CN100433714C - Method for transmission processing IP fragment message - Google Patents
Method for transmission processing IP fragment message Download PDFInfo
- Publication number
- CN100433714C CN100433714C CNB2005100886371A CN200510088637A CN100433714C CN 100433714 C CN100433714 C CN 100433714C CN B2005100886371 A CNB2005100886371 A CN B2005100886371A CN 200510088637 A CN200510088637 A CN 200510088637A CN 100433714 C CN100433714 C CN 100433714C
- Authority
- CN
- China
- Prior art keywords
- message
- address
- mtu
- packet
- tunnel
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Images
Abstract
The present invention relates to a method for transmitting and processing IP fragment messages in the technical field of communication. The method causes a user end or a network server end to automatically regulate the size of a message by using an ICMP message on a network device, and thereby, avoids the problem that the fragment message needs to be recombined in intermediate equipment. The present invention solves the problem of the recombination of the IP fragment message, not only avoids the problems of high cost and complex realization caused by realizing the message recombination by hardware but also solves the problem of performance caused by realizing the message recombination by software, and has simple realization and no influence on forwarding performance.
Description
Technical field
The present invention relates to communication technical field, relate in particular to a kind of IP fragmentation packet transmission and processing method.
Background technology
At present, along with trans-regional, the transnational development of enterprise, each branch of enterprise various places that spread all over the country, Ban Gong employee is also more and more outside, enterprise need give flow the employee provide convenience, fast, the network support of economical and efficient so that make the employee of flowing can be in time and enterprise carry out business exchange and resource-sharing.The access in broadband at present is more and more general, and mobile users can insert local metropolitan area network and Internet easily, therefore, provides PPP (point-to-point protocol) broadband access on the wide area network to become a kind of demand how for the mobile users of enterprise.VPDN (Virtual Private Dial-up Network) business can well satisfy this wide area network dialing demand.VPDN is meant the Virtual Private Network that is made of the subscriber dialing ppp link and the tunnel that continues on IP backbone, the user inserts incorporated business's net by the tunnel.
The implementation procedure of this VPDN business as shown in Figure 1, user and LNS end server carry out communication, the user pulls out LAC (L2TP Access Concentrator) into ISP (ISP) by PSTN net (Public Switched Telephone Network) or ADSL (broadband metropolitan area network), LAC identifies this user for behind VPN (Virtual Private Network) user by user name or access code, just setting up one with user's destination address LNS (L2TP Network Server) is connected, be called the tunnel, after the tunnel is set up successfully, be sent to the packet of LNS from the user, at first be sent to LAC, LAC encapsulates corresponding tunnel information after identifying this VPN user according to user ID, send LNS to from the tunnel then, just can read real significant message after LNS receives packet and seals off tunnel information, be sent to the server of LNS end at last again; Server from the LNS end sends the user's data bag to equally, after being sent to LNS, after LNS identifies this VPN user according to user ID, encapsulation corresponding tunnel information, from the tunnel packet is sent to LAC then, just can read real significant message after LAC receives packet and seals off tunnel information, at last this message be sent to the user.Encryption can be carried out to message in the both sides, tunnel, other users on the Internet can't be read, thereby be safe and reliable.
There are following two problems in this VPDN application model:
1, send the big message of LNS end server to from VPDN user, after arriving LAC, LAC encapsulation tunnel information, so that message is sent to the tunnel, encapsulation tunnel information comprises encapsulation IP heading and L2TP protocol massages head, but the IP message length that has encapsulated tunnel information may surpass the MTU (MTU) in tunnel, need burst, so just require the LNS equipment of opposite end must support the reorganization of IP fragmentation message, because burst carries out at outer IP message, just there is not the original message header since second, LNS can't find server info according to the original message header after receiving this fragment message, so after requiring LNS all fragment message reorganization, find corresponding server information according to the original message header again, again message is sent to server at last, but some LNS equipment is not supported the reorganization of IP fragmentation message, VPDN user just can't send the server of the big LNS of bag end.
2, send VPDN user's big message to from LNS end server, after arriving LNS, LNS has encapsulated tunnel information, preparation sends to the tunnel to message, but IP message length that check to find to have encapsulated tunnel information may surpass the MTU in tunnel, needs burst, so just requires the LAC equipment of opposite end must support the reorganization of IP fragmentation message, but some LAC equipment is not supported the reorganization of IP fragmentation message, and LNS end server just can't send the big VPDN of bag user.
At above-mentioned two problems, general solution has two kinds, first kind: because the forwarding of LAC, LNS equipment generally is by hard-wired, so if LAC, LNS all support hardware recombinate for the L2TP fragment message and just can solve above-mentioned two problems; Another: by the reorganization of software realization L2TP fragment message, friendship had software processes after promptly hardware was received the L2TP fragment message, and software is recombinated to the L2TP fragment message, then the message of reorganization is sent out.
The shortcoming of technique scheme is:
The shortcoming of first kind of scheme is: realize that by hardware the reorganization of IP fragmentation message will be very difficult, because the sheet number that message is divided is uncertain, the time that fragment message arrives is uncertain, fragment message might be lost, and need timer, these problems to cause hardware to realize the difficulty of IP fragmentation message reorganization, will consume a large amount of hardware resource and manpower and materials, and for the inadequate equipment of hardware resource, this solution can not realize.
The shortcoming of second kind of scheme is: because the flexibility of software, the reorganization that is realized the IP fragmentation message by software is not a difficult matter, but the speed of software is compared with hardware and is fallen far short, realize the equipment of IP fragmentation message reorganization by software, it on performance a bottleneck, transmit when the user not only influences the user for a long time, also might exert an influence the existing user of equipment.
Therefore, need provide a kind of method can effectively solve packed IP fragmentation message recombination problem.
Summary of the invention
In view of above-mentioned existing in prior technology problem, the object of the present invention is to provide a kind of IP fragmentation packet transmission and processing method, by on the network equipment, using ICMP (Internet Control Message Protocol) message, make message source adjust message size automatically, thereby avoid the problem of recombinating behind the message fragment.
The objective of the invention is to be achieved through the following technical solutions:
The invention provides a kind of IP fragmentation packet transmission and processing method, comprising:
A, in the network equipment, the literary composition or of delivering newspaper to be passed of determining to exceed tunnel MTU MTU by hardware by the message first packet of burst;
B, with the described literary composition or resolved by the software in the network equipment by the message first packet of burst of delivering newspaper to be passed, obtain former message source IP address and purpose IP address, become the Internet Internet Control Message Protocol icmp packet according to above-mentioned source IP address and purpose IP address architecture, the purpose IP address of described icmp packet is the source IP address of former message, the source IP address of described icmp packet is the purpose IP address of former message, and sends described icmp packet to message source;
C, message source are with the described MTU of literary composition or be adjusted into MTU in the described icmp packet by the MTU of the message of the message first packet correspondence of burst of delivering newspaper to be passed, deliver newspaper literary composition or by the message of the message first packet correspondence of burst, the MTU of wherein said icmp packet is that path mtu deducts tunnel encapsulation head length degree of to be passed behind the MTU has been adjusted in transmission.
The described network equipment is for to need after the process of passing through tunnel encapsulation to find to the intermediate equipment of message fragment or find that the tunnel encapsulation message is the intermediate equipment through message behind the burst.
Described steps A comprises:
A1, reception message to be sent;
A2, be described message encapsulation tunnel information.
Described steps A 2 specifically comprises:
Be described message encapsulation IP heading and tunnel information encapsulation header.
The step of former message source IP address of described acquisition and purpose IP address specifically comprises:
Dismantle outer IP heading and tunnel information encapsulation header;
Dismounting point-to-point protocol PPP head;
Determine that above-mentioned remaining message is the IP message;
Obtain former message source IP address and purpose IP address.
When described IP message is when being sent by user side, described path mtu is meant tunnel MTU.
When described IP message is when being sent by network server end, described path mtu is meant outer IP message length.
As seen from the above technical solution provided by the invention, the invention solves the problem that the IP fragmentation message need be recombinated in the network intermediate equipment, promptly avoid hardware to realize the cost height of message reorganization, realized complicated problems, solved software again and realized the performance issue that message is recombinated, and the present invention realizes simply, not influencing forwarding performance.
Description of drawings
Fig. 1 is a prior art wide area network structural representation;
Fig. 2 wraps LNS server-side processes flow process greatly for the present invention sends from user side;
Fig. 3 wraps the user side handling process greatly for the present invention sends from the LNS server end.
Embodiment
Core concept of the present invention provides a kind of IP fragmentation packet transmission and processing method, by use icmp packet on the network equipment, makes message source adjust message size automatically, thereby avoids the problem of fragment message in the intermediate equipment reorganization.
The invention provides a kind of IP fragmentation packet transmission and processing method, with reference to the operation process chart that Figure 2 shows that IP fragmentation message recombining method of the present invention, it is example that the present invention transmits message with VPDN user to the LNS server end, and set this icmp packet and on LAC equipment, realize, the network equipment of this message transport process comprises L2TP Access Concentrator LAC, L2TP Network Server LNS, and this IP fragmentation packet transmission and processing method comprises:
Step 10:VPDN end subscriber sends message;
The message that sends from the user at first is sent to LAC.
Step 11:LAC encapsulation tunnel information;
LAC sets up one with user's purpose LNS and is connected after identifying this VPN user according to User Recognition, is called the tunnel, after the tunnel is set up successfully, this message is encapsulated, and specifically comprises encapsulation IP heading and tunnel information encapsulation header such as L2TP heading.
Step 12: whether the message after the hardware check encapsulation exceeds the MTU (MTU) in tunnel;
After above-mentioned message encapsulated, to transmit message to LNS by the tunnel, LAC hardware detects earlier before sending, and judges whether the message after this encapsulation exceeds the MTU in tunnel, as to exceed then the message identification that has encapsulated tunnel information be that special type of message is given software processes on also.
Step 13: software analytic message;
Software is resolved message after receiving above-mentioned message, at first dismantles outer IP heading, and L2TP protocol massages head, obtains original message, dismantles the PPP head then, judges whether remaining message is the IP message, if not the IP message, then abandons this message; If the IP message takes out source IP address and purpose IP address from the IP heading, this source IP address is the VPDN user's IP address; This purpose IP address is a LNS end server ip address.
Step 14: the structure icmp packet also is sent to user side;
After obtaining above-mentioned VPDN user and LNS end server ip address, the structure icmp packet, this icmp packet i.e. " need carry out burst but be provided with not burst bit ", and the MTU of this icmp packet fills into the length that path mtu deducts the tunnel encapsulation head, and path mtu is tunnel MTU herein; Source IP address fills into LNS end server ip address, the i.e. destination address of original message; The purpose IP address of ICMP fills into the VPDN IP address, i.e. the source IP address of original message; After having constructed icmp packet, message is sent to VPDN user, after VPDN user receives this icmp packet, it is the size of MTU indication in the icmp packet that adjustment is sent to LNS end server message size, again this message is sent to LNS end server, do not need to carry out burst during this message process LAC and handle, do not need LNS to support the reorganization of IP fragmentation message yet.
Step 15: when the message after the hardware check encapsulation did not exceed the MTU in tunnel, hardware directly sent message to LNS by the tunnel.
Step 16:LNS end server receives above-mentioned message.
Aforesaid operations is to send message to LNS end server by the VPDN user side, transmits big message to the VPDN user side at LNS end server, also adopts to use the same method, and its concrete operations step is with reference to shown in Figure 3, and this operating process comprises the steps:
Step 20:LNS end server sends message to LNS;
Step 21:LNS encapsulation tunnel information also sends message to LAC;
After LNS identified this VPN user according to user ID, encapsulation corresponding tunnel information promptly encapsulated IP heading and tunnel information encapsulation header such as L2TP protocol massages head, sent to LAC by the message of tunnel after with above-mentioned encapsulation then.
Whether the above-mentioned message of step 22:LAC hardware detection is by the burst mistake;
Message transmits at public network, may be by certain router burst, whether the above-mentioned message of LAC hardware detection is by the burst mistake herein, whether it is according to allowing by burst for having a flag bit to be used to identify this message in the message, because a message can only be by burst once, when this flag bit is replaced this message of explanation by burst.
Whether step 23:LAC hardware detection is the first packet of fragment message;
If above-mentioned message is by burst, by " whether also having burst " in the IP heading whether the bit decision message is first packet to LAC, if first packet then is that special type of message is given software processes on also with this message identification.
Step 24: software analytic message;
After software receives message, carry out dissection process, at first dismantle outer IP heading, and L2TP protocol massages head, original message obtained, dismantle the PPP message then, judge whether remaining message is the IP message, if the IP message takes out source IP address and purpose IP address from the IP heading, described source IP address is a LNS end server ip address, and purpose IP address is the VPDN IP address.
Step 25: the structure icmp packet also is sent to LNS end server;
After obtaining above-mentioned LNS end server and VPDN IP address, the structure icmp packet, this icmp packet i.e. " need carry out burst but be provided with not burst bit ", and the MTU of this icmp packet fills into path mtu and deducts tunnel encapsulation head length degree, and path mtu is outer IP message length herein; Source IP address fills into the VPDN IP address, i.e. the destination address of original message; The purpose IP address of ICMP fills into LNS end server ip address, the i.e. source IP address of original message; After having constructed icmp packet, message is sent to LNS end server, after LNS end server is received this icmp packet, adjustment is sent to the size of VPDN user's message size for MTU indication in the icmp packet, again this message is sent to VPDN user, be sent to the VPDN user's message from LNS end server afterwards and arrive LAC before all not by burst, LAC has recombinated with regard to not needing to carry out the IP fragmentation message.
Step 26: when hardware detection to the message that receives during not by burst, hardware directly sends message by the tunnel.
Step 27: the user receives message.
Step 28: if the LAC hardware detection to the first packet that is not fragment message, then abandons this message.
In sum, the present invention has realized the problem of IP fragmentation message reorganization, promptly avoided hardware to realize the cost height of message reorganization, realize complicated problems, solved software again and realized the performance issue that message is recombinated, and the present invention has realized simply, not influencing forwarding performance.
The above; only for the preferable embodiment of the present invention, but protection scope of the present invention is not limited thereto, and anyly is familiar with those skilled in the art in the technical scope that the present invention discloses; the variation that can expect easily or replacement all should be encompassed within protection scope of the present invention.Therefore, protection scope of the present invention should be as the criterion with the protection range of claim.
Claims (7)
1, a kind of IP fragmentation packet transmission and processing method is characterized in that, comprising:
A, in the network equipment, the literary composition or of delivering newspaper to be passed of determining to exceed tunnel MTU MTU by hardware by the message first packet of burst;
B, with the described literary composition or resolved by the software in the network equipment by the message first packet of burst of delivering newspaper to be passed, obtain former message source IP address and purpose IP address, become the Internet Internet Control Message Protocol icmp packet according to above-mentioned source IP address and purpose IP address architecture, the purpose IP address of described icmp packet is the source IP address of former message, the source IP address of described icmp packet is the purpose IP address of former message, and sends described icmp packet to message source;
C, message source are with the described MTU of literary composition or be adjusted into MTU in the described icmp packet by the MTU of the message of the message first packet correspondence of burst of delivering newspaper to be passed, deliver newspaper literary composition or by the message of the message first packet correspondence of burst, the MTU of wherein said icmp packet is that path mtu deducts tunnel encapsulation head length degree of to be passed behind the MTU has been adjusted in transmission.
2, a kind of IP fragmentation packet transmission and processing method as claimed in claim 1, it is characterized in that the described network equipment is for to need after the process of passing through tunnel encapsulation to find to the intermediate equipment of message fragment or find that the tunnel encapsulation message is the intermediate equipment through message behind the burst.
3, a kind of IP fragmentation packet transmission and processing method as claimed in claim 1 is characterized in that described steps A comprises:
A1, reception message to be sent;
A2, be described message encapsulation tunnel information.
4, a kind of IP fragmentation packet transmission and processing method as claimed in claim 3 is characterized in that, described steps A 2 specifically comprises:
Be described message encapsulation IP heading and tunnel information encapsulation header.
5, a kind of IP fragmentation packet transmission and processing method as claimed in claim 1 is characterized in that, the step of former message source IP address of described acquisition and purpose IP address specifically comprises:
Dismantle outer IP heading and tunnel information encapsulation header;
Dismounting point-to-point protocol PPP head;
Determine that above-mentioned remaining message is the IP message;
Obtain former message source IP address and purpose IP address.
6, a kind of IP fragmentation packet transmission and processing method as claimed in claim 1 is characterized in that, when described IP message is when being sent by user side, described path mtu is meant tunnel MTU.
7, a kind of IP fragmentation packet transmission and processing method as claimed in claim 1 is characterized in that, when described IP message is when being sent by network server end, described path mtu is meant outer IP message length.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CNB2005100886371A CN100433714C (en) | 2005-07-29 | 2005-07-29 | Method for transmission processing IP fragment message |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CNB2005100886371A CN100433714C (en) | 2005-07-29 | 2005-07-29 | Method for transmission processing IP fragment message |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN1863141A CN1863141A (en) | 2006-11-15 |
| CN100433714C true CN100433714C (en) | 2008-11-12 |
Family
ID=37390471
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CNB2005100886371A Active CN100433714C (en) | 2005-07-29 | 2005-07-29 | Method for transmission processing IP fragment message |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN100433714C (en) |
Families Citing this family (9)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101827031A (en) * | 2010-04-22 | 2010-09-08 | 中兴通讯股份有限公司 | Method and device for packet transmission in user datagram protocol UDP tunnel |
| CN102123090B (en) * | 2011-02-23 | 2012-07-04 | 中国人民解放军国防科学技术大学 | IP (Internet protocol) fragment processing method based on two-level table storage and transport layer information inquiry |
| CN102710520B (en) * | 2012-06-01 | 2015-07-15 | 浙江宇视科技有限公司 | Method and device for backing up lonworks network service (LNS) |
| CN104754550B (en) * | 2013-12-30 | 2018-06-19 | 中国移动通信集团公司 | A kind of Diameter message transmission method, apparatus and system |
| CN104954333B (en) * | 2014-03-28 | 2018-03-27 | 华为技术有限公司 | A kind of method to E-Packet, system |
| CN106411677A (en) * | 2016-09-06 | 2017-02-15 | 杭州迪普科技有限公司 | Method and device for determining optimal maximum transmission unit (MTU) of virtual private network (VPN) data channel |
| CN109525534A (en) * | 2017-09-18 | 2019-03-26 | 北京握奇智能科技有限公司 | A kind of method and system for guaranteeing message in secure network and not being fragmented |
| WO2019178813A1 (en) * | 2018-03-22 | 2019-09-26 | 华为技术有限公司 | Method, device and system for handling message fragmentation |
| CN110581812A (en) * | 2018-06-08 | 2019-12-17 | 北京京东尚科信息技术有限公司 | Data message processing method and device |
Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1543104A (en) * | 2003-04-28 | 2004-11-03 | 华为技术有限公司 | Data transmission method for mobile packet network |
| US20050005024A1 (en) * | 2002-10-30 | 2005-01-06 | Allen Samuels | Method of determining path maximum transmission unit |
| EP1517511A1 (en) * | 2003-09-17 | 2005-03-23 | Siemens Aktiengesellschaft | A method of transmitting packet data on a network |
-
2005
- 2005-07-29 CN CNB2005100886371A patent/CN100433714C/en active Active
Patent Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20050005024A1 (en) * | 2002-10-30 | 2005-01-06 | Allen Samuels | Method of determining path maximum transmission unit |
| CN1543104A (en) * | 2003-04-28 | 2004-11-03 | 华为技术有限公司 | Data transmission method for mobile packet network |
| EP1517511A1 (en) * | 2003-09-17 | 2005-03-23 | Siemens Aktiengesellschaft | A method of transmitting packet data on a network |
Also Published As
| Publication number | Publication date |
|---|---|
| CN1863141A (en) | 2006-11-15 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN100433714C (en) | Method for transmission processing IP fragment message | |
| CN100486225C (en) | Method for reducing data IP fragmentation quantity in PS network | |
| JP4164365B2 (en) | Technology for improving TCP performance over a wireless interface by providing a dual proxy device | |
| CN107682370B (en) | Method and system for creating protocol headers for embedded layer two packets | |
| WO2017054576A1 (en) | Unicast tunnel building method, apparatus and system | |
| CN101150497A (en) | Multi-data packet transmission method, system and device in mobile communication | |
| US20020124095A1 (en) | Apparatus and method for sending point-to-point protocol over ethernet | |
| EP2099169A1 (en) | A method, equipment and system for transmitting data | |
| CN101827031A (en) | Method and device for packet transmission in user datagram protocol UDP tunnel | |
| CN104184646B (en) | VPN data interactive method and system and its network data exchange equipment | |
| CN109936492A (en) | A kind of methods, devices and systems by tunnel transmission message | |
| CN101304387B (en) | Method for implementing tunnel conversion of bi-layer tunnel protocol | |
| EP2647169B1 (en) | Method and apparatus for performing actions on packets at intermediate nodes in a connection between a communication device and a destination device in a target network | |
| CN101640635A (en) | Method for avoiding message recombination in 6over4 tunnel and system therefor | |
| CN113556273A (en) | Data transmission method of three-network cloud intercommunication system | |
| CN108064441B (en) | Method and system for accelerating network transmission optimization | |
| US7054321B1 (en) | Tunneling ethernet | |
| EP2600569B1 (en) | Method, apparatus and system for processing a tunnel packet | |
| JPWO2003075537A1 (en) | Communication device | |
| CN102368786B (en) | Load balancing method and system | |
| JP2006279771A (en) | Method and program for packet transmission | |
| US7260107B1 (en) | PPP data conversion apparatus and method | |
| Cisco | X.25 and LAPB Commands | |
| Cisco | X.25 and LAPB Commands | |
| Cisco | X.25 and LAPB Commands |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C14 | Grant of patent or utility model | ||
| GR01 | Patent grant |