CN108023886A - Equipment login management method, storage medium, protocol gateway and NM client - Google Patents
Equipment login management method, storage medium, protocol gateway and NM client Download PDFInfo
- Publication number
- CN108023886A CN108023886A CN201711267779.3A CN201711267779A CN108023886A CN 108023886 A CN108023886 A CN 108023886A CN 201711267779 A CN201711267779 A CN 201711267779A CN 108023886 A CN108023886 A CN 108023886A
- Authority
- CN
- China
- Prior art keywords
- connection
- protocol gateway
- client
- equipment
- managed
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/0815—Network architectures or network communication protocols for network security for authentication of entities providing single-sign-on or federations
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/16—Implementing security features at a particular protocol layer
- H04L63/166—Implementing security features at a particular protocol layer at the transport layer
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/20—Network architectures or network communication protocols for network security for managing network security; network security policies in general
- H04L63/205—Network architectures or network communication protocols for network security for managing network security; network security policies in general involving negotiation or determination of the one or more network security mechanisms to be used, e.g. by negotiation between the client and the server or between peers or by selection according to the capabilities of the entities involved
Abstract
An embodiment of the present invention provides a kind of equipment login management method, storage medium, protocol gateway and NM client, wherein, this method includes:Protocol gateway is set between NM client and equipment to be managed, in transport layer, connection between the protocol gateway and the NM client is established based on telecommunication network agreement, the connection between the protocol gateway and the equipment to be managed is established based on secure shell program;After the protocol gateway and the NM client establish connection and the protocol gateway establishes connection with the equipment to be managed, the data that a side sends in the NM client and the equipment to be managed are directly forwarded to by the opposing party by the protocol gateway.
Description
Technical field
The present invention relates to field of communication technology, more particularly to a kind of equipment login management method, storage medium, protocol gateway
And NM client.
Background technology
Traditional network management passes through telnet (telecommunication network protocol, telecommunication network association extensively
View) mode logging device and host be managed, and telnet modes are realized simply, but due to being plaintext transmission, there are safety
Hidden danger, recent host and equipment have all upgraded to ssh login modes.Due to ssh (Secure Shell, Secure Shell journey
Sequence) mode realizes more complicated, the transformation of many traditional network managements is got up relatively difficult.Multiple components of increasing income especially are included, respectively
It is more prominent in the case of being write by different language.Compare new language may be directly just built-in ssh supports, it is more ancient
Language, such as the language such as perl, shell, php, python cannot directly support ssh, can only pass through the indirect means such as expect
Support, it is cumbersome, and also corresponding code needs to transform again.Especially some integrated third party's modules, transformation is more
It is difficult.
Transformed respectively for example, a kind of modification scheme of the prior art is various language to support ssh, such as perl
Expect modes, logging device is realized by the ssh orders of calling system.Benefit is that ssh orders are that operating system carries, and is lacked
Point is that this mode performance is relatively low, and the host and equipment of management a small number of (hundreds) are fine, once popularization, efficiency is just very low
Under.The implementation of the language such as the perl used in existing system, php, python, java has similar problems.It is and different
For the ssh implementations difference of language, it is necessary to explore respectively, workload is bigger.
Another kind feasible program of the prior art is that equipment is logged in this block to extract, individually real with a kind of language
It is existing, it is packaged as servicing, this is also common design pattern.Shortcoming is that original service logic is more complicated, is not simply
Order is performed, but there are context interaction, retrofit work amount are very big.
Similar resolving ideas also has springboard machine and fort machine, but existing scheme is mainly the security control for considering to log in
And audit, not automate and consider for webmaster, isolated client and equipment in application layer, aspect of performance is difficult to meet automation
The requirement of login.
Also one it is important the problem of, with the expansion of management scale, the requirement to performance is also more and more urgent.And
The ssh of many language supports that scheme is the encapsulation of the openssh of system in fact, is realized using interprocess communication, in management magnanimity
When (5000+) equipment, due to the limitation of operating system, concurrent substantial amounts of ssh processes, are crackpot.Mainstream at present
The scheme for solving large-scale concurrent is namely based on event or association's journey model programming, so, should support association's journey, prop up again
Hold the just more difficult of ssh.By taking perl as an example, journey or the primary support ssh of event mode can not be assisted on CPAN so far yet
Module.The ssh modules paramiko of Python does not support association's journey similarly.
Problem existing in the prior art can be summarized as:Concurrent substantial amounts of ssh processes are not supported;Do not support ssh.
The content of the invention
An embodiment of the present invention provides a kind of equipment login management method, with solve in the prior art webmaster logging device into
In the scheme of row management webmaster do not support ssh need into line program transformation, transformation after the low technical problem of performance.This method bag
Include:Protocol gateway is set between NM client and equipment to be managed, in transport layer, established based on telecommunication network agreement described in
Connection between protocol gateway and the NM client, establishes the protocol gateway based on secure shell program and treats pipe with described
Manage the connection between equipment;Connection is established with the NM client and the protocol gateway is treated with described in the protocol gateway
Management equipment is established after connection, is sent out a side in the NM client and the equipment to be managed by the protocol gateway
The data sent are directly forwarded to the opposing party.
The embodiment of the present invention additionally provides a kind of computer-readable recording medium, is set with solving webmaster login in the prior art
In the standby scheme being managed webmaster do not support ssh need into line program transformation, transformation after the low technical problem of performance.The meter
Calculation machine readable storage medium storing program for executing is stored with the computer program for performing any of the above-described kind of equipment login management method.
The embodiment of the present invention additionally provides a kind of protocol gateway, is managed with solving webmaster logging device in the prior art
Scheme in webmaster do not support ssh need into line program transformation, transformation after the low technical problem of performance.The protocol gateway includes:
Connection establishment module, in transport layer, based on telecommunication network agreement establish the protocol gateway and the NM client it
Between connection, the connection between the protocol gateway and the equipment to be managed is established based on secure shell program;Data forwarding
Module, in the protocol gateway and NM client foundation connection and the protocol gateway and the equipment to be managed
Establish after connection, the data of the NM client and side transmission in the equipment to be managed are directly forwarded to another
Side.
The embodiment of the present invention additionally provides a kind of NM client, and pipe is carried out to solve webmaster logging device in the prior art
In the scheme of reason webmaster do not support ssh need into line program transformation, transformation after the low technical problem of performance.The NM client bag
Include:Link block is established in request, for establishing protocol gateway and institute based on telecommunication network agreement in transport layer, request protocol gateway
The connection between NM client is stated, asks the protocol gateway to establish the protocol gateway based on secure shell program and treat pipe
Manage the connection between equipment;Communication module, for forwarding the data to the equipment to be managed by the protocol gateway, receives
The data that the equipment to be managed of the protocol gateway forwarding is sent.
In embodiments of the present invention, by setting protocol gateway between NM client and equipment to be managed, and passing
Defeated layer, the connection between protocol gateway and NM client is established based on telecommunication network agreement, that is, is established telnet connections, be based on
Secure shell program establishes the connection between protocol gateway and equipment to be managed, that is, establishes ssh connections, and then pass through protocol gateway
The data that a side sends in NM client and equipment to be managed are directly forwarded to the opposing party so that NM client is without branch
Ssh connections are held, originally only support the NM client program of telnet connections hardly can pass through protocol gateway with modification
Equipment to be managed is logged in ssh connection modes, avoids tradition from only supporting the NM client of telnet connections to pass through substantial amounts of journey
Sequence modification supports the ssh to connect;Simultaneously as NM client need not support ssh connections can be by protocol gateway with ssh
Connection mode logs in equipment to be managed so that NM client can compatible different development language, avoid NM client concurrent
Substantial amounts of ssh processes, are conducive to support the access of bulk device, are conducive to improve performance.
Brief description of the drawings
Attached drawing described herein is used for providing a further understanding of the present invention, forms the part of the application, not
Form limitation of the invention.In the accompanying drawings:
Fig. 1 is a kind of flow chart of equipment login management method provided in an embodiment of the present invention;
Fig. 2 is a kind of configuration diagram for setting protocol gateway provided in an embodiment of the present invention;
Fig. 3 is provided in an embodiment of the present invention a kind of the interaction that telnet connections connect with ssh to be established by protocol gateway
Figure;
Fig. 4 is a kind of telnet protocol extensions schematic diagram provided in an embodiment of the present invention;
Fig. 5 is a kind of structure diagram of protocol gateway provided in an embodiment of the present invention;
Fig. 6 is a kind of structure diagram of NM client provided in an embodiment of the present invention.
Embodiment
It is right with reference to embodiment and attached drawing for the object, technical solutions and advantages of the present invention are more clearly understood
The present invention is described in further details.Here, the exemplary embodiment and its explanation of the present invention are used to explain the present invention, but simultaneously
It is not as a limitation of the invention.
In embodiments of the present invention, there is provided a kind of equipment login management method, as shown in Figure 1, this method includes:
Step 101:Protocol gateway is set between NM client and equipment to be managed, in transport layer, based on telecommunications network
Network agreement establishes the connection between the protocol gateway and the NM client, i.e., between protocol gateway and NM client
Telnet connections are established, the connection between the protocol gateway and the equipment to be managed are established based on secure shell program, i.e.,
Ssh connections are established between protocol gateway and equipment to be managed;
Step 102:Connection is established with the NM client and the protocol gateway is treated with described in the protocol gateway
Management equipment is established after connection completion, by the protocol gateway by one in the NM client and the equipment to be managed
The data just sent are directly forwarded to the opposing party.
Flow as shown in Figure 1 is understood, in embodiments of the present invention, by between NM client and equipment to be managed
Protocol gateway is set, and in transport layer, the connection between protocol gateway and NM client is established based on telecommunication network agreement, i.e.,
Telnet connections are established, the connection between protocol gateway and equipment to be managed is established based on secure shell program, that is, establish ssh companies
Connect, and then the data that a side sends in NM client and equipment to be managed be directly forwarded to by the opposing party by protocol gateway,
So that NM client need not support ssh to connect, originally only support the NM client programs of telnet connections hardly with repairing
Equipment to be managed can be logged in by protocol gateway with ssh connection modes by changing, and avoid tradition from only supporting the net of telnet connections
Pipe client supports ssh to connect by substantial amounts of modification of program;Simultaneously as NM client need not support ssh connections just
Equipment to be managed can be logged in ssh connection modes by protocol gateway so that NM client can compatible different exploitation languages
Speech, avoids NM client concurrently substantial amounts of ssh processes, is conducive to support the access of bulk device, is conducive to improve performance.
When it is implemented, after by analyzing, comparing ssh and telnet agreements, present inventor find telnet and
Ssh is that the control protocol of transport layer is different, is substantially compatible in application connection and application layer protocol, therefore, such as Fig. 2 institutes
Show, the application sets protocol gateway among NM client and equipment to be managed, and protocol gateway is in transport layer and webmaster client
End establishes telnet connections and establishes ssh with equipment to be managed and is connected, protocol gateway only need to content more than transport layer into
Row unpacks and forwarding.I.e. protocol gateway part is not involved in the conversion of service message, simply simply forwards, thus can accomplish and
Business is unrelated, possesses more preferable versatility.Meanwhile because without switch contexts state, can be simply by trunking mode
Realize horizontal extension, advantageously account for High Availabitity and high-performance question.The protocol gateway is realized in transport layer rather than application layer
Message transparent forwarding, if realized in application layer by web services mode, since http and ssh agreements are incompatible, deals with
It can bother very much.
The setting of protocol gateway, is still by telnet connection modes for the program of original NM client
Access, simply target becomes protocol gateway, can accomplish routine interface originally compatible to greatest extent.Pass through this side
Formula, the language for only supporting telnet linkage functions originally, also possesses the tenability of ssh connections.
When it is implemented, in order to realize that the control that protocol gateway establishes connection is automation, in the present embodiment, passing
Defeated layer, establishes the connection between the protocol gateway and the NM client, based on Secure Shell based on telecommunication network agreement
Program establishes the connection between the protocol gateway and the equipment to be managed, including:Received in the protocol gateway described
When what NM client was sent is used for the first control signaling based on the foundation connection of telecommunication network agreement, according to the described first control
Signaling establishes the connection between the protocol gateway and the NM client based on telecommunication network agreement;In the protocol gateway
When receiving the second control signaling being used for based on secure shell program foundation connection that the NM client is sent, according to institute
State the second control signaling and connection between the protocol gateway and equipment to be managed is established based on secure shell program, wherein, institute
The information that the second control signaling includes establishing the equipment to be managed of connection is stated, for example, it may be the address letter of equipment to be managed
Breath, log-on message etc..Control need not be initiated come control protocol gateway, NM client by artificial configuration or instruction
Signaling can the foundation connection of control protocol gateway.
When it is implemented, in order to further improve the function of the transparent and full-automatic forwarding data of protocol gateway, in this implementation
In example, establish connection in the protocol gateway and the NM client and the protocol gateway is established with the equipment to be managed
Before connection is completed, the protocol gateway is establishes connection status, using the message received as the control for establishing connection
Signaling;Connection is established in the protocol gateway and the NM client and the protocol gateway is established with the equipment to be managed
After connection is completed, the protocol gateway is communications status, is treated using the message received as the NM client with described
The data of interaction between management equipment, and data are directly forwarded to.
Specifically, timesharing transmits control signaling with road in same connection.That is, it is necessary to NM client notice association
View gateway needs to establish the information of the equipment (equipment i.e. to be managed) of ssh connections, and protocol gateway is controlled by connection status,
Establish with NM client that telnet is connected and protocol gateway establishes ssh with equipment to be managed and is connected completion in protocol gateway
Before, the message of transmission can as the control signaling for establishing connection, once and telnet connections connect with ssh and establish completion, it is double
Create and complete to pipeline, protocol gateway is switched to communications status, and the message of transmission is considered as entirely data, at this time agreement net
Close and business is unrelated, there is no message landing and conversion, without the state of preservation, is only responsible for transparent data forwarding, can hold very much
Change places and realize horizontal extension, ensure high-performance and High Availabitity.
Specifically, below in conjunction with Fig. 2,3 describe above-mentioned protocol gateway and NM client establish telnet be connected and with
Equipment to be managed establishes the process of ssh connections, which comprises the following steps:
S01:Client (i.e. above-mentioned NM client) is initiated to be based on telecommunication network agreement foundation company to protocol gateway first
Telnet connections are established in the request connect, i.e. request, enter control signaling interactive mode after being verified, and client is to protocol gateway
The first control signaling for being used for that connection to be established based on telecommunication network agreement is sent, protocol gateway is based on electricity according to the first control signaling
Communication network agreement establishes the telnet connections between protocol gateway and client.
S02:Client sends long-range instruction (the i.e. above-mentioned use that connection is established based on secure shell program to protocol gateway
In the second control signaling for establishing ssh connections), address information, log-on message including equipment to be managed etc..
S03:After protocol gateway receives instruction, based on secure shell program create protocol gateway to target device/host (i.e.
Equipment to be managed) ssh connections, start interactive mode shell.
S04:If successful connection, creates both-way communication pipeline, telnet connections and the equipment side of client-side are connected
Ssh connections, into communications status.
S05:Since telent and ssh in the agreement of application layer is compatible, it is possible to accomplish slitless connection.Client
Can directly and target device carry out instruction interaction, protocol gateway centre simply play the role of forwarding.
S06:Either party terminates session for client or target device, simultaneously closes off telnet connections, ssh connections and even
Adapter road, terminates this communication.
When it is implemented, in order to further meet requirement that high-performance is connected with magnanimity, in the present embodiment, to webmaster visitor
Family end (existing system) is transformed using association's journey technology, for example, in NM client, passes through the Non-Blocking I/O based on event
Storehouse handles the request that connection is established based on telecommunication network agreement to realize in a manner of assisting journey.
Specifically, be that programmed logic is fairly simple using a benefit of association's journey technology, and traditional client/service
Device programming mode is almost identical.And concurrency performance is then more much higher than process or thread mode.In existing system, for reality
The function of existing logging device or host, usually all includes telnet modules, and has done certain encapsulation and (for example stepped on
Record, exit, performing order etc.).It is basically the simple of tcp agreements as shown in figure 4, since telnet protocol comparisons are simple
Semantic extension, the realization of telnet agreements is simpler than ssh more, and telnet client can be transform as to the version for supporting association's journey
This, such single client end can realize the parallel login of up to ten thousand equipment, than traditional mode improved efficiency 10 times with
On.Concrete operations can be that telnet modules are transform as to the module of non-obstruction.
Telnet modules originally are that the socket network I/Os storehouse based on bottom is realized, and traditional socket storehouses are all resistances
(thread can only monitor a socket handle) of plug pattern.The thinking of the application transformation is by introducing based on event
Non-Blocking I/O storehouse (is based on libev/libevent), replaces the IO storehouses of original blocking model so that a thread can be same
When handle multiple socket handles.Modification (the common webmaster product of increasing income of this part, mainly the basic network module of bottom
Many being also based on perl or python exploitations, perl can be based on coro and transform, python can be based on gevent or
Person asyncio is transformed), the change on upper strata is little, and basic is exactly the grammer for being replaced with the grammer of association's journey original multithreading, often
A association's journey is responsible for handling a socket.It is packaged to log in connection using the improved telnet clients for supporting to assist journey, can
Directly to replace the client part of original block type, code change amount very little.In system originally, it is necessary to by multi-thread
Journey/multi-process logs in handle the telnet of multiple devices connections, and individual process/thread can handle number at the same time after transforming
The login of hundred equipment.
It is described computer-readable to deposit when it is implemented, provide a kind of computer-readable recording medium in the present embodiment
Storage media is stored with the computer program for performing any of the above-described kind of equipment login management method.
Based on same inventive concept, a kind of protocol gateway is additionally provided in the embodiment of the present invention, such as the following examples institute
State.Since the principle that protocol gateway solves the problems, such as is similar to equipment login management method, the implementation of protocol gateway can be joined
See the implementation of equipment login management method, overlaps will not be repeated.Used below, term " unit " or " module " can
To realize the combination of the software of predetermined function and/or hardware.Although the described device of following embodiments is preferably come with software
Realize, but hardware, or the realization of the combination of software and hardware is also what may and be contemplated.
Fig. 5 is a kind of structure diagram of the protocol gateway of the embodiment of the present invention, as shown in figure 5, the protocol gateway includes:
Connection establishment module 501, in transport layer, the protocol gateway and the net to be established based on telecommunication network agreement
Connection between pipe client, the company between the protocol gateway and the equipment to be managed is established based on secure shell program
Connect;
Data forwarding module 502, for establishing connection and the agreement in the protocol gateway and the NM client
After gateway establishes connection with the equipment to be managed, a side in the NM client and the equipment to be managed is sent
Data are directly forwarded to the opposing party.
In one embodiment, connection establishment module 501, including:Telnet connection establishment units, for receiving
When being used to establish the first control signaling of connection based on telecommunication network agreement of NM client transmission is stated, according to the described first control
Signaling processed establishes the connection between the protocol gateway and the NM client based on telecommunication network agreement;Ssh connections are established
Unit, for believing in the second control for being used to establish connection based on secure shell program for receiving the NM client transmission
When making, the company between the protocol gateway and equipment to be managed is established based on secure shell program according to second control signaling
Connect, wherein, second control signaling includes the information that establish the equipment to be managed of connection.
In one embodiment, protocol gateway further includes:State recognition module, in the protocol gateway and the net
Pipe client establishes connection and the protocol gateway is connected with the equipment foundation to be managed before completing, and determines the agreement net
Close to establish connection status, using the message received as the control signaling for establishing connection;In the protocol gateway and institute
State NM client foundation connection and the protocol gateway is established with the equipment to be managed after connecting completion, determine the association
View gateway is communications status, using the message received as the number interacted between the NM client and the equipment to be managed
According to indicating that the data forwarding module is directly forwarded to data.
In the present embodiment, a kind of NM client is additionally provided, as shown in fig. 6, the NM client includes:
Link block 601 is established in request, for establishing agreement based on telecommunication network agreement in transport layer, request protocol gateway
Connection between gateway and the NM client, asks the protocol gateway to establish the agreement net based on secure shell program
Close the connection between equipment to be managed;
Communication module 602, for establishing connection and the protocol gateway in the protocol gateway and the NM client
After establishing connection completion with the equipment to be managed, the equipment to be managed is forwarded the data to by the protocol gateway,
Receive the data that the equipment to be managed of the protocol gateway forwarding is sent.
In one embodiment, link block 601 is established in request, including:Request establish telnet connection units, for
The protocol gateway sends the first control signaling for being used for that connection to be established based on telecommunication network agreement, indicates the protocol gateway root
The connection between the protocol gateway and the NM client is established based on telecommunication network agreement according to first control signaling;
Ssh connection units are established in request, are used to establish the second of connection based on secure shell program for sending to the protocol gateway
Control signaling, indicates that the protocol gateway establishes the protocol gateway according to second control signaling based on secure shell program
With the connection between the equipment to be managed;Wherein, second control signaling includes the equipment to be managed that establish connection
Information.
In one embodiment, NM client further includes:Telnet connection processing modules, for by based on event
Non-Blocking I/O storehouse handles the request that connection is established based on telecommunication network agreement to realize in a manner of assisting journey.
The embodiment of the present invention realizes following technique effect:By setting association between NM client and equipment to be managed
Gateway is discussed, and in transport layer, the connection between protocol gateway and NM client is established based on telecommunication network agreement, that is, is established
Telnet connections, the connection between protocol gateway and equipment to be managed is established based on secure shell program, that is, establishes ssh connections,
And then the data that a side sends in NM client and equipment to be managed are directly forwarded to by the opposing party by protocol gateway so that
NM client need not support ssh to connect, and originally only support the NM client program of telnet connections hardly to use modification just
Equipment to be managed can be logged in ssh connection modes by protocol gateway, avoid tradition from only supporting the webmaster visitor of telnet connections
Ssh is supported to connect by substantial amounts of modification of program in family end;Simultaneously as NM client need not support that ssh connections can
Equipment to be managed is logged in ssh connection modes by protocol gateway so that NM client can compatible different development language, keep away
Exempt from NM client concurrently substantial amounts of ssh processes, be conducive to support the access of bulk device, be conducive to improve performance.
Obviously, those skilled in the art should be understood that each module of the above-mentioned embodiment of the present invention or each step can be with
Realized with general computing device, they can be concentrated on single computing device, or are distributed in multiple computing devices
On the network formed, alternatively, they can be realized with the program code that computing device can perform, it is thus possible to by it
Store and performed in the storage device by computing device, and in some cases, can be to be held different from order herein
They, are either fabricated to each integrated circuit modules or will be multiple in them by the shown or described step of row respectively
Module or step are fabricated to single integrated circuit module to realize.In this way, the embodiment of the present invention be not restricted to it is any specific hard
Part and software combine.
The foregoing is only a preferred embodiment of the present invention, is not intended to limit the invention, for the skill of this area
For art personnel, the embodiment of the present invention can have various modifications and variations.Within the spirit and principles of the invention, made
Any modification, equivalent substitution, improvement and etc., should all be included in the protection scope of the present invention.
Claims (10)
- A kind of 1. equipment login management method, it is characterised in that including:Protocol gateway is set between NM client and equipment to be managed, in transport layer, institute is established based on telecommunication network agreement The connection between protocol gateway and the NM client is stated, the protocol gateway is established based on secure shell program and is treated with described Connection between management equipment;Connection is established in the protocol gateway and the NM client and the protocol gateway is established with the equipment to be managed It is by the protocol gateway that the NM client and the data of side transmission in the equipment to be managed is direct after connection It is transmitted to the opposing party.
- 2. equipment login management method as claimed in claim 1, it is characterised in that in transport layer, based on telecommunication network agreement Establish the connection between the protocol gateway and the NM client, based on secure shell program establish the protocol gateway with Connection between the equipment to be managed, including:The of connection is established based on telecommunication network agreement in the protocol gateway being used for of receiving that the NM client sends During one control signaling, the protocol gateway and webmaster visitor are established based on telecommunication network agreement according to first control signaling Connection between the end of family;The of connection is established based on secure shell program in the protocol gateway being used for of receiving that the NM client sends During two control signalings, the protocol gateway and equipment to be managed are established based on secure shell program according to second control signaling Between connection, wherein, second control signaling include to establish connection equipment to be managed information.
- 3. equipment login management method as claimed in claim 1, it is characterised in thatConnection is established in the protocol gateway and the NM client and the protocol gateway is established with the equipment to be managed Before connection is completed, the protocol gateway is establishes connection status, using the message received as the control for establishing connection Signaling;Connection is established in the protocol gateway and the NM client and the protocol gateway is established with the equipment to be managed After connection is completed, the protocol gateway is communications status, is treated using the message received as the NM client with described The data of interaction between management equipment, and data are directly forwarded to.
- 4. equipment login management method as claimed any one in claims 1 to 3, it is characterised in that further include:In the NM client, handled the Non-Blocking I/O storehouse based on event to realize based on telecommunications in a manner of assisting journey Procotol establishes the request of connection.
- 5. a kind of computer-readable recording medium, it is characterised in that the computer-readable recording medium storage has perform claim It is required that the computer program of the equipment login management method any one of 1 to 4.
- 6. a kind of protocol gateway, it is characterised in that the protocol gateway is arranged between NM client and equipment to be managed, bag Include:Connection establishment module, in transport layer, the protocol gateway and the webmaster client to be established based on telecommunication network agreement Connection between end, the connection between the protocol gateway and the equipment to be managed is established based on secure shell program;Data forwarding module, for establishing connection and the protocol gateway and institute in the protocol gateway and the NM client Equipment to be managed is stated to establish after connection, the NM client and the data of side transmission in the equipment to be managed is direct It is transmitted to the opposing party.
- 7. protocol gateway as claimed in claim 6, it is characterised in that connection establishment module, including:Telnet connection establishment units, for being used to build based on telecommunication network agreement receive that the NM client sends During the first control signaling of vertical connection, according to first control signaling be based on telecommunication network agreement establish the protocol gateway and Connection between the NM client;Ssh connection establishment units, for being established in the secure shell program that is used to be based on for receiving the NM client transmission During the second control signaling of connection, the protocol gateway is established with treating based on secure shell program according to second control signaling Connection between management equipment, wherein, second control signaling includes the information that establish the equipment to be managed of connection.
- 8. protocol gateway as claimed in claims 6 or 7, it is characterised in that further include:State recognition module, for establishing connection and the protocol gateway and institute in the protocol gateway and the NM client State equipment to be managed to establish before connection completion, determine the protocol gateway to establish connection status, the message received is made For the control signaling for establishing connection;Connection and the protocol gateway are established in the protocol gateway and the NM client After establishing connection completion with the equipment to be managed, it is communications status to determine the protocol gateway, and the message received is made The data interacted between the NM client and the equipment to be managed, indicate that the data forwarding module is direct to data It is forwarded to.
- A kind of 9. NM client, it is characterised in that includingLink block is established in request, for establishing the agreement net based on telecommunication network agreement in transport layer, request protocol gateway The connection between the NM client is closed, asks the protocol gateway to establish the protocol gateway based on secure shell program With the connection between equipment to be managed;Communication module, for being treated in the protocol gateway and NM client foundation connection and the protocol gateway with described Management equipment is established after connection, is forwarded the data to the equipment to be managed by the protocol gateway, is received the agreement The data that the equipment to be managed of gateway forwards is sent.
- 10. NM client as claimed in claim 9, it is characterised in that link block is established in the request, including:Telnet connection units are established in request, are used to establish connection based on telecommunication network agreement for sending to the protocol gateway The first control signaling, indicate that the protocol gateway establishes the association according to first control signaling based on telecommunication network agreement Discuss the connection between gateway and the NM client;Ssh connection units are established in request, are used to establish connection based on secure shell program for sending to the protocol gateway Second control signaling, indicates that the protocol gateway establishes the agreement according to second control signaling based on secure shell program Connection between gateway and the equipment to be managed;Wherein, second control signaling is set including to establish the to be managed of connection Standby information.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201711267779.3A CN108023886A (en) | 2017-12-05 | 2017-12-05 | Equipment login management method, storage medium, protocol gateway and NM client |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201711267779.3A CN108023886A (en) | 2017-12-05 | 2017-12-05 | Equipment login management method, storage medium, protocol gateway and NM client |
Publications (1)
Publication Number | Publication Date |
---|---|
CN108023886A true CN108023886A (en) | 2018-05-11 |
Family
ID=62078563
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201711267779.3A Pending CN108023886A (en) | 2017-12-05 | 2017-12-05 | Equipment login management method, storage medium, protocol gateway and NM client |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN108023886A (en) |
Cited By (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN110191142A (en) * | 2018-09-03 | 2019-08-30 | 西安奥卡云数据科技有限公司 | It is a kind of can con current control computer system |
CN111918306A (en) * | 2020-07-28 | 2020-11-10 | 烽火通信科技股份有限公司 | Method and system for realizing network element communication under IP unreachable scene |
CN113794584A (en) * | 2021-08-15 | 2021-12-14 | 新华三信息安全技术有限公司 | Network management method and equipment |
Citations (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20100011206A1 (en) * | 2008-07-14 | 2010-01-14 | Ricoh Company, Ltd. | Embedded apparatus, remote-processing method, and computer program product |
CN101631107A (en) * | 2008-07-16 | 2010-01-20 | 福建升腾资讯有限公司 | Method for configuring Linux kernel based on Web method |
CN101873264A (en) * | 2010-06-09 | 2010-10-27 | 清华大学 | Method and device BGN for simulating functions of autonomous domain border router |
CN103166777A (en) * | 2011-12-13 | 2013-06-19 | 成都勤智数码科技有限公司 | Operation method and device for equipment remote operation and maintenance |
CN105407095A (en) * | 2015-11-26 | 2016-03-16 | 深圳市风云实业有限公司 | Device and method for secure communication among different networks |
CN106357590A (en) * | 2015-07-15 | 2017-01-25 | 艾默生网络能源系统北美公司 | Network protocol conversion system, network protocol converter and network protocol conversion method |
-
2017
- 2017-12-05 CN CN201711267779.3A patent/CN108023886A/en active Pending
Patent Citations (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20100011206A1 (en) * | 2008-07-14 | 2010-01-14 | Ricoh Company, Ltd. | Embedded apparatus, remote-processing method, and computer program product |
CN101631107A (en) * | 2008-07-16 | 2010-01-20 | 福建升腾资讯有限公司 | Method for configuring Linux kernel based on Web method |
CN101873264A (en) * | 2010-06-09 | 2010-10-27 | 清华大学 | Method and device BGN for simulating functions of autonomous domain border router |
CN103166777A (en) * | 2011-12-13 | 2013-06-19 | 成都勤智数码科技有限公司 | Operation method and device for equipment remote operation and maintenance |
CN106357590A (en) * | 2015-07-15 | 2017-01-25 | 艾默生网络能源系统北美公司 | Network protocol conversion system, network protocol converter and network protocol conversion method |
CN105407095A (en) * | 2015-11-26 | 2016-03-16 | 深圳市风云实业有限公司 | Device and method for secure communication among different networks |
Cited By (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN110191142A (en) * | 2018-09-03 | 2019-08-30 | 西安奥卡云数据科技有限公司 | It is a kind of can con current control computer system |
CN111918306A (en) * | 2020-07-28 | 2020-11-10 | 烽火通信科技股份有限公司 | Method and system for realizing network element communication under IP unreachable scene |
CN111918306B (en) * | 2020-07-28 | 2022-03-11 | 烽火通信科技股份有限公司 | Method and system for realizing network element communication under IP unreachable scene |
CN113794584A (en) * | 2021-08-15 | 2021-12-14 | 新华三信息安全技术有限公司 | Network management method and equipment |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN108023886A (en) | Equipment login management method, storage medium, protocol gateway and NM client | |
CN109981789A (en) | A kind of micro services engine based on proxy mode | |
CN111130892A (en) | Enterprise-level microservice management system and method | |
CN110191007A (en) | Node administration method, system and computer readable storage medium | |
CN107193669A (en) | The system and design method of maintenance interface based on mixed cloud or large-scale cluster | |
CN110351246A (en) | Server cluster system Socket management method and device | |
CN104144080B (en) | The system and method being managed using remote equipment to terminal device | |
CN106161399A (en) | A kind of security service delivery method and system | |
CN109118184A (en) | A kind of payment system and its method of payment | |
CN109995873A (en) | A kind of management client, equipment monitoring system and method | |
CN106533766A (en) | Operation and maintenance management method and system for cloud data center | |
CN107729176A (en) | The disaster recovery method and disaster tolerance system of a kind of profile management systems | |
CN104539632A (en) | Programmable network equipment managing and controlling method based on virtual address spaces | |
CN110493239A (en) | The method and apparatus of authentication | |
CN108924175A (en) | A kind of communication means and device of block interchain | |
CN101656631A (en) | Method and device for supporting multiple gateways in unified management platform | |
CN107295008A (en) | A kind of connection method for building up under enterprise's mixing cloud computing environment | |
CN109408310A (en) | Adjustment method, server and the readable storage medium storing program for executing of server | |
CN116489214A (en) | Unified service scheduling method, device, medium and equipment based on micro service gateway | |
CN105577686B (en) | LAN single-point logging method based on network controller | |
CN102983988B (en) | A kind of proxy for equipment device and network administration apparatus | |
CN110012008A (en) | Heterogeneous data source distributed coordination coherence method and system based on http protocol | |
CN110324365A (en) | Without key front end cluster system, application method, storage medium, electronic device | |
CN109286688A (en) | A kind of data download method and device | |
WO2023241132A1 (en) | Hierarchically decoupled, integrated and open communication open system |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
RJ01 | Rejection of invention patent application after publication | ||
RJ01 | Rejection of invention patent application after publication |
Application publication date: 20180511 |