CN105872128A - Virtual IP address allocation method and device - Google Patents

Virtual IP address allocation method and device Download PDF

Info

Publication number
CN105872128A
CN105872128A CN201610380431.4A CN201610380431A CN105872128A CN 105872128 A CN105872128 A CN 105872128A CN 201610380431 A CN201610380431 A CN 201610380431A CN 105872128 A CN105872128 A CN 105872128A
Authority
CN
China
Prior art keywords
address
virtual
vpn
service terminal
vpn service
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN201610380431.4A
Other languages
Chinese (zh)
Other versions
CN105872128B (en
Inventor
周迪
关春天
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Zhejiang Uniview Technologies Co Ltd
Original Assignee
Zhejiang Uniview Technologies Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Zhejiang Uniview Technologies Co Ltd filed Critical Zhejiang Uniview Technologies Co Ltd
Priority to CN201610380431.4A priority Critical patent/CN105872128B/en
Publication of CN105872128A publication Critical patent/CN105872128A/en
Application granted granted Critical
Publication of CN105872128B publication Critical patent/CN105872128B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L61/00Network arrangements, protocols or services for addressing or naming
    • H04L61/50Address allocation
    • H04L61/5007Internet protocol [IP] addresses
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L12/00Data switching networks
    • H04L12/28Data switching networks characterised by path configuration, e.g. LAN [Local Area Networks] or WAN [Wide Area Networks]
    • H04L12/46Interconnection of networks
    • H04L12/4633Interconnection of networks using encapsulation techniques, e.g. tunneling
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L61/00Network arrangements, protocols or services for addressing or naming
    • H04L61/09Mapping addresses
    • H04L61/25Mapping addresses of the same type
    • H04L61/2503Translation of Internet protocol [IP] addresses
    • H04L61/2592Translation of Internet protocol [IP] addresses using tunnelling or encapsulation
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/02Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
    • H04L63/0272Virtual private networks
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/083Network architectures or network communication protocols for network security for authentication of entities using passwords

Abstract

The invention relates to a virtual IP address allocation method and device. The method comprises the steps that a tunnel building request message is sent to a VPN server, wherein the tunnel building request message comprises a user name and a user password; an advice message which is used for indicating that a VPN tunnel is agreed to be built and sent by the VPN server according to the situation that verification of the user name and the user password is passed is received; after the advice message is received, the virtual IP address used for building the VPN tunnel is allocated to the VPN server from a preset address pool. Due to the fact that a VPN client is used for allocating corresponding virtual IP addresses for multiple VPN servers connected with the VPN client, the problem that in related technologies, due to the fact that the multiple VPN servers allocate the same virtual IP address for the VPN servers themselves, interconnection of monitoring systems cannot occur can be solved.

Description

The distribution method of virtual ip address and device
Technical field
The present invention relates to communication technical field, particularly relate to distribution method and the device of a kind of virtual ip address.
Background technology
The network technology along with standardization and easily extended and the development of IP technology, based on IP and the intelligent monitoring of network Technology is developed rapidly, and IP monitoring has become as the main flow of monitoring at present.Multistage multi-domain in public security GB agreement monitors In networking, interconnect between each office of city platform and province's Room platform, but owing to province's Room platform and several office of city platforms pass through NAT (Network Address Translation, network address translation) isolates, and province's Room platform is typically in inside NAT, because of This, when office of city platform carries out data interaction with province's Room platform, need to use VPN (Virtual Private Network, void Intend dedicated network) technology.
In correlation technique, between province's Room platform and several office of city platforms, vpn tunneling can be set up, so that these are some Office of individual city platform can by vpn tunneling and province's Room platform carry out data interaction, such as office of city platform can by vpn tunneling to Province's Room platform sends registration request etc..During vpn tunneling set up by province's Room platform and several office of city platforms, some by this Office of individual city platform is self and the virtual ip address of province's Room platform distribution correspondence.But owing to different office of city platforms may be The virtual ip address that self distribution is identical, therefore, correlation technique can cause the conflict of office of city platform virtual ip address, so that The problem that interconnecting occurs in the multistage multi-domain monitoring system of public security GB agreement.
Summary of the invention
For overcoming problem present in correlation technique, the invention provides distribution method and the dress of a kind of virtual ip address Put.
The present invention provides the distribution method of a kind of virtual ip address, described method to be applied to VPN (virtual private network) VPN client End, wherein, described VPN client is isolated by NAT with several subordinate domain VPN service terminal, and described VPN client is in NAT Inside, described method includes:
Send tunnel to described VPN service terminal and set up request message;Wherein, described tunnel is set up request message and is included user Name and user cipher;
Receive that described VPN service terminal sends after being verified for described user name and user cipher for indicate with Meaning sets up the notice message of vpn tunneling;
After receiving described notice message, it is used for setting up VPN tunnel for the distribution of described VPN service terminal from default address pool The virtual ip address in road.
As improvement, described method also includes:
When described VPN service terminal detects new access device, receive that described VPN service terminal sends for described new access The Address requests message of device request virtual ip address;
Based on the described Address requests message received equipment distribution use for described new access from default address pool In the virtual ip address setting up vpn tunneling.
As improvement, described method also includes:
From described default address pool be described VPN service terminal distribution virtual ip address after, to described VPN service terminal with And other VPN service terminal in territory, described VPN service terminal place issue corresponding with the described virtual ip address place network segment distributed Route table items;
After being the new access device distribution virtual ip address of described VPN service terminal from described default address pool, to institute State access device and issue the route table items corresponding with the described virtual ip address place network segment distributed.
As improvement, when in described default address pool allocated virtual ip address to account for virtual ip address in address pool total When the ratio of number exceedes threshold value, based on default virtual ip address migration strategy by allocated virtual IP address ground in described address pool Location migrates to other address pool preset;Wherein, described migration strategy include preferentially by VPN service terminal minimum for access device and The virtual ip address of its access device is modified.
As improvement, described method also includes:
If after the access device of described VPN service terminal or described VPN service terminal rolls off the production line, not in allocated described void Again reach the standard grade in intending the ageing time of IP address, then perform reclaimer operation for the most the allocated described virtual ip address.
The present invention also provides for the distributor of a kind of virtual ip address simultaneously, and described device is applied to VPN (virtual private network) VPN client, wherein, described VPN client is isolated by NAT with several subordinate domain VPN service terminal, described VPN client It is in inside NAT, it is characterised in that described device includes:
Sending module, sets up request message for sending tunnel to described VPN service terminal;Wherein, described tunnel is set up and is asked Message is asked to include user name and user cipher;
Receiver module, is used for receiving described VPN service terminal and sends out after being verified for described user name and user cipher That send agrees to set up the notice message of vpn tunneling for indicating;
Distribution module, after being used for receiving described notice message, is the distribution of described VPN service terminal from default address pool For setting up the virtual ip address of vpn tunneling.
As improvement, described receiver module is further used for:
When described VPN service terminal detects new access device, receive that described VPN service terminal sends for described new access The Address requests message of device request virtual ip address;
Described distribution module is further used for:
Based on the described Address requests message received equipment distribution use for described new access from default address pool In the virtual ip address setting up vpn tunneling.
As improvement, described device also includes:
Issue module, after being described VPN service terminal distribution virtual ip address from described default address pool, to institute State the described virtual ip address that other VPN service terminal in VPN service terminal and territory, described VPN service terminal place issue and distribute The route table items that the place network segment is corresponding, and divide for the new access device of described VPN service terminal from described default address pool After joining virtual ip address, issue the routing table corresponding with the described virtual ip address place network segment distributed to described access device ?.
As improvement, described device also includes:
Transferring module, is used for when in described default address pool, allocated virtual ip address accounts for virtual IP address ground in address pool When the ratio of location sum exceedes threshold value, based on default virtual ip address migration strategy by allocated virtual in described address pool IP address transfer is to other address pool preset;Wherein, described migration strategy includes preferentially by VPN service minimum for access device The virtual ip address of end and access device thereof is modified.
As improvement, described device also includes:
Recycling module, if after the access device of described VPN service terminal or described VPN service terminal rolls off the production line, do not existed Again reach the standard grade in the ageing time of allocated described virtual ip address, then perform for the most the allocated described virtual ip address Reclaimer operation.
In the present invention, VPN client can send tunnel to VPN service terminal and set up request message, and wherein, this tunnel is built Vertical request message can include user name and user cipher, and then, VPN client can receive coupled VPN service terminal Send after being verified for above-mentioned user name and user cipher agrees to set up the notice message in tunnel for indicating, and receives After this notice message, VPN client can be used for setting up VPN tunnel for the distribution of above-mentioned VPN service terminal from default address pool The virtual ip address in road.The void using VPN client to be coupled several VPN service terminal distribution correspondence due to the present invention Intend IP address, therefore, it can solve in correlation technique because several VPN service terminal are self to be assigned with identical virtual ip address The problem that interconnecting occurs in the monitoring system caused.
It should be appreciated that it is only exemplary and explanatory, not that above general description and details hereinafter describe The present invention can be limited.
Accompanying drawing explanation
Accompanying drawing herein is merged in description and constitutes the part of this specification, it is shown that meet the enforcement of the present invention Example, and for explaining the principle of the present invention together with description.
Fig. 1 is the networking diagram of the multistage multi-domain monitoring system of a kind of public security GB agreement illustrated.
Fig. 2 is the flow chart of the distribution method of a kind of virtual ip address shown in one embodiment of the invention.
Fig. 3 is the application scenarios figure that the application present invention realizes virtual ip address distribution.
Fig. 4 is another application scenarios figure that the application present invention realizes virtual ip address distribution.
Fig. 5 is the hardware block diagram of the distributor of virtual ip address in the embodiment of the present invention.
Fig. 6 is the present invention block diagram according to the distributor of a kind of virtual ip address shown in an exemplary embodiment.
Detailed description of the invention
Here will illustrate exemplary embodiment in detail, its example represents in the accompanying drawings.Explained below relates to During accompanying drawing, unless otherwise indicated, the same numbers in different accompanying drawings represents same or analogous key element.Following exemplary embodiment Described in embodiment do not represent all embodiments consistent with the present invention.On the contrary, they are only with the most appended The example of the apparatus and method that some aspects that described in detail in claims, the present invention are consistent.
See the networking diagram of the multistage multi-domain monitoring system that Fig. 1, Fig. 1 are a kind of public security GB agreement illustrated.
In monitoring system as shown in Figure 1, the server of province's Room platform is positioned at higher level territory, the server position of office of city platform In subordinate domain.The server of the server of province's Room platform and several office of city platforms is isolated by NAT, and the service of province's Room platform Device is in inside NAT.When the server of office of city platform needs the server with province's Room platform to carry out data interaction, owing to existing NAT isolates, and therefore the server of office of city platform cannot access the server of province's Room platform.In order to solve the problems referred to above, relevant skill Art employs VPN technologies.
In the related, the server of province's Room platform can set up vpn tunneling by the server with office of city platform, comes Solve office of city Platform Server and cannot access the problem being in the province's Room Platform Server within NAT.At province's Room Platform Server During setting up vpn tunneling with office of city Platform Server, being in the province's Room Platform Server within NAT can be as VPN visitor Family end, sets up vpn tunneling with office of the city Platform Server as VPN service terminal.
When VPN client sets up vpn tunneling with corresponding VPN service terminal, VPN client can send to VPN service terminal Request message is set up in tunnel, and wherein this message can include user name and user cipher.VPN service terminal receives this tunnel and sets up After request message, the user name in this message and user cipher can be verified, and after being proved to be successful, for self and VPN client is respectively allocated a virtual ip address.After VPN client and VPN service terminal are successfully established vpn tunneling, can be with base Data interaction is carried out by vpn tunneling with the other side in respective virtual ip address.
But set up several VPN service terminal of some vpn tunnelings for self arranging virtual IP address ground with VPN client During location, there is different VPN service terminal is the situation self being provided with identical virtual ip address.Now, connect when VPN client When receiving the data that purpose IP is the virtual ip address that this is identical, it is possible to these data are forwarded to the VPN service terminal of mistake, from And cause the problem that interconnecting occurs in this monitoring system.
In Fig. 1, when VPN service terminal 1, VPN service terminal 2 and VPN service terminal 3 set up 3 VPN tunnels with same VPN client During road, can be respectively and a virtual ip address is set self.Wherein, VPN service terminal 1 and VPN service terminal 2 are arranged for self Virtual ip address is all 1.1.1.1.When VPN client receives the data that destination address is 1.1.1.1, will be unable to determine this Data are data or the data of VPN service terminal 2 mailing to VPN service terminal 1.In this case, VPN client likely will Data send the VPN service terminal to mistake.When the multiple VPN service terminal being connected with same VPN client are the void that self is arranged When plan IP address is all same virtual ip address, VPN client sends data to the probability of correct VPN service terminal can be the lowest, Owing to correct VPN service terminal does not receive data, therefore these data cannot be processed, this monitoring system time serious, can be caused The problem that interconnecting occurs in system.
In view of this, the present invention provides distribution method and the device of a kind of virtual ip address, solve in correlation technique because of Different VPN service terminal is the problem that interconnecting occurs in the monitoring system that self identical virtual ip address of distribution causes.? In the present invention, VPN client can send tunnel to VPN service terminal and set up request message, and wherein, request message is set up in this tunnel Can include user name and user cipher, then, VPN client can receive coupled VPN service terminal for above-mentioned What user name and user cipher sent after being verified agrees to set up the notice message in tunnel for indicating, and receives this notice report Wen Hou, VPN client can be used for setting up the virtual IP address of vpn tunneling for the distribution of above-mentioned VPN service terminal from default address pool Address.The virtual ip address using VPN client to be coupled several VPN service terminal distribution correspondence due to the present invention, Therefore, it can solve in correlation technique because several VPN service terminal are self to be assigned with the prison that identical virtual ip address causes The problem that interconnecting occurs in Ore-controlling Role.
Referring to Fig. 2, for the flow chart of the distribution method of a kind of virtual ip address shown in one embodiment of the invention, this is real Execute example to be applied in VPN client, comprise the following steps:
Step 201: send tunnel to described VPN service terminal and set up request message;Wherein, request message is set up in described tunnel Including user name and user cipher.
In the present invention, above-mentioned VPN client is isolated by NAT with several VPN service terminal, and is in inside NAT.Its In, above-mentioned VPN client can be the higher level's domain server in video monitoring system, and above-mentioned VPN service terminal can be video prison Subordinate domain server in Ore-controlling Role.Above-mentioned VPN client can be entered by setting up vpn tunneling with corresponding VPN service terminal Row NAT passes through, thus realizes the data interaction with corresponding VPN service terminal.
In the present invention, VPN client can preset several address pool, and wherein, each address pool can include being positioned at Several virtual ip address of the same network segment.The IP number of addresses of each address pool can be different.If VPN client can be from this In dry address pool according to actual needs or User Defined arranges and selects an address pool to use as current vpn tunneling The address realm of virtual ip address.
In one embodiment, VPN client can preset an address pool table, and wherein, this address pool table can include The virtual gateway address of the address network segment of several address pool, mask address and correspondence that this VPN client is preset.Work as VPN When client needs the quantity of the vpn tunneling set up less than the quantity of the virtual ip address in certain virtual address pond, Ke Yicong For setting up several VPN service terminal and the access device thereof of vpn tunneling with this VPN client, such as NVR in this virtual address pond The distribution such as (Network Video Recorder, network hard disk video recorder) or IPC (IP Camera, web camera) is virtual IP address.
In the present invention, when VPN client sets up vpn tunneling with VPN service terminal, VPN client can service to VPN End sends tunnel and sets up request message.Wherein, this tunnel set up request message can include the user name for this vpn tunneling and User cipher.
Step 202: receive the use that described VPN service terminal sends after being verified for described user name and user cipher Agree to set up the notice message of vpn tunneling in instruction.
Step 203: after receiving described notice message, is used for for the distribution of described VPN service terminal from default address pool Set up the virtual ip address of vpn tunneling.
VPN client is after request message is set up in VPN service terminal transmission tunnel, and VPN service terminal can receive this message, and User name in this message and user cipher are verified.After being verified, VPN service terminal can send to VPN client For indicating the notice message agreeing to set up vpn tunneling.
It should be noted that when VPN client sets up vpn tunneling from different VPN service terminal, VPN client sends Tunnel set up the user name in request message and user cipher can differ.
After VPN client receives this notice message, can be used for building for VPN service terminal distribution from default address pool The virtual ip address of vertical vpn tunneling.Wherein, this address pool preset can be above-mentioned selection from several address pool preset An address pool.VPN client, after the virtual ip address corresponding for VPN service terminal distribution, can set and service with this VPN End sets up the virtual port of vpn tunneling, such as, virtual port PPP0.
In the present invention, send for indicating agreement to set up the logical of vpn tunneling when VPN client receives VPN service terminal When knowing message, VPN client can obtain MAC (the Media Access of this VPN service terminal from this notice message Control, media interviews control) address.After VPN client is this VPN service terminal distribution virtual ip address, VPN client can So that address table to preserve the corresponding pass in the virtual ip address of this VPN service terminal, MAC Address and affiliated territory in default distributing System.
In one embodiment, VPN client is corresponding VPN service terminal distribution void from above-mentioned default IP address pool After intending IP address, can issue to other VPN service terminal in this VPN service terminal and this territory, VPN service terminal place and distribute Route table items corresponding to the virtual ip address place network segment.Wherein, this route table items can include this virtual ip address place Address pool, virtual gateway address, mask address and the corresponding relation of virtual interface.
In the present invention, when VPN service terminal detects new access device, VPN service terminal can receive this access and set Request message is set up in the tunnel that preparation is sent, and wherein, request message is set up in this tunnel can include the user name for this vpn tunneling And user cipher, this user name and user cipher can be verified by VPN service terminal.After being verified, VPN service terminal is permissible Address requests message is sent to corresponding VPN client for this new access device.Wherein, this Address requests message can include VPN service terminal sets up the MAC Address of this new access device got request message from the tunnel that new access device sends.
VPN client receives the Address requests for this new access device request virtual ip address that VPN service terminal sends After message, can be used for setting up for the distribution of this new access device from above-mentioned default address pool based on this Address requests message The virtual ip address of vpn tunneling.
After being this new access device distribution virtual ip address from default address pool, VPN client newly can connect to this Enter equipment and issue the route table items corresponding with this virtual ip address place network segment distributed.
Certainly, VPN client can also right by the virtual ip address of this new access device, MAC Address and described territory Should be related to and be saved in the default address table of distribution.
In the present invention, when in the address pool that VPN client is preset allocated virtual ip address account in this address pool empty The ratio intending IP address sum exceedes threshold value, and during such as 80%, VPN client can be based on default virtual ip address migration strategy Virtual ip address allocated in this address pool migrates to other address pool preset, and wherein, this migration strategy can include Preferentially the virtual ip address of VPN service terminal minimum for access device and access device thereof is modified.
When the quantity of VPN service terminal and access device thereof is more than the virtual ip address sum in a certain preset address pond, VPN Client can be the virtual port that this VPN service terminal and access device thereof arrange correspondence, and then, VPN client can will be somebody's turn to do The virtual ip address of the part access devices of VPN service terminal is revised as the virtual ip address in other address pool, such that it is able to really Protect the quantity distributing virtual ip address in above-mentioned preset address pond less than the sum of virtual ip address in this address pool.
In one embodiment, it can be assumed that in the address pool preset in VPN client, the sum of virtual ip address is 254, the quantity of the VPN service terminal and access device thereof of setting up vpn tunneling with this VPN client is 270, now, VPN client Can be this VPN service terminal and access device arranges the virtual port of correspondence, such as virtual port PPP0, then, VPN client At least 16 access devices in the equipment that can this VPN service terminal be accessed migrate to other address pool, and from other addresses The equipment distribution virtual ip address of this migration of Chi Zhongwei.
In the present invention, if the access device of the VPN service terminal being connected with this VPN client or VPN service terminal rolls off the production line After not in the ageing time of allocated virtual ip address, again reached the standard grade in 24 hours, then VPN client can be for The virtual ip address of distribution performs reclaimer operation.Wherein, this ageing time having distributed virtual ip address can be default setting Or being arranged by User Defined, the present invention is without limitation.
Certainly, if the access device of the VPN service terminal being connected with this VPN client or VPN service terminal roll off the production line after Again reach the standard grade in the ageing time of the virtual ip address of distribution, then VPN client can be this VPN service terminal or this VPN service The virtual ip address used when the access device of end is once reached the standard grade before preferentially distributing.Specifically, VPN client can be based on above-mentioned Having distributed the corresponding relation of VPN service terminal and the MAC Address of access device and virtual ip address in address table is this VPN service The virtual ip address used when end and access device thereof are once reached the standard grade before preferentially distributing.
From above-described embodiment, in the present invention, VPN client can send tunnel to VPN service terminal and set up request Message, wherein, request message is set up in this tunnel can include user name and user cipher, then, VPN client can receive with It is connected VPN service terminal send after being verified for above-mentioned user name and user cipher for indicating agreement to set up tunnel The notice message in road, after receiving this notice message, VPN client can be above-mentioned VPN service terminal from default address pool Distribution is for setting up the virtual ip address of vpn tunneling.Owing to the present invention uses VPN client to be several coupled VPN The virtual ip address that service end distribution is corresponding, therefore, it can solve in correlation technique because several VPN service terminal are self distribution The problem that interconnecting occurs in the monitoring system that identical virtual ip address causes.
Below in conjunction with application scenarios figure, above-described embodiment is described in detail:
Referring to Fig. 3, realize an application scenarios figure of virtual ip address distribution for the application present invention, meanwhile, Fig. 3 is also A kind of networking diagram of the multistage multi-domain monitoring system of public security GB agreement.In the monitoring system shown in Fig. 3, the clothes of province's Room platform Business device is positioned at higher level territory, and the server of office of city platform is positioned at subordinate domain.The server of province's Room platform and several office of city platforms Server is isolated by NAT, and the server of province's Room platform is in inside NAT.Owing to there are NAT isolation, the clothes of office of city platform Business device cannot access the server of province's Room platform.In order to solve the problems referred to above, office of city Platform Server and province's Room Platform Server Between establish vpn tunneling.
During province's Room Platform Server and office of city Platform Server set up vpn tunneling, province's Room Platform Server can Using the VPN client as vpn tunneling;Office of city Platform Server can be as the VPN service terminal of vpn tunneling.
In the present invention, VPN client can be preset the address pool that several virtual ip address quantity are different, eachly Pond, location can include several virtual ip address being positioned at the same network segment.In one embodiment, VPN client can preset one Individual address pool table, wherein, this address pool table can include this VPN client preset several address pool address network segment, cover Code address and the virtual gateway address of correspondence.
In the embodiment illustrated, the address pool table that VPN client is preset can be as shown in table 1:
Sequence number Address pool Mask address Gateway address
1 1.1.1.0 24 1.1.1.1
2 2.1.1.0 24 2.1.1.1
3 1.1.0.0 16 1.1.0.1
Table 1
Certainly, table 1 can only illustrate the part list item of above-mentioned preset address pond table, in addition to the list item shown in table 1, above-mentioned pre- If address pool table can include other list items.
When VPN client needs the vpn tunneling quantity set up less than the virtual ip address in certain address pool preset During quantity, can be for setting up several VPN service terminal of vpn tunneling with this VPN client and connecing from this virtual address pond Enter equipment distribution virtual ip address and corresponding virtual interface, wherein, the access device of above-mentioned VPN service terminal can include IPC, NVR etc..
In the embodiment illustrated, it can be assumed that preset as shown in table 13 address pool in VPN client, then When the quantity of VPN service terminal and access device thereof is 300, and this VPN service terminal and access device thereof are both needed to build with VPN client During vertical vpn tunneling, VPN client can service for this VPN from address pool 1.1.0.0 that virtual ip address quantity is 65534 End and access device distribution virtual ip address thereof.
In the present invention, when VPN client sets up vpn tunneling with VPN service terminal, VPN client can service to VPN End sends tunnel and sets up request message.Wherein, this tunnel set up request message can include the user name for this vpn tunneling and User cipher.
VPN client is after request message is set up in VPN service terminal transmission tunnel, and VPN service terminal can receive this message, and User name in this message and user cipher are verified.After being verified, VPN service terminal can send to VPN client For indicating the notice message agreeing to set up vpn tunneling.
It should be noted that when VPN client sets up vpn tunneling from different VPN service terminal, VPN client sends Tunnel set up the user name in request message and user cipher can differ.
After VPN client receives this notice message, can be used for building for VPN service terminal distribution from default address pool The virtual ip address of vertical vpn tunneling.VPN client after the virtual ip address corresponding for VPN service terminal distribution, can set with This VPN service terminal sets up the virtual port of vpn tunneling, such as, virtual port PPP0.
In the present invention, send for indicating agreement to set up the logical of vpn tunneling when VPN client receives VPN service terminal When knowing message, VPN client can obtain MAC (the Media Access of this VPN service terminal from this notice message Control, media interviews control) address.After VPN client is this VPN service terminal distribution virtual ip address, VPN client can So that address table to preserve the corresponding pass in the virtual ip address of this VPN service terminal, MAC Address and affiliated territory in default distributing System.
Referring to Fig. 3, in the embodiment illustrated, VPN client can set up vpn tunneling with VPN service terminal 1, It is then possible to assume that the MAC Address of VPN client is 44-45-53-54-00-00, VPN client sends from VPN service terminal 1 Above-mentioned notice message in the MAC Address that gets be 00-25-64-76-80-40.Then by VPN client be self distribution Virtual ip address is 1.1.1.1 and the virtual ip address for VPN service terminal 1 distribution is that 1.1.1.2 understands, in VPN client The part list item distributing address table preset can be as shown in table 2:
Sequence number Virtual ip address MAC Address Affiliated territory
1 1.1.1.1 44-45-53-54-00-00 Province's Room platform
2 1.1.1.2 00-25-64-76-80-40 Office of city platform 1
Table 2
After VPN client is corresponding VPN service terminal distribution virtual ip address from default IP address pool, can be to this Other VPN service terminal in VPN service terminal and this territory, VPN service terminal place issue and the virtual ip address place network segment distributed Corresponding route table items.Wherein, this route table items can include the address pool at this virtual ip address place, virtual gateway address, Mask address and the corresponding relation of virtual interface.
Continuing with seeing Fig. 3, in the embodiment illustrated, it can be assumed that VPN client and VPN service terminal 2 and VPN service terminal 3 establishes vpn tunneling respectively, then when VPN client receive that VPN service terminal 1 sends for indicating agreement to build The notice message of vertical vpn tunneling, and when distributing virtual ip address 1.1.1.2 for VPN service terminal 1, VPN client can take with VPN Business end 1, VPN service terminal 2 and VPN service terminal 3 issue the routing table corresponding with this virtual ip address 1.1.1.2 place network segment ?.Wherein, this route table items can be as shown in table 3:
Table 3
In the present invention, when VPN service terminal detects new access device, VPN service terminal can receive this access and set Request message is set up in the tunnel that preparation is sent, and wherein, request message is set up in this tunnel can include the user name for this vpn tunneling And user cipher, this user name and user cipher can be verified by VPN service terminal.After being verified, VPN service terminal is permissible Address requests message is sent to corresponding VPN client for this new access device.Wherein, this Address requests message can include VPN service terminal sets up the MAC Address of this new access device got request message from the tunnel that new access device sends.
VPN client receives the Address requests for this new access device request virtual ip address that VPN service terminal sends After message, can be used for setting up for the distribution of this new access device from above-mentioned default address pool based on this Address requests message The virtual ip address of vpn tunneling.Now, VPN client can by the virtual ip address of this new access device, MAC Address and The corresponding relation in described territory is saved in the default address table of distribution.
After being this new access device distribution virtual ip address from default address pool, VPN client can also be new to this Access device issues the route table items corresponding with this virtual ip address place network segment distributed.
In the embodiment illustrated, continuing with seeing Fig. 3, with the VPN service terminal 1 that VPN client sets up vpn tunneling New access device NVR can be detected, request message is set up in the tunnel that VPN service terminal 1 can receive from NVR, and to this User name and user cipher in message are verified.After being verified, VPN service terminal 1 can set up vpn tunneling with NVR, and It is that NVR sends Address requests message, wherein, this Address requests to VPN client by the vpn tunneling between VPN client Message can include the MAC Address 03-42-12-34-22-31 of NVR.After VPN client receives this request message, Ke Yicong The IP address pool preset distributes virtual ip address 1.1.1.5, now, the address of distribution preset in VPN client for NVR The part list item of table can be as shown in table 4:
Table 4
After VPN client is the virtual ip address that NVR is assigned with correspondence, can issue and virtual address 1.1.1.5 to NVR The route table items that the place network segment is corresponding.Wherein, this route table items can be as shown in table 3, therefore the present invention does not repeats them here.
In the present invention, when in the address pool that VPN client is preset allocated virtual ip address account in this address pool empty The ratio intending IP address sum exceedes threshold value, and during such as 80%, VPN client can be based on default virtual ip address migration strategy Virtual ip address allocated in this address pool migrates to other address pool preset, and wherein, this migration strategy can include Preferentially the virtual ip address of VPN service terminal minimum for access device and access device thereof is modified.
In the embodiment illustrated, it can be assumed that virtual IP address ground in some address pool preset in VPN client The sum of location is 254, and in the virtual ip address that ought preset, allocated virtual ip address accounts for virtual ip address in this address pool When the ratio of sum is more than 80%, VPN can be triggered and based on default migration strategy, allocated virtual ip address is moved Move.Then when the VPN service terminal 1 in a certain VPN service terminal, such as Fig. 3, and access device needs to set up VPN with VPN client The quantity in tunnel is 207, i.e. more than 254 80% time, VPN client can be based on default migration strategy in this address pool Allocated virtual ip address migrates.Wherein, this migration strategy can include preferentially by VPN service minimum for access device The virtual ip address of end and access device thereof is modified.Assume VPN client now with in another VPN service terminal, such as Fig. 3 VPN service terminal 3, and access device to set up the quantity of vpn tunneling be 10, then VPN client can be preferentially by VPN service terminal 3 and the virtual ip address of access device be revised as the virtual ip address in other address pool.For example, it is possible to this VPN is serviced The virtual ip address 2.1.1.6 that the virtual ip address of end 3 is revised as in address pool 2.1.1.0.
When the quantity of VPN service terminal and access device thereof is more than the virtual ip address sum in a certain preset address pond, VPN Client can be the virtual interface that this VPN service terminal and access device thereof arrange correspondence, and then, VPN client can will be somebody's turn to do The virtual ip address of the part access devices of VPN service terminal is revised as the virtual ip address in other address pool, such that it is able to really Protect the quantity distributing virtual ip address in above-mentioned preset address pond less than the sum of virtual ip address in this address pool.
Refer to Fig. 4, realize another application scenarios figure of virtual ip address distribution for the application present invention.In Fig. 4, VPN Service end 1 and access device thereof can set up vpn tunneling with VPN client, and set up the quantity of vpn tunneling with VPN client Exceed the quantity of virtual ip address in the address pool that VPN presets.Now, VPN client can be from multiple default addresses Pond is VPN service terminal 1 and access device distribution virtual ip address thereof, distributes for VPN service terminal 1 and access device thereof meanwhile Identical virtual interface PPP0;Similarly, the number of vpn tunneling is set up when VPN service terminal 2 and access device thereof with VPN client When amount has exceeded the quantity of virtual ip address in the virtual ip address that VPN presets, VPN client can be from multiple default addresses Pond is VPN service terminal 2 and access device distribution virtual ip address thereof, and is VPN service terminal 2 and access device distribution phase thereof Same virtual interface PPP1;Similarly, the quantity of vpn tunneling is set up when VPN service terminal 3 and access device thereof with VPN client When having exceeded the quantity of virtual ip address in the virtual ip address that VPN presets, VPN client can be from multiple default address pool In be VPN service terminal 3 and access device distribution virtual ip address thereof, and it is identical be that VPN service terminal 3 and access device thereof distribute Virtual interface PPP2.Now, VPN client can be such as table 5 to the route table items that VPN service terminal 1 and access device thereof issue Shown in:
Corresponding address pool Virtual gateway address Mask address Virtual interface
1.1.1.0 1.1.1.1 255.255.255.0 PPP0
2.1.1.0 1.1.1.1 255.255.255.0 PPP0
3.1.1.0 1.1.1.1 255.255.255.0 PPP0
Table 5
VPN client can be as shown in table 6 to the route table items that VPN service terminal 2 and access device thereof issue:
Corresponding address pool Virtual gateway address Mask address Virtual interface
1.1.1.0 2.1.1.1 255.255.255.0 PPP1
2.1.1.0 2.1.1.1 255.255.255.0 PPP1
3.1.1.0 2.1.1.1 255.255.255.0 PPP1
Table 6
VPN client can be as shown in table 7 to the route table items that VPN service terminal 3 and access device thereof issue:
Table 7
In the present invention, if the access device of the VPN service terminal being connected with this VPN client or VPN service terminal rolls off the production line After not in the ageing time of allocated virtual ip address, again reached the standard grade in 24 hours, then VPN client can be for The virtual ip address of distribution performs reclaimer operation.Wherein, this ageing time having distributed virtual ip address can be default setting Or being arranged by User Defined, the present invention is without limitation.
Certainly, if the access device of the VPN service terminal being connected with this VPN client or VPN service terminal roll off the production line after Again reach the standard grade in the ageing time of the virtual ip address of distribution, then VPN client can be this VPN service terminal or this VPN service The virtual ip address used when the access device of end is once reached the standard grade before preferentially distributing.Specifically, VPN client can be based on above-mentioned Having distributed the corresponding relation of VPN service terminal and the MAC Address of access device and virtual ip address in address table is this VPN service The virtual ip address used when end and access device thereof are once reached the standard grade before preferentially distributing.
From above-described embodiment, in the present invention, VPN client can send tunnel to VPN service terminal and set up request Message, wherein, request message is set up in this tunnel can include user name and user cipher, then, VPN client can receive with It is connected VPN service terminal send after being verified for above-mentioned user name and user cipher for indicating agreement to set up tunnel The notice message in road, after receiving this notice message, VPN client can be above-mentioned VPN service terminal from default address pool Distribution is for setting up the virtual ip address of vpn tunneling.Owing to the present invention uses VPN client to be several coupled VPN The virtual ip address that service end distribution is corresponding, therefore, it can solve in correlation technique because several VPN service terminal are self distribution The problem that interconnecting occurs in the monitoring system that identical virtual ip address causes.
Based on the inventive concept same with said method, the embodiment of the present invention additionally provides the distributor of virtual ip address Embodiment.
The distributor of virtual ip address of the present invention can apply to VPN client.Wherein, the distribution of this virtual ip address Device can be realized by software, it is also possible to realizes by the way of hardware or software and hardware combining.As a example by implemented in software, make It is the device on a logical meaning, is the processor by its place, by computer journey corresponding in nonvolatile memory Sequence instruction reads and runs formation in internal memory.For application, as it is shown in figure 5, be virtual IP address in the embodiment of the present invention The hardware block diagram of the distributor of address, except the processor shown in Fig. 5, network interface, internal memory and non-volatile deposit Outside reservoir, it is also possible to include other hardware, such as camera head, it is responsible for processing the forwarding chip etc. of message.
As shown in Figure 6, for the present invention according to the distributor of a kind of virtual ip address shown in an exemplary embodiment Block diagram.Described device is applied to VPN client, and wherein, described VPN client and several subordinate domain VPN service terminal pass through NAT Isolation, described VPN client is in inside NAT, and described device includes: sending module 610, receiver module 620 and distribution mould Block 630.
Wherein, sending module 610, set up request message for sending tunnel to described VPN service terminal;Wherein, described tunnel Road is set up request message and is included user name and user cipher;
Receiver module 620, is used for receiving described VPN service terminal after being verified for described user name and user cipher The notice message being used for indicating agreement to set up vpn tunneling sent;
Distribution module 630, after being used for receiving described notice message, is described VPN service terminal from default address pool Distribution is for setting up the virtual ip address of vpn tunneling.
In an optional implementation, described receiver module 620 can be further used for:
When described VPN service terminal detects new access device, receive that described VPN service terminal sends for described new access The Address requests message of device request virtual ip address;
Described distribution module 630 can be further used for:
Based on the described Address requests message received equipment distribution use for described new access from default address pool In the virtual ip address setting up vpn tunneling.
In an optional implementation, described device can also include (as shown in Figure 6):
Issue module 640, after being described VPN service terminal distribution virtual ip address from described default address pool, Other VPN service terminal in described VPN service terminal and territory, described VPN service terminal place issue and the described virtual IP address distributed The route table items that place, the address network segment is corresponding, and set for newly accessing of described VPN service terminal from described default address pool After back-up joins virtual ip address, issue the route corresponding with the described virtual ip address place network segment distributed to described access device List item.
In an optional implementation, described device can also include (as shown in Figure 6):
Transferring module 650, is used for when in described default address pool, allocated virtual ip address accounts in address pool virtual When the ratio of IP address sum exceedes threshold value, based on default virtual ip address migration strategy by allocated in described address pool Virtual ip address migrates to other address pool preset;Wherein, described migration strategy includes preferential by VPN minimum for access device The virtual ip address of service end and access device thereof is modified.
In an optional implementation, described device can also include (as shown in Figure 6):
Recycling module 660, if after the access device of described VPN service terminal or described VPN service terminal rolls off the production line, not Again reach the standard grade in the ageing time of allocated described virtual ip address, then hold for the most the allocated described virtual ip address Row reclaimer operation.
In the present invention, VPN client can send tunnel to VPN service terminal and set up request message, and wherein, this tunnel is built Vertical request message can include user name and user cipher, and then, VPN client can receive coupled VPN service terminal Send after being verified for above-mentioned user name and user cipher agrees to set up the notice message in tunnel for indicating, and receives After this notice message, VPN client can be used for setting up VPN tunnel for the distribution of above-mentioned VPN service terminal from default address pool The virtual ip address in road.The void using VPN client to be coupled several VPN service terminal distribution correspondence due to the present invention Intend IP address, therefore, it can solve in correlation technique because several VPN service terminal are self to be assigned with identical virtual ip address The problem that interconnecting occurs in the monitoring system caused.
Those skilled in the art, after considering the invention that description and practice are invented here, will readily occur to its of the present invention Its embodiment.It is contemplated that contain any modification, purposes or the adaptations of the present invention, these modification, purposes or Person's adaptations is followed the general principle of the present invention and includes the common knowledge in the art that the present invention does not invents Or conventional techniques means.Description and embodiments is considered only as exemplary, and true scope and spirit of the invention are by following Claim is pointed out.
It should be appreciated that the invention is not limited in precision architecture described above and illustrated in the accompanying drawings, and And various modifications and changes can carried out without departing from the scope.The scope of the present invention is only limited by appended claim.
The foregoing is only presently preferred embodiments of the present invention, not in order to limit the present invention, all essences in the present invention Within god and principle, any modification, equivalent substitution and improvement etc. done, within should be included in the scope of protection of the invention.

Claims (10)

1. a distribution method for virtual ip address, described method is applied to VPN (virtual private network) VPN client, wherein, described VPN client is isolated by NAT with several subordinate domain VPN service terminal, and described VPN client is in inside NAT, and its feature exists In, described method includes:
Send tunnel to described VPN service terminal and set up request message;Wherein, described tunnel set up request message include user name and User cipher;
Receive that described VPN service terminal sends after being verified for described user name and user cipher for indicating agreement to build The notice message of vertical vpn tunneling;
After receiving described notice message, for the distribution of described VPN service terminal for setting up vpn tunneling from default address pool Virtual ip address.
Method the most according to claim 1, it is characterised in that described method also includes:
When described VPN service terminal detects new access device, receive that described VPN service terminal sends for described new access device The Address requests message of request virtual ip address;
Distribute for building based on the equipment that the described Address requests message received is described new access from default address pool The virtual ip address of vertical vpn tunneling.
Method the most according to claim 2, it is characterised in that described method also includes:
After being described VPN service terminal distribution virtual ip address from described default address pool, to described VPN service terminal and institute State other VPN service terminal in territory, VPN service terminal place and issue the road corresponding with the described virtual ip address place network segment distributed By list item;
After being the new access device distribution virtual ip address of described VPN service terminal from described default address pool, connect to described Enter equipment and issue the route table items corresponding with the described virtual ip address place network segment distributed.
Method the most according to claim 1, it is characterised in that when allocated virtual IP address ground in described default address pool Location accounts for the ratio of the sum of virtual ip address in address pool when exceeding threshold value, based on default virtual ip address migration strategy by described In address pool, allocated virtual ip address migrates to other address pool preset;Wherein, described migration strategy includes preferentially to VPN service terminal and the virtual ip address of access device thereof that access device is minimum are modified.
Method the most according to claim 1, it is characterised in that described method also includes:
If after the access device of described VPN service terminal or described VPN service terminal rolls off the production line, not at allocated described virtual IP address Again reach the standard grade in the ageing time of address, then perform reclaimer operation for the most the allocated described virtual ip address.
6. a distributor for virtual ip address, described device is applied to VPN (virtual private network) VPN client, wherein, described VPN client is isolated by NAT with several subordinate domain VPN service terminal, and described VPN client is in inside NAT, and its feature exists In, described device includes:
Sending module, sets up request message for sending tunnel to described VPN service terminal;Wherein, request report is set up in described tunnel Literary composition includes user name and user cipher;
Receiver module, for receiving what described VPN service terminal sent after being verified for described user name and user cipher For indicating the notice message agreeing to set up vpn tunneling;
Distribution module, after being used for receiving described notice message, is used for for the distribution of described VPN service terminal from default address pool Set up the virtual ip address of vpn tunneling.
Device the most according to claim 6, it is characterised in that described receiver module is further used for:
When described VPN service terminal detects new access device, receive that described VPN service terminal sends for described new access device The Address requests message of request virtual ip address;
Described distribution module is further used for:
Distribute for building based on the equipment that the described Address requests message received is described new access from default address pool The virtual ip address of vertical vpn tunneling.
Device the most according to claim 7, it is characterised in that described device also includes:
Issue module, after being described VPN service terminal distribution virtual ip address from described default address pool, to described Other VPN service terminal in VPN service terminal and territory, described VPN service terminal place issue and the described virtual ip address institute distributed At the route table items that the network segment is corresponding, and it is the new access device distribution of described VPN service terminal from described default address pool After virtual ip address, issue the route table items corresponding with the described virtual ip address place network segment distributed to described access device.
Device the most according to claim 6, it is characterised in that described device also includes:
Transferring module, for when in described default address pool allocated virtual ip address to account for virtual ip address in address pool total When the ratio of number exceedes threshold value, based on default virtual ip address migration strategy by allocated virtual IP address ground in described address pool Location migrates to other address pool preset;Wherein, described migration strategy include preferentially by VPN service terminal minimum for access device and The virtual ip address of its access device is modified.
Device the most according to claim 6, it is characterised in that described device also includes:
Recycling module, if after the access device of described VPN service terminal or described VPN service terminal rolls off the production line, do not divided Again reach the standard grade in the ageing time of the described virtual ip address joined, then perform recovery for the most the allocated described virtual ip address Operation.
CN201610380431.4A 2016-05-31 2016-05-31 The distribution method and device of virtual ip address Active CN105872128B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201610380431.4A CN105872128B (en) 2016-05-31 2016-05-31 The distribution method and device of virtual ip address

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201610380431.4A CN105872128B (en) 2016-05-31 2016-05-31 The distribution method and device of virtual ip address

Publications (2)

Publication Number Publication Date
CN105872128A true CN105872128A (en) 2016-08-17
CN105872128B CN105872128B (en) 2019-03-08

Family

ID=56675628

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201610380431.4A Active CN105872128B (en) 2016-05-31 2016-05-31 The distribution method and device of virtual ip address

Country Status (1)

Country Link
CN (1) CN105872128B (en)

Cited By (9)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN106453690A (en) * 2016-11-24 2017-02-22 浙江宇视科技有限公司 IP address allocation method and apparatus
CN106788749A (en) * 2017-02-09 2017-05-31 上海斐讯数据通信技术有限公司 A kind of method and system for automatically configuring and reclaiming of FTTH terminals vlan information
CN107154865A (en) * 2017-04-13 2017-09-12 上海寰创通信科技股份有限公司 A kind of method based on outer net managing intranet equipment
CN109194575A (en) * 2018-08-23 2019-01-11 新华三技术有限公司 Route selection method and device
CN109660439A (en) * 2018-12-14 2019-04-19 深圳市信锐网科技术有限公司 A kind of terminal mutual visit management system and method
CN109688124A (en) * 2018-12-20 2019-04-26 高新兴国迈科技有限公司 A kind of method for interchanging data based on video boundaries
CN110650065A (en) * 2019-09-24 2020-01-03 中国人民解放军战略支援部队信息工程大学 Internet-oriented network equipment public testing system and testing method
CN111404801A (en) * 2020-03-27 2020-07-10 四川虹美智能科技有限公司 Data processing method, device and system for cross-cloud manufacturer
CN114556868A (en) * 2019-11-08 2022-05-27 华为云计算技术有限公司 Private sub-network for Virtual Private Network (VPN) clients

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101572729A (en) * 2009-05-04 2009-11-04 成都市华为赛门铁克科技有限公司 Processing method of node information of virtual private network, interrelated equipment and system
CN102377629A (en) * 2010-08-20 2012-03-14 成都市华为赛门铁克科技有限公司 Method and device for communicating with server in IMS (IP multimedia subsystem) core network by using terminal to pass through private network as well as network system
CN103607403A (en) * 2013-11-26 2014-02-26 北京星网锐捷网络技术有限公司 Method, device and system for using safety domain in NAT network environment
CN104468625A (en) * 2014-12-26 2015-03-25 浙江宇视科技有限公司 Dialing tunnel broker device and method for NAT traversal by means of dialing tunnel
CN105072213A (en) * 2015-08-28 2015-11-18 迈普通信技术股份有限公司 IPSec NAT bidirection traversing method, IPSec NAT bidirection traversing system and VPN gateway

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101572729A (en) * 2009-05-04 2009-11-04 成都市华为赛门铁克科技有限公司 Processing method of node information of virtual private network, interrelated equipment and system
CN102377629A (en) * 2010-08-20 2012-03-14 成都市华为赛门铁克科技有限公司 Method and device for communicating with server in IMS (IP multimedia subsystem) core network by using terminal to pass through private network as well as network system
CN103607403A (en) * 2013-11-26 2014-02-26 北京星网锐捷网络技术有限公司 Method, device and system for using safety domain in NAT network environment
CN104468625A (en) * 2014-12-26 2015-03-25 浙江宇视科技有限公司 Dialing tunnel broker device and method for NAT traversal by means of dialing tunnel
CN105072213A (en) * 2015-08-28 2015-11-18 迈普通信技术股份有限公司 IPSec NAT bidirection traversing method, IPSec NAT bidirection traversing system and VPN gateway

Cited By (12)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN106453690A (en) * 2016-11-24 2017-02-22 浙江宇视科技有限公司 IP address allocation method and apparatus
CN106788749A (en) * 2017-02-09 2017-05-31 上海斐讯数据通信技术有限公司 A kind of method and system for automatically configuring and reclaiming of FTTH terminals vlan information
CN107154865A (en) * 2017-04-13 2017-09-12 上海寰创通信科技股份有限公司 A kind of method based on outer net managing intranet equipment
CN109194575A (en) * 2018-08-23 2019-01-11 新华三技术有限公司 Route selection method and device
CN109660439A (en) * 2018-12-14 2019-04-19 深圳市信锐网科技术有限公司 A kind of terminal mutual visit management system and method
CN109660439B (en) * 2018-12-14 2021-08-13 深圳市信锐网科技术有限公司 Terminal mutual access management system and method
CN109688124A (en) * 2018-12-20 2019-04-26 高新兴国迈科技有限公司 A kind of method for interchanging data based on video boundaries
CN109688124B (en) * 2018-12-20 2021-08-24 高新兴国迈科技有限公司 Data exchange method based on video boundary
CN110650065A (en) * 2019-09-24 2020-01-03 中国人民解放军战略支援部队信息工程大学 Internet-oriented network equipment public testing system and testing method
CN114556868A (en) * 2019-11-08 2022-05-27 华为云计算技术有限公司 Private sub-network for Virtual Private Network (VPN) clients
CN114556868B (en) * 2019-11-08 2023-11-10 华为云计算技术有限公司 Private subnetworks for virtual private network VPN clients
CN111404801A (en) * 2020-03-27 2020-07-10 四川虹美智能科技有限公司 Data processing method, device and system for cross-cloud manufacturer

Also Published As

Publication number Publication date
CN105872128B (en) 2019-03-08

Similar Documents

Publication Publication Date Title
CN105872128A (en) Virtual IP address allocation method and device
CN111030912B (en) Method for intercommunication between virtual private cloud VPCs
US10361970B2 (en) Automated instantiation of wireless virtual private networks
CN104468574B (en) A kind of method, system and device of virtual machine dynamic access IP address
WO2017214883A1 (en) Network system and method for cross region virtual private network peering
CN107547351B (en) Address allocation method and device
CN103259736A (en) Tunnel building method and network equipment
CN105610675A (en) Creating method and device of virtual VPN gateway
US20210321253A1 (en) Virtual tenant for multiple dwelling unit
CN106453690A (en) IP address allocation method and apparatus
CN105979202B (en) Data transmission method and device
CN106535160A (en) Method and system for isolated transmission of dual-system dual-SIM card network
CN103001953A (en) Method and device for allocating network resources of virtual machines
CN103401787B (en) Static route issuing method and UPE (Ultimate Provider Edge)
CN104539752A (en) Access method and system between multiple level domain platforms
WO2016074478A1 (en) Method and device for identifying service chain path, and service chain
US8566587B2 (en) Network system and method for operating network system
CN112019573B (en) Distributed management system and management method of intelligent card management device
KR101538737B1 (en) Method for IP allocation in DHCP
CN109561170B (en) Address pool creating method and device, address pool management system and storage medium
CN108306807B (en) Account opening management method and device
CN106411928A (en) Authentication method and device of client access server and VDI system
JP2002232449A (en) Method and system for outsourcing floating office management in company and association
CN105610717A (en) Cross-SDN routing release method and device
CN113438334B (en) Port PVID configuration method, device and system

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant