Detailed Description
In order to make the objects, technical solutions and advantages of the embodiments of the present invention clearer, the technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the drawings in the embodiments of the present invention, and it is obvious that the described embodiments are some, but not all, embodiments of the present invention. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention.
The proxy forwarding method and device provided by the invention are suitable for the application scenario shown in fig. 1, and include at least three proxy servers 20, where the at least three proxy servers 20 are in communication connection with each other, and any one proxy server 20 in the at least three proxy servers 20 is in communication connection with the controller 10. Of the at least three proxy servers 20, those communicatively coupled to the client are referred to as ingress proxy servers, and those communicatively coupled to the origin server are referred to as egress proxy servers. The other proxy servers 20 act as intermediate proxy servers and are responsible for forwarding data packets between the ingress proxy server and the egress proxy server. Wherein each proxy server 20 may act as any one of an ingress proxy server, an intermediate proxy server, and an egress proxy server for different data transfer tasks.
The proxy server 20 acts as an intermediate proxy server and an egress proxy server, unlike the method performed as an ingress proxy server, but the methods performed by the intermediate proxy server and the egress proxy server are substantially the same, and thus the intermediate proxy server and the egress proxy server may be referred to as a general proxy server.
The controller 10 is configured to manage transmission paths of data packets between the proxy servers 20, and the controller 10 may obtain a communication path in advance and transmit the communication path to a corresponding ingress proxy server. And the entrance proxy server sends the data message to the source station server through the intermediate proxy server and the exit proxy server according to the communication path. Specifically, the ingress proxy adds the communication path information to the packet header of the data packet, and then sends the data packet to the next-hop proxy. And the next hop proxy server analyzes the data message to obtain the communication path, sends the data message to the next hop proxy server, and the like, and finally sends the data message to the source station server.
The proxy servers can perform data transmission based on the UDP, that is, the data message is a UDP-based message.
The proxy forwarding method provided in the embodiment of the present invention may be executed by any proxy server 20 shown in fig. 1, as shown in fig. 2, which is a flowchart of an embodiment of the proxy forwarding method, and when the proxy server is used as an entry proxy server, the proxy forwarding method includes:
101: and receiving a request message sent by a client.
102: and acquiring communication path information of the request message, and adding the residual path information of the request message from the next hop into the message header of the request message.
The controller 10 obtains a preferred path to the source station server through the portal proxy server in advance through, for example, a routing algorithm, and then transmits communication path information of the preferred path to the corresponding portal proxy server. From the communication path information, address information and port information of, for example, the next-hop proxy server, and address information and port information of the remaining-hop proxy servers, and the like can be obtained. Specifically, the entry proxy server obtains address information and port information of the next-hop proxy server and address information and port information of the remaining-hop proxy servers, and sequentially adds the address information and port information of the remaining-hop proxy servers, and address information and port information of the source station server to the message header of the request message.
Among them, address information such as an IP (Internet Protocol) address, and port information such as a port number.
103: and sending the request message to a proxy server of the next hop.
The embodiment of the invention adds the optimized communication path information into the message head of the data message, so that each proxy server forwards the data according to the optimized communication path. The interaction between the client and the source station server is carried out through the multi-level proxy server, the optimal path can be selected for transmitting the data packet, and the data transmission efficiency is high.
Optionally, referring to fig. 3, in another embodiment of the proxy forwarding method, the method includes, in addition to 201, 202, and 207 (please refer to 101, 102, and 103 for details of 201, 202, and 207, respectively):
203: establishing a session table, and generating a query key value of the session table, wherein the query key value is used for querying the content in the session table.
204: and generating a user identifier, and adding the user identifier into the session table, wherein the user identifier is used for marking the client.
Specifically, the user identifier and the query key value may be obtained by calling a hash function to the client IP address and the port number, and the monitoring IP address and the port number of the portal proxy server, and the client IP address and the port number may be obtained by a system interface recvmsg function.
205: and adding the request message into the session table through the communication path information of the entrance proxy server.
Referring to fig. 4 (in the figure, an intermediate proxy server is omitted between two proxy servers), sk in fig. 4 represents a front-end socket responsible for communication with a client, sk1, sk2, and sk3 represent back-end sockets responsible for communication with a next-hop proxy server, sk 'represents a front-end socket responsible for communication with a previous-hop proxy server, and sk 1', sk2 ', and sk 3' represent back-end sockets responsible for communication with a next-hop proxy server or a source station server.
Specifically, the adding the request packet to the session table through the communication path information of the ingress proxy server includes:
and establishing a front-end socket and a back-end socket of the entrance proxy server, and binding an IP address and a port number for the back-end socket. And adding the IP address and the port number of the client, the monitoring IP address, the port number, the front-end socket, the back-end socket and the corresponding IP address and port number of the entrance proxy server, the IP address and the port number of the next hop proxy server and the IP addresses and the port numbers of the rest hop proxy servers into the session table.
The specific structure of the session table may adopt a data structure as shown in fig. 5, where prevhop represents a previous hop, udp proxy represents a current proxy server, proxy-fe represents a front end of the current proxy server, proxy-be represents a back end of the current proxy server, nexthop represents a next hop, and sessjd represents a user identifier. c _ IP1 and c _ port1 respectively represent the IP address and port number of the last-hop proxy server, which in this embodiment is the IP address and port number of the client. ls _ IP, ls _ port, and sk represent the IP address, port number, and front-end socket of the current proxy server, which are the IP address, port number, and front-end socket of the ingress proxy server in this embodiment. sk1, s _ IP and s _ port represent a backend socket of the current proxy server and an IP address and a port number corresponding to the backend socket, d _ IP and d _ port represent an IP address and a port number of the next-hop proxy server, and the ellipses omit IP addresses and port numbers of other proxy servers of the remaining hops.
Optionally, an expire time may be set for the session table, and may be assigned through the configuration file, and when the set time is reached, the session may be closed.
206: and adding the user identification into the message header of the request message.
Before adding the communication path information and the user identifier into the message header of the request message, the communication path information and the user identifier may be encapsulated based on a Global Routing Protocol (GRP), and the GRP encapsulates the communication path information based on a binary stream, so that the length of a UDP data segment can be effectively shortened, and the utilization rate of a network bandwidth can be improved.
Fig. 6A shows a GRP format, which includes a header + Data, a header part including a strictly defined 8-byte Version number (Version), a 2-byte information type (MsgType), a 2-byte Data Stream length (Datalen), and two 4-byte reserved segments (reserve1 and reserve2), and a Data part including a byte-variable Data Stream (Data Stream). Wherein, the user identification can be placed in the reserved section (reserve1 section or reserve2 section) of the GRP format header, and the path information can be placed in the data portion.
Referring to fig. 6B, the data portion includes a plurality of address units, and each address unit may be used to store address information of a proxy server. Referring to fig. 6C, the specific format of each address unit includes 4-bit roles, 4-bit protocol family, 1-byte weight, 2-byte port number, and 4-16-byte IP address. Wherein, the port number of 2 bytes and the IP address of 4-16 bytes are respectively used for placing the port number and the IP address of the proxy server.
The user identifier is added to the message header of the request message, so that when the next hop proxy server receives the request message, the next hop proxy server can obtain the user identifier by analyzing the request message, and establish a query key value of a session table according to the user identifier. Because the user identification is obtained according to the address information, the port information and the like of the client, the communication path of the client can be uniquely determined according to the query key value established by the user identification.
It should be noted that, the sequence numbers in the embodiments of the present invention are only for easy understanding, and do not limit the sequence of the steps.
The embodiment of the invention can record the transmission path of the message by establishing the session table, and can directly forward the data through the path recorded in the session table when receiving the message of the established session next time.
Optionally, in another embodiment of the proxy forwarding method, the method further includes:
and if the message of the client side which establishes the session is received, acquiring the address information and the port information of the client side which establishes the session.
And establishing a query key value according to the address information and the port information of the client side with the established session and the monitoring address information and the port information of the entrance proxy server, and performing session query.
And adding the user identification into the header of the message, and sending the message to a next hop proxy server according to the path inquired by the session.
When the entrance proxy server receives the message sent by the client terminal which has established the session, the IP address and the port number of the client terminal and the monitoring IP address and the port number of the entrance proxy server are obtained through the recvmsg function, and an inquiry key value is established for carrying out session inquiry. And finding a back-end socket which is communicated with the next hop proxy server in the entrance proxy server, adding the user identification into the message, and then forwarding the message to the next hop proxy server through the back-end socket. Because the query key value during the establishment of the session table is determined according to the address information and the port information of the client and the monitoring address information and the port information of the entry proxy server, the session path established by the client can be uniquely determined according to the query key value.
The user identifier is added to the header of the message, so that the next hop proxy server can obtain the user identifier by analyzing the message, and establish a query key value according to the user identifier to perform session query to obtain the established communication path.
Optionally, in another embodiment of the proxy forwarding method, the method further includes:
and if the message is failed to be sent to the next-hop proxy server, sending the message to the next-hop proxy server.
When the entry proxy server fails to send the message to the next hop proxy server, the message is sent to the next hop proxy server of the next hop, and the received proxy server analyzes the message to obtain the user identifier, establishes a query key value according to the user identifier, performs session query, and queries the communication path established by the client, so as to keep the session consistent. The IP address and the port number of the next-hop proxy server are bound with the IP address and the port of the current proxy server, and when the port of the next-hop proxy server is closed to cause message sending failure, the next-hop proxy server sends a message to the current proxy server to inform that a far end is not reachable, and the current proxy server can know whether the message is sent failure or not.
Correspondingly, an embodiment of the present invention further provides a proxy forwarding method, which can be executed by any proxy server 20 shown in fig. 1, as shown in fig. 7, which is a flowchart of an embodiment of the proxy forwarding method, where when the proxy server is used as a general proxy server, the method includes:
301: and receiving the request message sent by other proxy servers.
302: and analyzing the request message to obtain the residual path information of the request message from the next hop.
The remaining path information from the next hop, such as address information and port information of the proxy server of the next hop, and address information and port information of the proxy servers of the remaining hops.
303: and if the next hop is not the source station server, sending the request message to the proxy server of the next hop, otherwise, analyzing the request message to obtain source data, and sending the source data to the source station server.
And when the next hop of the proxy server is the source station server, directly extracting the source data from the message and sending the source data to the source station server, otherwise, sending the message to the proxy server of the next hop.
The embodiment of the invention obtains the optimal communication path by analyzing the message and forwards the data according to the optimal communication path. The interaction between the client and the source station server is carried out through the multi-level proxy server, the optimal path can be selected for transmitting the data packet, and the data transmission efficiency is high.
Optionally, referring to fig. 8, in another embodiment of the proxy forwarding method, the method includes, in addition to 401, 402, and 407 (details of 401, 402, and 407 refer to 301, 302, and 303, respectively):
403: analyzing the request message to obtain a user identifier;
404: establishing a session table of a current proxy server, and generating a query key value of the session table of the current proxy server according to the user identification;
405: adding the user identification into the session table;
406: and adding the request message into the session table through the communication path information of the current proxy server.
Specifically, the adding the request packet to the session table through the communication path information of the current proxy server includes:
and establishing a front-end socket and a back-end socket of the current proxy server, and binding an IP address and a port number for the back-end socket. And adding the IP address and the port number of the proxy server of the previous hop, the monitoring address information, the port information, the front-end socket, the back-end socket and the corresponding IP address and port number thereof of the current proxy server, the IP address and the port number of the proxy server of the next hop, and the IP addresses and the port numbers of the proxy servers of the remaining hops into the session table. The specific structure of the session table may adopt a data structure as shown in fig. 5.
It should be noted that, the sequence numbers in the embodiments of the present invention are only for easy understanding, and do not limit the sequence of the steps.
In an embodiment of the present invention, please refer to fig. 9 for a flow of interaction between an ingress proxy server and a generic proxy server. The entrance proxy server receives the request message sent by the client, establishes the query key value and the user identification of the session table according to the IP address and the port number of the client, the monitoring IP address and the port number of the entrance proxy server, adds the user identification and the communication path information into the session table, adds the communication path information and the user identification into the request message and sends the request message to the next hop proxy server. The universal proxy server receives a request message sent by the entrance proxy server or other universal proxy servers, analyzes the request message to obtain communication path information and a user identifier, establishes a query key value of a self session table according to the user identifier, and adds the user identifier and the communication path information into the self session table. And then sends the request message to the next hop. As described above, a session connection for the client is established between the proxy servers.
Optionally, in another embodiment of the proxy forwarding method, the method further includes:
if a message sent by a proxy server which establishes a session is received, analyzing the message to obtain the user identifier;
and establishing a query key value according to the user identification, carrying out session query, and sending the message to a next hop proxy server according to a path queried by the session.
When the universal proxy server receives messages sent by other proxy servers which have already established the session, the user identification is obtained by analyzing the messages, and a query key value is established according to the user identification to perform session query. And finding a back-end socket which is communicated with the next-hop proxy server in the current proxy server, and forwarding the message to the next-hop proxy server through the back-end socket.
In an embodiment of the present invention, if the client has already established a session between the proxy servers, the flow of the message interaction between the ingress proxy server and the generic proxy server is shown in fig. 10. The entrance proxy server receives the message sent by the client end which has established the conversation, acquires the address information, the port information and the like of the client end which has established the conversation to establish the query key value, carries out the conversation query, adds the user identification to the head of the message, and sends the message to the proxy server of the next hop according to the queried path. The universal proxy server receives the message sent by the entrance proxy server or other universal proxy servers, analyzes the message to obtain the user identification, establishes a query key value according to the user identification, carries out session query, and sends the message to the next hop proxy server according to the path queried by the session.
Optionally, in another embodiment of the proxy forwarding method, the method further includes:
and if the message is failed to be sent to the next-hop proxy server, sending the message to the next-hop proxy server.
When the universal proxy server fails to send the message to the next hop proxy server, the next hop of the next hop is selected for message sending, the received universal proxy server analyzes the message to obtain the user identification, establishes a query key value according to the user identification, carries out session query, and queries the communication path established by the client, so that the session consistency is kept, and meanwhile, the fault tolerance of the link is ensured.
Correspondingly, an embodiment of the present invention further provides a proxy forwarding apparatus, where the forwarding apparatus is disposed in any one of the proxy servers 20 shown in fig. 1, and the proxy server is used as an ingress proxy server, as shown in fig. 11, the apparatus 500 includes:
a receiving module 501, configured to receive a request packet sent by a client;
a path obtaining and message modifying module 502, configured to obtain communication path information of the request message, and add remaining path information of the request message, starting from a next hop, to a message header of the request message;
a sending module 503, configured to send the request packet to a next-hop proxy server.
The embodiment of the invention adds the optimized communication path information into the message head of the data message, so that each proxy server forwards the data according to the optimized communication path. The interaction between the client and the source station server is carried out through the multi-level proxy server, the optimal path can be selected for transmitting the data packet, and the data transmission efficiency is high.
Optionally, in another embodiment of the apparatus, referring to fig. 12, the apparatus 500 further includes:
a session table setup module 504 configured to:
establishing a session table, and generating a query key value of the session table, wherein the query key value is used for querying the content in the session table;
generating a user identifier, and adding the user identifier into the session table, wherein the user identifier is used for marking the client;
and adding the request message into the session table through the communication path information of the entrance proxy server.
And an identifier adding module 505, configured to add the user identifier to a message header of the request message.
Optionally, in another embodiment of the apparatus, referring to fig. 12, the apparatus 500 further includes:
a second sending module 506, configured to send the message to the next-hop proxy server if sending the message to the next-hop proxy server fails.
Optionally, in other embodiments of the apparatus, the path obtaining and message modifying module 502 is specifically configured to:
acquiring address information and port information of a next hop of proxy server and address information and port information of the rest hops of proxy servers;
and sequentially adding the address information and the port information of the proxy servers of the remaining hops, and the address information and the port information of the source station server into the message header of the request message.
Optionally, in other embodiments of the apparatus, the user identifier and the query key value are both obtained according to client address information and port information, and monitoring address information and port information of the entry proxy server.
Optionally, in another embodiment of the apparatus, referring to fig. 12, the apparatus 500 further includes:
a session query and message forwarding module 507, configured to:
if receiving the message of the client end which has established the session, acquiring the address information and the port information of the client end which has established the session;
establishing a query key value according to the address information and the port information of the client end with the established session and the monitoring address information and the port information of the entrance proxy server, and performing session query;
and adding the user identification into the header of the message, and sending the message to a next hop proxy server according to the path inquired by the session.
It should be noted that the proxy forwarding apparatus can execute the proxy forwarding method provided by the embodiment of the present invention, and has functional modules and beneficial effects corresponding to the execution method. For technical details that are not described in detail in the embodiment of the proxy forwarding apparatus, reference may be made to the proxy forwarding method provided in the embodiment of the present invention.
Correspondingly, an embodiment of the present invention further provides a proxy forwarding apparatus, where the forwarding apparatus is disposed in any one of the proxy servers 20 shown in fig. 1, and the proxy server is used in a general proxy server, as shown in fig. 13, the apparatus 600 includes:
a message receiving module 601, configured to receive the request message sent by another proxy server;
a path obtaining module 602, configured to analyze the request packet and obtain remaining path information of the request packet from a next hop;
a message sending module 603, configured to send the request message to a proxy server of the next hop if the next hop is not the source station server, and otherwise, parse the request message to obtain source data and send the source data to the source station server.
The embodiment of the invention obtains the optimal communication path by analyzing the message and forwards the data according to the optimal communication path. The interaction between the client and the source station server is carried out through the multi-level proxy server, the optimal path can be selected for transmitting the data packet, and the data transmission efficiency is high.
Optionally, in another embodiment of the apparatus, referring to fig. 14, the apparatus 600 further includes:
a first session table establishing module 604 for:
analyzing the request message to obtain a user identifier;
establishing a session table of a current proxy server, and generating a query key value of the session table of the current proxy server according to the user identification;
adding the user identification into the session table;
and adding the request message into the session table through the communication path information of the current proxy server.
Optionally, in another embodiment of the apparatus, referring to fig. 14, the apparatus 600 further includes:
the first message sending module 605 is configured to send a message to a next hop proxy server if sending the message to the next hop proxy server fails.
Optionally, in another embodiment of the apparatus, referring to fig. 14, the apparatus 600 further includes:
a first session query and message forwarding module 606, configured to:
if a message sent by a proxy server which establishes a session is received, analyzing the message to obtain the user identifier;
and establishing a query key value according to the user identification, carrying out session query, and sending the message to a next hop proxy server according to a path queried by the session.
It should be noted that the proxy forwarding apparatus can execute the proxy forwarding method provided by the embodiment of the present invention, and has functional modules and beneficial effects corresponding to the execution method. For technical details that are not described in detail in the embodiment of the proxy forwarding apparatus, reference may be made to the proxy forwarding method provided in the embodiment of the present invention.
Fig. 15 is a schematic diagram of a hardware structure of the proxy server 20 according to an embodiment of the present invention, and as shown in fig. 15, the proxy server 20 includes:
one or more processors 21 and a memory 22, with one processor 21 being an example in fig. 15.
The processor 21 and the memory 22 may be connected by a bus or other means, and the bus connection is exemplified in fig. 15.
The memory 22, which is a non-volatile computer-readable storage medium, may be used to store non-volatile software programs, non-volatile computer-executable programs, and modules, such as program instructions/modules (e.g., receiving module 501 shown in fig. 11) corresponding to the proxy forwarding method in the embodiment of the present invention. The processor 21 executes various functional applications of the proxy server and data processing, i.e., implements the proxy forwarding method of the above-described method embodiment, by running the nonvolatile software program, instructions, and modules stored in the memory 22.
The memory 22 may include a storage program area and a storage data area, wherein the storage program area may store an operating system, an application program required for at least one function; the stored data area may store data created according to the use of the proxy forwarding apparatus, and the like. Further, the memory 22 may include high speed random access memory, and may also include non-volatile memory, such as at least one magnetic disk storage device, flash memory device, or other non-volatile solid state storage device. In some embodiments, memory 22 may optionally include memory located remotely from processor 21, which may be connected to the proxy forwarding device via a network. Examples of such networks include, but are not limited to, the internet, intranets, local area networks, mobile communication networks, and combinations thereof.
The one or more modules are stored in the memory 22, and when executed by the one or more processors 21, perform the proxy forwarding method in any of the above-described method embodiments, for example, perform the above-described method steps 101 and 103 in fig. 2, the method steps 201 to 207 in fig. 3, the method steps 301 to 303 in fig. 7, and the method steps 401 to 407 in fig. 8; the functions of the module 501-503 in fig. 11, the module 501-507 in fig. 12, the module 601-603 in fig. 13, and the module 601-606 in fig. 14 are realized.
The product can execute the method provided by the embodiment of the invention, and has corresponding functional modules and beneficial effects of the execution method. For technical details that are not described in detail in this embodiment, reference may be made to the method provided by the embodiment of the present invention.
Embodiments of the present invention provide a non-transitory computer-readable storage medium, where the computer-readable storage medium stores computer-executable instructions, which are executed by one or more processors, such as one processor 21 in fig. 15, to enable the one or more processors to perform the proxy forwarding method in any of the method embodiments, such as performing method steps 101 and 103 in fig. 2, method steps 201 and 207 in fig. 3, method steps 301 and 303 in fig. 7, and method steps 401 and 407 in fig. 8, which are described above; the functions of the module 501-503 in fig. 11, the module 501-507 in fig. 12, the module 601-603 in fig. 13, and the module 601-606 in fig. 14 are realized.
Referring to fig. 1, an embodiment of the present invention further provides a multi-level proxy network 100, where the network includes at least three proxy servers 20 as described above, and at least three proxy servers 20 are communicatively connected to each other;
one of the proxy servers 20 is configured to serve as an ingress proxy server to be communicatively connected with a client, the other proxy server 20 is configured to serve as an egress proxy server to be communicatively connected with a source station server, and the other proxy servers 20 serve as intermediate proxy servers to forward messages between the ingress proxy server and the egress proxy server.
The embodiment of the invention can select the optimal path to transmit the data packet by the interaction between the client and the source station server through the multi-level proxy server, and has high data transmission efficiency.
The above-described embodiments of the apparatus are merely illustrative, and the units described as separate parts may or may not be physically separate, and parts displayed as units may or may not be physical units, may be located in one place, or may be distributed on a plurality of network units. Some or all of the modules may be selected according to actual needs to achieve the purpose of the solution of the present embodiment.
Through the above description of the embodiments, those skilled in the art will clearly understand that each embodiment can be implemented by software plus a general hardware platform, and certainly can also be implemented by hardware. It will be understood by those skilled in the art that all or part of the processes of the methods of the embodiments described above can be implemented by hardware related to instructions of a computer program, which can be stored in a computer readable storage medium, and when executed, can include the processes of the embodiments of the methods described above. The storage medium may be a magnetic disk, an optical disk, a Read-Only Memory (ROM), a Random Access Memory (RAM), or the like.
Finally, it should be noted that: the above examples are only intended to illustrate the technical solution of the present invention, but not to limit it; within the idea of the invention, also technical features in the above embodiments or in different embodiments may be combined, steps may be implemented in any order, and there are many other variations of the different aspects of the invention as described above, which are not provided in detail for the sake of brevity; although the present invention has been described in detail with reference to the foregoing embodiments, it will be understood by those of ordinary skill in the art that: the technical solutions described in the foregoing embodiments may still be modified, or some technical features may be equivalently replaced; and the modifications or the substitutions do not make the essence of the corresponding technical solutions depart from the scope of the technical solutions of the embodiments of the present invention.