CN103685032B - Message forwarding method and network address translation services device - Google Patents
Message forwarding method and network address translation services device Download PDFInfo
- Publication number
- CN103685032B CN103685032B CN201310662245.6A CN201310662245A CN103685032B CN 103685032 B CN103685032 B CN 103685032B CN 201310662245 A CN201310662245 A CN 201310662245A CN 103685032 B CN103685032 B CN 103685032B
- Authority
- CN
- China
- Prior art keywords
- message
- ipv6
- ipv4
- transitional information
- flow
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Abstract
The present invention provides a kind of message forwarding method and network address translation services device.The method includes:Whether NAT servers are judged on the message flow of the first message comprising the first switch signs;First switch signs are that the first message of the message flow is carried out to be added when IPv6/IPv4 is changed;If the NAT servers are judged on the message flow of first message comprising first switch signs, the IPv6/IPv4 conversions are carried out to first message according to the first transitional information corresponding with first switch signs recorded in the first flow table private room;Wherein, first transitional information is that the first message of the message flow is carried out to be recorded when the IPv6/IPv4 is changed;The NAT servers according to conversion after the destination address of first message forward first message.So as to improve the forwarding performance of message.
Description
Technical field
The present invention relates to the communication technology, more particularly to a kind of message forwarding method and network address translation(Network
Address Translation, referred to as:NAT)Server.
Background technology
With internet(Internet)Fast development, internet protocol version(Internet Protocol
Version, referred to as:IPv)4 networks are limited due to network address resources, the need for can not meeting Internet, therefore, industry
Boundary proposes IPv6 networks, existing internet based on IPv4, in a short time, it is impossible to be transitioned into IPv6 nets completely
Network, therefore, within one period, IPv4 networks will be network coexisted with IPv6.
In server zone(Server Farm)The middle mapping relations existed between IPv4 addresses and IPv6 addresses, work as IPv6
When user in network accesses IPv4 networks, i.e., initiate to access to the virtual IPv6 addresses in Server Farm, according to IPv4
Mapping relations between address and IPv6 addresses, the virtual IPv6 addresses can be mapped as an IPv4 addresses B, and the user
IPv6 source addresses by IPv6 and IPv4 address protocol switch technologies(Network Address and Protocol
Translation from IPv6clients to IPv4servers, referred to as:NAT64)Converter can be converted to one
IPv4 addresses A, now IPv4 addresses A to IPv4 addresses B initiate access, so as to complete the exchanging visit of IPv6 networks/IPv4 networks.
In the prior art, for needing the message of forwarding, it is necessary to message carries out rule match to realize IPv4 messages one by one
With the conversion of IPv6 messages, so as to correctly forward the message after conversion, forwarding performance is relatively low.
The content of the invention
The present invention provides a kind of message forwarding method and network address translation services device, to improve the forwarding performance of message.
The present invention provides a kind of message forwarding method, including:
Whether network address translation NAT servers are judged on the message flow of the first message comprising the first switch signs;It is described
First switch signs are that the 6th edition is carried out to the first message of the message flow with the 4th edition internet protocol version IPv6/IPv4 conversion
Shi Tianjia's;
If the NAT servers are judged on the message flow of first message comprising first switch signs, root
First message is carried out according to the first transitional information corresponding with first switch signs recorded in flow table private room
The IPv6/IPv4 conversions;Wherein, first transitional information be the first message of the message flow is carried out it is described
What IPv6/IPv4 was recorded when changing;
The NAT servers according to conversion after the destination address of first message forward first message.
The present invention provides a kind of network address translation NAT servers, including:
Judge module, for whether including the first switch signs on the message flow for judging the first message;First conversion
Mark is added when being and the 6th edition is carried out to the first message of the message flow with the 4th edition internet protocol version IPv6/IPv4 conversion
's;
Modular converter, if on the message flow for judging first message comprising first switch signs, root
First message is carried out according to the first transitional information corresponding with first switch signs recorded in flow table private room
The IPv6/IPv4 conversions;Wherein, first transitional information be the first message of the message flow is carried out it is described
What IPv6/IPv4 was recorded when changing;
Forwarding module, the destination address for first message after according to conversion forwards first message.
Message forwarding method and NAT servers that the present invention is provided, the message flow of the first message is judged by NAT servers
On whether include the first switch signs;First switch signs are to carry out IPv6/IPv4 to the first message of the message flow to turn
Added when changing;If the NAT servers are judged comprising first switch signs on the message flow of first message,
The first transitional information corresponding with first switch signs according to being recorded in flow table private room enters to first message
The row IPv6/IPv4 conversions;Wherein, first transitional information be the first message of the message flow is carried out it is described
What IPv6/IPv4 was recorded when changing;The NAT servers according to conversion after first message destination address forwarding it is described
First message.Other messages in the message flow in addition to first message can directly be carried out according to the first transitional information of first message
Conversion, so as to improve the forwarding performance of message.
Brief description of the drawings
In order to illustrate more clearly about the embodiment of the present invention or technical scheme of the prior art, below will be to embodiment or existing
The accompanying drawing to be used needed for having technology description is briefly described, it should be apparent that, drawings in the following description are this hairs
Some bright embodiments, for those of ordinary skill in the art, without having to pay creative labor, can be with
Other accompanying drawings are obtained according to these accompanying drawings.
Fig. 1 is the flow chart of message forwarding method embodiment one of the present invention;
Fig. 2 is the flow chart of message forwarding method embodiment two of the present invention;
Fig. 3 is the schematic flow sheet of message forwarding method embodiment three of the present invention;
Fig. 4 is the structural representation of NAT server examples of the present invention.
Specific embodiment
To make the purpose, technical scheme and advantage of the embodiment of the present invention clearer, below in conjunction with the embodiment of the present invention
In accompanying drawing, the technical scheme in the embodiment of the present invention is clearly and completely described, it is clear that described embodiment is
A part of embodiment of the present invention, rather than whole embodiments.Based on the embodiment in the present invention, those of ordinary skill in the art
The every other embodiment obtained under the premise of creative work is not made, belongs to the scope of protection of the invention.
Fig. 1 is the flow chart of message forwarding method embodiment one of the present invention.As shown in figure 1, the message that the present embodiment is provided
Retransmission method is specifically performed by NAT servers, and the method that the present embodiment is provided can include:
Whether step 101, NAT servers are judged on the message flow of the first message comprising the first switch signs;Described first
Switch signs are that the first message of the message flow is carried out to be added when IPv6/IPv4 is changed.
If step 102, the NAT servers are judged on the message flow of first message comprising the described first conversion mark
Know, then according to the first transitional information corresponding with first switch signs recorded in the first flow table private room to described the
One message carries out the IPv6/IPv4 conversions;Wherein, first transitional information is that the first message of the message flow is entered
What the row IPv6/IPv4 was recorded when changing.
Specifically, the NAT servers are marked on the message flow of the first message described in number is judged comprising the described first conversion
After knowledge, first message can be delivered to by NAT virtual interfaces according to the outgoing interface information of first message
(NAT64Virtual Interface, abbreviation NVI)Interface;The NVI interfaces, can be with root after first message is received
The IPv6/IPv4 conversions are carried out to first message according to the first transitional information recorded in the first flow table private room, and
The source interface of first message is set to the NVI interfaces.
Step 103, the NAT servers according to conversion after first message destination address forwarding it is described first report
Text.
Whether the technical scheme of the present embodiment, judged on the message flow of the first message comprising first turn by NAT servers
Dehorn is known;First switch signs are that the first message of the message flow is carried out to be added when IPv6/IPv4 is changed;If described
NAT servers are judged comprising first switch signs on the message flow of first message, then privately owned according to the first flow table
The first transitional information corresponding with first switch signs recorded in space carries out the IPv6/ to first message
IPv4 is changed;Wherein, first transitional information is to carry out the IPv6/IPv4 conversions to the first message of the message flow
Shi Jilu's;The NAT servers according to conversion after the destination address of first message forward first message.It is described
Other messages in message flow in addition to first message can directly be changed according to the first transitional information of first message, so as to improve
The forwarding performance of message.
Fig. 2 is the flow chart of message forwarding method embodiment two of the present invention.As shown in Fig. 2 on the basis of above-described embodiment
On, before step 101, the method that the present embodiment is provided can also include:
First transitional information of the first message recorded first flow table by step 201, the NAT servers
Private room, and message flow addition first switch signs where to the first message;Wherein, first conversion
Source address transitional information of the packet containing the first message, source port transitional information, destination address transitional information and destination
Mouth transitional information.
It should be noted that first transitional information of the first message recorded in the NAT servers described
Before first flow table private room, the levelling platform in the NAT servers receives the first message, and sets up the head
The positive flow table of the first of message, then, the NAT servers need to judge whether the first message needs to carry out IPv6/IPv4
Conversion, when judging, specifically, the NAT servers first judge whether the destination address of the first message meets interface prefix
Rule or global prefixes rule;If the destination address of the first message meets interface prefix rule or global prefixes rule, judge
Whether the source address of the first message meets the transformation rule being pre-configured with, and the transformation rule is static rule or dynamic rule
Then;If the source address of the first message meets the transformation rule being pre-configured with, judge that the first message meets IPv6/IPv4 and turns
Change condition;If one of judged result is no, the NAT servers can all judge that the first message is unsatisfactory for IPv6/IPv4
Switch condition, it is impossible to carry out IPv6/IPv4 conversions.
Be disposed as the outgoing interface of the first message and the message flow described by step 202, the NAT servers
NVI interfaces, and Route Distinguisher is put to the first message.
It is understood that after the outgoing interface of the message flow is set into the NVI interfaces, subsequently received described
During other messages in message flow, as long as after the NAT servers recognize first switch signs, can directly by message
NVI interfaces are delivered to, above-mentioned steps 201 are performed without repeating.
The levelling platform in step 203, the NAT servers sets up the first reverse flow table of the first message.
In this step, the first reverse flow table of the first message is set up, the first reverse flow table is positive with described first
In flow table, source address information is to exchange with destination address information, and source port information is to exchange with destination interface information, it is ensured that
The integrality of message flow where the first message.
The NVI interfaces in step 204, the NAT servers carry out the IPv6/IPv4 to the first message and turn
Change, and the source interface of the first message is set to the NVI interfaces.
Step 205, the NAT servers are to the message flow where the first message for completing the IPv6/IPv4 conversions
Add the second switch signs, and the first message set up after conversion the second positive flow table, will be with second switch signs
Corresponding second transitional information recorded the second flow table private room, and second transitional information is by the described first conversion
What information was obtained after replicating.
Step 206, the NAT servers according to conversion after the destination address of the first message forward the first message,
And the second reverse flow table of the first message set up after conversion.
If the NAT servers are that IPv6 messages are converted into IPv4 messages, it is to be understood that the first positive flow table and
First reverse flow table is the flow table of IPv6 message flows, and the second positive flow table and the second reverse flow table are the flow tables of IPv4 message flows.
The technical scheme of the present embodiment, recorded first transitional information of the first message by NAT servers
The first flow table private room, and message flow addition first switch signs where to the first message;By institute
The outgoing interface for stating first message and the message flow is disposed as the NVI interfaces, and the first message is put has route
Mark;The IPv6/IPv4 conversions are carried out to the first message, and the source interface of the first message are set to the NVI to connect
Mouthful;Second switch signs are added to the message flow where the first message for completing the IPv6/IPv4 conversions, and sets up conversion
The positive flow table of the second of the first message afterwards, second transitional information corresponding with second switch signs recorded
Second flow table private room;The destination address of the first message after according to conversion forwards the first message, and after setting up conversion
The first message the second reverse flow table, other messages in the message flow in addition to first message can be according to the of first message
One transitional information is directly changed, so as to improve the forwarding performance of message.
It is described in detail so that IPv6 messages are converted to IPv4 messages as an example below.
For the application for being NAT64, a stream forward direction is IPv6, is reversely IPv4.With reference to the treatment side of levelling platform
Case, IPv4 flow tables and IPv6 flow tables are separated, i.e., it is necessary to finish once complete for needing to do the message of NAT64 conversions
IPv6 flows repeating process, in addition it is also necessary to finish once complete IPv4 streams repeating process, could meet two forward and reverse stream of flow table
Integrality.
The characteristic changed according to NAT64, it is necessary to route according to the destination address after conversion, if after not changing
Destination address cannot then be route.For with the conversion of IPv6 to IPv4, if message converted before route, this
When message become the message of IPv4 protocol suites, then cannot set up IPv6 reverse flows, the influence of this convection current platform is very big, stream
Platform thinks that the only flow table of forward stream is incomplete stream, can quickly it is aging fall.
According to stream Platform, IPv6 message flows and IPv4 messages set up flow table respectively, so having to allow needs
The message of conversion covers once complete IP operation.It to route is separation that whole IP routing forwardings are, the industry before route
Business belongs to incoming interface related service, and the business after route belongs to the related business of outgoing interface, and NAT64 conversions need to be associated with one
On internal interface, whole forwarding scheduling could set up.According to this specificity analysis, it is necessary to generate a NVI interface, in need turn of institute
The message for changing carries out conversion process by being all sent to this interface after identification.After the completion of conversion process, message source interface is replaced
It is NVI interfaces, message is sent back to IP queues and re-starts routing forwarding again, is sent back to the message of IP queues again for IPv4
It is like, from NVI interfaces to a message, to re-establish IPv4 flow tables for levelling platform, carries out complete IPv4
Repeating process.
As shown in figure 3, the solid line with arrow represents the handling process of IPv6 first messages in Fig. 3, the dotted line with arrow is represented
By the handling process of the IPv4 first messages after IPv6/IPv4 conversions.
The processing procedure of the first message for IPv6 message flows is introduced first.
IPv6 first messages Business Processing is entered into incoming interface by receiving thread in levelling platform, levelling platform setting up IPv6 just
To flow table, i.e. the first positive flow table.First, the incoming interface in NAT servers enters Business Processing and needs to judge that IPv6 first messages are
It is no to need to carry out IPv6/IPv4 conversions, when judging, specifically, incoming interface enters the mesh that Business Processing first judges IPv6 first messages
Address whether meet interface prefix rule or global prefixes rule, if the determination result is YES, then carry out subsequent match, otherwise not
Carry out IPv6/IPv4 conversions;Then, incoming interface enters Business Processing and judges whether the source address of IPv6 first messages meets to be pre-configured with
Transformation rule, the transformation rule is static rule or DP, if the determination result is YES, judges that IPv6 first messages meet
IPv6/IPv4 switch conditions, otherwise judge that IPv6 first messages are unsatisfactory for IPv6/IPv4 switch conditions, it is impossible to carry out IPv6/IPv4
Conversion.
After judging that IPv6 first messages meet IPv6/IPv4 switch conditions, incoming interface enters the address conversion in Business Processing
The IPv6 source addresses of IPv6 first messages are converted to IPv4 source addresses by module, and IPv6 source ports are converted into IPv4 source ports, will
IPv6 destination addresses are converted to IPv4 destination addresses, and IPv6 destination interfaces are converted into IPv4 destination interfaces, obtain first and change
Information, recorded the first flow table private room, and add conversion to the message flow where IPv6 first messages by the first transitional information
Mark;The outgoing interface of IPv6 first messages is set to NVI interfaces, Route Distinguisher is put, while updating on IPv6 message flows
Outgoing interface information be NVI interfaces so that extended meeting is directly fed to NVI and connects after message in IPv6 message flows in addition to first message
Mouth carries out IPv6/IPv4 conversions.
The levelling platform that IPv6 first messages go out Business Processing into virtual interface is processed, and levelling platform sets up IPv6 reverse flows
Table, i.e. the first reverse flow table.It should be noted that positive flow table is corresponding with reverse flow table, its source address information and purpose
Address information is to exchange, and source port information is to exchange with destination interface information, so as to ensure the integrality of IPv6 message flows.
Then, IPv6 first messages are sent to the treatment function being articulated on the Link Encapsulation of NVI interfaces and are processed, i.e.
The IPv6 heads of IPv6 first messages are replaced with IPv4 heads by the address conversion module in dispatch thread in Fig. 3, corresponding
Information of the field and record of each field in IPv4 heads in IPv6 heads in private room is flowed is filled in, specifically
It is as follows:
Version(Version):4
Head length(Internet Header Length):5(no IPv4options)
COS length(Type of Service Octet):Acquiescence copy IPv6 header field Traffic Class
Value
Total length(Total Length):Value+IPv4 the header lengths of Payload Length fields in IPv6 stems
Identity(Identification):This field filling 0
Flag(Flags):MF flag are set to 0, DF flag and are set to 1
Field offset amount(Fragment offset):Full 0
Life span(Time To Live, referred to as:TTL):The value of copy IPv6 stem corresponding field Hop Limit
Agreement(Protocol):Its value is the value of IPv6 stem Next Header fields:
Header check summation(Header Checksum):Calculated after the establishment of IPv4 stems;
Source address(Source Address)And destination address(Destination Address):Record is filled in first
Corresponding value in stream private room.
IPv4 first message source interfaces after conversion are replaced with into NVI interfaces, and sends IP queues back to, IPv4 first messages enter empty
The levelling platform that plan interface enters Business Processing is processed, and levelling platform sets up IPv4 forward direction flow tables, i.e. the second positive flow table.
Then, virtual interface enters the address conversion module of Business Processing by the second transitional information record of IPv4 first messages the
Two flow table private rooms, the second transitional information is obtained after the first transitional information is replicated, and where IPv4 first messages
Message flow adds the second switch signs, so that reverse IPv4 messages can be quickly identified and forward.
IPv4 messages are delivered to route processing by address conversion module, are forwarded according to normal message by outgoing interface Business Processing
Flow, the IPv4 destination addresses forwarding IPv4 first messages according to IPv4 first messages, and set up the second reverse flow table.So as to complete head
The forwarding of message.
For the processing procedure of message of the IPv6 message flows in addition to first message.
The message that stream land identification is received is IPv6 messages or IPv4 messages, it is assumed that identify that the message for receiving is
IPv6 messages, i.e. the first message;Judged whether comprising the first switch signs on the message flow of IPv6 messages by address conversion module,
If comprising IPv6 messages directly being delivered into NVI interfaces according to the outgoing interface on IPv6 message flows and are processed, when IPv6 messages
After being admitted to the treatment function being articulated on the Link Encapsulation of NVI interfaces, according to first recorded in the first flow table private room
IPv6 messages are converted to IPv4 messages by transitional information, and the source interface of the message after converting replaces with NVI interfaces, will
IPv4 messages after conversion send IP queues back to.
IPv4 messages enter the levelling platform of Business Processing, five-tuple information of the levelling platform according to IPv4 messages into virtual interface
Corresponding second positive flow table is judged whether, if in the presence of IPv4 messages being delivered into route processing, by outgoing interface Business Processing
According to normal message forwarding process, the IPv4 destination addresses forwarding IPv4 messages according to IPv4 messages.So as to complete message
Forwarding.
For the processing procedure of reverse flow, now it is considered that the message of reverse flow is the first message.
After the levelling platform that IPv4 messages enter in outgoing interface Business Processing, levelling platform identifies that the message for receiving is IPv4
Message, and there are the second switch signs, then the second transitional information for being recorded according to the second flow table private room, by IPv4 messages road
By to NVI interfaces, sending into the treatment function being articulated on the Link Encapsulation of NVI interfaces and being processed, the address in dispatch thread
IPv4 messages are converted to IPv6 messages by modular converter according to the first transitional information recorded in the first flow table private room, and will
The source interface of the IPv6 messages for converting replaces with NVI interfaces, sends IPv6 messages back to IP queues.
The levelling platform that virtual interface goes out Business Processing judges there is corresponding according to the five-tuple information of IPv6 messages
One reverse flow table, route processing is delivered to by IPv4 messages, and Business Processing is entered according to normal message forwarding process, root by incoming interface
IPv6 messages are forwarded according to the destination address of IPv6.So as to complete the forwarding of reverse stream packet.
Further, in the present embodiment, NVI interfaces can be bound with high performance line card, specifically can be in control
When panel processed opens NAT64 functions, high performance line card is gone out according to the line card type selecting that system is provided, so as to by NVI interfaces
Bound together with high-performance line card so that the message for carrying out IPv6/IPv4 conversions in need be all sent to bound property high
Can be processed on line card, so as to further improve the forwarding performance of message.
The technical scheme of the present embodiment, can improve the forwarding performance of message.
Fig. 4 is the structural representation of NAT server examples of the present invention.As shown in figure 4, the NAT clothes that the present embodiment is provided
Business device 10 can include:Judge module 11, modular converter 12 and forwarding module 13.
Wherein, whether comprising the first switch signs on the message flow that judge module 11 can be used for judge the first message;Institute
It is that the first message of the message flow is carried out to be added when IPv6/IPv4 is changed to state the first switch signs;
If comprising first switch signs on the message flow that modular converter 12 can be used for judge first message,
Then according to the first transitional information corresponding with first switch signs recorded in flow table private room to first message
Carry out the IPv6/IPv4 conversions;Wherein, first transitional information be the first message of the message flow is carried out it is described
What IPv6/IPv4 was recorded when changing;
The destination address of first message after forwarding module 13 can be used for according to conversion forwards first message.
Specifically, the modular converter 12 specifically can be used for described according to the outgoing interface information of first message
One message delivers to NAT virtual interface NVI interfaces;According to the first transitional information recorded in the first flow table private room to described the
One message carries out the IPv6/IPv4 conversions, and the source interface of first message is set into NVI interfaces.
Further, the NAT servers 10 can also include logging modle, for by described first turn of the first message
Change information record to the first flow table private room, and message flow addition where to the first message is described first turn
Dehorn is known;Wherein, source address transitional information, source port transitional information, mesh of first transitional information comprising the first message
Information of address conversion and destination interface transitional information;The outgoing interface of the first message and the message flow is disposed as
The NVI interfaces, and Route Distinguisher is put to the first message;Set up the first reverse flow table of the first message;It is described
Logging modle is additionally operable to message flow addition the second conversion mark where to completing the first message that the IPv6/IPv4 is changed
Know, and the first message set up after conversion the second positive flow table, will corresponding with second switch signs described second
Transitional information recorded the second flow table private room, and second transitional information is obtained after first transitional information is replicated
's;Second reverse flow table of the first message set up after conversion.
The modular converter 12 can be also used for carrying out the first message IPv6/IPv4 conversions, and by the head
The source interface of message is set to the NVI interfaces;
The forwarding module 13 can be also used for according to conversion after the first message destination address forwarding described in report for the first time
Text.
Further, the logging modle is additionally operable to set up the first positive flow table of the first message;The judge module 11
Can be also used for judging whether the destination address of the first message meets interface prefix rule or global prefixes rule;If the head
The destination address of message meets interface prefix rule or global prefixes rule, judges whether the source address of the first message meets pre-
The transformation rule for first configuring, the transformation rule is static rule or DP;If the source address of the first message meets pre-
The transformation rule for first configuring, then judge that the first message meets IPv6/IPv4 switch conditions.
The NAT servers of the present embodiment, can be used to perform the technical scheme of above method embodiment, its realization principle and skill
Art effect is similar to, and here is omitted.
In several embodiments provided by the present invention, it should be understood that disclosed apparatus and method, can be by it
Its mode is realized.For example, device embodiment described above is only schematical, for example, the division of the unit, only
Only a kind of division of logic function, can there is other dividing mode when actually realizing, such as multiple units or component can be tied
Another system is closed or is desirably integrated into, or some features can be ignored, or do not perform.It is another, it is shown or discussed
Coupling each other or direct-coupling or communication connection can be the INDIRECT COUPLINGs or logical of device or unit by some interfaces
Letter connection, can be electrical, mechanical or other forms.
The unit that is illustrated as separating component can be or may not be it is physically separate, it is aobvious as unit
The part for showing can be or may not be physical location, you can with positioned at a place, or can also be distributed to multiple
On NE.Some or all of unit therein can be according to the actual needs selected to realize the mesh of this embodiment scheme
's.
In addition, during each functional unit in each embodiment of the invention can be integrated in a processing unit, it is also possible to
It is that unit is individually physically present, it is also possible to which two or more units are integrated in a unit.Above-mentioned integrated list
Unit can both be realized in the form of hardware, it would however also be possible to employ hardware adds the form of SFU software functional unit to realize.
The above-mentioned integrated unit realized in the form of SFU software functional unit, can store and be deposited in an embodied on computer readable
In storage media.Above-mentioned SFU software functional unit storage is in a storage medium, including some instructions are used to so that a computer
Equipment(Can be personal computer, server, or network equipment etc.)Or processor(processor)Perform the present invention each
The part steps of embodiment methods described.And foregoing storage medium includes:USB flash disk, mobile hard disk, read-only storage(Read-
Only Memory, ROM), random access memory(Random Access Memory, RAM), magnetic disc or CD etc. it is various
Can be with the medium of store program codes.
Those skilled in the art can be understood that, for convenience and simplicity of description, only with above-mentioned each functional module
Division carry out for example, in practical application, can distribute complete by different functional modules by above-mentioned functions as needed
Into, will the internal structure of device be divided into different functional modules, to complete all or part of function described above.On
The specific work process of the device of description is stated, the corresponding process in preceding method embodiment is may be referred to, be will not be repeated here.
Finally it should be noted that:Various embodiments above is merely illustrative of the technical solution of the present invention, rather than its limitations;To the greatest extent
Pipe has been described in detail with reference to foregoing embodiments to the present invention, it will be understood by those within the art that:Its according to
The technical scheme described in foregoing embodiments can so be modified, or which part or all technical characteristic are entered
Row equivalent;And these modifications or replacement, the essence of appropriate technical solution is departed from various embodiments of the present invention technology
The scope of scheme.
Claims (8)
1. a kind of message forwarding method, it is characterised in that including:
Whether network address translation NAT servers are judged on the message flow of the first message comprising the first switch signs;Described first
Switch signs add when being and the 6th edition is carried out to the first message of the message flow with the 4th edition internet protocol version IPv6/IPv4 conversion
Plus;
If the NAT servers are judged comprising first switch signs on the message flow of first message, according to
The first transitional information corresponding with first switch signs recorded in one flow table private room is carried out to first message
The IPv6/IPv4 conversions;Wherein, first transitional information be the first message of the message flow is carried out it is described
What IPv6/IPv4 was recorded when changing;
The NAT servers according to conversion after the destination address of first message forward first message;NAT servers
Before whether judging on the message flow of the first message comprising the first switch signs, also include:
First transitional information of the first message recorded the first flow table private room by the NAT servers, and
The message flow where to the first message adds first switch signs;Wherein, first transitional information includes institute
State source address transitional information, source port transitional information, destination address transitional information and the destination interface transitional information of first message;
The outgoing interface of the first message and the message flow is disposed as NAT virtual interfaces NVI and connect by the NAT servers
Mouthful, and Route Distinguisher is put to the first message;
Levelling platform in the NAT servers sets up the first reverse flow table of the first message;
The NAT servers are changed to the message flow addition second where the first message for completing the IPv6/IPv4 conversions
Mark, and the first message set up after conversion the second positive flow table, will be corresponding with second switch signs second turn
Information record to the second flow table private room is changed, second transitional information is obtained after first transitional information is replicated
's;
Second reverse flow table of the first message that the NAT servers are set up after conversion.
2. method according to claim 1, it is characterised in that described according to recorded in the first flow table private room and institute
Stating corresponding first transitional information of the first switch signs carries out the IPv6/IPv4 conversions to first message, including:
First message is delivered to NAT virtual interfaces NVI by the NAT servers according to the outgoing interface information of first message
Interface;
The NVI interfaces in the NAT servers are according to the first transitional information recorded in the first flow table private room to institute
Stating the first message carries out the IPv6/IPv4 conversions, and the source interface of first message is set into the NVI interfaces.
3. method according to claim 2, it is characterised in that
The NVI interfaces in the NAT servers carry out the IPv6/IPv4 conversions to the first message, and by the head
The source interface of message is set to the NVI interfaces;The NAT servers according to conversion after the first message destination address turn
Send out first message described.
4. method according to claim 3, it is characterised in that the NAT servers are by described the first of the first message
Before transitional information recorded the first flow table private room, also include:
The levelling platform in the NAT servers sets up the first positive flow table of the first message;
The NAT servers judge whether the destination address of the first message meets interface prefix rule or global prefixes rule;
If the destination address of the first message meets interface prefix rule or global prefixes rule, judging the source address of the first message is
No to meet the transformation rule being pre-configured with, the transformation rule is static rule or DP;If the source ground of the first message
Location meets the transformation rule being pre-configured with, then judge that the first message meets IPv6/IPv4 switch conditions.
5. a kind of network address translation NAT servers, it is characterised in that including:
Judge module, for whether including the first switch signs on the message flow for judging the first message;First switch signs
Added when being and the 6th edition is carried out to the first message of the message flow with the 4th edition internet protocol version IPv6/IPv4 conversion;
Modular converter, if on the message flow for judging first message comprising first switch signs, according to
The first transitional information corresponding with first switch signs recorded in one flow table private room is carried out to first message
The IPv6/IPv4 conversions;Wherein, first transitional information be the first message of the message flow is carried out it is described
What IPv6/IPv4 was recorded when changing;
Forwarding module, according to conversion after the destination address of first message forward first message;Logging modle, is used for
First transitional information of the first message be recorded into the first flow table private room, and to where the first message
The message flow adds first switch signs;Wherein, source address of first transitional information comprising the first message turns
Information, source port transitional information, destination address transitional information and destination interface transitional information are changed, by the first message and institute
The outgoing interface for stating message flow is disposed as NAT virtual interface NVI interfaces, and puts Route Distinguisher to the first message, builds
Found the first reverse flow table of the first message;The logging modle is additionally operable to the head to completing the IPv6/IPv4 conversions
Message flow where message adds the second switch signs, and the first message set up after conversion the second positive flow table, will be with
Corresponding second transitional information of second switch signs recorded the second flow table private room, second transitional information be by
What first transitional information was obtained after replicating;Second reverse flow table of the first message set up after conversion.
6. NAT servers according to claim 5, it is characterised in that the modular converter is specifically for according to described
First message is delivered to NAT virtual interface NVI interfaces by the outgoing interface information of one message, according in the first flow table private room
First transitional information of record carries out the IPv6/IPv4 conversions to first message, and the source of first message is connect
Mouth is set to NVI interfaces.
7. NAT servers according to claim 6, it is characterised in that:
The modular converter is additionally operable to carry out the first message IPv6/IPv4 conversions, and the source of the first message is connect
Mouth is set to the NVI interfaces;The forwarding module be additionally operable to according to conversion after the first message destination address forwarding institute
State first message.
8. NAT servers according to claim 7, it is characterised in that:
The logging modle is additionally operable to set up the first positive flow table of the first message;
The judge module is additionally operable to judge whether the destination address of the first message meets interface prefix rule or global prefixes
Rule, if the destination address of the first message meets interface prefix rule or global prefixes rule, judges the source of the first message
Whether address meets the transformation rule being pre-configured with, and the transformation rule is static rule or DP;If the first message
Source address meet the transformation rule being pre-configured with, then judge that the first message meets IPv6/IPv4 switch conditions.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201310662245.6A CN103685032B (en) | 2013-12-09 | 2013-12-09 | Message forwarding method and network address translation services device |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201310662245.6A CN103685032B (en) | 2013-12-09 | 2013-12-09 | Message forwarding method and network address translation services device |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN103685032A CN103685032A (en) | 2014-03-26 |
| CN103685032B true CN103685032B (en) | 2017-06-23 |
Family
ID=50321390
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201310662245.6A Active CN103685032B (en) | 2013-12-09 | 2013-12-09 | Message forwarding method and network address translation services device |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN103685032B (en) |
Families Citing this family (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| ES2691369T3 (en) * | 2015-02-27 | 2018-11-27 | Siemens Aktiengesellschaft | Procedure for data transmission inside an industrial automation system and communications device |
| CN108933756B (en) * | 2017-05-22 | 2020-06-30 | 深圳市中兴微电子技术有限公司 | Data packet processing method, access network equipment and computer readable storage medium |
| CN107995117B (en) * | 2017-12-13 | 2021-03-16 | 迈普通信技术股份有限公司 | Message forwarding method and board card |
| CN110932979B (en) * | 2019-11-26 | 2022-07-19 | 锐捷网络股份有限公司 | Method and device for rapidly forwarding message |
| CN112333298B (en) * | 2020-12-01 | 2022-09-02 | 武汉绿色网络信息服务有限责任公司 | Message transmission method and device, computer equipment and storage medium |
| CN114205328B (en) * | 2021-12-11 | 2023-06-02 | 英赛克科技(北京)有限公司 | OPC data forwarding method and device |
Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101087296A (en) * | 2006-06-08 | 2007-12-12 | 上海亿人通信终端有限公司 | Method for utilizing network processor to translate the IPv4/IPv6 network protocol |
| CN101447935A (en) * | 2008-11-20 | 2009-06-03 | 华为技术有限公司 | Data packet transmitting method, system and equipment thereof |
| CN102244688A (en) * | 2010-05-11 | 2011-11-16 | 华为技术有限公司 | Message forwarding method, apparatus thereof and system threof |
-
2013
- 2013-12-09 CN CN201310662245.6A patent/CN103685032B/en active Active
Patent Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101087296A (en) * | 2006-06-08 | 2007-12-12 | 上海亿人通信终端有限公司 | Method for utilizing network processor to translate the IPv4/IPv6 network protocol |
| CN101447935A (en) * | 2008-11-20 | 2009-06-03 | 华为技术有限公司 | Data packet transmitting method, system and equipment thereof |
| CN102244688A (en) * | 2010-05-11 | 2011-11-16 | 华为技术有限公司 | Message forwarding method, apparatus thereof and system threof |
Also Published As
| Publication number | Publication date |
|---|---|
| CN103685032A (en) | 2014-03-26 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN103685032B (en) | Message forwarding method and network address translation services device | |
| CN102970227B (en) | The method and apparatus of VXLAN message repeating is realized in ASIC | |
| CN103401773B (en) | Method and network equipment realizing interboard communication | |
| CN106453027B (en) | Gre tunneling implementation method, access device and aggregation gateway | |
| CN103259726B (en) | Method, device and system for storing and sending MAC address table entries | |
| US9819574B2 (en) | Concerted multi-destination forwarding in a joint TRILL fabric and VXLAN/IP fabric data center | |
| CN102792651B (en) | At the device of MAC layer application service path Route Selection | |
| CN101645851B (en) | Recombination method for IP fragment messages and device thereof | |
| CN102882781B (en) | Method, route bridge and system for transmitting message | |
| CN103354529B (en) | A kind of method and apparatus of selecting paths | |
| CN104702476A (en) | Distributed gateway, message processing method and message processing device based on distributed gateway | |
| CN105490957A (en) | Load sharing method and device | |
| CN101026547A (en) | Method and system for accessing Intranct IPv6 host into global IPv6 network | |
| CN107094110A (en) | A kind of DHCP message retransmission method and device | |
| CN102571375B (en) | Multicast forwarding method and device as well as network device | |
| CN102291305B (en) | Method and device for implementing 6 to 4 relay routing, and message forwarding method | |
| CN102201996B (en) | Method and equipment for forwarding message in network address translation (NAT) environment | |
| CN105207858B (en) | Access device and method for connecting user equipment to network executed by access device | |
| CN107733930A (en) | For forwarding Internet protocol in multiple WAN network gateways(IP)The method and system of packet | |
| CN105493454B (en) | For realizing the method and apparatus at the dual-active access garden TRILL edge | |
| CN113364660B (en) | Data packet processing method and device in LVS load balancing | |
| CN108156034B (en) | Message forwarding method and message forwarding system based on deep neural network assistance | |
| CN103391251B (en) | A kind of method and apparatus reducing redundant flow in PBB network | |
| US10291750B1 (en) | Aggregating data sessions between autonomous systems | |
| CN102868642B (en) | The method and apparatus of NVGRE message repeating is realized in ASIC |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant | ||
| CP01 | Change in the name or title of a patent holder | ||
| CP01 | Change in the name or title of a patent holder |
Address after: Cangshan District of Fuzhou City, Fujian province 350002 Jinshan Road No. 618 Garden State Industrial Park 19 floor Patentee after: RUIJIE NETWORKS CO., LTD. Address before: Cangshan District of Fuzhou City, Fujian province 350002 Jinshan Road No. 618 Garden State Industrial Park 19 floor Patentee before: Fujian Xingwangruijie Network Co., Ltd. |