CN109218467A - A kind of method for network address translation and chip - Google Patents
A kind of method for network address translation and chip Download PDFInfo
- Publication number
- CN109218467A CN109218467A CN201811359049.0A CN201811359049A CN109218467A CN 109218467 A CN109218467 A CN 109218467A CN 201811359049 A CN201811359049 A CN 201811359049A CN 109218467 A CN109218467 A CN 109218467A
- Authority
- CN
- China
- Prior art keywords
- address
- message
- attribute information
- source
- chip
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L61/00—Network arrangements, protocols or services for addressing or naming
- H04L61/09—Mapping addresses
- H04L61/25—Mapping addresses of the same type
- H04L61/2503—Translation of Internet protocol [IP] addresses
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L45/00—Routing or path finding of packets in data switching networks
- H04L45/74—Address processing for routing
Abstract
The invention discloses a kind of method for network address translation and chip, the method for network address translation is applied to programmable exchange chip, for improving data forwarding efficiency.Method for network address translation therein includes: to generate attribute information for the message received;According to the mapping relations of the attribute information and attribute information and routing interface table, the source of the message is determined;According to the source of the message and preset transformation rule, the source internet protocol IP address or purpose IP address of the message are converted.
Description
Technical field
The present invention relates to field of communication technology, in particular to a kind of method for network address translation and chip.
Background technique
When enterprise replacement or newly-increased Internet Service Provider (Internet Service Provider, ISP), that
The internal network needs of enterprise reconfigure.In order not to reconfigure the network of enterprises, can be disposed in export enterprise
Network address translation devices, the Internet protocol 6 that enterprises are used (Internet Protocol Version 6,
IPv6) address translation is the address IPv6 that external network uses.After external network variation, it is only necessary to update Network address translators and set
Standby configuration, and the address IPv6 of enterprises remains unchanged.
Realize that the address IPv6 for using the IPv6 address translation that enterprises use for external network is by routing at present
Device is realized by its processor or by network processing unit (Network Processor, NP).Processor or NP implementation
Although flexibly, its transfer capability is lower.Processor, for example, the current maximum processing capability of x86CPU in 100Gbps hereinafter, NP works as
Preceding maximum processing capability is 480Gbps, is difficult to support the usage scenario of Tbps grades of high bandwidths.
Summary of the invention
The embodiment of the present invention provides a kind of method for network address translation and chip, the method for network address translation are applied to
Programmable exchange chip, for improving data forwarding efficiency.
In a first aspect, providing a kind of method for network address translation, the method for network address translation is applied to programmable
Exchange chip, which comprises
Message to receive generates attribute information;
According to the mapping relations of the attribute information and attribute information and routing interface table, the source of the message is determined;
According to the source of the message and with preset transformation rule, to the source internet protocol IP address of the message
Or purpose IP address is converted.
Optionally, the interface table includes interior network interface table and outer network interface table, is believed according to the attribute information and attribute
The mapping relations of breath and routing interface table, determine the source of the message, comprising:
The attribute information is searched in the interior network interface table;
If finding the attribute information, it is determined that the message comes from Intranet;
Otherwise the attribute information is searched in the outer network interface table, if finding the attribute information, it is determined that institute
Message is stated from outer net.
Optionally, according to the source of the message and preset transformation rule, to the source internet protocol of the message
IP address or purpose IP address are converted, comprising:
If the message comes from Intranet, according to the mapping relations of preset internal address prefix and outer net address prefix,
The source IP address prefix of the message is converted into outer net address prefix;
Subnet portion in the address of the message is compensated, new source IP address is obtained.
Optionally, according to the source of the message and with preset transformation rule, the source interconnection net of the message is assisted
View IP address or purpose IP address are converted, comprising:
If the message comes from outer net, according to the mapping relations of preset internal address prefix and outer net address prefix,
The purpose IP address prefix of the message is converted into internal address prefix;
Subnet portion in the address of the message is compensated, new purpose IP address is obtained.
Optionally, the subnet portion in the address of the message is compensated, comprising:
Calculate conversion after IP address prefix verification and and conversion before IP address prefix verification and its difference, mended
Repay value;
The subnet portion in the address of the message is compensated by the offset.
Second aspect, provides a kind of network address translation chip, and the network address translation chip is programmable exchange
Chip, the network address translation chip include:
Generation unit, for the message generation attribute information to receive;
Determination unit determines institute for the mapping relations according to the attribute information and attribute information and routing interface table
State the source of message;
Converting unit, for according to the message source and preset transformation rule, to the source IP of the message
Location or purpose IP address are converted.
Optionally, the interface table includes interior network interface table and outer network interface table, and the determination unit is specifically used for:
The attribute information is searched in the interior network interface table;
If finding the attribute information, it is determined that the message comes from Intranet;
Otherwise the attribute information is searched in the outer network interface table, if finding the attribute information, it is determined that institute
Message is stated from outer net.
Optionally, the converting unit is specifically used for:
If the message comes from Intranet, according to the mapping relations of preset internal address prefix and outer net address prefix,
The source IP address prefix of the message is converted into outer net address prefix;
Subnet portion in the address of the message is compensated, new source IP address is obtained.
Optionally, the converting unit is specifically used for:
If the message comes from outer net, according to the mapping relations of preset internal address prefix and outer net address prefix,
The purpose IP address prefix of the message is converted into internal address prefix;
Subnet portion in the address of the message is compensated, new purpose IP address is obtained.
Optionally, the converting unit is specifically used for:
Calculate conversion after IP address prefix verification and and conversion before IP address prefix verification and its difference, mended
Repay value;
The subnet portion in the address of the message is compensated by the offset.
The third aspect, provides a kind of network address translation chip, and the network address translation chip is programmable exchange core
Piece, the network address translation chip include:
At least one processor, and
The memory being connect at least one described processor;
Wherein, the memory is stored with the instruction that can be executed by least one described processor, described at least one
It manages device and realizes such as the described in any item methods of first aspect by executing the instruction of the memory storage.
Fourth aspect provides a kind of computer storage medium, is stored thereon with computer program, the computer program quilt
Such as first aspect described in any item methods are realized when processor executes.
In the embodiment of the present invention, network address translation is realized by programmable transformation chip, may be programmed transformation chip can be with
For received message identification attribute information, pass through the attribute information and routing interface table of the storage inside in programmable transformation chip
The corresponding interface of mapping relationship searching attribute information, to know message entrance, further to judge that message is from Intranet
Or outer net, so that the source IP address or purpose IP address to message are converted.Programmable transformation chip searches internal deposit
The mapping relations of storage, compared to processor search external storage table for, search speed faster, to improve data forwarding
Efficiency.
Detailed description of the invention
Fig. 1 is the flow diagram of method for network address translation provided in an embodiment of the present invention;
Fig. 2 is a kind of structural schematic diagram of network address translation chip provided in an embodiment of the present invention;
Fig. 3 is a kind of structural schematic diagram of network address translation chip provided in an embodiment of the present invention.
Specific embodiment
To make the objectives, technical solutions, and advantages of the present invention clearer, below in conjunction in the embodiment of the present invention
Attached drawing, technical scheme in the embodiment of the invention is clearly and completely described.
Technical solution provided in an embodiment of the present invention for ease of understanding, some passes that first embodiment of the present invention is used here
Key name word explains:
The address IPv6 is the interface identifier of 128bit, wherein the structure of the most common IPv6 unicast address of application is mainly wrapped
Three parts are included, are route prefix (Routing Prefix), subnet (Subnet) and interface ID (Interface id) respectively.Its
In, routing prefix part accounts for 48bit, and subnet portion accounts for 16bit, and interface ID accounts for 64bit.
In general, IPv6 prefix (IPv6Prefix) is by the address IPv6 (ipv6-address) prefixing length (prefix-
Length it) indicates, i.e. ipv6-address/prefix-lengt, such as three kinds of following IPv6 prefixes indicate:
2001:0DB8:0000:CD30:0000:0000:0000:0000/60;
Alternatively, 2001:0DB8::CD30:0:0:0:0/60;
Alternatively, 2001:0DB8:0:CD30: :/60, these three above IPv6 prefixes are all legal.
NPTv6 (IPv6-to-IPv6Network Prefix Translation) is a kind of stateless IPv6-to-
IPv6 network prefix interpretation method.There is provided address unrelated (address independence) characteristic in edge network.NPTv6 is also
One benefit is that transport layer is transparent, i.e. the address modification on the head IPv6, and four layers (for example, transmission control protocol
(Transmission Control Protocol, TCP)) check code do not need to recalculate.NPTv6 passes through one
IPv6 prefix is mapped as another IPv6 prefix and realizes address translation.Realize that the network equipment of NPTv6 function is commonly referred to as
NPTv6Translator.Under most simple scenario, two network links of a NPTv6Translator connection.One referred to as interior
Network chain road, the i.e. side inside.Another is referred to as outer net link, the i.e. side outside.The equipment of interior net side uses local address,
Outer net side uses global public network address.
Realize that the address IPv6 for using the IPv6 address translation that enterprises use for external network is by routing at present
Device is realized by its processor, or by network processing unit (Network Processor, NP).Processor or the realization side NP
Although flexibly, its transfer capability is lower for formula.Processor, for example, the current maximum processing capability of x86CPU in 100Gbps hereinafter, NP
Current maximum processing capability is 480Gbps, is difficult to support the usage scenario of Tbps grades of high bandwidths.
In consideration of it, the embodiment of the present invention realizes network address translation by programmable transformation chip, transformation chip may be programmed
It can be received message identification attribute information, be connect by the attribute information of the storage inside in programmable transformation chip with routing
The corresponding interface of mapping relationship searching attribute information of oral thermometer, so that message entrance is known, further to judge that message is to come from
Intranet or outer net, so that the source IP address or purpose IP address to message are converted.In programmable transformation chip is searched
Portion storage mapping relations, compared to processor search external storage table for, search speed faster, to improve data
Forward efficiency, to realize the usage scenario that can support Tbps grades of high bandwidths.
Technical solution provided in an embodiment of the present invention is introduced with reference to the accompanying drawings of the specification.
Referring to Figure 1, the embodiment of the invention provides a kind of method for network address translation, this method can have programmable friendship
Chip execution is changed, is used for data from Intranet device forwards to outer net equipment, or by data from outer net device forwards to Intranet
Equipment.The process of this method is described as follows:
S101, the message to receive generate attribute information;
S102, according to the mapping relations of attribute information and attribute information and routing interface table, determine the source of message;
S103, the source according to message and preset transformation rule, to the source IP address or purpose IP address of message
It is converted.
When enterprise's replacement or newly-increased ISP can be in export enterprises in order to not need to reconfigure the network of enterprises
The IPv6 address translation that enterprises use is the address IPv6 that external network uses by on-premise network Address Translation device.?
In the embodiment of the present invention, the conversion of network address is realized by programmable transformation chip.
Programmable transformation chip is deployed in network address translation devices, between Intranet and outer net.When Intranet and outside
When having data interaction between net, when programmable transformation chip receives message, corresponding attribute information can be generated for message, it should
Attribute information can indicate that message entrance, that is, instruction receive the chip port of message.The attribute information also may include
The information such as message sending time or other possible information.
Programmable transformation chip is that after the message received generates attribute information, can sentence using attribute information as keyword
The source of disconnected message, that is, message are to come from outer net from Intranet or outer net, or which interface from Intranet
Which interface.Specifically, may be programmed transformation chip in advance can be to Intranet (inside) interface, outer net (outside) interface
It is configured.For example, programmable transformation chip can map message entrance and chip port, and by message entrance and inside
Interface mappings, and by message entrance and outside interface mappings.Wherein, an inside interface can correspond to multiple messages
Entrance, an outside interface can also correspond to multiple message entrances.Programmable transformation chip also can establish inside in advance
Interface table and outside interface table.Wherein, inside interface table includes all inside interfaces, similarly, outside
Interface table includes all outside interfaces.
The mapping relations of attribute information and routing interface table can be stored in inner buffer by programmable transformation chip, with root
According to the mapping relations of attribute information and attribute information and routing interface table, the source of message is determined.Due to programmable transformation core
Piece is to look into mapping relations from inner buffer, and for the mode tabled look-up compared to processor from external memory, search speed is very fast.
Specifically, it may be programmed transformation chip according to attribute information, it is also assumed that being to search inside as keyword using attribute information to connect
Oral thermometer, if can find, it may be considered that message comes from Intranet.If can not find out, message may be from outer net.It can compile
Cheng Bianhuan chip can search outside interface table by keyword of attribute information, if can find, it may be considered that message
From outer net.
It, can source IP address or purpose IP address to message after programmable transformation chip has determined the source of message
It is converted, is remained unchanged with the IP address inside guaranteeing.
Specifically, may be programmed transformation chip can parse message, obtain the source IP address of message, destination IP
Location, and prefix, subnet and interface ID this three parts in source IP address are extracted respectively.Certainly programmable transformation chip can
To be parsed before determining message source to message, it is not construed as limiting here.
Programmable transformation chip can be according to preset transformation rule, and source IP address or purpose IP address to message carry out
Conversion.Preset transformation rule can be the mapping relations of preset internal address prefix and outer net address prefix, outer net address
Prefix is to be distributed by operator, and internal address prefix is then that user itself can configure, and is configured with internal address prefix
Later, the mapping relations of internal address prefix and outer net address prefix, i.e. transformation rule be can establish.If programmable transformation core
Piece determines that the source IP address prefix of message is converted to outer net address prefix then according to transformation rule from Intranet by message.If
Programmable transformation chip determines that message from outer net, then can convert the purpose IP address prefix of message according to transformation rule
For internal address prefix.
For example, transformation rule instruction is when internal address prefix is FD01:0203:0405, outer net address prefix can
To be 2001:0DB8:0001.If that message is to be sent to outer net from Intranet, the address source IP v6 of message is FD01:0203:
0405: :/48, then source IP v6 address prefix can be revised as 2001:0DB8:0001: :/48.Similarly, if message be from
Outer net is sent to Intranet, and the purpose IP address prefix of message is 2001:0DB8:0001: :/48, then can be by source IP v6 address prefix
It is revised as FD01:0203:0405: :/48.
In IPv6 header the modification of source IP address or purpose IP address will affect transport layer verification and, be with TCP
Example, TCP calculate verification and when, will use the pseudo- head that partial information (including the address IPv6) in heading generates.It ties up
Four layers of verification and constant are held, after the modification of IPv6 address prefix, to be compensated by the other parts in the address IPv6, to remain pseudo-
The verification on head and constant, so that it is guaranteed that the verification of transport layer and constant.
In embodiments of the present invention, the subnet portion in the address of message is compensated, caused by amendment prefix variation
Verification and variation, achieve the purpose that four layers verification and it is constant.Specifically, may be programmed transformation chip can be by the prefix school after conversion
Test and and conversion before prefix verification and its difference, as offset, by the offset to the subnet portion in the address of message
It compensates.
For example, for some node in Intranet, the address IPv6 is FD01:0203:0405:0001::1234, before work
Sew replacement, the replaced address IPv6 is 2001:0DB8:0001:0001::1234.IPv6 address prefix FD01:0203:0405
The complement of one's verification and be 0xFCF5.The complement of one's of IPv6 address prefix 2001:0DB8:0001 verifies and is
0xD245.Verification and difference are 0xD245-0xFCF5=0xD54F.Verification and difference are compensated in the part subnet.Intranet node
Subnet be 0x0001, compensated subnet be 0x0001+0xD54F=0xD550.Therefore the outer net address after translation is
2001:0DB8:0001:D550::1234。
For response message, the address destination IP v6 is 2001:0DB8:0001:D550::1234, after prefix transformation, replacement
Prefix becomes FD01:0203:0405:D550::1234.The verification of prefix at this time and difference are 0xFCF5-0xD245=
0x2AB0.It is compensated in the part subnet, compensated subnet is 0xD550+0x2AB0=0x0001.Therefore interior after translating
Net address is FD01:0203:0405:0001::1234.
Programmable transformation chip pins carry out prefix conversion to the source IP address of message, and compensate it in subnet portion
Afterwards, new source IP address is formed with original interface ID.Similarly, prefix conversion is carried out for the purpose IP address of message, and
After subnet portion compensates, new purpose IP address is also formed with original interface ID, realizes turning over for network address
It translates.
In the embodiment of the present invention, may be programmed transformation chip can by programming realize network address conversion, such as using
The stream of P4 (Programming Protocol-Independent Packet Processors) language definition programmable chip
Waterline carries out NPTv6 address translation using programmable transformation chip.The embodiment of the present invention allows data forwarding plane also to have and can compile
Cheng Nengli has broken limitation of the hardware device to data Forwarding plane, allows the parsing of data packet and forwarding process that can also pass through volume
Process control, to improve data forwarding efficiency.
To sum up, the embodiment of the present invention realizes network address translation by programmable transformation chip, and may be programmed transformation chip can
Think received message identification attribute information, passes through the attribute information and interface table of storage inside in programmable transformation chip
The corresponding interface of mapping relationship searching attribute information, so that message entrance is known, further to judge that message is to come from Intranet also
It is outer net, so that the source IP address or purpose IP address to message are converted.Programmable transformation chip searches storage inside
Mapping relations, compared to processor search external storage table for, search speed is faster.The embodiment of the present invention can pass through
P4 language has broken hardware device by the parsing and forwarding process of programming Control data packet to programmable transformation chip programming
Limitation to data Forwarding plane, to improve data forwarding efficiency.
Equipment provided in an embodiment of the present invention is introduced with reference to the accompanying drawings of the specification.
Fig. 2 is referred to, the same inventive concept based on embodiment shown in FIG. 1, one embodiment of the invention provides a kind of net
Network address conversion chip, network address translation chip is programmable exchange chip, for carrying out network address translation.The network
Location conversion chip includes generation unit 201, determination unit 202 and converting unit 203.Wherein: generation unit 201 is used to receive
The message arrived generates attribute information.Determination unit 202 is used for the mapping according to attribute information and attribute information and routing interface table
Relationship determines the source of message.Converting unit 203 is used for the source according to the source of message and preset transformation rule to message
IP address or purpose IP address are converted.
Optionally, interface table includes interior network interface table and outer network interface table, and determination unit 202 is specifically used for:
Attribute information is searched in interior network interface table;
If finding attribute information, it is determined that message comes from Intranet;
Otherwise attribute information is searched in outer network interface table, if finding attribute information, it is determined that message comes from outer net.
Optionally, converting unit 203 is specifically used for:
If message will be reported from Intranet according to the mapping relations of preset internal address prefix and outer net address prefix
The source IP address prefix of text is converted to outer net address prefix;
Subnet portion in the address of message is compensated, new source IP address is obtained.
Optionally, converting unit 203 is specifically used for:
If message will be reported from outer net according to the mapping relations of preset internal address prefix and outer net address prefix
The purpose IP address prefix of text is converted to internal address prefix;
Subnet portion in the address of message is compensated, new purpose IP address is obtained.
Optionally, converting unit 203 is specifically used for:
Calculate conversion after IP address prefix verification and and conversion before IP address prefix verification and its difference, mended
Repay value;
The subnet portion in the address of message is compensated by offset.
The network address translation chip can be used for executing method for network address translation provided in an embodiment of the present invention, because
This, the function etc. of can be realized for each functional module of the network address translation chip can refer to network provided by the invention
The embodiment of address conversion method describes, and seldom repeats.
Fig. 3 is referred to, based on the same inventive concept, one embodiment of the invention provides a kind of network address translation chip, should
Network address translation chip, the network address translation chip may include: at least one processor 301, and processor 301 is for holding
Method for network address translation as shown in Figure 1 provided in an embodiment of the present invention is realized when the computer program stored in line storage
The step of: the message to receive generates attribute information;It is closed according to the mapping of attribute information and attribute information and routing interface table
System, determines the source of message;According to the source of message and transformation rule corresponding with source, to the source internet protocol of message
IP address or purpose IP address are converted.
Optionally, processor 301 specifically can be central processing unit, application-specific integrated circuit (English:
Application Specific Integrated Circuit, referred to as: ASIC), it can be one or more for controlling journey
The integrated circuit that sequence executes.
Optionally, which further includes the memory 302 connecting at least one processor, memory
302 may include read-only memory (English: Read Only Memory, referred to as: ROM), random access memory (English:
Random Access Memory, referred to as: RAM) and magnetic disk storage.Memory 302 runs when institute for storage processor 301
The data needed, that is, be stored with the instruction that can be executed by least one processor 301, at least one processor 301 is deposited by executing
The instruction that reservoir 302 stores, executes method as shown in Figure 1.Wherein, the quantity of memory 302 is one or more.Wherein,
Memory 302 is shown together in Fig. 3, but it is understood that memory 302 is not essential functional module, therefore in Fig. 3
In it is shown in dotted line.
Wherein, entity device corresponding to generation unit 201, determination unit 202 and converting unit 203 may each be aforementioned
Processor 301.The network address translation chip can be used for executing method provided by embodiment shown in FIG. 1.Therefore it closes
The function that each functional module can be realized in the equipment can refer to the corresponding description in embodiment shown in FIG. 1, few superfluous
It states.
The embodiment of the present invention also provides a kind of computer storage medium, wherein computer storage medium is stored with computer
Instruction, when computer instruction is run on computers, so that computer executes as the method for figure 1.
It is apparent to those skilled in the art that for convenience and simplicity of description, only with above-mentioned each function
The division progress of module can according to need and for example, in practical application by above-mentioned function distribution by different function moulds
Block is completed, i.e., the internal structure of device is divided into different functional modules, to complete all or part of function described above
Energy.The specific work process of the system, apparatus, and unit of foregoing description, can be with reference to corresponding in preceding method embodiment
Journey, details are not described herein.
In several embodiments provided by the present invention, it should be understood that disclosed device and method can pass through it
Its mode is realized.For example, the apparatus embodiments described above are merely exemplary, for example, the module or unit
It divides, only a kind of logical function partition, there may be another division manner in actual implementation, such as multiple units or components
It can be combined or can be integrated into another system, or some features can be ignored or not executed.Another point, it is shown or
The mutual coupling, direct-coupling or communication connection discussed can be through some interfaces, the indirect coupling of device or unit
It closes or communicates to connect, can be electrical property, mechanical or other forms.
The unit as illustrated by the separation member may or may not be physically separated, aobvious as unit
The component shown may or may not be physical unit, it can and it is in one place, or may be distributed over multiple
In network unit.It can select some or all of unit therein according to the actual needs to realize the mesh of this embodiment scheme
's.
It, can also be in addition, each functional unit in each embodiment of the application can integrate in one processing unit
It is that each unit physically exists alone, can also be integrated in one unit with two or more units.Above-mentioned integrated list
Member both can take the form of hardware realization, can also realize in the form of software functional units.
If the integrated unit is realized in the form of SFU software functional unit and sells or use as independent product
When, it can store in a computer readable storage medium.Based on this understanding, the technical solution of the application is substantially
The all or part of the part that contributes to existing technology or the technical solution can be in the form of software products in other words
It embodies, which is stored in a storage medium, including some instructions are used so that a computer
It is each that equipment (can be personal computer, server or the network equipment etc.) or processor (processor) execute the application
The all or part of the steps of embodiment the method.And storage medium above-mentioned includes: general serial bus USB
(Universal Serial Bus flash disk), mobile hard disk, read-only memory (Read-Only Memory, ROM),
Random access memory (Random Access Memory, RAM), magnetic or disk etc. be various to can store program code
Medium.
Obviously, various changes and modifications can be made to the invention without departing from essence of the invention by those skilled in the art
Mind and range.In this way, if these modifications and changes of the present invention belongs to the range of the claims in the present invention and its equivalent technologies
Within, then the present invention is also intended to include these modifications and variations.
Claims (10)
1. a kind of method for network address translation, which is characterized in that be applied to programmable exchange chip, which comprises
Message to receive generates attribute information;
According to the mapping relations of the attribute information and attribute information and routing interface table, the source of the message is determined;
According to the source of the message and preset transformation rule, to the source internet protocol IP address or mesh of the message
IP address converted.
2. the method as described in claim 1, which is characterized in that the interface table includes interior network interface table and outer network interface table,
According to the mapping relations of the attribute information and attribute information and routing interface table, the source of the message is determined, comprising:
The attribute information is searched in the interior network interface table;
If finding the attribute information, it is determined that the message comes from Intranet;
Otherwise the attribute information is searched in the outer network interface table, if finding the attribute information, it is determined that the report
Text comes from outer net.
3. method according to claim 2, which is characterized in that according to the source of the message and preset transformation rule,
The source internet protocol IP address or purpose IP address of the message are converted, comprising:
If the message comes from Intranet, according to the mapping relations of preset internal address prefix and outer net address prefix, by institute
The source IP address prefix for stating message is converted to outer net address prefix;
Subnet portion in the address of the message is compensated, new source IP address is obtained.
4. method according to claim 2, which is characterized in that according to the source of the message and preset transformation rule,
The source internet protocol IP address or purpose IP address of the message are converted, comprising:
If the message comes from outer net, according to the mapping relations of preset internal address prefix and outer net address prefix, by institute
The purpose IP address prefix for stating message is converted to internal address prefix;
Subnet portion in the address of the message is compensated, new purpose IP address is obtained.
5. the method as claimed in claim 3 or 4, which is characterized in that mended to the subnet portion in the address of the message
It repays, comprising:
Calculate conversion after IP address prefix verification and and conversion before IP address prefix verification and its difference, compensated
Value;
The subnet portion in the address of the message is compensated by the offset.
6. a kind of network address translation chip, which is characterized in that the network address translation chip is programmable exchange chip, institute
Stating network address translation chip includes:
Generation unit, for the message generation attribute information to receive;
Determination unit determines the report for the mapping relations according to the attribute information and attribute information and routing interface table
The source of text;
Converting unit, for according to the message source and preset transformation rule, source IP address to the message or
Person's purpose IP address is converted.
7. chip as claimed in claim 6, which is characterized in that the interface table includes interior network interface table and outer network interface table,
The determination unit is specifically used for:
The attribute information is searched in the interior network interface table;
If finding the attribute information, it is determined that the message comes from Intranet;
Otherwise the attribute information is searched in the outer network interface table, if finding the attribute information, it is determined that the report
Text comes from outer net.
8. chip as claimed in claim 7, which is characterized in that the converting unit is specifically used for:
If the message comes from Intranet, according to the mapping relations of preset internal address prefix and outer net address prefix, by institute
The source IP address prefix for stating message is converted to outer net address prefix;
Subnet portion in the address of the message is compensated, new source IP address is obtained.
9. a kind of network address translation chip, which is characterized in that the network address translation chip is programmable exchange chip, institute
Stating network address translation chip includes:
At least one processor, and
The memory being connect at least one described processor;
Wherein, the memory is stored with the instruction that can be executed by least one described processor, at least one described processor
The method according to claim 1 to 5 is realized in instruction by executing the memory storage.
10. a kind of computer storage medium, is stored thereon with computer program, which is characterized in that the computer program is located
Reason device realizes the method according to claim 1 to 5 when executing.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201811359049.0A CN109218467B (en) | 2018-11-15 | 2018-11-15 | Network address conversion method and chip |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201811359049.0A CN109218467B (en) | 2018-11-15 | 2018-11-15 | Network address conversion method and chip |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN109218467A true CN109218467A (en) | 2019-01-15 |
| CN109218467B CN109218467B (en) | 2022-02-25 |
Family
ID=64994285
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201811359049.0A Active CN109218467B (en) | 2018-11-15 | 2018-11-15 | Network address conversion method and chip |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN109218467B (en) |
Cited By (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN110932982A (en) * | 2019-12-23 | 2020-03-27 | 锐捷网络股份有限公司 | Maintenance method and device of hardware routing table |
| CN113472917A (en) * | 2021-07-27 | 2021-10-01 | 浪潮思科网络科技有限公司 | Network address conversion method, equipment and medium for data message |
| CN114499921A (en) * | 2021-11-26 | 2022-05-13 | 中国南方电网有限责任公司 | Data packet file playback method, data packet file acquisition method and device |
| CN114945013A (en) * | 2022-04-28 | 2022-08-26 | 中国电信股份有限公司 | Data forwarding method and device, electronic equipment and computer readable storage medium |
| CN115277884A (en) * | 2022-07-14 | 2022-11-01 | 苏州盛科通信股份有限公司 | Subnet replacement method and device, exchange chip, electronic equipment and storage medium |
| CN115334036A (en) * | 2022-08-11 | 2022-11-11 | 江苏安超云软件有限公司 | Method and device for intelligently controlling source address conversion, electronic equipment and storage medium |
Citations (9)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20020024946A1 (en) * | 2000-08-29 | 2002-02-28 | Samsung Electronics Co., Ltd. | System and method for accessing node of private network |
| CN101060472A (en) * | 2006-04-17 | 2007-10-24 | 中国科学院计算技术研究所 | A route-based talk initialization protocol transparent transmission network address conversion method |
| CN101175030A (en) * | 2006-10-31 | 2008-05-07 | 中兴通讯股份有限公司 | Method for implementing proxy to multiple isomorphic subnets |
| CN101175029A (en) * | 2006-10-31 | 2008-05-07 | 中兴通讯股份有限公司 | Device for implementing proxy to multiple isomorphic subnets |
| CN101729606A (en) * | 2008-10-22 | 2010-06-09 | 华为技术有限公司 | Method and relevant equipment for realizing network address conversion |
| CN103731820A (en) * | 2014-01-12 | 2014-04-16 | 绵阳师范学院 | Method for access control based on MAC address conversion in IPv6 wireless router |
| CN104184842A (en) * | 2013-05-24 | 2014-12-03 | 中兴通讯股份有限公司 | Message forwarding method and device |
| CN104202439A (en) * | 2014-07-22 | 2014-12-10 | 北京汉柏科技有限公司 | Addressing and access method, gateway and system |
| CN106713523A (en) * | 2016-12-16 | 2017-05-24 | 无锡华云数据技术服务有限公司 | SCTP-based network address conversion method |
-
2018
- 2018-11-15 CN CN201811359049.0A patent/CN109218467B/en active Active
Patent Citations (9)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20020024946A1 (en) * | 2000-08-29 | 2002-02-28 | Samsung Electronics Co., Ltd. | System and method for accessing node of private network |
| CN101060472A (en) * | 2006-04-17 | 2007-10-24 | 中国科学院计算技术研究所 | A route-based talk initialization protocol transparent transmission network address conversion method |
| CN101175030A (en) * | 2006-10-31 | 2008-05-07 | 中兴通讯股份有限公司 | Method for implementing proxy to multiple isomorphic subnets |
| CN101175029A (en) * | 2006-10-31 | 2008-05-07 | 中兴通讯股份有限公司 | Device for implementing proxy to multiple isomorphic subnets |
| CN101729606A (en) * | 2008-10-22 | 2010-06-09 | 华为技术有限公司 | Method and relevant equipment for realizing network address conversion |
| CN104184842A (en) * | 2013-05-24 | 2014-12-03 | 中兴通讯股份有限公司 | Message forwarding method and device |
| CN103731820A (en) * | 2014-01-12 | 2014-04-16 | 绵阳师范学院 | Method for access control based on MAC address conversion in IPv6 wireless router |
| CN104202439A (en) * | 2014-07-22 | 2014-12-10 | 北京汉柏科技有限公司 | Addressing and access method, gateway and system |
| CN106713523A (en) * | 2016-12-16 | 2017-05-24 | 无锡华云数据技术服务有限公司 | SCTP-based network address conversion method |
Cited By (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN110932982A (en) * | 2019-12-23 | 2020-03-27 | 锐捷网络股份有限公司 | Maintenance method and device of hardware routing table |
| CN113472917A (en) * | 2021-07-27 | 2021-10-01 | 浪潮思科网络科技有限公司 | Network address conversion method, equipment and medium for data message |
| CN114499921A (en) * | 2021-11-26 | 2022-05-13 | 中国南方电网有限责任公司 | Data packet file playback method, data packet file acquisition method and device |
| CN114945013A (en) * | 2022-04-28 | 2022-08-26 | 中国电信股份有限公司 | Data forwarding method and device, electronic equipment and computer readable storage medium |
| CN114945013B (en) * | 2022-04-28 | 2023-10-27 | 中国电信股份有限公司 | Data forwarding method, device, electronic equipment and computer readable storage medium |
| CN115277884A (en) * | 2022-07-14 | 2022-11-01 | 苏州盛科通信股份有限公司 | Subnet replacement method and device, exchange chip, electronic equipment and storage medium |
| CN115334036A (en) * | 2022-08-11 | 2022-11-11 | 江苏安超云软件有限公司 | Method and device for intelligently controlling source address conversion, electronic equipment and storage medium |
Also Published As
| Publication number | Publication date |
|---|---|
| CN109218467B (en) | 2022-02-25 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN109218467A (en) | A kind of method for network address translation and chip | |
| CN104734963B (en) | A kind of IPv4 and IPv6 network interconnecting methods based on SDN | |
| US10320664B2 (en) | Cloud overlay for operations administration and management | |
| CN103546374B (en) | A kind of method and apparatus E-Packeted in edge double layer network | |
| US10574574B2 (en) | System and method for BGP sFlow export | |
| US9825777B2 (en) | Virtual private network forwarding and nexthop to transport mapping scheme | |
| CN105812261B (en) | Message forwarding method and system in information centre's network | |
| US10148458B2 (en) | Method to support multi-protocol for virtualization | |
| US9565034B2 (en) | System and method for scalable inter-domain overlay networking | |
| US10020954B2 (en) | Generic packet encapsulation for virtual networking | |
| CN103618801A (en) | Method, device and system for sharing P2P (Peer-to-Peer) resources | |
| JP2023521951A (en) | Methods for Forwarding Packets in SRv6 Service Function Chains, SFF and SF Devices | |
| US20210092041A1 (en) | Preferred Path Route Graphs in a Network | |
| CN108989209A (en) | BIER MPLS network equipment and its message forwarding method and medium | |
| CN107547399B (en) | Multicast forwarding table item processing method and PE equipment | |
| US20230370375A1 (en) | Data processing method and system, encapsulation node, and de-encapsulation node | |
| Zuraniewski et al. | Facilitating icn deployment with an extended openflow protocol | |
| CN112202670B (en) | SRv 6-segment route forwarding method and device | |
| Rodriguez-Natal et al. | Programmable overlays via openoverlayrouter | |
| CN102870376B (en) | Interworking between ethernet and MPLS | |
| US11012349B2 (en) | Route reflector optimizations for interconnecting MPLS-based L3-VPN and L3-EVPN networks | |
| Geissler et al. | Tablevisor 2.0: Towards full-featured, scalable and hardware-independent multi table processing | |
| CN113630316A (en) | Data transmission method and communication device | |
| US8855015B2 (en) | Techniques for generic pruning in a trill network | |
| WO2014117474A1 (en) | Routing method, system, and related device |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |