CN102801824A - Method and system for processing NAT equipment, NAPT equipment and TCP application drainage - Google Patents
Method and system for processing NAT equipment, NAPT equipment and TCP application drainage Download PDFInfo
- Publication number
- CN102801824A CN102801824A CN2012103111469A CN201210311146A CN102801824A CN 102801824 A CN102801824 A CN 102801824A CN 2012103111469 A CN2012103111469 A CN 2012103111469A CN 201210311146 A CN201210311146 A CN 201210311146A CN 102801824 A CN102801824 A CN 102801824A
- Authority
- CN
- China
- Prior art keywords
- message
- server
- tcp
- address
- source
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Images
Landscapes
- Data Exchanges In Wide-Area Networks (AREA)
- Small-Scale Networks (AREA)
Abstract
The invention discloses a method and system for processing NAT (Network Address Translation) equipment, NAPT (Network Address Port Translation) equipment and TCP (Transmission Control Protocol) application drainage. The method comprises the following steps that: the NAT equipment receives a message with a TCP load, sent by a client end to a server, and the message is subjected to application identification and is re-routed on the basis of the application type and a destination IP address, then the message is not directly sent to the server after being subjected to network address conversion and is hand-shaken with the server on the NAT equipment, namely, a TCP connection is re-established; and then the message with the TCP load is sent to the server, and the TCP application drainage under an NAT mode can be realized. The method for processing the TCP application drainage under the NAPT mode is similar to a method for processing the TCP application drainage under the NAT mode, therefore, according to the invention, the TCP application drainage under the NAPT mode can be realized, therefore, enterprises and operators can be helped for effectively utilizing bandwidth resources, and service quality of important applications is ensured.
Description
Technical field
The present invention relates to internet arena, use the processing method and the treatment system of drainage in particular to a kind of NAT device, NAPT equipment and TCP.
Background technology
Along with the high speed development of the Internet, all there are every day various application programs to be born.P2P (point-to-point), Web video (also being Online Video) this type application have taken a large amount of bandwidth.In order to guarantee the service quality of important application; Enterprise, operator need carry out route selection according to the type of using; For example will account for bandwidth big, but unessential application is guided to one to the less demanding link of quality, and important use is guided to quality link preferably.
(when also receiving first message of connection) just used identification according to content of message when newly-built session, then according to IP, port and use these information and do route querying.When the network equipment was received first message, for the application that UDP carries, its available information was many in general, selected the destination interface and the load content of stem to discern.
For the application that TCP carries,, then can only select the application target port to discern because handshake message has no load.
Yet; For application, when receiving that client mails to first sync message of server, has no load based on TCP; For using the identification Useful Information mainly is source, purpose IP address and port information; And often be not enough to the application type of perhaps not accurate enough this connection of identification this moment, can only do a rough application identification earlier according to source, purpose IP, port case, and carry out routing.For example under the situation of not using plug-in unit, the destination interface of the Online Video of main flow all is 80, also promptly is carried on the http protocol, can only be identified as http protocol according to first TCP message, is a certain Web video and can not be accurate to.
But, under the application scenarios of NAT/NAPT (network address translation/network address port conversion), carry out routing again after because source IP/ port changes, can cause server this link that resets, interrupt thereby cause using, can't realize drainage.
TCP with under the NAT pattern is applied as example, and is as shown in Figure 1, during by C (client) visit S (YouKu server), through a NAT device, does the source address conversion, and sequence of message is shown in the following table I.Wherein,, do the source address conversion, from C-as C during through NAT device visit S>the acquiescence outgoing interface of S is e1, need the YouKu video be drained on the e2 now.The 4th the PUSH message that message is TCP in the following table comprises the TCP load.According to the TCP load this connection is identified as the YouKu video, finding outgoing interface again according to application type is e2.Owing to be source NAT, this message is when NAT device sends out, and its source IP changes to e2.IP.S receives the message from an e2.IP, does not shake hands through TCP, causes using interrupting.
Table I sequence of message table
To realizing under NAT or NAPT pattern in the correlation technique that TCP uses the problem of drainage, does not propose effective solution at present as yet.
Summary of the invention
Main purpose of the present invention is to provide a kind of NAT device, NAPT equipment and TCP to use the processing method and the treatment system of drainage, can't realize that to solve TCP uses the problem of drainage under NAT or NAPT pattern.
To achieve these goals, according to an aspect of the present invention, provide a kind of TCP to use the processing method of drainage.
The processing method of using drainage according to TCP of the present invention comprises: NAT device is after receiving first message; TCP load in first message is discerned; And according to application type that identifies and the routing again of purpose IP address; Confirm the outgoing interface of correspondence when TCP uses by drainage, wherein, first message is the message with TCP load that client is sent to server via NAT device; NAT device carries out network address translation, and wherein, the source IP address after the conversion is the IP address of TCP corresponding outgoing interface when using by drainage; NAT device and server handshaking, wherein, the source IP address of handshake message is the source IP address after changing; And NAT device sends first message to server.
Further, first message be user end to server send first have the message of TCP load.
Further, NAT device and server handshaking comprise: NAT device sends the SYN signal to server; Server returns the SYN-ACK signal to NAT device; And NAT device sends ack signal to server.
Further; After server sent first message, this method also comprised at NAT device: NAT device is after receiving second message, and NAT device carries out network address translation and TCP sequence number conversion; Wherein, second message is the message that client is sent to server via NAT device; And NAT device is after receiving the 3rd message, and NAT device carries out the TCP sequence number conversion, and wherein, the 3rd message is the message that server sends to client via NAT device.
To achieve these goals, according to an aspect of the present invention, provide another kind of TCP to use the processing method of drainage.
The processing method of using drainage according to TCP of the present invention comprises: NAPT equipment is after receiving first message; Identification is used in TCP load in first message; And according to application type that identifies and the routing again of purpose IP address; Confirm the outgoing interface of correspondence when TCP uses by drainage, wherein, first message is the message with TCP load that client is sent via the NAPT device-to-server; NAPT equipment carries out the network address and port translation, and wherein, the source IP address after the conversion is the IP address of TCP corresponding outgoing interface when using by drainage, and the port numbers after the conversion is the port numbers of NAPT equipment dynamic assignment; NAPT equipment and server handshaking, wherein, the source IP address of handshake message is the source IP address after changing, the source port number of handshake message is the source port number after changing; And the NAPT device-to-server sends first message.
Further; After the NAPT device-to-server sends first message; This method also comprises: NAPT equipment is after receiving second message; NAPT equipment carries out the network address, port translation and TCP sequence number conversion, and wherein, second message is the message that client is sent via the NAPT device-to-server; And NAPT equipment is after receiving the 3rd message, and NAPT equipment carries out the TCP sequence number conversion, and wherein, the 3rd message is the message that server sends to client via NAPT equipment.
To achieve these goals, according to an aspect of the present invention, a kind of NAT device is provided.
NAT device according to the present invention comprises: receiver module, be used to receive first message, and wherein, first message is the message with TCP load that client is sent to server via NAT device; Application recognition module is used for discerning the application type of the first message TCP load; Use the drainage module, be used for, confirm the outgoing interface of correspondence when TCP uses by drainage according to the application type and the routing again of purpose IP address that identify; The IP modular converter is used to carry out network address translation, and wherein, the source IP address after the conversion is the IP address of TCP corresponding outgoing interface when using by drainage; Handshake module is used for and server handshaking, and wherein, the source IP address of handshake message is the source IP address after changing; And sending module, be used for sending first message to server.
To achieve these goals, according to an aspect of the present invention, a kind of NAPT equipment is provided.
NAPT equipment according to the present invention comprises: receiver module, be used to receive first message, and wherein, first message is the message with TCP load that client is sent via the NAPT device-to-server; Application recognition module is used for discerning the application type of the first message TCP load; Use the drainage module, be used for according to identify application type and the routing again of purpose IP address, the outgoing interface of correspondence when confirming that TCP uses by drainage; IP and port translation module are used to carry out the network address and port translation, and wherein, the source IP address after the conversion is the IP address of TCP corresponding outgoing interface when using by drainage, and the port numbers after the conversion is the port numbers of NAPT equipment dynamic assignment; Handshake module is used for and server handshaking, and wherein, the source IP address of handshake message is the source IP address after changing, and the source port number of handshake message is the source port number after changing; And sending module, be used for sending first message to server.
To achieve these goals, according to an aspect of the present invention, provide a kind of TCP to use the treatment system of drainage.
The treatment system of using drainage according to TCP of the present invention comprises: client, NAT device and server, and wherein, client is used for sending first message via NAT device to server, and wherein, first message is the message with TCP load; NAT device is used for after receiving first message, and identification is used in TCP load in first message, and according to application type that identifies and the routing again of purpose IP address, the outgoing interface of correspondence when using by drainage with definite TCP; NAT device also is used to carry out network address translation, and and server handshaking, wherein, the source IP address after the conversion is the IP address of TCP corresponding outgoing interface when using by drainage, the source IP address of the source IP address of handshake message after for conversion; NAT device also be used for server handshaking after, send first message to server; And after server is used for shaking hands with NAT device, receive first message.
To achieve these goals, according to an aspect of the present invention, provide another kind of TCP to use the treatment system of drainage.
The treatment system of using drainage according to TCP of the present invention comprises: client, NAPT equipment and server, and wherein, client is used for sending first message via the NAPT device-to-server, and wherein, first message is the message with TCP load; NAPT equipment is used for after receiving first message, and identification is used in TCP load in first message, and according to application type that identifies and the routing again of purpose IP address, the outgoing interface of correspondence when using by drainage with definite TCP; NAPT equipment also is used to carry out the network address and port translation; And and server handshaking; Wherein, the source IP address after the conversion is the IP address of TCP corresponding outgoing interface when using by drainage, and the source port number after the conversion is the port numbers of NAPT equipment dynamic assignment; The source IP address of handshake message is the source IP address after changing, and the source port number of handshake message is the source port number after changing; NAPT equipment also be used for server handshaking after, send first message to server; And after server is used for shaking hands with NAPT equipment, receive first message.
Through the present invention, adopt the TCP that may further comprise the steps to use the processing method of drainage: NAT device is receiving the message with TCP load that user end to server sends, after using identification and discerning routing again based on application; Be not sent to server after directly this message not being done network address translation, but on NAT device again with server handshaking, also promptly rebulid TCP and connect; And then this message with TCP load sent to server, wherein, NAT device is when carrying out network address translation; Source IP address after the conversion is the IP address of TCP corresponding outgoing interface when using by drainage; Can realize under the NAT pattern that TCP uses drainage, it is similar with the processing method of TCP application drainage under the NAT pattern to use the processing method of drainage at the TCP under the NAPT pattern, thereby; Through thought of the present invention; Can realize that also the TCP under the NAPT pattern uses drainage, thereby can help enterprise, operator effectively to utilize bandwidth resources, guarantee the service quality of important application; Solved and to have realized that under NAT or NAPT pattern TCP uses the problem of drainage, and then realized that TCP uses drainage under NAT and the NAPT pattern.
Description of drawings
The accompanying drawing that constitutes the application's a part is used to provide further understanding of the present invention, and illustrative examples of the present invention and explanation thereof are used to explain the present invention, do not constitute improper qualification of the present invention.In the accompanying drawings:
Fig. 1 is that the TCP according to prior art uses mutual sketch map;
Fig. 2 is a treatment system of using drainage according to the TCP of first embodiment of the invention;
Fig. 3 is that the TCP according to first embodiment of the invention uses mutual sketch map;
Fig. 4 is a treatment system of using drainage according to the TCP of second embodiment of the invention;
Fig. 5 is that the TCP according to second embodiment of the invention uses mutual sketch map;
Fig. 6 is the block diagram according to the NAT device of the embodiment of the invention;
Fig. 7 is the sketch map that adopts the network system of NAT device of the present invention;
Fig. 8 is the block diagram according to the NAPT equipment of the embodiment of the invention;
Fig. 9 is a processing method of using drainage according to the TCP of first embodiment of the invention; And
Figure 10 is a processing method of using drainage according to the TCP of second embodiment of the invention.
Embodiment
Need to prove that under the situation of not conflicting, embodiment and the characteristic among the embodiment among the application can make up each other.Below with reference to accompanying drawing and combine embodiment to specify the present invention.
Fig. 2 is a treatment system of using drainage according to the TCP of first embodiment of the invention; As shown in Figure 2; This treatment system comprises client 10, NAT device 30 and server 50, and three's reciprocal process is as shown in Figure 3, and client 10 has Intranet IP address C.IP; When access server 50, need NAT device to carry out the conversion of Intranet IP address to public network IP address; Wherein, the outgoing interface that public network is corresponding is e1 and e2, and the sequence of message table of the TCP reciprocal process of client 10 and server 50 is shown in the following table II.
Table II NAT sequence of message table
Wherein, client 10 is at first sent handshake SYN to server 50, wherein; When NAT device 30 carried out network address translation, the source IP address before the conversion was client Intranet IP address C.IP, the IP address e1.IP of the outgoing interface e1 of acquiescence when the source IP address after the conversion is client 10 access servers 50; Also promptly, the source IP address of this time handshake message is e1.IP, and server 50 returns client 10 answer signal SYN-ACK then; After client 10 receives answer signal SYN-ACK, to server 50 with the ACK message response, so far; Client 10 is set up TCP with server 50 and is connected, and client 10 can be via the outgoing interface e1 access server 50 of acquiescence.
In order to guarantee critical services such as normal web page browsing, mail, DNS; Can drainage be carried out in P2P class, application that this type of WEB video class occupied bandwidth is bigger; Drainage to another outgoing interface is e2; And the outgoing interface e1 of acquiescence is walked in other application, thereby guarantees that e1 goes up the application bandwidth-hogging that important application does not receive P2P class, WEB video class.
When client 10 is sent when having the message of load to server 50, as shown in Figure 3, be example with client 10 to first PUSH message that server 50 sends with load; NAT device 30 is when receiving the PUSH message; Directly PUSH is not sent to server 50, but TCP load in the PUSH message is discerned, determine whether that according to application type that identifies and purpose IP address needs are by drainage; When the TCP load is P2P class, the application of WEB video class; Confirm this TCP application need by drainage, then routing again confirms that the outgoing interface of correspondence was e2 when TCP used by drainage.
At this moment; When NAT device carried out network address translation, the source IP address before the conversion was client Intranet IP address C.IP, and the source IP address after the conversion is the IP address e2.IP of outgoing interface e2; In order to prevent to change owing to source IP; Server 50 link that resets, NAT device 30 is shaken hands with server 50, rebulids TCP and connects.Particularly, NAT device 30 sends handshake SYN to server 50, and the source IP address of this time handshake message is e2.IP; Server 50 returns NAT device 30 answer signal SYN-ACK then, after NAT device 30 receives answer signal SYN-ACK, to server 50 with the ACK message response; So far, NAT device 30 is set up new TCP with server 50 and is connected, and client 10 can be via outgoing interface e2 access server 50; Also be; To outgoing interface e2, NAT device 30 sends to server 50 with the PUSH message after shaking hands again with server 50 with the application drainage of P2P class, WEB video class.
Follow-up client 10 and the message between the server 50 except doing the conversion of IP address, are also done the TCP sequence alternation of signs.But just being connected between maintain customer end 10 and the server 50; Wherein, As above show shown in the II; The TCP sequence number difference of the message on client 10 to server 50 directions is NAT.Seq-C.Seq, and the TCP sequence number difference of the message on server 50 to client 10 directions is S.Seq2-S.Seq1.
The TCP that adopts this embodiment to provide uses the treatment system of drainage, can realize that TCP uses drainage under the NAT pattern, thereby can help enterprise, operator effectively to utilize bandwidth resources, guarantees the service quality of important application.
Fig. 4 is a treatment system of using drainage according to the TCP of second embodiment of the invention, and as shown in Figure 4, this treatment system comprises client 20, NAPT equipment 40 and server 60.
Table III NAPT sequence of message table
Wherein, client 20 is at first sent handshake SYN to server 60, wherein; When NAPT equipment 40 carried out the network address and port translation, the source IP address before the conversion was client Intranet IP address C.IP, and the tcp source port before the conversion is the port C.Port1 that client 20 is distributed; The IP address e1.IP of the outgoing interface e1 of acquiescence when the source IP address after the conversion is client 20 access servers 60, the source port after the conversion is a port of NAPT equipment dynamic assignment, also is; The source IP address of this time handshake message is e1.IP; Source port is NAPT.Port1, and server 60 returns client 20 answer signal SYN-ACK then, after client 20 receives answer signal SYN-ACK; To server 60 with the ACK message response; So far, client 20 is set up TCP with server 60 and is connected, and client 20 can be via the outgoing interface e1 access server 60 of acquiescence.
In order to guarantee critical services such as normal web page browsing, mail, DNS; Can drainage be carried out in P2P class, application that this type of WEB video class occupied bandwidth is bigger; Drainage to another outgoing interface is e2; And the outgoing interface e1 of acquiescence is walked in other application, thereby guarantees that e1 goes up the application bandwidth-hogging that important application does not receive P2P class, WEB video class.
When client 20 is sent when having the message of load to server 60, as shown in Figure 5, be example with client 20 to first PUSH message that server 60 sends with load; NAPT equipment 40 is when receiving the PUSH message; Directly PUSH is not sent to server 60, but TCP load in the PUSH message is discerned, determine whether that according to application type that identifies and purpose IP address needs are by drainage; When the TCP load is P2P class, the application of WEB video class; Confirm this TCP application need by drainage, then routing again confirms that the outgoing interface of correspondence was e2 when TCP used by drainage.
At this moment, when NAPT equipment carried out network address translation and port translation, the source IP address before the conversion was client Intranet IP address C.IP; Source IP address after the conversion is the IP address e2.IP of outgoing interface e2, and the tcp source port before the conversion is the port C.Port1 that client computer is distributed, and the source port after the conversion is the port NAPT.Port1 of NAPT equipment dynamic assignment; In order to prevent to change owing to source IP; Server 60 link that resets, NAPT equipment 40 is shaken hands with server 60, rebulids TCP and connects.Particularly, NAPT equipment 40 sends handshake SYN to server 60, and the source IP address of this time handshake message is e2.IP; Server 60 returns NAPT equipment 40 answer signal SYN-ACK then, after NAPT equipment 40 receives answer signal SYN-ACK, to server 60 with the ACK message response; So far, NAPT equipment 40 is set up new TCP with server 60 and is connected, and client 20 can be via outgoing interface e2 access server 60; Also be; To outgoing interface e2, NAPT equipment 40 sends to server 60 with the PUSH message after shaking hands again with server 60 with the application drainage of P2P class, WEB video class.
Follow-up client 20 and the message between the server 60; Except doing the conversion of IP address, tcp port, also do the TCP sequence alternation of signs, but just being connected between maintain customer end 20 and the server 60; Wherein, As above show shown in the III, the TCP sequence number difference of the message on client 20 to server 60 directions is NAPT.Seq-C.Seq, and the TCP sequence number difference of the message on server 60 to client 20 directions is S.Seq2-S.Seq1.
The TCP that adopts this embodiment to provide uses the treatment system of drainage, can realize that TCP uses drainage under the NAPT pattern, thereby can help enterprise, operator effectively to utilize bandwidth resources, guarantees the service quality of important application.
Fig. 6 is the block diagram according to the NAT device of the embodiment of the invention, and is as shown in Figure 6, and this NAT device comprises receiver module 31, application recognition module 32, uses drainage module 33, IP modular converter 34, handshake module 35 and sending module 36.
In the TCP of client and server reciprocal process, in order to guarantee critical services such as normal web page browsing, mail, DNS, when part TCP application need during by drainage, the concrete course of work of above-mentioned each module is following:
Follow-up client 10 and the message between the server 50 are also done the TCP sequence alternation of signs except doing the conversion of IP address, but just being connected between maintain customer end 10 and the server 50.
The NAT device that adopts this embodiment to provide can be realized that TCP uses drainage under the NAT pattern, thereby can help enterprise, operator effectively to utilize bandwidth resources, guarantees the service quality of important application.
Preferably; Service quality for the real-time ensuring important application; First message be user end to server send first have the message of load since client initiate first have the message information amount of TCP load very big, but thereby accurate recognition to by the outgoing interface of drainage.
Adopt the NAT device of this embodiment, can be applicable in the network system as shown in Figure 7.As shown in Figure 7, PC1, PC2, PC3 ... Be the PC of corporate intranet, have Intranet IP address.Gateway has two WAN mouth: e0 and e1.Gateway is NAT simultaneously except doing basic access control.In order to guarantee critical services such as normal web page browsing, mail, DNS; Can P2P class, the bigger application of this type of Web video class occupied bandwidth be drained on the e0; And other uses away acquiescence except that interface e1, thereby the important application on the assurance e1 does not receive the application bandwidth-hogging of P2P, Web video class.
Fig. 8 is the block diagram according to the NAPT equipment of the embodiment of the invention, and is as shown in Figure 8, and this NAPT equipment comprises receiver module 41, application recognition module 42, uses drainage module 43, IP and port translation module 44, handshake module 45 and sending module 46.
In the TCP of client and server reciprocal process, in order to guarantee critical services such as normal web page browsing, mail, DNS, when part TCP application need during by drainage, the concrete course of work of above-mentioned each module is following:
Receiver module 41 receive client via the NAPT device-to-server send have first message of TCP load the time; The application type of TCP load in application recognition module 42 identifications first message; To confirm whether the application in the load need be by drainage; When the TCP load is P2P class, the application of WEB video class, confirm that this TCP application need is by drainage.Use drainage module 43 according to the application type and the routing again of purpose IP address that identify; Corresponding port when confirming the TCP application by drainage; IP and port translation module 44 bases confirm by drainage the time corresponding port carry out the IP address transition, carry out port translation according to the port numbers of NAPT equipment dynamic assignment, wherein; Source IP address after the conversion is the IP address of TCP corresponding outgoing interface when using by drainage, and the port numbers after the conversion is the port numbers of NAPT equipment dynamic assignment.In order to prevent to change owing to source port; The server link that resets, handshake module 45 and server handshaking, wherein; The source IP address of handshake message is the source IP address after changing; The port numbers of the source port of handshake message after for conversion, after then NAPT equipment and server were set up new TCP and be connected, sending module 36 sent to server with first message.
Follow-up client 10 and the message between the server 50 are also done the TCP sequence alternation of signs except doing the conversion of port numbers, but just being connected between maintain customer end 10 and the server 50.
The NAPT equipment that adopts this embodiment to provide can be realized that TCP uses drainage under the NAPT pattern, thereby can help enterprise, operator effectively to utilize bandwidth resources, guarantees the service quality of important application.
Preferably, for the service quality of real-time ensuring important application, first message be user end to server send first have the message of load.
Fig. 9 is a processing method of using drainage according to the TCP of first embodiment of the invention, and as shown in Figure 9, this method comprises that following step S102 is to step S108.
Step S102:NAT equipment is after receiving first message; The outgoing interface of correspondence when confirming that according to the application type of TCP load in first message TCP uses by drainage; Wherein, first message is a client via NAT device to the message with TCP load that server sends, and can preestablish different TCP and use the different outgoing interface that is cited; Particularly; Identification is used in TCP load in first message, and, confirm the outgoing interface of correspondence when TCP uses by drainage according to application type that identifies and the routing again of purpose IP address.
Step S104:NAT equipment carries out network address translation, and wherein, the source IP address after the conversion is the IP address of TCP corresponding outgoing interface when using by drainage.
Step S106:NAT equipment and server handshaking, wherein, the source IP address of handshake message makes NAT device and server set up new TCP is connected that for the source IP address after changing the IP address after the conversion obtains the trust of server.
Step S108:NAT device-to-server sends first message and since this moment first message source IP address be the IP address of server trust, through shaking hands, so server can not send the message that resets and resets.
The TCP that adopts this embodiment to provide uses the processing method of drainage, can realize that TCP uses drainage under the NAT pattern, thereby can help enterprise, operator effectively to utilize bandwidth resources, guarantees the service quality of important application.
Preferably, for the service quality of real-time ensuring important application, first message be user end to server send first have the message of TCP load.
Preferably, the step of NAT device and server handshaking comprises: NAT device sends the SYN signal to server; Server returns the SYN-ACK signal to NAT device; And NAT device sends ack signal to server.
Preferably; For normal TCP between maintenance server and the client communicates by letter; After server sent first message, behind the message that server sends, NAT device carried out network address translation and TCP sequence number conversion to NAT device reception client via NAT device at NAT device; NAT device receive server via NAT device behind the message that client is sent, NAT device carries out the TCP sequence number conversion.
Figure 10 is a processing method of using drainage according to the TCP of second embodiment of the invention, and shown in figure 10, this method comprises that following step S202 is to step S208.
Step S202:NAPT equipment is after receiving first message; The outgoing interface of correspondence when confirming that according to the application type of TCP load in first message TCP uses by drainage; Wherein, first message is the message with TCP load of client via the transmission of NAPT device-to-server, can preestablish different TCP and use the different port that is cited; Particularly; Identification is used in TCP load in first message, and according to application type that identifies and the routing again of purpose IP address, the outgoing interface of correspondence when using by drainage with definite TCP.
Step S204:NAPT equipment carries out the network address and port translation, and wherein, the source IP address after the conversion is the IP address of TCP corresponding outgoing interface when using by drainage, and the source port number after the conversion is the port numbers of NAPT equipment dynamic assignment.
Step S206:NAPT equipment and server handshaking; Wherein, the source IP address of handshake message is the source IP address after changing, and the source port number of handshake message is the port numbers after changing; Make NAPT equipment and server set up new TCP and be connected that the port numbers after the conversion obtains the trust of server.
Step S208:NAPT device-to-server sends first message and since this moment first message source IP address and the port numbers that source port number is server trust, pass through and shake hands, so server can not send the message that resets and resets.
The TCP that adopts this embodiment to provide uses the processing method of drainage, can realize that TCP uses drainage under the NAPT pattern, thereby can help enterprise, operator effectively to utilize bandwidth resources, guarantees the service quality of important application.
Preferably, for the service quality of real-time ensuring important application, first message be user end to server send first have the message of TCP load.
Preferably; For normal TCP between maintenance server and the client communicates by letter; After the NAPT device-to-server sent first message, after NAPT equipment received the message of client via the transmission of NAPT device-to-server, NAT device carried out the network address, port translation and TCP sequence number conversion; NAPT equipment receive server via NAPT equipment behind the message that client is sent, NAPT equipment carries out the TCP sequence number conversion.
From above description; Can find out; The present invention has realized following technique effect: can realize that TCP uses drainage under the NAT/NAPT pattern; Thereby can help enterprise, operator effectively to utilize bandwidth resources, guarantee the service quality of important application, solve and to have realized that under NAT or NAPT pattern TCP uses the problem of drainage.
Need to prove; Can in computer system, carry out in the step shown in the flow chart of accompanying drawing such as a set of computer-executable instructions; And; Though logical order has been shown in flow chart, in some cases, can have carried out step shown or that describe with the order that is different from here.
Obviously, it is apparent to those skilled in the art that above-mentioned each module of the present invention or each step can realize with the general calculation device; They can concentrate on the single calculation element; Perhaps be distributed on the network that a plurality of calculation element forms, alternatively, they can be realized with the executable program code of calculation element; Thereby; Can they be stored in the storage device and carry out, perhaps they are made into each integrated circuit modules respectively, perhaps a plurality of modules in them or step are made into the single integrated circuit module and realize by calculation element.Like this, the present invention is not restricted to any specific hardware and software combination.
The above is merely the preferred embodiments of the present invention, is not limited to the present invention, and for a person skilled in the art, the present invention can have various changes and variation.All within spirit of the present invention and principle, any modification of being done, be equal to replacement, improvement etc., all should be included within protection scope of the present invention.
Claims (10)
1. a TCP uses the processing method of drainage, it is characterized in that, comprising:
NAT device is after receiving first message; Identification is used in TCP load in said first message; And according to application type that identifies and the routing again of purpose IP address; Confirm the outgoing interface of correspondence when TCP uses by drainage, wherein, said first message is the message with TCP load that client is sent to server via said NAT device;
Said NAT device carries out network address translation, and wherein, the source IP address after the conversion is the IP address of said TCP corresponding outgoing interface when using by drainage;
Said NAT device and said server handshaking, wherein, the source IP address of handshake message is the source IP address after the said conversion; And
Said NAT device sends said first message to said server.
2. processing method according to claim 1 is characterized in that, to be said client send to said server said first message that first has the message of TCP load.
3. processing method according to claim 1 is characterized in that, said NAT device and said server handshaking comprise:
Said NAT device sends the SYN signal to said server;
Said server returns the SYN-ACK signal to said NAT device; And
Said NAT device sends ack signal to said server.
4. processing method according to claim 1 is characterized in that, after said server sent said first message, said method also comprised at said NAT device:
NAT device is after receiving second message, and said NAT device carries out network address translation and TCP sequence number conversion, and wherein, said second message is the message that said client is sent to said server via said NAT device; And
NAT device is after receiving the 3rd message, and said NAT device carries out the TCP sequence number conversion, and wherein, said the 3rd message is the message that said server sends to said client via said NAT device.
5. a TCP uses the processing method of drainage, it is characterized in that, comprising:
NAPT equipment is after receiving first message; Identification is used in TCP load in said first message; And according to application type that identifies and the routing again of purpose IP address; Confirm the outgoing interface of correspondence when TCP uses by drainage, wherein, said first message is the message with TCP load that client is sent via said NAPT device-to-server;
Said NAPT equipment carries out the network address and port translation, and wherein, the source IP address after the conversion is the IP address of said TCP corresponding outgoing interface when using by drainage, and the source port number after the conversion is the port numbers of said NAPT equipment dynamic assignment;
Said NAPT equipment and said server handshaking, wherein, the source IP address of handshake message is the source IP address after the said conversion, the source port number of said handshake message is the source port number after the said conversion; And
Said NAPT equipment sends said first message to said server.
6. processing method according to claim 5 is characterized in that, after said server sent said first message, said method also comprised at said NAPT equipment:
NAPT equipment is after receiving second message, and said NAPT equipment carries out the network address, port translation and TCP sequence number conversion, and wherein, said second message is the message that said client is sent to said server via said NAPT equipment; And
NAPT equipment is after receiving the 3rd message, and said NAPT equipment carries out the TCP sequence number conversion, and wherein, said the 3rd message is the message that said server sends to said client via said NAPT equipment.
7. a NAT device is characterized in that, comprising:
Receiver module is used to receive first message, and wherein, said first message is the message with TCP load that client is sent to server via NAT device;
Application recognition module is used for discerning the application type of the said first message TCP load;
Use the drainage module, be used for, the outgoing interface of correspondence when using by drainage with definite TCP according to the application type and the routing again of purpose IP address that identify;
The IP modular converter is used to carry out network address translation, and wherein, the source IP address after the conversion is the IP address of said TCP corresponding outgoing interface when using by drainage;
Handshake module is used for and said server handshaking, and wherein, the source IP address of handshake message is the source IP address after the said conversion; And
Sending module is used for sending said first message to said server.
8. a NAPT equipment is characterized in that, comprising:
Receiver module is used to receive first message, and wherein, said first message is the message with TCP load that client is sent via the NAPT device-to-server;
Application recognition module is used for discerning the application type of the said first message TCP load;
Use the drainage module, be used for, the outgoing interface of correspondence when using by drainage with definite TCP according to the application type and the routing again of purpose IP address that identify;
IP and port translation module are used to carry out the network address and port translation, and wherein, the source IP address after the conversion is the IP address of said TCP corresponding outgoing interface when using by drainage, and the source port number after the conversion is the port numbers of said NAPT equipment dynamic assignment;
Handshake module is used for and said server handshaking, and wherein, the source IP address of handshake message is the source IP address after the said conversion, and the source port number of said handshake message is the source port number after the said conversion; And
Sending module is used for sending said first message to said server.
9. a TCP uses the treatment system of drainage, it is characterized in that, comprises client, NAT device and server, wherein,
Said client is used for sending first message via said NAT device to said server, and wherein, said first message is the message with TCP load;
Said NAT device is used for after receiving said first message, and identification is used in TCP load in said first message, and according to application type that identifies and the routing again of purpose IP address, the outgoing interface of correspondence when using by drainage with definite TCP;
Said NAT device also is used to carry out network address translation, and with said server handshaking, wherein, the source IP address after the conversion is the IP address of said TCP corresponding outgoing interface when using by drainage, the source IP address of handshake message is the source IP address after the said conversion;
Said NAT device also be used for said server handshaking after, send said first message to said server; And
Said server receives said first message after being used for shaking hands with said NAT device.
10. a TCP uses the treatment system of drainage, it is characterized in that, comprises client, NAPT equipment and server, wherein,
Said client is used for sending first message via said NAPT equipment to said server, and wherein, said first message is the message with TCP load;
Said NAPT equipment is used for after receiving said first message, and identification is used in TCP load in said first message, and according to application type that identifies and the routing again of purpose IP address, the outgoing interface of correspondence when using by drainage with definite TCP;
Said NAPT equipment also is used to carry out address and port translation; And with said server handshaking; Wherein, the source IP address after the conversion is the IP address of said TCP corresponding outgoing interface when using by drainage, and the source port number after the conversion is the port numbers of said NAPT equipment dynamic assignment; The source IP address of handshake message is the source IP address after the said conversion, and the source port number of said handshake message is the source port number after the said conversion;
Said NAPT equipment also be used for said server handshaking after, send said first message to said server; And
Said server receives said first message after being used for shaking hands with said NAPT equipment.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201210311146.9A CN102801824B (en) | 2012-08-28 | 2012-08-28 | Method and system for processing NAT equipment, NAPT equipment and TCP application drainage |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201210311146.9A CN102801824B (en) | 2012-08-28 | 2012-08-28 | Method and system for processing NAT equipment, NAPT equipment and TCP application drainage |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN102801824A true CN102801824A (en) | 2012-11-28 |
| CN102801824B CN102801824B (en) | 2015-07-01 |
Family
ID=47200784
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201210311146.9A Active CN102801824B (en) | 2012-08-28 | 2012-08-28 | Method and system for processing NAT equipment, NAPT equipment and TCP application drainage |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN102801824B (en) |
Cited By (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN103475593A (en) * | 2013-08-20 | 2013-12-25 | 北京星网锐捷网络技术有限公司 | Data stream processing method and data stream processing device |
| CN104994178A (en) * | 2015-05-12 | 2015-10-21 | 广东睿江科技有限公司 | Network address translation method and device |
| CN105282231A (en) * | 2015-09-11 | 2016-01-27 | 深信服网络科技(深圳)有限公司 | Data drainage method, device, and system based on application types |
| CN110752994A (en) * | 2019-10-28 | 2020-02-04 | 深信服科技股份有限公司 | Traffic classification processing method, device, equipment and readable storage medium |
| CN110958153A (en) * | 2019-11-01 | 2020-04-03 | 上海盈赞通信科技有限公司 | Network transmission rate detection system, method and storage medium |
| CN116032851A (en) * | 2022-12-30 | 2023-04-28 | 上海天旦网络科技发展有限公司 | NAT (network Address translation) identification method and system for TCP (Transmission control protocol) short connection based on interval time sequence track characteristics |
Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1466340A (en) * | 2002-06-24 | 2004-01-07 | �人��������������ι�˾ | Method for forwarding data by strategic stream mode and data forwarding equipment |
| CN1863152A (en) * | 2005-09-28 | 2006-11-15 | 华为技术有限公司 | Method for transmitting various messages between internal network users |
| EP1554841B1 (en) * | 2002-10-22 | 2007-01-17 | Cisco Technology, Inc. | Shared port address translation on a router behaving as nat and nat-pt gateway |
-
2012
- 2012-08-28 CN CN201210311146.9A patent/CN102801824B/en active Active
Patent Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1466340A (en) * | 2002-06-24 | 2004-01-07 | �人��������������ι�˾ | Method for forwarding data by strategic stream mode and data forwarding equipment |
| EP1554841B1 (en) * | 2002-10-22 | 2007-01-17 | Cisco Technology, Inc. | Shared port address translation on a router behaving as nat and nat-pt gateway |
| US7356045B2 (en) * | 2002-10-22 | 2008-04-08 | Cisco Technology, Inc. | Shared port address translation on a router behaving as NAT & NAT-PT gateway |
| CN1863152A (en) * | 2005-09-28 | 2006-11-15 | 华为技术有限公司 | Method for transmitting various messages between internal network users |
Cited By (8)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN103475593A (en) * | 2013-08-20 | 2013-12-25 | 北京星网锐捷网络技术有限公司 | Data stream processing method and data stream processing device |
| CN104994178A (en) * | 2015-05-12 | 2015-10-21 | 广东睿江科技有限公司 | Network address translation method and device |
| CN105282231A (en) * | 2015-09-11 | 2016-01-27 | 深信服网络科技(深圳)有限公司 | Data drainage method, device, and system based on application types |
| CN105282231B (en) * | 2015-09-11 | 2018-09-21 | 深信服网络科技(深圳)有限公司 | Data drainage method, apparatus and system based on application type |
| CN110752994A (en) * | 2019-10-28 | 2020-02-04 | 深信服科技股份有限公司 | Traffic classification processing method, device, equipment and readable storage medium |
| CN110958153A (en) * | 2019-11-01 | 2020-04-03 | 上海盈赞通信科技有限公司 | Network transmission rate detection system, method and storage medium |
| CN116032851A (en) * | 2022-12-30 | 2023-04-28 | 上海天旦网络科技发展有限公司 | NAT (network Address translation) identification method and system for TCP (Transmission control protocol) short connection based on interval time sequence track characteristics |
| CN116032851B (en) * | 2022-12-30 | 2024-05-14 | 上海天旦网络科技发展有限公司 | NAT (network Address translation) identification method and system for TCP (Transmission control protocol) short connection based on interval time sequence track characteristics |
Also Published As
| Publication number | Publication date |
|---|---|
| CN102801824B (en) | 2015-07-01 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN110301126B (en) | Conference server | |
| CN102801824A (en) | Method and system for processing NAT equipment, NAPT equipment and TCP application drainage | |
| US7412521B2 (en) | End-point identifiers in SIP | |
| US20040153858A1 (en) | Direct peer-to-peer transmission protocol between two virtual networks | |
| CN102404396B (en) | Method, device and system for identifying peer-to-peer (P2P) flow and equipment | |
| US20050229243A1 (en) | Method and system for providing Web browsing through a firewall in a peer to peer network | |
| CA2884683C (en) | Split network address translation | |
| CN106604119B (en) | Network penetration method and system for private cloud equipment of smart television | |
| CN101369959A (en) | Network address conversion traversing method supporting point-to-point service | |
| CN101946493A (en) | Method and system for providing connectivity between clients connected to the internet | |
| CN101304436A (en) | Load balancing method, system and equipment for implementing application layer conversation persistency | |
| MX2009001278A (en) | Routing device, routing module and routing method for an access network. | |
| CN101895590A (en) | UDT-based system and method for realizing network address translator traversal | |
| US8045466B2 (en) | Communication method and apparatus | |
| CN105991793B (en) | The method and apparatus of message forwarding | |
| CN102546407A (en) | Message sending method and device | |
| CN109088878A (en) | A kind of message processing method for resisting exhausted cloud guard system | |
| CN103152444B (en) | The network address translation of trunking scheme and message transmitting method and device, system | |
| US8443057B1 (en) | System, method, and/or apparatus for establishing peer-to-peer communication | |
| US9413590B2 (en) | Method for management of a secured transfer session through an address translation device, corresponding server and computer program | |
| US20060239263A1 (en) | Method for the establishing of connections in a communication system | |
| CN106789993B (en) | TCP agent method and device | |
| CN104106254A (en) | Methods and systems for enabling NAT traversal | |
| US7564854B2 (en) | Network architecture with a light-weight TCP stack | |
| CN105991629B (en) | TCP connection method for building up and device |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| ASS | Succession or assignment of patent right |
Owner name: HILLSTONE NETWORKS COMMUNICATION TECHNOLOGY CO., L Free format text: FORMER OWNER: HILLSTONE NETWORKS (BEIJING) INC. Effective date: 20150520 |
|
| C41 | Transfer of patent application or patent right or utility model | ||
| TA01 | Transfer of patent application right |
Effective date of registration: 20150520 Address after: 215163 Jiangsu city of Suzhou province high tech Zone (Suzhou city) kolding Road No. 78 Gaoxin Software Park Building 7 floor 3 Applicant after: HILLSTONE NETWORKS Address before: 100083 Beijing city Haidian District Wangzhuang Road No. 1, Tsinghua Tongfang Technology Building 6 Applicant before: Hillstone Networks Communication Technology (Beijing) Co., Ltd. |
|
| C14 | Grant of patent or utility model | ||
| GR01 | Patent grant | ||
| CP03 | Change of name, title or address |
Address after: 215163 No. 181 Jingrun Road, Suzhou High-tech Zone, Jiangsu Province Patentee after: SHANSHI NETWORK COMMUNICATION TECHNOLOGY CO., LTD. Address before: 215163 3rd Floor, 7th Building, High-tech Software Park, 78 Keling Road, Suzhou Science and Technology City, Jiangsu Province Patentee before: HILLSTONE NETWORKS |
|
| CP03 | Change of name, title or address |