CN103873372A - Domain-name-based policy routing system and setting method - Google Patents
Domain-name-based policy routing system and setting method Download PDFInfo
- Publication number
- CN103873372A CN103873372A CN201210545948.6A CN201210545948A CN103873372A CN 103873372 A CN103873372 A CN 103873372A CN 201210545948 A CN201210545948 A CN 201210545948A CN 103873372 A CN103873372 A CN 103873372A
- Authority
- CN
- China
- Prior art keywords
- routing
- domain name
- module
- route
- address
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Images
Abstract
The invention discloses a domain-name-based policy routing system. The system consists of a domain-name-based policy router and a domain name server, which are connected, wherein the domain-name-based policy router consists of a user input module, a routing module and a domain name resolution and route updating module, which are connected. The invention also discloses a setting method for the system. The setting method comprises the following steps of separately processing an IP (Internet protocol) address route and a domain name route, which are input by a user, based on the system, wherein the IP address route is directly transmitted to a routing module to generate a route table; periodically performing DNS (domain name server) resolution processing on a domain name in domain name routing rules, and transmitting an IP address to the routing module to generate the route table. According to the system and the method, a manager is not required to manually query the IP address of the domain name; routing rules corresponding to the domain name are timely updated; the domain name is kept corresponding to the generated routing rules, so that debugging and maintenance are facilitated.
Description
Technical field
The present invention relates to network communication field, particularly a kind of policy-routing system and method to set up based on domain name
Background technology
Router is to be operated in the 3rd layer of OSI (OpenSystemInterconnect Open System Interconnection) reference model---the package forward equipment of network layer.According to receiving that the routing table that network layer address in packet and router interior are safeguarded determines output port and next hop address, and rewrite link layer data packet head and realize forwarding data bag.The dynamic routing that routing rule is divided into the static routing of keeper's manual configuration and generates by dynamic routing algorithm.Because static routing mode of operation has the advantages such as the bandwidth, fail safe of saving be better, be subject to numerous scales less and fail safe is had to a favor of the network manager of special requirement.The static routing system equal application target IP address of known technology and mask are as condition configuring static route, but in some application scenario, keeper need to be for object domain name configuring static routing rule, realize the control of network flow quantity for domain name, now, keeper needs the IP address of manual nslookup, and static routing is added in these addresses.The static routing system of prior art exposes distinct disadvantage for domain name configuration routing rule thus: first, keeper needs the IP address of manual nslookup and adds routing rule, troublesome poeration; Secondly, IP address corresponding to domain name may have multiple, may be incomplete by the IP address of inquiring about several times gained in the short time; Again, in the time of the IP of domain name address change, cannot routing rule corresponding to real-time update; Finally, be difficult to find out the corresponding relation of routing rule and domain name, system maintenance difficulty.
Summary of the invention
For overcoming the problem existing in prior art, the object of this invention is to provide a kind of policy-routing system based on domain name and method to set up of removing manual work and being convenient to system maintenance.
A kind of policy-routing system based on domain name of the present invention comprises router and name server, and wherein said router is the policy router based on domain name being connected and composed by user's input module, routing module, domain name mapping and routing update module.
Described user's input module is connected with routing module, domain name mapping and routing update module respectively, described domain name mapping and routing update module are connected with name server: in the time that user inputs routing rule, what the inspection of user's input module was inputted is IP address route or domain name route, if IP address route, will directly deliver to routing module and generate routing table; If domain name route is first delivered to domain name mapping and routing update resume module, after processing, obtain corresponding IP address route and deliver to again routing module generation routing table; In the time that user deletes routing rule, what the inspection of user's input module was deleted is IP address route or domain name route, if IP address route will directly be delivered to routing module and delete from routing table; If domain name route is first delivered to domain name mapping and routing update resume module, after processing, obtain corresponding IP address route and deliver to again routing module and delete from routing table.
A kind of tactful path establishing method based on domain name of the present invention, on the basis that completes system of the present invention, comprises the following steps:
Step 1. user inputs routing rule, and IP address route and domain name route are separated to processing, and wherein IP address route is directly delivered to routing module and generated routing table; Then,
Step 2. is regularly done dns resolution processing to the domain name in the domain name routing rule of user's input; Then,
The IP address that step 3. obtains parsing is delivered to routing module and is generated routing table.
Use system and method for the present invention to have the following advantages: administrator configurations object domain name and mask are as routing rule, without the IP address of manual nslookup, simple to operate; Domain name mapping module periodically checks domain name, obtains as far as possible all IP address of domain name; In the time that the IP address of domain name changes, routing rule corresponding to this domain name that upgrades in time; The routing rule of domain name and its generation keeps corresponding relation, is convenient to debugging and maintenance.
Brief description of the drawings
Fig. 1 is system configuration schematic diagram of the present invention;
System works block diagram of the present invention when Fig. 2 is user input fields name route;
Fig. 3 is system domain name analysis of the present invention and routing update module workflow block diagram;
Fig. 4 is the setting steps schematic diagram of the inventive method;
Fig. 5 is an embodiment of the present invention system building schematic diagram.
Embodiment
In the following description, in order to make reader understand the application better, many ins and outs have been proposed.But, persons of ordinary skill in the art may appreciate that even without these ins and outs and the many variations based on following execution mode and amendment, be also the each claim of the application technical scheme required for protection.
For making the object, technical solutions and advantages of the present invention clearer, below in conjunction with accompanying drawing, embodiments of the present invention are described in further detail.
As shown in Figure 1, a kind of policy-routing system based on domain name of the present invention comprises router one 00 and name server 200, and wherein said router is the policy router based on domain name being connected and composed by user's input module 101, routing module 103, domain name mapping and routing update module 102.
Described user's input module is connected with routing module and domain name mapping and routing update module respectively, described domain name mapping and routing update module are connected with name server: in the time that user inputs routing rule, what the inspection of user's input module was inputted is IP address route or domain name route, if IP address route, will directly deliver to routing module and generate routing table; If domain name route is first delivered to domain name mapping and routing update resume module, after processing, obtain corresponding IP address route and deliver to again routing module generation routing table; In the time that user deletes routing rule, what the inspection of user's input module was deleted is IP address route or domain name route, if IP address route will directly be delivered to routing module and delete from routing table; If domain name route is first delivered to domain name mapping and routing update resume module, after processing, obtain corresponding IP address route and deliver to again routing module and delete from routing table.
User's input module receives user's input message.User can input common IP address route, and this type of route will directly be delivered to routing module and generate routing table.User also can input domain name route, and as shown in Figure 2, in the time that user inputs interpolation domain name route, this type of route will transfer to domain name mapping and routing update module parses to obtain realizing and upgrading routing rule to described routing module after I P address; In the time deleting routing rule, whether what the inspection of user's input module will be deleted is domain name route.If domain name routing rule need find the corresponding IP routing rule of its generation to delete from routing table.In addition, user's input module allows user to show the routing rule being configured.If domain name route, the IP routing rule it being generated after by domain name mapping and routing update resume module shows in the lump.
Routing module completes the routing function of core.All user configured routing rules will generate a routing table, and routing module forwards the packet of receiving according to routing table.
Described domain name mapping and routing update module are moved as a finger daemon.Its course of work is as shown in Figure 3: after this process initiation, periodically check all domain name routes inputs.To each domain name wherein, relatively its update time last time and current time, if not overtime, check next domain name, otherwise, need to carry out DNS (Domain Name System domain name system) and inquire about and carry out routing update operation.For overtime domain name, process sends the DNS inquiry request of this domain name to the dns server of system configuration.Process, by receiving that the IP address in DNS response packet records, checks each IP address of this domain name successively.To the IP address being newly resolved to, process will be added the routing rule of this IP address, then records the routing update time of this IP address, i.e. the current system time.Recording the routing update time of IP address, is in the time that this IP address of domain name does not exist, and deletes the routing rule that this IP address generates.To existing IP address, before this IP address, be resolved to, because generated routing rule before it, so without upgrading again route, and the routing update time that only need upgrade this IP address.In the time that domain name no longer comprises certain IP address, domain name mapping and routing update module will cannot inquire this IP address for a long time, at this moment, just may need the routing rule generating before this IP address to delete.This process can check the routing update time of IP address, for overtime IP address, thinks that domain name no longer comprises this IP address, then deletes the routing rule of this IP address, deletes the record of this IP address under domain name simultaneously.When check out under a domain name all IP address time, process records the update time (current system time) of this domain name, after only having update time when domain name overtime, just can carry out renewal next time to this domain name.Above step is carried out in process circulation, to safeguard the routing table in routing module.
As shown in Figure 4, a kind of tactful path establishing method based on domain name of the present invention, comprises the following steps:
Step 1. user inputs routing rule, and IP address route and domain name route are separated to processing, and wherein IP address route is directly delivered to routing module and generated routing table; Then,
Step 2. is regularly done dns resolution processing to the domain name in the domain name routing rule of user's input; Then,
The IP address that step 3. obtains parsing is delivered to routing module and is generated routing table.
As Fig. 5, existing taking the large internet provider network of CHINAUNICOM and China Telecom two as example, the use procedure of system of the present invention and method to set up is described:
Structure the present invention is based on the policy-routing system of domain name, and the IAD IP address of CHINAUNICOM and China Telecom is respectively 10.8.1.1 and 192.169.111.1.Existing network section is that the user of 10.3.1.0/24 is by the present invention is based on the policy-routing system access the Internet of domain name.
The IP address of 3 network interfaces of configuration.Port1 mouth IP address is 10.8.1.131, connects CHINAUNICOM's gateway; Port2 port address is 192.168.111.131, connects China Telecom's gateway; Port3 port address is 10.3.1.1, connects Intranet user:
ip?address"port1"10.8.1.131255.255.255.0
ip?address"port2"192.168.111.131255.255.255.0
ip?address"port3"10.3.1.1255.255.255.0
Then, the default route of configuration-system is CHINAUNICOM:
ip?route?default?10.8.1.1
Configure common IP address route.With the example that is configured to below, " normal " routing rule represents that the access destination network segment is that the packet of 60.1.0.0/16 is walked CHINAUNICOM's gateway.
ip?eroute"normal"1200?0.0.0.0?0.0.0.0?0?60.1.0.0255.255.0.0?0?any10.8.1.11
Then, two domain name routes of configuration: " baidu " domain name routing rule represents that the packet of accessing " www.baidu.com " domain name walks CHINAUNICOM's gateway; " google " domain name routing rule represents that the packet of accessing " www.google.com " domain name walks China Telecom's gateway.
ip?eroute"baidu"1500?0.0.0.0?0.0.0.0?0?www.baidu.com?255.255.255.2550?any?10.8.1.11
ip?eroute"google"1500?0.0.0.00.0.0.0?0?www.google.com?255.255.255.2550?any?192.168.111.11
In order to allow domain name mapping module normally work, need the domain name server address of configuration-system.The address that below configures name server is 10.8.1.10:
ip?nameserver?10.8.1.10
Through above configuration, the tactful routing function of system of the present invention just can normally have been worked.Use " show ip eroute " order can check the routing rule that system is all.
AN(config)#show?ip?eroute
#ip?eroute"interface"2000?0.0.0.00.0.0.0?0?127.0.0.1?255.255.255.2550?any?0.0.0.0?1
#ip?eroute"interface"2000?0.0.0.00.0.0.0?0?10.8.1.0?255.255.255.0?0any?0.0.0.0?1
#ip?eroute"interface"2000?0.0.0.0?0.0.0.0?0?192.168.111.0255.255.255.0?0?any?0.0.0.0?1
#ip?eroute"interface"2000?0.0.0.0?0.0.0.0?0?10.3.1.0?255.255.255.0?0any?0.0.0.0?1
ip?eroute"baidu"1500?0.0.0.00.0.0.0?0?www.baidu.com?255.255.255.2550?any?10.8.1.1?1
"baidu[0]"1500?0.0.0.0?0.0.0.0?0?61.135.169.125255.255.255.255?0?any?10.8.1.11
"ba?idu[1]"1500?0.0.0.0?0.0.0.0?0?61.135.169.105255.255.255.255?0?any?10.8.1.11
ip?eroute"google"1500?0.0.0.0?0.0.0.0?0?www.google.com255.255.255.255?0?any?192.168.111.11
"google[0]"1500?0.0.0.0?0.0.0.0?0?74.125.31.105255.255.255.255?0?any?192.168.111.11
"google[1]"1500?0.0.0.0?0.0.0.0?0?74.125.31.106255.255.255.255?0?any?192.168.111.11
"google[2]"1500?0.0.0.0?0.0.0.0?0?74.125.31.147255.255.255.255?0?any?192.168.111.11
"google[3]"1500?0.0.0.0?0.0.0.0?0?74.125.31.99255.255.255.255?0?any?192.168.111.11
"google[4]"1500?0.0.0.00.0.0.0?074.125.31.103255.255.255.255?0?any?192.168.111.11
"google[5]"1500?0.0.0.0?0.0.0.0?0?74.125.31.104255.255.255.255?0?any?192.168.111.11
"google[6]"1500?0.0.0.0?0.0.0.0?0?59.24.3.173255.255.255.255?0?any?192.168.111.11
ip?eroute"normal"1200?0.0.0.0?0.0.0.0?0?60.1.0.0?255.255.0.0?0?any10.8.1.1?1
#ip?eroute"default"1?0.0.0.0?0.0.0.0?0?0.0.0.0?0.0.0.0?0?any?10.8.1.11
Can see from output, " baidu " this domain name routing rule has generated 2 IP routing rules " baidu[0] " and " baidu[1] ", corresponding object IP address is respectively 61.135.169.125 and 61.135.169.105, and these two IP are the IP address of the www.baidu.com that domain name mapping module inquires.Equally, " google " domain name routing rule has also generated 7 corresponding IP address routing rules.
It should be noted that, each unit of mentioning in the each equipment execution mode of the present invention is all logical block, physically, a logical block can be a physical location, also can be a part for a physical location, can also realize with the combination of multiple physical locations, the physics realization mode of these logical blocks itself is not most important, and the combination of the function that these logical blocks realize is only the key that solves technical problem proposed by the invention.In addition, for outstanding innovation part of the present invention, the present invention do not introduce above-mentioned each equipment execution mode and with solving technical problem relation proposed by the invention not too close unit, but this does not show not exist the said equipment execution mode and other relevant unit of implementing.
Although pass through with reference to some of the preferred embodiment of the invention, the present invention is illustrated and described, but those of ordinary skill in the art should be understood that and can do various changes to it in the form and details, and without departing from the spirit and scope of the present invention.
Claims (3)
1. the policy-routing system based on domain name comprises router and a name server, it is characterized in that described router is the policy router based on domain name being connected and composed by user's input module, routing module, domain name mapping and routing update module.
2. a kind of described policy-routing system based on domain name according to claim 1, it is characterized in that described user's input module is connected with routing module and domain name mapping and routing update module respectively, described domain name mapping and routing update module are connected with name server:
In the time that user inputs routing rule, what the inspection of user's input module was inputted is IP address route or domain name route, if IP address route will directly be delivered to routing module and generate routing table; If domain name route is first delivered to domain name mapping and routing update resume module, after processing, obtain corresponding IP address route and deliver to again routing module generation routing table;
In the time that user deletes routing rule, what the inspection of user's input module was deleted is IP address route or domain name route, if IP address route will directly be delivered to routing module and delete from routing table; If domain name route is first delivered to domain name mapping and routing update resume module, after processing, obtain corresponding IP address route and deliver to again routing module and delete from routing table.
3. the tactful path establishing method based on domain name, comprises the following steps:
Step 1. user inputs routing rule, and IP address route and domain name route are separated to processing, and wherein IP address route is directly delivered to routing module and generated routing table; Then,
Step 2. is regularly done dns resolution processing to the domain name in the domain name routing rule of user's input; Then,
The IP address that step 3. obtains parsing is delivered to routing module and is generated routing table.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201210545948.6A CN103873372B (en) | 2012-12-14 | 2012-12-14 | Policy-routing system based on domain name and method to set up |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201210545948.6A CN103873372B (en) | 2012-12-14 | 2012-12-14 | Policy-routing system based on domain name and method to set up |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN103873372A true CN103873372A (en) | 2014-06-18 |
| CN103873372B CN103873372B (en) | 2016-12-28 |
Family
ID=50911511
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201210545948.6A Active CN103873372B (en) | 2012-12-14 | 2012-12-14 | Policy-routing system based on domain name and method to set up |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN103873372B (en) |
Cited By (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN105306371A (en) * | 2015-09-17 | 2016-02-03 | 北京星网锐捷网络技术有限公司 | Routing method and device for network equipment |
| CN107666444A (en) * | 2017-10-10 | 2018-02-06 | 网宿科技股份有限公司 | A kind of method and system of data traffic route |
| CN108650179A (en) * | 2018-04-17 | 2018-10-12 | 达闼科技(北京)有限公司 | A kind of method, retransmission unit and the computer readable storage medium of configuration forwarding table |
| CN109032382A (en) * | 2018-08-03 | 2018-12-18 | 广州江南科友科技股份有限公司 | A kind of method and device of Ip and domain name input |
Family Cites Families (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| JP2006237867A (en) * | 2005-02-23 | 2006-09-07 | Matsushita Electric Works Ltd | Domain name providing apparatus, domain name management server, and domain name management system |
| CN102333131B (en) * | 2010-07-13 | 2015-07-22 | 中国电信股份有限公司 | Method for providing domain name service, system and agent DNS |
| CN101895589A (en) * | 2010-07-26 | 2010-11-24 | 杭州华三通信技术有限公司 | Wide area network router and method for establishing routing table items therein |
| CN102469171B (en) * | 2010-11-10 | 2015-11-11 | 中国移动通信集团公司 | Realize the method for two terminal node intercommunications in different IP territory, system and equipment |
-
2012
- 2012-12-14 CN CN201210545948.6A patent/CN103873372B/en active Active
Cited By (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN105306371A (en) * | 2015-09-17 | 2016-02-03 | 北京星网锐捷网络技术有限公司 | Routing method and device for network equipment |
| CN105306371B (en) * | 2015-09-17 | 2018-12-14 | 北京星网锐捷网络技术有限公司 | A kind of route selection method and device of the network equipment |
| CN107666444A (en) * | 2017-10-10 | 2018-02-06 | 网宿科技股份有限公司 | A kind of method and system of data traffic route |
| CN107666444B (en) * | 2017-10-10 | 2020-05-26 | 网宿科技股份有限公司 | Method and system for routing data flow |
| CN108650179A (en) * | 2018-04-17 | 2018-10-12 | 达闼科技(北京)有限公司 | A kind of method, retransmission unit and the computer readable storage medium of configuration forwarding table |
| CN108650179B (en) * | 2018-04-17 | 2021-10-22 | 达闼科技(北京)有限公司 | Method for configuring forwarding table, forwarding device and computer readable storage medium |
| CN109032382A (en) * | 2018-08-03 | 2018-12-18 | 广州江南科友科技股份有限公司 | A kind of method and device of Ip and domain name input |
Also Published As
| Publication number | Publication date |
|---|---|
| CN103873372B (en) | 2016-12-28 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US10893018B2 (en) | Systems and methods for automatic inventory and DNS record generation | |
| EP3700132B1 (en) | Supporting compilation and extensibility on unified graph-based intent models | |
| EP3716532B1 (en) | Supporting concurrency for graph-based high level configuration models | |
| US10200248B1 (en) | Translating high-level configuration instructions to low-level device configuration | |
| US7099912B2 (en) | Integrated service management system | |
| CN103997414B (en) | Generate method and the network control unit of configuration information | |
| US7150037B2 (en) | Network configuration manager | |
| US20200313980A1 (en) | Supporting near real time service level agreements | |
| CN103095565B (en) | A kind of software defined network operating system and its implementation | |
| CN100479367C (en) | Program arranging method and system based on distributing network | |
| CN104852840A (en) | Method and device for controlling mutual access between virtual machines | |
| CN103873372A (en) | Domain-name-based policy routing system and setting method | |
| EP2008409A1 (en) | Method for updating a virtual private network in a multi-protocol label switching network | |
| CN108965036A (en) | Configure across public network equipment exchanging visit method, system, server and storage medium | |
| Yamanaka et al. | AutoVFlow: Autonomous virtualization for wide-area OpenFlow networks | |
| CN110098988A (en) | For handling the method and system of Internet Protocol packet | |
| CN107547403A (en) | Message forwarding method, assisted method, device, controller and main frame | |
| US20210264051A1 (en) | Blockchain system, blockchain management apparatus, network control apparatus, method and program | |
| US11805013B2 (en) | Prioritizing policy intent enforcement on network devices | |
| WO2017114128A1 (en) | Method and device for processing packets | |
| EP1479192B1 (en) | Method and apparatus for managing configuration of a network | |
| JP2004306200A (en) | Robot control system | |
| CN117176639B (en) | Multi-protocol-based network topology automatic discovery method and device | |
| JP2002335274A (en) | Packet relaying apparatus and relaying method | |
| CN107248935A (en) | A kind of webmaster finds the system and method for simultaneously monitoring network element |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C14 | Grant of patent or utility model | ||
| GR01 | Patent grant | ||
| CP01 | Change in the name or title of a patent holder |
Address after: 100125 Beijing city Chaoyang District Liangmaqiao Road No. 40 building 10 room 1001, twenty-first Century Patentee after: Beijing Huayao Technology Co., Ltd Address before: 100125 Beijing city Chaoyang District Liangmaqiao Road No. 40 building 10 room 1001, twenty-first Century Patentee before: Huayao (China) Technology Co., Ltd. |
|
| CP01 | Change in the name or title of a patent holder |