CN101369968B - Configurable NAT equipment for implementing end-to-end communication and its data forwarding method - Google Patents

Configurable NAT equipment for implementing end-to-end communication and its data forwarding method Download PDF

Info

Publication number
CN101369968B
CN101369968B CN2008101179634A CN200810117963A CN101369968B CN 101369968 B CN101369968 B CN 101369968B CN 2008101179634 A CN2008101179634 A CN 2008101179634A CN 200810117963 A CN200810117963 A CN 200810117963A CN 101369968 B CN101369968 B CN 101369968B
Authority
CN
China
Prior art keywords
address
interface module
network
data
record table
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Expired - Fee Related
Application number
CN2008101179634A
Other languages
Chinese (zh)
Other versions
CN101369968A (en
Inventor
傅川
秦卓琼
张国清
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Institute of Computing Technology of CAS
Original Assignee
Institute of Computing Technology of CAS
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Institute of Computing Technology of CAS filed Critical Institute of Computing Technology of CAS
Priority to CN2008101179634A priority Critical patent/CN101369968B/en
Publication of CN101369968A publication Critical patent/CN101369968A/en
Application granted granted Critical
Publication of CN101369968B publication Critical patent/CN101369968B/en
Expired - Fee Related legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Landscapes

  • Data Exchanges In Wide-Area Networks (AREA)
  • Small-Scale Networks (AREA)

Abstract

The invention discloses a configurable NAT for accomplishing end-to-end communication and its operation method comprising: network connection relation control matrix records connection relation of networks accessed by interface module; address switching mapping recording list records connection state of the interface module; interface module attribute list records network type connected with interface module and inner net address and outer net address used when the network converts address; interface module receives data from network or other interface module according to recording information and the status mark of matching relation, and completes address conversion and relay the data to other interface module or network accessed by present interface module. In the invention, data can reach any on communication node in three hops after one-time network address conversion, time for converting network address multi-time is saved, data stream is limited in configurable NAT equipment, data stream in network is reduced.

Description

Realize the configurable NAT equipment and the data forwarding method thereof of end-to-end communication
Technical field
The present invention relates to the computer network communication technology field, more specifically, the present invention relates to a kind of configurable NAT equipment and data forwarding method thereof of realizing end-to-end communication.
Background technology
Network address translators (Network Address Translation, NAT), be an Internet engineering duty group (Internet Engineering Task Force, IETF) standard, it allows a whole mechanism to use same public IP address to appear at Internet, is a kind of inner private network address (IP address) to be translated into the technology of legal global network IP address.Network address port translation (NAPT) further develops the notion of " basic NAT " translation, also translate the transport layer sign in the time of translating address (as the port numbers of TCP/UDP, the inquiry ID of ICMP), thus be the transport layer label multiplex of a plurality of internal hosts unique external address.NAPT makes one group of main frame can share unique external address, in this application, NAT and NATP is referred to as NAT.
Along with increasing of personal computer device, the popularizing of network access equipment, increasing entity and individual are not content with the unit online, wish by network various device to be organized together.By NAT Access Network is carried out address amplification, cause appearance two-layer, three layers of NAT structure, make between the user that the situation of data passes becomes more complicated end to end.Server from user's Network Access Point to public network often will be via secondary even more network address translation.When communicating between two main frames in different private networks, present main stream approach is to use STUN, TURN, ICE etc. to carry out NAT and passes through, be through at least 2 times network address translation.These exemplary network address translation process have repeatedly increased the processing burden of NAT device.
Summary of the invention
Carry out network service transfer process complexity, defective that flow is big for overcoming the existing NAT device that uses, the present invention proposes a kind of configurable NAT equipment and data forwarding method thereof of realizing end-to-end communication.
According to an aspect of the present invention, proposed a kind of configurable NAT equipment of realizing end-to-end communication, having comprised:
One or more interface module, network annexation gating matrix, address transition map record table, interface module attribute list and matching addresses arithmetic unit;
Described network annexation gating matrix is used for the annexation between the record interface module institute access network; Described address transition map record table is used to write down the connection status of described interface module; Described interface module attribute list is used to write down the type of network that described interface module connects and described network when carrying out address transition employed in net address and outer net address; Described matching addresses arithmetic unit is used to mate received data packet<source address, destination address〉and address transition map record table, set the matching relationship Status Flag;
Described one or more interface module connects network annexation gating matrix, address transition map record table, interface module attribute list and matching addresses arithmetic unit respectively by control bus, transmits data by data/address bus between the described interface module; Described one or more interface module is according to the recorded information and the described matching relationship Status Flag of network annexation gating matrix, address transition map record table, interface module attribute list, receive the data of automatic network or other interface module, finish address transition, and with the network of described data forwarding toward other interface module or the access of this interface module.
Wherein, described interface module can be sent query requests to described network annexation gating matrix through described control bus, and described network annexation gating matrix is returned Query Result through described control bus and given described interface module.
Wherein, described interface module can comprise the global network interface, converge private network interface and common private network interface.
Wherein, described address transition map record table is used to write down the inner-mesh network address, the outer net network address, mapping network address of described interface module and port separately.
Wherein, described interface module comprises logic controller, block configuration and data parser; Described block configuration is used to describe the attribute of this interface module; Described data parser is used for the data that receive are resolved; Described logic controller is used for transmitting and address transition according to the recorded information of network annexation gating matrix, address transition map record table, interface module attribute list and described matching relationship Status Flag control data.
Wherein, described matching relationship Status Flag comprises SD coupling, INPUT, DS coupling, DM coupling and IM coupling; Described SD coupling is used to write down described input<source address, destination address〉with described address transition map record table in<interior net address, outer net address〉matching relationship; INPUT is used for writing down the matching relationship of the input module of the input module of SD record of described coupling and matching addresses arithmetic unit; Described DS coupling is used to write down described interface module input<source address, destination address〉with described address transition map record table in<outer net address, interior net address〉matching relationship; Described DM coupling is used to write down described interface module input<source address, destination address〉with described address transition map record table in<outer net address, mapping address〉matching relationship; Described IM coupling is used for writing down described interface module input<destination address〉with described address transition map record table<mapping address matching relationship.
Wherein, described logic controller uses the set of described reception data to flag bit according to the source, the destination that receive data based on the matching addresses arithmetic unit, finishes address transition, address transition map record table is increased or revises, described data are transmitted or abandoned.
According to a further aspect in the invention, proposed a kind of data forwarding method that uses above-mentioned arbitrary configurable NAT equipment, having comprised:
The interface module of step 10), described NAT device receives data and determines the source of described data;
Step 20), for data from the network that described interface module connected, described interface module is determined the type of described network;
Step 30), described interface module is according to described network type and described matching relationship Status Flag, finishes address transition, and address transition map record table is increased or revises, and transmits described data.
Wherein, step 30) also comprise: if described data from other interface module, described interface module sends described data to the network that this interface module connected.
Wherein, step 30) in, if described network type is a global network, step 30) further comprise:
Step 310) if described data<source address, destination address〉with described address transition map record table in<outer net address, mapping address〉coupling, the destination address of described data is revised as source address in the described address transition map record table; Transmit amended described data to the described interface module of occurrence;
Step 320) if described data<source address, destination address〉with described address transition map record table in<outer net address, mapping address〉do not match and described data<source address, destination address〉with described address transition map record table in<outer net address, interior net address〉coupling, transmit amended described data to the described interface module of occurrence.
Wherein, step 30) further comprise:
Step 310 '), determine the destination address type of described data;
Step 320 '), according to described address style, packet is sent into the matching addresses arithmetic unit, flag bit is carried out set;
Step 330 '), according to described flag bit operation is transmitted or abandoned to described data.
Wherein, step 310 ') in, if described destination address is a routable address, step 330 ') further comprise: if described data<source address, destination address〉in the match address conversion map record table<interior net address, outer net address〉and input module identical, revise described data source address and be the mapping address in the described matched record, send described data to the global network interface module; Otherwise described mapping address as described data source address, and is sent described data to the global network interface module.
Wherein, step 310 ') in, if described destination address is a net address outside the common privately owned interface module, step 330 ') further comprise: if described data<source address, destination address〉in the match address conversion map record table<outer net address, mapping address 〉, revise described data address and be the source address in the matched record, and the interface module in the record that is complementary sends described data; If described data<source address, destination address〉in the address transition that the do not match map record table<outer net address, mapping address〉and the matching destination address table of described data in mapping address, send described data to the interface module of the record of described mapping address coupling.
Step 30) in, if described network type is for converging private network interface, step 30) further comprise:
The destination address of determining described data is the laggard row address coupling of the interior net address of common privately owned interface module;
If described data<source address, destination address〉in the match address conversion map record table<outer net address, mapping address 〉, send described data to the input interface module of described matched record, otherwise abandon.
Step 30) in, if described network type is common private network interface, step 30) further comprise:
The destination address of determining described data is the laggard row address coupling of the interior net address of common privately owned interface module;
If described data<source address, destination address〉in the match address conversion map record table<outer net address, interior net address 〉, revise the mapping address that described data source address is a matched record, and send described data to the input interface module of described matched record;
If described data<source address, destination address〉in the address transition that the do not match map record table<outer net address, interior net address 〉, abandon described data.
By using the present invention, the input interface of equipment is connected to different networks, the initial work that preassignment is carried out system is carried out in control table; Assisting down of configurable NAT equipment, the transfer of data of any two communication nodes is passed through the primary network address transition at the most, jumps (hop) three and can arrive with interior.With respect to the NAT device of main flow, configurable NAT equipment of the present invention combines network address translation with passing through function, has saved repeatedly the required time of network address translation; Simultaneously data flow can be confined to configurable NAT equipment inside, reduce the data flow in the network.
Description of drawings
Fig. 1 illustrates the schematic network structure by the NAT device cascade;
Fig. 2 illustrates the functional structure of typical configurable NAT equipment 2000;
Fig. 3 illustrates interface module and forms structure chart;
Fig. 4-Fig. 9 illustrates the data forwarding method flow chart of configurable NAT equipment.
Embodiment
Below in conjunction with the drawings and specific embodiments a kind of configurable NAT equipment of end-to-end communication and data forwarding method thereof realized provided by the invention is described in detail.
Figure 1 shows that the schematic network structure by the NAT device cascade, NAT device has two sockets, towards the Intranet interface of inner-mesh network with towards the outer net interface of outer net network.At present, NAT outer net interface is generally unified the IP address with the whole world in the global network and is bound; And the Intranet interface is generally with the private network address binding of stipulating among the RFC1918.The appearance of multi-layer NAT network, make the outer net interface also can with the private network address binding of stipulating among the RFC1918.As shown in the figure, private network B inserts global network A by NAT device, and private network C, D, E connect private network B by other NAT device respectively, the network that the private network that inserts by NAT device is controlled for this NAT device.Directly the NAT device that links to each other with global network is the root NAT device.Each private network is the number of plies of this private network to the number of the minimum NAT device of global network process, and this path is the shortest path of private network to global network.Private network is few more to the number of plies of global network, and the expression level is high more.If two private networks have at least a NAT device identical in the shortest path of global network, then these two private networks have common root NAT device.The multi-layer NAT network can be counted as the combination of a plurality of same root multi-layer NAT networks.
The module that realizes the NAT address translation feature in the NAT device is called interface module, interface module comprises input interface and output interface, interface module receive simultaneously connect the input of network and other interface module, and send data to the network that is connected and other interface module.If the network that the input interface of an interface module connects is a global network, then be called the global network interface; If the network that the input interface of an interface module connects is a private network, then be called the private network interface; All the other situations then are called and are converged the private network interface.
Figure 2 shows that configurable NAT equipment 2000 according to an embodiment of the invention, described NAT device 2000 comprises: interface module, data/address bus, control bus, network annexation gating matrix, address transition map record table, interface module attribute list and matching addresses arithmetic unit.
Need at least one interface module in the actual deployment, use 5 interface modules in the present embodiment, interface module 2101,2102,2103,2104 and 2015, wherein, 2101 is the global network interface, and 2102 for converging the private network interface, and 2103,2104 and 2105 is common private network interface.
Control bus 2401,2402 is connected each interface module and connects network annexation gating matrix, address transition map record table and interface module attribute list respectively with 2403, each interface module is carried out alternately with network annexation gating matrix, address transition map record table and interface module attribute list respectively by control bus, interface module is sent query requests through control bus to network annexation gating matrix, and network annexation gating matrix is returned Query Result through control bus and given the corresponding interface module.
Data/address bus 2300 transmits data between interface module.
Annexation between the network annexation gating matrix record interface module institute access network, as shown in table 1.If there be the direct connection of network A to network B, then the relevant position value is 1 in the table; Otherwise be 0.Diagonal line value is 0.When the configurable NAT equipment access network, network annexation matrix is initialised.
Table 1 network annexation gating matrix
Figure G2008101179634D00071
After interface module is received data, determined the outer outgoing interface of packet according to the processing logic of this module logic controller, state that can record connects in address transition map record table, as shown in table 2.
Table 2 address transition map record table
The inner-mesh network address The Intranet port The outer net network address The outer net port The mapping network address Mapped port The input interface module numbering
10.0.0.5 50 159.226.50.1 80 159.226.39.10 50 2
192.168.3.20 50 159.226.50.1 80 159.226.39.10 52 3
192.168.3.20 50 159.226.50.1 80 159.226.39.10 54 4
192.168.3.20 50 159.226.50.1 80 159.226.39.10 56 5
192.168.3.20 60 10.10.0.102 80 10.10.0.100 80 3
192.168.3.20 60 10.10.0.100 80 10.10.0.102 80 4
192.168.3.20 60 10.10.0.102 80 10.10.0.104 80 5
192.168.3.20 70 10.0.0.66 80 10.10.0.100 70 3
The interface module attribute list writes down the attribute of the connection network of whole interface modules, and interior net address that uses when carrying out address transition and outer net address, and is as shown in table 3.
Table 3 interface module attribute list
One<the source address that matching addresses arithmetic unit 2501 receiving interface modules transmit, destination address〉to as input, search address transition map record table, carry out following coupling respectively after, 5 flag bits are carried out set, comprising:
(1), SD coupling, input<source address, destination address〉to whether outer net address is arranged in table<interior net address to matching; If have, SD is changed to 1, otherwise SD is changed to 0.The entry that matches is designated as the SD record; If the input module in the SD record, identical with the input module of matching addresses arithmetic unit, then INPUT is changed to 1, otherwise INPUT is changed to 0.
(2), DS coupling, input<source address, destination address〉to whether interior net address is arranged in table<outer net address to matching; If have, DS is changed to 1, otherwise DS is changed to 0.The entry that matches is designated as the DS record.
(3), DM coupling, input<source address, destination address〉to whether mapping address is arranged in table<outer net address match; If have, DM is changed to 1, otherwise DM is changed to 0.The entry that matches is designated as the DM record.
(4), IM coupling, input<destination address whether in table, have<mapping address match; If have, IM is changed to 1, otherwise IM is changed to 0.The entry that matches is designated as the IM record.
Interface module receives the data of automatic network or other interface module, finishes address transition, and with data forwarding, transmitting the destination can be the network that other interface module or this module insert.As shown in Figure 3, interface module comprises logic controller 3102, block configuration 3101, data parser 3103, by connecting line 3104 access networks of going out, is connected to other interface module by data/address bus 2300.
Block configuration 3101 is used to describe the attribute of this interface module, such as the network type that is connected; Data parser 3103 is used for the data that receive are resolved, such as source, the data destination of data; Logic controller 3102 is cores of interface module, is used for control data and transmits; The connecting line 3104 of going out is included in each interface module, with the interface module access network.
Fig. 4-Fig. 9 illustrates the flow chart of the data forwarding method that uses foregoing configurable NAT equipment, the description that sees below of specific implementation step.
As shown in Figure 4, S4001: beginning, wait for receiving data;
S4002: judge the source that receives packet;
S4003: if packet, enters flow chart of data processing S4003 between the interface module among Fig. 5 between interface module;
S4004: if packet, enters flow chart of data processing S4004 in the network among Fig. 6 from the network that is connected.
The interface module flow chart of data processing:
As shown in Figure 5, S5001: receive from the data between the module, the network that connects to this module sends this packet.Redirect S4001.
Flow chart of data processing in the network:
As shown in Figure 6, S6001: judge the network type that this interface is connected to; If global network interface, redirect S6002 enter the global network interface data of Fig. 7 and handle; If common private network interface, redirect S6003 enter the common private network interface data of Fig. 8 and handle; If converge the private network interface, redirect S6004 enters the private network interface data that converges of Fig. 9 and handles.
Global network interface data handling process:
As shown in Figure 7, S6101: carry out matching addresses, if the DM flag bit is 1, redirect S6102; If DM=0 and DS=1, redirect 6104; Otherwise redirect S6105;
S6102:, the destination address of packet is revised as source address in the DM record according to the DM record; Change S6103;
S6103: the input interface module in the DM record is transmitted amended packet, changes S6002;
S6104: the input interface module in the DS record is transmitted packet, changes S6002;
S6105: abandon packet, change S6002.
Common private network interface data is handled
As shown in Figure 8, S6201: judge the destination address type of this grouping,, change S6202 if belong to routable address or converge private network interface module Intranet address list; If belong to common private network interface module Intranet address list, change S6206; If belong to common private network interface module outer net address list, change S6212; Otherwise change S6210;
S6202: carry out matching addresses,, otherwise change S6205 if SD=1 and INPUT=1 change S6203;
S6203: according to the SD record, the source address of revising grouping is the mapping address in the record, changes 6204;
S6204: send this packet to the interface module that connects global network/compile private network, if the grouping destination address is a routed network, then send packet to the interface module that connects global network, if the grouping destination address is to converge private network, then according to network annexation gating matrix, to having the private network interface module that converges of annexation to send packet, change S6003 with this interface module;
S6205: in address transition map record table, add new record, and the source of packets address is changed to mapping address, change S6204;
S6206: carry out matching addresses, if DS=1 and SD=1 change S6207; If DS=1 and SD=0 change S6209; If DS=1 and SD=1 change S6210; If DS=0 and SD=0, S6211 walks around;
S6207: according to the SD record, revise the packet source address and be the mapping address in the record, change S6208;
S6208: the input interface module in the DS record is transmitted packet, changes S6003;
S6209: the allocation map point, in address transition map record table, add new record, change S6207;
S6210: abandon packet, change S6003;
S6211: the allocation map point, in address transition map record table, add new record, change S6210;
S6212: carry out matching addresses, if DM=1 changes S6213; If DM=0 and IM=1 change S6214.Otherwise change S6210;
S6213: the modification destination address is the source address in the DM record, and the interface module in the DM record of being looked into sends this packet, changes S6003;
S6214: increase the mapping table record, wherein destination address is the source address in the IM record, and the mapping point network address and port as the source address of current data grouping, are changeed S6215;
S6215: the modification destination address is the source address in the IM record, and the interface module in the IM record of being looked into sends this packet, changes S6003;
Converging the private network interface data handles
As shown in Figure 9, S6301: judge the destination address type of this packet, if routable address changes S6302; If belong to common private network interface module Intranet address list, change S6306, if belong to common private network interface module outer net address list, change S6309;
S6302: carry out matching addresses, if SD=1 and INPUT=1 change S6303; Otherwise change S6305;
S6303: with the source address modification of packet is mapping address in the SD record, changes S6304;
S6304: send this packet to the interface module that connects global network, change S4001;
S6305: distribute a new mapping point, increase address transition map record table record, and the source address of revising packet is mapping address, change S6304;
S6306: carry out matching addresses, if DS=1 changes S6307; Otherwise change S6308;
S6307: the input interface module in the DM record of being looked into sends this packet, changes S6004;
S6308: abandon packet, change S6004;
S6309: the modification destination address is the source address in the DM record, and the input interface module in the DM record sends this packet, changes S6004.
It should be noted that at last, above embodiment is only in order to describe technical scheme of the present invention rather than the present technique method is limited, the present invention can extend to other modification, variation, application and embodiment on using, and therefore thinks that all such modifications, variation, application, embodiment are in spirit of the present invention and teachings.

Claims (15)

1. configurable Network address translators NAT device of realizing end-to-end communication comprises:
One or more interface module, network annexation gating matrix, address transition map record table, interface module attribute list and matching addresses arithmetic unit;
Described network annexation gating matrix is used for the annexation between the record interface module institute access network; Described address transition map record table is used to write down the connection status of described interface module; Described interface module attribute list is used to write down the type of network that described interface module connects and described network when carrying out address transition employed in net address and outer net address; Described matching addresses arithmetic unit is used to mate received data packet<source address, destination address〉and address transition map record table, set the matching relationship Status Flag;
Described one or more interface module connects network annexation gating matrix, address transition map record table, interface module attribute list and matching addresses arithmetic unit respectively by control bus, transmits data by data/address bus between the described interface module; Described one or more interface module is according to the recorded information and the described matching relationship Status Flag of network annexation gating matrix, address transition map record table and interface module attribute list, receive the data of automatic network or other interface module, finish address transition, and with the network of described data forwarding toward other interface module or the access of this interface module.
2. the equipment of claim 1, wherein, described interface module can be sent query requests to described network annexation gating matrix through described control bus, and described network annexation gating matrix is returned Query Result through described control bus and is given described interface module.
3. the equipment of claim 1, wherein, described interface module can comprise the global network interface, converge private network interface and common private network interface.
4. the equipment of claim 1, wherein, described address transition map record table is used to write down the inner-mesh network address, the outer net network address, mapping network address of described interface module and port separately.
5. the equipment of claim 1, wherein, described interface module comprises logic controller, block configuration and data parser; Described block configuration is used to describe the attribute of this interface module; Described data parser is used for the data that receive are resolved; Described logic controller is used for transmitting and address transition according to the recorded information of network annexation gating matrix, address transition map record table and interface module attribute list and described matching relationship Status Flag control data.
6. the equipment of claim 1, wherein, described matching relationship Status Flag comprises SD coupling, INPUT, DS coupling, DM coupling and IM coupling; Described SD coupling is used to write down input<source address, destination address〉with described address transition map record table in<interior net address, outer net address〉matching relationship; INPUT is used for writing down the matching relationship of the input module of the input module of SD record of described coupling and matching addresses arithmetic unit; Described DS coupling is used to write down described interface module input<source address, destination address〉with described address transition map record table in<outer net address, interior net address〉matching relationship; Described DM coupling is used to write down described interface module input<source address, destination address〉with described address transition map record table in<outer net address, mapping address〉matching relationship; Described IM coupling is used for writing down described interface module input<destination address〉with described address transition map record table<mapping address matching relationship.
7. the equipment of claim 1, wherein, described logic controller uses the set of described reception data to flag bit according to the source and the destination that receive data based on the matching addresses arithmetic unit, address transition map record table is increased or revises, described data are transmitted or abandoned.
8. the data forwarding method of each described configurable Network address translators NAT device of claim 1 to 7 comprises:
The interface module of step 10), described NAT device receives data and determines the source of described data;
Step 20), for data from the network that described interface module connected, described interface module is determined the type of described network;
Step 30), described interface module is according to described network type and described matching relationship Status Flag, finishes address transition, transmits described data.
9. the method for claim 8, wherein, step 30) also comprise: if described data from other interface module, described interface module sends described data to the network that this interface module connected.
10. the method for claim 8, wherein, step 30) in, if described network type is a global network, step 30) further comprise:
Step 310) if described data<source address, destination address〉with described address transition map record table in<outer net address, mapping address〉coupling, the destination address of described data is revised as source address in the described address transition map record table; Transmit amended described data to the described interface module of occurrence;
Step 320) if described data<source address, destination address〉with described address transition map record table in<outer net address, mapping address〉do not match and described data<source address, destination address〉with described address transition map record table in<outer net address, interior net address〉coupling, transmit amended described data to the described interface module of occurrence.
11. the method for claim 8, wherein, step 30) further comprise:
Step 310 '), determine the destination address type of described data;
Step 320 '), according to described address style, packet is sent into the matching addresses arithmetic unit, flag bit is carried out set;
Step 330 '), according to described flag bit, packet is carried out address transition, address transition map record table is increased or revises, operation is transmitted or abandoned to described data.
12. the method for claim 11, wherein, step 310 ') in, if described destination address is a routable address, step 330 ') further comprise: if described data<source address, destination address〉in the match address conversion map record table<interior net address, outer net address〉and interface module identical, revise described data source address and be the mapping address in the described matched record, send described data to the global network interface module; Otherwise described mapping address as described data source address, and is sent described data to the global network interface module.
13. the method for claim 11, wherein, step 310 ') in, if described destination address is a net address outside the common privately owned interface module, step 330 ') further comprise: if described data<source address, destination address〉in the match address conversion map record table<outer net address, mapping address 〉, revise described data address and be the source address in the matched record, and the interface module in matched record sends described data; If described data<source address, destination address〉in the address transition that the do not match map record table<outer net address, mapping address〉and the matching destination address table of described data in mapping address, send described data to the interface module of the record of described mapping address coupling.
14. the method for claim 8, step 30) in, if described network type is for converging private network, step 30) further comprise:
The destination address of determining described data is the laggard row address coupling of the interior net address of common privately owned interface module;
If described data<source address, destination address〉in the match address conversion map record table<outer net address, mapping address 〉, send described data to the input interface module of described matched record, otherwise abandon.
15. the method for claim 8, step 30) in, if described network type is common private network, step 30) further comprise:
The destination address of determining described data is the laggard row address coupling of the interior net address of common privately owned interface module;
If described data<source address, destination address〉in the match address conversion map record table<outer net address, interior net address 〉, revise the mapping address that described data source address is a matched record, and send described data to the input interface module of described matched record;
If described data<source address, destination address〉in the address transition that the do not match map record table<outer net address, interior net address 〉, abandon described data.
CN2008101179634A 2008-08-18 2008-08-18 Configurable NAT equipment for implementing end-to-end communication and its data forwarding method Expired - Fee Related CN101369968B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN2008101179634A CN101369968B (en) 2008-08-18 2008-08-18 Configurable NAT equipment for implementing end-to-end communication and its data forwarding method

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN2008101179634A CN101369968B (en) 2008-08-18 2008-08-18 Configurable NAT equipment for implementing end-to-end communication and its data forwarding method

Publications (2)

Publication Number Publication Date
CN101369968A CN101369968A (en) 2009-02-18
CN101369968B true CN101369968B (en) 2011-02-16

Family

ID=40413600

Family Applications (1)

Application Number Title Priority Date Filing Date
CN2008101179634A Expired - Fee Related CN101369968B (en) 2008-08-18 2008-08-18 Configurable NAT equipment for implementing end-to-end communication and its data forwarding method

Country Status (1)

Country Link
CN (1) CN101369968B (en)

Families Citing this family (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN106850444B (en) 2011-08-17 2020-10-27 Nicira股份有限公司 Logical L3 routing
US9246846B2 (en) 2011-09-02 2016-01-26 Mediatek Co. Network processor
CN105763592A (en) * 2014-12-19 2016-07-13 中兴通讯股份有限公司 Cluster internal and external data interaction method, cluster gateway and source device
CN109150677B (en) * 2017-06-19 2021-06-08 阿里巴巴集团控股有限公司 Cross-domain access processing method and device and electronic equipment

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1716941A (en) * 2004-06-29 2006-01-04 阿尔卡特公司 Method and call server for establishing a bi-directional peer-to-peer communication link
EP1667378A1 (en) * 2003-09-02 2006-06-07 Huawei Technologies Co., Ltd. Method of implementing multimedia protocol passing through network address transform device
CN1863152A (en) * 2005-09-28 2006-11-15 华为技术有限公司 Method for transmitting various messages between internal network users
CN1893394A (en) * 2005-07-05 2007-01-10 华为技术有限公司 Method for passing through network address conversion

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP1667378A1 (en) * 2003-09-02 2006-06-07 Huawei Technologies Co., Ltd. Method of implementing multimedia protocol passing through network address transform device
CN1716941A (en) * 2004-06-29 2006-01-04 阿尔卡特公司 Method and call server for establishing a bi-directional peer-to-peer communication link
CN1893394A (en) * 2005-07-05 2007-01-10 华为技术有限公司 Method for passing through network address conversion
CN1863152A (en) * 2005-09-28 2006-11-15 华为技术有限公司 Method for transmitting various messages between internal network users

Also Published As

Publication number Publication date
CN101369968A (en) 2009-02-18

Similar Documents

Publication Publication Date Title
EP2206052B1 (en) Methods and apparatus for managing addresses related to virtual partitions of a session exchange device
CN102148773B (en) Method and system for converting IPv6 (Internet Protocol Version 6) protocol and IPv4 (Internet Protocol Version 4) protocol
US5856974A (en) Internetwork address mapping gateway
US7558268B2 (en) Apparatus and method for combining forwarding tables in a distributed architecture router
US7616634B2 (en) Gateway device connecting multicast-supported network to multicast-unsupported L2 network
CN107465590A (en) Network infrastructure system, the method for route network traffic and computer-readable medium
US20050013308A1 (en) Apparatus and method for route summarization and distribution in a massively parallel router
CN101119324B (en) Network address converting attribute self-adaptive method and apparatus
CN101707569B (en) Method and device for processing NAT service message
CN104247348A (en) Chaining of inline services using software defined networking
EP3080958B1 (en) System and method for scalable inter-domain overlay networking
CN103152269B (en) A kind of message forwarding method based on NAT and equipment
CN107508721B (en) A kind of collecting method based on metadata
CN101945038A (en) Be used to create the system and method for transitional optimum flow path
US7822024B2 (en) Apparatus and method for performing security and classification in a multiprocessor router
CN101369968B (en) Configurable NAT equipment for implementing end-to-end communication and its data forwarding method
WO2015108106A1 (en) Packet transfer device, control device, communication system, communication method, and program
US7394810B2 (en) Layer 2 switch and method of processing expansion VLAN tag of layer 2 frame
CN100586104C (en) A route-based talk initialization protocol transparent transmission network address conversion method
CN102201996A (en) Method and equipment for forwarding message in network address translation (NAT) environment
CN1638334A (en) System and method for transmitting data pocket in infinite bandwidth network
KR20190094626A (en) Data Communication Method for Full Duplex Switched Ethernet in Ring Topology
CN101009705B (en) Method and related device for forwarding data frame
CN108111414B (en) Label deployment method and device based on segment routing
US20060002384A1 (en) Network system and connecting method thereof

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
C14 Grant of patent or utility model
GR01 Patent grant
CF01 Termination of patent right due to non-payment of annual fee
CF01 Termination of patent right due to non-payment of annual fee

Granted publication date: 20110216

Termination date: 20200818