CN103442093A - Method for achieving network address translation - Google Patents
Method for achieving network address translation Download PDFInfo
- Publication number
- CN103442093A CN103442093A CN2013103075448A CN201310307544A CN103442093A CN 103442093 A CN103442093 A CN 103442093A CN 2013103075448 A CN2013103075448 A CN 2013103075448A CN 201310307544 A CN201310307544 A CN 201310307544A CN 103442093 A CN103442093 A CN 103442093A
- Authority
- CN
- China
- Prior art keywords
- address
- datagram
- former
- ipv4
- ipv6
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Landscapes
- Data Exchanges In Wide-Area Networks (AREA)
Abstract
The invention discloses a method for achieving network address translation. The method comprises the first step of receiving a current datagram with network address ports needing to be processed, wherein the format of the datagram is | a first destination IP address a first original IP address| a second destination IP address a second original IP address| destination port numbers original port numbers| data|, and transition between the first original IP address of the current datagram and a public network IP address is achieved; the second step of choosing the port numbers which are not allocated from N ports and replacing the original port numbers according to the destination public network IP address of the current datagram, wherein the public network IP address of the current datagram has N ports, and N is integers ranging from 0 to 65535; the third step of inputting a datagram formed after replacement into a connection table, wherein if a datagram same as the datagram in the connection table is not received within preset time, the public network port number is released.
Description
Technical field
The present invention relates to network communications technology field, particularly a kind of method that realizes network address translation.
Background technology
Network address port conversion (PORT ADDRESS TRANSLATION, PAT) is a kind of distortion of NAT, permits a plurality of private net addresses and is mapped on same public network address, also can be described as " many-one address transition " or " address multiplex ".PAT shines upon IP address and port numbers simultaneously, source address from the datagram of different private net addresses can be mapped to same public network address, but these port numbers from the datagram of different private net addresses are converted into the different port number of this same public network address, thereby can share same public network address.Be that PAT realizes the conversion between " private net address+private network port numbers " and " public network address+public network port numbers ".Therefore, in PAT, except the management of public network address, the management of public network port is also most important, is related to " many " in " many-one address transition " and is how many on earth.At present, the Port Management of PAT adopts port queue, and wherein, the both port of origination of port queue and terminating port can be supported product customization.When datagram is done the PAT processing, use the port numbers (the port span is 0 to 65535) of public network IP address while being changed, former IP address (being private network IP address) in message is replaced with to this public network IP address, and the private network port numbers is replaced with to arbitrary idle port numbers in 0 ~ 65535, so far complete the pat address transfer process one time.But the method can only be changed the message of UDP or TCP type, other messages can't carry out the pat address conversion by adopting said method.
Therefore, need a kind of method can't carry out the problem of pat address transition to solve ipv4 over ipv6, ipv6 over ipv4, ipv4 over ipv4 and tetra-kinds of channel messages of ipv6 over ipv6.
Summary of the invention
(1) technical problem that will solve
The technical problem to be solved in the present invention is how to IPV4 over IPV4, IPV6 over
IPV6, IPV4 over IPV6, IPV6 over IPV4 message carry out network address translation.
(2) technical scheme
For solving the problems of the technologies described above, the invention provides a kind of method that realizes network address translation, said method comprising the steps of:
A kind of method that realizes network address translation, is characterized in that, said method comprising the steps of:
S1: reception need to be carried out the current data newspaper of network address port conversion process, and the form of described datagram is:
| the first former IP address, the first purpose IP address | the second former IP address, the second purpose IP address | the former port numbers of destination slogan | data |
Realize the first former IP address of current data newspaper and the conversion between public network IP address;
S2: the public network IP address of described current data newspaper has N port, and the span of described N is the integer between 0 ~ 65535,
According to the purpose public network IP address of current data newspaper, select the port numbers be not assigned with away in a described N port to replace former port numbers;
S3: the datagram formed after replacing is put into to connection table, if do not receive the datagram identical with datagram in described connection table in Preset Time, discharge described public network port numbers.
Described Preset Time is 30 minutes.
The kind of described datagram is any in ipv4 over ipv6, ipv6 over ipv4, ipv4 over ipv4 or ipv6 over ipv6.
(3) beneficial effect
Pat address conversion method of the present invention to IPV4 over IPV4, IPV6 over IPV6,
Former IP address in first IP head of IPV4 over IPV6, IPV6 over IPV4 message and the former port numbers of second IP back are replaced, thereby complete the conversion of the network address of these four kinds of messages.
Embodiment
Below the specific embodiment of the present invention is described in further detail.Following examples are used for the present invention is described, but are not used for limiting the scope of the invention.
The method of present embodiment comprises the following steps:
S1: reception need to be carried out the current data newspaper of network address port conversion process, and the form of described datagram is:
| the first former IP address, the first purpose IP address | the second former IP address, the second purpose IP address | the former port numbers of destination slogan | data |
Realize the first former IP address of current data newspaper and the conversion between public network IP address;
S2: the public network IP address of described current data newspaper has N port, and the span of described N is the integer between 0 ~ 65535,
According to the purpose public network IP address of current data newspaper, select the port numbers be not assigned with away in a described N port to replace former port numbers;
S3: the datagram formed after replacing is put into to connection table, if do not receive the datagram identical with datagram in described connection table in Preset Time, discharge described public network port numbers.
Preferably, described Preset Time is 30 minutes.
Pat address conversion method of the present invention is applicable to the datagram of following four kinds of forms:
A, IPV4 over IPV4, the first purpose IP address and the first former IP address are respectively purpose IPV4 address and former IPV4 address, and the second purpose IP address and the 2nd IP address are respectively IPV4 address and former IPV4 address;
B, IPV6 over IPV6, the first purpose IP address and the first former IP address are respectively purpose IPV6 address and former IPV6 address, and the second purpose IP address and the 2nd IP address are respectively IPV6 address and former IPV6 address;
C, IPV4 over IPV6, the first purpose IP address and the first former IP address are respectively purpose IPV4 address and former IPV4 address, and the second purpose IP address and the 2nd IP address are respectively IPV6 address and former IPV6 address;
D, IPV6 over IPV4, the first purpose IP address and the first former IP address are respectively purpose IPV6 address and former IPV6 address, and the second purpose IP address and the 2nd IP address are respectively IPV4 address and former IPV4 address.
Pat address conversion method of the present invention to IPV4 over IPV4, IPV6 over IPV6,
Former IP address in first IP head of IPV4 over IPV6, IPV6 over IPV4 message and the former port numbers of second IP back are replaced, thereby complete the conversion of the network address of these four kinds of messages.
Above execution mode is only for illustrating the present invention; and be not limitation of the present invention; the those of ordinary skill in relevant technologies field; without departing from the spirit and scope of the present invention; can also make a variety of changes and modification; therefore all technical schemes that are equal to also belong to category of the present invention, and scope of patent protection of the present invention should be defined by the claims.
Claims (3)
1. realize the method for network address translation, it is characterized in that, said method comprising the steps of:
S1: reception need to be carried out the current data newspaper of network address port conversion process, and the form of described datagram is:
| the first former IP address, the first purpose IP address | the second former IP address, the second purpose IP address | the former port numbers of destination slogan | data |
Realize the first former IP address of current data newspaper and the conversion between public network IP address;
S2: the public network IP address of described current data newspaper has N port, and the span of described N is the integer between 0 ~ 65535,
According to the purpose public network IP address of current data newspaper, select the port numbers be not assigned with away in a described N port to replace former port numbers;
S3: the datagram formed after replacing is put into to connection table, if do not receive the datagram identical with datagram in described connection table in Preset Time, discharge described public network port numbers.
2. realize as claimed in claim 1 the method for network address translation, it is characterized in that, described Preset Time is 30 minutes.
3. realize as claimed in claim 1 the method for network address translation, it is characterized in that, the kind of described datagram is any in ipv4 over ipv6, ipv6 over ipv4, ipv4 over ipv4 or ipv6 over ipv6.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN2013103075448A CN103442093A (en) | 2013-07-22 | 2013-07-22 | Method for achieving network address translation |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN2013103075448A CN103442093A (en) | 2013-07-22 | 2013-07-22 | Method for achieving network address translation |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN103442093A true CN103442093A (en) | 2013-12-11 |
Family
ID=49695758
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN2013103075448A Pending CN103442093A (en) | 2013-07-22 | 2013-07-22 | Method for achieving network address translation |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN103442093A (en) |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN107547690A (en) * | 2017-09-25 | 2018-01-05 | 新华三信息安全技术有限公司 | Port assignment method, apparatus, NAT device and storage medium in NAT |
Citations (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101136926A (en) * | 2007-10-12 | 2008-03-05 | 杭州华三通信技术有限公司 | Packet forwarding method under asymmetric routing condition and network address conversion gateway |
| CN101217435A (en) * | 2008-01-16 | 2008-07-09 | 中兴通讯股份有限公司 | L2TP over IPSEC remote access method and device |
| CN101335770A (en) * | 2008-08-06 | 2008-12-31 | 杭州华三通信技术有限公司 | Method and apparatus for network port address conversion |
| WO2011051594A1 (en) * | 2009-10-30 | 2011-05-05 | France Telecom | METHODS AND DEVICES FOR ROUTING DATA PACKETS BETWEEN IPv4 AND IPv6 NETWORKS |
| CN102377628A (en) * | 2010-08-12 | 2012-03-14 | 杭州华三通信技术有限公司 | Method for establishing DS-Lite tunnel and DS-Lite CGN |
| CN102594942A (en) * | 2012-02-23 | 2012-07-18 | 汉柏科技有限公司 | Method and system for achieving network address translation |
-
2013
- 2013-07-22 CN CN2013103075448A patent/CN103442093A/en active Pending
Patent Citations (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101136926A (en) * | 2007-10-12 | 2008-03-05 | 杭州华三通信技术有限公司 | Packet forwarding method under asymmetric routing condition and network address conversion gateway |
| CN101217435A (en) * | 2008-01-16 | 2008-07-09 | 中兴通讯股份有限公司 | L2TP over IPSEC remote access method and device |
| CN101335770A (en) * | 2008-08-06 | 2008-12-31 | 杭州华三通信技术有限公司 | Method and apparatus for network port address conversion |
| WO2011051594A1 (en) * | 2009-10-30 | 2011-05-05 | France Telecom | METHODS AND DEVICES FOR ROUTING DATA PACKETS BETWEEN IPv4 AND IPv6 NETWORKS |
| CN102377628A (en) * | 2010-08-12 | 2012-03-14 | 杭州华三通信技术有限公司 | Method for establishing DS-Lite tunnel and DS-Lite CGN |
| CN102594942A (en) * | 2012-02-23 | 2012-07-18 | 汉柏科技有限公司 | Method and system for achieving network address translation |
Non-Patent Citations (4)
| Title |
|---|
| 刘武军: "IPv4-IPv6基于NAT-PT的过渡技术的研究", 《万方平台论文数据库》 * |
| 耿楠楠等: "基于IPv6扩展报头的安全通信策略", 《计算机工程与设计》 * |
| 蔡华: "基于NAT-PT的转换网络的安全机制的研究", 《CNKI》 * |
| 黄晓榕: "对新一代IP协议IPv6的分析", 《中国优秀硕士学位论文全文数据库 信息科技辑》 * |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN107547690A (en) * | 2017-09-25 | 2018-01-05 | 新华三信息安全技术有限公司 | Port assignment method, apparatus, NAT device and storage medium in NAT |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN102594942B (en) | Method and system for achieving network address translation | |
| CN102209124B (en) | Method for communication between private network and public network and network address translation equipment | |
| GB2478470A (en) | Method and apparatus for network port and network address translation | |
| CN104270475B (en) | The system and method for IPv4 networks and IPv6 network interworkings is realized based on NAT64 | |
| MX2012007559A (en) | Virtual layer 2 and mechanism to make it scalable. | |
| GB2514323A (en) | Multiple virtual machines sharing a single IP address | |
| MY151825A (en) | Method and system of providing ip-based packet communications in a utility network | |
| DE602006019331D1 (en) | Method and apparatus for IP network interfacing | |
| EP3624429A3 (en) | Reducing arp/nd flooding in cloud environment | |
| ZA200708337B (en) | Maintenance of data connections during the changeover of a communication access network | |
| TW200708009A (en) | Preventing duplicate sources from clients served by a network address port translator | |
| CN101645851B (en) | Recombination method for IP fragment messages and device thereof | |
| CN101072158A (en) | Method for releasing and processing virtual circuit information and supplier edge device | |
| GB2465953A (en) | Method and apparatus for distributing dynamic auto-summarization fo internet protocol reachable addresses | |
| MX356722B (en) | Method and apparatus for accessing network. | |
| US20170180311A1 (en) | Systems and methods for managing network address information | |
| CN101610295A (en) | Use the stateless IPv4/IPv6 grouping conversion method of nonspecific IPv6 address | |
| CN103685032B (en) | Message forwarding method and network address translation services device | |
| CN108667949A (en) | A kind of digital movie distribution projection system and its working method based on new network | |
| CN103442093A (en) | Method for achieving network address translation | |
| IN2012DE04075A (en) | ||
| CN101938531A (en) | Method, system and device for communicating IPv4 network and IPv6 network | |
| CN104333612A (en) | Network address translation method and device | |
| CN102868642B (en) | The method and apparatus of NVGRE message repeating is realized in ASIC | |
| CN102075921B (en) | Inter-network communication method and device |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| RJ01 | Rejection of invention patent application after publication | ||
| RJ01 | Rejection of invention patent application after publication |
Application publication date: 20131211 |