CN100563265C - A kind of method and interface equipment that port triggering concurrency is provided for interface equipment - Google Patents
A kind of method and interface equipment that port triggering concurrency is provided for interface equipment Download PDFInfo
- Publication number
- CN100563265C CN100563265C CNB2006100829890A CN200610082989A CN100563265C CN 100563265 C CN100563265 C CN 100563265C CN B2006100829890 A CNB2006100829890 A CN B2006100829890A CN 200610082989 A CN200610082989 A CN 200610082989A CN 100563265 C CN100563265 C CN 100563265C
- Authority
- CN
- China
- Prior art keywords
- port
- network
- address
- message
- external
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Images
Abstract
The invention discloses a kind of method that port triggering concurrency is provided for interface equipment, described interface equipment is connected in and carries out the message forwarding between first network and second network, at first, described interface equipment is received first network message, and described message hits port and triggers mapping ruler; Then with source address, the destination address of above-mentioned message and the external port in being hit rule be associated; When described interface equipment is received from second network message, forward it to first network according to the associated record that is complementary with this message address information.By said method, make a plurality of users of the network of winning with regard to same triggering port when second network initiate to connect, port triggering function also can operate as normal, has promptly satisfied the demand that port triggers concurrency.
Description
Technical field
The present invention relates to network communication field, relate in particular to a kind of method and a kind of interface equipment that possesses port triggering concurrency that port triggering concurrency is provided for interface equipment.
Background technology
Shortage has taken place in public the Internet protocol IP (Internet Protocol) address that causes distinct device to use that develops rapidly of internet.A kind of known solution at IP address shortage problem is network address transmission NAT (Network address translation).NAT is one to one or many-to-one IP address mapping basically, and moves in interface equipments such as router between local network and global network or gateway.Described local network also is referred to as in-house network or private network, and described global network is referred to as extranets or public network.NAT passes through address usefulness again, allows a mechanism to appear on the global network with an address, thereby helps to preserve a limited number of public or global ip address.
But, after router is enabled NAT, will stash the IP address in the local network and do not found, thereby make overall net can't directly visit the user in the local network by the external world, be that overall net can't initiatively initiate to connect to local network, this is a defective under some application scenarioss.For example, some games, after the user in the local network sets up a TCP and is connected to the online game server of the overall situation, game server can be attempted to set up another one TCP to this user and connect, but, because this connects attempt can't passing through NAT and then can not be successful, finally causes game running not.
At the problems referred to above, on low end router and soho router, a kind of technology that is called port triggering (porttriggering) is arisen at the historic moment.The notion that port triggers is exactly, the user can trigger port B by configuration designated port A (representing or one group of port) on router, so, when the user in the local network outwards initiates to connect with regard to port A by router, router can associate port B and this local network user's IP address, destination interface when from outside to inside is the message of B when coming in, and the destination address of message can be replaced by related IP address, and then is transmitted to above-mentioned local network user.In the art, port A is called as the triggering port, and port B is called as external port, and the rule of this configuration is called port and triggers mapping ruler.
Though above-mentioned solution can make the server in the overall situation net initiatively initiate successful connection to the local network user,, if successively there is the local network user to initiate to connect to overall situation net with regard to same triggering port, follow-up port triggering function just can not normal running.
For example, suppose that local network user 1 initiates to connect with regard to the server 1 of port A (triggering port) in overall situation net by router, trigger mapping ruler (port A triggers port B) so hit port, and then router gets up port B and user's 1 IP address correlation.Subsequently, local network user 2 also initiates to connect with regard to the server 2 of port A in overall situation net, trigger mapping ruler so hit same port, so port B will with user 2 IP address correlation, promptly the user's 1 who is associated with external port B IP address is replaced by user 2 IP address.After this, router receives that again the destination interface from server 1 is the message (actual is that server 1 initiatively connects to the TCP that user 1 initiates) of port B, because this moment, the IP address related with port B was user 2 rather than user 1, therefore, this message is transmitted to user 2 by mistake.This shows that the existing router that possesses the NAT correlation function can't satisfy the requirement of concurrency.
Further, after port triggering function comes into force (be in the rule external port and Intranet IP address set up related), external port is promptly opened fully to outer net, thereby brings certain potential safety hazard.
Summary of the invention
The object of the present invention is to provide a kind of method and interface equipment that port triggering concurrency is provided for interface equipment, to solve the existing technical scheme that realizes overall host's trend local network initiation connection merely by the port triggering rule, can not satisfy the technical problem of concurrency demand.
For solving the problems of the technologies described above, the objective of the invention is to be achieved through the following technical solutions: a kind of method that port triggering concurrency is provided for interface equipment, described interface equipment is connected in and carries out the message forwarding between first network and second network, described interface equipment is received first network message, and described message hits port and triggers mapping ruler; With source address, the destination address of above-mentioned message and the external port in being hit rule be associated; When described interface equipment is received from second network message, forward it to first network according to the associated record that is complementary with this message address information.
Preferably, described method also comprises: when described interface equipment is received second network message, if the associated record that is complementary with this message address information not then abandons this message.
Preferably, described method also comprises: set up the function choosing-item of checking external address for port triggers mapping ruler, when described option is in closed condition, only source address and external port are associated in the above-mentioned associated steps.
Preferably, the associated record that is complementary of the address information of described basis and second network message detailed process that forwards it to first network comprises: source address, the destination interface of getting described second network message is that keyword mates the destination address in the associated record respectively, external port is inquired about; If find the associated record that is complementary, then, be forwarded to first network with the destination address of the source address in this associated record as described second network message.
Preferably, described associated steps is achieved by setting up port triggering contingency table, and described port triggers contingency table and comprises external peer-port field, first network address fields and second network address fields.
Preferably, adopt port to trigger contingency table and realize that related detailed process is: will be hit external port, the source address in first network message, destination address in the rule and be recorded in external peer-port field, first network address fields, second network address fields in the related list item respectively.
Preferably, the associated record that is complementary of the address information of described basis and second network message detailed process that forwards it to first network comprises: source address, destination interface with described second network message are that keyword mates second network address fields in the contingency table respectively, external peer-port field is inquired about; If find the related list item that is complementary, then should the association list item in the first network address fields content destination address content of replacing described second network message, be forwarded to first network.
A kind of interface equipment with port triggering concurrency, described interface equipment are connected in and carry out the message forwarding between first network and second network, and described equipment comprises: the regular record unit is used to write down the port triggering rule that triggers between port and the external port; Associative cell is used for being associated hitting source address, the destination address of first network message of port triggering rule and the external port that is hit rule; The matching treatment unit is used for searching the associated record that is complementary with second network message at associative cell, and transmits second network message to the first network in view of the above.
Preferably, when the associated record that not is not complementary with second network message in the described associative cell, described matching treatment unit abandons second network message.
Preferably, also to the function choosing-item of checking external address should be arranged, whether described function choosing-item is used to indicate associative cell the destination address participation of first network message is related to the port triggering rule in the described regular record unit.
Described coupling retransmission unit specifically comprises: the matching inquiry unit, and the source address, the destination interface that are used for described second network message are destination address, the external port that keyword mates associative cell respectively, search the associated record that is complementary with described message; Retransmission unit is used for the destination address of the source address of the associated record that will be complementary as second network message, transmits described second network message to the first network.
Preferably, described associative cell comprises that port triggers contingency table, and described port triggers contingency table and comprises external peer-port field, first network address fields and second network address fields.
First network address fields in the described port trigger table, second network address fields, external peer-port field are respectively applied for source address, the destination address of record in first network message, are hit the external port in the rule.
Above technical scheme has port and triggers in the interface equipment of concurrency disclosed by the invention as can be seen, triggers port triggering rule between port and the external port by the regular record unit record; And will hit by associative cell the port triggering rule first network message source address, destination address and be hit rule in external port be associated; Thereby make when shown in interface equipment when receiving message from second network, in associative cell, search the associated record that is complementary with described second network message by the matching treatment unit, transmit second network message to the first network in view of the above.This shows, because associative cell has write down the purpose IP address from the outer outgoing packet of first network, even make a plurality of first network users initiate under the situation of connection to second network with regard to same triggering port by interface equipment, the port triggering function of interface equipment still can operate as normal, has promptly satisfied the needs that port triggers concurrency.
Description of drawings
Fig. 1 is the environment schematic diagram of the embodiment of the invention;
Fig. 2 is that routing device is handled the signal of private network method of message flow process in the first embodiment of the invention;
Fig. 3 is the method flow schematic diagram that routing device is handled public net message in the first embodiment of the invention;
Fig. 4 is that routing device is handled the signal of private network method of message flow process in the second embodiment of the invention;
Fig. 5 is that routing device is handled the signal of private network method of message flow process in the second embodiment of the invention;
Fig. 6 has the interface equipment example structure schematic diagram that port triggers concurrency for the present invention.
Embodiment
Core concept of the present invention is, when the message from first network just triggers port when second network initiates to connect, with the destination address (second network address) of message also participate in external port related in, even so that have a plurality of first network users with regard to same triggering port when second network initiate to connect, port triggering function also can operate as normal, and promptly the equipment of second network can be in view of the above initiatively initiates to connect to first network user of correspondence.
See also Fig. 1, it is the environment schematic diagram of one embodiment of the invention.This there is shown first client devices 10, second client devices 15 and first server apparatus 14, the second server equipment 16 that link to each other with public network 12 that links to each other with private network 11, and these two networks link to each other via routing device 13 according to the present invention.Routing device 13 comprises a NAT address translation function between private network 11 and public network 12, and relevant port triggers mapping function.In this structure, first client devices 10, second client devices 15 initiate to connect to first server apparatus 14, second server equipment 16 respectively with regard to same triggering port (port A) by routing device 13, and then first server apparatus 14, second server equipment 16 initiatively connect to first server apparatus 14, second server equipment 16 initiation TCP again.For the present invention, private network 11 is corresponding to first network, and public network 12 is corresponding to second network, and routing device 13 is corresponding to interface equipment.
In a preferred embodiment, public network 12 is internets, and private network 11 is private home network.But should be noted that the present invention is not limited to private home network, but can also be used for for example small office and company's network.Client devices (as first client devices 10 and second client devices 15) can be the computer of a routine, but it is not limited thereto, it can also be some other a computing equipment, such as the equipment that can use an address to connect in computer network of audio or video server, printer, scanner or other types.Should be appreciated that and generally also have some equipment to be connected to first network 12.Should also be appreciated that server apparatus (first server apparatus 14, second server equipment 16) can be via the equipment on routing device and the privately owned or dedicated network that public network 12 is communicated by letter.Here, in order better to explain the present invention, server apparatus is shown an equipment that directly links to each other with public network 12.
See also Fig. 2, it triggers the method embodiment flow chart of concurrency for the present invention is a kind of for interface equipment provides port.
Step 210: set up the function choosing-item of checking external I P address for every port triggering rule.Mention in the description about Fig. 1, routing device 13 comprises a NAT address translation function between private network 11 and public network 12, and relevant port triggers mapping function.Every port triggers mapping ruler and comprises that all one is triggered port and an external port, every message from first network (as being initiated by first client devices 10 or second client devices 15) is to trigger the connection that port is initiated to second network with regard to certain, this message promptly hits corresponding port and triggers mapping ruler so, and then the external port that is hit in the rule just participates in relevant action, and concrete manner of execution can describe in detail at subsequent step.This step mainly is to trigger mapping ruler at existing port, sets up a function choosing-item of checking external IP address.
Can the above-mentioned functions option be set the overall situation, also can this option be set separately at each bar triggering rule.Preferably, overall situation setting acts on all of the port acquiescently and triggers mapping ruler, changes its setting on this option but can trigger mapping ruler at each port.Convenient for discussing below, can think that in logic each bar port triggering rule all has the setting of this option: open or close.Why " checking external IP address " as a function choosing-item, rather than inevitable action is for complexity, the diversity of using environment there being one better adapt to.Certainly, be not fine yet, promptly give tacit consent to all bar ports triggering mapping rulers and all will check external IP address if do not set up this function choosing-item.
Step 220: routing device 13 is received private network 11 messages, and described message hits a port and triggers mapping ruler.Described private network 11 messages, the grouped data report from private network 11 (being called for short the private network message) that specifically shows the way and receive from the private network mouth by equipment 13, this message is to be sent by the client devices that is connected with private network 11, convenient for the subsequent step narration, suppose that this message is the connection of being initiated to first server 14 by first client devices 10.And, described private network message is to trigger port (as port A) by routing device 13 with regard to certain to initiate to connect to public network 12, so this message hits a port and triggers mapping ruler, comprise above-mentioned triggering port (port A) and corresponding external port (port B) in this rule that is hit.
Step 230: judge whether this function choosing-item that is hit the external IP of the inspection address of rule is in opening.In step 210, mention and to think that every port triggers mapping ruler all to the function choosing-item of " checking external IP address " should be arranged, so this step promptly is to judge that port that is hit triggers the function choosing-item state of mapping ruler correspondence: open or close.If be in opening, then enter step 240; If be in closed condition, then enter step 250.
Step 240: with source address, the destination address of described private network message and the external port in being hit rule be associated.The source address of described message is often referred to the IP address of initiator's (first client devices 10) in the addressable scope that private network 11 has of this message.Destination address refers to the IP address of the first accessed server 14 in the addressable scope that public network 12 has.Source address, the destination address of message and the external port (port B) that is hit in the rule are associated, can regard as above-mentioned three is bound together and record, essence is exactly to allow routing device 13 to know the relation that so a kind of correspondence was once arranged.
Step 250: the source address of described private network message is associated with external port in being hit rule.Because the function choosing-item of " checking external IP address " is in closed condition, therefore only source address in the message and external port are associated.It should be noted that, associated record for opening the time keeps consistency, and convenient follow-up matching inquiry also comprises destination address clauses and subclauses usually in such cases in associated record, just the content value that writes down in these destination address clauses and subclauses is 0, the expression arbitrary address.
After this, about described private network message being forwarded to the specific implementation of public network 12, can be with reference to prior art, this point is not an essence of the present invention.Be to be appreciated that, the private network message that common routing device 13 is received is continuously, and be not to initiate by a client computer, as long as it receives that the private network message hits a port and triggers mapping ruler (triggering port possibility is identical also may be different), just processing according to the method described above.
The message method that is routing device 13 reason from private network 11 described above, because routing device 13 is connected between private network 11 and the public network 12, so it not only needs to handle the message from private network 11, also needs to handle the message from public network 12.For the present invention, it mainly is the connection of initiatively initiating to the client computer of private network 11 at the server of public network 12, more specifically, the message of how the different public server being sent accurately is transmitted to corresponding private network client computer, thereby finally solves the problem that the existing port triggering method does not have concurrency.See also Fig. 3, it handles the method flow schematic diagram of public net message for routing device among invention first embodiment.
Step 310: routing device 13 is received the public network message.The message from public network 12 (abbreviation public net message) that described public network message shows the way and received from the public network mouth by equipment 13 for example is the connection that the server (as first server apparatus 14 or second server equipment 16 etc.) that is connected with public network 12 is initiated to the client devices that is connected with private network 11.
Step 320: source address, destination interface with described public net message are that keyword mates the destination address in the associated record respectively, external port is inquired about.The source address of described public network message is often referred to the IP address of its initiator (server) in the addressable scope that public network 12 has.Particularly, whether check has a record that can be complementary with this public net message address information, source IP address, the destination interface with this public net message is identical respectively for the purpose IP address of the associated record that the match is successful, external port in the associated record that has existed.
Step 330: whether find the associated record that is complementary.If find the associated record that is complementary, then enter step 340; If do not find the associated record that is complementary, then enter step 350.
Step 340:, and then be forwarded to first network with the destination address of the source address in the described associated record that is complementary as described second network message.
Step 350: abandon this message.Abandoning this message is a kind of common processing mode, is to be appreciated that to be not limited to this a kind of, for example can also multicast etc.
By the introduction of above-mentioned first embodiment, from having set forth technical solution of the present invention in fact.Below for outstanding essence of the present invention---can solve the problem that port triggers concurrency, with another one more specifically embodiment the preferred embodiment of the present invention is described.See also Fig. 4, it is that routing device is handled private network method of message schematic flow sheet in the second embodiment of the invention.In the present embodiment, described associated steps specifically is achieved by setting up port triggering contingency table.
Step 410: set up port and trigger contingency table, described port triggers contingency table and comprises external peer-port field, private network IP address field and outer net IP address field.Trigger the association that contingency table is realized station address information by above-mentioned port.The content and the concrete implication of described port triggering contingency table are as described in Table 1:
Table one
| Field name | Implication |
| External port | With the external port in the port triggering rule, always write down the external port in the port triggering rule of hitting. |
| Private network IP address | The source IP address of the outer outgoing packet when record hits the port triggering rule |
| Outer net IP address | If " checking external IP address " option of the port triggering rule of hitting enables, then value is the destination address of message, if this option does not enable, then value is 0 (being arbitrary address) |
Step 420: when routing device 13 when the private network mouth receives that hitting port triggers the private network message of mapping ruler, get the source IP address of this message, the external port that is hit in the rule is that " private network IP address " field, " external port " field that keyword mates respectively in the associated record searched, and judges port triggers whether there has been corresponding related list item in the contingency table.Because triggering contingency table, port all carried out record for all messages that hit a certain port triggering mapping ruler, therefore trigger the related list item that may have correspondence in the contingency table at port, thereby need before record, look to see if earlier to exist.
It should be noted that there has been related list item in what is called, only is to be criterion with the source IP address of private network message and the external port that is hit in the rule, does not comprise purpose IP address.In other words, even the value of " public network IP address " field is different with the purpose IP address of this private network message in the associated record that exists, but as long as " private network IP address field " is identical with the message source IP address, " external port " field is identical with the external port that this message hits in the rule, just thinks that there has been corresponding associated record in this private network message.Generally, can ageing time be set for every associated record.
Step 430:, then do not handle if there has been corresponding associated record.Certainly, also can the corresponding associated record that has existed be upgraded, if the purpose IP address of promptly described private network message is different with the value of " public network IP field " in the corresponding associated record that finds, then also add the purpose IP address of this message to " public network IP address " field, thereby " public network IP address " field in this associated record may comprise a plurality of purpose IP address.
Step 440: if do not look for corresponding associated record, then newly-increased related list item record.The port that the value of " external port " field is hit for this private network message in this newly-increased related list item triggers the external port numbers in the mapping ruler.The value of " private network IP address " field is the source IP address of described private network message.The value of " outer net IP address " field is decided according to the state of corresponding " checking external IP ground " function choosing-item of hit rule, function choosing-item is in opening (promptly enabling) if " check external IP address ", and then value is the purpose IP address of described private network message; Function choosing-item is in closed condition (promptly not enabling) if " check external IP address ", and then value is 0, the expression arbitrary address.
When the disposition of routing device 13 when the public network mouth is received public net message, see also shown in Figure 5.
Step 510: routing device 13 is received message from public network 12 from the public network mouth.
Step 520: source address, destination interface with described public net message are that " public network IP address " field, " external port " field that keyword mates respectively in the contingency table inquired about.Particularly, check port triggers in the contingency table whether have an associated record, the value of its " public network IP address " field is identical with the source IP address of described public net message, and the value of its " external port " field is that the destination slogan of described public net message is identical.It is noted that if the value of " public network IP address " field is 0 promptly during arbitrary address, the source IP address of any public net message can match.
Step 530: judge whether the related list item that is complementary, then to enter step 540 if having; If not then enter step 550.
Step 540: in the related list item that is mated " private network IP address " field contents replaces the destination address field (DAF) content of described public net message, and then is forwarded to private network.The public net message that routing device 13 is received from the public network mouth, its initial purpose IP address is the IP address of routing device 13 in the addressable scope that public network has, when routing device 13 will forward it to private network, need be with in the related list item that is mated " private network IP address " the IP address of field record replaces the IP address of routing device 13.
Step 550: preferred, abandon this message.This preferred process mode has improved the fail safe of external port, and feasible attack at certain external port generally can not come into force.
Can know by above-mentioned more specifically second embodiment and to find out, even first client computer 10 and second client computer 15 are passed through routing device 13 with regard to same triggering port (port A), under first server apparatus 14 situation that 16 initiations are connected with second server equipment, the port triggering function of routing device 13 still can operate as normal respectively.Because write down the purpose IP address of outer outgoing packet in the related list item accurately, therefore no matter be first server apparatus 14 or second server equipment 16 when the corresponding client machine equipment initiatively initiates to connect, routing device 16 can accurately be transmitted message.As seen, according to method provided by the invention, make the port triggering function of routing device 13 can satisfy the demand of concurrency.
The invention also discloses a kind of interface equipment that port triggers concurrency that has, please refer to interface equipment example structure schematic diagram shown in Figure 6, be that example describes with routing device 13 still in the present embodiment, routing device 13 is connected in and carries out the message forwarding between private network 11 and the public network 12.
Need explanation, the structural representation of present embodiment only is on the basis of existing route technology, to the logical partitioning of part related to the present invention in the route equipment 13, believes that those skilled in the art can be achieved with reference to the existing route technology.Described routing device comprises receiving element 131, regular record unit 132, associative cell 133 and matching treatment unit 134.Below in conjunction with the operation principle of this equipment, its internal structure is further specified.
When routing device 13 received the private network message by interface unit 131, if this message is the connection of initiating to public network with regard to some triggering ports, this message promptly hit rule in the regular record unit 132 so.And then by the address information of associative cell 133 with this message: source IP address, purpose IP address and the external port that is hit in the rule are interrelated.Particularly, associative cell comprises that a port triggers contingency table, and described port triggers contingency table and comprises " external port " field, " private network IP address " field and " public network IP address " field.Wherein, " external peer-port field " always writes down the external port in the port triggering rule of hitting with the external port in the port triggering rule." private network IP address " field record is hit the source IP address of the private network message (promptly outer outgoing packet) of port triggering rule, for " public network IP address " field, if whether " checking external IP address " function choosing-item of the port triggering rule of hitting is in opening, then value is the destination address of described private network message, if be in closed condition then value is 0, the expression arbitrary address.
Preferably, get the source IP address of this private network message, the external port that is hit in the rule is that " private network IP address " field, " external port " field that keyword mates respectively in the related list item searched, and judges port triggers whether there has been corresponding related list item in the associative cell 133.If find, then disregard; If do not find, then increase new related list item, to write down above-mentioned content association.
When routing device 13 by receiving element 132 when the public network mouth is received message, find the related list item that is complementary with this message address information by matching treatment unit 134.Particularly, described coupling retransmission unit comprises the matching inquiry subelement and transmits subelement.Be that keyword mates the destination address in the associative cell, external port respectively with source address, the destination interface of described public net message at first, search the associated record that is complementary with described message by the matching inquiry subelement.In other words, check port triggers in the contingency table whether have a related list item record, the value of its " public network IP address " field is identical with the source IP address of described public net message, and the value of its " external port " field is identical with the destination slogan of described public net message.
If find the related list item record that is complementary, then, be forwarded to private network by transmitting subelement with the destination address of the source address in this record as described public net message.If the related list item record that not is not complementary with above-mentioned public net message in the described associative cell is preferred, abandons this message, thereby improve the fail safe of external port.
More than a kind ofly method that port triggers concurrency is provided and a kind ofly possesses the interface equipment that port triggers concurrency and be described in detail for interface equipment provided by the present invention, used specific case herein principle of the present invention and execution mode are set forth, the explanation of above embodiment just is used for helping to understand method of the present invention and core concept thereof; Simultaneously, for one of ordinary skill in the art, according to thought of the present invention, the part that all can change in specific embodiments and applications, in sum, this description should not be construed as limitation of the present invention.
Claims (12)
1, a kind of method that provides port to trigger concurrency for interface equipment, described interface equipment are connected in carries out message and transmits between first network and second network, it is characterized in that,
For triggering mapping ruler, port sets up the function choosing-item of checking external IP address; Described every port triggers mapping ruler and comprises that all one is triggered port and an external port;
Described interface equipment is received first network message, and described message hits port and triggers mapping ruler;
If described function choosing-item is in opening, then with source address, the destination address of above-mentioned message and the external port in being hit rule be associated;
When described interface equipment is received from second network message of second network, forward it to first network according to the associated record that is complementary with this message address information.
2, the method that provides port to trigger concurrency as claimed in claim 1 is characterized in that described method also comprises: when described interface equipment is received second network message, if the associated record that is complementary with this message address information not then abandons this message.
3, the method that provides port to trigger concurrency as claimed in claim 1 is characterized in that:
The described function choosing-item of setting up the external IP of inspection address perhaps triggers mapping ruler at each bar port and is provided with separately in overall situation setting.
As any described method that provides port to trigger concurrency in the claim 1 to 3, it is characterized in that 4, the detailed process that the associated record that the address information of described basis and second network message is complementary forwards it to first network comprises:
Source address, the destination interface of getting described second network message is that keyword mates the destination address in the associated record respectively, external port is inquired about;
If find the associated record that is complementary, then, be forwarded to first network with the destination address of the source address in this associated record as described second network message.
5, as any described method that provides port to trigger concurrency in the claim 1 to 3, it is characterized in that, described associated steps is achieved by setting up port triggering contingency table, and described port triggers contingency table and comprises external peer-port field, first network address fields and second network address fields.
6, the method that provides port to trigger concurrency as claimed in claim 5 is characterized in that, adopts port to trigger contingency table and realizes that related detailed process is:
Be recorded in external peer-port field, first network address fields, second network address fields in the related list item respectively with being hit external port, the source address in first network message, destination address in the rule.
7, the method that provides port to trigger concurrency as claimed in claim 5 is characterized in that, the detailed process that the associated record that the address information of described basis and second network message is complementary forwards it to first network comprises:
Source address, destination interface with described second network message are that keyword mates second network address fields in the contingency table respectively, external peer-port field is inquired about;
If find the related list item that is complementary, then should the association list item in the first network address fields content destination address content of replacing described second network message, be forwarded to first network.
8, a kind of interface equipment with port triggering concurrency, described interface equipment is connected in and carries out the message forwarding between first network and second network, it is characterized in that described equipment comprises:
The regular record unit is used to write down the port triggering rule that triggers between port and the external port; Whether described port triggering rule is used to indicate associative cell the destination address participation of first network message is related to the function choosing-item of checking external IP address should be arranged;
Associative cell is used for will hitting source address, the destination address of first network message of port triggering rule and the external port that is hit rule and is associated when described function choosing-item is in opening;
The matching treatment unit is used for searching the associated record that is complementary with second network message at associative cell, and transmits second network message to the first network in view of the above.
9, as claimed in claim 8 possess the interface equipment that port triggers concurrency, it is characterized in that, when the associated record that is not complementary with second network message in the described associative cell, described matching treatment unit abandons second network message.
10, possess the interface equipment that port triggers concurrency as claimed in claim 8 or 9, it is characterized in that described matching treatment unit specifically comprises:
The matching inquiry unit, the source address, the destination interface that are used for described second network message are destination address, the external port that keyword mates associative cell respectively, search the associated record that is complementary with described second network message;
Retransmission unit is used for the destination address of the source address of the associated record that will be complementary as second network message, transmits described second network message to the first network.
11, as any described interface equipment that possesses port triggering concurrency in the claim 8 to 9, it is characterized in that,
Described associative cell comprises that port triggers contingency table, and described port triggers contingency table and comprises external peer-port field, first network address fields and second network address fields.
12, the interface equipment that possesses port triggering concurrency as claimed in claim 11, it is characterized in that described port triggers first network address fields, second network address fields, external peer-port field in the contingency table and is respectively applied for source address, destination address in record first network message, is hit the external port in the rule.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CNB2006100829890A CN100563265C (en) | 2006-06-23 | 2006-06-23 | A kind of method and interface equipment that port triggering concurrency is provided for interface equipment |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CNB2006100829890A CN100563265C (en) | 2006-06-23 | 2006-06-23 | A kind of method and interface equipment that port triggering concurrency is provided for interface equipment |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN1870657A CN1870657A (en) | 2006-11-29 |
| CN100563265C true CN100563265C (en) | 2009-11-25 |
Family
ID=37444203
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CNB2006100829890A Active CN100563265C (en) | 2006-06-23 | 2006-06-23 | A kind of method and interface equipment that port triggering concurrency is provided for interface equipment |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN100563265C (en) |
Families Citing this family (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101931589B (en) * | 2010-07-27 | 2015-06-17 | 中国电信股份有限公司 | Multiple-access-mode concurrent transmission method and device based on interface identifiers |
| CN106294791B (en) * | 2016-08-15 | 2019-09-13 | 上海新炬网络技术有限公司 | A kind of database port change method of transparence |
-
2006
- 2006-06-23 CN CNB2006100829890A patent/CN100563265C/en active Active
Non-Patent Citations (2)
| Title |
|---|
| NAT技术和应用. 邱玉春.现代通信,第2001年卷第12期. 2001 |
| NAT技术和应用. 邱玉春.现代通信,第2001年卷第12期. 2001 * |
Also Published As
| Publication number | Publication date |
|---|---|
| CN1870657A (en) | 2006-11-29 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| EP2940970B1 (en) | Nat implementation system, method, and openflow switch | |
| US8189580B2 (en) | Method for blocking host in IPv6 network | |
| US20140115174A1 (en) | Network Address Translation Traversals for Peer-to-Peer Networks | |
| US20070127459A1 (en) | Network apparatus and method for forwarding multicast packets for the same | |
| US20110069620A1 (en) | Misdirected Packet Detection Apparatus and Method | |
| US20090304000A1 (en) | Outbound transmission of packet based on routing search key constructed from packet destination address and outbound interface | |
| CN105939274A (en) | Message forwarding method and apparatus | |
| CN101114989B (en) | Method for processing three-layer ethernet switchboard direct connection host computer routing | |
| EP3398077A1 (en) | Method and system for automatically bypassing network proxies in the presence of interdependent traffic flows | |
| WO2019165775A1 (en) | Local area network equipment searching method and searching system | |
| JP5612468B2 (en) | Method and apparatus for communication of diagnostic data in a real-time communication network | |
| CN109510785B (en) | Method and device for mirroring message | |
| CN101360054A (en) | Data transmission system and method | |
| CN101383778A (en) | Packet transmission method based on network dual exit and exit router | |
| CN101834783A (en) | Method and device for forwarding messages and network equipment | |
| CN100596141C (en) | Method for establishing optimistically PIM-DM route table entry | |
| CN1722707A (en) | Method for securing communication in a local area network switch | |
| CN1863158B (en) | IP message fragment cache memory and forwarding method | |
| CN100563265C (en) | A kind of method and interface equipment that port triggering concurrency is provided for interface equipment | |
| CN100568875C (en) | A kind of method that on the Linux protocol stack, realizes port triggering function | |
| US7747849B2 (en) | Secure communications equipment for processing data packets according to the send mechanism | |
| JP4809855B2 (en) | IP multicast communication monitoring method and system | |
| US8707100B2 (en) | Testing a network using randomly distributed commands | |
| JP4472651B2 (en) | Network access system and network access method | |
| US20020122390A1 (en) | Method and apparatus for classifying querying nodes |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C14 | Grant of patent or utility model | ||
| GR01 | Patent grant | ||
| CP03 | Change of name, title or address |
Address after: 310052 Binjiang District Changhe Road, Zhejiang, China, No. 466, No. Patentee after: Xinhua three Technology Co., Ltd. Address before: 310053 Hangzhou hi tech Industrial Development Zone, Zhejiang province science and Technology Industrial Park, No. 310 and No. six road, HUAWEI, Hangzhou production base Patentee before: Huasan Communication Technology Co., Ltd. |
|
| CP03 | Change of name, title or address |