CN101060493A - A method of private network user access the server in a private network through domain name - Google Patents
A method of private network user access the server in a private network through domain name Download PDFInfo
- Publication number
- CN101060493A CN101060493A CNA2007101069682A CN200710106968A CN101060493A CN 101060493 A CN101060493 A CN 101060493A CN A2007101069682 A CNA2007101069682 A CN A2007101069682A CN 200710106968 A CN200710106968 A CN 200710106968A CN 101060493 A CN101060493 A CN 101060493A
- Authority
- CN
- China
- Prior art keywords
- private network
- address
- network
- message
- private
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Images
Landscapes
- Data Exchanges In Wide-Area Networks (AREA)
- Small-Scale Networks (AREA)
Abstract
The disclosed method of visiting private server for user in private network comprises: 1. starting at least the loop interface and address conversion on the device connecting private and public networks, and setting static address conversion for the private server; 2. when recieivng user message from private network, deciding whether the objective IP address is the public IP address relative in private network, yes to step 3, or lese end; and 3. sending message to the loop interface to transmit the message toward private network till the server. This invention makes user in private network eliminate setting DNS server to visit private server.
Description
Technical field
The present invention relates to a kind of method of visiting private network affair device, particularly relate to the method for the interior user of a kind of private network by domain name access private network affair device.
Background technology
Name server (Domain Name Server is hereinafter to be referred as DNS) is a vital ring on the Internet.Because the computer on the Internet only is familiar with the IP address, be very difficult for the ordinary people but write down a lot of IP address, the record domain name is then simple relatively a lot, therefore is provided with the dns resolution that domain name is converted to the IP address is provided.
If external user wants to visit the server in the private network, owing to the public network IP that does not have in the private network to use on the internet, then must the domain name of user's input be resolved by the dns server that is placed on the public network, if can parse the address (public network IP address) of corresponding server, the user could visit this server, otherwise can not.At present, Internet user can be resolved to the address of private network affair device and from external reference enterprise private network affair device from dns server.If but internal user need pass through domain name access private network affair device, then enterprise also need be provided with the DNS name server in inside, otherwise internal user can not be as Internet user by unified domain name access private network affair device, and can only visit by private network IP address, this brings inconvenience for the visit of internal user.In enterprises the DNS name server being set not only needs to consider cost factor, and networking mode also becomes complicated; On the other hand, if visit with usefulness IP address without domain name access private network affair device, not as convenient memory of domain name and identification, this is more convenient than being ID card No. like the name of being a people, user's operability is not strong yet, do not have the visit uniformity, and private network IP address is disguised poor, is subjected to the attack of internal user easily.
Summary of the invention
At defective that exists in the prior art and deficiency, the objective of the invention is to propose the method for the interior user of a kind of private network by domain name access private network affair device, making does not need in the private network to set up dns server separately, and the user can be by this private network affair device of domain name access.
In order to achieve the above object, the present invention proposes the method for the interior user of a kind of private network, comprising by this private network of domain name access affair device:
Step 1, on private network and equipment that public network is connected, enable loopback interface and address transition at least, and the static address conversion is set for this private network affair device;
Step 2, when the equipment that is connected with public network when above-mentioned private network receives the message that the user sends in the private network, judge whether the purpose IP address of this message is private network affair device public network IP addresses corresponding, if then enter step 3, otherwise step finishes;
Step 3, this message is sent to loopback interface, this loopback interface is transmitted this message in private network, be sent to this private network affair device.
Wherein, described method can comprise:
On above-mentioned private network and equipment that public network is connected, enable tactful route.
Wherein, described method can also comprise:
On above-mentioned private network and equipment that public network is connected, enable Access Control List (ACL).
Wherein, above-mentioned steps 3 is specially:
The equipment that step 31, above-mentioned private network are connected with public network carries out network address translation with the source IP address of this message, is converted to public network IP address, and this message is forwarded to loopback interface;
After step 32, this loopback interface receive this message, this message is returned the interface that sends this message;
Step 33, be corresponding private network IP address with the source IP address of this message and purpose IP address transition;
Step 34, the interface that sends this message send to private network affair device with this message.
Wherein, described method also comprises:
Equipment user's returned packet in this private network that step 4, private network affair device are connected with public network by above-mentioned private network, after the equipment that this private network is connected with public network receives this returned packet, the source IP address of this message is used the static address conversion, be converted to this private network affair device public network IP addresses corresponding;
Step 5, this loopback interface are transmitted this returned packet in private network;
Step 6, be corresponding private network IP address with the source IP address of this returned packet and purpose IP address transition;
Step 7, this returned packet are sent to user in this private network.
The present invention proposes the method for the interior user of a kind of private network by domain name access private network affair device.When if the user will visit private network affair device in the private network in the prior art, dns server must be set in private network, perhaps the user directly uses private network IP address to visit this private network affair device in the private network, can cause networking cost raising or user to use inconvenience like this.The present invention is by enabling loopback interface on private network and equipment that public network is connected, and whether the purpose IP address of judging this message when receiving message is the IP address of this private network affair device, if then this message is sent to loopback interface, loopback interface directly returns this message in the private network.Adopt said method, by using loopback interface, message when making user capture private network server in the private network directly returns private network, enterprise need the DNS name server be set in inside and internal user still can be by domain name access private network affair device method, adopted novel and ripe data processing method, therefore obtained the progress on technology and the safety, reached the effect that makes things convenient for enterprises user capture private network affair device, reduced the complexity of networking, saved equipment investment, reduce taking of the network bandwidth, improved the visit flexibility, stability and internet security or the like.Because enterprise of the present invention need not be provided with the DNS name server in inside, thereby have advantages such as configuration is simple, memorize is convenient, operation is unified, stable and safe and reliable.Simultaneously, using this method in existing network does not need network is carried out hardware modification.Simultaneously, what the present invention adopted is ripe prior art, network address translation (Network Address Translation, hereinafter to be referred as NAT) be technology very common in the three-layer equipment, be applied to the network of public network IP inadequate resource, promptly except with interface that Internet is connected, all devices all disposes private network IP address, all use private network IP addresses in private network during communication, promptly private network IP is all used in the source and destination IP address of packet; When with the Internet communication, limited public network IP is set to an IP address pool, and the source IP address (private network IP) of each packet is converted to the public network IP in the IP address pool, to solve the predicament that can't dispose a public network IP for each user in netting.Static NAT is meant for equipment important in the private network, and fixing NAT is set, i.e. the corresponding regularly public network IP of the private network IP of this equipment.Loopback interface also is a mature technique, and this interface is a virtual interface, does not need hardware device, and the function of this interface is all packets that receives are directly sent it back in the private network.
Description of drawings
Fig. 1 is for using the hardware configuration schematic diagram of the inventive method;
Fig. 2 is the flow chart of the method for the present invention's proposition;
Fig. 3 is the step preferred embodiment flow chart of user when server sends message in the method for the present invention's proposition;
The step preferred embodiment flow chart of server when user's returned packet in the method that Fig. 4 proposes for the present invention.
Embodiment
The present invention will be further described below in conjunction with accompanying drawing.
Realize network configuration of the present invention as shown in Figure 1, in the present embodiment, that the equipment that private network is connected with public network uses is router R, and those skilled in that art are appreciated that and use other three-layer equipment such as three-tier switch also can realize this function certainly.In the present embodiment, enterprises comprises following equipment at least: host PC, private network affair device SERVER, switch and router R, and name server is on the exterior I nternet of enterprise.Internal host PC and private network affair device SERVER are connected to the interface 1 of router R by equipment (what adopt in the present embodiment is switch), and the interface 2 of router R is connected to exterior I nternet, and can visit name server.The major function of using on router R comprises at least: network address translation NAT and loopback interface loopback; Wherein this network address translation is a private network affair device configuring static address transition.At least configuration on loopback interface and the interface 1: binding strategy route or access control list ACL set into the network address converting attribute of direction; Interface 2 and loopback interface loopback dispose at least: the network address converting attribute that sets out direction.The loopback loopback interface is a virtual interface, is different from real interface, therefore need not use integrated circuit board, and the effect of this interface is that the message of receiving is transmitted to Intranet.Wherein the IP address of loopback interface loopback is 172.40.10.1, and the IP address of interface 1 is 192.168.88.200.The private network IP of this private network affair device is 192.168.88.2, and the corresponding public network IP of static address conversion is 172.40.10.2, and dynamic network address transition address pool is 172.40.10.10~172.40.10.20.
In order to improve the fail safe of network, can also on router R, enable access control list ACL, access list feature is mainly used in above-mentioned tactful route and network address translation.
The user comprises by the method preferred embodiment of domain name access private network affair device in a kind of private network that the present invention proposes:
Step (1), on the equipment (being router R as shown in Figure 1 in the present embodiment) that private network is connected with public network, enable address transition (NAT) and loopback interface (loopback) at least, and be private network affair device configuring static address transition; Loopback interface is a virtual interface, does not need actual hardware, and the function of this loopback interface is that the packet forwarding that will receive postbacks the interface that send;
Step (2), when user in the private network when the domain name access private network affair device, be positioned at name server on the public network with the public network IP address of this domain name mapping for this private network affair device;
The user sends message to this public network IP in step (3), the private network;
Step (4), this message send to interface 1, and interface 1 has the NAT of Inbound, and the source IP address of this message is converted to public network IP address;
Step (5), when above-mentioned router R receives message, judge whether the purpose IP address of this message is private network affair device public network IP addresses corresponding, if then will enter step (6), otherwise step finishes;
Step (6), this message is sent to loopback interface;
Step (7), loopback interface are transmitted this message in private network, message is returned interface 1; And be corresponding private network IP address with the source IP address of this message and purpose IP address transition;
Step (8), this message are forwarded back in the private network, send to private network affair device.
Wherein, in the above-mentioned steps (5), the method that this router R judges can for:
The strategy route, i.e. binding strategy route on loopback interface, this strategy route can promptly when this message sends to router R, read the purpose IP address of this message according to the different route of purpose IP address setting; When purpose IP address is private network affair device public network IP addresses corresponding, this message is sent to loopback interface, and this message is returned in the private network by loopback interface; When purpose IP address was other IP addresses, the method according to data in the prior art send was sent to other interface with this message, for example the interface shown in Fig. 12.
Access Control List (ACL), promptly on loopback interface as shown in Figure 1, enable Access Control List (ACL), when message sends to router R, router R transmits this message to all interfaces, it is that the message of private network affair device public network IP addresses corresponding passes through that the ACL of loopback interface is set to only to allow purpose IP address, and other IP address does not allow to pass through.Have only the message of purpose IP address private network affair device public network IP addresses corresponding can enter loopback interface like this, and transmit back in the private network by this loopback interface.Simultaneously, in order to save Internet resources, can enable ACL on interface 2, it is that the message of private network affair device public network IP addresses corresponding passes through that this ACL does not allow purpose IP address.
Wherein, in order to improve the fail safe of network, can when enabling tactful route, also on this router R, enable access control list (ACL) again, carrying out ACL when message arrives router R checks, having only when source IP address and purpose IP address all meet allows this message to pass through when ACL is provided with, to improve the disguise of private network IP address, prevent the attack of internal user.
Wherein, the method to set up of network address translation (nat) can have multiple, and this technology is ripe prior art, does not give unnecessary details one by one at this.
Be example with usage policy route on the router below, the present invention is further specified.The flow process of the preferred embodiment comprises as shown in Figure 2:
The first step, inner certain main frame is resolved through domain name server (DNS) by the domain name access server, obtains the public network IP address of this server, the message that this main frame sends is a source IP address with this main frame private network IP address exactly, is the data flow of purpose IP address with this public network IP address;
In second step, message arrives the interface 1 of router R, and interface 1 has the NAT of Inbound;
The 3rd step, because bound tactful route on the interface 1, if the source and destination IP address of this message all checks that by ACL then tactful route comes into force, this main frame is PC, server is a private network affair device, turned to for the 4th step, otherwise tactful route does not come into force, server on this user capture Internet turned to for the 9th step;
In the 4th step, this strategy route is preset as next jumping and is the loopback loopback interface;
In the 5th step, this all checks by ACL source and destination IP address of this message, if by would have entered for the 6th step, otherwise abandon this message, step finishes;
In the 6th step,, the source IP address of this message is converted to public network IP addresses corresponding because interface 1 and loopback loopback interface have the network address converting attribute of Inbound and outgoing direction respectively; This message is 192.168.88.1 with source IP address in the present embodiment, converts certain address among address pool 172.40.10.10~172.40.10.20 to by the dynamic network address translation rule, as 172.40.10.10; According to the predetermined strategy route, this message is sent to loopback interface, and loopback interface returns this message to interface 1;
In the 7th step,, the source IP address of this message is converted to private network IP address 192.168.88.1 again because interface 1 has the network address translation of Inbound;
The 8th step, so convert the be engaged in public network IP address 172.40.10.2 of device of private network to private network IP address 192.168.88.2, the source and destination IP of message has been private network IP, message can use ripe ICP/IP protocol to transmit in private network, arrive private network affair device at last, step finishes;
The 9th step, message will be transmitted according to normal route, message arrives interface 2, because have the network address converting attribute of Inbound and outgoing direction on interface 1 and the interface 2 respectively, so convert source IP address among address pool 172.40.10.11~172.40.10.20 certain address by the dynamic network address translation rule, as 172.40.10.11, message arrives exterior I nternet.
Wherein the 9th step was not the main points that the present invention is concerned about for prior art.
Wherein, the principle of network address translation is: when a network has only several public network IP address, if when having a plurality of users all to need to visit Internet simultaneously then can't distribute.In order to solve the problem of public network IP address lazy weight, on three-layer equipment, related to nat feature, promptly a plurality of usefulness adopt private network IP address per family, and with limited public network IP address as the IP address pool.When the user need visit Internet, source IP address was a private network IP address.When this packet arrives three-layer equipment, choose a public network IP address in this equipment secondary IP address pond, and the source IP address of this packet is replaced by this public network IP address, send to Internet then.But the situation that a plurality of private users use same public network IP address will appear like this, for the data that guarantee to return can be correct the arrival private network in the user, therefore be provided with port numbers to distinguish a plurality of private users that use same public network IP address.172.40.10.11:12345 for example, public network IP address is used in the front, and one five port numbers is added in the back, different private network IP addresses or different professional corresponding different port numbers.So just can make the corresponding a plurality of private users of same public network IP address, when three-layer equipment is received the Internet returned packet, port numbers according to the purpose IP address of this returned packet, just can know the private network IP address of this public network IP address correspondence, and carry out NAT, the private network IP address that converts correspondence to that public network IP address is correct guarantees that packet turns back to right user.
When private network affair device when the user returns in this private network step comprise as shown in Figure 3:
In the 1st step, the returned packet that sends from private network affair device is when arriving interface 1, because bound tactful route on the interface 1, the source and destination IP address of returned packet all checks that by ACL tactful route comes into force;
In the 2nd step, next default jumping of tactful route is set to loopback interface;
In the 3rd step, this returned packet is converted to public network IP through static NAT with source IP address, for example source IP address 192.168.88.2 is converted to public network IP address 172.40.10.2, and this returned packet is sent to loopback interface;
In the 4th step, loopback interface converts purpose IP address 192.168.88.1 among address pool 172.40.10.10~172.40.10.20 certain address by the dynamic network address translation rule, as 172.40.10.10; Then this returned packet is transmitted in private network, sent to interface 1;
In the 5th step, interface 1 converts the purpose IP address 172.40.10.10 of returned packet to private network IP address 192.168.88.1, and message arrives host PC at last.
According to an example the present invention is further specified below.
The network hardware part of supposing enterprise by the main frame more than, hub or switch, router, private network affair device, one be positioned at that name server, hundred/gigabit interface board and twisted-pair feeder on the public network is some etc. to be formed, the networking graph of a relation is as shown in Figure 1.
One, the treatment step of software section is as follows:
The 1st step: arranging access control list ACL on router R is applied to dynamic network address transition and tactful route respectively
ip?access-list?extended?100
rule?1?permit?icmp?192.168.88.0?0.0.0.255?any
ip?access-list?extended?101
rule?1?permit?icmp?192.168.88.1?0.0.0.0?172.40.10.2?0.0.0.0
The 2nd step: collocation strategy route PBR on router R makes the message of inter access private network affair device transmit according to the route that presets
route-map?nat?permit?10
match?ip?address?101
set?ip?next-hop?172.40.10.2
The 3rd step: configuration loopback loopback interface on router R makes that the message of inter access private network affair device can be to inner forwarded
ip?address?172.40.10.2?255.255.255.0
The 4th step: on router R, enable the dynamic and static network address transformation rule of network address translation NAT and configuration
A. enable the NAT module
ip?nat?start
B. the dynamic network address translation rule is applied to internal user visit Internet
ip?nat?pool?zte?172.40.10.10?172.40.10.20?prefix?length?24
ip?nat?inside?source?list?100?pool?zte
C. the static network address transformation rule is applied to internal user visit private network affair device SERVER
ip?nat?inside?source?static?192.168.88.2?172.40.10.2
The 5th step: at interface 1, configuration network address transition NAT attribute respectively on interface 2 and the loopback loopback interface, and on interface 1 the binding strategy route:
Interface 1
ip?nat?inside
ip?policy?route-map?nat
Interface 2
ip?nat?outside
The loopback interface
ip?nat?outside
Two, send the icmp message to SERVER from PC, obtain the network address translation items for information
The private net address public network address
192.168.88.1————→172.40.10.10
192.168.88.1←————172.40.10.10
192.168.88.2←————172.40.10.2
Three, send the icmp message to PC from SERVER, obtain the network address translation items for information
The private net address public network address
192.168.88.2————→172.40.10.2
192.168.88.1————→172.40.10.10
192.168.88.1←————172.40.10.10
Claims (5)
1, the user comprises by the method for this private network of domain name access affair device in a kind of private network:
Step 1, on private network and equipment that public network is connected, enable loopback interface and address transition at least, and the static address conversion is set for this private network affair device;
Step 2, when the equipment that is connected with public network when above-mentioned private network receives the message that the user sends in the private network, judge whether the purpose IP address of this message is private network affair device public network IP addresses corresponding, if then enter step 3, otherwise step finishes;
Step 3, this message is sent to loopback interface, this loopback interface is transmitted this message in private network, be sent to this private network affair device.
2, the user is characterized in that by the method for this private network of domain name access affair device described method also comprises in a kind of private network according to claim 1:
On above-mentioned private network and equipment that public network is connected, enable tactful route.
3, the user is characterized in that by the method for this private network of domain name access affair device described method also comprises in a kind of private network according to claim 1:
On above-mentioned private network and equipment that public network is connected, enable Access Control List (ACL).
4, according to the method for user in claim 1 or the 2 or 3 described a kind of private networks, it is characterized in that above-mentioned steps 3 is specially by this private network of domain name access affair device:
The equipment that step 31, above-mentioned private network are connected with public network carries out network address translation with the source IP address of this message, is converted to public network IP address, and this message is forwarded to loopback interface;
After step 32, this loopback interface receive this message, this message is transmitted in private network;
Step 33, be corresponding private network IP address with the source IP address of this message and purpose IP address transition;
Step 34, this message is sent to private network affair device.
5, the user is characterized in that by the method for this private network of domain name access affair device described method also comprises in a kind of private network according to claim 1:
Equipment user's returned packet in this private network that step 4, private network affair device are connected with public network by above-mentioned private network, after the equipment that this private network is connected with public network receives this returned packet, the source IP address of this message is used the static address conversion, be converted to this private network affair device public network IP addresses corresponding;
Step 5, this loopback interface are transmitted this returned packet in private network;
Step 6, be corresponding private network IP address with the source IP address of this returned packet and purpose IP address transition;
Step 7, this returned packet are sent to user in this private network.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN2007101069682A CN101060493B (en) | 2007-05-14 | 2007-05-14 | A method of private network user access the server in a private network through domain name |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN2007101069682A CN101060493B (en) | 2007-05-14 | 2007-05-14 | A method of private network user access the server in a private network through domain name |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN101060493A true CN101060493A (en) | 2007-10-24 |
| CN101060493B CN101060493B (en) | 2011-10-26 |
Family
ID=38866389
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN2007101069682A Expired - Fee Related CN101060493B (en) | 2007-05-14 | 2007-05-14 | A method of private network user access the server in a private network through domain name |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN101060493B (en) |
Cited By (20)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| WO2010099680A1 (en) * | 2009-03-06 | 2010-09-10 | 中兴通讯股份有限公司 | Method and system for enabling private network user to access private network device at the same side |
| CN102006286A (en) * | 2010-10-29 | 2011-04-06 | 北京星网锐捷网络技术有限公司 | Access management method, device and system as well as access device for information system |
| CN102170380A (en) * | 2010-02-25 | 2011-08-31 | 杭州华三通信技术有限公司 | Method and device for accessing outer network from inner network |
| CN101582925B (en) * | 2009-06-15 | 2012-07-18 | 中兴通讯股份有限公司 | Network address translation method and system |
| CN102868585A (en) * | 2012-05-22 | 2013-01-09 | 浙江宇视科技有限公司 | Method and device for saving bandwidth in Internet protocol (IP) monitoring system |
| CN103023789A (en) * | 2012-12-05 | 2013-04-03 | 北方工业大学 | Method for accessing private network server in internet |
| CN103428310A (en) * | 2013-08-15 | 2013-12-04 | 网宿科技股份有限公司 | Virtual IP (internal protocol) based non-HTTP (hyper text transport protocol) domain name guidance system and method |
| CN104580516A (en) * | 2015-01-24 | 2015-04-29 | 陈为人 | Internal and external network switching method and device based on web website home gateway system |
| WO2016173364A1 (en) * | 2015-04-29 | 2016-11-03 | 中兴通讯股份有限公司 | Method, system and apparatus for making policy rule |
| CN106131234A (en) * | 2016-06-20 | 2016-11-16 | 杭州华三通信技术有限公司 | A kind of method and apparatus distributing address information |
| CN107979656A (en) * | 2017-11-22 | 2018-05-01 | 安徽皖通邮电股份有限公司 | A kind of static NAT business support Dynamic Recognition enters the method to flow |
| CN108173982A (en) * | 2018-03-26 | 2018-06-15 | 深圳市风云实业有限公司 | The NAT processing method and processing devices of straddle message |
| CN109525684A (en) * | 2018-12-11 | 2019-03-26 | 杭州数梦工场科技有限公司 | Message forwarding method and device |
| CN111314498A (en) * | 2020-01-21 | 2020-06-19 | 山东汇贸电子口岸有限公司 | Network address translation method and NAT gateway |
| CN111800806A (en) * | 2020-07-06 | 2020-10-20 | 浪潮卓数大数据产业发展有限公司 | Method for realizing single-machine multi-network co-connection |
| CN112565053A (en) * | 2020-12-01 | 2021-03-26 | 武汉绿色网络信息服务有限责任公司 | Method, device, service system and storage medium for identifying private network user |
| CN113132219A (en) * | 2021-03-26 | 2021-07-16 | 杭州芯博士网络科技有限公司 | Network quick access method for Internet of things terminal and Internet of things network device |
| CN113271255A (en) * | 2021-06-23 | 2021-08-17 | 浪潮思科网络科技有限公司 | Method and device for converting network address to loopback |
| CN113422846A (en) * | 2021-06-23 | 2021-09-21 | 浪潮思科网络科技有限公司 | Service message processing method and device based on network address translation protocol |
| CN115208652A (en) * | 2022-07-07 | 2022-10-18 | 广州市大周电子科技有限公司 | Dynamic network resource access control method |
Family Cites Families (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| WO2000028699A1 (en) * | 1998-10-23 | 2000-05-18 | Pankaj Kumar Mitra | An improved private combined voice fax and data telecommunication system |
| CN100527698C (en) * | 2003-07-12 | 2009-08-12 | 华为技术有限公司 | Method for message forwarding on client border-service provider border-client border |
| US7672314B2 (en) * | 2004-07-09 | 2010-03-02 | Cisco Technology, Inc. | Scaling VLANs in a data network |
-
2007
- 2007-05-14 CN CN2007101069682A patent/CN101060493B/en not_active Expired - Fee Related
Cited By (32)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| WO2010099680A1 (en) * | 2009-03-06 | 2010-09-10 | 中兴通讯股份有限公司 | Method and system for enabling private network user to access private network device at the same side |
| CN101483657B (en) * | 2009-03-06 | 2012-10-10 | 中兴通讯股份有限公司 | Implementation method and system for same side private network device access by private user |
| CN101582925B (en) * | 2009-06-15 | 2012-07-18 | 中兴通讯股份有限公司 | Network address translation method and system |
| CN102170380B (en) * | 2010-02-25 | 2014-02-26 | 杭州华三通信技术有限公司 | Method and device for accessing outer network from inner network |
| CN102170380A (en) * | 2010-02-25 | 2011-08-31 | 杭州华三通信技术有限公司 | Method and device for accessing outer network from inner network |
| CN102006286A (en) * | 2010-10-29 | 2011-04-06 | 北京星网锐捷网络技术有限公司 | Access management method, device and system as well as access device for information system |
| CN102868585B (en) * | 2012-05-22 | 2016-03-02 | 浙江宇视科技有限公司 | Method and the device of bandwidth is saved in a kind of IP supervisory control system |
| CN102868585A (en) * | 2012-05-22 | 2013-01-09 | 浙江宇视科技有限公司 | Method and device for saving bandwidth in Internet protocol (IP) monitoring system |
| CN103023789A (en) * | 2012-12-05 | 2013-04-03 | 北方工业大学 | Method for accessing private network server in internet |
| CN103428310A (en) * | 2013-08-15 | 2013-12-04 | 网宿科技股份有限公司 | Virtual IP (internal protocol) based non-HTTP (hyper text transport protocol) domain name guidance system and method |
| CN103428310B (en) * | 2013-08-15 | 2016-08-24 | 网宿科技股份有限公司 | Non-HTTP domain name based on virtual IP address guides system and method |
| CN104580516A (en) * | 2015-01-24 | 2015-04-29 | 陈为人 | Internal and external network switching method and device based on web website home gateway system |
| CN104580516B (en) * | 2015-01-24 | 2018-10-30 | 陈为人 | Intranet and extranet switching method and apparatus based on web site home gateway system |
| WO2016173364A1 (en) * | 2015-04-29 | 2016-11-03 | 中兴通讯股份有限公司 | Method, system and apparatus for making policy rule |
| CN106211117A (en) * | 2015-04-29 | 2016-12-07 | 中兴通讯股份有限公司 | Policing rule formulating method, system and device |
| CN106211117B (en) * | 2015-04-29 | 2021-01-26 | 中兴通讯股份有限公司 | Policy rule making method, system and device |
| CN106131234A (en) * | 2016-06-20 | 2016-11-16 | 杭州华三通信技术有限公司 | A kind of method and apparatus distributing address information |
| CN107979656A (en) * | 2017-11-22 | 2018-05-01 | 安徽皖通邮电股份有限公司 | A kind of static NAT business support Dynamic Recognition enters the method to flow |
| CN108173982A (en) * | 2018-03-26 | 2018-06-15 | 深圳市风云实业有限公司 | The NAT processing method and processing devices of straddle message |
| CN108173982B (en) * | 2018-03-26 | 2020-12-22 | 深圳市风云实业有限公司 | NAT (network Address translation) processing method and device for cross-board message |
| CN109525684A (en) * | 2018-12-11 | 2019-03-26 | 杭州数梦工场科技有限公司 | Message forwarding method and device |
| CN111314498B (en) * | 2020-01-21 | 2022-05-24 | 浪潮云信息技术股份公司 | Network address translation method and NAT gateway |
| CN111314498A (en) * | 2020-01-21 | 2020-06-19 | 山东汇贸电子口岸有限公司 | Network address translation method and NAT gateway |
| CN111800806A (en) * | 2020-07-06 | 2020-10-20 | 浪潮卓数大数据产业发展有限公司 | Method for realizing single-machine multi-network co-connection |
| CN112565053B (en) * | 2020-12-01 | 2022-06-10 | 武汉绿色网络信息服务有限责任公司 | Method, device, service system and storage medium for identifying private network user |
| CN112565053A (en) * | 2020-12-01 | 2021-03-26 | 武汉绿色网络信息服务有限责任公司 | Method, device, service system and storage medium for identifying private network user |
| CN113132219A (en) * | 2021-03-26 | 2021-07-16 | 杭州芯博士网络科技有限公司 | Network quick access method for Internet of things terminal and Internet of things network device |
| CN113132219B (en) * | 2021-03-26 | 2022-07-12 | 杭州芯博士网络科技有限公司 | Network quick access method for Internet of things terminal and Internet of things network device |
| CN113271255A (en) * | 2021-06-23 | 2021-08-17 | 浪潮思科网络科技有限公司 | Method and device for converting network address to loopback |
| CN113422846A (en) * | 2021-06-23 | 2021-09-21 | 浪潮思科网络科技有限公司 | Service message processing method and device based on network address translation protocol |
| CN115208652A (en) * | 2022-07-07 | 2022-10-18 | 广州市大周电子科技有限公司 | Dynamic network resource access control method |
| CN115208652B (en) * | 2022-07-07 | 2024-05-28 | 广州市大周电子科技有限公司 | Dynamic network resource access control method |
Also Published As
| Publication number | Publication date |
|---|---|
| CN101060493B (en) | 2011-10-26 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN101060493A (en) | A method of private network user access the server in a private network through domain name | |
| CN1567808A (en) | A network security appliance and realizing method thereof | |
| CN1210638C (en) | Telecommunication setting method and electronic equipment thereof | |
| CN1855926A (en) | Method and system for contributing DHCP addresses safely | |
| CN1921486A (en) | IPv6 remote monitoring device and method | |
| CN1838636A (en) | Method and apparatus for packet traversal of a network address translation device | |
| CN101043510A (en) | PCI-E bus distributed system intra-board and inter-board data communication method | |
| CN1866904A (en) | Method and apparatus for astringing two layer MAC address | |
| CN1620010A (en) | VLAN server | |
| CN1848826A (en) | Family gateway equipment | |
| CN1722661A (en) | Verification System, network line concentrator, authentication method and authentication procedure | |
| CN101043331A (en) | System and method for distributing address for network equipment | |
| CN101064625A (en) | Method for managing user side equipment through network address translation gateway | |
| CN1744521A (en) | Network equipment management method and network management system | |
| CN101034989A (en) | Method, system and router for originating the authentication request via the user terminal | |
| CN101035270A (en) | Peer-to-peer video monitoring method based on the Internet | |
| CN1925452A (en) | Data transferring system, method and network transferring apparatus | |
| CN1870568A (en) | Method for implementing network address conversion anti-virus transition | |
| CN1889527A (en) | Load sharing apparatus and method for realizing multi-chain circuit transmission | |
| CN1501659A (en) | Communication device, edge router device, server device, communication system and communication method | |
| CN1406026A (en) | Combined address resolving scheme and combined address route device thereof | |
| CN100346601C (en) | Access server with function of collecting communication statistics information | |
| CN1558615A (en) | A physical network topological discovering system and method thereof | |
| CN1297105C (en) | Method for implementing multirole main machine based on virtual local network | |
| CN1753411A (en) | Improved method for assigning network identifiers using interface identifiers |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C14 | Grant of patent or utility model | ||
| GR01 | Patent grant | ||
| CF01 | Termination of patent right due to non-payment of annual fee |
Granted publication date: 20111026 Termination date: 20150514 |
|
| EXPY | Termination of patent right or utility model |