Embodiment
In order to make those skilled in the art can further understand feature of the present invention and technology contents, see also following about detailed description of the present invention and accompanying drawing, accompanying drawing only provide with reference to and explanation, be not to be used for limiting the present invention.
Below in conjunction with drawings and Examples, technical scheme of the present invention is described.
With reference to Fig. 1, be the structured flowchart of a kind of DPI equipment of the embodiment of the invention.
This DPI equipment is provided with the service communication interface and replaces functional area of the prior art and management mouth, make the service message that needs monitoring and communication message all pass through this service communication interface and receive and send, communication message is used for communicating by letter of DPI equipment and external equipment.Comprise first receiving element 101, recognition unit 102, structural unit 103 and transmitting element 104 in this DPI equipment.
Wherein, first receiving element 101 is used for receiving message by the service communication interface, and described message comprises the service message of communication message and needs monitoring; Recognition unit 102 when the purpose IP address that is used for the described message that receives at described first receiving element 101 is the IP address of described DPI equipment, determines that described message is a communication message; Structural unit 103 is used to construct the communication message that source IP address is described deep packet detection device IP address; Transmitting element 104 is used for sending the communication message that described structural unit 103 is constructed by the service communication interface.The specific implementation of each unit describes by following specific embodiment.
As shown in Figure 2, when these DPI equipment both sides linked to each other with router E with router D, message was by the interface DO output of router D, enter DPI equipment through the service communication interface, handle the back by the output of service communication interface through message, by interface EO input router E, carry out follow-up forwarding then.
After first receiving element 101 receives message, discern by 102 pairs of these messages of recognition unit, concrete, purpose IP address according to message is discerned, if purpose IP address is the IP address of described DPI equipment, determine that then this message is a communication message, then, again this communication message is communicated processing, this processing procedure can be identical with respective process of the prior art.When the communication message that this is received responds, can construct the communication message that source IP address is the DPI IP address of equipment, and send by the service communication interface, to respond by the communication message that transmitting element 104 will be constructed by structural unit 103.The message that message that receives for first receiving element 101 and transmitting element 104 send can be that communication message also can be the service message that needs monitoring, also non-limiting herein these two kinds of messages are received simultaneously or send simultaneously.
It more than is the situation of the passive reception miscellaneous equipment of DPI equipment communication message, initiatively send the situation of communication message to miscellaneous equipment for DPI equipment, also be to send by the service communication interface by transmitting element 104, communication message under this situation also can be constructed by structural unit 103, can be similar with prior art, do not limit herein.The process of structural unit 103 structure communication messages also can be identical with respective process of the prior art, and wherein, the source IP address of all communication messages that this structural unit 103 is constructed is to communicate by letter with realization in the IP address of DPI equipment.
In embodiments of the present invention, by the service message that adopts the service communication interface to come common received communication message and need to monitor, and realize communication messages and need the identification of the service message of monitoring by recognition unit 102, realized in the prior art processing to different messages, and saved management mouth of the prior art, saved interface resource.
In another embodiment of the present invention, this equipment can also comprise dispensing unit, is used to dispose the IP address of described DPI equipment.
In the above-described embodiments, if interface DO and the EO of router D and router E belong to the same network segment, under this situation, the IP address of the DPI equipment that dispensing unit disposed is the IP address of this same network segment.This dispensing unit can be one of this DPI equipment disposition, two or more IP address, these IP addresses can belong to the different network segments, respectively with the different routers of message transmission under the network segment corresponding, so that message through with the IP address mutually the router on the same network segment transmit, to shorten transmission path, these different routers link to each other with DPI equipment respectively.This dispensing unit need not carry out the configuration of IP address at every turn when receiving and dispatching message, generally this IP address that configures remains unchanged.
In another embodiment of the present invention, this recognition unit 102 when also being used for not being the IP address of described DPI equipment in the purpose IP address of the message that receives, determines that described message is for needing the service message of monitoring.Then, by the relevant treatment unit this service message that need monitor is measured etc. and handled the back and transmit.
With reference to Fig. 3, be the structured flowchart of the another kind of DPI equipment of the embodiment of the invention.
In the present embodiment, first receiving element 101, recognition unit 102, structural unit 103, transmitting element 104 and the dispensing unit 105 of DPI equipment in comprising the foregoing description, also comprise second receiving element 301 and response unit 302.
Wherein, second receiving element 301, be used for before described first receiving element 101 receives message, under ethernet environment, receive ARP (An Ethernet Address Resolution Protocol, the ethernet address translation-protocol) request of the router that links to each other with DPI equipment by described service communication interface; Response unit 302 is used for responding described ARP request by response message, includes the MAC Address of described DPI equipment in the described response message.
Under ethernet environment, when message is transferred to this DPI equipment by router, if this router is not known the MAC Address of this DPI equipment, then router will be broadcasted an ARP request, after second receiving element 301 receives this ARP request, make response by 302 pairs of these requests of response unit, inform the MAC Address of this DPI equipment of router by response message, after this router receives this response message, promptly known the MAC Address of DPI equipment, and then can be, and then message be carried out subsequent treatment by each unit of DPI equipment with message transmissions to DPI equipment.
Router generally can be stored the mac address information of this DPI equipment after receiving response message, just can not send the ARP request in follow-up message is transmitted again.
In the present embodiment,, router is set up to the transmission path of this DPI equipment, guaranteed the successful forwarding of message by response to router.
Above embodiment carries out under ethernet environment, and is next by following embodiment realization at POS (Packet Over SONET/SDH, the grouping on synchronous optical network/synchronous digital) environment.
The POS technology is a kind of technology that is applied in metropolitan area network and the wide area network, and it has the support grouped data, as the advantage of IP grouping.POS uses SONET (Synchronous Optical Network synchronous optical network) as physical layer protocol, link layer protocol is PPP (Point to Point Protocol, point-to-point protocol) agreement or HDLC (High-Level Data Link Control, High-Level Data Link Control) agreement etc., the IP Packet Service then operates in network layer.The POS environment is that the physical layer of monitored link is POS.
With reference to Fig. 4, be the structured flowchart of the another kind of DPI equipment of the embodiment of the invention.
In the present embodiment, first receiving element 101, recognition unit 102, structural unit 103, transmitting element 104 and the dispensing unit 105 of DPI equipment in comprising the foregoing description, also comprise resolution unit 401.
This resolution unit 401 is used under the POS environment, and the described message that described first receiving element 101 receives is resolved;
Described recognition unit 102, the purpose IP address that also is used for according to the message that parses is the IP address of described DPI equipment, determines that described message is a communication message.
If the link layer protocol that the POS environment adopts down is a ppp protocol, then the message of first receiving element, 101 receptions is PPP messages in the present embodiment, if link layer protocol is the HDLC agreement, the message that first receiving element 101 receives is the HDLC message.
401 pairs of PPP messages of this resolution unit or HDLC message etc. are resolved, and the message that parses is communication message or the service message that needs monitoring, and this resolving is known technology, repeats no more herein.And then discern by 102 pairs of messages that parse of recognition unit.
The embodiment of the invention has realized under the POS environment parsing to PPP message or HDLC message etc. by resolution unit 401, make DPI equipment correctly to discern and communication process, avoided the communication failure that dropping packets brought because this DPI equipment can't be discerned PPP message or HDLC message the communication message after resolving.
In the various embodiments described above, the communication message that DPI equipment receives or sends can be transmitted by the forwarding passage of the service message of needs monitoring.
With reference to Fig. 5, be the communication means flow chart of a kind of DPI equipment of the embodiment of the invention.
This method can comprise:
Step 501 receives and sends message by the service communication interface, and described message comprises the service message of communication message and needs monitoring;
The message that receives in this step and the message of transmission can be communication messages, also can be the service messages that needs monitoring, also non-limitingly herein receive or send simultaneously to two kinds of messages the time.
Step 502 if the purpose IP address of the message that receives is the IP address of described DPI equipment, determines that then described message is a communication message;
Step 503, the structure source IP address is the described communication message that the communication message of described DPI IP address of equipment receives with response, and sends by described service communication interface.
In the present embodiment, if the direct communication message that sends by DPI equipment, directly execution in step 501, send communication message by the service communication interface, structure as for this communication message can be same as the prior art, the IP address of the DPI equipment that the source IP address that is this communication message that sends out DPI equipment disposes before being, this technology is known, repeats no more herein.
The embodiment of the invention has realized from two kinds of messages of same style interface transmitting-receiving, be communication message and the service message that needs monitoring, and then,, saved interface resource so that respectively different messages are carried out corresponding subsequent processing by identification to message purpose IP address.
In another embodiment of the present invention, this method can also comprise: the IP address that disposes described DPI equipment.This layoutprocedure please refer to aforementioned means embodiment, repeats no more herein.
This embodiment method can also comprise: if the purpose IP address of the message that receives is not the IP address of described DPI equipment, determine that then described message is for needing the service message of monitoring.The service message that this message is monitored is as required handled and is transmitted then.
Below respectively under the ethernet environment and under the POS environment, the situation that DPI equipment receives message describes.
With reference to Fig. 6, be the method flow diagram of DPI devices communicating under a kind of ethernet environment of the embodiment of the invention.
The embodiment of the invention is under ethernet environment, know the IP address of this DPI equipment when the router that E-Packets, but the flow process of carrying out when not knowing the MAC Address of this DPI equipment, this method can dispose this DPI equipment earlier before implementing IP address, this method comprises:
Step 601 is by the ethernet address translation-protocol ARP request of described service communication interface receiving router;
Because this router is not when knowing the MAC Address of this DPI equipment,, obtaining the MAC Address of this DPI equipment, and then realize transmission so need the broadcast arp request.
Step 602 responds described ARP request by response message, includes the MAC Address of described DPI equipment in the described response message;
Router can be known the MAC Address of this DPI equipment after receiving this response message, then with message transmissions to this DPI equipment.
Step 603 receives message by the service communication interface, and described message comprises the service message of communication message and needs monitoring;
Step 604 if the purpose IP address of the message that receives is the IP address of described DPI equipment, determines that then described message is a communication message;
Step 605 is handled described communication message;
This processing procedure can with prior art in identical, repeat no more herein.
Step 606, the structure source IP address is the described communication message that the communication message of described DPI IP address of equipment receives with response, and sends by described service communication interface.
This method embodiment can be under ethernet environment, by the service communication interface to the ARP request responding, realize message from professional communication interface reception and forwarding, saved management of the prior art mouthful.
With reference to Fig. 7, be the method flow diagram of DPI devices communicating under a kind of POS environment of the embodiment of the invention.
The embodiment of the invention is under the POS environment, the flow process that the message that is transferred to DPI equipment when router carries out when being the PPP message, and this method comprises:
Step 701 receives message by the service communication interface; In the present embodiment, the message that receives is an example with the PPP message.
Step 702 is resolved described PPP message, and the message that parses may be that communication message also may be the service message that needs monitoring;
Parse this PPP message and be convenient to further discern the service message that the message that parses is communication message or needs monitoring.
Step 703 when if the purpose IP address of the message that parses is the IP address of described DPI equipment, determines that described message is a communication message;
Step 704 is handled described communication message;
This processing procedure can with prior art in identical, repeat no more herein.
Step 705, the structure source IP address is the described communication message that the communication message of described DPI IP address of equipment receives with response, and sends by described service communication interface.
This method embodiment has realized under the POS environment parsing to the PPP message, and then can and do further processing to the identification of the message after resolving, and has avoided the communication failure that dropping packets brought because this DPI equipment can't be discerned the PPP message.
For the message that receives by the service communication interface is the situation of HDLC message, similar with present embodiment, specifically sees also the foregoing description, repeats no more herein.
More than receive the embodiment of message for DPI equipment, when DPI equipment initiatively sends communication message and miscellaneous equipment and communicates, also need the IP address of this DPI equipment of configuration earlier, then, the structure communication message, the source IP address of this communication message is the IP address of this DPI equipment, the process of this structure communication message can be same as the prior art, at last, send the communication message of this structure by the service communication interface.The communication message that sends out can be transmitted by corresponding router, finally arrives the destination.
Further, if miscellaneous equipment is after receiving this communication message, respond if desired, then send out the communication message of response, the purpose IP address of the communication message of this response is the IP address of this DPI equipment, after the message of this response sends, when arriving this DPI equipment, receive this communication message by the service communication interface, processing procedure afterwards is identical with previous embodiment, repeats no more herein.In the various embodiments described above, the communication message that DPI equipment receives or sends can be transmitted by the forwarding passage of the service message of needs monitoring.
When DPI equipment initiatively sends communication message and miscellaneous equipment and communicates, still adopt the service communication interface to send this communication message, saved management of the prior art mouthful equally, saved interface resource.
One of ordinary skill in the art will appreciate that all or part of step that realizes in the foregoing description method is to instruct relevant hardware to finish by program, described program can be stored in the computer read/write memory medium, this program said method comprising the steps of when carrying out:
Receive and send message by the service communication interface, described message comprises the service message of communication message and needs monitoring;
If the purpose IP address of the described message that receives is the IP address of described DPI equipment, determine that then described message is a communication message;
The structure source IP address is the described communication message that the communication message of described DPI IP address of equipment receives with response, and sends by described service communication interface.
Described storage medium, as: ROM/RAM, magnetic disc, CD etc.
Above-described embodiment of the present invention does not constitute the qualification to protection range of the present invention.Any modification of being done within the spirit and principles in the present invention, be equal to and replace and improvement etc., all should be included within the claim protection range of the present invention.