CN108023886A - Equipment login management method, storage medium, protocol gateway and NM client - Google Patents

Equipment login management method, storage medium, protocol gateway and NM client Download PDF

Info

Publication number
CN108023886A
CN108023886A CN201711267779.3A CN201711267779A CN108023886A CN 108023886 A CN108023886 A CN 108023886A CN 201711267779 A CN201711267779 A CN 201711267779A CN 108023886 A CN108023886 A CN 108023886A
Authority
CN
China
Prior art keywords
connection
protocol gateway
client
equipment
managed
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN201711267779.3A
Other languages
Chinese (zh)
Inventor
符凯
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Unihub China Information Technology Co Ltd
Zhongying Youchuang Information Technology Co Ltd
Original Assignee
Unihub China Information Technology Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Unihub China Information Technology Co Ltd filed Critical Unihub China Information Technology Co Ltd
Priority to CN201711267779.3A priority Critical patent/CN108023886A/en
Publication of CN108023886A publication Critical patent/CN108023886A/en
Pending legal-status Critical Current

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0815Network architectures or network communication protocols for network security for authentication of entities providing single-sign-on or federations
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/16Implementing security features at a particular protocol layer
    • H04L63/166Implementing security features at a particular protocol layer at the transport layer
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/20Network architectures or network communication protocols for network security for managing network security; network security policies in general
    • H04L63/205Network architectures or network communication protocols for network security for managing network security; network security policies in general involving negotiation or determination of the one or more network security mechanisms to be used, e.g. by negotiation between the client and the server or between peers or by selection according to the capabilities of the entities involved

Abstract

An embodiment of the present invention provides a kind of equipment login management method, storage medium, protocol gateway and NM client, wherein, this method includes:Protocol gateway is set between NM client and equipment to be managed, in transport layer, connection between the protocol gateway and the NM client is established based on telecommunication network agreement, the connection between the protocol gateway and the equipment to be managed is established based on secure shell program;After the protocol gateway and the NM client establish connection and the protocol gateway establishes connection with the equipment to be managed, the data that a side sends in the NM client and the equipment to be managed are directly forwarded to by the opposing party by the protocol gateway.

Description

Equipment login management method, storage medium, protocol gateway and NM client
Technical field
The present invention relates to field of communication technology, more particularly to a kind of equipment login management method, storage medium, protocol gateway And NM client.
Background technology
Traditional network management passes through telnet (telecommunication network protocol, telecommunication network association extensively View) mode logging device and host be managed, and telnet modes are realized simply, but due to being plaintext transmission, there are safety Hidden danger, recent host and equipment have all upgraded to ssh login modes.Due to ssh (Secure Shell, Secure Shell journey Sequence) mode realizes more complicated, the transformation of many traditional network managements is got up relatively difficult.Multiple components of increasing income especially are included, respectively It is more prominent in the case of being write by different language.Compare new language may be directly just built-in ssh supports, it is more ancient Language, such as the language such as perl, shell, php, python cannot directly support ssh, can only pass through the indirect means such as expect Support, it is cumbersome, and also corresponding code needs to transform again.Especially some integrated third party's modules, transformation is more It is difficult.
Transformed respectively for example, a kind of modification scheme of the prior art is various language to support ssh, such as perl Expect modes, logging device is realized by the ssh orders of calling system.Benefit is that ssh orders are that operating system carries, and is lacked Point is that this mode performance is relatively low, and the host and equipment of management a small number of (hundreds) are fine, once popularization, efficiency is just very low Under.The implementation of the language such as the perl used in existing system, php, python, java has similar problems.It is and different For the ssh implementations difference of language, it is necessary to explore respectively, workload is bigger.
Another kind feasible program of the prior art is that equipment is logged in this block to extract, individually real with a kind of language It is existing, it is packaged as servicing, this is also common design pattern.Shortcoming is that original service logic is more complicated, is not simply Order is performed, but there are context interaction, retrofit work amount are very big.
Similar resolving ideas also has springboard machine and fort machine, but existing scheme is mainly the security control for considering to log in And audit, not automate and consider for webmaster, isolated client and equipment in application layer, aspect of performance is difficult to meet automation The requirement of login.
Also one it is important the problem of, with the expansion of management scale, the requirement to performance is also more and more urgent.And The ssh of many language supports that scheme is the encapsulation of the openssh of system in fact, is realized using interprocess communication, in management magnanimity When (5000+) equipment, due to the limitation of operating system, concurrent substantial amounts of ssh processes, are crackpot.Mainstream at present The scheme for solving large-scale concurrent is namely based on event or association's journey model programming, so, should support association's journey, prop up again Hold the just more difficult of ssh.By taking perl as an example, journey or the primary support ssh of event mode can not be assisted on CPAN so far yet Module.The ssh modules paramiko of Python does not support association's journey similarly.
Problem existing in the prior art can be summarized as:Concurrent substantial amounts of ssh processes are not supported;Do not support ssh.
The content of the invention
An embodiment of the present invention provides a kind of equipment login management method, with solve in the prior art webmaster logging device into In the scheme of row management webmaster do not support ssh need into line program transformation, transformation after the low technical problem of performance.This method bag Include:Protocol gateway is set between NM client and equipment to be managed, in transport layer, established based on telecommunication network agreement described in Connection between protocol gateway and the NM client, establishes the protocol gateway based on secure shell program and treats pipe with described Manage the connection between equipment;Connection is established with the NM client and the protocol gateway is treated with described in the protocol gateway Management equipment is established after connection, is sent out a side in the NM client and the equipment to be managed by the protocol gateway The data sent are directly forwarded to the opposing party.
The embodiment of the present invention additionally provides a kind of computer-readable recording medium, is set with solving webmaster login in the prior art In the standby scheme being managed webmaster do not support ssh need into line program transformation, transformation after the low technical problem of performance.The meter Calculation machine readable storage medium storing program for executing is stored with the computer program for performing any of the above-described kind of equipment login management method.
The embodiment of the present invention additionally provides a kind of protocol gateway, is managed with solving webmaster logging device in the prior art Scheme in webmaster do not support ssh need into line program transformation, transformation after the low technical problem of performance.The protocol gateway includes: Connection establishment module, in transport layer, based on telecommunication network agreement establish the protocol gateway and the NM client it Between connection, the connection between the protocol gateway and the equipment to be managed is established based on secure shell program;Data forwarding Module, in the protocol gateway and NM client foundation connection and the protocol gateway and the equipment to be managed Establish after connection, the data of the NM client and side transmission in the equipment to be managed are directly forwarded to another Side.
The embodiment of the present invention additionally provides a kind of NM client, and pipe is carried out to solve webmaster logging device in the prior art In the scheme of reason webmaster do not support ssh need into line program transformation, transformation after the low technical problem of performance.The NM client bag Include:Link block is established in request, for establishing protocol gateway and institute based on telecommunication network agreement in transport layer, request protocol gateway The connection between NM client is stated, asks the protocol gateway to establish the protocol gateway based on secure shell program and treat pipe Manage the connection between equipment;Communication module, for forwarding the data to the equipment to be managed by the protocol gateway, receives The data that the equipment to be managed of the protocol gateway forwarding is sent.
In embodiments of the present invention, by setting protocol gateway between NM client and equipment to be managed, and passing Defeated layer, the connection between protocol gateway and NM client is established based on telecommunication network agreement, that is, is established telnet connections, be based on Secure shell program establishes the connection between protocol gateway and equipment to be managed, that is, establishes ssh connections, and then pass through protocol gateway The data that a side sends in NM client and equipment to be managed are directly forwarded to the opposing party so that NM client is without branch Ssh connections are held, originally only support the NM client program of telnet connections hardly can pass through protocol gateway with modification Equipment to be managed is logged in ssh connection modes, avoids tradition from only supporting the NM client of telnet connections to pass through substantial amounts of journey Sequence modification supports the ssh to connect;Simultaneously as NM client need not support ssh connections can be by protocol gateway with ssh Connection mode logs in equipment to be managed so that NM client can compatible different development language, avoid NM client concurrent Substantial amounts of ssh processes, are conducive to support the access of bulk device, are conducive to improve performance.
Brief description of the drawings
Attached drawing described herein is used for providing a further understanding of the present invention, forms the part of the application, not Form limitation of the invention.In the accompanying drawings:
Fig. 1 is a kind of flow chart of equipment login management method provided in an embodiment of the present invention;
Fig. 2 is a kind of configuration diagram for setting protocol gateway provided in an embodiment of the present invention;
Fig. 3 is provided in an embodiment of the present invention a kind of the interaction that telnet connections connect with ssh to be established by protocol gateway Figure;
Fig. 4 is a kind of telnet protocol extensions schematic diagram provided in an embodiment of the present invention;
Fig. 5 is a kind of structure diagram of protocol gateway provided in an embodiment of the present invention;
Fig. 6 is a kind of structure diagram of NM client provided in an embodiment of the present invention.
Embodiment
It is right with reference to embodiment and attached drawing for the object, technical solutions and advantages of the present invention are more clearly understood The present invention is described in further details.Here, the exemplary embodiment and its explanation of the present invention are used to explain the present invention, but simultaneously It is not as a limitation of the invention.
In embodiments of the present invention, there is provided a kind of equipment login management method, as shown in Figure 1, this method includes:
Step 101:Protocol gateway is set between NM client and equipment to be managed, in transport layer, based on telecommunications network Network agreement establishes the connection between the protocol gateway and the NM client, i.e., between protocol gateway and NM client Telnet connections are established, the connection between the protocol gateway and the equipment to be managed are established based on secure shell program, i.e., Ssh connections are established between protocol gateway and equipment to be managed;
Step 102:Connection is established with the NM client and the protocol gateway is treated with described in the protocol gateway Management equipment is established after connection completion, by the protocol gateway by one in the NM client and the equipment to be managed The data just sent are directly forwarded to the opposing party.
Flow as shown in Figure 1 is understood, in embodiments of the present invention, by between NM client and equipment to be managed Protocol gateway is set, and in transport layer, the connection between protocol gateway and NM client is established based on telecommunication network agreement, i.e., Telnet connections are established, the connection between protocol gateway and equipment to be managed is established based on secure shell program, that is, establish ssh companies Connect, and then the data that a side sends in NM client and equipment to be managed be directly forwarded to by the opposing party by protocol gateway, So that NM client need not support ssh to connect, originally only support the NM client programs of telnet connections hardly with repairing Equipment to be managed can be logged in by protocol gateway with ssh connection modes by changing, and avoid tradition from only supporting the net of telnet connections Pipe client supports ssh to connect by substantial amounts of modification of program;Simultaneously as NM client need not support ssh connections just Equipment to be managed can be logged in ssh connection modes by protocol gateway so that NM client can compatible different exploitation languages Speech, avoids NM client concurrently substantial amounts of ssh processes, is conducive to support the access of bulk device, is conducive to improve performance.
When it is implemented, after by analyzing, comparing ssh and telnet agreements, present inventor find telnet and Ssh is that the control protocol of transport layer is different, is substantially compatible in application connection and application layer protocol, therefore, such as Fig. 2 institutes Show, the application sets protocol gateway among NM client and equipment to be managed, and protocol gateway is in transport layer and webmaster client End establishes telnet connections and establishes ssh with equipment to be managed and is connected, protocol gateway only need to content more than transport layer into Row unpacks and forwarding.I.e. protocol gateway part is not involved in the conversion of service message, simply simply forwards, thus can accomplish and Business is unrelated, possesses more preferable versatility.Meanwhile because without switch contexts state, can be simply by trunking mode Realize horizontal extension, advantageously account for High Availabitity and high-performance question.The protocol gateway is realized in transport layer rather than application layer Message transparent forwarding, if realized in application layer by web services mode, since http and ssh agreements are incompatible, deals with It can bother very much.
The setting of protocol gateway, is still by telnet connection modes for the program of original NM client Access, simply target becomes protocol gateway, can accomplish routine interface originally compatible to greatest extent.Pass through this side Formula, the language for only supporting telnet linkage functions originally, also possesses the tenability of ssh connections.
When it is implemented, in order to realize that the control that protocol gateway establishes connection is automation, in the present embodiment, passing Defeated layer, establishes the connection between the protocol gateway and the NM client, based on Secure Shell based on telecommunication network agreement Program establishes the connection between the protocol gateway and the equipment to be managed, including:Received in the protocol gateway described When what NM client was sent is used for the first control signaling based on the foundation connection of telecommunication network agreement, according to the described first control Signaling establishes the connection between the protocol gateway and the NM client based on telecommunication network agreement;In the protocol gateway When receiving the second control signaling being used for based on secure shell program foundation connection that the NM client is sent, according to institute State the second control signaling and connection between the protocol gateway and equipment to be managed is established based on secure shell program, wherein, institute The information that the second control signaling includes establishing the equipment to be managed of connection is stated, for example, it may be the address letter of equipment to be managed Breath, log-on message etc..Control need not be initiated come control protocol gateway, NM client by artificial configuration or instruction Signaling can the foundation connection of control protocol gateway.
When it is implemented, in order to further improve the function of the transparent and full-automatic forwarding data of protocol gateway, in this implementation In example, establish connection in the protocol gateway and the NM client and the protocol gateway is established with the equipment to be managed Before connection is completed, the protocol gateway is establishes connection status, using the message received as the control for establishing connection Signaling;Connection is established in the protocol gateway and the NM client and the protocol gateway is established with the equipment to be managed After connection is completed, the protocol gateway is communications status, is treated using the message received as the NM client with described The data of interaction between management equipment, and data are directly forwarded to.
Specifically, timesharing transmits control signaling with road in same connection.That is, it is necessary to NM client notice association View gateway needs to establish the information of the equipment (equipment i.e. to be managed) of ssh connections, and protocol gateway is controlled by connection status, Establish with NM client that telnet is connected and protocol gateway establishes ssh with equipment to be managed and is connected completion in protocol gateway Before, the message of transmission can as the control signaling for establishing connection, once and telnet connections connect with ssh and establish completion, it is double Create and complete to pipeline, protocol gateway is switched to communications status, and the message of transmission is considered as entirely data, at this time agreement net Close and business is unrelated, there is no message landing and conversion, without the state of preservation, is only responsible for transparent data forwarding, can hold very much Change places and realize horizontal extension, ensure high-performance and High Availabitity.
Specifically, below in conjunction with Fig. 2,3 describe above-mentioned protocol gateway and NM client establish telnet be connected and with Equipment to be managed establishes the process of ssh connections, which comprises the following steps:
S01:Client (i.e. above-mentioned NM client) is initiated to be based on telecommunication network agreement foundation company to protocol gateway first Telnet connections are established in the request connect, i.e. request, enter control signaling interactive mode after being verified, and client is to protocol gateway The first control signaling for being used for that connection to be established based on telecommunication network agreement is sent, protocol gateway is based on electricity according to the first control signaling Communication network agreement establishes the telnet connections between protocol gateway and client.
S02:Client sends long-range instruction (the i.e. above-mentioned use that connection is established based on secure shell program to protocol gateway In the second control signaling for establishing ssh connections), address information, log-on message including equipment to be managed etc..
S03:After protocol gateway receives instruction, based on secure shell program create protocol gateway to target device/host (i.e. Equipment to be managed) ssh connections, start interactive mode shell.
S04:If successful connection, creates both-way communication pipeline, telnet connections and the equipment side of client-side are connected Ssh connections, into communications status.
S05:Since telent and ssh in the agreement of application layer is compatible, it is possible to accomplish slitless connection.Client Can directly and target device carry out instruction interaction, protocol gateway centre simply play the role of forwarding.
S06:Either party terminates session for client or target device, simultaneously closes off telnet connections, ssh connections and even Adapter road, terminates this communication.
When it is implemented, in order to further meet requirement that high-performance is connected with magnanimity, in the present embodiment, to webmaster visitor Family end (existing system) is transformed using association's journey technology, for example, in NM client, passes through the Non-Blocking I/O based on event Storehouse handles the request that connection is established based on telecommunication network agreement to realize in a manner of assisting journey.
Specifically, be that programmed logic is fairly simple using a benefit of association's journey technology, and traditional client/service Device programming mode is almost identical.And concurrency performance is then more much higher than process or thread mode.In existing system, for reality The function of existing logging device or host, usually all includes telnet modules, and has done certain encapsulation and (for example stepped on Record, exit, performing order etc.).It is basically the simple of tcp agreements as shown in figure 4, since telnet protocol comparisons are simple Semantic extension, the realization of telnet agreements is simpler than ssh more, and telnet client can be transform as to the version for supporting association's journey This, such single client end can realize the parallel login of up to ten thousand equipment, than traditional mode improved efficiency 10 times with On.Concrete operations can be that telnet modules are transform as to the module of non-obstruction.
Telnet modules originally are that the socket network I/Os storehouse based on bottom is realized, and traditional socket storehouses are all resistances (thread can only monitor a socket handle) of plug pattern.The thinking of the application transformation is by introducing based on event Non-Blocking I/O storehouse (is based on libev/libevent), replaces the IO storehouses of original blocking model so that a thread can be same When handle multiple socket handles.Modification (the common webmaster product of increasing income of this part, mainly the basic network module of bottom Many being also based on perl or python exploitations, perl can be based on coro and transform, python can be based on gevent or Person asyncio is transformed), the change on upper strata is little, and basic is exactly the grammer for being replaced with the grammer of association's journey original multithreading, often A association's journey is responsible for handling a socket.It is packaged to log in connection using the improved telnet clients for supporting to assist journey, can Directly to replace the client part of original block type, code change amount very little.In system originally, it is necessary to by multi-thread Journey/multi-process logs in handle the telnet of multiple devices connections, and individual process/thread can handle number at the same time after transforming The login of hundred equipment.
It is described computer-readable to deposit when it is implemented, provide a kind of computer-readable recording medium in the present embodiment Storage media is stored with the computer program for performing any of the above-described kind of equipment login management method.
Based on same inventive concept, a kind of protocol gateway is additionally provided in the embodiment of the present invention, such as the following examples institute State.Since the principle that protocol gateway solves the problems, such as is similar to equipment login management method, the implementation of protocol gateway can be joined See the implementation of equipment login management method, overlaps will not be repeated.Used below, term " unit " or " module " can To realize the combination of the software of predetermined function and/or hardware.Although the described device of following embodiments is preferably come with software Realize, but hardware, or the realization of the combination of software and hardware is also what may and be contemplated.
Fig. 5 is a kind of structure diagram of the protocol gateway of the embodiment of the present invention, as shown in figure 5, the protocol gateway includes:
Connection establishment module 501, in transport layer, the protocol gateway and the net to be established based on telecommunication network agreement Connection between pipe client, the company between the protocol gateway and the equipment to be managed is established based on secure shell program Connect;
Data forwarding module 502, for establishing connection and the agreement in the protocol gateway and the NM client After gateway establishes connection with the equipment to be managed, a side in the NM client and the equipment to be managed is sent Data are directly forwarded to the opposing party.
In one embodiment, connection establishment module 501, including:Telnet connection establishment units, for receiving When being used to establish the first control signaling of connection based on telecommunication network agreement of NM client transmission is stated, according to the described first control Signaling processed establishes the connection between the protocol gateway and the NM client based on telecommunication network agreement;Ssh connections are established Unit, for believing in the second control for being used to establish connection based on secure shell program for receiving the NM client transmission When making, the company between the protocol gateway and equipment to be managed is established based on secure shell program according to second control signaling Connect, wherein, second control signaling includes the information that establish the equipment to be managed of connection.
In one embodiment, protocol gateway further includes:State recognition module, in the protocol gateway and the net Pipe client establishes connection and the protocol gateway is connected with the equipment foundation to be managed before completing, and determines the agreement net Close to establish connection status, using the message received as the control signaling for establishing connection;In the protocol gateway and institute State NM client foundation connection and the protocol gateway is established with the equipment to be managed after connecting completion, determine the association View gateway is communications status, using the message received as the number interacted between the NM client and the equipment to be managed According to indicating that the data forwarding module is directly forwarded to data.
In the present embodiment, a kind of NM client is additionally provided, as shown in fig. 6, the NM client includes:
Link block 601 is established in request, for establishing agreement based on telecommunication network agreement in transport layer, request protocol gateway Connection between gateway and the NM client, asks the protocol gateway to establish the agreement net based on secure shell program Close the connection between equipment to be managed;
Communication module 602, for establishing connection and the protocol gateway in the protocol gateway and the NM client After establishing connection completion with the equipment to be managed, the equipment to be managed is forwarded the data to by the protocol gateway, Receive the data that the equipment to be managed of the protocol gateway forwarding is sent.
In one embodiment, link block 601 is established in request, including:Request establish telnet connection units, for The protocol gateway sends the first control signaling for being used for that connection to be established based on telecommunication network agreement, indicates the protocol gateway root The connection between the protocol gateway and the NM client is established based on telecommunication network agreement according to first control signaling; Ssh connection units are established in request, are used to establish the second of connection based on secure shell program for sending to the protocol gateway Control signaling, indicates that the protocol gateway establishes the protocol gateway according to second control signaling based on secure shell program With the connection between the equipment to be managed;Wherein, second control signaling includes the equipment to be managed that establish connection Information.
In one embodiment, NM client further includes:Telnet connection processing modules, for by based on event Non-Blocking I/O storehouse handles the request that connection is established based on telecommunication network agreement to realize in a manner of assisting journey.
The embodiment of the present invention realizes following technique effect:By setting association between NM client and equipment to be managed Gateway is discussed, and in transport layer, the connection between protocol gateway and NM client is established based on telecommunication network agreement, that is, is established Telnet connections, the connection between protocol gateway and equipment to be managed is established based on secure shell program, that is, establishes ssh connections, And then the data that a side sends in NM client and equipment to be managed are directly forwarded to by the opposing party by protocol gateway so that NM client need not support ssh to connect, and originally only support the NM client program of telnet connections hardly to use modification just Equipment to be managed can be logged in ssh connection modes by protocol gateway, avoid tradition from only supporting the webmaster visitor of telnet connections Ssh is supported to connect by substantial amounts of modification of program in family end;Simultaneously as NM client need not support that ssh connections can Equipment to be managed is logged in ssh connection modes by protocol gateway so that NM client can compatible different development language, keep away Exempt from NM client concurrently substantial amounts of ssh processes, be conducive to support the access of bulk device, be conducive to improve performance.
Obviously, those skilled in the art should be understood that each module of the above-mentioned embodiment of the present invention or each step can be with Realized with general computing device, they can be concentrated on single computing device, or are distributed in multiple computing devices On the network formed, alternatively, they can be realized with the program code that computing device can perform, it is thus possible to by it Store and performed in the storage device by computing device, and in some cases, can be to be held different from order herein They, are either fabricated to each integrated circuit modules or will be multiple in them by the shown or described step of row respectively Module or step are fabricated to single integrated circuit module to realize.In this way, the embodiment of the present invention be not restricted to it is any specific hard Part and software combine.
The foregoing is only a preferred embodiment of the present invention, is not intended to limit the invention, for the skill of this area For art personnel, the embodiment of the present invention can have various modifications and variations.Within the spirit and principles of the invention, made Any modification, equivalent substitution, improvement and etc., should all be included in the protection scope of the present invention.

Claims (10)

  1. A kind of 1. equipment login management method, it is characterised in that including:
    Protocol gateway is set between NM client and equipment to be managed, in transport layer, institute is established based on telecommunication network agreement The connection between protocol gateway and the NM client is stated, the protocol gateway is established based on secure shell program and is treated with described Connection between management equipment;
    Connection is established in the protocol gateway and the NM client and the protocol gateway is established with the equipment to be managed It is by the protocol gateway that the NM client and the data of side transmission in the equipment to be managed is direct after connection It is transmitted to the opposing party.
  2. 2. equipment login management method as claimed in claim 1, it is characterised in that in transport layer, based on telecommunication network agreement Establish the connection between the protocol gateway and the NM client, based on secure shell program establish the protocol gateway with Connection between the equipment to be managed, including:
    The of connection is established based on telecommunication network agreement in the protocol gateway being used for of receiving that the NM client sends During one control signaling, the protocol gateway and webmaster visitor are established based on telecommunication network agreement according to first control signaling Connection between the end of family;
    The of connection is established based on secure shell program in the protocol gateway being used for of receiving that the NM client sends During two control signalings, the protocol gateway and equipment to be managed are established based on secure shell program according to second control signaling Between connection, wherein, second control signaling include to establish connection equipment to be managed information.
  3. 3. equipment login management method as claimed in claim 1, it is characterised in that
    Connection is established in the protocol gateway and the NM client and the protocol gateway is established with the equipment to be managed Before connection is completed, the protocol gateway is establishes connection status, using the message received as the control for establishing connection Signaling;
    Connection is established in the protocol gateway and the NM client and the protocol gateway is established with the equipment to be managed After connection is completed, the protocol gateway is communications status, is treated using the message received as the NM client with described The data of interaction between management equipment, and data are directly forwarded to.
  4. 4. equipment login management method as claimed any one in claims 1 to 3, it is characterised in that further include:
    In the NM client, handled the Non-Blocking I/O storehouse based on event to realize based on telecommunications in a manner of assisting journey Procotol establishes the request of connection.
  5. 5. a kind of computer-readable recording medium, it is characterised in that the computer-readable recording medium storage has perform claim It is required that the computer program of the equipment login management method any one of 1 to 4.
  6. 6. a kind of protocol gateway, it is characterised in that the protocol gateway is arranged between NM client and equipment to be managed, bag Include:
    Connection establishment module, in transport layer, the protocol gateway and the webmaster client to be established based on telecommunication network agreement Connection between end, the connection between the protocol gateway and the equipment to be managed is established based on secure shell program;
    Data forwarding module, for establishing connection and the protocol gateway and institute in the protocol gateway and the NM client Equipment to be managed is stated to establish after connection, the NM client and the data of side transmission in the equipment to be managed is direct It is transmitted to the opposing party.
  7. 7. protocol gateway as claimed in claim 6, it is characterised in that connection establishment module, including:
    Telnet connection establishment units, for being used to build based on telecommunication network agreement receive that the NM client sends During the first control signaling of vertical connection, according to first control signaling be based on telecommunication network agreement establish the protocol gateway and Connection between the NM client;
    Ssh connection establishment units, for being established in the secure shell program that is used to be based on for receiving the NM client transmission During the second control signaling of connection, the protocol gateway is established with treating based on secure shell program according to second control signaling Connection between management equipment, wherein, second control signaling includes the information that establish the equipment to be managed of connection.
  8. 8. protocol gateway as claimed in claims 6 or 7, it is characterised in that further include:
    State recognition module, for establishing connection and the protocol gateway and institute in the protocol gateway and the NM client State equipment to be managed to establish before connection completion, determine the protocol gateway to establish connection status, the message received is made For the control signaling for establishing connection;Connection and the protocol gateway are established in the protocol gateway and the NM client After establishing connection completion with the equipment to be managed, it is communications status to determine the protocol gateway, and the message received is made The data interacted between the NM client and the equipment to be managed, indicate that the data forwarding module is direct to data It is forwarded to.
  9. A kind of 9. NM client, it is characterised in that including
    Link block is established in request, for establishing the agreement net based on telecommunication network agreement in transport layer, request protocol gateway The connection between the NM client is closed, asks the protocol gateway to establish the protocol gateway based on secure shell program With the connection between equipment to be managed;
    Communication module, for being treated in the protocol gateway and NM client foundation connection and the protocol gateway with described Management equipment is established after connection, is forwarded the data to the equipment to be managed by the protocol gateway, is received the agreement The data that the equipment to be managed of gateway forwards is sent.
  10. 10. NM client as claimed in claim 9, it is characterised in that link block is established in the request, including:
    Telnet connection units are established in request, are used to establish connection based on telecommunication network agreement for sending to the protocol gateway The first control signaling, indicate that the protocol gateway establishes the association according to first control signaling based on telecommunication network agreement Discuss the connection between gateway and the NM client;
    Ssh connection units are established in request, are used to establish connection based on secure shell program for sending to the protocol gateway Second control signaling, indicates that the protocol gateway establishes the agreement according to second control signaling based on secure shell program Connection between gateway and the equipment to be managed;Wherein, second control signaling is set including to establish the to be managed of connection Standby information.
CN201711267779.3A 2017-12-05 2017-12-05 Equipment login management method, storage medium, protocol gateway and NM client Pending CN108023886A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201711267779.3A CN108023886A (en) 2017-12-05 2017-12-05 Equipment login management method, storage medium, protocol gateway and NM client

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201711267779.3A CN108023886A (en) 2017-12-05 2017-12-05 Equipment login management method, storage medium, protocol gateway and NM client

Publications (1)

Publication Number Publication Date
CN108023886A true CN108023886A (en) 2018-05-11

Family

ID=62078563

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201711267779.3A Pending CN108023886A (en) 2017-12-05 2017-12-05 Equipment login management method, storage medium, protocol gateway and NM client

Country Status (1)

Country Link
CN (1) CN108023886A (en)

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN110191142A (en) * 2018-09-03 2019-08-30 西安奥卡云数据科技有限公司 It is a kind of can con current control computer system
CN111918306A (en) * 2020-07-28 2020-11-10 烽火通信科技股份有限公司 Method and system for realizing network element communication under IP unreachable scene
CN113794584A (en) * 2021-08-15 2021-12-14 新华三信息安全技术有限公司 Network management method and equipment

Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20100011206A1 (en) * 2008-07-14 2010-01-14 Ricoh Company, Ltd. Embedded apparatus, remote-processing method, and computer program product
CN101631107A (en) * 2008-07-16 2010-01-20 福建升腾资讯有限公司 Method for configuring Linux kernel based on Web method
CN101873264A (en) * 2010-06-09 2010-10-27 清华大学 Method and device BGN for simulating functions of autonomous domain border router
CN103166777A (en) * 2011-12-13 2013-06-19 成都勤智数码科技有限公司 Operation method and device for equipment remote operation and maintenance
CN105407095A (en) * 2015-11-26 2016-03-16 深圳市风云实业有限公司 Device and method for secure communication among different networks
CN106357590A (en) * 2015-07-15 2017-01-25 艾默生网络能源系统北美公司 Network protocol conversion system, network protocol converter and network protocol conversion method

Patent Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20100011206A1 (en) * 2008-07-14 2010-01-14 Ricoh Company, Ltd. Embedded apparatus, remote-processing method, and computer program product
CN101631107A (en) * 2008-07-16 2010-01-20 福建升腾资讯有限公司 Method for configuring Linux kernel based on Web method
CN101873264A (en) * 2010-06-09 2010-10-27 清华大学 Method and device BGN for simulating functions of autonomous domain border router
CN103166777A (en) * 2011-12-13 2013-06-19 成都勤智数码科技有限公司 Operation method and device for equipment remote operation and maintenance
CN106357590A (en) * 2015-07-15 2017-01-25 艾默生网络能源系统北美公司 Network protocol conversion system, network protocol converter and network protocol conversion method
CN105407095A (en) * 2015-11-26 2016-03-16 深圳市风云实业有限公司 Device and method for secure communication among different networks

Cited By (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN110191142A (en) * 2018-09-03 2019-08-30 西安奥卡云数据科技有限公司 It is a kind of can con current control computer system
CN111918306A (en) * 2020-07-28 2020-11-10 烽火通信科技股份有限公司 Method and system for realizing network element communication under IP unreachable scene
CN111918306B (en) * 2020-07-28 2022-03-11 烽火通信科技股份有限公司 Method and system for realizing network element communication under IP unreachable scene
CN113794584A (en) * 2021-08-15 2021-12-14 新华三信息安全技术有限公司 Network management method and equipment

Similar Documents

Publication Publication Date Title
CN108023886A (en) Equipment login management method, storage medium, protocol gateway and NM client
CN109981789A (en) A kind of micro services engine based on proxy mode
CN111130892A (en) Enterprise-level microservice management system and method
CN110191007A (en) Node administration method, system and computer readable storage medium
CN107193669A (en) The system and design method of maintenance interface based on mixed cloud or large-scale cluster
CN110351246A (en) Server cluster system Socket management method and device
CN104144080B (en) The system and method being managed using remote equipment to terminal device
CN106161399A (en) A kind of security service delivery method and system
CN109118184A (en) A kind of payment system and its method of payment
CN109995873A (en) A kind of management client, equipment monitoring system and method
CN106533766A (en) Operation and maintenance management method and system for cloud data center
CN107729176A (en) The disaster recovery method and disaster tolerance system of a kind of profile management systems
CN104539632A (en) Programmable network equipment managing and controlling method based on virtual address spaces
CN110493239A (en) The method and apparatus of authentication
CN108924175A (en) A kind of communication means and device of block interchain
CN101656631A (en) Method and device for supporting multiple gateways in unified management platform
CN107295008A (en) A kind of connection method for building up under enterprise's mixing cloud computing environment
CN109408310A (en) Adjustment method, server and the readable storage medium storing program for executing of server
CN116489214A (en) Unified service scheduling method, device, medium and equipment based on micro service gateway
CN105577686B (en) LAN single-point logging method based on network controller
CN102983988B (en) A kind of proxy for equipment device and network administration apparatus
CN110012008A (en) Heterogeneous data source distributed coordination coherence method and system based on http protocol
CN110324365A (en) Without key front end cluster system, application method, storage medium, electronic device
CN109286688A (en) A kind of data download method and device
WO2023241132A1 (en) Hierarchically decoupled, integrated and open communication open system

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
RJ01 Rejection of invention patent application after publication
RJ01 Rejection of invention patent application after publication

Application publication date: 20180511