CN108924050A - Data forwarding method and its device, storage medium and network card equipment - Google Patents
Data forwarding method and its device, storage medium and network card equipment Download PDFInfo
- Publication number
- CN108924050A CN108924050A CN201810713003.8A CN201810713003A CN108924050A CN 108924050 A CN108924050 A CN 108924050A CN 201810713003 A CN201810713003 A CN 201810713003A CN 108924050 A CN108924050 A CN 108924050A
- Authority
- CN
- China
- Prior art keywords
- address
- data
- source
- forwarded
- terminal
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L45/00—Routing or path finding of packets in data switching networks
- H04L45/72—Routing based on the source address
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L45/00—Routing or path finding of packets in data switching networks
- H04L45/74—Address processing for routing
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/02—Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
- H04L63/0227—Filtering policies
- H04L63/0236—Filtering by address, protocol, port number or service, e.g. IP-address or URL
Landscapes
- Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Hardware Design (AREA)
- Computer Security & Cryptography (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Data Exchanges In Wide-Area Networks (AREA)
Abstract
The present invention relates to the communications field, a kind of data forwarding method and its device, storage medium and network card equipment are disclosed.Data forwarding method in the present invention includes:Receive the connection first message of the data to be forwarded forwarded by network card equipment;Obtain the source address and destination address in connection first message;According to the source address and destination address of acquisition, the forward rule of corresponding source address is determined;Forward rule is sent to network card equipment, so that the subsequent packet of the data to be forwarded from first terminal is directly transmitted to second terminal according to forward rule by network card equipment after establishing data transmission relations between the first terminal of corresponding source address and the second terminal of corresponding destination address.It realizes have the network data forwarding of firewall functionality by way of software and hardware combining, reduces the complexity for being based only upon the software realization technology, and improve the network data forwarding performance under such as cloud computing environment.
Description
Technical field
The present invention relates to the communications field, in particular to a kind of data forwarding method and its device, storage medium and network interface card are set
It is standby.
Background technique
Software defined network (Software Defined Network, SDN), by by network equipment control plane and data
Face separates, to realize the flexible control of network flow, network is made to become more intelligent as pipeline.In cloud computing
Under environment, in the environment of cloud computing, user becomes increasingly complex for the demand of network, for example, realized using tunneling technique
Isolation, avoided by firewall functionality network by external attack, using QoS (Quality of Service, service quality)
Realize customer flow control and management, using NAT (Network Address Translation, network address translation) skill
Art provides outside access ability, these demands make the function of SDN become complex, are only unable to satisfy use with SDN sometimes
These performance requirements at family.
Summary of the invention
The purpose of the present invention is to provide a kind of data forwarding method and its devices, storage medium and network card equipment, can lead to
The mode for crossing software and hardware combining realizes the network data forwarding for having firewall functionality, reduces and is based only upon the software realization technology
Complexity.
In order to solve the above technical problems, embodiments of the present invention disclose a kind of data forwarding method, including:
Receive the connection first message of the data to be forwarded forwarded by network card equipment;
Obtain the source address and destination address in connection first message;
According to the source address and destination address of acquisition, the forward rule of corresponding source address is determined;
Forward rule is sent to network card equipment, so that in the first terminal and corresponding destination address of corresponding source address
After establishing data transmission relations between second terminal, network card equipment directly will be from the to be forwarded of first terminal according to forward rule
The subsequent packet of data is transmitted to second terminal.
In a demonstration example, the forward rule for determining corresponding source address based on predetermined forward rule includes:
If destination address includes the public network IP address configured based on network address translation, by the public network in destination address
IP address is revised as corresponding private network IP address, and determines corresponding source address based on source address and the destination address modified
Forward rule.
In another demonstration example, forward rule includes source IP address, source needed for forwarding the subsequent packet of data to be forwarded
Port address, target ip address and target port address, or
Forward rule includes source IP address, target ip address and target side needed for forwarding the subsequent packet of data to be forwarded
Port address.
Embodiments of the present invention also disclose a kind of data forwarding method, including:
Network card equipment receives and stores the forward rule of the source address of corresponding data to be forwarded;
After network card equipment receives the subsequent packet of data to be forwarded, the first terminal and corresponding mesh of corresponding source address are judged
Address second terminal between whether have built up data transmission relations;
If it is judged that have built up data transmission relations, then network card equipment directly will be from the according to forward rule
The subsequent packet of the data to be forwarded of one terminal is transmitted to second terminal;
Wherein, source address and destination address are included in the connection first message of the data to be forwarded of network card equipment previous receipt
In.
In a demonstration example, forward rule includes source IP address, source needed for forwarding the subsequent packet of data to be forwarded
Port address, target ip address and target port address, or
Forward rule only includes source IP address, target ip address and target needed for forwarding the subsequent packet of data to be forwarded
Port address.
Embodiments of the present invention also disclose a kind of data forwarding device, including:
Receiving unit, for receiving the connection first message of the data to be forwarded by network card equipment forwarding;
Acquiring unit, for obtaining source address and destination address in connection first message;
Determination unit, for determining the forward rule of corresponding source address according to the source address and destination address of acquisition;
Transmission unit, for predetermined forward rule to be sent to network card equipment, so that first in corresponding source address is whole
After establishing data transmission relations between end and the second terminal of corresponding destination address, network card equipment is according to forward rule direct future
Second terminal is transmitted to from the subsequent packet of the data to be forwarded of first terminal.
In a demonstration example, forward rule includes source IP address, source needed for forwarding the subsequent packet of data to be forwarded
Port address, target ip address and target port address, or
Forward rule includes source IP address, target ip address and target side needed for forwarding the subsequent packet of data to be forwarded
Port address.
Embodiments of the present invention also disclose a kind of network card equipment, which is characterized in that including:
Storage unit, the forward rule of the source address for receiving and storing corresponding data to be forwarded;
Judging unit, for judge between the first terminal of corresponding source address and the second terminal of corresponding destination address whether
Have built up data transmission relations;
Retransmission unit is when having built up data transmission relations, to be advised according to forwarding for the judging result in judging unit
The subsequent packet of the data to be forwarded from first terminal is directly then transmitted to second terminal;
Wherein, source address and destination address are included in the connection first message of the data to be forwarded of network card equipment previous receipt
In.
Embodiments of the present invention also disclose a kind of device, which includes being stored with depositing for computer executable instructions
Reservoir and processor, processor are configured as executing instruction with data forwarding method disclosed in above embodiment.
Embodiments of the present invention also disclose a kind of non-volatile computer storage Jie using computer program code
Matter, wherein computer program includes instruction, when instruction is executed by more than one computer, is instructed so that more than one
Computer executes data forwarding method disclosed in above embodiment.
Compared with prior art, the main distinction and its effect are embodiment of the present invention:
It realizes have the network data forwarding of firewall functionality by way of software and hardware combining, reduces and be based only upon software
It realizes the complexity of the technology, and improves the network data forwarding performance under such as cloud computing environment.
Detailed description of the invention
Fig. 1 is the hardware block diagram of the terminal of the data forwarding method of embodiment according to the present invention;
Fig. 2 is the flow chart of the data forwarding method of first embodiment according to the present invention;
Fig. 3 is the flow chart of the data forwarding method of second embodiment according to the present invention;
Fig. 4 is the structural schematic diagram of the data forwarding device of third embodiment according to the present invention;
Fig. 5 is the structural schematic diagram of the gateway of the 4th embodiment according to the present invention.
Specific embodiment
In the following description, in order to make the reader understand this application better, many technical details are proposed.But this
The those of ordinary skill in field is appreciated that even if without these technical details and many variations based on the following respective embodiments
And modification, each claim of the application technical solution claimed can also be realized.
To make the object, technical solutions and advantages of the present invention clearer, below in conjunction with attached drawing to implementation of the invention
Mode is described in further detail.
Method implementation provided by the application mode can be in mobile terminal, terminal or similar operation
It is executed in device.For running on computer terminals, Fig. 1 is the meter of the data forwarding method of embodiment according to the present invention
The hardware block diagram of calculation machine terminal.As shown in Figure 1, terminal 100 may include that one or more (only shows one in figure
It is a) (processor 101 can include but is not limited to central processor CPU, image processor GPU, at digital signal to processor 101
Manage the processing unit of device DSP, Micro-processor MCV or programmable logic device FPGA etc.), the input and output for being interacted with user
Interface 102, memory 103 for storing data and the transmitting device 104 for communication function.Ordinary skill
Personnel are appreciated that structure shown in FIG. 1 is only to illustrate, and do not cause to limit to the structure of above-mentioned electronic device.For example, meter
Calculation machine terminal 100 may also include than shown in Fig. 1 more perhaps less component or with the configuration different from shown in Fig. 1.
Memory 103 can be used for storing the software program and module of application software, such as the number in embodiment of the present invention
According to the corresponding program instruction/module of retransmission method, processor 101 by the software program that is stored in memory 103 of operation with
And module realizes above-mentioned data forwarding method thereby executing various function application and data processing.Memory 103 can
Including high speed random access memory, may also include nonvolatile memory, as one or more magnetic storage device, flash memory or
Other non-volatile solid state memories of person.In some instances, memory 103 can further comprise remote relative to processor 101
The memory of journey setting, these remote memories can pass through network connection to terminal 100.The example packet of above-mentioned network
Include but be not limited to internet, intranet, local area network, mobile radio communication and combinations thereof.
Transmitting device 104 is used to that data to be received or sent via a network.Above-mentioned network specific example may include
The wireless network that the communication providers of terminal 100 provide.In the present invention, transmitting device 104 include a network interface card or
Person's network adapter (Network Interface Controller, referred to as NIC), can be set by base station and other networks
It is standby to be connected so as to be communicated with internet.In an example, transmitting device 104 can also be radio frequency (Radio
Frequency, referred to as RF) module, it is used to wirelessly be communicated with internet.
The type of embodiment of the present invention not defining application, can be system class application program, or soft
Part class application program.
First embodiment of the invention is related to a kind of data forwarding method.Fig. 1 is a kind of process of data forwarding method
Schematic diagram.
Specifically, as shown in Fig. 2, the data forwarding method includes the following steps:
Step 201, the connection first message of the data to be forwarded forwarded by network card equipment is received.
Then into step 202.
In step 202, the source address and destination address in connection first message are obtained.
Then into step 203.
In step 203, according to the source address of acquisition and destination address, the forward rule of corresponding source address is determined.
It is appreciated that in each embodiment of the present invention, with determining corresponding source according to the source address of acquisition and destination address
The forward rule of location can be accomplished in several ways, for example, address mapping relation table is stored in advance by inquiry, it is determined whether
There are the mapping relations between source address and destination address, if it is present by the mapping relations be sent to network card equipment or
It generates forward rule corresponding with the mapping relations and is sent to network card equipment.Mapping relations can include following according to actual needs
At least one of type:Mapping relations, source IP address and source port address and mesh between source IP address and target ip address
Mark mapping relations between IP address and target port address, between source IP address and target ip address and target port address
Mapping relations between mapping relations, source IP address and source port address and target ip address.
In a demonstration example, if the requested destination address of data to be sent is the public network configured based on NAT technology
IP address, then in the case that target ip address is the IP address of private network in above-mentioned mapping relations, by the public network in destination address
IP address is revised as corresponding private network IP address, and determines corresponding source address based on source address and the destination address modified
Forward rule.For example, the source address obtained in the connection first message of data to be sent is IP address 167.4.2.3, destination
Location is public network address 221.1.1.2, is based on NAT rule query, it can be deduced that the corresponding private net address of the public network address or private
Net port address is 192.168.2.3, then inquiry whether there is 167.4.2.3 and 192.168.2.3 in above-mentioned mapping relations
Between mapping relations, if it is present the mapping relations are sent to network card equipment or are generated comprising source address
167.4.2.3 the forward rule of the mapping relations between destination address 192.168.2.3, and send it to network card equipment.
Then into step 204.
In step 204, forward rule is sent to network card equipment, so that in the first terminal of corresponding source address and right
It answers after establishing data transmission relations between the second terminal of destination address, network card equipment will directly come from first according to forward rule
The subsequent packet of the data to be forwarded of terminal is transmitted to second terminal.I.e. if determining and being set to network interface card based on connection first message
It is standby have sent the forward rule of corresponding source address after, first terminal with source address and with destination address or conversion after
Data transmission relations can be established between the second terminal of the network address of the corresponding destination address, for example, by three-way handshake, it
Afterwards, the subsequent packet of data to be sent directly can be transmitted to second terminal by network card equipment, without passing through software defined network again
Network or similar software are forwarded.
Hereafter terminate this process.
It is appreciated that in the present invention, terminal can be physical terminal, be also possible to virtual terminal.Network card equipment includes
Any hardware device for having network interface card function.
It is appreciated that forward rule may include in a demonstration example of the invention:Forward the subsequent report of data to be forwarded
Text required source IP address, source port address, target ip address and target port address.For example, network card equipment receive turn
When hair rule, having built up of sending of the port of the source port address B with source IP address A is shaken hands according to the forward rule
The subsequent packet of relationship is transmitted to the port of the target port address D with target ip address C.
It is appreciated that forward rule may include in another demonstration example of the invention:Forward the subsequent of data to be forwarded
Source IP address needed for message, target ip address and target port address.For example, network card equipment is when receiving forward rule,
The subsequent packet for having built up the relationship of shaking hands from source IP address A is transmitted to Target IP according to the forward rule
The port of the target port address D of location C.
It is worth noting that, target ip address is the IP of the private network after being converted there are NAT configuration
Location, target port address are the target port address of the corresponding private network after being converted.
It realizes have the network data forwarding of firewall functionality by way of software and hardware combining, reduces and be based only upon software
It realizes the complexity of the technology, improves the network data forwarding performance under such as cloud computing environment.
This hair purpose second embodiment is related to a kind of data forwarding method.Fig. 3 is a kind of stream of data forwarding method
Journey schematic diagram.
Specifically, as shown in figure 3, the data forwarding method includes the following steps:
Step 301, network card equipment receives the connection first message of data to be forwarded, and the connection first message is sent to accordingly
Software module.
Hereafter, 302 are entered step.
In step 302, if network card equipment receives the source for the correspondence data to be forwarded that corresponding software module determines
The forward rule of address, then network card equipment stores the forward rule.Wherein, software module can be according in the first message received
Source address and destination address determine the forward rule of corresponding source address.For example, address mapping relation is stored in advance by inquiry
Table, it is determined whether there are the mapping relations between source address and destination address, if it is present the mapping relations are sent to net
Card apparatus or generation forward rule corresponding with the mapping relations are sent to network card equipment.Mapping relations can be according to practical need
Including at least one of Types Below:Mapping relations, source IP address and source between source IP address and target ip address
Mapping relations, source IP address and target ip address and target port between port address and target ip address and target port address
Mapping relations, source IP address between address and the mapping relations between source port address and target ip address.
In a demonstration example, if the requested destination address of data to be sent is the public network configured based on NAT technology
IP address, then in the case that target ip address is the IP address of private network in above-mentioned mapping relations, by the public network in destination address
IP address is revised as corresponding private network IP address, and determines corresponding source address based on source address and the destination address modified
Forward rule.For example, the source address obtained in the connection first message of data to be sent is IP address 167.4.2.3, destination
Location is public network address 221.1.1.2, is based on NAT rule query, it can be deduced that the corresponding private net address of the public network address or private
Net port address is 192.168.2.3, then inquiry whether there is 167.4.2.3 and 192.168.2.3 in above-mentioned mapping relations
Between mapping relations, if it is present the mapping relations are sent to network card equipment or are generated comprising source address
167.4.2.3 the forward rule of the mapping relations between destination address 192.168.2.3, and send it to network card equipment.
Hereafter, 303 are entered step.
In step 303, network card equipment receives the subsequent packet of data to be forwarded;
Hereafter, 304 are entered step.
In step 304, network card equipment judges the first terminal of corresponding source address and the second terminal of corresponding destination address
Between whether have built up data transmission relations.
If it is judged that be it is yes, enter step 305;Otherwise, 306 are entered step.
In step 305, network card equipment is according to forward rule directly by the subsequent of the data to be forwarded from first terminal
Message is transmitted to second terminal.Hereafter, terminate this process.
I.e. if based on connection first message, after determining and having sent the forward rule of corresponding source address to network card equipment, tool
The second of the first terminal of source address and the network address with the correspondence destination address after destination address or conversion is eventually
Data transmission relations can be established between end, for example, by three-way handshake, later, the subsequent packets of data to be sent can directly by
Network card equipment is transmitted to second terminal, without being forwarded again by software defined network or similar software.
Within step 306, network card equipment directly abandons the subsequent packet received.
Hereafter, terminate this process.
It is appreciated that source address and destination address are included in the to be forwarded of network card equipment previous receipt in above-mentioned steps
In the connection first message of data.
It is appreciated that forward rule may include in a demonstration example of the invention:Forward the subsequent report of data to be forwarded
Text required source IP address, source port address, target ip address and target port address.For example, network card equipment receive turn
When hair rule, having built up of sending of the port of the source port address B with source IP address A is shaken hands according to the forward rule
The subsequent packet of relationship is transmitted to the port of the target port address D with target ip address C.
It is appreciated that forward rule may include in another demonstration example of the invention:Forward the subsequent of data to be forwarded
Source IP address needed for message, target ip address and target port address.For example, network card equipment is when receiving forward rule,
The subsequent packet for having built up the relationship of shaking hands from source IP address A is transmitted to Target IP according to the forward rule
The port of the target port address D of location C.
It is worth noting that, target ip address is the IP of the private network after being converted there are NAT configuration
Location, target port address are the target port address of the corresponding private network after being converted.
It realizes have the network data forwarding of firewall functionality by way of software and hardware combining, reduces and be based only upon software
It realizes the complexity of the technology, improves the network data forwarding performance under such as cloud computing environment.
Third embodiment of the present invention discloses a kind of data forwarding device.Fig. 4 is the structure of the data forwarding device
Schematic diagram.
Specifically, as shown in figure 4, the device includes:
Receiving unit, for receiving the connection first message of the data to be forwarded by network card equipment forwarding;
Acquiring unit, for obtaining source address and destination address in connection first message;
Determination unit, for determining the forward rule of corresponding source address according to the source address and destination address of acquisition;
Transmission unit, for predetermined forward rule to be sent to network card equipment, so that first in corresponding source address is whole
After establishing data transmission relations between end and the second terminal of corresponding destination address, network card equipment is according to forward rule direct future
Second terminal is transmitted to from the subsequent packet of the data to be forwarded of first terminal.
It is appreciated that forward rule may include in a demonstration example of the invention:Forward the subsequent report of data to be forwarded
Text required source IP address, source port address, target ip address and target port address.For example, network card equipment receive turn
When hair rule, having built up of sending of the port of the source port address B with source IP address A is shaken hands according to the forward rule
The subsequent packet of relationship is transmitted to the port of the target port address D with target ip address C.
It is appreciated that forward rule may include in another demonstration example of the invention:Forward the subsequent of data to be forwarded
Source IP address needed for message, target ip address and target port address.For example, network card equipment is when receiving forward rule,
The subsequent packet for having built up the relationship of shaking hands from source IP address A is transmitted to Target IP according to the forward rule
The port of the target port address D of location C.
First embodiment is method implementation corresponding with present embodiment, and present embodiment can be implemented with first
Mode is worked in coordination implementation.The relevant technical details mentioned in first embodiment are still effective in the present embodiment, in order to
It reduces and repeats, which is not described herein again.Correspondingly, the relevant technical details mentioned in present embodiment are also applicable in the first implementation
In mode.
4th embodiment of the invention is related to a kind of network card equipment, and Fig. 5 is the structural schematic diagram of the network card equipment.
Specifically, as shown in figure 5, the network card equipment includes:
Storage unit, the forward rule of the source address for receiving and storing corresponding data to be forwarded;
Judging unit, after the subsequent packet for receiving data to be forwarded, judge corresponding source address first terminal and
Whether data transmission relations are had built up between the second terminal of corresponding destination address;
Retransmission unit is when having built up data transmission relations, to be advised according to forwarding for the judging result in judging unit
The subsequent packet of the data to be forwarded from first terminal is directly then transmitted to second terminal.
It is appreciated that above-mentioned source address and destination address are included in the connection of the data to be forwarded of network card equipment previous receipt
In first message.
Second embodiment is method implementation corresponding with present embodiment, and present embodiment can be with second side of applying
Formula is worked in coordination implementation.The relevant technical details mentioned in second embodiment are still effective in the present embodiment, in order to subtract
Few to repeat, which is not described herein again.Correspondingly, the relevant technical details mentioned in present embodiment are also applicable in the second embodiment party
In formula.
5th embodiment of the invention discloses a kind of device, which includes being stored with computer executable instructions
Memory and processor, processor are configured as executing instruction to implement the data forwarding method of first or second embodiment.
Sixth embodiment of the invention discloses a kind of non-volatile computer storage using computer program code
Medium, wherein computer program include instruction, when instruction by more than one computer execute when, instruction so that more than one
Computer execute first or second embodiment data forwarding method.
It is appreciated that in each embodiment of the present invention, there are data forwarding white and black lists, for certain sources
Location (IP address or port address), if there is being stored with the data in data forwarding white list, and on network card equipment
White list is forwarded, then the data from the source address can be forwarded directly to destination address by network card equipment, without being sent to phase
The software module answered determines forward rule, if not having the data forwarding white list in network card equipment, needs to connect head
Message is sent to corresponding software module, sends corresponding forward rule from software module to network card equipment.And those are deposited
In the source address in data forwarding blacklist, if being stored with the data forwarding blacklist on network card equipment, these are come from
The data of source address can be directly dropped, if being stored with the data forwarding blacklist on network card equipment, need to connect
First message is sent to corresponding software module, from software module to the network card equipment data forwarding blacklist.
Each method embodiment of the invention can be realized in a manner of software, hardware, firmware etc..Regardless of the present invention be with
Software, hardware or firmware mode realize that instruction code may be stored in any kind of computer-accessible memory
In (such as permanent perhaps revisable volatibility is perhaps non-volatile solid or non-solid, it is fixed or
The replaceable medium etc. of person).Equally, memory may, for example, be programmable logic array (Programmable Array
Logic, referred to as " PAL "), random access memory (Random Access Memory, referred to as " RAM "), it may be programmed read-only deposit
Reservoir (Programmable Read Only Memory, referred to as " PROM "), read-only memory (Read-Only Memory, letter
Claim " ROM "), electrically erasable programmable read-only memory (Electrically Erasable Programmable ROM, referred to as
" EEPROM "), disk, CD, digital versatile disc (Digital Versatile Disc, referred to as " DVD ") etc..
It should be noted that each unit/the module mentioned in each equipment embodiment of the present invention is all logic unit/mould
Block, physically, a logic unit can be a physical unit, are also possible to a part of a physical unit, may be used also
With with the combination of multiple physical units realization, the Physical realization of these logic units itself be not it is most important, these
The combination for the function that logic unit is realized is only the key for solving technical problem proposed by the invention.In addition, for protrusion
Innovative part of the invention, the above-mentioned each equipment embodiment of the present invention is not by the technical problem proposed by the invention with solution
The less close unit of relationship introduces, this does not indicate above equipment embodiment and there is no other units.
It should be noted that in the claim and specification of this patent, such as first and second or the like relationship
Term is only used to distinguish one entity or operation from another entity or operation, without necessarily requiring or implying
There are any actual relationship or orders between these entities or operation.Moreover, the terms "include", "comprise" or its
Any other variant is intended to non-exclusive inclusion so that include the process, methods of a series of elements, article or
Equipment not only includes those elements, but also including other elements that are not explicitly listed, or further include for this process,
Method, article or the intrinsic element of equipment.In the absence of more restrictions, being wanted by what sentence " including one " limited
Element, it is not excluded that there is also other identical elements in the process, method, article or apparatus that includes the element.
Although being shown and described to the present invention by referring to some of the preferred embodiment of the invention,
It will be understood by those skilled in the art that can to it, various changes can be made in the form and details, without departing from this hair
Bright spirit and scope.
Claims (10)
1. a kind of data forwarding method, which is characterized in that including:
Receive the connection first message of the data to be forwarded forwarded by network card equipment;
Obtain the source address and destination address in the connection first message;
According to the source address and destination address of acquisition, the forward rule of the corresponding source address is determined;
The forward rule is sent to the network card equipment, so that first terminal and corresponding institute in the correspondence source address
It states after establishing data transmission relations between the second terminal of destination address, the network card equipment directly will according to the forward rule
The subsequent packet of data to be forwarded from the first terminal is transmitted to the second terminal.
2. data forwarding method according to claim 1, which is characterized in that determined based on predetermined forward rule described in corresponding to
The forward rule of source address includes:
If the destination address includes the public network IP address configured based on network address translation, will be in the destination address
The public network IP address is revised as corresponding private network IP address, and is determined based on the source address and the destination address modified
The forward rule of the corresponding source address.
3. data forwarding method according to claim 1 or 2, which is characterized in that the forward rule includes described in forwarding
Source IP address needed for the subsequent packet of data to be forwarded, source port address, target ip address and target port address, or
The forward rule includes source IP address, target ip address and mesh needed for forwarding the subsequent packet of the data to be forwarded
Mark port address.
4. a kind of data forwarding method, which is characterized in that including:
Network card equipment receives and stores the forward rule of the source address of corresponding data to be forwarded;
After network card equipment receives the subsequent packet of data to be forwarded, the first terminal for corresponding to the source address and corresponding mesh are judged
Address second terminal between whether have built up data transmission relations;
If the judging result is to have built up data transmission relations, network card equipment is according to the forward rule direct future
The second terminal is transmitted to from the subsequent packet of the data to be forwarded of the first terminal;
Wherein, the source address and destination address are included in the connection of the data to be forwarded of the network card equipment previous receipt
In first message.
5. data forwarding method according to claim 4, which is characterized in that the forward rule includes that forwarding is described wait turn
Source IP address, source port address, target ip address and target port address needed for sending out the subsequent packet of data, or
The forward rule only include source IP address, target ip address needed for forwarding the subsequent packet of the data to be forwarded and
Target port address.
6. a kind of data forwarding device, which is characterized in that including:
Receiving unit, for receiving the connection first message of the data to be forwarded by network card equipment forwarding;
Acquiring unit, for obtaining source address and destination address in the connection first message;
Determination unit, for determining the forward rule of the corresponding source address according to the source address and destination address of acquisition;
Transmission unit, for the predetermined forward rule to be sent to the network card equipment, so that in the correspondence source address
First terminal and the corresponding destination address second terminal between establish data transmission relations after, the network card equipment according to
The subsequent packet of data to be forwarded from the first terminal is directly transmitted to the second terminal by the forward rule.
7. data forwarding device according to claim 6, which is characterized in that the forward rule includes that forwarding is described wait turn
Source IP address, source port address, target ip address and target port address needed for sending out the subsequent packet of data, or
The forward rule includes source IP address, target ip address and mesh needed for forwarding the subsequent packet of the data to be forwarded
Mark port address.
8. a kind of network card equipment, which is characterized in that including:
Storage unit, the forward rule of the source address for receiving and storing corresponding data to be forwarded;
Judging unit, after the subsequent packet for receiving data to be forwarded, judge the first terminal for corresponding to the source address and
Whether data transmission relations are had built up between the second terminal of corresponding destination address;
Retransmission unit is when having built up data transmission relations, according to described turn for the judging result in the judging unit
The subsequent packet of the data to be forwarded from the first terminal is directly transmitted to the second terminal by hair rule;
Wherein, the source address and destination address are included in the connection of the data to be forwarded of the network card equipment previous receipt
In first message.
9. a kind of device, which is characterized in that memory and processor including being stored with computer executable instructions, the processing
Device is configured as executing described instruction to implement data forwarding method described in any one of any one of claims 1 to 55.
10. a kind of nonvolatile computer storage media using computer program code, which is characterized in that the computer journey
Sequence includes instruction, and when described instruction is executed by more than one computer, described instruction makes one above calculating
Data forwarding method described in any one of machine perform claim requirement 1 to 5.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201810713003.8A CN108924050A (en) | 2018-06-29 | 2018-06-29 | Data forwarding method and its device, storage medium and network card equipment |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201810713003.8A CN108924050A (en) | 2018-06-29 | 2018-06-29 | Data forwarding method and its device, storage medium and network card equipment |
Publications (1)
Publication Number | Publication Date |
---|---|
CN108924050A true CN108924050A (en) | 2018-11-30 |
Family
ID=64423851
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201810713003.8A Pending CN108924050A (en) | 2018-06-29 | 2018-06-29 | Data forwarding method and its device, storage medium and network card equipment |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN108924050A (en) |
Cited By (10)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN110506411A (en) * | 2017-01-13 | 2019-11-26 | Nicira股份有限公司 | Logic-based port identifiers manage the network flow in virtual switch |
CN111385631A (en) * | 2020-03-04 | 2020-07-07 | 海信视像科技股份有限公司 | Display device, communication method and storage medium |
CN111555973A (en) * | 2020-04-28 | 2020-08-18 | 深圳震有科技股份有限公司 | Data packet forwarding method and device based on 5G data forwarding plane |
CN112019431A (en) * | 2019-05-29 | 2020-12-01 | 阿里巴巴集团控股有限公司 | Method, device and equipment for processing forwarding rule |
CN113497798A (en) * | 2020-04-08 | 2021-10-12 | 北京中科网威信息技术有限公司 | FPGA-based data forwarding method for firewall |
CN113612963A (en) * | 2021-07-27 | 2021-11-05 | 深圳市捷视飞通科技股份有限公司 | Data forwarding method and device, computer equipment and storage medium |
CN113612837A (en) * | 2021-07-30 | 2021-11-05 | 杭州朗和科技有限公司 | Data processing method, device, medium and computing equipment |
CN113890865A (en) * | 2021-10-21 | 2022-01-04 | 展讯通信(上海)有限公司 | Data packet forwarding method and equipment |
CN114143771A (en) * | 2021-11-25 | 2022-03-04 | 京信网络系统股份有限公司 | Data transmission method, system, device, computer equipment and storage medium |
CN114359015A (en) * | 2021-12-08 | 2022-04-15 | 北京百度网讯科技有限公司 | Data transmission method and device and graphic processing server |
Citations (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN1414736A (en) * | 2002-05-24 | 2003-04-30 | 华为技术有限公司 | Method of implementing quick retransmission and supporting load sharing |
US20070133560A1 (en) * | 2005-12-07 | 2007-06-14 | Nam Kook J | Method and apparatus for processing packet in high speed router |
US7512781B2 (en) * | 2002-05-01 | 2009-03-31 | Firebridge Systems Pty Ltd. | Firewall with stateful inspection |
CN101699796A (en) * | 2009-09-09 | 2010-04-28 | 成都飞鱼星科技开发有限公司 | Stream trust-based method and system for transmitting data message at high speed and router thereof |
CN103347014A (en) * | 2013-06-25 | 2013-10-09 | 深圳市共进电子股份有限公司 | Network fast forwarding module and network fast forwarding achieving method |
CN104320278A (en) * | 2014-10-31 | 2015-01-28 | 杭州华三通信技术有限公司 | Wide area network realizing method and device based on software-defined network |
-
2018
- 2018-06-29 CN CN201810713003.8A patent/CN108924050A/en active Pending
Patent Citations (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US7512781B2 (en) * | 2002-05-01 | 2009-03-31 | Firebridge Systems Pty Ltd. | Firewall with stateful inspection |
CN1414736A (en) * | 2002-05-24 | 2003-04-30 | 华为技术有限公司 | Method of implementing quick retransmission and supporting load sharing |
US20070133560A1 (en) * | 2005-12-07 | 2007-06-14 | Nam Kook J | Method and apparatus for processing packet in high speed router |
CN101699796A (en) * | 2009-09-09 | 2010-04-28 | 成都飞鱼星科技开发有限公司 | Stream trust-based method and system for transmitting data message at high speed and router thereof |
CN103347014A (en) * | 2013-06-25 | 2013-10-09 | 深圳市共进电子股份有限公司 | Network fast forwarding module and network fast forwarding achieving method |
CN104320278A (en) * | 2014-10-31 | 2015-01-28 | 杭州华三通信技术有限公司 | Wide area network realizing method and device based on software-defined network |
Cited By (16)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN110506411A (en) * | 2017-01-13 | 2019-11-26 | Nicira股份有限公司 | Logic-based port identifiers manage the network flow in virtual switch |
CN110506411B (en) * | 2017-01-13 | 2022-12-16 | Nicira股份有限公司 | Method and system for providing packet enforcement using logical ports in a virtualized computing environment |
CN112019431A (en) * | 2019-05-29 | 2020-12-01 | 阿里巴巴集团控股有限公司 | Method, device and equipment for processing forwarding rule |
CN111385631A (en) * | 2020-03-04 | 2020-07-07 | 海信视像科技股份有限公司 | Display device, communication method and storage medium |
CN111385631B (en) * | 2020-03-04 | 2022-05-24 | 海信视像科技股份有限公司 | Display device, communication method and storage medium |
CN113497798A (en) * | 2020-04-08 | 2021-10-12 | 北京中科网威信息技术有限公司 | FPGA-based data forwarding method for firewall |
CN111555973A (en) * | 2020-04-28 | 2020-08-18 | 深圳震有科技股份有限公司 | Data packet forwarding method and device based on 5G data forwarding plane |
CN113612963A (en) * | 2021-07-27 | 2021-11-05 | 深圳市捷视飞通科技股份有限公司 | Data forwarding method and device, computer equipment and storage medium |
CN113612963B (en) * | 2021-07-27 | 2024-08-20 | 深圳市捷视飞通科技股份有限公司 | Data forwarding method, device, computer equipment and storage medium |
CN113612837B (en) * | 2021-07-30 | 2023-08-08 | 杭州朗和科技有限公司 | Data processing method, device, medium and computing equipment |
CN113612837A (en) * | 2021-07-30 | 2021-11-05 | 杭州朗和科技有限公司 | Data processing method, device, medium and computing equipment |
CN113890865A (en) * | 2021-10-21 | 2022-01-04 | 展讯通信(上海)有限公司 | Data packet forwarding method and equipment |
CN114143771A (en) * | 2021-11-25 | 2022-03-04 | 京信网络系统股份有限公司 | Data transmission method, system, device, computer equipment and storage medium |
CN114143771B (en) * | 2021-11-25 | 2024-02-27 | 京信网络系统股份有限公司 | Data transmission method, system, device, computer equipment and storage medium |
CN114359015B (en) * | 2021-12-08 | 2023-08-04 | 北京百度网讯科技有限公司 | Data transmission method, device and graphic processing server |
CN114359015A (en) * | 2021-12-08 | 2022-04-15 | 北京百度网讯科技有限公司 | Data transmission method and device and graphic processing server |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN108924050A (en) | Data forwarding method and its device, storage medium and network card equipment | |
CN111770028B (en) | Method and network device for computer network | |
CN111193666B (en) | Applying quality of experience metrics using adaptive machine learning sounding prediction | |
US11777783B2 (en) | Network slicing with smart contracts | |
US9596173B2 (en) | Method and system for traffic pattern generation in a software-defined networking (SDN) system | |
US20200296023A1 (en) | Real-time application-driven synthetic probing | |
EP2544417B1 (en) | Communication system, path control apparatus, packet forwarding apparatus and path control method | |
CN103444143B (en) | Network system and policy route configuration method | |
US20160301603A1 (en) | Integrated routing method based on software-defined network and system thereof | |
CN109361606B (en) | Message processing system and network equipment | |
CN110971522B (en) | Method, equipment and system for determining route leakage | |
WO2005031533A2 (en) | Model-based method and apparatus for determining mpls network properties | |
CN104734964A (en) | Message processing method, node and system | |
CN1773993B (en) | Session relay equipment and session relay method | |
CN108604999A (en) | Data plane method and apparatus for monitoring differentiated service encoded point (DSCP) and ecn (explicit congestion notification) (ECN) | |
CN108604997A (en) | Method and apparatus for the control plane configured to the monitoring of differentiated service encoded point (DSCP) and ecn (explicit congestion notification) (ECN) | |
WO2019160050A1 (en) | Information collecting system and information collecting method | |
CN105052106A (en) | Methods and systems for receiving and transmitting internet protocol (ip) data packets | |
CN108702799A (en) | Method for merging mobile core and IOT data | |
CN112637081A (en) | Bandwidth speed limiting method and device | |
US20220345396A1 (en) | Information processing apparatus, packet generation method, system, and program | |
Jain et al. | Performance Comparison Between Different Tunneling Techniques Using Different Routing Protocols | |
US9942823B2 (en) | Communication terminal, communication method, and communication program | |
CN113596192B (en) | Communication method, device, equipment and medium based on gatekeeper networking | |
CN105100300A (en) | Method and device for network address translation |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
RJ01 | Rejection of invention patent application after publication | ||
RJ01 | Rejection of invention patent application after publication |
Application publication date: 20181130 |