CN103685410B - A kind of method of transparent transmission timestamp - Google Patents
A kind of method of transparent transmission timestamp Download PDFInfo
- Publication number
- CN103685410B CN103685410B CN201210348315.6A CN201210348315A CN103685410B CN 103685410 B CN103685410 B CN 103685410B CN 201210348315 A CN201210348315 A CN 201210348315A CN 103685410 B CN103685410 B CN 103685410B
- Authority
- CN
- China
- Prior art keywords
- client
- message
- layer proxy
- proxy servers
- timestamp
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Landscapes
- Computer And Data Communications (AREA)
Abstract
The present invention is to be connected with background server the network system constituted by internet and four layer proxy servers based on client, and described system operates under SYN Cookie/SYN Cache mechanism, realize a kind of method of transparent transmission timestamp be mainly client by internet and four layer proxy servers with background server in TCP is connected handshake procedure, arranging TCP timestamp option is zero.The present invention compared with prior art, improves the performance of four layer proxy servers, simplifies design and realization that timestamp option is supported by four layer proxy servers.
Description
Technical field
The present invention relates to network application field, particularly to a kind of method of transparent transmission timestamp.
Background technology
SYN(TCP/IP sets up the handshake used when connecting) Flood(floods) it is current most popular DoS(refusal
Service attack) with DdoS(distributed denial of service attack) one of mode, this is that one utilizes Transmission Control Protocol defect, sends big
The TCP connection request that amount is forged, the attack pattern of (CPU at full capacity or low memory) so that the side's of being hacked resource exhaustion.
Two kinds of mechanism commonly used that SYN Cookie/SYN Cache(defence SYN Flood attacks) mechanism can resist effectively
SYN Flood attacks, the most relatively common.
Under SYN Cookie/SYN Cache mechanism, after four layer proxy servers receive client SYN message, will not
Initiate request to background server at once, but first complete the three-way handshake of TCP with client, the most again to background server end
Initiate request.The timestamp information that this situation can cause in four layer protocol information between client and background server cannot
Directly transparent transmission, but by proxy server modified after could proper communication.Revise in message when forwarding data packets and believe
Breath, not only can affect systematic function, too increase the complexity of programming.In above-mentioned prior art, client with after
The basic step performed that communicates between station server is as follows:
PCx (the most above-mentioned PC1, PC2 ...), is used for the timestamp stamped when representing proxy server and client communication, PSx
(the most above-mentioned PS1, PS2 ...), is used for representing the timestamp that proxy server is stamped when communicating with background server end.Four layers of generation
Reason server is required for processing respectively the timestamp at two ends, the process at two ends with the two ends such as client and background server when communicating
Independently carrying out, in all correlation step, four layer proxy servers are required for when E-Packeting processing timestamp option, this
Sample makes the transmission performance of system decline, system design complexity, and this is required to improve by user.
Summary of the invention
For the deficiency of above-mentioned prior art, a kind of method that the purpose of the present invention is to propose to transparent transmission timestamp so that when
In the case of four layer proxy servers use SYN Cookie/SYN Cache mechanism, it is not necessary to process TCP timestamp option, directly
Transparent transmission timestamp, and do not affect the transmission of follow-up data.
For achieving the above object, the method applied in the present invention is: taken by internet and four layer proxies based on client
Business device be connected with background server constitute network system, and described system operate in SYN Cookie/SYN Cache mechanism
Under, client passes through internet and four layer proxy servers with background server in TCP is connected handshake procedure, when arranging TCP
Between stab option be zero.Being provided with TCP timestamp option is zero to be to be taken with client and backstage respectively by four layer proxy servers
Carry out between business device stamping what special timestamp value zero method realized to message when TCP shakes hands.Further, the present invention's is concrete
Step is as follows:
Step 1, client send out SYN message give four layer proxy servers, client stamps client current time to message
Stamp C1;
Step 2, four layer proxy servers are responded being collectively referred to as of SAK(SYN with ACK to client, are referred to send SYN message also
The SYN message received is confirmed) message, four layer proxy servers stamp special timestamp value 0 to message;
Step 3, client sends ACK (Acknowledgement, the acknowledgement indicator in tcp data bag stem) bag, client
Holding and stamp client current time stamp C2 to message, client sends datagram subsequently;
Step 4, four layer proxy servers send SYN message to background server end, and four layer proxy servers are beaten to message
Upper special timestamp value 0;
Step 5, background server is to four layer proxy server response SAK messages, and background server stamps backstage to message
Server current time stamp S1;
Step 6, normal data communication between client and background server.
Compared with prior art, the main distinction and effect thereof are embodiment of the present invention: improve four layer proxy services
The performance of device, simplifies design and realization that timestamp option is supported by four layer proxy servers.
Accompanying drawing explanation
Fig. 1 is present system structural representation;
Fig. 2 is the inventive method block diagram;
Fig. 3 is timestamp form schematic diagram of the present invention.
Detailed description of the invention
In the following description, in order to make reader be more fully understood that, the application proposes many ins and outs.But, this
Even if the those of ordinary skill in field is appreciated that does not has these ins and outs and many variations based on following embodiment
And amendment, it is also possible to realize the application each claim technical scheme required for protection.
For making the object, technical solutions and advantages of the present invention clearer, below in conjunction with the accompanying drawing enforcement to the present invention
Step and operation principle are described in further detail.
As it is shown in figure 1, based on client 101 by internet 102 and four layer proxy server 103 and background servers
104 are connected the network systems constituted, and described system operates under SYN Cookie/SYN Cache mechanism, and the present invention is a kind of thoroughly
The method passing timestamp is that client is passed through to be connected at TCP between internet and four layer proxy servers and background server to shake hands
During, arranging TCP timestamp option is zero.Being provided with TCP timestamp option is zero to be by four layer proxy servers respectively
And carry out between client and background server stamping what special timestamp value zero method realized to message when TCP shakes hands.Such as Fig. 2
Shown in, further, the enforcement step of the present invention is as follows:
Step 1, client is sent out SYN message and is stamped current time stamp C1 to four layer proxy servers, client to message;
Step 2, four layer proxy servers are to client response SAK message, and it is special that four layer proxy servers are stamped to message
Timestamp value 0;
Step 3, client sends ACK bag, and client stamps client current time stamp C2 to message, and client is sent out subsequently
Send data message;
Step 4, four layer proxy servers send SYN message to background server end, and four layer proxy servers are beaten to message
Upper special timestamp value 0;
Step 5, background server is to four layer proxy server response SAK messages, and four layer proxy servers are stamped to message
Background server current time stamp S1;
Step 6, normal data communication between client and background server.
The present invention is when step 2, and four layer proxy servers stamp special timestamp value 0 to message, and such Transmission Control Protocol is ignored
The timestamp response value of step 3, in like manner when step 4, four layer proxy servers stamp special timestamp value 0 to message, so
Transmission Control Protocol can ignore the timestamp response value of step 5.So, from the beginning of step 6, four layer proxy servers just can be the most saturating
Pass timestamp option so that client and background server start normal data communication.
The operation principle of the present invention has mainly been used RFC 1323 protocol theory flexibly and has combined four layer proxy servers
Feature achieve transparent transmission TCP timestamp.
First, RFC 1323 agreement is the High Performance Scalable association of the TCP adjusting, improve and optimize network speed and handling capacity
View, clear stipulaties in RFC 1323 agreement, when the response of timestamp is worth invalid, it must be zero.Test with reality after deliberation
Finding, the Transmission Control Protocol in the operating systems such as windows, linux and Freebsd is in handshake phase, if timestamp
Response value is zero, and it can be treated as invalid value, thus does not interferes with the proper communication of follow-up data.The present invention has abolished industry habit
Used thoughtcast, uses this protocol capabilities real in TCP handshake phase on the premise of not affecting follow-up data proper communication flexibly
Show the transparent transmission of timestamp.
Secondly, four layer proxy servers are to use four layers and with lower-layer protocols information (such as IP address and port etc.) to message
The agent equipment processed, four layer proxies will not be checked the data of application layer, only provide generation according to IP address and port information
Reason service, does not interferes with the proper communication of follow-up data the most yet.
As it is shown on figure 3, according to RFC1323, the format content of timestamp option includes: classification 301, length 302, timestamp
Field value (TSval) 303 and timestamp response value (TSecr) 304, the TSval word that wherein TSecr field receives for echo
Segment value.The inventive method available programs formula is expressed as follows:
Above-mentioned Cx (x=1,2 ...) it is the timestamp stamped to message of client, Sx (x=1,2 ...) it is background server
The timestamp that end is stamped to message.
Array APV serial equipment all has four layer proxy servers and the function of load balancing thereof, uses Array APV
Series four layer proxy server load balancing functions system topological example as shown in Figure 1: have 3 four layer proxy servers, its
IP can be 10.3.1.21,10.3.1.22,10.3.1.23 respectively, and this system can realize supporting SYN Cookie/SYN
Cache defencive function, support timestamp option and realization are to the load balancing of these three four stratum server request.
Although by referring to some of the preferred embodiment of the invention, the present invention being shown and described, but
It will be understood by those skilled in the art that can to it, various changes can be made in the form and details, without departing from this
Bright spirit and scope.
Claims (1)
1. a method for transparent transmission timestamp, is characterized in that the method includes step in detail below:
Step 1, client is sent out SYN message and is stamped client current time stamp C1 to four layer proxy servers, client to message;
Step 2, four layer proxy servers are to client response SAK message, and four layer proxy servers stamp the special time to message
Timestamp value 0;
Step 3, client sends ACK bag, and client stamps client current time stamp C2 to message, and client sends number subsequently
According to message;
Step 4, four layer proxy servers send SYN message to background server end, and four layer proxy servers stamp spy to message
Different timestamp value 0;
Step 5, background server is to four layer proxy server response SAK messages, and background server stamps background service to message
Device current time stamp S1;
Step 6, normal data communication between client and background server.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201210348315.6A CN103685410B (en) | 2012-09-18 | 2012-09-18 | A kind of method of transparent transmission timestamp |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201210348315.6A CN103685410B (en) | 2012-09-18 | 2012-09-18 | A kind of method of transparent transmission timestamp |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN103685410A CN103685410A (en) | 2014-03-26 |
| CN103685410B true CN103685410B (en) | 2016-08-31 |
Family
ID=50321709
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201210348315.6A Active CN103685410B (en) | 2012-09-18 | 2012-09-18 | A kind of method of transparent transmission timestamp |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN103685410B (en) |
Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1728671A (en) * | 2004-07-29 | 2006-02-01 | 株式会社Ntt都科摩 | Server device, method for controlling a server device, and method for establishing a connection using the server device |
| CN1842060A (en) * | 2005-03-29 | 2006-10-04 | 日本电气株式会社 | Session relay apparatus, session relay method and program |
| CN101035035A (en) * | 2007-04-02 | 2007-09-12 | 华为技术有限公司 | Method, device, system and communication method for detecting the host number |
| US7831745B1 (en) * | 2004-05-25 | 2010-11-09 | Chelsio Communications, Inc. | Scalable direct memory access using validation of host and scatter gather engine (SGE) generation indications |
| CN102377620A (en) * | 2011-12-09 | 2012-03-14 | 浙江大学 | Method for detecting broadband private connection based on open system interconnection (OSI) transmission layer timestamp |
Family Cites Families (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US8069352B2 (en) * | 2007-02-28 | 2011-11-29 | Sourcefire, Inc. | Device, system and method for timestamp analysis of segments in a transmission control protocol (TCP) session |
-
2012
- 2012-09-18 CN CN201210348315.6A patent/CN103685410B/en active Active
Patent Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US7831745B1 (en) * | 2004-05-25 | 2010-11-09 | Chelsio Communications, Inc. | Scalable direct memory access using validation of host and scatter gather engine (SGE) generation indications |
| CN1728671A (en) * | 2004-07-29 | 2006-02-01 | 株式会社Ntt都科摩 | Server device, method for controlling a server device, and method for establishing a connection using the server device |
| CN1842060A (en) * | 2005-03-29 | 2006-10-04 | 日本电气株式会社 | Session relay apparatus, session relay method and program |
| CN101035035A (en) * | 2007-04-02 | 2007-09-12 | 华为技术有限公司 | Method, device, system and communication method for detecting the host number |
| CN102377620A (en) * | 2011-12-09 | 2012-03-14 | 浙江大学 | Method for detecting broadband private connection based on open system interconnection (OSI) transmission layer timestamp |
Also Published As
| Publication number | Publication date |
|---|---|
| CN103685410A (en) | 2014-03-26 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US7826487B1 (en) | Coalescing acknowledgement responses to improve network communications | |
| US7831720B1 (en) | Full offload of stateful connections, with partial connection offload | |
| US7882251B2 (en) | Routing hints | |
| US9118717B2 (en) | Delayed network protocol proxy for packet inspection in a network | |
| US8793390B2 (en) | Systems and methods for protocol detection in a proxy | |
| US20050229243A1 (en) | Method and system for providing Web browsing through a firewall in a peer to peer network | |
| WO2016077716A1 (en) | Communication sessions at a coap protocol layer | |
| US10355961B2 (en) | Network traffic capture analysis | |
| US8266294B2 (en) | Routing hints | |
| US20110252281A1 (en) | Transparent auto-discovery of network devices logically located between a client and server | |
| EP1327196A2 (en) | System and method for highly scalable high-speed content-based filtering and load balancing in interconnected fabrics | |
| Natarajan et al. | SCTP: An innovative transport layer protocol for the web | |
| IL173157A (en) | Routing hints | |
| US7564848B2 (en) | Method for the establishing of connections in a communication system | |
| US8539099B2 (en) | Method for providing on-path content distribution | |
| Simpson | TCP cookie transactions (TCPCT) | |
| WO2019243890A2 (en) | Multi-port data transmission via udp | |
| Kanagarathinam et al. | QSOCKS: 0-RTT proxification design of SOCKS protocol for QUIC | |
| CN103685410B (en) | A kind of method of transparent transmission timestamp | |
| CN110324302B (en) | IOT equipment communication method | |
| EP3414877A1 (en) | Technique for transport protocol selection and setup of a connection between a client and a server | |
| Song et al. | The throughput critical condition study for reliable multipath transport | |
| Cui et al. | Laconic: Streamlined Load Balancers for SmartNICs | |
| CN1327374C (en) | Method for forced push-off web | |
| US20240152502A1 (en) | Data authentication and validation across multiple sources, interfaces, and networks |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C14 | Grant of patent or utility model | ||
| GR01 | Patent grant | ||
| CP01 | Change in the name or title of a patent holder | ||
| CP01 | Change in the name or title of a patent holder |
Address after: 100125 Beijing city Chaoyang District Liangmaqiao Road No. 40 building 10 room 1001, twenty-first Century Patentee after: Beijing Huayao Technology Co., Ltd Address before: 100125 Beijing city Chaoyang District Liangmaqiao Road No. 40 building 10 room 1001, twenty-first Century Patentee before: Huayao (China) Technology Co., Ltd. |