram Methods 0.000 description 3
- 230000006870 function Effects 0.000 description 2
- 230000004075 alteration Effects 0.000 description 1
- 230000009286 beneficial effect Effects 0.000 description 1
- 230000000977 initiatory effect Effects 0.000 description 1
- 230000009545 invasion Effects 0.000 description 1
- 238000012805 post-processing Methods 0.000 description 1
- 238000007781 pre-processing Methods 0.000 description 1
- 230000003068 static effect Effects 0.000 description 1
- 238000006467 substitution reaction Methods 0.000 description 1
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04N—PICTORIAL COMMUNICATION, e.g. TELEVISION
- H04N21/00—Selective content distribution, e.g. interactive television or video on demand [VOD]
- H04N21/60—Network structure or processes for video distribution between server and client or between remote clients; Control signalling between clients, server and network components; Transmission of management data between server and client, e.g. sending from server to client commands for recording incoming content stream; Communication details between server and client
- H04N21/63—Control signaling related to video distribution between client, server and network components; Network processes for video distribution between server and clients or between remote clients, e.g. transmitting basic layer and enhancement layers over different transmission paths, setting up a peer-to-peer communication via Internet between remote STB's; Communication protocols; Addressing
- H04N21/647—Control signaling between network components and server or clients; Network processes for video distribution between server and clients, e.g. controlling the quality of the video stream, by dropping packets, protecting content from unauthorised alteration within the network, monitoring of network load, bridging between two different networks, e.g. between IP and wireless
- H04N21/64784—Data processing by the network
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L41/00—Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
- H04L41/06—Management of faults, events, alarms or notifications
- H04L41/0654—Management of faults, events, alarms or notifications using network fault recovery
- H04L41/0659—Management of faults, events, alarms or notifications using network fault recovery by isolating or reconfiguring faulty entities
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L41/00—Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
- H04L41/06—Management of faults, events, alarms or notifications
- H04L41/0654—Management of faults, events, alarms or notifications using network fault recovery
- H04L41/0663—Performing the actions predefined by failover planning, e.g. switching to standby network elements
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04N—PICTORIAL COMMUNICATION, e.g. TELEVISION
- H04N21/00—Selective content distribution, e.g. interactive television or video on demand [VOD]
- H04N21/60—Network structure or processes for video distribution between server and client or between remote clients; Control signalling between clients, server and network components; Transmission of management data between server and client, e.g. sending from server to client commands for recording incoming content stream; Communication details between server and client
- H04N21/63—Control signaling related to video distribution between client, server and network components; Network processes for video distribution between server and clients or between remote clients, e.g. transmitting basic layer and enhancement layers over different transmission paths, setting up a peer-to-peer communication via Internet between remote STB's; Communication protocols; Addressing
- H04N21/64—Addressing
- H04N21/6402—Address allocation for clients
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04N—PICTORIAL COMMUNICATION, e.g. TELEVISION
- H04N21/00—Selective content distribution, e.g. interactive television or video on demand [VOD]
- H04N21/60—Network structure or processes for video distribution between server and client or between remote clients; Control signalling between clients, server and network components; Transmission of management data between server and client, e.g. sending from server to client commands for recording incoming content stream; Communication details between server and client
- H04N21/63—Control signaling related to video distribution between client, server and network components; Network processes for video distribution between server and clients or between remote clients, e.g. transmitting basic layer and enhancement layers over different transmission paths, setting up a peer-to-peer communication via Internet between remote STB's; Communication protocols; Addressing
- H04N21/643—Communication protocols
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04N—PICTORIAL COMMUNICATION, e.g. TELEVISION
- H04N21/00—Selective content distribution, e.g. interactive television or video on demand [VOD]
- H04N21/60—Network structure or processes for video distribution between server and client or between remote clients; Control signalling between clients, server and network components; Transmission of management data between server and client, e.g. sending from server to client commands for recording incoming content stream; Communication details between server and client
- H04N21/63—Control signaling related to video distribution between client, server and network components; Network processes for video distribution between server and clients or between remote clients, e.g. transmitting basic layer and enhancement layers over different transmission paths, setting up a peer-to-peer communication via Internet between remote STB's; Communication protocols; Addressing
- H04N21/647—Control signaling between network components and server or clients; Network processes for video distribution between server and clients, e.g. controlling the quality of the video stream, by dropping packets, protecting content from unauthorised alteration within the network, monitoring of network load, bridging between two different networks, e.g. between IP and wireless
- H04N21/64723—Monitoring of network processes or resources, e.g. monitoring of network load
- H04N21/6473—Monitoring network processes errors
Landscapes
- Engineering & Computer Science (AREA)
- Signal Processing (AREA)
- Computer Networks & Wireless Communication (AREA)
- Multimedia (AREA)
- Computer Security & Cryptography (AREA)
- Data Exchanges In Wide-Area Networks (AREA)
Abstract
The application relates to the technical field of data interaction, solves the problems of performance bottleneck and single point of failure caused by a single link in the prior art, and discloses a cluster video security boundary exchange method and device, wherein the method comprises the following steps: providing unique exposed IP addresses to producers and consumers in a cluster through virtual IP technology; receiving a signaling request sent by a producer or a consumer through a load balancing program, and forwarding the signaling request to a signaling engine according to a preset strategy; judging whether the signaling request is a code stream negotiation data packet or not; after the gateway or the node is found to be faulty, judging whether the fault is a flow node or a management node, wherein the method can achieve the disaster recovery effect by adopting a multi-link cluster structure, and when part of equipment is faulty, the service cannot be interrupted, and secondly, as the multi-link is used for simultaneously transmitting the service, larger data flux can be transmitted in the same cross-network transmission boundary.
Description
Technical Field
The application relates to the technical field of data interaction, in particular to a method and a device for exchanging a cluster video security boundary.
Background
In the cross-network transmission of video media streams, a national standard transmission protocol is required to complete video security transmission. The national standard protocol is divided into two protocols, namely sip signaling (hereinafter referred to as signaling) and rtp streaming media (hereinafter referred to as streaming media). The signaling is interacted to complete the negotiation work of video media stream ports before the video stream is requested, due to the importance of control signaling, producers and consumers at two ends of a video security cluster exchange boundary (hereinafter referred to as video boundary) need to authenticate five-tuple information of the video boundary, namely, the producer has and only has one video boundary connected with the producer, the consumer has and only has one address connected with the producer, the consumer can only provide service and data exchange in a single link form in the video boundary, the performance bottleneck and single point failure problem exist, namely, due to the fact that service and data interaction are provided in a single link form, the data flux transmitted in the same cross-network transmission boundary is limited, the service is interrupted when part of equipment fails, and the disaster tolerance capability is poor.
Disclosure of Invention
The invention aims to solve the performance bottleneck and single-point fault problem caused by a single link in the prior art and provides a cluster video security boundary exchange method and device.
In a first aspect, a method for exchanging a cluster video security boundary is provided, including:
providing unique exposed IP addresses for producers and consumers in a cluster through a virtual IP technology, wherein the unique exposed IP addresses are used for receiving messages sent by an upper-level platform or a lower-level platform, and the cluster comprises a plurality of groups of post-processors, gateways and pre-processors;
receiving a signaling request sent by a producer or a consumer through a load balancing program, and forwarding the signaling request to a signaling engine according to a preset strategy;
judging whether the signaling request is a code stream negotiation data packet or not;
responding to the judgment result, completing the address conversion process of the gateway by the signaling engine, and transmitting the address conversion process of the gateway to the signaling engine of the opposite terminal through the gateway, and then transmitting the address conversion process of the gateway to the producer or the consumer through the load balancing program of the opposite terminal;
if the result is yes, modifying the data packet session description protocol of the signaling request, modifying the sending address sent to the consumer or the receiving address sent to the producer into the IP address exposed by the node where the current signaling engine is located, and creating a temporary stream media proxy channel according to the actual sending address and receiving address to complete the protocol checking and proxy work of the stream media;
after the gateway or the node is found to be faulty, judging whether the faulty node is a flow node or a management node;
in response to a failure of a traffic node, the traffic node is disconnected in a forwarding channel by a load balancing program, and traffic in the traffic node is distributed to other nodes;
in response to a failure being a management node, the flow node is upgraded to the management node and a backup load balancing procedure for the flow node is enabled to take on signaling load and distribution work.
Further, the load balancing program comprises an LBa load balancing program and an LBb load balancing program.
Further, the preset strategy comprises a random strategy, a polling strategy and a loading strategy.
Further, the opposite end is a front-end processor or a rear-end processor.
Further, the protocol detection includes checking whether the video streaming media is a PS encapsulated RTP stream.
Further, the management node is a node where the load balancing program is located, and the flow node is a node where the load balancing program is not located.
Furthermore, if the management node fails, the traffic nodes cannot receive the heartbeat message sent by the management node, so that all traffic nodes generate a new management node through election, and a spare load balancing program of the new management node is started to bear signaling load and distribute work.
In a second aspect, a clustered video security border switching apparatus is provided, including:
the system comprises an IP configuration module, a server and a client, wherein the IP configuration module is used for providing unique exposed IP addresses for a producer and a consumer in a cluster through a virtual IP technology, and the unique exposed IP addresses are used for receiving messages sent by an upper-level platform or a lower-level platform;
the receiving module is used for receiving a signaling request sent by a producer or a consumer through a load balancing program and forwarding the signaling request to the signaling engine according to a preset strategy;
the first judging module is used for judging whether the signaling request is a code stream negotiation data packet or not;
responding to the judgment result, completing the address conversion process of the gateway by the signaling engine, and transmitting the address conversion process of the gateway to the signaling engine of the opposite terminal through the gateway, and then transmitting the address conversion process of the gateway to the producer or the consumer through the load balancing program of the opposite terminal;
if the result is yes, modifying the data packet session description protocol of the signaling request, modifying the sending address sent to the consumer or the receiving address sent to the producer into the IP address exposed by the node where the current signaling engine is located, and creating a temporary stream media proxy channel according to the actual sending address and receiving address to complete the protocol checking and proxy work of the stream media;
the second judging module is used for judging whether the fault occurs to the flow node or the management node after the gateway or the node is found to be faulty;
in response to a failure of a traffic node, the traffic node is disconnected in a forwarding channel by a load balancing program, and traffic in the traffic node is distributed to other nodes;
in response to a failure being a management node, the flow node is upgraded to the management node and a backup load balancing procedure for the flow node is enabled to take on signaling load and distribution work.
In a third aspect, a computer readable storage medium is provided, the computer readable medium storing program code for execution by a device, the program code comprising steps for performing the method as in any one of the implementations of the first aspect.
In a fourth aspect, there is provided an electronic device comprising a processor, a memory and a program or instruction stored on the memory and executable on the processor, which when executed by the processor implements a method as in any of the implementations of the first aspect.
The application has the following beneficial effects: according to the method and the system, the disaster recovery effect can be achieved by adopting the multilink cluster structure, when part of equipment fails, the service cannot be interrupted, secondly, as the multilink is used for transmitting the service simultaneously, larger data flux can be transmitted in the same cross-network transmission boundary, in addition, only one transmission service can be configured in the same platform and the same platform cascade, and the larger flux can improve the operation efficiency of the platform and make the platform larger.
Drawings
The accompanying drawings, which are included to provide a further understanding of the application, illustrate and explain the application and are not to be construed as limiting the application.
In order to more clearly illustrate the technical solutions of the embodiments of the present application, the drawings that are needed in the description of the embodiments will be briefly introduced below, and it is obvious that the drawings in the following description are only some embodiments of the present application, and that other drawings may be obtained according to these drawings without inventive effort for a person skilled in the art.
Fig. 1 is a flowchart of a clustered video security boundary exchange method of embodiment 1 of the present application;
fig. 2 is a block diagram of a cluster in the clustered video security boundary exchange method of embodiment 1 of the present application;
fig. 3 is a block diagram of a trunking video security border switching device according to embodiment 2 of the present application;
fig. 4 is a schematic diagram of the internal structure of the electronic device of embodiment 4 of the present application.
Reference numerals:
100. an IP configuration module; 200. a receiving module; 300. a first judgment module; 400. and a second judging module.
Detailed Description
The following description of the embodiments of the present invention will be made clearly and completely with reference to the accompanying drawings, in which it is apparent that the embodiments described are only some embodiments of the present invention, but not all embodiments. All other embodiments, which can be made by those skilled in the art based on the embodiments of the invention without making any inventive effort, are intended to be within the scope of the invention.
Example 1
The method for exchanging the security boundary of the clustered video according to embodiment 1 of the present application includes: providing unique exposed IP addresses for producers and consumers in a cluster through a virtual IP technology, wherein the unique exposed IP addresses are used for receiving messages sent by an upper-level platform or a lower-level platform, and the cluster comprises a plurality of groups of post-processors, gateways and pre-processors; receiving a signaling request sent by a producer or a consumer through a load balancing program, and forwarding the signaling request to a signaling engine according to a preset strategy; judging whether the signaling request is a code stream negotiation data packet or not; responding to the judgment result, completing the address conversion process of the gateway by the signaling engine, and transmitting the address conversion process of the gateway to the signaling engine of the opposite terminal through the gateway, and then transmitting the address conversion process of the gateway to the producer or the consumer through the load balancing program of the opposite terminal; if the result is yes, modifying the data packet session description protocol of the signaling request, modifying the sending address sent to the consumer or the receiving address sent to the producer into the IP address exposed by the node where the current signaling engine is located, and creating a temporary stream media proxy channel according to the actual sending address and receiving address to complete the protocol checking and proxy work of the stream media; after the gateway or the node is found to be faulty, judging whether the faulty node is a flow node or a management node; in response to a failure of a traffic node, the traffic node is disconnected in a forwarding channel by a load balancing program, and traffic in the traffic node is distributed to other nodes; in response to a failure being a management node, the flow node is upgraded to the management node and a backup load balancing procedure for the flow node is enabled to take on signaling load and distribution work.
Specifically, fig. 1 shows a flowchart of a method for switching a security boundary of a clustered video in application embodiment 1, including:
s101, providing unique exposure IP addresses (namely virtual IP) for a producer and a consumer in a cluster through a virtual IP technology, wherein the unique exposure IP addresses are used for receiving messages sent by an upper-level platform or a lower-level platform, and the cluster comprises a plurality of groups of post-processors, gateways and pre-processors;
the unique exposed IP address may be configured on any one of the machines such as the post-machine and the pre-machine, where the node having the virtual IP on both sides is referred to as a management node, and the other nodes having no virtual IP are referred to as a traffic node.
S102, receiving a signaling request sent by a producer or a consumer through a load balancing program, and forwarding the signaling request to a signaling engine according to a preset strategy;
specifically, when a registration signaling request generated by a producer or an on-demand signaling request sent by a consumer is received by a load balancing program (for example, an LBa program and an LBb program), the signaling is forwarded to any signaling engine signaling_engine program in a front-end processor or a rear-end processor according to a preset strategy such as random/polling/loading, and the load balancing program is responsible for receiving the signaling sent by an upper-level video platform and a lower-level video platform and forwarding the signaling to other links according to logic, wherein a node where the load balancing program is located is called a master node.
It should be noted that, as shown in fig. 2, the policy is to find the target node of the message in the reverse process of sending to 2-1 or 2-2 or sending back from the lower platform to the front-end processor 5-1, 5-2, and randomly is to randomly screen, for example: the post-processor 3 is used as a target node of the signaling; the polling is that the post-processor 1, the post-processor 2 and the post-processor 3 poll and receive the message; according to the different markets of streaming media request contained in the sip message, the load pressures of the three channels in fig. 2 are different, and the balance is to calculate the load pressures of the three links and send the load pressures to the links with smaller pressure.
S103, judging whether the signaling request is a code stream negotiation data packet or not;
responding to the judging result, completing the address conversion process (namely NAT process, network Address Translation) of the gateway (namely ALG, application Level Gateway) by the signaling engine, and transmitting the address conversion process of the gateway to the signaling engine of the opposite terminal through the gateway, and then transmitting the address conversion process of the gateway to the producer or the consumer through the load balancing program of the opposite terminal;
it should be noted that, the opposite end is a post-processor or a pre-processor, for example: if the current end is the rear-end machine 1, the opposite end is the front-end machine 1; if the current end is the front-end processor 2, the opposite end is the rear-end processor 2; if the current end is the rear-end machine 2, the opposite end is the front-end machine 2.
If the result is yes, modifying the data packet session description protocol (namely SDP, session Description Protocol) of the signaling request, modifying the sending address sent to the consumer or the receiving address sent to the producer into the IP address exposed by the node where the current signaling engine is located, and creating a temporary streaming media proxy channel according to the actual sending address and receiving address to complete the protocol checking and proxy work of the streaming media, wherein the protocol checking is to check whether the video streaming media is RTP flow (corresponding to the specification of the transmission protocol) packaged by PS, preventing security events such as malicious code invasion and the like;
s104, judging whether a fault occurs to a flow node or a management node after the load balancing program at two ends (namely a front-end processor and a rear-end processor) discovers the fault of a gateway or the node;
responding to the failure of a flow node, disconnecting the flow node in a forwarding channel by a load balancing program, and distributing the flow in the flow node to other nodes, wherein the flow refers to a media flow sent to an upper platform by a lower platform through signaling interaction, and the media flow is also called as flow;
in response to a failure being a management node, the flow node is upgraded to the management node and a backup load balancing procedure for the flow node is enabled to take on signaling load and distribution work.
If the management node fails, the traffic node cannot receive the heartbeat message (i.e., vrrp heartbeat message) sent by the management node, and then all traffic nodes generate a new management node through election, and start a load balancing program for standby of the new management node to bear signaling load and distribution work.
As shown in fig. 2, taking three groups of post-processing machines, gateway and pre-processing machines as examples, in the signaling distribution stage, an upper-level video platform (i.e. producer) will send sip signaling (Session Initiation Protocol) to a load balancing program (1) of a master node, and send the sip signaling to different cluster nodes for transmission (2-1, 2-2) through the load balancing program, and then after passing through the gateway (3-1, 3-2, 3-3, 4-1, 4-2, 4-3) by using a solid-state switch read-write medium with multiple control functions to connect information security devices of two independent host systems, the signaling still needs to be sent to the master node (5-1, 5-2) with the load balancing device at the opposite end, and is sent to the lower video platform (6) (i.e. consumer) through a unified port, wherein the signaling is modified before being sent to the node through 2-1, 2-2 and before being sent to the master controller through 5-1, 5-2, the destination address of the negotiation streaming media is transmitted from the front end processor 1, the front end processor 2 and the front end processor 3, and in the media streaming stage, the lower video platform sending streams are respectively sent to the upper video platform from the front end processor, the gateway and the rear end processor according to the current negotiation process.
In the embodiment, a multi-link cluster structure is adopted, so that a disaster recovery effect can be achieved, when part of equipment fails, the service cannot be interrupted, and secondly, as the multi-link is used for simultaneously transmitting the service, larger data flux can be transmitted in the same cross-network transmission boundary, in addition, only one transmission service can be configured in the same platform and the same platform cascade, and the larger flux can improve the operation efficiency of the platform and make the platform larger.
Example 2
As shown in fig. 3, a trunking video security border switching device according to embodiment 2 of the present application includes:
an IP configuration module 100, configured to provide a unique exposed IP address to a producer and a consumer in a cluster through a virtual IP technology, where the unique exposed IP address is used to receive a message sent by an upper platform or a lower platform;
the receiving module 200 is configured to receive a signaling request sent by a producer or a consumer through a load balancing procedure, and forward the signaling request to a signaling engine according to a preset policy;
a first judging module 300, configured to judge whether the signaling request is a code stream negotiation packet;
responding to the judgment result, completing the address conversion process of the gateway by the signaling engine, and transmitting the address conversion process of the gateway to the signaling engine of the opposite terminal through the gateway, and then transmitting the address conversion process of the gateway to the producer or the consumer through the load balancing program of the opposite terminal;
if the result is yes, modifying the data packet session description protocol of the signaling request, modifying the sending address sent to the consumer or the receiving address sent to the producer into the IP address exposed by the node where the current signaling engine is located, and creating a temporary stream media proxy channel according to the actual sending address and receiving address to complete the protocol checking and proxy work of the stream media;
a second judging module 400, configured to judge whether the gateway or the node fails or not is a traffic node or a management node after the gateway or the node is found to fail;
in response to a failure of a traffic node, the traffic node is disconnected in a forwarding channel by a load balancing program, and traffic in the traffic node is distributed to other nodes;
in response to a failure being a management node, the flow node is upgraded to the management node and a backup load balancing procedure for the flow node is enabled to take on signaling load and distribution work.
It should be noted that, for other specific embodiments of the clustered video security boundary switching apparatus in the embodiments of the present invention, reference may be made to the specific embodiments of the clustered video security boundary switching method described above, and for avoiding redundancy, details are not repeated herein.
Example 3
A computer readable storage medium according to embodiment 3 of the present application stores program code for execution by a device, the program code including steps for performing the method in any one of the implementations of embodiment 1 of the present application;
wherein the computer readable storage medium may be a Read Only Memory (ROM), a static storage device, a dynamic storage device, or a random access memory (random access memory, RAM); the computer readable storage medium may store program code which, when executed by a processor, is adapted to perform the steps of a method as in any one of the implementations of embodiment 1 of the present application.
Example 4
As shown in fig. 4, embodiment 4 of the present application relates to an electronic device, where the electronic device includes a processor, a memory, and a program or an instruction stored on the memory and executable on the processor, where the program or the instruction implements a method as in any implementation of embodiment 1 of the present application when executed by the processor;
the processor may be a general-purpose central processing unit (central processing unit, CPU), microprocessor, application specific integrated circuit (application specific integrated circuit, ASIC), graphics processor (graphics processing unit, GPU) or one or more integrated circuits for executing relevant programs to implement the methods of any of the implementations of embodiment 1 of the present application.
The processor may also be an integrated circuit electronic device with signal processing capabilities. In implementation, each step of the method in any implementation of embodiment 1 of the present application may be implemented by an integrated logic circuit of hardware in a processor or an instruction in a software form.
The processor may also be a general purpose processor, a digital signal processor, an Application Specific Integrated Circuit (ASIC), an off-the-shelf programmable gate array (field programmable gate array, FPGA) or other programmable logic device, a discrete gate or transistor logic device, a discrete hardware component. The disclosed methods, steps, and logic blocks in the embodiments of the present application may be implemented or performed. A general purpose processor may be a microprocessor or the processor may be any conventional processor or the like. The steps of the method disclosed in connection with the embodiments of the present application may be embodied directly in a hardware decoding processor or in a combination of hardware and software modules in the decoding processor. The software modules may be located in a random access memory, flash memory, read only memory, programmable read only memory, or electrically erasable programmable memory, registers, etc. as well known in the art. The storage medium is located in a memory, and the processor reads information in the memory, and in combination with its hardware, performs functions necessary for execution by the units included in the data processing apparatus of the embodiment of the present application, or executes a method in any implementation manner of embodiment 1 of the present application.
The above is only a preferred embodiment of the present application; the scope of protection of the present application is not limited in this respect. Any person skilled in the art, within the technical scope of the present disclosure, shall cover the protection scope of the present application by making equivalent substitutions or alterations to the technical solution and the improved concepts thereof.
Claims (10)
1. A clustered video security boundary switching method, comprising:
providing unique exposed IP addresses for producers and consumers in a cluster through a virtual IP technology, wherein the unique exposed IP addresses are used for receiving messages sent by an upper-level platform or a lower-level platform, and the cluster comprises a plurality of groups of post-processors, gateways and pre-processors;
receiving a signaling request sent by a producer or a consumer through a load balancing program, and forwarding the signaling request to a signaling engine according to a preset strategy;
judging whether the signaling request is a code stream negotiation data packet or not;
responding to the judgment result, completing the address conversion process of the gateway by the signaling engine, and transmitting the address conversion process of the gateway to the signaling engine of the opposite terminal through the gateway, and then transmitting the address conversion process of the gateway to the producer or the consumer through the load balancing program of the opposite terminal;
if the result is yes, modifying the data packet session description protocol of the signaling request, modifying the sending address sent to the consumer or the receiving address sent to the producer into the IP address exposed by the node where the current signaling engine is located, and creating a temporary stream media proxy channel according to the actual sending address and receiving address to complete the protocol checking and proxy work of the stream media;
after the gateway or the node is found to be faulty, judging whether the faulty node is a flow node or a management node;
in response to a failure of a traffic node, the traffic node is disconnected in a forwarding channel by a load balancing program, and traffic in the traffic node is distributed to other nodes;
in response to a failure being a management node, the flow node is upgraded to the management node and a backup load balancing procedure for the flow node is enabled to take on signaling load and distribution work.
2. The clustered video security boundary switching method of claim 1, wherein the load balancing program comprises an LBa load balancing program and an LBb load balancing program.
3. The clustered video security boundary switching method of claim 1, wherein the preset policy includes a random policy, a polling policy, and a loading policy.
4. The method for exchanging a security boundary of a clustered video of claim 1, wherein the opposite terminal is a front-end processor or a back-end processor.
5. The clustered video security boundary switching method of claim 1, wherein the protocol detection includes checking whether the video streaming media is a PS encapsulated RTP stream.
6. The method for switching a security boundary of a clustered video according to claim 1, wherein the management node is a node where a load balancing program is located, and the traffic node is a node where the load balancing program is not located.
7. The method according to claim 1, wherein if the management node fails, the traffic nodes cannot receive the heartbeat message sent by the management node, and all traffic nodes generate a new management node by electing, and start a load balancing program for standby of the new management node to bear signaling load and distribute work.
8. A clustered video security border switching apparatus, comprising:
the system comprises an IP configuration module, a server and a client, wherein the IP configuration module is used for providing unique exposed IP addresses for a producer and a consumer in a cluster through a virtual IP technology, and the unique exposed IP addresses are used for receiving messages sent by an upper-level platform or a lower-level platform;
the receiving module is used for receiving a signaling request sent by a producer or a consumer through a load balancing program and forwarding the signaling request to the signaling engine according to a preset strategy;
the first judging module is used for judging whether the signaling request is a code stream negotiation data packet or not;
responding to the judgment result, completing the address conversion process of the gateway by the signaling engine, and transmitting the address conversion process of the gateway to the signaling engine of the opposite terminal through the gateway, and then transmitting the address conversion process of the gateway to the producer or the consumer through the load balancing program of the opposite terminal;
if the result is yes, modifying the data packet session description protocol of the signaling request, modifying the sending address sent to the consumer or the receiving address sent to the producer into the IP address exposed by the node where the current signaling engine is located, and creating a temporary stream media proxy channel according to the actual sending address and receiving address to complete the protocol checking and proxy work of the stream media;
the second judging module is used for judging whether the fault occurs to the flow node or the management node after the gateway or the node is found to be faulty;
in response to a failure of a traffic node, the traffic node is disconnected in a forwarding channel by a load balancing program, and traffic in the traffic node is distributed to other nodes;
in response to a failure being a management node, the flow node is upgraded to the management node and a backup load balancing procedure for the flow node is enabled to take on signaling load and distribution work.
9. A computer readable storage medium storing program code for execution by a device, the program code comprising steps for performing the method of any one of claims 1-7.
10. An electronic device comprising a processor, a memory, and a program or instruction stored on the memory and executable on the processor, which when executed by the processor, implements the method of any of claims 1-7.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202311679532.8A CN117376662B (en) | 2023-12-08 | 2023-12-08 | Cluster type video safety boundary exchange method and device |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202311679532.8A CN117376662B (en) | 2023-12-08 | 2023-12-08 | Cluster type video safety boundary exchange method and device |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN117376662A CN117376662A (en) | 2024-01-09 |
| CN117376662B true CN117376662B (en) | 2024-02-09 |
Family
ID=89400728
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202311679532.8A Active CN117376662B (en) | 2023-12-08 | 2023-12-08 | Cluster type video safety boundary exchange method and device |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN117376662B (en) |
Citations (9)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| WO2003088618A1 (en) * | 2002-04-03 | 2003-10-23 | Qualcomm Incorporated | System and method for transparent mobile ip registration within ppp negotiation |
| CN103888277A (en) * | 2012-12-19 | 2014-06-25 | 中国移动通信集团公司 | Gateway disaster recovery backup method, apparatus and system |
| CN105187512A (en) * | 2015-08-13 | 2015-12-23 | 航天恒星科技有限公司 | Method and system for load balancing of virtual machine clusters |
| WO2016169482A1 (en) * | 2015-04-20 | 2016-10-27 | 中兴通讯股份有限公司 | Message transmission method, code stream processing method and device |
| CN107454155A (en) * | 2017-07-25 | 2017-12-08 | 北京三快在线科技有限公司 | A kind of fault handling method based on load balancing cluster, device and system |
| CN110971698A (en) * | 2019-12-09 | 2020-04-07 | 北京奇艺世纪科技有限公司 | Data forwarding system, method and device |
| CN112637265A (en) * | 2020-11-25 | 2021-04-09 | 新华三技术有限公司 | Equipment management method, device and storage medium |
| CN114257496A (en) * | 2021-12-21 | 2022-03-29 | 中国工商银行股份有限公司 | Self-isolation method and system for service node |
| WO2023151264A1 (en) * | 2022-02-10 | 2023-08-17 | 华为云计算技术有限公司 | Load balancing method and apparatus, node, and storage medium |
-
2023
- 2023-12-08 CN CN202311679532.8A patent/CN117376662B/en active Active
Patent Citations (9)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| WO2003088618A1 (en) * | 2002-04-03 | 2003-10-23 | Qualcomm Incorporated | System and method for transparent mobile ip registration within ppp negotiation |
| CN103888277A (en) * | 2012-12-19 | 2014-06-25 | 中国移动通信集团公司 | Gateway disaster recovery backup method, apparatus and system |
| WO2016169482A1 (en) * | 2015-04-20 | 2016-10-27 | 中兴通讯股份有限公司 | Message transmission method, code stream processing method and device |
| CN105187512A (en) * | 2015-08-13 | 2015-12-23 | 航天恒星科技有限公司 | Method and system for load balancing of virtual machine clusters |
| CN107454155A (en) * | 2017-07-25 | 2017-12-08 | 北京三快在线科技有限公司 | A kind of fault handling method based on load balancing cluster, device and system |
| CN110971698A (en) * | 2019-12-09 | 2020-04-07 | 北京奇艺世纪科技有限公司 | Data forwarding system, method and device |
| CN112637265A (en) * | 2020-11-25 | 2021-04-09 | 新华三技术有限公司 | Equipment management method, device and storage medium |
| CN114257496A (en) * | 2021-12-21 | 2022-03-29 | 中国工商银行股份有限公司 | Self-isolation method and system for service node |
| WO2023151264A1 (en) * | 2022-02-10 | 2023-08-17 | 华为云计算技术有限公司 | Load balancing method and apparatus, node, and storage medium |
Non-Patent Citations (2)
| Title |
|---|
| 基于NAT的码流均衡转发的研究;张萍;陈春玲;;电力系统通信;20091210(12);全文 * |
| 基于Nginx服务器集群的负载均衡算法优化研究;吕伟峰;CNKI;20230915;全文 * |
Also Published As
| Publication number | Publication date |
|---|---|
| CN117376662A (en) | 2024-01-09 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN107547366B (en) | Message forwarding method and device | |
| US7518983B2 (en) | Proxy response apparatus | |
| JP5913635B2 (en) | Redundant network connection | |
| US8374079B2 (en) | Proxy server, communication system, communication method and program | |
| CN110661702B (en) | Link backup method and device and computer readable storage medium | |
| CN108306777B (en) | SDN controller-based virtual gateway active/standby switching method and device | |
| MX2008003407A (en) | Fault-tolerant communications in routed networks. | |
| US20100299551A1 (en) | Message processing method, apparatus and ip communication system based on the sip protocol | |
| US20110242971A1 (en) | Communication terminal, communication method, and program | |
| US8477598B2 (en) | Method and system for implementing network element-level redundancy | |
| CN113839862B (en) | Method, system, terminal and storage medium for synchronizing ARP information between MCLAG neighbors | |
| US20160277246A1 (en) | Method and device for media multiplexing negotiation | |
| CN111835555A (en) | Data recovery method and device and readable storage medium | |
| CN113301007A (en) | Data transmission method, computing device and storage medium | |
| CN111030926B (en) | Method and device for improving high availability of network | |
| CN103220189A (en) | Multi-active detection (MAD) backup method and equipment | |
| CN107332793B (en) | Message forwarding method, related equipment and system | |
| CN115242700B (en) | Communication transmission method, device and system | |
| CN117376662B (en) | Cluster type video safety boundary exchange method and device | |
| CN109347743B (en) | Special line communication method, computer readable storage medium and terminal equipment | |
| CN105281929A (en) | Service network port state detection and fault tolerance device and method thereof | |
| CN111416851A (en) | Method for session synchronization among multiple load balancers and load balancer | |
| KR20200072941A (en) | Method and apparatus for handling VRRP(Virtual Router Redundancy Protocol)-based network failure using real-time fault detection | |
| CN114640574B (en) | Main and standby equipment switching method and device | |
| US8547828B2 (en) | Method and system for implementing network element-level redundancy |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |